Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Chore(deps): Bump the npm_and_yarn group across 1 directory with 7 updates #6

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Chore(deps): Bump the npm_and_yarn group across 1 directory with 7 updates #6

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jun 21, 2024

Bumps the npm_and_yarn group with 7 updates in the / directory:

Package From To
follow-redirects 1.15.5 1.15.6
next 12.3.4 14.1.1
tough-cookie 4.1.3 4.1.4
postcss 8.4.35 8.4.38
jose 4.15.4 4.15.7
tar 6.2.0 6.2.1
ws 7.5.9 7.5.10

Updates follow-redirects from 1.15.5 to 1.15.6

Commits

Updates next from 12.3.4 to 14.1.1

Commits

Updates tough-cookie from 4.1.3 to 4.1.4

Release notes

Sourced from tough-cookie's releases.

v4.1.4

https://www.npmjs.com/package/tough-cookie/v/4.1.4

What's Changed

New Contributors

Full Changelog: salesforce/tough-cookie@v4.1.3...v4.1.4

Commits
  • cacbc37 Bump version to 4.1.4
  • a48fb3a Add tests for url validation
  • 50e69bf Merge pull request #261 from postmanlabs/fix/url-string-validation
  • 1253d58 Merge pull request #409 from corvidism/validators-to-string
  • 238367e Add local alias for toString
  • cf6debd Fix incorrect string validation for URL
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by ccasey, a new releaser for tough-cookie since your current version.


Updates postcss from 8.4.35 to 8.4.38

Release notes

Sourced from postcss's releases.

8.4.38

8.4.37

  • Fixed original.column are not numbers error in another case.

8.4.36

  • Fixed original.column are not numbers error on broken previous source map.
Changelog

Sourced from postcss's changelog.

8.4.38

8.4.37

  • Fixed original.column are not numbers error in another case.

8.4.36

  • Fixed original.column are not numbers error on broken previous source map.
Commits
  • a69d45e Release 8.4.38 version
  • 64e35d9 Update dependencies
  • c1ad8fb Merge pull request #1932 from romainmenke/fix-warning-end-index--inventive-nu...
  • b45e7e9 fix endIndex
  • 1bea246 failing test: for endIndex 0 in rangeBy
  • 0fd1d86 Add changelog auto release on Github
  • 49c906e Release 8.4.37 version
  • b5bd92c Fix another broken prev source map issue
  • 2882039 Update dependencies
  • e5ad939 Release 8.4.36 version
  • Additional commits viewable in compare view

Updates jose from 4.15.4 to 4.15.7

Release notes

Sourced from jose's releases.

v4.15.7

Fixes

  • add a workerd package.json target (e36d69e)

v4.15.5

Fixes

Changelog

Sourced from jose's changelog.

4.15.7 (2024-06-18)

4.15.6 (2024-06-18)

Fixes

  • add a workerd package.json target (e36d69e)

4.15.5 (2024-03-07)

Fixes

  • add a maxOutputLength option to zlib inflate (1b91d88)
Commits
  • 5084808 chore(release): 4.15.7
  • 122c939 chore(release): 4.15.6
  • e36d69e fix: add a workerd package.json target
  • 765aafd chore(release): 4.15.5
  • b36e45e test: add export check to x509 pem import tests
  • e839ecb test: stop testing JWE RSA1_5 Algorithm
  • 1b91d88 fix: add a maxOutputLength option to zlib inflate
  • 9ca2b24 build: remove release action
  • f3035d8 chore: cleanup after release
  • See full diff in compare view

Updates tar from 6.2.0 to 6.2.1

Commits

Updates ws from 7.5.9 to 7.5.10

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

  • Backported e55e5106 to the 7.x release line (22c28763).
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Chore(deps): Bump the npm_and_yarn group across 1 directory with 7 up…
3dd8336 
…dates

Bumps the npm_and_yarn group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.5` | `1.15.6` |
| [next](https://github.com/vercel/next.js) | `12.3.4` | `14.1.1` |
| [tough-cookie](https://github.com/salesforce/tough-cookie) | `4.1.3` | `4.1.4` |
| [postcss](https://github.com/postcss/postcss) | `8.4.35` | `8.4.38` |
| [jose](https://github.com/panva/jose) | `4.15.4` | `4.15.7` |
| [tar](https://github.com/isaacs/node-tar) | `6.2.0` | `6.2.1` |
| [ws](https://github.com/websockets/ws) | `7.5.9` | `7.5.10` |



Updates `follow-redirects` from 1.15.5 to 1.15.6
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.5...v1.15.6)

Updates `next` from 12.3.4 to 14.1.1
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v12.3.4...v14.1.1)

Updates `tough-cookie` from 4.1.3 to 4.1.4
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v4.1.3...v4.1.4)

Updates `postcss` from 8.4.35 to 8.4.38
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.4.35...8.4.38)

Updates `jose` from 4.15.4 to 4.15.7
- [Release notes](https://github.com/panva/jose/releases)
- [Changelog](https://github.com/panva/jose/blob/v4.15.7/CHANGELOG.md)
- [Commits](panva/jose@v4.15.4...v4.15.7)

Updates `tar` from 6.2.0 to 6.2.1
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](isaacs/node-tar@v6.2.0...v6.2.1)

Updates `ws` from 7.5.9 to 7.5.10
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@7.5.9...7.5.10)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: next
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: tough-cookie
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: jose
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: tar
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 21, 2024
@dependabot dependabot bot mentioned this pull request Jun 21, 2024
Closed
@socket-security Socket Security
Copy link

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/[email protected] network 0 29.4 kB rubenverborgh
npm/[email protected] environment, filesystem, network, shell, unsafe +11 90 MB vercel-release-bot
npm/[email protected] environment, filesystem +3 368 kB ai
npm/[email protected] None +6 690 kB ccasey

🚮 Removed packages: npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
0 participants