Update some dependencies - Security Fix #242
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…pdates Bumps the npm_and_yarn group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [astro](https://github.com/withastro/astro/tree/HEAD/packages/astro) | `4.7.1` | `4.16.18` | | [axios](https://github.com/axios/axios) | `1.7.2` | `1.8.2` | | [express](https://github.com/expressjs/express) | `4.19.2` | `4.20.0` | | [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte) | `4.2.17` | `4.2.19` | | [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.24.5` | `7.27.0` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [nanoid](https://github.com/ai/nanoid) | `3.3.7` | `3.3.11` | | [prismjs](https://github.com/PrismJS/prism) | `1.29.0` | `1.30.0` | | [systeminformation](https://github.com/sebhildebrandt/systeminformation) | `5.22.8` | `5.25.11` | | [undici](https://github.com/nodejs/undici) | `5.28.4` | `5.29.0` | Updates `astro` from 4.7.1 to 4.16.18 - [Release notes](https://github.com/withastro/astro/releases) - [Changelog](https://github.com/withastro/astro/blob/[email protected]/packages/astro/CHANGELOG.md) - [Commits](https://github.com/withastro/astro/commits/[email protected]/packages/astro) Updates `axios` from 1.7.2 to 1.8.2 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.7.2...v1.8.2) Updates `express` from 4.19.2 to 4.20.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.19.2...4.20.0) Updates `svelte` from 4.2.17 to 4.2.19 - [Release notes](https://github.com/sveltejs/svelte/releases) - [Changelog](https://github.com/sveltejs/svelte/blob/[email protected]/packages/svelte/CHANGELOG.md) - [Commits](https://github.com/sveltejs/svelte/commits/[email protected]/packages/svelte) Updates `@babel/helpers` from 7.24.5 to 7.27.0 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.0/packages/babel-helpers) Updates `@babel/runtime` from 7.24.5 to 7.27.0 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.0/packages/babel-runtime) Updates `body-parser` from 1.20.2 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.2...1.20.3) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `dset` from 3.1.3 to 3.1.4 - [Release notes](https://github.com/lukeed/dset/releases) - [Commits](lukeed/dset@v3.1.3...v3.1.4) Updates `micromatch` from 4.0.5 to 4.0.8 - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.5...4.0.8) Updates `nanoid` from 3.3.7 to 3.3.11 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.3.7...3.3.11) Updates `path-to-regexp` from 0.1.7 to 0.1.10 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.10) Updates `prismjs` from 1.29.0 to 1.30.0 - [Release notes](https://github.com/PrismJS/prism/releases) - [Changelog](https://github.com/PrismJS/prism/blob/master/CHANGELOG.md) - [Commits](PrismJS/prism@v1.29.0...v1.30.0) Updates `rollup` from 4.17.2 to 4.39.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.17.2...v4.39.0) Updates `serve-static` from 1.15.0 to 1.16.0 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/master/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...1.16.0) Updates `systeminformation` from 5.22.8 to 5.25.11 - [Changelog](https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md) - [Commits](sebhildebrandt/systeminformation@v5.22.8...v5.25.11) Updates `undici` from 5.28.4 to 5.29.0 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v5.28.4...v5.29.0) Updates `vite` from 5.2.11 to 5.4.17 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.17/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.17/packages/vite) --- updated-dependencies: - dependency-name: astro dependency-version: 4.16.18 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: axios dependency-version: 1.8.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: express dependency-version: 4.20.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: svelte dependency-version: 4.2.19 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@babel/helpers" dependency-version: 7.27.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/runtime" dependency-version: 7.27.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-version: 1.20.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-version: 3.0.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: dset dependency-version: 3.1.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: micromatch dependency-version: 4.0.8 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-version: 3.3.11 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-version: 0.1.10 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: prismjs dependency-version: 1.30.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-version: 4.39.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-version: 1.16.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: systeminformation dependency-version: 5.25.11 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: undici dependency-version: 5.29.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 5.4.17 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
…m_and_yarn-26cb89f6b5 build(deps): bump the npm_and_yarn group across 1 directory with 18 updates
✅ Deploy Preview for web-check ready!Built without sensitive environment variables
To edit notification comments on pull requests, go to your Netlify site configuration. |
Bumps the npm_and_yarn group with 1 update in the / directory: [systeminformation](https://github.com/sebhildebrandt/systeminformation). Updates `systeminformation` from 5.22.8 to 5.25.11 - [Changelog](https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md) - [Commits](sebhildebrandt/systeminformation@v5.22.8...v5.25.11) --- updated-dependencies: - dependency-name: systeminformation dependency-version: 5.25.11 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps the npm_and_yarn group with 1 update in the / directory: [undici](https://github.com/nodejs/undici). Updates `undici` from 5.28.4 to 5.29.0 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v5.28.4...v5.29.0) --- updated-dependencies: - dependency-name: undici dependency-version: 5.29.0 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps the npm_and_yarn group with 1 update in the / directory: [prismjs](https://github.com/PrismJS/prism). Updates `prismjs` from 1.29.0 to 1.30.0 - [Release notes](https://github.com/PrismJS/prism/releases) - [Changelog](https://github.com/PrismJS/prism/blob/master/CHANGELOG.md) - [Commits](PrismJS/prism@v1.29.0...v1.30.0) --- updated-dependencies: - dependency-name: prismjs dependency-version: 1.30.0 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps the npm_and_yarn group with 1 update in the / directory: [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime). Updates `@babel/runtime` from 7.24.5 to 7.27.0 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.0/packages/babel-runtime) --- updated-dependencies: - dependency-name: "@babel/runtime" dependency-version: 7.27.0 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
…pm_and_yarn-bef6679ac4 build(deps): bump @babel/runtime from 7.24.5 to 7.27.0 in the npm_and_yarn group across 1 directory
…pm_and_yarn-46be7da7dc build(deps): bump prismjs from 1.29.0 to 1.30.0 in the npm_and_yarn group across 1 directory
…m_and_yarn-4b5143638f build(deps): bump systeminformation from 5.22.8 to 5.25.11 in the npm_and_yarn group across 1 directory
…m_and_yarn-87115a91ec build(deps): bump undici from 5.28.4 to 5.29.0 in the npm_and_yarn group across 1 directory
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
build(deps): bump the npm_and_yarn group across 1 directory with 18 updates