Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm_and_yarn group across 2 directories with 9 updates #1

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

Bump the npm_and_yarn group across 2 directories with 9 updates #1

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jan 10, 2025

Bumps the npm_and_yarn group with 8 updates in the /test directory:

Package From To
secp256k1 3.8.0 3.8.1
@babel/traverse 7.19.1 7.26.4
@grpc/grpc-js 1.5.5 1.12.5
decode-uri-component 0.2.0 0.2.2
json5 2.2.0 2.2.3
minimatch 3.0.4 3.1.2
qs 6.5.2 6.5.3
word-wrap 1.2.3 1.2.5

Bumps the npm_and_yarn group with 1 update in the /test/tools directory: secp256k1.

Updates secp256k1 from 3.8.0 to 3.8.1

Commits

Updates @babel/traverse from 7.19.1 to 7.26.4

Release notes

Sourced from @​babel/traverse's releases.

v7.26.4 (2024-12-05)

↩️ Revert

  • babel-traverse
    • #17005 Revert "perf: Improve scope information collection performance" (@​JLHwung)

Committers: 2

v7.26.3 (2024-12-04)

🐛 Bug Fix

🏠 Internal

  • babel-helper-builder-binary-assignment-operator-visitor, babel-plugin-transform-exponentiation-operator

🏃‍♀️ Performance

Committers: 4

v7.26.2 (2024-10-30)

🐛 Bug Fix

Committers: 6

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.26.4 (2024-12-05)

↩️ Revert

  • babel-traverse
    • #17005 Revert "perf: Improve scope information collection performance" (@​JLHwung)

v7.26.3 (2024-12-04)

🐛 Bug Fix

🏠 Internal

  • babel-helper-builder-binary-assignment-operator-visitor, babel-plugin-transform-exponentiation-operator

🏃‍♀️ Performance

v7.26.2 (2024-10-30)

🐛 Bug Fix

v7.26.1 (2024-10-25)

🐛 Bug Fix

v7.26.0 (2024-10-25)

🚀 New Feature

  • babel-core, babel-generator, babel-parser, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-preset-env, babel-standalone, babel-types
  • babel-core
  • babel-compat-data, babel-plugin-proposal-regexp-modifiers, babel-plugin-transform-regexp-modifiers, babel-preset-env, babel-standalone
  • babel-parser
  • babel-generator, babel-parser, babel-plugin-syntax-flow
  • babel-helpers, babel-preset-typescript, babel-runtime-corejs3

... (truncated)

Commits

Updates @grpc/grpc-js from 1.5.5 to 1.12.5

Release notes

Sourced from @​grpc/grpc-js's releases.

@​grpc/grpc-js 1.12.5

  • Prioritize HTTP status errors over message decoding errors (#2873)

@​grpc/grpc-js 1.12.4

  • Prioritize reporting UNAVAILABLE status when handing connection drops (#2862)

@​grpc/grpc-js 1.12.3

  • Report UNAVAILABLE if possible when handling connection drops (#2861)

@​grpc/grpc-js 1.12.2

  • Use util.promisify instead of fs/promises for Node 12 compatibility (#2838)

@​grpc/grpc-js 1.12.1

  • Port bugfixes from 1.11.x into 1.12.x (#2836)

@​grpc/grpc-js-xds 1.12.0

  • Enable dualstack socket support by default in xDS clients (#2832)

@​grpc/grpc-js 1.12.0

Changelog

  • Provide the method_name for the CallCredentials callback generateMetadata (#2814 contributed by @​becoded)
  • Add an optional rejectUnauthorized field to the VerifyOptions interface, which can be passed as an argument to credentials.createSsl and createFromSecureContext (#2812 contributed by @​vinothsa4891)

Experimental API changes

Added:

  • CaCertificateUpdate
  • CaCertificateUpdateListener
  • IdentityCertificateUpdate
  • IdentityCertificateUpdateListener
  • CertificateProvider
  • FileWatcherCertificateProvider
  • FileWatcherCertificateProviderConfig
  • createCertificateProviderChannelCredentials
  • createCertificateProviderServerCredentials

Modified:

  • LoadBalancer: The constructor now takes an additional argument of type ChannelCredentials.
  • ChannelControlHelper#createSubchannel: Now takes an additional argument of type ChannelCredentials | null. This should be passed along if overriding this function.
  • LeafLoadBalancer: The constructor now takes an additional argument of type ChannelCredentials.

@​grpc/grpc-js 1.11.3

  • Ensure the client queries the name resolver again after connections drop while using the round_robin load balancing policy (#2825)

@​grpc/grpc-js 1.11.2

  • Fix client crash on receiving a custom error code (#2801 contributed by @​hastom)
  • Report connection errors more consistently (#2808)

... (truncated)

Commits
  • bae98b3 Merge pull request #2873 from murgatroid99/grpc-js_http_error_resource_exhaus...
  • 63d9717 grpc-js: Prioritize HTTP status errors over message decoding errors
  • e9359ef Merge pull request #2862 from murgatroid99/grpc-js_connection_drop_reporting_...
  • 5e3b0fb grpc-js: Improve event sequencing when handling connection drops
  • a524d15 Merge pull request #2861 from murgatroid99/grpc-js_handle_socket_close
  • 848e00e grpc-js: Restore socket disconnect handling
  • f0c58f7 Merge pull request #2858 from murgatroid99/grpc-js-xds_update_node_types_1.12
  • bc749ac grpc-js-xds: Update @​types/node and update code for compatibility
  • b6fbfa3 Merge pull request #2850 from murgatroid99/grpc-js_cert_refresh_1.12
  • 2ed62c1 grpc-js{,-xds}: Renew self-signed certificates used in tests
  • Additional commits viewable in compare view

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

  • Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

  • Switch to GitHub workflows 76abc93
  • Fix issue where decode throws - fixes #6 746ca5d
  • Update license (#1) 486d7e2
  • Tidelift tasks a650457
  • Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

Updates json5 from 2.2.0 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

v2.2.2

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

v2.2.2 [code, diff]

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Commits
  • c3a7524 2.2.3
  • 94fd06d docs: update CHANGELOG for v2.2.3
  • 3b8cebf docs(security): use GitHub security advisories
  • f0fd9e1 docs: publish a security policy
  • 6a91a05 docs(template): bug -> bug report
  • 14f8cb1 2.2.2
  • 10cc7ca docs: update CHANGELOG for v2.2.2
  • 7774c10 fix: add proto to objects and arrays
  • edde30a Readme: slight tweak to intro
  • 97286f8 Improve example in readme
  • Additional commits viewable in compare view

Updates minimatch from 3.0.4 to 3.1.2

Commits

Updates qs from 6.5.2 to 6.5.3

Changelog

Sourced from qs's changelog.

6.5.3

  • [Fix] parse: ignore __proto__ keys (#428)
  • [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source
  • [Fix] correctly parse nested arrays
  • [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
  • [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
  • [Fix] when parseArrays is false, properly handle keys ending in []
  • [Fix] fix for an impossible situation: when the formatter is called with a non-string value
  • [Fix] utils.merge: avoid a crash with a null target and an array source
  • [Refactor] utils: reduce observable [[Get]]s
  • [Refactor] use cached Array.isArray
  • [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
  • [Refactor] parse: only need to reassign the var once
  • [Robustness] stringify: avoid relying on a global undefined (#427)
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
  • [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
  • [Docs] Clarify the need for "arrayLimit" option
  • [meta] fix README.md (#399)
  • [meta] add FUNDING.yml
  • [actions] backport actions from main
  • [Tests] always use String(x) over x.toString()
  • [Tests] remove nonexistent tape option
  • [Dev Deps] backport from main
Commits
  • 298bfa5 v6.5.3
  • ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
  • 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
  • 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
  • 12ac1c4 [meta] fix README.md (#399)
  • 0338716 [actions] backport actions from main
  • 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
  • 51b8a0b add FUNDING.yml
  • 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
  • f814a7f [Dev Deps] backport from main
  • Additional commits viewable in compare view

Updates word-wrap from 1.2.3 to 1.2.5

Release notes

Sourced from word-wrap's releases.

1.2.5

Changes:

Reverts default value for options.indent to two spaces ' '.

Full Changelog: jonschlinkert/word-wrap@1.2.4...1.2.5

1.2.4

What's Changed

New Contributors

Full Changelog: jonschlinkert/word-wrap@1.2.3...1.2.4

Commits

Updates secp256k1 from 3.7.1 to 3.8.1

Commits

Updates elliptic from 6.5.4 to 6.6.1

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group across 2 directories with 9 updates
04dceff 
Bumps the npm_and_yarn group with 8 updates in the /test directory:

| Package | From | To |
| --- | --- | --- |
| [secp256k1](https://github.com/cryptocoinjs/secp256k1-node) | `3.8.0` | `3.8.1` |
| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.19.1` | `7.26.4` |
| [@grpc/grpc-js](https://github.com/grpc/grpc-node) | `1.5.5` | `1.12.5` |
| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |
| [json5](https://github.com/json5/json5) | `2.2.0` | `2.2.3` |
| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.2` |
| [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.5.3` |
| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |

Bumps the npm_and_yarn group with 1 update in the /test/tools directory: [secp256k1](https://github.com/cryptocoinjs/secp256k1-node).


Updates `secp256k1` from 3.8.0 to 3.8.1
- [Release notes](https://github.com/cryptocoinjs/secp256k1-node/releases)
- [Commits](cryptocoinjs/secp256k1-node@v3.8.0...v3.8.1)

Updates `@babel/traverse` from 7.19.1 to 7.26.4
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.26.4/packages/babel-traverse)

Updates `@grpc/grpc-js` from 1.5.5 to 1.12.5
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/@grpc/[email protected]...@grpc/[email protected])

Updates `decode-uri-component` from 0.2.0 to 0.2.2
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

Updates `json5` from 2.2.0 to 2.2.3
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v2.2.0...v2.2.3)

Updates `minimatch` from 3.0.4 to 3.1.2
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.0.4...v3.1.2)

Updates `qs` from 6.5.2 to 6.5.3
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.5.2...v6.5.3)

Updates `word-wrap` from 1.2.3 to 1.2.5
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5)

Updates `secp256k1` from 3.7.1 to 3.8.1
- [Release notes](https://github.com/cryptocoinjs/secp256k1-node/releases)
- [Commits](cryptocoinjs/secp256k1-node@v3.8.0...v3.8.1)

Updates `elliptic` from 6.5.4 to 6.6.1
- [Commits](indutny/elliptic@v6.5.4...v6.6.1)

---
updated-dependencies:
- dependency-name: secp256k1
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@babel/traverse"
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@grpc/grpc-js"
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: decode-uri-component
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: json5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: word-wrap
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: secp256k1
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: elliptic
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants