Skip to content

Bump the npm_and_yarn group across 3 directories with 16 updates #17

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the npm_and_yarn group across 3 directories with 16 updates #17

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Apr 12, 2025

Bumps the npm_and_yarn group with 1 update in the /chrome/test/data/third_party/spaceport directory: express.
Bumps the npm_and_yarn group with 9 updates in the /tools/android/dependency_analysis/js directory:

Package From To
express 4.18.2 4.21.2
webpack 5.75.0 5.99.5
postcss 8.4.19 8.5.3
css-loader 3.6.0 7.1.2
vue-loader 15.10.1 17.4.2
braces 3.0.2 3.0.3
follow-redirects 1.15.2 1.15.9
minimist 1.2.7 1.2.8
webpack-dev-middleware 5.3.3 5.3.4

Bumps the npm_and_yarn group with 4 updates in the /ui/file_manager/image_loader/piex directory: follow-redirects, minimist, http-server and ws.

Updates express from 2.5.11 to 5.1.0

Release notes

Sourced from express's releases.

v5.1.0

What's Changed

... (truncated)

Changelog

Sourced from express's changelog.

5.1.0 / 2025-03-31

  • Add support for Uint8Array in res.send()
  • Add support for ETag option in res.sendFile()
  • Add support for multiple links with the same rel in res.links()
  • Add funding field to package.json
  • perf: use loop for acceptParams
  • refactor: prefix built-in node module imports
  • deps: remove setprototypeof
  • deps: remove safe-buffer
  • deps: remove utils-merge
  • deps: remove methods
  • deps: remove depd
  • deps: debug@^4.4.0
  • deps: body-parser@^2.2.0
  • deps: router@^2.2.0
  • deps: content-type@^1.0.5
  • deps: finalhandler@^2.1.0
  • deps: qs@^6.14.0
  • deps: [email protected]
  • deps: [email protected]

5.0.1 / 2024-10-08

5.0.0 / 2024-09-10

  • remove:
    • path-is-absolute dependency - use path.isAbsolute instead
  • breaking:
    • res.status() accepts only integers, and input must be greater than 99 and less than 1000
      • will throw a RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000. for inputs outside this range
      • will throw a TypeError: Invalid status code: ${code}. Status code must be an integer. for non integer inputs
    • deps: [email protected]
    • res.redirect('back') and res.location('back') is no longer a supported magic string, explicitly use req.get('Referrer') || '/'.
  • change:
    • res.clearCookie will ignore user provided maxAge and expires options
  • deps: cookie-signature@^1.2.1
  • deps: [email protected]
  • deps: merge-descriptors@^2.0.0
  • deps: serve-static@^2.1.0
  • deps: [email protected]
  • deps: accepts@^2.0.0
  • deps: mime-types@^3.0.0
    • application/javascript => text/javascript
  • deps: type-is@^2.0.0
  • deps: content-disposition@^1.0.0

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.


Updates express from 4.18.2 to 4.21.2

Release notes

Sourced from express's releases.

v5.1.0

What's Changed

... (truncated)

Changelog

Sourced from express's changelog.

5.1.0 / 2025-03-31

  • Add support for Uint8Array in res.send()
  • Add support for ETag option in res.sendFile()
  • Add support for multiple links with the same rel in res.links()
  • Add funding field to package.json
  • perf: use loop for acceptParams
  • refactor: prefix built-in node module imports
  • deps: remove setprototypeof
  • deps: remove safe-buffer
  • deps: remove utils-merge
  • deps: remove methods
  • deps: remove depd
  • deps: debug@^4.4.0
  • deps: body-parser@^2.2.0
  • deps: router@^2.2.0
  • deps: content-type@^1.0.5
  • deps: finalhandler@^2.1.0
  • deps: qs@^6.14.0
  • deps: [email protected]
  • deps: [email protected]

5.0.1 / 2024-10-08

5.0.0 / 2024-09-10

  • remove:
    • path-is-absolute dependency - use path.isAbsolute instead
  • breaking:
    • res.status() accepts only integers, and input must be greater than 99 and less than 1000
      • will throw a RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000. for inputs outside this range
      • will throw a TypeError: Invalid status code: ${code}. Status code must be an integer. for non integer inputs
    • deps: [email protected]
    • res.redirect('back') and res.location('back') is no longer a supported magic string, explicitly use req.get('Referrer') || '/'.
  • change:
    • res.clearCookie will ignore user provided maxAge and expires options
  • deps: cookie-signature@^1.2.1
  • deps: [email protected]
  • deps: merge-descriptors@^2.0.0
  • deps: serve-static@^2.1.0
  • deps: [email protected]
  • deps: accepts@^2.0.0
  • deps: mime-types@^3.0.0
    • application/javascript => text/javascript
  • deps: type-is@^2.0.0
  • deps: content-disposition@^1.0.0

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.


Updates webpack from 5.75.0 to 5.99.5

Release notes

Sourced from webpack's releases.

v5.99.5

Fixes

  • Control dead flow for labeled and blockless statements

v5.99.4

Fixes

  • Fixed terminated state for if/else

v5.99.3

Fixes

  • Fixed dead control flow with deep nested if/else

v5.99.2

Fixes

  • Dead control flow for exotic cases

v5.99.1

Fixes

  • Dead control flow for many cases

v5.99.0

Fixes

  • Fixed a lot of types
  • Fixed runtime error when using asset module as entrypoint and runtimeChunk
  • JSON generator now preserves __proto__ property
  • Fixed when entry module isn't executed when targeting webworker with a runtime chunk
  • Do not duplicate modules with import attributes and reexport
  • The module and module ESM libraries have been union and code generation has been improved
  • Use a valid output path for errored asset modules
  • Remove BOM from JavaScript and CSS files when loader was not used
  • Create export for externals for module/modern-module library
  • Export unprovided variables for commonjs-static library
  • Forward semicolons from meta.webpackAST
  • Use xxhash64 for cache.hashAlgorithm when experiments.futureDefaults enabled
  • [CSS] Fixed profiling plugin for CSS
  • [CSS] Avoid extra module.export output for CSS module

Features

  • Add dead control flow check
  • Handle new Worker(import.meta.url) and new Worker(new URL(import.meta.url)) syntax
  • Added ability to generate custom error content for generators

Performance Improvements

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack since your current version.


Updates postcss from 8.4.19 to 8.5.3

Release notes

Sourced from postcss's releases.

8.5.3

8.5.2

8.5.1

8.5 “Duke Alloces”

PostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.

@​romainmenke during his work on Stylelint added Input#document in additional to Input#css.

root.source.input.document //=> "<p>Hello</p>
                           //    <style>
                           //    p {
                           //      color: green;
                           //    }
                           //    </style>"
root.source.input.css      //=> "p {
                           //      color: green;
                           //    }"

Thanks to Sponsors

This release was possible thanks to our community.

If your company wants to support the sustainability of front-end infrastructure or wants to give some love to PostCSS, you can join our supporters by:

8.4.49

8.4.48

  • Fixed position calculation in error/warnings methods (by @​romainmenke).

8.4.47

  • Removed debug code.

... (truncated)

Changelog

Sourced from postcss's changelog.

8.5.3

8.5.2

8.5.1

8.5 “Duke Alloces”

  • Added Input#document for sources like CSS-in-JS or HTML (by @​romainmenke).

8.4.49

8.4.48

  • Fixed position calculation in error/warnings methods (by @​romainmenke).

8.4.47

  • Removed debug code.

8.4.46

  • Fixed Cannot read properties of undefined (reading 'before').

8.4.45

  • Removed unnecessary fix which could lead to infinite loop.

8.4.44

  • Another way to fix markClean is not a function error.

8.4.43

  • Fixed markClean is not a function error.

8.4.42

  • Fixed CSS syntax error on long minified files (by @​varpstar).

8.4.41

8.4.40

  • Moved to getter/setter in nodes types to help Sass team (by @​nex3).

8.4.39

8.4.38

... (truncated)

Commits

Updates css-loader from 3.6.0 to 7.1.2

Release notes

Sourced from css-loader's releases.

v7.1.2

7.1.2 (2024-05-22)

Bug Fixes

  • keep order of @imports with the webpackIgnore comment (#1600) (76757ef)

v7.1.1

7.1.1 (2024-04-10)

Bug Fixes

  • automatically rename class default to _default when named export is enabled (#1590) (d6c31a1)

v7.1.0

7.1.0 (2024-04-08)

Features

  • added the getJSON option to output CSS modules mapping (#1577) (af834b4)

v7.0.0

7.0.0 (2024-04-04)

⚠ BREAKING CHANGES

  • The modules.namedExport option is true by default if you enable the esModule option

Migration guide:

Before:

import style from "./style.css";
console.log(style.myClass);

After:

import * as style from "./style.css";
console.log(style.myClass);

... (truncated)

Changelog

Sourced from css-loader's changelog.

7.1.2 (2024-05-22)

Bug Fixes

  • keep order of @imports with the webpackIgnore comment (#1600) (76757ef)

7.1.1 (2024-04-10)

Bug Fixes

  • automatically rename class default to _default when named export is enabled (#1590) (d6c31a1)

7.1.0 (2024-04-08)

Features

  • added the getJSON option to output CSS modules mapping (#1577) (af834b4)

7.0.0 (2024-04-04)

⚠ BREAKING CHANGES

  • The modules.namedExport option is true by default if you enable the esModule option

Migration guide:

Before:

import style from "./style.css";
console.log(style.myClass);

After:

import * as style from "./style.css";
console.log(style.myClass);

To restore 6.x behavior, please use:

module.exports = {
</tr></table>

... (truncated)

Commits

Updates vue-loader from 15.10.1 to 17.4.2

Release notes

Sourced from vue-loader's releases.

v17.3.1

Bug Fixes

  • do not skip style post loader for v-bind() in non-scoped CSS (d7071bb), closes #2061

v17.3.0

Bug Fixes

Features

  • skip normal css files without scoped flag in stylePostLoader (#2053) (98782e7)

v17.2.2

Bug Fixes

v17.2.1

Features

  • A new experimentalInlineMatchResource option (webpack 5 only), which leverages webpack 5's inline matchResource feature in the underlying implementation, and works well with the experiments.css feature This also makes vue-loader compatible with Rspack (#2046) (3149f6d).

Note: v17.2.0 was released by accident; it has the same content as v17.1.2, therefore not included in the Releases page.

v17.1.2

Bug Fixes

  • keep build stable when run in a different path (#2040) (a81dc0f)
  • properly close the watcher after webpack 4 tests (40b93b9)

v17.1.1

Bug Fixes

  • support experimental propsDestructure and defineModel options (6269698)

v17.1.0

Bug Fixes

Features

  • support 3.3 imported types hmr (bbd98fc)

Full Changelog: vuejs/vue-loader@v17.0.1...v17.1.0

... (truncated)

Changelog

Sourced from vue-loader's changelog.

17.4.2 (2023-12-30)

Bug Fixes

  • pass compilerOptions to sfc parse & re-enable AST reuse (d2a2e05)

17.4.1 (2023-12-30)

Bug Fixes

  • (temporarily) disable template ast reuse (31b03af)

17.4.0 (2023-12-25)

Features

  • leverage ast reuse in 3.4 (479835f)

17.3.1 (2023-10-31)

Bug Fixes

  • do not skip style post loader for v-bind() in CSS (d7071bb), closes #2061

17.3.0 (2023-10-07)

Bug Fixes

Features

  • skip normal css files without scoped flag in stylePostLoader (#2053) (98782e7)

17.2.2 (2023-06-02)

... (truncated)

Commits

Updates body-parser from 1.20.1 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

  • deps: [email protected]
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

New Contributors

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: [email protected]
Ch...

Description has been truncated

@dependabot
Bump the npm_and_yarn group across 3 directories with 16 updates
25c21a0 
Bumps the npm_and_yarn group with 1 update in the /chrome/test/data/third_party/spaceport directory: [express](https://github.com/expressjs/express).
Bumps the npm_and_yarn group with 9 updates in the /tools/android/dependency_analysis/js directory:

| Package | From | To |
| --- | --- | --- |
| [express](https://github.com/expressjs/express) | `4.18.2` | `4.21.2` |
| [webpack](https://github.com/webpack/webpack) | `5.75.0` | `5.99.5` |
| [postcss](https://github.com/postcss/postcss) | `8.4.19` | `8.5.3` |
| [css-loader](https://github.com/webpack-contrib/css-loader) | `3.6.0` | `7.1.2` |
| [vue-loader](https://github.com/vuejs/vue-loader) | `15.10.1` | `17.4.2` |
| [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.2` | `1.15.9` |
| [minimist](https://github.com/minimistjs/minimist) | `1.2.7` | `1.2.8` |
| [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.3` | `5.3.4` |

Bumps the npm_and_yarn group with 4 updates in the /ui/file_manager/image_loader/piex directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects), [minimist](https://github.com/minimistjs/minimist), [http-server](https://github.com/http-party/http-server) and [ws](https://github.com/websockets/ws).


Updates `express` from 2.5.11 to 5.1.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@2.5.11...v5.1.0)

Updates `express` from 4.18.2 to 4.21.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@2.5.11...v5.1.0)

Updates `webpack` from 5.75.0 to 5.99.5
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](webpack/webpack@v5.75.0...v5.99.5)

Updates `postcss` from 8.4.19 to 8.5.3
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.4.19...8.5.3)

Updates `css-loader` from 3.6.0 to 7.1.2
- [Release notes](https://github.com/webpack-contrib/css-loader/releases)
- [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md)
- [Commits](webpack-contrib/css-loader@v3.6.0...v7.1.2)

Updates `vue-loader` from 15.10.1 to 17.4.2
- [Release notes](https://github.com/vuejs/vue-loader/releases)
- [Changelog](https://github.com/vuejs/vue-loader/blob/main/CHANGELOG.md)
- [Commits](vuejs/vue-loader@v15.10.1...v17.4.2)

Updates `body-parser` from 1.20.1 to 1.20.3
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.20.1...1.20.3)

Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

Updates `cookie` from 0.5.0 to 0.7.1
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Commits](jshttp/cookie@v0.5.0...v0.7.1)

Updates `follow-redirects` from 1.15.2 to 1.15.9
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.9)

Updates `minimist` from 1.2.7 to 1.2.8
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.7...v1.2.8)

Updates `nanoid` from 3.3.4 to 3.3.11
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](ai/nanoid@3.3.4...3.3.11)

Updates `send` from 0.18.0 to 0.19.0
- [Release notes](https://github.com/pillarjs/send/releases)
- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)
- [Commits](pillarjs/send@0.18.0...0.19.0)

Updates `serve-static` from 1.15.0 to 1.16.2
- [Release notes](https://github.com/expressjs/serve-static/releases)
- [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md)
- [Commits](expressjs/serve-static@v1.15.0...v1.16.2)

Updates `webpack-dev-middleware` from 5.3.3 to 5.3.4
- [Release notes](https://github.com/webpack/webpack-dev-middleware/releases)
- [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md)
- [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4)

Updates `follow-redirects` from 1.15.2 to 1.15.9
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.9)

Updates `minimist` from 0.0.10 to 1.2.8
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.7...v1.2.8)

Updates `http-server` from 0.11.2 to 14.1.1
- [Release notes](https://github.com/http-party/http-server/releases)
- [Commits](http-party/http-server@v0.11.2...v14.1.1)

Updates `ws` from 6.2.2 to 6.2.3
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@6.2.2...6.2.3)

---
updated-dependencies:
- dependency-name: express
  dependency-version: 5.1.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: express
  dependency-version: 4.21.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: webpack
  dependency-version: 5.99.5
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-version: 8.5.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: css-loader
  dependency-version: 7.1.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vue-loader
  dependency-version: 17.4.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: body-parser
  dependency-version: 1.20.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-version: 3.0.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cookie
  dependency-version: 0.7.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-version: 1.15.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimist
  dependency-version: 1.2.8
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: nanoid
  dependency-version: 3.3.11
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: send
  dependency-version: 0.19.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serve-static
  dependency-version: 1.16.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: webpack-dev-middleware
  dependency-version: 5.3.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-version: 1.15.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimist
  dependency-version: 1.2.8
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: http-server
  dependency-version: 14.1.1
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-version: 6.2.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants