-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): bump the npm_and_yarn group across 2 directories with 9 updates #786
chore(deps): bump the npm_and_yarn group across 2 directories with 9 updates #786
Conversation
…updates Bumps the npm_and_yarn group with 1 update in the / directory: [next](https://github.com/vercel/next.js). Bumps the npm_and_yarn group with 5 updates in the /docs directory: | Package | From | To | | --- | --- | --- | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [got](https://github.com/sindresorhus/got) | `9.6.0` | `12.6.1` | | [@docusaurus/core](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus) | `2.3.1` | `3.4.0` | | [@docusaurus/preset-classic](https://github.com/facebook/docusaurus/tree/HEAD/packages/docusaurus-preset-classic) | `2.3.1` | `3.4.0` | | [@easyops-cn/docusaurus-search-local](https://github.com/easyops-cn/docusaurus-search-local/tree/HEAD/packages/docusaurus-search-local) | `0.33.6` | `0.44.0` | Updates `next` from 14.1.0 to 14.1.1 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v14.1.0...v14.1.1) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `got` from 9.6.0 to 12.6.1 - [Release notes](https://github.com/sindresorhus/got/releases) - [Commits](sindresorhus/got@v9.6.0...v12.6.1) Updates `@docusaurus/core` from 2.3.1 to 3.4.0 - [Release notes](https://github.com/facebook/docusaurus/releases) - [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/docusaurus/commits/v3.4.0/packages/docusaurus) Updates `@docusaurus/preset-classic` from 2.3.1 to 3.4.0 - [Release notes](https://github.com/facebook/docusaurus/releases) - [Changelog](https://github.com/facebook/docusaurus/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/docusaurus/commits/v3.4.0/packages/docusaurus-preset-classic) Updates `@easyops-cn/docusaurus-search-local` from 0.33.6 to 0.44.0 - [Release notes](https://github.com/easyops-cn/docusaurus-search-local/releases) - [Commits](https://github.com/easyops-cn/docusaurus-search-local/commits/v0.44.0/packages/docusaurus-search-local) Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) Updates `follow-redirects` from 1.15.4 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.4...v1.15.6) Updates `webpack-dev-middleware` from 5.3.3 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) --- updated-dependencies: - dependency-name: next dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: got dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@docusaurus/core" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@docusaurus/preset-classic" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@easyops-cn/docusaurus-search-local" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
|
Superseded by #787. |
Bumps the npm_and_yarn group with 1 update in the / directory: next.
Bumps the npm_and_yarn group with 5 updates in the /docs directory:
3.0.2
3.0.3
9.6.0
12.6.1
2.3.1
3.4.0
2.3.1
3.4.0
0.33.6
0.44.0
Updates
next
from 14.1.0 to 14.1.1Commits
5f59ee5
v14.1.1f48b90b
even more7f789f4
more timeoutab71c4c
update timeout75f60d9
update trigger release workflow74b3f0f
Server Action tests (#62655)a6946b6
Backport metadata fixes (#62663)4002f4b
Fix draft mode invariant (#62121)7dbf6f8
fix: babel usage with next/image (#61835)3efc842
Fix next/server apit push alias for ESM pkg (#61721)Updates
braces
from 3.0.2 to 3.0.3Commits
74b2db2
3.0.388f1429
update eslint. lint, fix unit tests.415d660
Snyk js braces 6838727 (#40)190510f
fix tests, skip 1 test in test/braces.expand716eb9f
readme bumpa5851e5
Merge pull request #37 from coderaiser/fix/vulnerability2092bd1
feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
remove funding file665ab5d
update keepEscaping doc (#27)Updates
got
from 9.6.0 to 12.6.1Release notes
Sourced from got's releases.
... (truncated)
Commits
c405f54
12.6.167d5039
Fixget-stream
import statement (#2266)469a455
Meta tweaks8f77e8d
Fix readme "axios bugs" urls (#2253)af928f6
Fix type error on build (#2251)702ed35
Meta tweakse4460f7
Add failing tests for #2170 (#2171)13a68d3
12.6.088c88fb
Update dependencies0ca0b7f
Do not enforce newest URI rules on URLs (#2200)Updates
@docusaurus/core
from 2.3.1 to 3.4.0Release notes
Sourced from
@docusaurus/core
's releases.... (truncated)
Changelog
Sourced from
@docusaurus/core
's changelog.... (truncated)
Commits
49e9a21
v3.4.017f3e02
feat(core): hash router option - browse site offline (experimental) (#9859)b73ad1e
fix(core): fix serve workaround regexp (#10145)87f0023
fix(core): fixdocusaurus serve
broken for assets when using trailingSlash ...ff5039f
fix(core):configurePostCss()
should run afterconfigureWebpack()
(#10132)29b7a4d
fix(core): codegen should generate unique route prop filenames (#10131)394ce84
fix(core): the broken anchor checker should not be sensitive pathname trailin...02e38d8
refactor: fix i18n bug in node v22 (#10129)620e463
feat(core): site storage config options (experimental) (#10121)c125f7a
chore: release Docusaurus 3.3.0 + 3.3.1 + 3.3.2 (#10101)Updates
@docusaurus/preset-classic
from 2.3.1 to 3.4.0Release notes
Sourced from
@docusaurus/preset-classic
's releases.... (truncated)
Changelog
Sourced from
@docusaurus/preset-classic
's changelog.... (truncated)
Commits
49e9a21
v3.4.0c125f7a
chore: release Docusaurus 3.3.0 + 3.3.1 + 3.3.2 (#10101)ca33858
fix: handle React v18.3 warnings (#10079)f88da6c
refactor: extract base TS client config + upgrade TS + refactor TS setup (#10...e012e03
chore: release Docusaurus 3.2.1 (#10016)debfc87
chore: release Docusaurus v3.2.0 (#10000)85e5e55
chore: release Docusaurus 3.0.0 (#9478)495c793
chore: v3.0.0-rc.1 release (#9453)7ee2f75
chore: v3.0.0-rc.0 release (#9418)bde9cfd
chore: update node engine version 18 (#9348)Updates
@easyops-cn/docusaurus-search-local
from 0.33.6 to 0.44.0Release notes
Sourced from
@easyops-cn/docusaurus-search-local
's releases.... (truncated)
Commits
Updates
express
from 4.18.2 to 4.19.2Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
Commits
04bc627
4.19.2da4d763
Improved fix for open redirect allow list bypass4f0f6cc
4.19.1a003cfa
Allow passing non-strings to res.location with new encoding handling checks f...a1fa90f
fixed un-edited version in history.md for 4.19.011f2b1d
build: fix build due to inconsistent supertest behavior in older versions084e365
4.19.00867302
Prevent open redirect allow list bypass due to encodeurl567c9c6
Add note on how to update docs for new release (#5541)69a4cf2
deps: [email protected]Maintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Updates
follow-redirects
from 1.15.4 to 1.15.6Commits
35a517c
Release version 1.15.6 of the npm package.c4f847f
Drop Proxy-Authorization across hosts.8526b4a
Use GitHub for disclosure.b1677ce
Release version 1.15.5 of the npm package.d8914f7
Preserve fragment in responseUrl.Updates
webpack-dev-middleware
from 5.3.3 to 5.3.4Release notes
Sourced from webpack-dev-middleware's releases.
Changelog
Sourced from webpack-dev-middleware's changelog.
Commits
86071ea
chore(release): 5.3.4189c4ac
fix(security): do not allow to read files above (#1779)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.