Bump the npm_and_yarn group across 2 directories with 22 updates#7
Open
dependabot[bot] wants to merge 1 commit into
Open
Bump the npm_and_yarn group across 2 directories with 22 updates#7dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the npm_and_yarn group with 18 updates in the / directory: | Package | From | To | | --- | --- | --- | | [markdown-it](https://github.com/markdown-it/markdown-it) | `12.3.2` | `14.2.0` | | [rollup](https://github.com/rollup/rollup) | `2.79.1` | `2.80.0` | | [koa](https://github.com/koajs/koa) | `2.13.4` | `3.1.2` | | [playwright](https://github.com/microsoft/playwright) | `1.28.1` | `1.61.0` | | [ws](https://github.com/websockets/ws) | `7.5.9` | `7.5.11` | | [ws](https://github.com/websockets/ws) | `8.14.2` | `8.21.0` | | [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` | | [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` | | [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.7` | `4.7.9` | | [ip](https://github.com/indutny/node-ip) | `1.1.8` | `removed` | | [liquidjs](https://github.com/harttle/liquidjs) | `10.7.1` | `10.27.0` | | [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` | `4.0.8` | | [node-forge](https://github.com/digitalbazaar/forge) | `1.3.1` | `1.4.0` | | [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `6.2.1` | `6.3.0` | | [pug](https://github.com/pugjs/pug) | `3.0.2` | `3.0.4` | | [qs](https://github.com/ljharb/qs) | `6.11.2` | `6.15.2` | | [undici](https://github.com/nodejs/undici) | `5.21.0` | `6.24.1` | Bumps the npm_and_yarn group with 1 update in the /packages/lit-dev-content directory: [markdown-it](https://github.com/markdown-it/markdown-it). Updates `markdown-it` from 12.3.2 to 14.2.0 - [Changelog](https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md) - [Commits](markdown-it/markdown-it@12.3.2...14.2.0) Updates `rollup` from 2.79.1 to 2.80.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/v2.80.0/CHANGELOG.md) - [Commits](rollup/rollup@v2.79.1...v2.80.0) Updates `koa` from 2.13.4 to 3.1.2 - [Release notes](https://github.com/koajs/koa/releases) - [Changelog](https://github.com/koajs/koa/blob/master/History.md) - [Commits](koajs/koa@2.13.4...v3.1.2) Updates `playwright` from 1.28.1 to 1.61.0 - [Release notes](https://github.com/microsoft/playwright/releases) - [Commits](microsoft/playwright@v1.28.1...v1.61.0) Updates `ws` from 7.5.9 to 7.5.11 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@7.5.9...7.5.11) Updates `ws` from 8.14.2 to 8.21.0 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@7.5.9...7.5.11) Updates `cross-spawn` from 7.0.3 to 7.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v7.0.3...v7.0.6) Updates `@octokit/plugin-paginate-rest` from 2.18.0 to 14.0.0 - [Release notes](https://github.com/octokit/plugin-paginate-rest.js/releases) - [Commits](octokit/plugin-paginate-rest.js@v2.18.0...v14.0.0) Updates `@octokit/request` from 5.6.3 to 10.0.10 - [Release notes](https://github.com/octokit/request.js/releases) - [Commits](octokit/request.js@v5.6.3...v10.0.10) Updates `@octokit/request-error` from 2.1.0 to 7.1.0 - [Release notes](https://github.com/octokit/request-error.js/releases) - [Commits](octokit/request-error.js@v2.1.0...v7.1.0) Removes `@tootallnate/once` Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `ejs` from 3.1.9 to 3.1.10 - [Release notes](https://github.com/mde/ejs/releases) - [Changelog](https://github.com/mde/ejs/blob/main/RELEASE_NOTES_v5.md) - [Commits](mde/ejs@v3.1.9...v3.1.10) Updates `handlebars` from 4.7.7 to 4.7.9 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md) - [Commits](handlebars-lang/handlebars.js@v4.7.7...v4.7.9) Removes `ip` Updates `jws` from 3.2.2 to 4.0.0 - [Release notes](https://github.com/brianloveswords/node-jws/releases) - [Changelog](https://github.com/auth0/node-jws/blob/master/CHANGELOG.md) - [Commits](auth0/node-jws@v3.2.2...v4.0.0) Updates `liquidjs` from 10.7.1 to 10.27.0 - [Release notes](https://github.com/harttle/liquidjs/releases) - [Changelog](https://github.com/harttle/liquidjs/blob/master/CHANGELOG.md) - [Commits](harttle/liquidjs@v10.7.1...v10.27.0) Updates `micromatch` from 4.0.5 to 4.0.8 - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.5...4.0.8) Updates `node-forge` from 1.3.1 to 1.4.0 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.3.1...v1.4.0) Updates `path-to-regexp` from 6.2.1 to 6.3.0 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v6.2.1...v6.3.0) Updates `pug` from 3.0.2 to 3.0.4 - [Release notes](https://github.com/pugjs/pug/releases) - [Commits](https://github.com/pugjs/pug/compare/pug@3.0.2...pug@3.0.4) Updates `qs` from 6.11.2 to 6.15.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.11.2...v6.15.2) Updates `undici` from 5.21.0 to 6.24.1 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v5.21.0...v6.24.1) Updates `markdown-it` from 12.3.2 to 14.2.0 - [Changelog](https://github.com/markdown-it/markdown-it/blob/master/CHANGELOG.md) - [Commits](markdown-it/markdown-it@12.3.2...14.2.0) --- updated-dependencies: - dependency-name: markdown-it dependency-version: 14.2.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: rollup dependency-version: 2.80.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: koa dependency-version: 3.1.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: playwright dependency-version: 1.61.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: ws dependency-version: 7.5.11 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-version: 8.21.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cross-spawn dependency-version: 7.0.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@octokit/plugin-paginate-rest" dependency-version: 14.0.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@octokit/request" dependency-version: 10.0.10 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@octokit/request-error" dependency-version: 7.1.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@tootallnate/once" dependency-version: dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-version: 3.0.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ejs dependency-version: 3.1.10 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: handlebars dependency-version: 4.7.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ip dependency-version: dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jws dependency-version: 4.0.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: liquidjs dependency-version: 10.27.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: micromatch dependency-version: 4.0.8 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-forge dependency-version: 1.4.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-version: 6.3.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: pug dependency-version: 3.0.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-version: 6.15.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: undici dependency-version: 6.24.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: markdown-it dependency-version: 14.2.0 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 18 updates in the / directory:
12.3.214.2.02.79.12.80.02.13.43.1.21.28.11.61.07.5.97.5.118.14.28.21.07.0.37.0.61.1.2removed3.0.23.0.33.1.93.1.104.7.74.7.91.1.8removed10.7.110.27.04.0.54.0.81.3.11.4.06.2.16.3.03.0.23.0.46.11.26.15.25.21.06.24.1Bumps the npm_and_yarn group with 1 update in the /packages/lit-dev-content directory: markdown-it.
Updates
markdown-itfrom 12.3.2 to 14.2.0Changelog
Sourced from markdown-it's changelog.
... (truncated)
Commits
829797a14.2.0 released9ce2087Fix smartquotes perfomance02e73b8linkify-it bump68cfb8cfix: don't end HTML comment blocks on a blank line (#1155)1083137Readme cleanup97c7ca2Update funding infoc471b55Changelog update7769621isPunctChar => isPunctCharCodeaa2aa70fix: always reset parentType in lheading rule (#1131)59955f2Polish PRs #1072, #1074Updates
rollupfrom 2.79.1 to 2.80.0Release notes
Sourced from rollup's releases.
Changelog
Sourced from rollup's changelog.
Commits
d17ae152.80.0d6dee5eValidate bundle stays within output dir (#6277)c9bd03d2.79.248aef33fix: resolve DOM Clobbering CVE-2024-43788 (backport to v2) (#5677)Updates
koafrom 2.13.4 to 3.1.2Release notes
Sourced from koa's releases.
... (truncated)
Changelog
Sourced from koa's changelog.
... (truncated)
Commits
c5a52e03.1.255ab9baMerge commit from forkfecd464build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (#1922)d2066cfbuild(deps): bump content-disposition from 0.5.4 to 1.0.1 (#1917)8694a06docs: use correct term "Server-Sent Events" in guide (#1920)096682bbuild(deps): bump mime-types from 3.0.1 to 3.0.2 (#1918)8215c2ebuild(deps): bump http-errors from 2.0.0 to 2.0.1 (#1919)cfe5ec6build(deps-dev): bump qs from 6.14.0 to 6.14.1 (#1921)0a6afa5fix: typo in troubleshooting.md (#1916)2e52fb53.1.1Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for koa since your current version.
Updates
playwrightfrom 1.28.1 to 1.61.0Release notes
Sourced from playwright's releases.
... (truncated)
Commits
1cc5a90cherry-pick(#41295): chore: PLAYWRIGHT_TRACING_NO_WEBSOCKET_FRAMES and PLAYWR...a6772bdcherry-pick(#41280): Revert "fix(trace-viewer): add keyboard navigation to `N...8133dcfcherry-pick(#41283): docs: add Ubuntu 26.04 and Node.js 26.x to system requir...812432echore: mark v1.61.0 (#41277)ac05145fix(fetch): report serverAddr and securityDetails for reused sockets (#41267)056efc9fix(trace-viewer): add keyboard navigation toNetworkFilterscomponent (#41...41f7b9achore: fixes uncovered by the .NET 1.61 roll (#41266)ba50778fix(mcp): assign caps as array for legacy --vision flag (#41253)b8ee5aedocs: release notes for v1.61 (#41261)49c1f69fix(trace viewer): load trace from a local file (#41263)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for playwright since your current version.
Updates
wsfrom 7.5.9 to 7.5.11Release notes
Sourced from ws's releases.
Commits
fd36cd8[dist] 7.5.11e14c458[security] Limit retained message partsd962d70[dist] 7.5.1022c2876[security] Fix crash when the Upgrade header cannot be read (#2231)Updates
wsfrom 8.14.2 to 8.21.0Release notes
Sourced from ws's releases.
Commits
fd36cd8[dist] 7.5.11e14c458[security] Limit retained message partsd962d70[dist] 7.5.1022c2876[security] Fix crash when the Upgrade header cannot be read (#2231)Updates
cross-spawnfrom 7.0.3 to 7.0.6Changelog
Sourced from cross-spawn's changelog.
Commits
77cd97fchore(release): 7.0.66717de4chore: upgrade standard-versionf700743fix: update cross-spawn version to 7.0.5 in package-lock.json9a7e3b2chore: fix build status badge0852683chore(release): 7.0.5640d391fix: fix escaping bug introduced by backtrackingbff0c87chore: remove codecova7c6abcchore: replace travis with github workflows9b9246echore(release): 7.0.45ff3a07fix: disable regexp backtracking (#160)Updates
@octokit/plugin-paginate-restfrom 2.18.0 to 14.0.0Release notes
Sourced from @octokit/plugin-paginate-rest's releases.
... (truncated)
Commits
413e899feat: add immutable releases, enterprise team membership, enterprise team org...3d311d6chore(deps): update dependency@types/nodeto v24 (#701)ba56fbcfix(deps): update@octokit/types(#698)80745beci(action): update actions/checkout action to v5 (#687)0e236cbfeat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...bf19e3echore(deps): update dependency prettier to v3.6.2 (#685)4f9fc56ci(action): update actions/setup-node action to v5 (#688)8e5da25fix: handle url in response when using pagination with compareCommits (#686)6d8ea8afeat: add paginatantion support forcompareCommitsand `compareCommitsWith...8ec2713fix(deps): update@octokit/types- no new paginated endpoints (#680)Updates
@octokit/requestfrom 5.6.3 to 10.0.10Release notes
Sourced from @octokit/request's releases.
... (truncated)
Commits
25b0838fix: remove unused fast-content-type-parse dependency (#808)b3d6b0bchore(deps): update dependency esbuild to ^0.28.0 (#804)7fdf739ci(action): update actions/create-github-app-token action to v3 (#801)58b1f87ci(action): update actions/add-to-project action to v2 (#806)a9f64a0fix(deps): switch to using the "content-type" package for content type parsin...4abc280chore(deps): update dependency undici to v7.24.0 [security] (#800)f13f5d9fix: usejson-with-bigintinstead of built-in JSON methods in order to prop...9ba6ae0Document that unsuccessful HTTP status code result in an exception (#795)7160b82chore(deps): replace glob with tinyglobby (#791)ab8018bci(action): update peter-evans/create-or-update-comment action to v5 (#776)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for
@octokit/requestsince your current version.Updates
@octokit/request-errorfrom 2.1.0 to 7.1.0Release notes
Sourced from @octokit/request-error's releases.
... (truncated)
Commits
2ea2780feat: inherit options from baseErrorclass to add support for thecause...ac7b309chore(deps): update vitest monorepo to v4 (major) (#531)dadc76dci(action): update peter-evans/create-or-update-comment action to v5 (#525)f57f2e6build(deps): lock file maintenance (#534)e5a75effix(deps): update dependency@octokit/typesto v16 (#533)e5d5de2chore(deps): update dependency@types/nodeto v24 (#532)8cc127bci(action): update actions/setup-node action to v6 (#529)b3a876bbuild(deps): lock file maintenance (#527)cf1817bci(action): update github/codeql-action action to v4 (#528)61f1e87chore(deps): update dependency tinybench to v5 (#519)Removes
@tootallnate/onceUpdates
bracesfrom 3.0.2 to 3.0.3Commits
74b2db23.0.388f1429update eslint. lint, fix unit tests.415d660Snyk js braces 6838727 (#40)190510ffix tests, skip 1 test in test/braces.expand716eb9freadme bumpa5851e5Merge pull request #37 from coderaiser/fix/vulnerability2092bd1feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cffix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9remove funding file665ab5dupdate keepEscaping doc (#27)Updates
ejsfrom 3.1.9 to 3.1.10Release notes
Sourced from ejs's releases.
Commits
d3f807dVersion 3.1.109ee26ddMocha TDDe469741Basic pollution protection715e950Merge pull request #756 from Jeffrey-mu/maincabe314Include advanced usage examples29b076cAdded header11503c7Merge branch 'main' of github.com:mde/ejs into main7690404Added security banner to READMEf47d7aeUpdate SECURITY.md828cea1Update SECURITY.mdUpdates
handlebarsfrom 4.7.7 to 4.7.9Release notes
Sourced from handlebars's releases.
Changelog
Sourced from handlebars's changelog.
Commits
dce542cv4.7.98a41389Update release notes68d8df5Fix security issuesb2a0831Fix browser tests9f98c16Fix release script45443b4Revert "Improve partial indenting performance"8841a5fFix CI errors with lintinge0137c2fix: enable shell mode for spawn to resolve Windows EINVAL issuee914d60Improve rendering performance7de4b41Upgrade GitHub Actions checkout and setup-node on 4.x branchMaintainer changes
This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.
Removes
ipUpdates
jwsfrom 3.2.2 to 4.0.0Release notes
Sourced from jws's releases.
Commits
1389f6dv4.0.0e4593f1jwa@^2.0.09deb311README: Use SVG build badge (#87)Updates
liquidjsfrom 10.7.1 to 10.27.0Release notes
Sourced from liquidjs's releases.