Bump the npm_and_yarn group across 3 directories with 16 updates #14

dependabot · 2024-04-03T18:10:21Z

Bumps the npm_and_yarn group with 11 updates in the /docs directory:

Package	From	To
@babel/traverse	`7.19.4`	`7.24.1`
express	`4.18.2`	`4.19.2`
follow-redirects	`1.15.2`	`1.15.6`
http-cache-semantics	`4.1.0`	`4.1.1`
json5	`2.2.1`	`2.2.3`
loader-utils	`2.0.2`	`2.0.4`
postcss	`8.4.18`	`8.4.38`
semver	`5.7.1`	`5.7.2`
ua-parser-js	`0.7.32`	`0.7.37`
webpack-dev-middleware	`5.3.3`	`5.3.4`
webpack	`5.74.0`	`5.91.0`

Bumps the npm_and_yarn group with 13 updates in the /docs/plugins/woodpecker-plugins directory:

Package	From	To
@babel/traverse	`7.19.4`	`7.24.1`
@sideway/formula	`3.0.0`	`3.0.1`
axios	`0.27.2`	`0.28.0`
express	`4.18.2`	`4.19.2`
follow-redirects	`1.15.2`	`1.15.6`
http-cache-semantics	`4.1.0`	`4.1.1`
json5	`2.2.1`	`2.2.3`
loader-utils	`2.0.2`	`2.0.4`
postcss	`8.4.18`	`8.4.38`
semver	`5.7.1`	`5.7.2`
webpack-dev-middleware	`5.3.3`	`5.3.4`
webpack	`5.74.0`	`5.91.0`
yaml	`2.1.3`	`2.2.2`

Bumps the npm_and_yarn group with 7 updates in the /web directory:

Package	From	To
@babel/traverse	`7.19.4`	`7.24.1`
json5	`1.0.1`	`1.0.2`
loader-utils	`1.4.0`	`1.4.2`
postcss	`8.4.18`	`8.4.38`
semver	`6.3.0`	`6.3.1`
vite	`3.1.8`	`3.2.10`
decode-uri-component	`0.2.0`	`0.2.2`

Updates @babel/traverse from 7.19.4 to 7.24.1

Release notes

Sourced from @babel/traverse's releases.

v7.24.1 (2024-03-19)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16350 Fix decorated class computed keys ordering (@JLHwung)

#16344 Fix decorated class static field private access (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env

#16329 Respect moduleName for @babel/runtime/regenerator imports (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties

#16331 Fix decorator memoiser binding kind (@JLHwung)

babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

#16325 Fix decorator evaluation private environment (@JLHwung)

📝 Documentation

#16319 Update SECURITY.md (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16359 Replace chalk with picocolors (@nicolo-ribaudo)

babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow

#16352 Run Babel transform tests on old node if possible (@JLHwung)

babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx

#16349 Support merging imports in import injector (@nicolo-ribaudo)

Other

#16332 Test Babel 7 plugins compatibility with Babel 8 core (@nicolo-ribaudo)

🔬 Output optimization

babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime

#16345 Optimize the use of assertThisInitialized after super() (@liuxingbaoyu)

babel-plugin-transform-class-properties, babel-plugin-transform-classes

#16343 Use simpler assertThisInitialized more often (@liuxingbaoyu)

babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse

#16342 Consider well-known and registered symbols as literals (@nicolo-ribaudo)

babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

#16326 Reduce the use of class names (@liuxingbaoyu)

Committers: 4

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

@liuxingbaoyu

v7.24.0 (2024-02-28)

Thanks @ajihyf for your first PR!

Release post with summary and highlights: https://babeljs.io/7.24.0

🚀 New Feature

babel-standalone

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.24.1 (2024-03-19)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16350 Fix decorated class computed keys ordering (@JLHwung)

#16344 Fix decorated class static field private access (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env

#16329 Respect moduleName for @babel/runtime/regenerator imports (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties

#16331 Fix decorator memoiser binding kind (@JLHwung)

babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

#16325 Fix decorator evaluation private environment (@JLHwung)

📝 Documentation

#16319 Update SECURITY.md (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16359 Replace chalk with picocolors (@nicolo-ribaudo)

babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow

#16352 Run Babel transform tests on old node if possible (@JLHwung)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3, babel-runtime, babel-standalone

#16323 Allow separate helpers to be excluded in Babel 8 (@liuxingbaoyu)

babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx

#16349 Support merging imports in import injector (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-bugfix-v8-spread-parameters-in-optional-chaining, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-external-helpers, babel-plugin-proposal-async-do-expressions, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-plugin-proposal-duplicate-named-capturing-groups-regex, babel-plugin-proposal-explicit-resource-management, babel-plugin-proposal-export-default-from, babel-plugin-proposal-function-bind, babel-plugin-proposal-function-sent, babel-plugin-proposal-import-attributes-to-assertions, babel-plugin-proposal-import-defer, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-optional-chaining-assign, babel-plugin-proposal-partial-application, babel-plugin-proposal-pipeline-operator, babel-plugin-proposal-record-and-tuple, babel-plugin-proposal-regexp-modifiers, babel-plugin-proposal-throw-expressions, babel-plugin-syntax-async-do-expressions, babel-plugin-syntax-decimal, babel-plugin-syntax-decorators, babel-plugin-syntax-destructuring-private, babel-plugin-syntax-do-expressions, babel-plugin-syntax-explicit-resource-management, babel-plugin-syntax-export-default-from, babel-plugin-syntax-flow, babel-plugin-syntax-function-bind, babel-plugin-syntax-function-sent, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-plugin-syntax-import-defer, babel-plugin-syntax-import-reflection, babel-plugin-syntax-import-source, babel-plugin-syntax-jsx, babel-plugin-syntax-module-blocks, babel-plugin-syntax-optional-chaining-assign, babel-plugin-syntax-partial-application, babel-plugin-syntax-pipeline-operator, babel-plugin-syntax-record-and-tuple, babel-plugin-syntax-throw-expressions, babel-plugin-syntax-typescript, babel-plugin-transform-arrow-functions, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoped-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-classes, babel-plugin-transform-computed-properties, babel-plugin-transform-destructuring, babel-plugin-transform-dotall-regex, babel-plugin-transform-duplicate-keys, babel-plugin-transform-dynamic-import, babel-plugin-transform-exponentiation-operator, babel-plugin-transform-export-namespace-from, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-for-of, babel-plugin-transform-function-name, babel-plugin-transform-instanceof, babel-plugin-transform-jscript, babel-plugin-transform-json-strings, babel-plugin-transform-literals, babel-plugin-transform-logical-assignment-operators, babel-plugin-transform-member-expression-literals, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-modules-umd, babel-plugin-transform-new-target, babel-plugin-transform-nullish-coalescing-operator, babel-plugin-transform-numeric-separator, babel-plugin-transform-object-assign, babel-plugin-transform-object-rest-spread, babel-plugin-transform-object-set-prototype-of-to-assign, babel-plugin-transform-object-super, babel-plugin-transform-optional-catch-binding, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-property-literals, babel-plugin-transform-property-mutators, babel-plugin-transform-proto-to-assign, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-display-name, babel-plugin-transform-react-inline-elements, babel-plugin-transform-react-jsx-compat, babel-plugin-transform-react-jsx-self, babel-plugin-transform-react-jsx-source, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-reserved-words, babel-plugin-transform-runtime, babel-plugin-transform-shorthand-properties, babel-plugin-transform-spread, babel-plugin-transform-sticky-regex, babel-plugin-transform-strict-mode, babel-plugin-transform-template-literals, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-plugin-transform-unicode-escapes, babel-plugin-transform-unicode-property-regex, babel-plugin-transform-unicode-regex, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow, babel-preset-react, babel-preset-typescript

#16332 Test Babel 7 plugins compatibility with Babel 8 core (@nicolo-ribaudo)

babel-compat-data, babel-plugin-transform-object-rest-spread, babel-preset-env

#16318 [babel 8] Fix @babel/compat-data package.json (@nicolo-ribaudo)

🔬 Output optimization

babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime

#16345 Optimize the use of assertThisInitialized after super() (@liuxingbaoyu)

babel-plugin-transform-class-properties, babel-plugin-transform-classes

#16343 Use simpler assertThisInitialized more often (@liuxingbaoyu)

babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse

#16342 Consider well-known and registered symbols as literals (@nicolo-ribaudo)

babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

#16326 Reduce the use of class names (@liuxingbaoyu)

v7.24.0 (2024-02-28)

🚀 New Feature

babel-standalone

#11696 Export babel tooling packages in @babel/standalone (@ajihyf)

babel-core, babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-transform-class-properties

#16267 Implement noUninitializedPrivateFieldAccess assumption (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-syntax-decorators, babel-plugin-transform-class-properties, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16242 Support decorator 2023-11 normative updates (@JLHwung)

babel-preset-flow

#16309 [babel 7] Allow setting ignoreExtensions in Flow preset (@nicolo-ribaudo)

... (truncated)

Commits

822b025 v7.24.1
fc0d5ad Update typescript and lint tools (#16351)
69e7928 Consider well-known and registered symbols as literals (#16342)
40110e9 Update source map deps (#16327)
ce59160 v7.24.0
bd5abd5 fix: avoid popContext on unvisited node paths (#16305)
08a057c Use Object.hasOwn when available (#16248)
a0dd614 v7.23.9
1200542 fix: Don't throw in getTypeAnnotation when using TS+inference (#15383)
e428a6d v7.23.7
Additional commits viewable in compare view

Updates @sideway/formula from 3.0.0 to 3.0.1

Commits

5b44c1b 3.0.1
9fbc20a chore: better number regex
41ae98e Cleanup
c59f35e Move to Sideway
See full diff in compare view

Maintainer changes

This version was pushed to npm by marsup, a new releaser for @sideway/formula since your current version.

Updates express from 4.18.2 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

Fix ci after location patch by @wesleytodd in expressjs/express#5552

fixed un-edited version in history.md for 4.19.0 by @wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

fix typo in release date by @UlisesGascon in expressjs/express#5527

docs: nominating @wesleytodd to be project captian by @wesleytodd in expressjs/express#5511

docs: loosen TC activity rules by @wesleytodd in expressjs/express#5510

Add note on how to update docs for new release by @crandmck in expressjs/express#5541

Prevent open redirect allow list bypass due to encodeurl

Release 4.19.0 by @wesleytodd in expressjs/express#5551

New Contributors

@crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

Other Changes

Use https: protocol instead of deprecated git: protocol by @vcsjones in expressjs/express#5032

build: [email protected] and [email protected] by @abenhamdine in expressjs/express#5034

ci: update actions/checkout to v3 by @armujahid in expressjs/express#5027

test: remove unused function arguments in params by @raksbisht in expressjs/express#5124

Remove unused originalIndex from acceptParams by @raksbisht in expressjs/express#5119

Fixed typos by @raksbisht in expressjs/express#5117

examples: remove unused params by @raksbisht in expressjs/express#5113

fix: parameter str is not described in JSDoc by @raksbisht in expressjs/express#5130

fix: typos in History.md by @raksbisht in expressjs/express#5131

build : add [email protected] by @abenhamdine in expressjs/express#5028

test: remove unused function arguments in params by @raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: [email protected]

4.18.3 / 2024-02-29

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

deps: [email protected]

Add partitioned option

Commits

04bc627 4.19.2
da4d763 Improved fix for open redirect allow list bypass
4f0f6cc 4.19.1
a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
a1fa90f fixed un-edited version in history.md for 4.19.0
11f2b1d build: fix build due to inconsistent supertest behavior in older versions
084e365 4.19.0
0867302 Prevent open redirect allow list bypass due to encodeurl
567c9c6 Add note on how to update docs for new release (#5541)
69a4cf2 deps: [email protected]
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates follow-redirects from 1.15.2 to 1.15.6

Commits

35a517c Release version 1.15.6 of the npm package.
c4f847f Drop Proxy-Authorization across hosts.
8526b4a Use GitHub for disclosure.
b1677ce Release version 1.15.5 of the npm package.
d8914f7 Preserve fragment in responseUrl.
6585820 Release version 1.15.4 of the npm package.
7a6567e Disallow bracketed hostnames.
05629af Prefer native URL instead of deprecated url.parse.
1cba8e8 Prefer native URL instead of legacy url.resolve.
72bc2a4 Simplify _processResponse error handling.
Additional commits viewable in compare view

Updates http-cache-semantics from 4.1.0 to 4.1.1

Commits

2449650 Update mocha
560b2d8 Don't use regex to trim whitespace
b1bdb92 Remove linting package zoo
c20dc7e Cache 308
See full diff in compare view

Updates json5 from 2.2.1 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

Commits

c3a7524 2.2.3
94fd06d docs: update CHANGELOG for v2.2.3
3b8cebf docs(security): use GitHub security advisories
f0fd9e1 docs: publish a security policy
6a91a05 docs(template): bug -> bug report
14f8cb1 2.2.2
10cc7ca docs: update CHANGELOG for v2.2.2
7774c10 fix: add proto to objects and arrays
edde30a Readme: slight tweak to intro
97286f8 Improve example in readme
Additional commits viewable in compare view

Updates loader-utils from 2.0.2 to 2.0.4

Release notes

Sourced from loader-utils's releases.

v2.0.4

2.0.4 (2022-11-11)

Bug Fixes

ReDoS problem (#225) (ac09944)

v2.0.3

2.0.3 (2022-10-20)

Bug Fixes

security: prototype pollution exploit (#217) (a93cf6f)

Changelog

Sourced from loader-utils's changelog.

2.0.4 (2022-11-11)

Bug Fixes

ReDoS problem (#225) (ac09944)

2.0.3 (2022-10-20)

Bug Fixes

security: prototype pollution exploit (#217) (a93cf6f)

Commits

6688b50 chore(release): 2.0.4
ac09944 fix: ReDoS problem (#225)
7162619 chore(release): 2.0.3
a93cf6f fix(security): prototype polution exploit (#217)
90c7c4b chore(release): 2.0.2
8c2d24e fix: base64 generation and unicode characters (#197)
See full diff in compare view

Updates postcss from 8.4.18 to 8.4.38

Release notes

Sourced from postcss's releases.

8.4.38

Fixed endIndex: 0 in errors and warnings (by @romainmenke).

8.4.37

Fixed original.column are not numbers error in another case.

8.4.36

Fixed original.column are not numbers error on broken previous source map.

8.4.35

Avoid ! in node.parent.nodes type.

Allow to pass undefined to node adding method to simplify types.

8.4.34

Fixed AtRule#nodes type (by @tim-we).

Cleaned up code (by @DrKiraDmitry).

8.4.33

Fixed NoWorkResult behavior difference with normal mode (by @romainmenke).

Fixed NoWorkResult usage conditions (by @ahmdammarr).

8.4.32

Fixed postcss().process() types (by @ferreira-tb).

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by @romainmenke).

8.4.29

Fixed Node#source.offset (by @idoros).

Fixed docs (by @coliff).

8.4.28

Fixed Root.source.end for better source map (by @romainmenke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by @romainmenke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.38

Fixed endIndex: 0 in errors and warnings (by @romainmenke).

8.4.37

Fixed original.column are not numbers error in another case.

8.4.36

Fixed original.column are not numbers error on broken previous source map.

8.4.35

Avoid ! in node.parent.nodes type.

Allow to pass undefined to node adding method to simplify types.

8.4.34

Fixed AtRule#nodes type (by Tim Weißenfels).

Cleaned up code (by Dmitry Kirillov).

8.4.33

Fixed NoWorkResult behavior difference with normal mode (by Romain Menke).

Fixed NoWorkResult usage conditions (by @ahmdammarr).

8.4.32

Fixed postcss().process() types (by Andrew Ferreira).

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by Romain Menke).

8.4.29

Fixed Node#source.offset (by Ido Rosenthal).

Fixed docs (by Christian Oliff).

8.4.28

Fixed Root.source.end for better source map (by Romain Menke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by Romain Menke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

... (truncated)

Commits

a69d45e Release 8.4.38 version
64e35d9 Update dependencies
c1ad8fb Merge pull request #1932 from romainmenke/fix-warning-end-index--inventive-nu...
b45e7e9 fix endIndex
1bea246 failing test: for endIndex 0 in rangeBy
0fd1d86 Add changelog auto release on Github
49c906e Release 8.4.37 version
b5bd92c Fix another broken prev source map issue
2882039 Update dependencies
e5ad939 Release 8.4.36 version
Additional commits viewable in compare view

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

5.7

Add minVersion method

5.6

Move boolean loose param to an options object, with backwards-compatibility protection.

Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

Add version coercion capabilities

5.4

Add intersection checking

5.3

Add minSatisfying method

5.2

Add prerelease(v) that returns prerelease components

5.1

Add Backus-Naur for ranges

Remove excessively cute inspection methods

5.0

Remove AMD/Browserified build artifacts

Fix ltr and gtr when using the * range

Fix for range * with a prerelease identifier

Commits

f8cc313 chore: release 5.7.2
2f8fd41 fix: better handling of whitespace (#585)
deb5ad5 chore: @npmcli/template-oss@4.16.0
See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates ua-parser-js from 0.7.32 to 0.7.37

Release notes

Sourced from ua-parser-js's releases.

v0.7.37

Version 0.7.37

Fix misidentified WebView token as device model

Increase UA_MAX_LENGTH to 500

Add new browser: Alipay, Klarna, Smart Lenovo Browser, Vivo Browser

Add new device: Ulefone

Improve device detection: Realme, Xiaomi Redmi

Rename browser: Avant, Baidu, Samsung Internet, Sogou Explorer, Sogou Mobile, WeChat

Changelog

Sourced from ua-parser-js's changelog.

Version 0.7.37

Fix misidentified WebView token as device model

Increase UA_MAX_LENGTH to 500

Add new browser: Alipay, Klarna, Smart Lenovo Browser, Vivo Browser

Add new device: Ulefone

Improve device detection: Realme, Xiaomi Redmi

Rename browser: Avant, Baidu, Samsung Internet, Sogou Explorer, Sogou Mobile, WeChat

Version 0.7.36 / 1.0.36

Add new browser: Snapchat

Add new devices: Infinix, Tecno

Improve device detection: Amazon Fire TV, Xiaomi POCO

Improve OS detection: iOS

Version 0.7.35 / 1.0.35

Fix result from user-supplied user-agent being altered

Add new browser: Heytap, TikTok

Add new engine: LibWeb

Add new OS: SerenityOS

Improve browser detection: Yandex

Improve device detection: iPhone, Amazon Echo

Improve OS detection: iOS

Version 0.7.34 / 1.0.34

Fix Sharp Mobile detected as Huawei Tablet

Fix IE8 bug

Add new devices : Kobo e-Reader, Apple Watch, and some new SmartTV devices

Add new OS : watchOS

Improve browser detection : Kakao, Naver, Brave

Improve device detection : Oculus, iPad

Improve OS detection : Chrome OS

Using navigator.userAgentData as fallback for device.type & os.name

Version 0.7.33 / 1.0.33

Add new browser : Cobalt

Identify Macintosh as an Apple device

Fix ReDoS vulnerability

Commits

d30ad46 Bump version 0.7.37
5302e2d Update changelog
f3de7b7 Backport - Improve browser detection: WeChat (cherry picked from commit 17f0c...
c41100e Backport - Improve browser detection: unified name for Baidu (cherry picked f...
23c5d77 Backport - Improve browser detection: remove unnecessary extra space in "Avan...
e3d5f76 Backport - Improve browser detection: rename "Samsung Browser" to "Samsung In...
02af42f Backport - Fix #682 - Add new browser: Smart Lenovo Browser (cherry picked fr...
57d1ac0 Backport - Fix #683 - change MetaSr into Sogou Explorer (+add Sogou Mobile) (...
ea2c829 Backport - Fix misidentified WebView token as device model - found in #681 (c...
3b896d5 Backport - Fix #681 - Add new browser: Vivo Browser (cherry picked from commi...
Additional commits viewable in compare view

Updates webpack-dev-middleware from 5.3.3 to 5.3.4

Release notes

Sourced from webpack-dev-middleware's releases.

v5.3.4

5.3.4 (2024-03-20)

Bug Fixes

security: do not allow to read files above (#1779) (189c4ac)

Changelog

Sourced from webpack-dev-middleware's changelog.

5.3.4 (2024-03-20)

Bug Fixes

security: do not allow to read files above (#1779) (189c4ac)

Commits

86071ea chore(release): 5.3.4
189c4ac fix(security): do not allow to read files above (#1779)
See full diff in compare view

Updates webpack from 5.74.0 to 5.91.0

Release notes

Sourced from webpack's releases.

v5.91.0

Bug Fixes

Deserializer for ignored modules doesn't crash

Allow the unsafeCache option to be a proxy object

Normalize the snapshot.unmanagedPaths option

Fixed fs types

Fixed resolve's plugins types

Fixed wrongly calculate postOrderIndex

Fixed watching types

Output import attrbiutes/...
Description has been truncated

Bumps the npm_and_yarn group with 11 updates in the /docs directory: | Package | From | To | | --- | --- | --- | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.19.4` | `7.24.1` | | [express](https://github.com/expressjs/express) | `4.18.2` | `4.19.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.2` | `1.15.6` | | [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) | `4.1.0` | `4.1.1` | | [json5](https://github.com/json5/json5) | `2.2.1` | `2.2.3` | | [loader-utils](https://github.com/webpack/loader-utils) | `2.0.2` | `2.0.4` | | [postcss](https://github.com/postcss/postcss) | `8.4.18` | `8.4.38` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [ua-parser-js](https://github.com/faisalman/ua-parser-js) | `0.7.32` | `0.7.37` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.3` | `5.3.4` | | [webpack](https://github.com/webpack/webpack) | `5.74.0` | `5.91.0` | Bumps the npm_and_yarn group with 13 updates in the /docs/plugins/woodpecker-plugins directory: | Package | From | To | | --- | --- | --- | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.19.4` | `7.24.1` | | [@sideway/formula](https://github.com/sideway/formula) | `3.0.0` | `3.0.1` | | [axios](https://github.com/axios/axios) | `0.27.2` | `0.28.0` | | [express](https://github.com/expressjs/express) | `4.18.2` | `4.19.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.2` | `1.15.6` | | [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) | `4.1.0` | `4.1.1` | | [json5](https://github.com/json5/json5) | `2.2.1` | `2.2.3` | | [loader-utils](https://github.com/webpack/loader-utils) | `2.0.2` | `2.0.4` | | [postcss](https://github.com/postcss/postcss) | `8.4.18` | `8.4.38` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.3` | `5.3.4` | | [webpack](https://github.com/webpack/webpack) | `5.74.0` | `5.91.0` | | [yaml](https://github.com/eemeli/yaml) | `2.1.3` | `2.2.2` | Bumps the npm_and_yarn group with 7 updates in the /web directory: | Package | From | To | | --- | --- | --- | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.19.4` | `7.24.1` | | [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `1.4.2` | | [postcss](https://github.com/postcss/postcss) | `8.4.18` | `8.4.38` | | [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `3.1.8` | `3.2.10` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | Updates `@babel/traverse` from 7.19.4 to 7.24.1 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.1/packages/babel-traverse) Updates `@sideway/formula` from 3.0.0 to 3.0.1 - [Commits](hapijs/formula@v3.0.0...v3.0.1) Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) Updates `follow-redirects` from 1.15.2 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.6) Updates `http-cache-semantics` from 4.1.0 to 4.1.1 - [Commits](kornelski/http-cache-semantics@v4.1.0...v4.1.1) Updates `json5` from 2.2.1 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.1...v2.2.3) Updates `loader-utils` from 2.0.2 to 2.0.4 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md) - [Commits](webpack/loader-utils@v2.0.2...v2.0.4) Updates `postcss` from 8.4.18 to 8.4.38 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.18...8.4.38) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `ua-parser-js` from 0.7.32 to 0.7.37 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/CHANGELOG.md) - [Commits](faisalman/ua-parser-js@0.7.32...0.7.37) Updates `webpack-dev-middleware` from 5.3.3 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) Updates `webpack` from 5.74.0 to 5.91.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.74.0...v5.91.0) Updates `@babel/traverse` from 7.19.4 to 7.24.1 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.1/packages/babel-traverse) Updates `@sideway/formula` from 3.0.0 to 3.0.1 - [Commits](hapijs/formula@v3.0.0...v3.0.1) Updates `axios` from 0.27.2 to 0.28.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v0.28.0/CHANGELOG.md) - [Commits](axios/axios@v0.27.2...v0.28.0) Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) Updates `follow-redirects` from 1.15.2 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.6) Updates `http-cache-semantics` from 4.1.0 to 4.1.1 - [Commits](kornelski/http-cache-semantics@v4.1.0...v4.1.1) Updates `json5` from 2.2.1 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.1...v2.2.3) Updates `loader-utils` from 2.0.2 to 2.0.4 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md) - [Commits](webpack/loader-utils@v2.0.2...v2.0.4) Updates `postcss` from 8.4.18 to 8.4.38 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.18...8.4.38) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `webpack-dev-middleware` from 5.3.3 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) Updates `webpack` from 5.74.0 to 5.91.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.74.0...v5.91.0) Updates `yaml` from 2.1.3 to 2.2.2 - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](eemeli/yaml@v2.1.3...v2.2.2) Updates `@babel/traverse` from 7.19.4 to 7.24.1 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.1/packages/babel-traverse) Updates `json5` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.1...v2.2.3) Updates `loader-utils` from 1.4.0 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md) - [Commits](webpack/loader-utils@v2.0.2...v2.0.4) Updates `postcss` from 8.4.18 to 8.4.38 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.18...8.4.38) Updates `semver` from 6.3.0 to 6.3.1 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `vite` from 3.1.8 to 3.2.10 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v3.2.10/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v3.2.10/packages/vite) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: "@sideway/formula" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: http-cache-semantics dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: webpack dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: "@sideway/formula" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: axios dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: http-cache-semantics dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: webpack dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: yaml dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: vite dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 3, 2024

This was referenced Apr 3, 2024

Bump the npm_and_yarn group across 3 directories with 13 updates #10

Closed

Bump the npm_and_yarn group across 3 directories with 14 updates #13

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 3 directories with 16 updates #14

Bump the npm_and_yarn group across 3 directories with 16 updates #14

dependabot bot commented on behalf of github Apr 3, 2024

Bump the npm_and_yarn group across 3 directories with 16 updates #14

Are you sure you want to change the base?

Bump the npm_and_yarn group across 3 directories with 16 updates #14

Conversation

dependabot bot commented on behalf of github Apr 3, 2024

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

Committers: 4

v7.24.0 (2024-02-28)

🚀 New Feature

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

v7.24.0 (2024-02-28)

🚀 New Feature

4.19.2

What's Changed

4.19.1

What's Changed

4.19.0

What's Changed

New Contributors

4.18.3

Main Changes

Other Changes

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

v2.2.3

v2.2.2

v2.2.3 [code, diff]

v2.2.2 [code, diff]

v2.0.4

2.0.4 (2022-11-11)

Bug Fixes

v2.0.3

2.0.3 (2022-10-20)

Bug Fixes

2.0.4 (2022-11-11)

Bug Fixes

2.0.3 (2022-10-20)

Bug Fixes

8.4.38

8.4.37

8.4.36

8.4.35

8.4.34

8.4.33

8.4.32

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

8.4.38

8.4.37

8.4.36

8.4.35

8.4.34

8.4.33

8.4.32

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

v5.7.2

5.7.2 (2023-07-10)