Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump the npm_and_yarn group across 1 directory with 6 updates #2

Open
wants to merge 1 commit into
base: latest
Choose a base branch
from
Open

build(deps): bump the npm_and_yarn group across 1 directory with 6 updates #2

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jun 7, 2024

Bumps the npm_and_yarn group with 6 updates in the / directory:

Package From To
node-fetch 1.7.3 2.6.7
redis 2.8.0 3.1.1
tiny-json-http 5.3.2 7.5.1
slack 8.4.2 11.0.2
yargs-parser 4.2.1 21.1.1
yargs 6.6.0 17.7.2

Updates node-fetch from 1.7.3 to 2.6.7

Release notes

Sourced from node-fetch's releases.

v2.6.7

Security patch release

Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred

What's Changed

Full Changelog: node-fetch/node-fetch@v2.6.6...v2.6.7

v2.6.6

What's Changed

Full Changelog: node-fetch/node-fetch@v2.6.5...v2.6.6

v2.6.2

fixed main path in package.json

v2.6.1

This is an important security release. It is strongly recommended to update as soon as possible.

See CHANGELOG for details.

v2.6.0

See CHANGELOG.

v2.5.0

See CHANGELOG.

v2.4.1

See CHANGELOG.

v2.4.0

See CHANGELOG.

v2.3.0

See CHANGELOG.

v2.2.1

See CHANGELOG.

Version 2.1.2

  • Fix: allow Body methods to work on ArrayBuffer-backed Body` objects
  • Fix: reject promise returned by Body methods when the accumulated Buffer exceeds the maximum size
  • Fix: support custom Host headers with any casing
  • Fix: support importing fetch() from TypeScript in browser.js
  • Fix: handle the redirect response body properly

... (truncated)

Commits
  • 1ef4b56 backport of #1449 (#1453)
  • 8fe5c4e 2.x: Specify encoding as an optional peer dependency in package.json (#1310)
  • f56b0c6 fix(URL): prefer built in URL version when available and fallback to whatwg (...
  • b5417ae fix: import whatwg-url in a way compatible with ESM Node (#1303)
  • 18193c5 fix v2.6.3 that did not sending query params (#1301)
  • ace7536 fix: properly encode url with unicode characters (#1291)
  • 152214c Fix(package.json): Corrected main file path in package.json (#1274)
  • b5e2e41 update version number
  • 2358a6c Honor the size option after following a redirect and revert data uri support
  • 8c197f8 docs: Fix typos and grammatical errors in README.md (#686)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by endless, a new releaser for node-fetch since your current version.


Updates redis from 2.8.0 to 3.1.1

Changelog

Sourced from redis's changelog.

v3.1.1

Enhancements

  • Upgrade node and dependencies

Fixes

  • Fix a potential exponential regex in monitor mode

v3.1.0 - 31 Mar, 2021

Enhancements

  • Upgrade node and dependencies and redis-commands to support Redis 6
  • Add support for Redis 6 auth pass [user]

v3.0.0 - 09 Feb, 2020

This version is mainly a release to distribute all the unreleased changes on master since 2017 and additionally removes a lot of old deprecated features and old internals in preparation for an upcoming modernization refactor (v4).

Breaking Changes

  • Dropped support for Node.js < 6
  • Dropped support for hiredis (no longer required)
  • Removed previously deprecated drain event
  • Removed previously deprecated idle event
  • Removed previously deprecated parser option
  • Removed previously deprecated max_delay option
  • Removed previously deprecated max_attempts option
  • Removed previously deprecated socket_no_delay option

Bug Fixes

  • Removed development files from published package (#1370)
  • Duplicate function now allows db param to be passed (#1311)

Features

  • Upgraded to latest redis-commands package
  • Upgraded to latest redis-parser package, v3.0.0, which brings performance improvements
  • Replaced double-ended-queue with denque, which brings performance improvements
  • Add timestamps to debug traces
  • Add socket_initial_delay option for socket.setKeepAlive (#1396)
  • Add support for rediss protocol in url (#1282)
Commits
Maintainer changes

This version was pushed to npm by leibale, a new releaser for redis since your current version.


Updates tiny-json-http from 5.3.2 to 7.5.1

Commits
  • 1cbfddb 7.5.1
  • e148ac0 Fix user-agent + content-type header detection on reads
  • e17ae00 7.5.0
  • 41f3ecf Fix possible transient test assertions from console logging raw results from ...
  • be31744 Maybe hopefully fix broken tests on slower Windows VMs, harden it up a bit al...
  • d0455c2 Add back platforms, cross fingers
  • 9c4f137 Use esbuild instead of browserify for bundling
  • ac9a1d6 Update deps
  • 0c60009 Update CI
  • b4827dc Tests for redirects, asserting location headers.
  • Additional commits viewable in compare view

Updates slack from 8.4.2 to 11.0.2

Commits

Updates yargs-parser from 4.2.1 to 21.1.1

Release notes

Sourced from yargs-parser's releases.

yargs-parser: v21.1.1

21.1.1 (2022-08-04)

Bug Fixes

  • typescript: ignore .cts files during publish (#454) (d69f9c3), closes #452

yargs-parser: v21.1.0

21.1.0 (2022-08-03)

Features

  • allow the browser build to be imported (#443) (a89259f)

Bug Fixes

  • halt-at-non-option: prevent known args from being parsed when "unknown-options-as-args" is enabled (#438) (c474bc1)
  • node version check now uses process.versions.node (#450) (d07bcdb)
  • parse options ending with 3+ hyphens (#434) (4f1060b)

yargs-parser: v21.0.1

21.0.1 (2022-02-27)

Bug Fixes

yargs-parser yargs-parser-v21.0.0

⚠ BREAKING CHANGES

  • drops support for 10 (#421)

Bug Fixes

Code Refactoring

yargs-parser yargs-parser-v20.2.9

... (truncated)

Changelog

Sourced from yargs-parser's changelog.

21.1.1 (2022-08-04)

Bug Fixes

  • typescript: ignore .cts files during publish (#454) (d69f9c3), closes #452

21.1.0 (2022-08-03)

Features

  • allow the browser build to be imported (#443) (a89259f)

Bug Fixes

  • halt-at-non-option: prevent known args from being parsed when "unknown-options-as-args" is enabled (#438) (c474bc1)
  • node version check now uses process.versions.node (#450) (d07bcdb)
  • parse options ending with 3+ hyphens (#434) (4f1060b)

21.0.1 (2022-02-27)

Bug Fixes

21.0.0 (2021-11-15)

⚠ BREAKING CHANGES

  • drops support for 10 (#421)

Bug Fixes

Code Refactoring

20.2.9 (2021-06-20)

Bug Fixes

... (truncated)

Commits
  • 3aba24c chore(main): release yargs-parser 21.1.1 (#455)
  • d69f9c3 fix(typescript): ignore .cts files during publish (#454)
  • 90067a0 chore(main): release yargs-parser 21.1.0 (#446)
  • d07bcdb fix: node version check now uses process.versions.node (#450)
  • c0c6079 chore(deps): update dependency puppeteer to v16 (#451)
  • a89259f feat: allow the browser build to be imported (#443)
  • c474bc1 fix(halt-at-non-option): prevent known args from being parsed when "unknown-o...
  • fd30238 chore(deps): update dependency serve to v14 (#449)
  • a072f9a chore(deps): update dependency puppeteer to v15 (#444)
  • 4f1060b fix: parse options ending with 3+ hyphens (#434)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for yargs-parser since your current version.


Updates yargs from 6.6.0 to 17.7.2

Release notes

Sourced from yargs's releases.

yargs yargs-v16.2.1

Bug Fixes

yargs yargs-v7.1.2

Bug Fixes

Changelog

Sourced from yargs's changelog.

17.7.2 (2023-04-27)

Bug Fixes

  • do not crash completion when having negated options (#2322) (7f42848)

17.7.1 (2023-02-21)

Bug Fixes

  • address display bug with default sub-commands (#2303) (9aa2490)

17.7.0 (2023-02-13)

Features

  • add method to hide option extras (#2156) (2c144c4)
  • convert line break to whitespace for the description of the option (#2271) (4cb41dc)

Bug Fixes

  • copy the description of the option to its alias in completion (#2269) (f37ee6f)

17.6.2 (2022-11-03)

Bug Fixes

  • deps: update dependency yargs-parser to v21.1.1 (#2231) (75b4d52)
  • lang: typo in Finnish unknown argument singular form (#2222) (a6dfd0a)

17.6.1 (2022-11-02)

Bug Fixes

  • lang: fix "Not enough non-option arguments" message for the Czech language (#2242) (3987b13)

17.6.0 (2022-10-01)

Features

... (truncated)

Commits
  • 3566b84 chore(main): release 17.7.2 (#2323)
  • 7f42848 fix: do not crash completion when having negated options (#2322)
  • 2b6ba31 chore(main): release 17.7.1 (#2304)
  • 9aa2490 fix: address display bug with default sub-commands (#2303)
  • 663c1b6 chore(main): release 17.7.0 (#2285)
  • 4cb41dc feat: convert line break to whitespace for the description of the option (#2271)
  • 7dc1086 test: mock additional hasColors method introduced in Node 16 (#2297)
  • f37ee6f fix: copy the description of the option to its alias in completion (#2269)
  • 1fd530a chore: add en strings for unknown command (#2262)
  • 2c144c4 feat: add method to hide option extras (#2156)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by oss-bot, a new releaser for yargs since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump the npm_and_yarn group across 1 directory with 6 up…
c89c399 
…dates

Bumps the npm_and_yarn group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [node-fetch](https://github.com/node-fetch/node-fetch) | `1.7.3` | `2.6.7` |
| [redis](https://github.com/redis/node-redis) | `2.8.0` | `3.1.1` |
| [tiny-json-http](https://github.com/brianleroux/tiny-json-http) | `5.3.2` | `7.5.1` |
| [slack](https://github.com/smallwins/slack) | `8.4.2` | `11.0.2` |
| [yargs-parser](https://github.com/yargs/yargs-parser) | `4.2.1` | `21.1.1` |
| [yargs](https://github.com/yargs/yargs) | `6.6.0` | `17.7.2` |



Updates `node-fetch` from 1.7.3 to 2.6.7
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](node-fetch/node-fetch@1.7.3...v2.6.7)

Updates `redis` from 2.8.0 to 3.1.1
- [Release notes](https://github.com/redis/node-redis/releases)
- [Changelog](https://github.com/redis/node-redis/blob/master/CHANGELOG.md)
- [Commits](redis/node-redis@v.2.8.0...v3.1.1)

Updates `tiny-json-http` from 5.3.2 to 7.5.1
- [Commits](brianleroux/tiny-json-http@v5.3.2...v7.5.1)

Updates `slack` from 8.4.2 to 11.0.2
- [Commits](https://github.com/smallwins/slack/commits)

Updates `yargs-parser` from 4.2.1 to 21.1.1
- [Release notes](https://github.com/yargs/yargs-parser/releases)
- [Changelog](https://github.com/yargs/yargs-parser/blob/main/CHANGELOG.md)
- [Commits](yargs/yargs-parser@v4.2.1...yargs-parser-v21.1.1)

Updates `yargs` from 6.6.0 to 17.7.2
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/main/CHANGELOG.md)
- [Commits](yargs/yargs@v6.6.0...v17.7.2)

---
updated-dependencies:
- dependency-name: node-fetch
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: redis
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: tiny-json-http
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: slack
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: yargs-parser
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: yargs
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jun 7, 2024
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-6f06b55c14 branch from dc14fc2 to c89c399 Compare June 7, 2024 14:49
@dependabot dependabot bot mentioned this pull request Jun 7, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants