chore(deps): bump the production-dependencies group in /server with 4 updates #1080

dependabot · 2024-03-11T06:39:11Z

Bumps the production-dependencies group in /server with 4 updates: express, express-rate-limit, qs and typescript.

Updates express from 4.18.2 to 4.18.3

Release notes

4.18.3

Main Changes

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

Other Changes

Use https: protocol instead of deprecated git: protocol by @vcsjones in expressjs/express#5032

build: [email protected] and [email protected] by @abenhamdine in expressjs/express#5034

ci: update actions/checkout to v3 by @armujahid in expressjs/express#5027

test: remove unused function arguments in params by @raksbisht in expressjs/express#5124

Remove unused originalIndex from acceptParams by @raksbisht in expressjs/express#5119

Fixed typos by @raksbisht in expressjs/express#5117

examples: remove unused params by @raksbisht in expressjs/express#5113

fix: parameter str is not described in JSDoc by @raksbisht in expressjs/express#5130

fix: typos in History.md by @raksbisht in expressjs/express#5131

build : add [email protected] by @abenhamdine in expressjs/express#5028

test: remove unused function arguments in params by @raksbisht in expressjs/express#5137

use random port in test so it won't fail on already listening by @rluvaton in expressjs/express#5162

tests: use cb() instead of done() by @kristof-low in expressjs/express#5233

examples: remove multipart example by @riddlew in expressjs/express#5195

Update support Node.js@18 in the CI by @UlisesGascon in expressjs/express#5490

Fix favicon-related bug in cookie-sessions example by @DmytroKondrashov in expressjs/express#5414

Release 4.18.3 by @UlisesGascon in expressjs/express#5505

New Contributors

@vcsjones made their first contribution in expressjs/express#5032

@abenhamdine made their first contribution in expressjs/express#5034

@armujahid made their first contribution in expressjs/express#5027

@raksbisht made their first contribution in expressjs/express#5124

@rluvaton made their first contribution in expressjs/express#5162

@kristof-low made their first contribution in expressjs/express#5233

@riddlew made their first contribution in expressjs/express#5195

@DmytroKondrashov made their first contribution in expressjs/express#5414

Full Changelog: expressjs/express@4.18.2...4.18.3

Changelog

Sourced from express's changelog.

4.18.3 / 2024-02-26

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: [email protected]

Commits

1b51eda 4.18.3
b625132 build: pin Node 21.x to minor
e3eca80 build: pin Node 21.x to minor
23b44b3 build: support Node.js 21.6.2
b9fea12 build: support Node.js 21.x in appveyor
c259c34 build: support Node.js 21.x
fdeb1d3 build: support Node.js 20.x in appveyor
734b281 build: support Node.js 20.x
0e3ab6e examples: improve view count in cookie-sessions
59af63a build: [email protected]
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.

Updates express-rate-limit from 7.1.5 to 7.2.0

Release notes

Sourced from express-rate-limit's releases.

v7.2.0

You can view the changelog here.

Commits

f77addc 7.2.0
dc4f067 7.2.0 changelog
5f6dc55 docs: add Configuration & Thank You sections to readme (#440)
be7fe9c Check for instance creation while handling a request (#438)
c252ae3 docs: improve store-related docs (#437)
31fc799 docs: Create Data Stores documentation page (#433)
2d4105e build(deps-dev): bump follow-redirects from 1.15.3 to 1.15.4 (#431)
d8a1cc2 Update overview.mdx sponsor link (#427)
7df39f8 docs: resetKey example
See full diff in compare view

Updates qs from 6.11.2 to 6.12.0

Changelog

Sourced from qs's changelog.

6.12.0

[New] parse/stringify: add decodeDotInKeys/encodeDotKeys options (#488)

[New] parse: add duplicates option

[New] parse/stringify: add allowEmptyArrays option to allow [] in object values (#487)

[Refactor] parse/stringify: move allowDots config logic to its own variable

[Refactor] stringify: move option-handling code into normalizeStringifyOptions

[readme] update readme, add logos (#484)

[readme] stringify: clarify default arrayFormat behavior

[readme] fix line wrapping

[readme] remove dead badges

[Deps] update side-channel

[meta] make the dist build 50% smaller

[meta] add sideEffects flag

[meta] run build in prepack, not prepublish

[Tests] parse: remove useless tests; add coverage

[Tests] stringify: increase coverage

[Tests] use mock-property

[Tests] stringify: improve coverage

[Dev Deps] update @ljharb/eslint-config , aud, has-override-mistake, has-property-descriptors, mock-property, npmignore, object-inspect, tape

[Dev Deps] pin glob, since v10.3.8+ requires a broken jackspeak

[Dev Deps] pin jackspeak since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6

Commits

062334a v6.12.0
f09cffc [meta] make the dist build 50% smaller
934dfe8 [meta] run build in prepack, not prepublish
c8a269f [Tests] parse: remove useless tests; add coverage
1e04701 [Tests] stringify: increase coverage
e679e12 [Deps] update side-channel
6799475 [Dev Deps] update has-override-mistake
cc60bbd [Tests] use mock-property
30004b2 [New] parse/stringify: add decodeDotInKeys/encodeDotKeys options
82a098e [Refactor] parse/stringify: move allowDots config logic to its own variable
Additional commits viewable in compare view

Updates typescript from 5.3.3 to 5.4.2

Release notes

Sourced from typescript's releases.

TypeScript 5.4

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

fixed issues query for Typescript 5.4.0 (Beta).

fixed issues query for Typescript 5.4.1 (RC).

fixed issues query for Typescript 5.4.2 (Stable).

Downloads are available on:

NuGet package

TypeScript 5.4 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

fixed issues query for Typescript 5.4.0 (Beta).

fixed issues query for Typescript 5.4.1 (RC).

Downloads are available on:

NuGet package

TypeScript 5.4 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

fixed issues query for Typescript 5.4.0 (Beta).

Downloads are available on:

npm

NuGet package

Commits

42bb138 Bump version to 5.4.2 and LKG
992c705 Add release pipeline to release-5.4 (#57513)
db6b2a9 Bump version to 5.4.1-rc and LKG
bd4f51c Update LKG
8a1f79d Merge remote-tracking branch 'origin/main' into release-5.4
d04e348 Improve apparent type of mapped types (#57122)
86a1663 Update package-lock.json
feb57c2 Instantiate earlier inferred constraints in conditional types (#57362)
91e67ff fix(57392): using is not suggested as a keyword (#57394)
29c0024 Avoid creating rest elements with errorType when any is spread (#57116)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the production-dependencies group in /server with 4 updates: [express](https://github.com/expressjs/express), [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit), [qs](https://github.com/ljharb/qs) and [typescript](https://github.com/Microsoft/TypeScript). Updates `express` from 4.18.2 to 4.18.3 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.18.3) Updates `express-rate-limit` from 7.1.5 to 7.2.0 - [Release notes](https://github.com/express-rate-limit/express-rate-limit/releases) - [Commits](express-rate-limit/express-rate-limit@v7.1.5...v7.2.0) Updates `qs` from 6.11.2 to 6.12.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.11.2...v6.12.0) Updates `typescript` from 5.3.3 to 5.4.2 - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](microsoft/TypeScript@v5.3.3...v5.4.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: express-rate-limit dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: qs dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: typescript dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Mar 11, 2024

DenverCoder1 temporarily deployed to custom-icon-dependabot--wehoo9 March 11, 2024 06:39 Inactive

DenverCoder1 merged commit a1a04f9 into main Mar 19, 2024
3 checks passed

DenverCoder1 deleted the dependabot/npm_and_yarn/server/production-dependencies-c1de1d4d05 branch March 19, 2024 22:27

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the production-dependencies group in /server with 4 updates #1080

chore(deps): bump the production-dependencies group in /server with 4 updates #1080

dependabot bot commented on behalf of github Mar 11, 2024 •

edited

Loading

chore(deps): bump the production-dependencies group in /server with 4 updates #1080

chore(deps): bump the production-dependencies group in /server with 4 updates #1080

Conversation

dependabot bot commented on behalf of github Mar 11, 2024 • edited Loading

4.18.3

Main Changes

Other Changes

New Contributors

4.18.3 / 2024-02-26

v7.2.0

6.12.0

TypeScript 5.4

TypeScript 5.4 RC

TypeScript 5.4 Beta

dependabot bot commented on behalf of github Mar 11, 2024 •

edited

Loading