This repository was archived by the owner on Sep 17, 2025. It is now read-only.
Bump the npm_and_yarn group across 1 directory with 31 updates#837
Open
dependabot[bot] wants to merge 1 commit into
Open
Bump the npm_and_yarn group across 1 directory with 31 updates#837dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
Bumps the npm_and_yarn group with 26 updates in the /ui directory: | Package | From | To | | --- | --- | --- | | [node-sass](https://github.com/sass/node-sass) | `4.14.1` | `7.0.0` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.14.7` | `7.24.7` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `4.1.1` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `4.1.1` | | [async](https://github.com/caolan/async) | `2.6.3` | `2.6.4` | | [json5](https://github.com/json5/json5) | `2.2.0` | `2.2.3` | | [json5](https://github.com/json5/json5) | `1.0.1` | `2.2.3` | | [extract-loader](https://github.com/peerigon/extract-loader) | `3.2.0` | `3.2.0` | | [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.5.3` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.3` | | [cross-fetch](https://github.com/lquixada/cross-fetch) | `2.2.3` | `2.2.6` | | [postcss](https://github.com/postcss/postcss) | `6.0.23` | `8.4.38` | | [autoprefixer](https://github.com/postcss/autoprefixer) | `9.8.6` | `10.4.19` | | [css-loader](https://github.com/webpack-contrib/css-loader) | `1.0.1` | `7.1.2` | | [postcss-loader](https://github.com/webpack-contrib/postcss-loader) | `3.0.0` | `8.1.1` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [eventsource](https://github.com/EventSource/eventsource) | `1.1.0` | `1.1.2` | | [express](https://github.com/expressjs/express) | `4.17.1` | `4.19.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.1` | `1.15.6` | | [jsdom](https://github.com/jsdom/jsdom) | `11.12.0` | `removed` | | [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `24.9.0` | `29.7.0` | | [json-schema](https://github.com/kriszyp/json-schema) | `0.2.3` | `0.4.0` | | [jsprim](https://github.com/joyent/node-jsprim) | `1.4.1` | `1.4.2` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `1.4.2` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` | | [node-forge](https://github.com/digitalbazaar/forge) | `0.10.0` | `1.3.1` | | [webpack-dev-server](https://github.com/webpack/webpack-dev-server) | `3.11.2` | `5.0.4` | | [tough-cookie](https://github.com/salesforce/tough-cookie) | `2.5.0` | `removed` | | [node-sass](https://github.com/sass/node-sass) | `7.0.0` | `9.0.0` | Updates `node-sass` from 4.14.1 to 7.0.0 - [Release notes](https://github.com/sass/node-sass/releases) - [Changelog](https://github.com/sass/node-sass/blob/master/CHANGELOG.md) - [Commits](sass/node-sass@v4.14.1...v7.0.0) Updates `@babel/traverse` from 7.14.7 to 7.24.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.7/packages/babel-traverse) Updates `ansi-regex` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v4.1.0...v4.1.1) Updates `ansi-regex` from 3.0.0 to 4.1.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v4.1.0...v4.1.1) Updates `async` from 2.6.3 to 2.6.4 - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) Updates `json5` from 2.2.0 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.0...v2.2.3) Updates `json5` from 1.0.1 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.0...v2.2.3) Updates `extract-loader` from 3.2.0 to 3.2.0 - [Release notes](https://github.com/peerigon/extract-loader/releases) - [Changelog](https://github.com/peerigon/extract-loader/blob/master/CHANGELOG.md) - [Commits](peerigon/extract-loader@v3.2.0...v3.2.0) Updates `semver` from 5.3.0 to 5.7.1 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v5.3.0...v5.7.1) Updates `qs` from 6.5.2 to 6.5.3 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.2...v6.5.3) Updates `browserify-sign` from 4.2.1 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.2.1...v4.2.3) Updates `cross-fetch` from 2.2.3 to 2.2.6 - [Release notes](https://github.com/lquixada/cross-fetch/releases) - [Changelog](https://github.com/lquixada/cross-fetch/blob/v4.x/CHANGELOG.md) - [Commits](lquixada/cross-fetch@v2.2.3...v2.2.6) Updates `postcss` from 6.0.23 to 8.4.38 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@6.0.23...8.4.38) Updates `autoprefixer` from 9.8.6 to 10.4.19 - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](postcss/autoprefixer@9.8.6...10.4.19) Updates `css-loader` from 1.0.1 to 7.1.2 - [Release notes](https://github.com/webpack-contrib/css-loader/releases) - [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md) - [Commits](webpack/css-loader@v1.0.1...v7.1.2) Updates `postcss-loader` from 3.0.0 to 8.1.1 - [Release notes](https://github.com/webpack-contrib/postcss-loader/releases) - [Changelog](https://github.com/webpack-contrib/postcss-loader/blob/master/CHANGELOG.md) - [Commits](webpack/postcss-loader@v3.0.0...v8.1.1) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `eventsource` from 1.1.0 to 1.1.2 - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.1.0...v1.1.2) Updates `express` from 4.17.1 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.1...4.19.2) Updates `follow-redirects` from 1.14.1 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.1...v1.15.6) Removes `jsdom` Updates `jest` from 24.9.0 to 29.7.0 - [Release notes](https://github.com/jestjs/jest/releases) - [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jestjs/jest/commits/v29.7.0/packages/jest) Updates `json-schema` from 0.2.3 to 0.4.0 - [Commits](kriszyp/json-schema@v0.2.3...v0.4.0) Updates `jsprim` from 1.4.1 to 1.4.2 - [Changelog](https://github.com/TritonDataCenter/node-jsprim/blob/v1.4.2/CHANGES.md) - [Commits](TritonDataCenter/node-jsprim@v1.4.1...v1.4.2) Updates `loader-utils` from 1.4.0 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.4.0...v1.4.2) Updates `minimist` from 1.2.5 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.8) Updates `node-fetch` from 2.1.2 to 2.7.0 - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@v2.1.2...v2.7.0) Updates `node-forge` from 0.10.0 to 1.3.1 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@0.10.0...v1.3.1) Updates `webpack-dev-server` from 3.11.2 to 5.0.4 - [Release notes](https://github.com/webpack/webpack-dev-server/releases) - [Changelog](https://github.com/webpack/webpack-dev-server/blob/master/CHANGELOG.md) - [Commits](webpack/webpack-dev-server@v3.11.2...v5.0.4) Updates `tar` from 2.2.2 to 6.2.1 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v2.2.2...v6.2.1) Removes `tough-cookie` Updates `node-sass` from 7.0.0 to 9.0.0 - [Release notes](https://github.com/sass/node-sass/releases) - [Changelog](https://github.com/sass/node-sass/blob/master/CHANGELOG.md) - [Commits](sass/node-sass@v4.14.1...v7.0.0) Updates `webpack-dev-middleware` from 3.7.3 to 7.2.1 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/master/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v3.7.3...v7.2.1) Updates `ws` from 5.2.3 to 8.17.1 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@5.2.3...8.17.1) --- updated-dependencies: - dependency-name: node-sass dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ansi-regex dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ansi-regex dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: async dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: extract-loader dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cross-fetch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: autoprefixer dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: css-loader dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: postcss-loader dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: eventsource dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jsdom dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jest dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: json-schema dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jsprim dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-fetch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-forge dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-server dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: tar dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-sass dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
This was referenced Jun 18, 2024
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 26 updates in the /ui directory:
4.14.17.0.07.14.77.24.74.1.04.1.13.0.04.1.12.6.32.6.42.2.02.2.31.0.12.2.33.2.03.2.06.5.26.5.34.2.14.2.32.2.32.2.66.0.238.4.389.8.610.4.191.0.17.1.23.0.08.1.10.2.00.2.21.1.01.1.24.17.14.19.21.14.11.15.611.12.0removed24.9.029.7.00.2.30.4.01.4.11.4.21.4.01.4.21.2.51.2.80.10.01.3.13.11.25.0.42.5.0removed7.0.09.0.0Updates
node-sassfrom 4.14.1 to 7.0.0Release notes
Sourced from node-sass's releases.
... (truncated)
Commits
918dcb3Lint fix0a21792Set rejectUnauthorized to true by default (#3149)e80d4afchore: Drop EOL Node 15 (#3122)d753397feat: Add Node 17 support (#3195)dcf2e75build(deps-dev): bump eslint from 7.32.0 to 8.0.0bfa1a3cbuild(deps): bump actions/setup-node from 2.4.0 to 2.4.180d6c00chore: Windows x86 on GitHub Actions (#3041)566dc27build(deps-dev): bump fs-extra from 0.30.0 to 10.0.0 (#3102)7bb5157build(deps): bump npmlog from 4.1.2 to 5.0.0 (#3156)2efb38fbuild(deps): bump chalk from 1.1.3 to 4.1.2 (#3161)Updates
@babel/traversefrom 7.14.7 to 7.24.7Release notes
Sourced from
@babel/traverse's releases.... (truncated)
Changelog
Sourced from
@babel/traverse's changelog.... (truncated)
Commits
bf1e9a3v7.24.74463aa5fix: incorrectconstantViolationswith destructuring (#16522)07bd000ImprovegetBindingIdentifiers(#16544)17a5502[Babel 8] Removeextra.shorthand(#16521)7934963Usetype: modulein allpackage.jsons (#16535)9630250v7.24.61f010dfExplicitly defineNodePath.prototype.*(#16488)6e3539b[babel 8] Publish.d.tsfiles for every package (#16416)e37e64dUse eslint v9 (#16479)3ff20b9Statically generate boilerplate for bitfield accessors (#16482)Updates
ansi-regexfrom 4.1.0 to 4.1.1Commits
64735d2v4.1.175a657dFix potential ReDoS (#37)Updates
ansi-regexfrom 3.0.0 to 4.1.1Commits
64735d2v4.1.175a657dFix potential ReDoS (#37)Updates
asyncfrom 2.6.3 to 2.6.4Changelog
Sourced from async's changelog.
Commits
c6bdacaVersion 2.6.48870da9Update built files4df6754update changelog8f7f903Fix prototype pollution vulnerability (#1828)Maintainer changes
This version was pushed to npm by hargasinski, a new releaser for async since your current version.
Updates
json5from 2.2.0 to 2.2.3Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
Commits
c3a75242.2.394fd06ddocs: update CHANGELOG for v2.2.33b8cebfdocs(security): use GitHub security advisoriesf0fd9e1docs: publish a security policy6a91a05docs(template): bug -> bug report14f8cb12.2.210cc7cadocs: update CHANGELOG for v2.2.27774c10fix: add proto to objects and arraysedde30aReadme: slight tweak to intro97286f8Improve example in readmeUpdates
json5from 1.0.1 to 2.2.3Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
Commits
c3a75242.2.394fd06ddocs: update CHANGELOG for v2.2.33b8cebfdocs(security): use GitHub security advisoriesf0fd9e1docs: publish a security policy6a91a05docs(template): bug -> bug report14f8cb12.2.210cc7cadocs: update CHANGELOG for v2.2.27774c10fix: add proto to objects and arraysedde30aReadme: slight tweak to intro97286f8Improve example in readmeUpdates
extract-loaderfrom 3.2.0 to 3.2.0Changelog
Sourced from extract-loader's changelog.
Commits
Updates
semverfrom 5.3.0 to 5.7.1Changelog
Sourced from semver's changelog.
... (truncated)
Commits
c83c18c5.7.1956e228Correct typo in README8055dda5.7.0604e73dauto-publishing scriptsbed01e2remove the nomin comments, since we don't minify any more anyway9cb68f1document parse method38d42ca5.7 changelogda8a771Fix code style and get to 100% coverage4d8306bdrop windows testing1af213fnext-gen tap for testingUpdates
qsfrom 6.5.2 to 6.5.3Changelog
Sourced from qs's changelog.
Commits
298bfa5v6.5.3ed0f5dc[Fix]parse: ignore__proto__keys (#428)691e739[Robustness]stringify: avoid relying on a globalundefined(#427)1072d57[readme] remove travis badge; add github actions/codecov badges; update URLs12ac1c4[meta] fix README.md (#399)0338716[actions] backport actions from main5639c20Clean up license text so it’s properly detected as BSD-3-Clause51b8a0badd FUNDING.yml45f6759[Fix] fix for an impossible situation: when the formatter is called with a no...f814a7f[Dev Deps] backport from mainUpdates
browserify-signfrom 4.2.1 to 4.2.3Changelog
Sourced from browserify-sign's changelog.
Commits
bf2c3ecv4.2.39247adf[patch] widen support to 0.12f427270[Deps] update `parse-asn187f3a35[Dev Deps] updateaud,npmignore,tapefb261ce[Deps] updateelliptic4d0ee49[patch] drop minimum node support to v19e2bf12[Deps] pinhash-baseto ~3.0, due to a breaking change168e16f[Deps] pinellipticdue to a breaking change37a4758[actions] remove redundant finisher4af5a90v4.2.2Maintainer changes
This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.
Updates
cross-fetchfrom 2.2.3 to 2.2.6Commits
bfe5fe22.2.61a89b66added caret range to whatwg-fetch.695a888removed and disabled package-lock.json.eac6c00Update away from vulnerable version of node-fetch (#135)3abdc672.2.5982e107Locked node-fetch version.08204072.2.419fec4eFixed vulnerability CVE-2020-15168 by upgrading node-fetch to 2.6.1.Updates
postcssfrom 6.0.23 to 8.4.38Release notes
Sourced from postcss's releases.
... (truncated)
Changelog
Sourced from postcss's changelog.
... (truncated)
Commits
a69d45eRelease 8.4.38 version64e35d9Update dependenciesc1ad8fbMerge pull request #1932 from romainmenke/fix-warning-end-index--inventive-nu...b45e7e9fix endIndex1bea246failing test: for endIndex 0 in rangeBy0fd1d86Add changelog auto release on Github49c906eRelease 8.4.37 version