Skip to content

Bump the npm_and_yarn group across 1 directories with 5 updates#11

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/npm_and_yarn-security-group-6f170e12fa
Closed

Bump the npm_and_yarn group across 1 directories with 5 updates#11
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/npm_and_yarn-security-group-6f170e12fa

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Feb 21, 2024

Bumps the npm_and_yarn group with 5 updates in the /. directory:

Package From To
axios 1.6.0 1.6.1
zod 3.22.3 3.22.4
postcss 8.4.24 8.4.31
follow-redirects 1.15.2 1.15.5
word-wrap 1.2.3 1.2.5

Updates axios from 1.6.0 to 1.6.1

Release notes

Sourced from axios's releases.

Release v1.6.1

Release notes:

Bug Fixes

  • formdata: fixed content-type header normalization for non-standard browser environments; (#6056) (dd465ab)
  • platform: fixed emulated browser detection in node.js environment; (#6055) (3dc8369)

Contributors to this release

Changelog

Sourced from axios's changelog.

1.6.1 (2023-11-08)

Bug Fixes

  • formdata: fixed content-type header normalization for non-standard browser environments; (#6056) (dd465ab)
  • platform: fixed emulated browser detection in node.js environment; (#6055) (3dc8369)

Contributors to this release

PRs

  • feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )

📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.
Commits
  • f6d2cf9 chore(ci): fix publish action content permission; (#6061)
  • a22f4b9 chore(release): v1.6.1 (#6060)
  • cb8bb2b chore(ci): Publish to NPM with provenance (#5835)
  • 37cbf92 chore(ci): added labeling and notification for published PRs; (#6059)
  • dd465ab fix(formdata): fixed content-type header normalization for non-standard brows...
  • 3dc8369 fix(platform): fixed emulated browser detection in node.js environment; (#6055)
  • See full diff in compare view

Updates zod from 3.22.3 to 3.22.4

Release notes

Sourced from zod's releases.

v3.22.4

Commits:

  • d931ea3f0f15a6ae64f5f68e3c03912dffb2269d Lint
  • 8e634bd600093b7161487bed705279c892395118 Fix prettier
  • 4018d88f0e94992b2987428c4fda387b99ae2a53 docs: add @​sanity-typed/zod to ecosystem (#2731)
  • 15ba5a4d4cb5be5af23771de0ba1346b4ba20a0e docs: add zod-sandbox to README ecosystem links (#2707)
  • 699ccae13b875d4fcadac268fd789c93b6ce8aef Export jsdoc with @deprecated when building (#2717)
  • dfe3719eae250ab3eca2d276da6c292867899cc6 Fix sanity-typed links (#2840)
  • cd7991e04a550868bfcb5b5d46e5eb5bc7edf5f3 fix ulid regex (#2225)
  • 7cb4ba2f85dd6b28290dda5de80ed54dfd2a793c Remove stalebot
  • 9340fd51e48576a75adc919bff65dbc4a5d4c99b Lazy emojiRegex
  • e7a9b9b3033991be6b4225f1be21da39c250bbb0 3.22.4
Commits

Updates postcss from 8.4.24 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

8.4.30

8.4.29

8.4.28

  • Fixed Root.source.end for better source map (by @​romainmenke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

Changelog

Sourced from postcss's changelog.

8.4.31

8.4.30

  • Improved source map performance (by Romain Menke).

8.4.29

  • Fixed Node#source.offset (by Ido Rosenthal).
  • Fixed docs (by Christian Oliff).

8.4.28

  • Fixed Root.source.end for better source map (by Romain Menke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

Commits

Updates follow-redirects from 1.15.2 to 1.15.5

Commits
  • b1677ce Release version 1.15.5 of the npm package.
  • d8914f7 Preserve fragment in responseUrl.
  • 6585820 Release version 1.15.4 of the npm package.
  • 7a6567e Disallow bracketed hostnames.
  • 05629af Prefer native URL instead of deprecated url.parse.
  • 1cba8e8 Prefer native URL instead of legacy url.resolve.
  • 72bc2a4 Simplify _processResponse error handling.
  • 3d42aec Add bracket tests.
  • bcbb096 Do not directly set Error properties.
  • 192dbe7 Release version 1.15.3 of the npm package.
  • Additional commits viewable in compare view

Updates word-wrap from 1.2.3 to 1.2.5

Release notes

Sourced from word-wrap's releases.

1.2.5

Changes:

Reverts default value for options.indent to two spaces ' '.

Full Changelog: jonschlinkert/word-wrap@1.2.4...1.2.5

1.2.4

What's Changed

New Contributors

Full Changelog: jonschlinkert/word-wrap@1.2.3...1.2.4

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group across 1 directories with 5 updates
aa6cafd 
Bumps the npm_and_yarn group with 5 updates in the /. directory:

| Package | From | To |
| --- | --- | --- |
| [axios](https://github.com/axios/axios) | `1.6.0` | `1.6.1` |
| [zod](https://github.com/colinhacks/zod) | `3.22.3` | `3.22.4` |
| [postcss](https://github.com/postcss/postcss) | `8.4.24` | `8.4.31` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.2` | `1.15.5` |
| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |


Updates `axios` from 1.6.0 to 1.6.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.6.0...v1.6.1)

Updates `zod` from 3.22.3 to 3.22.4
- [Release notes](https://github.com/colinhacks/zod/releases)
- [Changelog](https://github.com/colinhacks/zod/blob/master/CHANGELOG.md)
- [Commits](colinhacks/zod@v3.22.3...v3.22.4)

Updates `postcss` from 8.4.24 to 8.4.31
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.4.24...8.4.31)

Updates `follow-redirects` from 1.15.2 to 1.15.5
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.5)

Updates `word-wrap` from 1.2.3 to 1.2.5
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: zod
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: postcss
  dependency-type: direct:development
  dependency-group: npm_and_yarn-security-group
- dependency-name: follow-redirects
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: word-wrap
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 21, 2024
@dependabot dependabot bot mentioned this pull request Feb 21, 2024
Closed
@netlify
Copy link

netlify bot commented Feb 21, 2024
edited
Loading

Deploy Preview for shiny-fudge-810ab4 failed.

Name Link
🔨 Latest commit aa6cafd
🔍 Latest deploy log https://app.netlify.com/sites/shiny-fudge-810ab4/deploys/65d67ba97907d80008a2a5d6

@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Mar 7, 2024

Superseded by #12.

@dependabot dependabot bot closed this Mar 7, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-security-group-6f170e12fa branch March 7, 2024 18:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants