chore(deps): Bump the production-dependencies group across 1 directory with 11 updates#175
Open
dependabot[bot] wants to merge 1 commit into
Open
Conversation
…y with 11 updates Bumps the production-dependencies group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [body-parser](https://github.com/expressjs/body-parser) | `2.2.2` | `2.3.0` | | [es-object-atoms](https://github.com/ljharb/es-object-atoms) | `1.1.1` | `1.1.2` | | [eventsource-parser](https://github.com/rexxars/eventsource-parser) | `3.0.8` | `3.1.0` | | [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit) | `8.5.1` | `8.5.2` | | [form-data](https://github.com/form-data/form-data) | `4.0.5` | `4.0.6` | | [hono](https://github.com/honojs/hono) | `4.12.18` | `4.12.27` | | [range-parser](https://github.com/jshttp/range-parser) | `1.2.1` | `1.3.0` | Updates `body-parser` from 2.2.2 to 2.3.0 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@v2.2.2...v2.3.0) Updates `es-object-atoms` from 1.1.1 to 1.1.2 - [Changelog](https://github.com/es-shims/es-object-atoms/blob/main/CHANGELOG.md) - [Commits](es-shims/es-object-atoms@v1.1.1...v1.1.2) Updates `eventsource-parser` from 3.0.8 to 3.1.0 - [Release notes](https://github.com/rexxars/eventsource-parser/releases) - [Changelog](https://github.com/rexxars/eventsource-parser/blob/main/CHANGELOG.md) - [Commits](rexxars/eventsource-parser@v3.0.8...v3.1.0) Updates `express-rate-limit` from 8.5.1 to 8.5.2 - [Release notes](https://github.com/express-rate-limit/express-rate-limit/releases) - [Commits](express-rate-limit/express-rate-limit@v8.5.1...v8.5.2) Updates `form-data` from 4.0.5 to 4.0.6 - [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md) - [Commits](form-data/form-data@v4.0.5...v4.0.6) Updates `hasown` from 2.0.3 to 2.0.4 - [Changelog](https://github.com/inspect-js/hasOwn/blob/main/CHANGELOG.md) - [Commits](inspect-js/hasOwn@v2.0.3...v2.0.4) Updates `hono` from 4.12.18 to 4.12.27 - [Release notes](https://github.com/honojs/hono/releases) - [Commits](honojs/hono@v4.12.18...v4.12.27) Updates `qs` from 6.15.1 to 6.15.3 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.15.1...v6.15.3) Updates `range-parser` from 1.2.1 to 1.3.0 - [Release notes](https://github.com/jshttp/range-parser/releases) - [Changelog](https://github.com/jshttp/range-parser/blob/master/HISTORY.md) - [Commits](jshttp/range-parser@v1.2.1...v1.3.0) Updates `side-channel` from 1.1.0 to 1.1.1 - [Changelog](https://github.com/ljharb/side-channel/blob/main/CHANGELOG.md) - [Commits](ljharb/side-channel@v1.1.0...v1.1.1) Updates `type-is` from 2.0.1 to 2.1.0 - [Release notes](https://github.com/jshttp/type-is/releases) - [Commits](jshttp/type-is@2.0.1...v2.1.0) --- updated-dependencies: - dependency-name: body-parser dependency-version: 2.3.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: es-object-atoms dependency-version: 1.1.2 dependency-type: indirect update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: eventsource-parser dependency-version: 3.1.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: express-rate-limit dependency-version: 8.5.2 dependency-type: indirect update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: form-data dependency-version: 4.0.6 dependency-type: indirect update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: hasown dependency-version: 2.0.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: hono dependency-version: 4.12.27 dependency-type: indirect update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: qs dependency-version: 6.15.3 dependency-type: indirect update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: range-parser dependency-version: 1.3.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: side-channel dependency-version: 1.1.1 dependency-type: indirect update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: type-is dependency-version: 2.1.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the production-dependencies group with 7 updates in the / directory:
2.2.22.3.01.1.11.1.23.0.83.1.08.5.18.5.24.0.54.0.64.12.184.12.271.2.11.3.0Updates
body-parserfrom 2.2.2 to 2.3.0Release notes
Sourced from body-parser's releases.
Changelog
Sourced from body-parser's changelog.
Commits
d0f2ace2.3.0 (#735)7d03f2fchore: updated deps to latest (#733)8024ba7build(deps): bump actions/checkout from 6.0.2 to 6.0.3 (#732)32b4ed4build(deps): bump github/codeql-action from 4.35.3 to 4.36.1 (#731)ff0f6b9docs: update outdated reference to MDN docs (#730)14d001arefactor: switch to const/let and enable eslint no-var rule (#729)37f36a2deps: update content-type and type-is (#728)e1c244bbuild(deps): bump github/codeql-action from 4.35.1 to 4.35.3 (#723)e01087fbuild(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#724)a7698d3build(deps): bump actions/setup-node from 6.3.0 to 6.4.0 (#725)Updates
es-object-atomsfrom 1.1.1 to 1.1.2Changelog
Sourced from es-object-atoms's changelog.
Commits
9e62644v1.1.241e3d94[Dev Deps] update@ljharb/eslint-config,@ljharb/tsconfig, `auto-changelo...758edc2[types] improveisObjecttypeUpdates
eventsource-parserfrom 3.0.8 to 3.1.0Release notes
Sourced from eventsource-parser's releases.
Changelog
Sourced from eventsource-parser's changelog.
Commits
83db3dechore(release): 3.1.0 [skip ci]9bbcd07feat: addmaxBufferSizeoption (#32)f5cafc0chore: update lockfiles9099f5echore: upgrade dev dependenciesUpdates
express-rate-limitfrom 8.5.1 to 8.5.2Release notes
Sourced from express-rate-limit's releases.
Commits
97746938.5.20e94cc0v8.5.2 changelog9a583c5feat: simplify IPv6 key generation (#633)4f4b3fbchore(deps-dev): bump lint-staged from 16.4.0 to 17.0.4 (#632)3c1d6c5chore(deps-dev): bump the development-dependencies group with 7 updates (#631)18884b6chore(deps): bump basic-ftp from 5.2.0 to 5.3.1 (#630)dacc980chore(deps): bump handlebars from 4.7.8 to 4.7.9 (#629)486d0c6chore(deps): bump follow-redirects from 1.15.11 to 1.16.0 (#627)Updates
form-datafrom 4.0.5 to 4.0.6Changelog
Sourced from form-data's changelog.
Commits
64190dbv4.0.692ae0eb[Deps] updatehasown,mime-typesf31d21e[Dev Deps] update@ljharb/eslint-config,auto-changelog,tape8dff42c[Fix] escape CR, LF, and"in field names and filenames67b0f65[Dev Deps] updatejs-randomness-predictorUpdates
hasownfrom 2.0.3 to 2.0.4Changelog
Sourced from hasown's changelog.
Commits
97f3a85v2.0.4fdab00e[types] drop the dead key-narrowing overload91f6247[Dev Deps] update@ljharb/eslint-config,auto-changelog,eslintUpdates
honofrom 4.12.18 to 4.12.27Release notes
Sourced from hono's releases.
... (truncated)
Commits
97c6fe14.12.27aa92177Merge commit from forkcd3f6f7Merge commit from forkd4853a8fix(jsx): make merged context-isolation tests pass tsc type check (#5037)6735feafix(jsx): cast awaitedFallback through unknown to fix Deno type check (#5036)fab3b13Merge commit from fork9f0dadfci: use npm Staged publishing (#5035)27b79924.12.26d29982cchore: replace arg and glob with Bun native APIs in build script16215d5chore: remove unused devcontainer and gitpod configs (#5029)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for hono since your current version.
Updates
qsfrom 6.15.1 to 6.15.3Changelog
Sourced from qs's changelog.
Commits
18d085ev6.15.3c38af42[Deps] updateside-channeladce539[Dev Deps] updateeslint,mock-property,tape74a0f6a[Robustness]utils: enforcearrayLimitconsistently acrossmerge's arra...f4938f5[Tests]parse: characterize current lenient handling of unbalanced bracket ...5d5f723[Perf]utils: makecompactO(n) via a side-channel visited-set instead of...52afe00[Robustness]parse: throw thearrayLimiterror before splitting oversized...963e538[Fix]parse: enforcethrowOnLimitExceededfor cumulative array growth via...59da434[Fix]utils: respect encoding of surrogate pairs across chunks9532969[Robustness]utils.merge/utils.assign: avoid invoking__proto__sette...Updates
range-parserfrom 1.2.1 to 1.3.0Release notes
Sourced from range-parser's releases.
Commits
f4bf173Clamp a suffix whose length exceeds the representation (#66)b49e00ffix: still show ranges if there are multiple ranges, even if some are invalid...4f3b091Remove dependabot config (#60)eba9c7aImprove number parsing (#58)269cb4efix: handle invalid start and end byte positions in range parsing (#57)098e332build(deps): bump github/codeql-action from 3.31.2 to 4.31.6 (#50)3599369build(deps): bump actions/checkout from 3.6.0 to 6.0.0 (#51)054ea57build(deps): bump github/codeql-action from 2.23.2 to 4.31.2 (#48)d230b16build(deps): bump actions/upload-artifact from 3.1.3 to 5.0.0 (#49)54f84f4chore: add funding to package.json (#42)Maintainer changes
This version was pushed to npm by blakeembrey, a new releaser for range-parser since your current version.
Updates
side-channelfrom 1.1.0 to 1.1.1Changelog
Sourced from side-channel's changelog.
Commits
3d26095v1.1.1fc17361[Fix]assert: do not observably access object keys when throwing35b18c0[actions] update workflowsaccf1a1[Deps] updateobject-inspect,side-channel-listb456a01[Dev Deps] update@arethetypeswrong/cli,@ljharb/eslint-config, `@ljharb/...7e0c956[readme] replace runkit CI badge with shields.io check-runs badgeUpdates
type-isfrom 2.0.1 to 2.1.0Release notes
Sourced from type-is's releases.
Commits
62a423f2.1.0accdc2fUpgradecontent-type(#95)2554c0aRemove dependabot (#90)011ea1abuild(deps): bump github/codeql-action from 4.31.2 to 4.32.4 (#91)9be1494build(deps): bump actions/upload-artifact from 5.0.0 to 7.0.0 (#92)663e357build(deps): bump github/codeql-action from 3.30.0 to 4.31.2 (#80)c463aa1build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 (#81)fd1e10dbuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#77)6a04dc1build(deps): bump github/codeql-action from 3.28.18 to 3.30.0 (#76)8751b97chore: add funding to package.json (#74)Maintainer changes
This version was pushed to npm by blakeembrey, a new releaser for type-is since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions