Bump the npm_and_yarn group across 1 directory with 11 updates by dependabot[bot] · Pull Request #29 · MacPaw/together-app

dependabot · 2025-03-25T09:41:36Z

Bumps the npm_and_yarn group with 8 updates in the / directory:

Package	From	To
next	`14.1.1`	`14.2.26`
@babel/helpers	`7.17.7`	`7.27.0`
@babel/runtime	`7.24.7`	`7.27.0`
body-parser	`1.20.2`	`1.20.3`
express	`4.19.2`	`4.21.2`
cookie	`0.5.0`	`0.7.1`
next-auth	`4.24.5`	`4.24.11`
nanoid	`3.3.7`	`3.3.11`

Updates next from 14.1.1 to 14.2.26

Release notes

Sourced from next's releases.

v14.2.26

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

Match subrequest handling for edge and node (#77476)

v14.2.25

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary. This release contains a security patch for CVE-2025-29927.

Core Changes

Update middleware request header (#77202)

Credits

Huge thanks to @ijjk for helping!

v14.2.24

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

fix: ensure lint worker errors aren't silenced (#75779)

add additional x-middleware-set-cookie filtering (#75561 & #73482)

Credits

Huge thanks to @ztanner for helping!

Commits

10a042c v14.2.26
8a511d6 Match subrequest handling for edge and node (#77476)
d36a1f3 v14.2.25
5fd3ae8 [backport] Update middleware request header (#77202)
756be15 v14.2.24
ba6453d fix corepack keys
c482c20 [backport v14] fix: ensure lint worker errors aren't silenced (#75766) (#75779)
5791cb6 [Backport v14] add additional x-middleware-set-cookie filtering (#75561) (#75...
8129a61 test: fix eslint plugin test (#75687)
f27ce02 v14.2.23
Additional commits viewable in compare view

Updates @babel/helpers from 7.17.7 to 7.27.0

Release notes

Sourced from @babel/helpers's releases.

v7.27.0 (2025-03-24)

Thanks @ishchhabra and @vovkasm for your first PRs!

👓 Spec Compliance

babel-generator, babel-parser

#16977 Default importAttributesKeyword to with (@JLHwung)

🚀 New Feature

babel-helper-create-class-features-plugin, babel-traverse, babel-types

#17169 Allow traverseFast to exit early (@liuxingbaoyu)

babel-parser, babel-types

#17110 Add ImportAttributes to Standardized and move its parser test fixtures (@JLHwung)

babel-generator

#17100 fix(babel-generator): add named export of generate function (@vovkasm)

babel-parser, babel-template

#17149 Add allowYieldOutsideFunction to parser (@liuxingbaoyu)

babel-plugin-transform-typescript, babel-traverse

#17102 feat: Add upToScope parameter to hasBinding (@liuxingbaoyu)

babel-parser

#17082 Support ESTree AccessorProperty (@JLHwung)

babel-types

#17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@ishchhabra)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16816 fix: Class reference in type throws error (@liuxingbaoyu)

babel-traverse

#17170 fix: Reset child scopes when scope.crawl() (@liuxingbaoyu)

babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@JLHwung)

babel-cli

#17182 fix: @babel/cli generates duplicate inline source maps (@liuxingbaoyu)

babel-plugin-transform-named-capturing-groups-regex, babel-types

#17175 Generate computed proto key (@JLHwung)

🏃‍♀️ Performance

babel-types

#16870 perf: Improve builders of @babel/types (@liuxingbaoyu)

babel-helper-create-regexp-features-plugin

#17176 fix: improve duplicate named groups check (@JLHwung)

Committers: 5

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Ish Chhabra (@ishchhabra)

Vladimir Timofeev (@vovkasm)

@liuxingbaoyu

v7.26.10 (2025-03-11)

... (truncated)

Changelog

Sourced from @babel/helpers's changelog.

v7.27.0 (2025-03-24)

👓 Spec Compliance

babel-generator, babel-parser

#16977 Default importAttributesKeyword to with (@JLHwung)

🚀 New Feature

babel-helper-create-class-features-plugin, babel-traverse, babel-types

#17169 Allow traverseFast to exit early (@liuxingbaoyu)

babel-parser, babel-types

#17110 Add ImportAttributes to Standardized and move its parser test fixtures (@JLHwung)

babel-generator

#17100 fix(babel-generator): add named export of generate function (@vovkasm)

babel-parser, babel-template

#17149 Add allowYieldOutsideFunction to parser (@liuxingbaoyu)

babel-plugin-transform-typescript, babel-traverse

#17102 feat: Add upToScope parameter to hasBinding (@liuxingbaoyu)

babel-parser

#17082 Support ESTree AccessorProperty (@JLHwung)

babel-types

#17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@ishchhabra)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16816 fix: Class reference in type throws error (@liuxingbaoyu)

babel-traverse

#17170 fix: Reset child scopes when scope.crawl() (@liuxingbaoyu)

babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@JLHwung)

babel-cli

#17182 fix: @babel/cli generates duplicate inline source maps (@liuxingbaoyu)

babel-plugin-transform-named-capturing-groups-regex, babel-types

#17175 Generate computed proto key (@JLHwung)

🏃‍♀️ Performance

babel-types

#16870 perf: Improve builders of @babel/types (@liuxingbaoyu)

babel-helper-create-regexp-features-plugin

#17176 fix: improve duplicate named groups check (@JLHwung)

v7.26.10 (2025-03-11)

👓 Spec Compliance

babel-parser

#17159 Disallow decorator in array pattern (@JLHwung)

🐛 Bug Fix

babel-parser, babel-template

#17164 Fix: always initialize ExportDeclaration attributes (@JLHwung)

babel-core

#17142 fix: "Map maximum size exceeded" in deepClone (@liuxingbaoyu)

... (truncated)

Commits

5c350ea v7.27.0
ca4865a Fix: align behaviour to tsc rewriteRelativeImportExtensions (#17118)
e1ce99d v7.26.10
d5952e8 Fix processing of replacement pattern with named capture groups (#17173)
64bca7b v7.26.9
4cf5c9e [babel 8] Use @babel/types for parser's return type (#17117)
2d95140 v7.26.7
0e6199b Make "object without properties" helpers ES6-compatible (#17086)
cd24cc0 chore: Update TS 5.7 (#17053)
63d3038 v7.26.0
Additional commits viewable in compare view

Updates @babel/runtime from 7.24.7 to 7.27.0

Release notes

Sourced from @babel/runtime's releases.

v7.27.0 (2025-03-24)

Thanks @ishchhabra and @vovkasm for your first PRs!

👓 Spec Compliance

babel-generator, babel-parser

#16977 Default importAttributesKeyword to with (@JLHwung)

🚀 New Feature

babel-helper-create-class-features-plugin, babel-traverse, babel-types

#17169 Allow traverseFast to exit early (@liuxingbaoyu)

babel-parser, babel-types

#17110 Add ImportAttributes to Standardized and move its parser test fixtures (@JLHwung)

babel-generator

#17100 fix(babel-generator): add named export of generate function (@vovkasm)

babel-parser, babel-template

#17149 Add allowYieldOutsideFunction to parser (@liuxingbaoyu)

babel-plugin-transform-typescript, babel-traverse

#17102 feat: Add upToScope parameter to hasBinding (@liuxingbaoyu)

babel-parser

#17082 Support ESTree AccessorProperty (@JLHwung)

babel-types

#17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@ishchhabra)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16816 fix: Class reference in type throws error (@liuxingbaoyu)

babel-traverse

#17170 fix: Reset child scopes when scope.crawl() (@liuxingbaoyu)

babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@JLHwung)

babel-cli

#17182 fix: @babel/cli generates duplicate inline source maps (@liuxingbaoyu)

babel-plugin-transform-named-capturing-groups-regex, babel-types

#17175 Generate computed proto key (@JLHwung)

🏃‍♀️ Performance

babel-types

#16870 perf: Improve builders of @babel/types (@liuxingbaoyu)

babel-helper-create-regexp-features-plugin

#17176 fix: improve duplicate named groups check (@JLHwung)

Committers: 5

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Ish Chhabra (@ishchhabra)

Vladimir Timofeev (@vovkasm)

@liuxingbaoyu

v7.26.10 (2025-03-11)

... (truncated)

Changelog

Sourced from @babel/runtime's changelog.

v7.27.0 (2025-03-24)

👓 Spec Compliance

babel-generator, babel-parser

#16977 Default importAttributesKeyword to with (@JLHwung)

🚀 New Feature

babel-helper-create-class-features-plugin, babel-traverse, babel-types

#17169 Allow traverseFast to exit early (@liuxingbaoyu)

babel-parser, babel-types

#17110 Add ImportAttributes to Standardized and move its parser test fixtures (@JLHwung)

babel-generator

#17100 fix(babel-generator): add named export of generate function (@vovkasm)

babel-parser, babel-template

#17149 Add allowYieldOutsideFunction to parser (@liuxingbaoyu)

babel-plugin-transform-typescript, babel-traverse

#17102 feat: Add upToScope parameter to hasBinding (@liuxingbaoyu)

babel-parser

#17082 Support ESTree AccessorProperty (@JLHwung)

babel-types

#17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@ishchhabra)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16816 fix: Class reference in type throws error (@liuxingbaoyu)

babel-traverse

#17170 fix: Reset child scopes when scope.crawl() (@liuxingbaoyu)

babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@JLHwung)

babel-cli

#17182 fix: @babel/cli generates duplicate inline source maps (@liuxingbaoyu)

babel-plugin-transform-named-capturing-groups-regex, babel-types

#17175 Generate computed proto key (@JLHwung)

🏃‍♀️ Performance

babel-types

#16870 perf: Improve builders of @babel/types (@liuxingbaoyu)

babel-helper-create-regexp-features-plugin

#17176 fix: improve duplicate named groups check (@JLHwung)

v7.26.10 (2025-03-11)

👓 Spec Compliance

babel-parser

#17159 Disallow decorator in array pattern (@JLHwung)

🐛 Bug Fix

babel-parser, babel-template

#17164 Fix: always initialize ExportDeclaration attributes (@JLHwung)

babel-core

#17142 fix: "Map maximum size exceeded" in deepClone (@liuxingbaoyu)

... (truncated)

Commits

5c350ea v7.27.0
ca4865a Fix: align behaviour to tsc rewriteRelativeImportExtensions (#17118)
e1ce99d v7.26.10
d5952e8 Fix processing of replacement pattern with named capture groups (#17173)
64bca7b v7.26.9
2d95140 v7.26.7
63d3038 v7.26.0
b07957e v7.25.9
af91759 fix: Accidentally publishing useless files (#16917)
2533cfb v7.25.7
Additional commits viewable in compare view

Updates body-parser from 1.20.2 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

deps: qs@6.13.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/body-parser#522

ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/body-parser#523

fix: pin to node@22.4.1 by @wesleytodd in expressjs/body-parser#527

deps: qs@6.12.3 by @melikhov-dev in expressjs/body-parser#521

Add OSSF Scorecard badge by @bjohansebas in expressjs/body-parser#531

Linter by @UlisesGascon in expressjs/body-parser#534

Release: 1.20.3 by @UlisesGascon in expressjs/body-parser#535

New Contributors

@inigomarquinez made their first contribution in expressjs/body-parser#522

@melikhov-dev made their first contribution in expressjs/body-parser#521

@bjohansebas made their first contribution in expressjs/body-parser#531

@UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

deps: qs@6.13.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Commits

1752951 1.20.3
39744cf chore: linter (#534)
b2695c4 Merge commit from fork
ade0f3f add scorecard to readme (#531)
99a1bd6 deps: qs@6.12.3 (#521)
9478591 fix: pin to node@22.4.1
83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
9d4e212 chore: add support for OSSF scorecard reporting (#522)
See full diff in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates express from 4.19.2 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

Add funding field (v4) by @bjohansebas in expressjs/express#6065

deps: path-to-regexp@0.1.11 by @blakeembrey in expressjs/express#5956

deps: bump path-to-regexp@0.1.12 by @jonchurch in expressjs/express#6209

Release: 4.21.2 by @UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

Backport a fix for CVE-2024-47764 to the 4.x branch by @joshbuker in expressjs/express#6029

Release: 4.21.1 by @UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

Deprecate "back" magic string in redirects by @blakeembrey in expressjs/express#5935

finalhandler@1.3.1 by @wesleytodd in expressjs/express#5954

fix(deps): serve-static@1.16.2 by @wesleytodd in expressjs/express#5951

Upgraded dependency qs to 6.13.0 to match qs in body-parser by @agadzinski93 in expressjs/express#5946

New Contributors

@agadzinski93 made their first contribution in expressjs/express#5946

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

... (truncated)

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

deps: path-to-regexp@0.1.12

Fix backtracking protection

deps: path-to-regexp@0.1.11

Throws an error on invalid path values

4.21.1 / 2024-10-08

Backported a fix for CVE-2024-47764

4.21.0 / 2024-09-11

Deprecate res.location("back") and res.redirect("back") magic string

deps: serve-static@1.16.2

includes send@0.19.0

deps: finalhandler@1.3.1

deps: qs@6.13.0

4.20.0 / 2024-09-10

deps: serve-static@0.16.0

Remove link renderization in html while redirecting

deps: send@0.19.0

Remove link renderization in html while redirecting

deps: body-parser@0.6.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: path-to-regexp@0.1.10

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align better with URL spec

Deprecate passing options.maxAge and options.expires to res.clearCookie

Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

Commits

1faf228 4.21.2
2e0fb64 deps: bump path-to-regexp@0.1.12 (#6209)
59fc270 deps: path-to-regexp@0.1.11 (#5956)
51fc39c docs: add funding (#6065)
8e229f9 4.21.1
a024c8a fix(deps): cookie@0.7.1
7e562c6 4.21.0
1bcde96 fix(deps): qs@6.13.0 (#5946)
7d36477 fix(deps): serve-static@1.16.2 (#5951)
40d2d8f fix(deps): finalhandler@1.3.1
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.

Updates cookie from 0.5.0 to 0.7.1

Release notes

Sourced from cookie's releases.

0.7.1

Fixed

Allow leading dot for domain (#174)

Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec

Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

jshttp/cookie@v0.7.0...v0.7.1

0.7.0

perf: parse cookies ~10% faster (#144 by @kurtextrem and #170)

fix: narrow the validation of cookies to match RFC6265 (#167 by @bewinsnw)

fix: add main to package.json for rspack (#166 by @proudparrot2)

jshttp/cookie@v0.6.0...v0.7.0

0.6.0

Add partitioned option

Commits

cf4658f 0.7.1
6a8b8f5 Allow leading dot for domain (#174)
58015c0 Remove more code and perf wins (#172)
ab057d6 0.7.0
5f02ca8 Migrate history to GitHub releases
a5d591c Migrate history to GitHub releases
51968f9 Skip isNaN
9e7ca51 perf(parse): cache length, return early (#144)
d6f39b0 Fix tests for old node
6bb701f Remove failing scorecard
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.

Updates next-auth from 4.24.5 to 4.24.11

Release notes

Sourced from next-auth's releases.

next-auth@4.24.10

What's Changed

fix: functions that return promises must be async by @thomaslindstrom in nextauthjs/next-auth#12105

fix: support AUTH_SECRET for compat with npx auth secret by @balazsorban44 in nextauthjs/next-auth@490a033

Full Changelog: https://github.com/nextauthjs/next-auth/compare/next-auth@4.24.9...next-auth@4.24.10

next-auth@4.24.9

What's Changed

chore(docs): fix typo in WorkOS documentation by @outofgamut in nextauthjs/next-auth#11959

chore(v4): add neon sponsor by @ndom91 in nextauthjs/next-auth#12008

cookie package upgraded by @talyuk in nextauthjs/next-auth#12046

Allow Next.js v15 peer dependency by @thomaslindstrom in nextauthjs/next-auth#12098

await dynamic APIs as per Next.js 15 changes by @balazsorban44 in nextauthjs/next-auth@4d143c5

New Contributors

@outofgamut made their first contribution in nextauthjs/next-auth#11959

@talyuk made their first contribution in nextauthjs/next-auth#12046

@thomaslindstrom made their first contribution in nextauthjs/next-auth#12098

Full Changelog: https://github.com/nextauthjs/next-auth/compare/next-auth@4.24.8...next-auth@4.24.9

Commits

6bca388 chore(release): bump version [skip ci]
c46fd4f chore(deps): allow react v19 as peer deps (#12352)
3dfe5d5 chore: Update docusaurus.config.js
0447db0 chore(v4): add sent.dm sponsor (#12172)
5a5859a docs: Update options.md
5ad7fb4 docs: Update options.md
c7ea50d chore(release): bump version [skip ci]
490a033 fix: support AUTH_SECRET for compat with npx auth secret
1e6be72 fix: functions that return promises must be async (#12105)
ddab3cc chore(release): bump version [skip ci]
Additional commits viewable in compare view

Updates express from 4.19.2 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

Add funding field (v4) by @bjohansebas in expressjs/express#6065

deps: path-to-regexp@0.1.11 by @blakeembrey in expressjs/express#5956

deps: bump path-to-regexp@0.1.12 by @jonchurch in expressjs/express#6209

Release: 4.21.2 by @UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

Backport a fix for CVE-2024-47764 to the 4.x branch by @joshbuker in expressjs/express#6029

Release: 4.21.1 by @UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

Deprecate "back" magic string in redirects by @blakeembrey in expressjs/express#5935

finalhandler@1.3.1 by @wesleytodd in expressjs/express#5954

fix(deps): serve-static@1.16.2 by @wesleytodd in expressjs/express#5951

Upgraded dependency qs to 6.13.0 to match qs in body-parser by @agadzinski93 in expressjs/express#5946

New Contributors

@agadzinski93 made their first contribution in expressjs/express#5946

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

... (truncated)

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

deps: path-to-regexp@0.1.12

Fix backtracking protection

deps: path-to-regexp@0.1.11

Throws an error on invalid path values

4.21.1 / 2024-10-08

Backported a fix for CVE-2024-47764

4.21.0 / 2024-09-11

Deprecate res.location("back") and res.redirect("back") magic string

deps: serve-static@1.16.2

includes send@0.19.0

deps: finalhandler@1.3.1

deps: qs@6.13.0

4.20.0 / 2024-09-10

deps: serve-static@0.16.0

Remove link renderization in html while redirecting

deps: send@0.19.0

Remove link renderization in html while redirecting

deps: body-parser@0.6.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: path-to-regexp@0.1.10

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align bett...
Description has been truncated

Bumps the npm_and_yarn group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [next](https://github.com/vercel/next.js) | `14.1.1` | `14.2.26` | | [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.17.7` | `7.27.0` | | [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.24.7` | `7.27.0` | | [body-parser](https://github.com/expressjs/body-parser) | `1.20.2` | `1.20.3` | | [express](https://github.com/expressjs/express) | `4.19.2` | `4.21.2` | | [cookie](https://github.com/jshttp/cookie) | `0.5.0` | `0.7.1` | | [next-auth](https://github.com/nextauthjs/next-auth) | `4.24.5` | `4.24.11` | | [nanoid](https://github.com/ai/nanoid) | `3.3.7` | `3.3.11` | Updates `next` from 14.1.1 to 14.2.26 - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](vercel/next.js@v14.1.1...v14.2.26) Updates `@babel/helpers` from 7.17.7 to 7.27.0 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.0/packages/babel-helpers) Updates `@babel/runtime` from 7.24.7 to 7.27.0 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.0/packages/babel-runtime) Updates `body-parser` from 1.20.2 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.2...1.20.3) Updates `express` from 4.19.2 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.19.2...4.21.2) Updates `cookie` from 0.5.0 to 0.7.1 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](jshttp/cookie@v0.5.0...v0.7.1) Updates `next-auth` from 4.24.5 to 4.24.11 - [Release notes](https://github.com/nextauthjs/next-auth/releases) - [Commits](https://github.com/nextauthjs/next-auth/compare/next-auth@4.24.5...next-auth@4.24.11) Updates `express` from 4.19.2 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.19.2...4.21.2) Updates `nanoid` from 3.3.7 to 3.3.11 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.3.7...3.3.11) Updates `path-to-regexp` from 0.1.7 to 0.1.12 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.12) Updates `send` from 0.18.0 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `serve-static` from 1.15.0 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...v1.16.2) --- updated-dependencies: - dependency-name: next dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@babel/helpers" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/runtime" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: next-auth dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 25, 2025

art-tykh merged commit d43956e into main Mar 25, 2025
2 of 4 checks passed

dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-dff50d713b branch March 25, 2025 09:53

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Comments

Bump the npm_and_yarn group across 1 directory with 11 updates#29

Bump the npm_and_yarn group across 1 directory with 11 updates#29
art-tykh merged 1 commit intomainfrom
dependabot/npm_and_yarn/npm_and_yarn-dff50d713b

dependabot bot commented on behalf of github Mar 25, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Comments

Conversation

dependabot bot commented on behalf of github Mar 25, 2025

v14.2.26

Core Changes

v14.2.25

Core Changes

Credits

v14.2.24

Core Changes

Credits

v7.27.0 (2025-03-24)

👓 Spec Compliance

🚀 New Feature

🐛 Bug Fix

🏃‍♀️ Performance

Committers: 5

v7.26.10 (2025-03-11)

v7.27.0 (2025-03-24)

👓 Spec Compliance

🚀 New Feature

🐛 Bug Fix

🏃‍♀️ Performance

v7.26.10 (2025-03-11)

👓 Spec Compliance

🐛 Bug Fix

v7.27.0 (2025-03-24)

👓 Spec Compliance

🚀 New Feature

🐛 Bug Fix

🏃‍♀️ Performance

Committers: 5

v7.26.10 (2025-03-11)

v7.27.0 (2025-03-24)

👓 Spec Compliance

🚀 New Feature

🐛 Bug Fix

🏃‍♀️ Performance

v7.26.10 (2025-03-11)

👓 Spec Compliance

🐛 Bug Fix

1.20.3

What's Changed

Important

Other changes

New Contributors

1.20.3 / 2024-09-10

4.21.2

What's Changed

4.21.1

What's Changed

4.21.0

What's Changed

New Contributors

4.20.0

What's Changed

Important

Other Changes

4.21.2 / 2024-11-06

4.21.1 / 2024-10-08

4.21.0 / 2024-09-11

4.20.0 / 2024-09-10

0.7.1

0.7.0

0.6.0

next-auth@4.24.10

What's Changed

next-auth@4.24.9

What's Changed

New Contributors

4.21.2

What's Changed

4.21.1

What's Changed

4.21.0

What's Changed

New Contributors

4.20.0

What's Changed

Important