Skip to content

chore(deps): Bump the node-packages group across 1 directory with 5 updates#8

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/examples/node-app/node-packages-9c71891d8a
Open

chore(deps): Bump the node-packages group across 1 directory with 5 updates#8
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/examples/node-app/node-packages-9c71891d8a

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Jan 27, 2025
edited
Loading

Bumps the node-packages group with 3 updates in the /examples/node-app directory: express, express-handlebars and mocha.

Updates express from 4.19.2 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

New Contributors

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect

Other Changes

... (truncated)

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

  • deps: path-to-regexp@0.1.12
    • Fix backtracking protection
  • deps: path-to-regexp@0.1.11
    • Throws an error on invalid path values

4.21.1 / 2024-10-08

4.21.0 / 2024-09-11

  • Deprecate res.location("back") and res.redirect("back") magic string
  • deps: serve-static@1.16.2
    • includes send@0.19.0
  • deps: finalhandler@1.3.1
  • deps: qs@6.13.0

4.20.0 / 2024-09-10

  • deps: serve-static@0.16.0
    • Remove link renderization in html while redirecting
  • deps: send@0.19.0
    • Remove link renderization in html while redirecting
  • deps: body-parser@0.6.0
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: path-to-regexp@0.1.10
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie
Commits
Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.


Updates express-handlebars from 7.1.3 to 8.0.1

Release notes

Sourced from express-handlebars's releases.

v8.0.1

8.0.1 (2024-08-07)

Bug Fixes

v8.0.0

8.0.0 (2024-08-07)

Bug Fixes

BREAKING CHANGES

  • minimum node v20
Changelog

Sourced from express-handlebars's changelog.

8.0.1 (2024-08-07)

Bug Fixes

8.0.0 (2024-08-07)

Bug Fixes

BREAKING CHANGES

  • minimum node v20
Commits
  • 8e7efb4 chore(release): 8.0.1 [skip ci]
  • efca370 fix: remove module type (#857)
  • 8abe846 chore(release): 8.0.0 [skip ci]
  • cb0358e fix: require node v20 (#854)
  • e90da8e chore(deps): update github/codeql-action action to v3 (#728)
  • b8032b3 chore(deps): update dependency glob to ^10.4.5 (#834)
  • 017c3ac chore: update eslint (#853)
  • fcf4d6d chore(deps): update devdependency @​types/node to ^18.19.43
  • 5ba9eed chore(deps): update devdependency ts-jest to ^29.2.4
  • 75076f8 chore(deps): update typescript-eslint monorepo to ^7.18.0
  • Additional commits viewable in compare view

Updates chai from 4.2.0 to 4.5.0

Release notes

Sourced from chai's releases.

v4.5.0

  • Update type detect (#1631) 1a36d35

chaijs/chai@v4.4.1...v4.5.0

What's Changed

Full Changelog: chaijs/chai@v4.4.1...v4.5.0

v4.4.1

What's Changed

Full Changelog: chaijs/chai@v4.4.0...v4.4.1

v4.4.0

What's Changed

Full Changelog: chaijs/chai@v4.3.10...v4.4.0

v4.3.10

This release simply bumps all dependencies to their latest non-breaking versions.

What's Changed

Full Changelog: chaijs/chai@v4.3.9...v4.3.10

v4.3.9

Upgrade dependencies.

This release upgrades dependencies to address CVE-2023-43646 where a large function name can cause "catastrophic backtracking" (aka ReDOS attack) which can cause the test suite to hang.

Full Changelog: chaijs/chai@v4.3.8...v4.3.9

v4.3.8

What's Changed

... (truncated)

Commits

Updates chai-http from 4.2.0 to 4.4.0

Release notes

Sourced from chai-http's releases.

4.4.0

What's Changed

New Contributors

Full Changelog: chaijs/chai-http@4.3.0...4.4.0

4.3.0 / 2019-04-26

This feature release allows you to pass a Regular Expression to the redirectTo function.

expect(res).to.redirectTo(/^\/search\/results\?orderBy=desc$/);

Community Contributions

Code Features & Fixes

4.2.1 / 2019-01-02

This patch fixes usability issues for TypeScript definitions.

Community Contributions

Code Features & Fixes

Commits
  • a3715c4 4.4.0
  • 83f4f9e build
  • ce9866f Dependency updates to fix security vulnerabilities (#306)
  • dbba17c ci: update npm token (#289)
  • 0c2c350 docs: add badges to the README
  • be1d005 ci: don't run publish-npm job unless push
  • 0e78cee build(dev-deps): update semantic-release packages to latest versions
  • ee4952e docs: update README examples to modern syntax
  • 233118b feat: drop support for node < 10
  • 04ebb3d ci: update release token (#287)
  • Additional commits viewable in compare view

Updates mocha from 10.7.3 to 11.1.0

Release notes

Sourced from mocha's releases.

v11.1.0

11.1.0 (2025-01-02)

🌟 Features

v11.0.2

11.0.2 (2024-12-09)

🩹 Fixes

  • catch exceptions setting Error.stackTraceLimit (#5254) (259f8f8)
  • error handling for unexpected numeric arguments passed to cli (#5263) (210d658)

📚 Documentation

  • correct outdated status: accepting prs link (#5268) (f729cd0)
  • replace "New in" with "Since" in version annotations (#5262) (6f10d12)

v11.0.1

11.0.1 (2024-12-02)

🌟 Features

📚 Documentation

  • fix examples for linkPartialObjects methods (#5255) (34e0e52)

v11.0.0 Prerelease

11.0.0 (2024-11-11)

⚠ BREAKING CHANGES

  • adapt new engine range for Mocha 11 (#5216)

🌟 Features

🩹 Fixes

... (truncated)

Changelog

Sourced from mocha's changelog.

11.1.0 (2025-01-02)

🌟 Features

11.0.2 (2024-12-09)

🩹 Fixes

  • catch exceptions setting Error.stackTraceLimit (#5254) (259f8f8)
  • error handling for unexpected numeric arguments passed to cli (#5263) (210d658)

📚 Documentation

  • correct outdated status: accepting prs link (#5268) (f729cd0)
  • replace "New in" with "Since" in version annotations (#5262) (6f10d12)

11.0.1 (2024-12-02)

🌟 Features

📚 Documentation

  • fix examples for linkPartialObjects methods (#5255) (34e0e52)

11.0.0 (2024-11-11)

⚠ BREAKING CHANGES

  • adapt new engine range for Mocha 11 (#5216)

🌟 Features

🩹 Fixes

📚 Documentation

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): Bump the node-packages group across 1 directory with 5 u…
41e85a7 
…pdates

Bumps the node-packages group with 3 updates in the /examples/node-app directory: [express](https://github.com/expressjs/express), [express-handlebars](https://github.com/express-handlebars/express-handlebars) and [mocha](https://github.com/mochajs/mocha).


Updates `express` from 4.19.2 to 4.21.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md)
- [Commits](expressjs/express@4.19.2...4.21.2)

Updates `express-handlebars` from 7.1.3 to 8.0.1
- [Release notes](https://github.com/express-handlebars/express-handlebars/releases)
- [Changelog](https://github.com/express-handlebars/express-handlebars/blob/master/CHANGELOG.md)
- [Commits](express-handlebars/express-handlebars@v7.1.3...v8.0.1)

Updates `chai` from 4.2.0 to 4.5.0
- [Release notes](https://github.com/chaijs/chai/releases)
- [Changelog](https://github.com/chaijs/chai/blob/main/History.md)
- [Commits](chaijs/chai@4.2.0...v4.5.0)

Updates `chai-http` from 4.2.0 to 4.4.0
- [Release notes](https://github.com/chaijs/chai-http/releases)
- [Changelog](https://github.com/chaijs/chai-http/blob/main/History.md)
- [Commits](chaijs/chai-http@4.2.0...4.4.0)

Updates `mocha` from 10.7.3 to 11.1.0
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md)
- [Commits](mochajs/mocha@v10.7.3...v11.1.0)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: node-packages
- dependency-name: express-handlebars
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: node-packages
- dependency-name: chai
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: node-packages
- dependency-name: chai-http
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: node-packages
- dependency-name: mocha
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: node-packages
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from timothywarner as a code owner January 27, 2025 23:36
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jan 27, 2025
@dependabot dependabot bot mentioned this pull request Jan 27, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@timothywarner timothywarner Awaiting requested review from timothywarner timothywarner is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants