Aometry icon indicating copy to clipboard operation
Aometry copied to clipboard
verified publisher icon CityLoopers

Bump the npm_and_yarn group in /src with 15 updates

Open dependabot[bot] opened this issue 1 year ago • 0 comments

Bumps the npm_and_yarn group in /src with 15 updates:

Package From To
moment 2.29.1 2.29.4
moment-timezone 0.5.34 0.5.35
mongoose 7.0.1 7.3.3
node-fetch 3.1.0 3.2.10
es5-ext 0.10.53 0.10.64
follow-redirects 1.14.4 1.15.6
got 11.8.2 11.8.6
http-cache-semantics 4.1.0 4.1.1
minimatch 3.0.4 3.0.8
mongodb 5.1.0 5.6.0
semver 5.7.1 5.7.2
simple-get 3.1.0 3.1.1
tar 6.1.11 6.2.1
tough-cookie 4.0.0 4.1.3
word-wrap 1.2.3 1.2.5

Updates moment from 2.29.1 to 2.29.4

Changelog

Sourced from moment's changelog.

2.29.4

  • Release Jul 6, 2022
    • #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex

2.29.3 Full changelog

  • Release Apr 17, 2022
    • #5995 [bugfix] Remove const usage
    • #5990 misc: fix advisory link

2.29.2 See full changelog

  • Release Apr 3 2022

Address https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4

Commits

Updates moment-timezone from 0.5.34 to 0.5.35

Release notes

Sourced from moment-timezone's releases.

Release 0.5.35

Thanks to the OpenSSF Alpha-Omega project for reporting these!

Changelog

Sourced from moment-timezone's changelog.

0.5.35 2022-08-23

Thanks to the OpenSSF Alpha-Omega project for reporting these!

Commits
  • b8fb1ba Build moment-timezone 0.5.35
  • f1b5e5a Add changelog for 0.5.35
  • 8b0eb0c Bump version to 0.5.35
  • 7915ac5 Bugfix: Prevent cleartext transmission of tz data during build
  • ce955a3 Bugfix: Fix command injection vulnerability in grunt tzdata pipeline
  • 9430b4c Merge remote-tracking branch 'origin/master' into develop
  • feaf900 Updated contributing.md + added 2021e files
  • 704cfac updated contributing.md
  • 877c863 Updated contributing.md + added 2021e files
  • 5a3015c updated contributing.md
  • Additional commits viewable in compare view

Updates mongoose from 7.0.1 to 7.3.3

Release notes

Sourced from mongoose's releases.

7.3.3 / 2023-07-10

  • fix: avoid prototype pollution on init
  • fix(document): clean up all array subdocument modified paths on save() #13589 #13582
  • types: avoid unnecessary MergeType<> if TOverrides not set, clean up statics and insertMany() type issues #13577 #13529

7.3.2 / 2023-07-06

  • fix(model): avoid TypeError if insertMany() fails with error that does not have writeErrors property #13579 #13531
  • fix(query): convert findOneAndUpdate to findOneAndReplace when overwrite set for backwards compat with Mongoose 6 #13572 #13550
  • fix(query): throw readable error when executing a Query instance without an associated model #13571 #13570
  • types: support mongoose.Schema.ObjectId as alias for mongoose.Schema.Types.ObjectId #13543 #13534
  • docs(connections): clarify that socketTimeoutMS now defaults to 0 #13576 #13537
  • docs(migrating_to_7): add mapReduce() removal to migration guide #13568 #13548
  • docs(schemas): fix typo in schemas.md #13540 Metehan-Altuntekin

7.3.1 / 2023-06-21

  • fix(query): respect query-level strict option on findOneAndReplace() #13516 #13507
  • docs(connections): expand docs on serverSelectionTimeoutMS #13533 #12967
  • docs: add example of accessing save options in pre save #13498
  • docs(connections+faq): add info on localhost vs 127.0.0.1
  • docs(SchemaType): validate members are validator & message (not msg) #13521 lorand-horvath

7.3.0 / 2023-06-14

  • feat: upgrade mongodb -> 5.6.0 #13455 lorand-horvath
  • feat(aggregate): add Aggregate.prototype.finally() to be consistent with Promise API for TypeScript #13509
  • feat(schema): support selecting subset of fields to apply optimistic concurrency to #13506 #10591
  • feat(model): add ordered option to Model.create() #13472 #4038
  • feat(schema): consistently add .get() function to all SchemaType classes
  • feat(populate): pass virtual to match function to allow merging match options #13477 #12443
  • types: allow overwriting Paths in select() to tell TypeScript which fields are projected #13478 #13224
  • types(schema): add validateModifiedOnly as schema option #13503 #10153
  • docs: add note about validateModifiedOnly as a schema option #13503 #10153
  • docs(migrating_to_7): update migrating_to_7.md to include Model.countDocuments #13508 Climax777
  • docs(further_reading): remove style for "img" hasezoey

7.2.4 / 2023-06-12

  • fix(query): handle non-string discriminator key values in query #13496 #13492

7.2.3 / 2023-06-09

  • fix(model): ignore falsy last argument to create() for backwards compatibility #13493 #13491 #13487 MohOraby
  • types: remove generic param that's causing issues for typegoose #13494 #13482
  • types(aggregate): allow object syntax for $mergeObjects #13470 #13060
  • docs(connection): clarify how Connection.prototype.destroy() is different from close() #13475
  • docs(populate): fix accidental removal of text #13480
  • docs: add additional notes for Atlas X.509 authentication #13452 alexbevi

... (truncated)

Changelog

Sourced from mongoose's changelog.

7.3.3 / 2023-07-10

  • fix: avoid prototype pollution on init
  • fix(document): clean up all array subdocument modified paths on save() #13589 #13582
  • types: avoid unnecessary MergeType<> if TOverrides not set, clean up statics and insertMany() type issues #13577 #13529

7.3.2 / 2023-07-06

  • fix(model): avoid TypeError if insertMany() fails with error that does not have writeErrors property #13579 #13531
  • fix(query): convert findOneAndUpdate to findOneAndReplace when overwrite set for backwards compat with Mongoose 6 #13572 #13550
  • fix(query): throw readable error when executing a Query instance without an associated model #13571 #13570
  • types: support mongoose.Schema.ObjectId as alias for mongoose.Schema.Types.ObjectId #13543 #13534
  • docs(connections): clarify that socketTimeoutMS now defaults to 0 #13576 #13537
  • docs(migrating_to_7): add mapReduce() removal to migration guide #13568 #13548
  • docs(schemas): fix typo in schemas.md #13540 Metehan-Altuntekin

7.3.1 / 2023-06-21

  • fix(query): respect query-level strict option on findOneAndReplace() #13516 #13507
  • docs(connections): expand docs on serverSelectionTimeoutMS #13533 #12967
  • docs: add example of accessing save options in pre save #13498
  • docs(connections+faq): add info on localhost vs 127.0.0.1
  • docs(SchemaType): validate members are validator & message (not msg) #13521 lorand-horvath

7.3.0 / 2023-06-14

  • feat: upgrade mongodb -> 5.6.0 #13455 lorand-horvath
  • feat(aggregate): add Aggregate.prototype.finally() to be consistent with Promise API for TypeScript #13509
  • feat(schema): support selecting subset of fields to apply optimistic concurrency to #13506 #10591
  • feat(model): add ordered option to Model.create() #13472 #4038
  • feat(schema): consistently add .get() function to all SchemaType classes
  • feat(populate): pass virtual to match function to allow merging match options #13477 #12443
  • types: allow overwriting Paths in select() to tell TypeScript which fields are projected #13478 #13224
  • types(schema): add validateModifiedOnly as schema option #13503 #10153
  • docs: add note about validateModifiedOnly as a schema option #13503 #10153
  • docs(migrating_to_7): update migrating_to_7.md to include Model.countDocuments #13508 Climax777
  • docs(further_reading): remove style for "img" hasezoey

7.2.4 / 2023-06-12

  • fix(query): handle non-string discriminator key values in query #13496 #13492

7.2.3 / 2023-06-09

  • fix(model): ignore falsy last argument to create() for backwards compatibility #13493 #13491 #13487 MohOraby
  • types: remove generic param that's causing issues for typegoose #13494 #13482
  • types(aggregate): allow object syntax for $mergeObjects #13470 #13060
  • docs(connection): clarify how Connection.prototype.destroy() is different from close() #13475
  • docs(populate): fix accidental removal of text #13480
  • docs: add additional notes for Atlas X.509 authentication #13452 alexbevi

... (truncated)

Commits

Updates node-fetch from 3.1.0 to 3.2.10

Release notes

Sourced from node-fetch's releases.

v3.2.10

3.2.10 (2022-07-31)

Bug Fixes

v3.2.9

3.2.9 (2022-07-18)

Bug Fixes

  • Headers: don't forward secure headers on protocol change (#1599) (e87b093)

v3.2.8

3.2.8 (2022-07-12)

Bug Fixes

v3.2.7

3.2.7 (2022-07-11)

Bug Fixes

v3.2.6

3.2.6 (2022-06-09)

Bug Fixes

  • undefined reference to response.body when aborted (#1578) (1c5ed6b)

v3.2.5

3.2.5 (2022-06-01)

Bug Fixes

v3.2.4

3.2.4 (2022-04-28)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by node-fetch-bot, a new releaser for node-fetch since your current version.


Updates es5-ext from 0.10.53 to 0.10.64

Release notes

Sourced from es5-ext's releases.

0.10.64 (2024-02-27)

Bug Fixes

  • Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

Comparison since last release

0.10.63 (2024-02-23)

Bug Fixes

  • Do not rely on problematic regex (3551cdd), addresses #201
  • Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021
  • Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

  • Simplify the manifest message (7855319)

Comparison since last release

0.10.62 (2022-08-02)

Maintenance Improvements

Comparison since last release

0.10.61 (2022-04-20)

Bug Fixes

  • Ensure postinstall script does not error (a0be4fd)

Maintenance Improvements

Comparison since last release

0.10.60 (2022-04-07)

Maintenance Improvements

  • Improve postinstall script configuration (ab6b121)

... (truncated)

Changelog

Sourced from es5-ext's changelog.

0.10.64 (2024-02-27)

Bug Fixes

  • Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

0.10.63 (2024-02-23)

Bug Fixes

  • Do not rely on problematic regex (3551cdd), addresses #201
  • Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021
  • Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

  • Simplify the manifest message (7855319)

0.10.62 (2022-08-02)

Maintenance Improvements

0.10.61 (2022-04-20)

Bug Fixes

  • Ensure postinstall script does not error (a0be4fd)

Maintenance Improvements

0.10.60 (2022-04-07)

Maintenance Improvements

  • Improve postinstall script configuration (ab6b121)

0.10.59 (2022-03-17)

Maintenance Improvements

0.10.58 (2022-03-11)

... (truncated)

Commits
  • f76b03d chore: Release v0.10.64
  • 2881acd chore: Bump dependencies
  • c2e2bb9 fix: Revert update meant to fix Powershell issue, as it's a regression
  • 16f2b72 docs: Fix date in the changelog
  • de4e03c chore: Release v0.10.63
  • 3fd53b7 chore: Upgrade lint-staged to v13
  • bf8ed79 chore: Ensure postinstall script does not crash on Windows
  • 2cbbb07 chore: Bump dependencies
  • 22d0416 chore: Bump LICENSE year
  • a52e957 fix: Support ES2015+ function definitions in function#toStringTokens()
  • Additional commits viewable in compare view

Updates follow-redirects from 1.14.4 to 1.15.6

Commits
  • 35a517c Release version 1.15.6 of the npm package.
  • c4f847f Drop Proxy-Authorization across hosts.
  • 8526b4a Use GitHub for disclosure.
  • b1677ce Release version 1.15.5 of the npm package.
  • d8914f7 Preserve fragment in responseUrl.
  • 6585820 Release version 1.15.4 of the npm package.
  • 7a6567e Disallow bracketed hostnames.
  • 05629af Prefer native URL instead of deprecated url.parse.
  • 1cba8e8 Prefer native URL instead of legacy url.resolve.
  • 72bc2a4 Simplify _processResponse error handling.
  • Additional commits viewable in compare view

Updates got from 11.8.2 to 11.8.6

Release notes

Sourced from got's releases.

v11.8.6

  • Destroy request object after successful response

https://github.com/sindresorhus/got/compare/v11.8.5...v11.8.6

v11.8.5

https://github.com/sindresorhus/got/compare/v11.8.4...v11.8.5

v11.8.3

  • Bump cacheable-request dependency (#1921) 9463bb6
  • Fix HTTPError missing .code property (#1739) 0e167b8

https://github.com/sindresorhus/got/compare/v11.8.2...v11.8.3

Commits

Updates http-cache-semantics from 4.1.0 to 4.1.1

Commits

Updates minimatch from 3.0.4 to 3.0.8

Commits

Updates mongodb from 5.1.0 to 5.6.0

Release notes

Sourced from mongodb's releases.

v5.6.0

The MongoDB Node.js team is pleased to announce version 5.6.0 of the mongodb package!

Release Highlights

Node 20 support

The MongoDB Node.js Driver now supports Node.js 20! 🎉

runCursorCommand API

We have added the Db#runCursorCommand method which can be used to execute generic cursor commands. This API complements the generic Db#command method.

TypeScript support for new time series options

The driver now has TypeScript support for the bucketMaxSpanSeconds and bucketRoundingSeconds options which will be available in MongoDB 7.0. You can read more about these options here.

Features

  • NODE-5019: add runCursorCommand API (#3655) (4da926e)
  • NODE-5071: support additional time series options (#3667) (ccf555d)

Bug Fixes

  • NODE-5249: remove strict flag from create collection options (#3677) (be8faaf)
  • NODE-5296: construct error messages for AggregateErrors in Node16+ (#3682) (e03178e)

Documentation

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v5.5.0

The MongoDB Node.js team is pleased to announce version 5.5.0 of the mongodb package!

Features

  • NODE-4720: Add log messages to CMAP spec (#3645) (b27f385)
  • NODE-5004: dont create or drop ecc collections (#3660) (2264fbb)

Bug Fixes

  • NODE-5260: AWS Lambda metadata detection logic is too permissive (#3663) (d74d3f9)

... (truncated)

Changelog

Sourced from mongodb's changelog.

5.6.0 (2023-06-01)

Features

Bug Fixes

  • NODE-5249: remove strict flag from create collection options (#3677) (be8faaf)
  • NODE-5296: construct error messages for AggregateErrors in Node16+ (#3682) (e03178e)

5.5.0 (2023-05-11)

Features

  • NODE-4720: Add log messages to CMAP spec (#3645) (b27f385)
  • NODE-5004: dont create or drop ecc collections (#3660) (2264fbb)

Bug Fixes

  • NODE-5260: AWS Lambda metadata detection logic is too permissive (#3663) (d74d3f9)

5.4.0 (2023-05-04)

Features

  • NODE-4814: implement remaining severity logging methods (#3629) (d7a8079)
  • NODE-4815: stringify and truncate BSON documents in log messages (#3635) (d6bd1d1)
  • NODE-4970: deprecate collStats collection helper (#3638) (325c4bc)
  • NODE-5166: bump max wire version for 7.0 (#3659) (561229b)
  • NODE-5191: OIDC Auth Updates (#3637) (c52a4ed)
  • NODE-5207: deprecate unsupported runCommand options and add spec tests (#3643) (d6d76b4)

Bug Fixes

  • NODE-5213: ChangeStream.tryNext() should return TChange type (#3649) (3b58ca1)

5.3.0 (2023-04-18)

Features

... (truncated)

Commits
  • f98f26c chore(release): 5.6.0
  • 0853c69 test(NODE-5326): remove drop search indexes tests (#3695)
  • f647542 feat(NODE-5314): add search index helpers (#3672)
  • e5e3c93 test(NODE-5317): use new evergreen scripts (#3669)
  • 1e58a4c test(NODE-5265): fix flaky operation count test (#3688)
  • 8bfa945 test(NODE-5237): fix flaky deadlock tests and modernize deadlock test suite (...
  • 63ae351 ci(NODE-5312): change windows hosts to vsCurrent (#3687)
  • da12eb9 ci(NODE-4698): test csfle with mongocryptd (#3684)
  • 436dc9c test(NODE-4708): add rewrapmanydatakey prose test 2 (#3685)
  • e03178e fix(NODE-5296): construct error messages for AggregateErrors in Node16+ (#3682)
  • Additional commits viewable in compare view

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

5.7

  • Add minVersion method

5.6

  • Move boolean loose param to an options object, with backwards-compatibility protection.
  • Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

  • Add version coercion capabilities

5.4

  • Add intersection checking

5.3

  • Add minSatisfying method

5.2

  • Add prerelease(v) that returns prerelease components

5.1

  • Add Backus-Naur for ranges
  • Remove excessively cute inspection methods

5.0

  • Remove AMD/Browserified build artifacts
  • Fix ltr and gtr when using the * range
  • Fix for range * with a prerelease identifier
Commits
Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.


Updates simple-get from 3.1.0 to 3.1.1

Commits
Maintainer changes

This version was pushed to npm by linusu, a new releaser for simple-get since your current version.


Updates tar from 6.1.11 to 6.2.1

Release notes

Sourced from tar's releases.

v6.1.13

6.1.13 (2022-12-07)

Dependencies

v6.1.12

Description has been truncated

dependabot[bot] avatar Apr 10 '24 21:04 dependabot[bot]