cloud-slack-bot

cloud-slack-bot copied to clipboard

Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.19.2. Release notes Sourced from express's releases. 4.19.2 What's Changed Improved fix for open redirect allow list bypass Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2 4.19.1 What's Changed Fix...

dependabot[bot]

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.13.2 to 1.15.6. Commits 35a517c Release version 1.15.6 of the npm package. c4f847f Drop Proxy-Authorization across hosts. 8526b4a Use GitHub for disclosure. b1677ce Release version 1.15.5 of...

dependabot[bot]

Bumps [axios](https://github.com/axios/axios) from 0.21.1 to 0.28.0. Release notes Sourced from axios's releases. Release v0.28.0 Release notes: Bug Fixes fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091) Backports from...

dependabot[bot]

Bumps [debug](https://github.com/debug-js/debug) from 4.1.1 to 4.3.4. Release notes Sourced from debug's releases. 4.3.4 What's Changed Add section about configuring JS console to show debug messages by @​gitname in debug-js/debug#866 Replace...

dependabot[bot]

Removes [tough-cookie](https://github.com/salesforce/tough-cookie). It's no longer used after updating ancestor dependencies [tough-cookie](https://github.com/salesforce/tough-cookie), [botbuilder](https://github.com/Microsoft/botbuilder-js) and [botkit](https://github.com/howdyai/botkit). These dependencies need to be updated together. Removes `tough-cookie` Updates `botbuilder` from 4.11.1 to 4.20.1 Release...

dependabot[bot]

Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 4.1.0 to 4.1.1. Commits 64735d2 v4.1.1 75a657d Fix potential ReDoS (#37) See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this...

dependabot[bot]

Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (#428) [Fix] utils.merge: avoid a crash with a null target and a truthy...

dependabot[bot]

Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2. Release notes Sourced from semver's releases. v5.7.2 5.7.2 (2023-07-10) Bug Fixes 2f8fd41 #585 better handling of whitespace (#585) (@​joaomoreno, @​lukekarrys) Changelog Sourced from semver's...

dependabot[bot]

Bumps [cross-fetch](https://github.com/lquixada/cross-fetch) from 3.0.6 to 3.1.8. Release notes Sourced from cross-fetch's releases. v3.1.8 What's Changed Restored caret range to node-fetch version for automatic feature and fix updates. Full Changelog: https://github.com/lquixada/cross-fetch/compare/v3.1.7...v3.1.8...

dependabot[bot]

Bumps [protobufjs](https://github.com/protobufjs/protobuf.js) from 6.10.2 to 6.11.4. Changelog Sourced from protobufjs's changelog. Changelog 7.2.4 (2023-06-23) Bug Fixes do not let setProperty change the prototype (#1899) (e66379f) 7.2.3 (2023-03-27) Bug Fixes type...

dependabot[bot]