Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm_and_yarn group across 1 directory with 12 updates #9

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the npm_and_yarn group across 1 directory with 12 updates #9

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jun 4, 2024

Bumps the npm_and_yarn group with 11 updates in the / directory:

Package From To
@actions/core 1.2.6 1.9.1
fast-xml-parser 3.19.0 4.4.0
aws-amplify 4.3.15 6.3.4
@babel/traverse 7.17.3 7.24.6
ansi-regex 4.1.0 5.0.1
ansi-regex 3.0.0 5.0.1
decode-uri-component 0.2.0 0.2.2
follow-redirects 1.14.9 1.15.6
minimatch 3.0.4 3.1.2
minimist 1.2.5 1.2.8
jsdom 11.12.0 removed
jest 24.9.0 29.7.0

Updates @actions/core from 1.2.6 to 1.9.1

Changelog

Sourced from @​actions/core's changelog.

1.9.1

  • Randomize delimiter when calling core.exportVariable

1.9.0

  • Added toPosixPath, toWin32Path and toPlatformPath utilities #1102

1.8.2

  • Update to v2.0.1 of @actions/http-client #1087

1.8.1

  • Update to v2.0.0 of @actions/http-client

1.8.0

1.7.0

1.6.0

1.5.0

1.4.0

1.3.0

1.2.7

Commits

Updates fast-xml-parser from 3.19.0 to 4.4.0

Release notes

Sourced from fast-xml-parser's releases.

Security Fix

Update to this release if you use entity parsing in Fast XML Parser.

v4

  • Generating different combined, parser only, builder only, validator only browser bundles
  • Keeping cjs modules as they can be imported in cjs and esm modules both. Otherwise refer esm branch.

4.0.0-beta.8 / 2021-12-13

  • call tagValueProcessor for stop nodes

4.0.0-beta.7 / 2021-12-09

  • fix Validator bug when an attribute has no value but '=' only
  • XML Builder should suppress unpaired tags by default.
  • documents update for missing features
  • refactoring to use Object.assign
  • refactoring to remove repeated code

4.0.0-beta.6 / 2021-12-05

  • Support PI Tags processing
  • Support suppressBooleanAttributes by XML Builder for attributes with value true.

4.0.0-beta.5 / 2021-12-04

  • fix: when a tag with name "attributes"

4.0.0-beta.4 / 2021-12-02

  • Support HTML document parsing
  • skip stop nodes parsing when building the XML from JS object
  • Support external entites without DOCTYPE
  • update dev dependency: strnum v1.0.5 to fix long number issue

4.0.0-beta.3 / 2021-11-30

  • support global stopNodes expression like "*.stop"
  • support self-closing and paired unpaired tags
  • fix: CDATA should not be parsed.
  • Fix typings for XMLBuilder (#396)(By Anders Emil Salvesen)
  • supports XML entities, HTML entities, DOCTYPE entities

⚠️ 4.0.0-beta.2 / 2021-11-19

  • rename attrMap to attibutes in parser output when preserveOrder:true
  • supports unpairedTags

⚠️ 4.0.0-beta.1 / 2021-11-18

  • Parser returns an array now
    • to make the structure common
    • and to return root level detail
  • renamed cdataTagName to cdataPropName
  • Added commentPropName
  • fix typings

⚠️ 4.0.0-beta.0 / 2021-11-16

... (truncated)

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

4.4.0 / 2024-05-18

  • fix #654: parse attribute list correctly for self closing stop node.
  • fix: validator bug when closing tag is not opened. (#647) (By Ryosuke Fukatani)
  • fix #581: typings; return type of tagValueProcessor & attributeValueProcessor (#582) (By monholm)

4.3.6 / 2024-03-16

4.3.5 / 2024-02-24

  • code for v5 is added for experimental use

4.3.4 / 2024-01-10

  • fix: Don't escape entities in CDATA sections (#633) (By wackbyte)

4.3.3 / 2024-01-10

  • Remove unnecessary regex

4.3.2 / 2023-10-02

4.3.1 / 2023-09-24

  • revert back "Fix typings for builder and parser to make return type generic" to avoid failure of existing projects. Need to decide a common approach.

4.3.0 / 2023-09-20

4.2.7 / 2023-07-30

  • Fix: builder should set text node correctly when only textnode is present (#589) (By qianqing)
  • Fix: Fix for null and undefined attributes when building xml (#585) (#598). A null or undefined value should be ignored. (By Eugenio Ceschia)

4.2.6 / 2023-07-17

4.2.5 / 2023-06-22

  • change code implementation

4.2.4 / 2023-06-06

  • fix security bug

4.2.3 / 2023-06-05

  • fix security bug

4.2.2 / 2023-04-18

  • fix #562: fix unpaired tag when it comes in last of a nested tag. Also throw error when unpaired tag is used as closing tag

4.2.1 / 2023-04-18

... (truncated)

Commits
  • 96f7501 update package detail
  • 151b8f4 fix #654: parse attribute list correctly for self closing stop node
  • 1a384a5 Run PR tests on node 16
  • 2ae1f62 fix: return type for tagValueProcessor & attributeValueProcessor (#582)
  • 9118736 docs: fix typos in v5 document fast-xml-parse (#650)
  • a96b968 fix: validator bag when closing tag is not opened. (#647)
  • 3ab1b3b update pcakge detail
  • 4c26aaa fix v5 options, add docs
  • 391f24f Add support for parsing HTML numeric entities (#645)
  • 072b2b0 update dev dependencies
  • Additional commits viewable in compare view

Updates aws-amplify from 4.3.15 to 6.3.4

Release notes

Sourced from aws-amplify's releases.

2024-05-23 Amplify JS release - [email protected]

What's Changed

Full Changelog: https://github.com/aws-amplify/amplify-js/compare/[email protected]@6.3.4

2024-05-22 Amplify JS release - [email protected]

What's Changed

Full Changelog: https://github.com/aws-amplify/amplify-js/compare/[email protected]@6.3.3

2024-05-15 Amplify JS release - [email protected]

What's Changed

Full Changelog: https://github.com/aws-amplify/amplify-js/compare/[email protected]@6.3.2

2024-05-13 Amplify JS release - [email protected]

What's Changed

Full Changelog: https://github.com/aws-amplify/amplify-js/compare/[email protected]@6.3.1

2024-05-07 Amplify JS release - [email protected]

What's Changed

... (truncated)

Commits
  • 181642f chore(release): Publish [skip release]
  • 125c690 release(required): adapter-nextjs validate if access and id tokens are valid ...
  • 5a30b27 chore(release): update API docs [skip release]
  • 8dfda28 chore(release): Publish [skip release]
  • ade1d0c release: Amplify JS release (#13414)
  • 82d53fa Revert "feat(core): validate if access and id tokens are valid cognito tokens...
  • 6a2b992 chore: Update Amplify doc-string comment (#13411)
  • 0b72b32 feat(core): validate if access and id tokens are valid cognito tokens (#13385)
  • d7d33da fix(storage): credentials expires after 1 hour (#13329)
  • 0532bef chore: Merge release into main (#13390)
  • Additional commits viewable in compare view

Updates @babel/traverse from 7.17.3 to 7.24.6

Release notes

Sourced from @​babel/traverse's releases.

v7.24.6 (2024-05-24)

Thanks @​amjed-98, @​blakewilson, @​coelhucas, and @​SukkaW for your first PRs!

🐛 Bug Fix

  • babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • babel-core, babel-generator, babel-plugin-transform-modules-commonjs
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
    • #16483 Fix: throw TypeError if addInitializer is called after finished (@​JLHwung)
  • babel-parser, babel-plugin-transform-typescript

🏠 Internal

  • babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-helpers
  • babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-parser, babel-traverse
  • Other

Committers: 9

v7.24.5 (2024-04-29)

Thanks @​romgrk and @​sossost for your first PRs!

🐛 Bug Fix

  • babel-plugin-transform-classes, babel-traverse
  • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.24.6 (2024-05-24)

🐛 Bug Fix

  • babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • babel-core, babel-generator, babel-plugin-transform-modules-commonjs
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
    • #16483 Fix: throw TypeError if addInitializer is called after finished (@​JLHwung)
  • babel-parser, babel-plugin-transform-typescript

🏠 Internal

  • babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-helpers
  • babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-parser, babel-traverse
  • Other

v7.24.5 (2024-04-29)

🐛 Bug Fix

  • babel-plugin-transform-classes, babel-traverse
  • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3

💅 Polish

🏠 Internal

  • Other
  • babel-parser
  • babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-helper-module-transforms, babel-helper-split-export-declaration, babel-helper-wrap-function, babel-helpers, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-block-scoping, babel-plugin-transform-destructuring, babel-plugin-transform-object-rest-spread, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx-self, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-traverse
  • babel-plugin-proposal-partial-application, babel-types
  • babel-plugin-transform-class-properties, babel-preset-env

... (truncated)

Commits

Updates ansi-regex from 4.1.0 to 5.0.1

Release notes

Sourced from ansi-regex's releases.

v5.0.1

Fixes (backport of 6.0.1 to v5)

This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in #38.

  • Fix ReDoS in certain cases (#37) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.

CVE-2021-3807

https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1

Thank you @​yetingli for the patch and reproduction case!

v5.0.0

Breaking

  • Require Node.js 8 166a0d5

Enhancements

  • Add TypeScript definition (#32) e77ea17

chalk/ansi-regex@v4.1.0...v5.0.0

Commits

Updates ansi-regex from 3.0.0 to 5.0.1

Release notes

Sourced from ansi-regex's releases.

v5.0.1

Fixes (backport of 6.0.1 to v5)

This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1, as requested in #38.

  • Fix ReDoS in certain cases (#37) You are only really affected if you run the regex on untrusted user input in a server context, which it's very unlikely anyone is doing, since this regex is mainly used in command-line tools.

CVE-2021-3807

https://github.com/chalk/ansi-regex/compare/v5.0.0..v5.0.1

Thank you @​yetingli for the patch and reproduction case!

v5.0.0

Breaking

  • Require Node.js 8 166a0d5

Enhancements

  • Add TypeScript definition (#32) e77ea17

chalk/ansi-regex@v4.1.0...v5.0.0

Commits

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

  • Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

  • Switch to GitHub workflows 76abc93
  • Fix issue where decode throws - fixes #6 746ca5d
  • Update license (#1) 486d7e2
  • Tidelift tasks a650457
  • Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

Updates follow-redirects from 1.14.9 to 1.15.6

Commits
  • 35a517c Release version 1.15.6 of the npm package.
  • c4f847f Drop Proxy-Authorization across hosts.
  • 8526b4a Use GitHub for disclosure.
  • b1677ce Release version 1.15.5 of the npm package.
  • d8914f7 Preserve fragment in responseUrl.
  • 6585820 Release version 1.15.4 of the npm package.
  • 7a6567e Disallow bracketed hostnames.
  • 05629af Prefer native URL instead of deprecated url.parse.
  • 1cba8e8 Prefer native URL instead of legacy url.resolve.
  • 72bc2a4 Simplify _processResponse error handling.
  • Additional commits viewable in compare view

Updates minimatch from 3.0.4 to 3.1.2

Commits

Updates minimist from 1.2.5 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

Fixed

Commits

  • Merge tag 'v0.2.3' a026794
  • [eslint] fix indentation and whitespace 5368ca4
  • [eslint] fix indentation and whitespace e5f5067
  • [eslint] more cleanup 62fde7d
  • [eslint] more cleanup 36ac5d0
  • [meta] add auto-changelog 73923d2
  • [actions] add reusable workflows d80727d
  • [eslint] add eslint; rules to enable later are warnings 48bc06a
  • [eslint] fix indentation 34b0f1c
  • [readme] rename and add badges 5df0fe4
  • [Dev Deps] switch from covert to nyc a48b128
  • [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
  • [meta] create FUNDING.yml; add funding in package.json 3639e0c
  • [meta] use npmignore to autogenerate an npmignore file be2e038
  • Only apps should have lockfiles 282b570
  • isConstructorOrProto adapted from PR ef9153f
  • [Dev Deps] update @ljharb/eslint-config, aud 098873c
  • [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
  • [meta] add safe-publish-latest 4b927de
  • [Tests] add aud in posttest b32d9bd
  • [meta] update repo URLs f9fdfc0
  • [actions] Avoid 0.6 tests due to build failures ba92fe6
  • [Dev Deps] update tape 950eaa7
  • [Dev Deps] add missing npmignore dev dep 3226afa
  • Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits
  • 6901ee2 v1.2.8
  • a026794 Merge tag 'v0.2.3'
  • c0b2661 v0.2.3
  • 63b8fee [Fix] Fix long option followed by single dash (#17)
  • 72239e6 [Tests] Remove duplicate test (#12)
  • 34b0f1c [eslint] fix indentation
  • 3226afa [Dev Deps] add missing npmignore dev dep
  • 098873c [Dev Deps] update @ljharb/eslint-config, aud
  • 9ec4d27 [Fix] Fix long option followed by single dash
  • ba92fe6 [actions] Avoid 0.6 tests due to build failures
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.


Removes jsdom

Updates jest from 24.9.0 to 29.7.0

Release notes

Sourced from jest's releases.

v29.7.0

Features

  • [create-jest] Add npm init / yarn create initialiser for Jest projects (#14465)
  • [jest-validate] Allow deprecation warnings for unknown options (#14499)

Fixes

  • [jest-resolver] Replace unmatched capture groups in moduleNameMapper with empty string instead of undefined (#14507)
  • [jest-snapshot] Allow for strings as well as template literals in inline snapshots (#14465)
  • [@jest/test-sequencer] Calculate test runtime if perStats.duration is missing (#14473)

Performance

  • [@jest/create-cache-key-function] Cache access of NODE_ENV and BABEL_ENV (#14455)

Chore & Maintenance

  • [jest-cli] Move internal config initialisation logic to the create-jest package (#14465)

New Contributors

@dependabot
Bump the npm_and_yarn group across 1 directory with 12 updates
531c854 
Bumps the npm_and_yarn group with 11 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) | `1.2.6` | `1.9.1` |
| [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `3.19.0` | `4.4.0` |
| [aws-amplify](https://github.com/aws-amplify/amplify-js) | `4.3.15` | `6.3.4` |
| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.17.3` | `7.24.6` |
| [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `5.0.1` |
| [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `5.0.1` |
| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.9` | `1.15.6` |
| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.2` |
| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |
| [jsdom](https://github.com/jsdom/jsdom) | `11.12.0` | `removed` |
| [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `24.9.0` | `29.7.0` |



Updates `@actions/core` from 1.2.6 to 1.9.1
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Updates `fast-xml-parser` from 3.19.0 to 4.4.0
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-parser@3.19.0...v4.4.0)

Updates `aws-amplify` from 4.3.15 to 6.3.4
- [Release notes](https://github.com/aws-amplify/amplify-js/releases)
- [Commits](https://github.com/aws-amplify/amplify-js/compare/[email protected]@6.3.4)

Updates `@babel/traverse` from 7.17.3 to 7.24.6
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.24.6/packages/babel-traverse)

Updates `ansi-regex` from 4.1.0 to 5.0.1
- [Release notes](https://github.com/chalk/ansi-regex/releases)
- [Commits](chalk/ansi-regex@v4.1.0...v5.0.1)

Updates `ansi-regex` from 3.0.0 to 5.0.1
- [Release notes](https://github.com/chalk/ansi-regex/releases)
- [Commits](chalk/ansi-regex@v4.1.0...v5.0.1)

Updates `decode-uri-component` from 0.2.0 to 0.2.2
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

Updates `follow-redirects` from 1.14.9 to 1.15.6
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.14.9...v1.15.6)

Updates `minimatch` from 3.0.4 to 3.1.2
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.0.4...v3.1.2)

Updates `minimist` from 1.2.5 to 1.2.8
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.5...v1.2.8)

Removes `jsdom`

Updates `jest` from 24.9.0 to 29.7.0
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v29.7.0/packages/jest)

Updates `json5` from 2.1.3 to 2.2.3
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v2.1.3...v2.2.3)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: fast-xml-parser
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: aws-amplify
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@babel/traverse"
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ansi-regex
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ansi-regex
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: decode-uri-component
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimist
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jsdom
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jest
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: json5
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jun 4, 2024
@dependabot dependabot bot mentioned this pull request Jun 4, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants