build(deps): bump the npm_and_yarn group across 2 directories with 8 updates #420

dependabot · 2024-03-28T19:07:53Z

Bumps the npm_and_yarn group with 4 updates in the / directory: express, @babel/traverse, @cypress/request and cypress.
Bumps the npm_and_yarn group with 5 updates in the /example directory:

Package	From	To
express	`4.18.2`	`4.19.2`
@cypress/request	`2.88.11`	`3.0.1`
cypress	`12.17.2`	`13.7.1`
axios	`0.25.0`	`1.6.8`
start-server-and-test	`1.15.2`	`2.0.3`

Updates express from 4.18.2 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

Fix ci after location patch by @wesleytodd in expressjs/express#5552

fixed un-edited version in history.md for 4.19.0 by @wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

fix typo in release date by @UlisesGascon in expressjs/express#5527

docs: nominating @wesleytodd to be project captian by @wesleytodd in expressjs/express#5511

docs: loosen TC activity rules by @wesleytodd in expressjs/express#5510

Add note on how to update docs for new release by @crandmck in expressjs/express#5541

Prevent open redirect allow list bypass due to encodeurl

Release 4.19.0 by @wesleytodd in expressjs/express#5551

New Contributors

@crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

Fix routing requests without method

deps: body-parser@1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: raw-body@2.5.2

Other Changes

Use https: protocol instead of deprecated git: protocol by @vcsjones in expressjs/express#5032

build: Node.js@16.18 and Node.js@18.12 by @abenhamdine in expressjs/express#5034

ci: update actions/checkout to v3 by @armujahid in expressjs/express#5027

test: remove unused function arguments in params by @raksbisht in expressjs/express#5124

Remove unused originalIndex from acceptParams by @raksbisht in expressjs/express#5119

Fixed typos by @raksbisht in expressjs/express#5117

examples: remove unused params by @raksbisht in expressjs/express#5113

fix: parameter str is not described in JSDoc by @raksbisht in expressjs/express#5130

fix: typos in History.md by @raksbisht in expressjs/express#5131

build : add Node.js@19.7 by @abenhamdine in expressjs/express#5028

test: remove unused function arguments in params by @raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: cookie@0.6.0

4.18.3 / 2024-02-29

Fix routing requests without method

deps: body-parser@1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: raw-body@2.5.2

deps: cookie@0.6.0

Add partitioned option

Commits

04bc627 4.19.2
da4d763 Improved fix for open redirect allow list bypass
4f0f6cc 4.19.1
a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
a1fa90f fixed un-edited version in history.md for 4.19.0
11f2b1d build: fix build due to inconsistent supertest behavior in older versions
084e365 4.19.0
0867302 Prevent open redirect allow list bypass due to encodeurl
567c9c6 Add note on how to update docs for new release (#5541)
69a4cf2 deps: cookie@0.6.0
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates @babel/traverse from 7.13.0 to 7.24.1

Release notes

Sourced from @babel/traverse's releases.

v7.24.1 (2024-03-19)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16350 Fix decorated class computed keys ordering (@JLHwung)

#16344 Fix decorated class static field private access (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env

#16329 Respect moduleName for @babel/runtime/regenerator imports (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties

#16331 Fix decorator memoiser binding kind (@JLHwung)

babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

#16325 Fix decorator evaluation private environment (@JLHwung)

📝 Documentation

#16319 Update SECURITY.md (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16359 Replace chalk with picocolors (@nicolo-ribaudo)

babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow

#16352 Run Babel transform tests on old node if possible (@JLHwung)

babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx

#16349 Support merging imports in import injector (@nicolo-ribaudo)

Other

#16332 Test Babel 7 plugins compatibility with Babel 8 core (@nicolo-ribaudo)

🔬 Output optimization

babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime

#16345 Optimize the use of assertThisInitialized after super() (@liuxingbaoyu)

babel-plugin-transform-class-properties, babel-plugin-transform-classes

#16343 Use simpler assertThisInitialized more often (@liuxingbaoyu)

babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse

#16342 Consider well-known and registered symbols as literals (@nicolo-ribaudo)

babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

#16326 Reduce the use of class names (@liuxingbaoyu)

Committers: 4

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

@liuxingbaoyu

v7.24.0 (2024-02-28)

Thanks @ajihyf for your first PR!

Release post with summary and highlights: https://babeljs.io/7.24.0

🚀 New Feature

babel-standalone

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.24.1 (2024-03-19)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16350 Fix decorated class computed keys ordering (@JLHwung)

#16344 Fix decorated class static field private access (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env

#16329 Respect moduleName for @babel/runtime/regenerator imports (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties

#16331 Fix decorator memoiser binding kind (@JLHwung)

babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

#16325 Fix decorator evaluation private environment (@JLHwung)

📝 Documentation

#16319 Update SECURITY.md (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16359 Replace chalk with picocolors (@nicolo-ribaudo)

babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow

#16352 Run Babel transform tests on old node if possible (@JLHwung)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3, babel-runtime, babel-standalone

#16323 Allow separate helpers to be excluded in Babel 8 (@liuxingbaoyu)

babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx

#16349 Support merging imports in import injector (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-bugfix-v8-spread-parameters-in-optional-chaining, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-external-helpers, babel-plugin-proposal-async-do-expressions, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-plugin-proposal-duplicate-named-capturing-groups-regex, babel-plugin-proposal-explicit-resource-management, babel-plugin-proposal-export-default-from, babel-plugin-proposal-function-bind, babel-plugin-proposal-function-sent, babel-plugin-proposal-import-attributes-to-assertions, babel-plugin-proposal-import-defer, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-optional-chaining-assign, babel-plugin-proposal-partial-application, babel-plugin-proposal-pipeline-operator, babel-plugin-proposal-record-and-tuple, babel-plugin-proposal-regexp-modifiers, babel-plugin-proposal-throw-expressions, babel-plugin-syntax-async-do-expressions, babel-plugin-syntax-decimal, babel-plugin-syntax-decorators, babel-plugin-syntax-destructuring-private, babel-plugin-syntax-do-expressions, babel-plugin-syntax-explicit-resource-management, babel-plugin-syntax-export-default-from, babel-plugin-syntax-flow, babel-plugin-syntax-function-bind, babel-plugin-syntax-function-sent, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-plugin-syntax-import-defer, babel-plugin-syntax-import-reflection, babel-plugin-syntax-import-source, babel-plugin-syntax-jsx, babel-plugin-syntax-module-blocks, babel-plugin-syntax-optional-chaining-assign, babel-plugin-syntax-partial-application, babel-plugin-syntax-pipeline-operator, babel-plugin-syntax-record-and-tuple, babel-plugin-syntax-throw-expressions, babel-plugin-syntax-typescript, babel-plugin-transform-arrow-functions, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoped-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-classes, babel-plugin-transform-computed-properties, babel-plugin-transform-destructuring, babel-plugin-transform-dotall-regex, babel-plugin-transform-duplicate-keys, babel-plugin-transform-dynamic-import, babel-plugin-transform-exponentiation-operator, babel-plugin-transform-export-namespace-from, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-for-of, babel-plugin-transform-function-name, babel-plugin-transform-instanceof, babel-plugin-transform-jscript, babel-plugin-transform-json-strings, babel-plugin-transform-literals, babel-plugin-transform-logical-assignment-operators, babel-plugin-transform-member-expression-literals, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-modules-umd, babel-plugin-transform-new-target, babel-plugin-transform-nullish-coalescing-operator, babel-plugin-transform-numeric-separator, babel-plugin-transform-object-assign, babel-plugin-transform-object-rest-spread, babel-plugin-transform-object-set-prototype-of-to-assign, babel-plugin-transform-object-super, babel-plugin-transform-optional-catch-binding, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-property-literals, babel-plugin-transform-property-mutators, babel-plugin-transform-proto-to-assign, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-display-name, babel-plugin-transform-react-inline-elements, babel-plugin-transform-react-jsx-compat, babel-plugin-transform-react-jsx-self, babel-plugin-transform-react-jsx-source, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-reserved-words, babel-plugin-transform-runtime, babel-plugin-transform-shorthand-properties, babel-plugin-transform-spread, babel-plugin-transform-sticky-regex, babel-plugin-transform-strict-mode, babel-plugin-transform-template-literals, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-plugin-transform-unicode-escapes, babel-plugin-transform-unicode-property-regex, babel-plugin-transform-unicode-regex, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow, babel-preset-react, babel-preset-typescript

#16332 Test Babel 7 plugins compatibility with Babel 8 core (@nicolo-ribaudo)

babel-compat-data, babel-plugin-transform-object-rest-spread, babel-preset-env

#16318 [babel 8] Fix @babel/compat-data package.json (@nicolo-ribaudo)

🔬 Output optimization

babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime

#16345 Optimize the use of assertThisInitialized after super() (@liuxingbaoyu)

babel-plugin-transform-class-properties, babel-plugin-transform-classes

#16343 Use simpler assertThisInitialized more often (@liuxingbaoyu)

babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse

#16342 Consider well-known and registered symbols as literals (@nicolo-ribaudo)

babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

#16326 Reduce the use of class names (@liuxingbaoyu)

v7.24.0 (2024-02-28)

🚀 New Feature

babel-standalone

#11696 Export babel tooling packages in @babel/standalone (@ajihyf)

babel-core, babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-transform-class-properties

#16267 Implement noUninitializedPrivateFieldAccess assumption (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-syntax-decorators, babel-plugin-transform-class-properties, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16242 Support decorator 2023-11 normative updates (@JLHwung)

babel-preset-flow

#16309 [babel 7] Allow setting ignoreExtensions in Flow preset (@nicolo-ribaudo)

... (truncated)

Commits

822b025 v7.24.1
fc0d5ad Update typescript and lint tools (#16351)
69e7928 Consider well-known and registered symbols as literals (#16342)
40110e9 Update source map deps (#16327)
ce59160 v7.24.0
bd5abd5 fix: avoid popContext on unvisited node paths (#16305)
08a057c Use Object.hasOwn when available (#16248)
a0dd614 v7.23.9
1200542 fix: Don't throw in getTypeAnnotation when using TS+inference (#15383)
e428a6d v7.23.7
Additional commits viewable in compare view

Updates @cypress/request from 2.88.11 to 3.0.1

Release notes

Sourced from @cypress/request's releases.

v3.0.1

3.0.1 (2023-09-06)

Bug Fixes

deps: peg qs to 6.10.4 (fb9f625)

v3.0.0

3.0.0 (2023-08-08)

Features

Add allowInsecureRedirect option (c5bcf21)

BREAKING CHANGES

The allowInsecureRedirect is false by default, which may cause issues if your usage relies on insecure redirects. For the former behavior, you can opt in to insecure redirects by setting the option to true, but it is not recommended.

Co-authored-by: Szymon Drosdzol szymon@doyensec.com

v2.88.12

2.88.12 (2023-08-01)

Bug Fixes

request: update tough-cookie dep (0664780)

Changelog

Sourced from @cypress/request's changelog.

Change Log

v2.88.0 (2018/08/10)

#2996 fix(uuid): import versioned uuid (@kwonoj)

#2994 Update to oauth-sign 0.9.0 (@dlecocq)

#2993 Fix header tests (@simov)

#2904 #515, #2894 Strip port suffix from Host header if the protocol is known. (#2904) (@paambaati)

#2791 Improve AWS SigV4 support. (#2791) (@vikhyat)

#2977 Update test certificates (@simov)

v2.87.0 (2018/05/21)

#2943 Replace hawk dependency with a local implemenation (#2943) (@hueniverse)

v2.86.0 (2018/05/15)

#2885 Remove redundant code (for Node.js 0.9.4 and below) and dependency (@ChALkeR)

#2942 Make Test GREEN Again! (@simov)

#2923 Alterations for failing CI tests (@gareth-robinson)

v2.85.0 (2018/03/12)

#2880 Revert "Update hawk to 7.0.7 (#2880)" (@simov)

v2.84.0 (2018/03/12)

#2793 Fixed calculation of oauth_body_hash, issue #2792 (@dvishniakov)

#2880 Update hawk to 7.0.7 (#2880) (@kornel-kedzierski)

v2.83.0 (2017/09/27)

#2776 Updating tough-cookie due to security fix. (#2776) (@karlnorling)

v2.82.0 (2017/09/19)

#2703 Add Node.js v8 to Travis CI (@ryysud)

#2751 Update of hawk and qs to latest version (#2751) (@Olivier-Moreau)

#2658 Fixed some text in README.md (#2658) (@Marketionist)

#2635 chore(package): update aws-sign2 to version 0.7.0 (#2635) (@greenkeeperio-bot)

#2641 Update README to simplify & update convenience methods (#2641) (@FredKSchott)

#2541 Add convenience method for HTTP OPTIONS (#2541) (@jamesseanwright)

#2605 Add promise support section to README (#2605) (@FredKSchott)

#2579 refactor(lint): replace eslint with standard (#2579) (@ahmadnassri)

#2598 Update codecov to version 2.0.2 🚀 (@greenkeeperio-bot)

#2590 Adds test-timing keepAlive test (@nicjansma)

#2589 fix tabulation on request example README.MD (@odykyi)

#2594 chore(dependencies): har-validator to 5.x [removes babel dep] (@ahmadnassri)

v2.81.0 (2017/03/09)

#2584 Security issue: Upgrade qs to version 6.4.0 (@sergejmueller)

#2578 safe-buffer doesn't zero-fill by default, its just a polyfill. (#2578) (@mikeal)

#2566 Timings: Tracks 'lookup', adds 'wait' time, fixes connection re-use (#2566) (@nicjansma)

#2574 Migrating to safe-buffer for improved security. (@mikeal)

#2573 fixes #2572 (@ahmadnassri)

v2.80.0 (2017/03/04)

... (truncated)

Commits

ca62f3a Merge pull request #44 from MikeMcC399/peg/qs
fb9f625 fix(deps): peg qs to 6.10.4
99338c8 chore: updates related to release process (#41)
c5bcf21 feat: Add allowInsecureRedirect option
0664780 fix(request): update tough-cookie dep
30def80 Merge pull request #39 from cypress-io/jordanpowell88/update-pkg-version
6b79405 update package version
bfbb95f Merge pull request #32 from BreakBB/fix-cve-2023-26136
a67e132 pin 18.16
825485a revert back to yarn but v 18
Additional commits viewable in compare view

Updates cypress from 12.17.2 to 13.7.1

Release notes

Sourced from cypress's releases.

v13.7.1

Changelog: https://docs.cypress.io/guides/references/changelog#13-7-1

v13.7.0

Changelog: https://docs.cypress.io/guides/references/changelog#13-7-0

v13.6.6

Changelog: https://docs.cypress.io/guides/references/changelog#13-6-6

v13.6.5

Changelog: https://docs.cypress.io/guides/references/changelog#13-6-5

v13.6.4

Changelog: https://docs.cypress.io/guides/references/changelog#13-6-4

v13.6.3

Changelog: https://docs.cypress.io/guides/references/changelog#13-6-3

v13.6.2

Changelog: https://docs.cypress.io/guides/references/changelog#13-6-2

v13.6.1

Changelog: https://docs.cypress.io/guides/references/changelog#13-6-1

v13.6.0

Changelog: https://docs.cypress.io/guides/references/changelog#13-6-0

v13.5.1

Changelog: https://docs.cypress.io/guides/references/changelog#13-5-1

v.13.5.0

Changelog: https://docs.cypress.io/guides/references/changelog#13-5-0

v13.4.0

Changelog: https://docs.cypress.io/guides/references/changelog#13-4-0

v13.3.3

Changelog: https://docs.cypress.io/guides/references/changelog#13-3-3

v13.3.2

Changelog: https://docs.cypress.io/guides/references/changelog#13-3-2

v13.3.1

Changelog: https://docs.cypress.io/guides/references/changelog#13-3-1

v13.3.0

Changelog: https://docs.cypress.io/guides/references/changelog#13-3-0

v13.2.0

Changelog: https://docs.cypress.io/guides/references/changelog#13-2-0

... (truncated)

Commits

f17fa4c chore: release 13.7.1 (#29184)
9c27c37 fix: patch new tab creation for firefox 124 and up to fix issue where… (#29179)
ef66293 chore: skip rerun tests inside driver integration for chromium browse… (#29182)
75eba1e fix: fixing issue with blurring shadow dom elements (#29125)
7735405 chore: skip flaky tests (#29149)
fe97eec chore: keep example app/assets in yarn autoclean (#29159)
e9b3d43 chore: Update v8 snapshot cache (#29152)
9a3e25c docs: correct link from examples readme to pr contributing (#29163)
85b85dd docs: add more details to the @packages/example deploy process (#29136)
9f1ef29 chore: Update v8 snapshot cache (#29140)
Additional commits viewable in compare view

Updates tough-cookie from 2.5.0 to 4.1.3

Release notes

Sourced from tough-cookie's releases.

4.1.3

Security fix for Prototype Pollution discovery in #282. This is a minor release, although output from the inspect utility is affected by this change, we felt this change was important enough to be pushed into the next patch.

4.1.2 -- Patch and Bugfix Release

What's Changed

fix: allow set cookies with localhost by @colincasey in salesforce/tough-cookie#253

Full Changelog: salesforce/tough-cookie@v4.1.1...v4.1.2

4.1.1

Patch Release

What's Changed

fix: allow special use domains by default by @colincasey in salesforce/tough-cookie#249

4.1.1 Patch -- allow special use domains by default by @awaterma in salesforce/tough-cookie#250

Full Changelog: salesforce/tough-cookie@v4.1.0...v4.1.1

4.1.0

v4.1.0

Minor release, focused mainly on resolving reported issues and some minor feature work.

What's Changed

Create CHANGELOG.md by @ShivanKaul in salesforce/tough-cookie#189

Missing param validation issue145 by @medelibero-sfdc in salesforce/tough-cookie#193

Create SECURITY.md by @ShivanKaul in salesforce/tough-cookie#201

Create CODE_OF_CONDUCT.md by @ShivanKaul in salesforce/tough-cookie#200

Fix for issue #195 by @medelibero-sfdc in salesforce/tough-cookie#202

Add explanation and more special-use domains by @ShivanKaul in salesforce/tough-cookie#203

Sync of constructor options for serialization by @medelibero-sfdc in salesforce/tough-cookie#204

Returned null in case of empty cookie value by @vsin12 in salesforce/tough-cookie#196

132 str trim not a function by @awaterma in salesforce/tough-cookie#209

Fix for issue #153 by @medelibero-sfdc in salesforce/tough-cookie#210

Fix permuteDomain with trailing dot by @ruoho-sfdc in salesforce/tough-cookie#216

Issue #213 -- added gh-actions flow for building and testing tough-co… by @awaterma in salesforce/tough-cookie#218

Issue #210 -- Updated workflow to use npm install. by @awaterma in salesforce/tough-cookie#220

@GH-215 -- Tests that document localhost behavior when set as domain. by @awaterma in salesforce/tough-cookie#221

fix: MemoryCookieStore methods should exist on the prototype, not on the class. by @wjhsf in salesforce/tough-cookie#226

Unit test cases for allowSpecialUseDomain option by @colincasey in salesforce/tough-cookie#225

[Snyk] Upgrade universalify from 0.1.2 to 0.2.0 by @snyk-bot in salesforce/tough-cookie#228

React Native Support by @colincasey in salesforce/tough-cookie#227

Adding Updating CODEOWNERS with ECCN as per Export Control Compliance by @svc-scm in salesforce/tough-cookie#223

fix: domain match routine by @colincasey in salesforce/tough-cookie#236

Stop using the internal NodeJS punycode module by @gboer in salesforce/tough-cookie#238

Initial documentation review by @mcarey86 in salesforce/tough-cookie#234

fix: distinguish between no samesite and samesite=none by @colincasey in salesforce/tough-cookie#240

Prepare tough-cookie 4.1 for publishing (updated GitHub actions, move… by @awaterma in salesforce/tough-cookie#242

4.1.0 release to NPM by @awaterma in salesforce/tough-cookie#245

... (truncated)

Commits

4ff4d29 4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)
12d4747 Prevent prototype pollution in cookie memstore (#283)
f06b72d Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...
b1a8898 fix: allow set cookies with localhost (#253)
ec70796 4.1.1 Patch -- allow special use domains by default (#250)
d4ac580 fix: allow special use domains by default (#249)
79c2f7d 4.1.0 release to NPM (#245)
4fafc17 Prepare tough-cookie 4.1 for publishing (updated GitHub actions, move Dockerf...
aa4396d fix: distinguish between no samesite and samesite=none (#240)
b8d7511 Modernize README (#234)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by awaterma, a new releaser for tough-cookie since your current version.

Updates express from 4.18.2 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

Fix ci after location patch by @wesleytodd in expressjs/express#5552

fixed un-edited version in history.md for 4.19.0 by @wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

fix typo in release date by @UlisesGascon in expressjs/express#5527

docs: nominating @wesleytodd to be project captian by @wesleytodd in expressjs/express#5511

docs: loosen TC activity rules by @wesleytodd in

…updates Bumps the npm_and_yarn group with 4 updates in the / directory: [express](https://github.com/expressjs/express), [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse), [@cypress/request](https://github.com/cypress-io/request) and [cypress](https://github.com/cypress-io/cypress). Bumps the npm_and_yarn group with 5 updates in the /example directory: | Package | From | To | | --- | --- | --- | | [express](https://github.com/expressjs/express) | `4.18.2` | `4.19.2` | | [@cypress/request](https://github.com/cypress-io/request) | `2.88.11` | `3.0.1` | | [cypress](https://github.com/cypress-io/cypress) | `12.17.2` | `13.7.1` | | [axios](https://github.com/axios/axios) | `0.25.0` | `1.6.8` | | [start-server-and-test](https://github.com/bahmutov/start-server-and-test) | `1.15.2` | `2.0.3` | Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) Updates `@babel/traverse` from 7.13.0 to 7.24.1 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.1/packages/babel-traverse) Updates `@cypress/request` from 2.88.11 to 3.0.1 - [Release notes](https://github.com/cypress-io/request/releases) - [Changelog](https://github.com/cypress-io/request/blob/master/CHANGELOG.md) - [Commits](cypress-io/request@v2.88.11...v3.0.1) Updates `cypress` from 12.17.2 to 13.7.1 - [Release notes](https://github.com/cypress-io/cypress/releases) - [Changelog](https://github.com/cypress-io/cypress/blob/develop/CHANGELOG.md) - [Commits](cypress-io/cypress@v12.17.2...v13.7.1) Updates `tough-cookie` from 2.5.0 to 4.1.3 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v2.5.0...v4.1.3) Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) Updates `@cypress/request` from 2.88.11 to 3.0.1 - [Release notes](https://github.com/cypress-io/request/releases) - [Changelog](https://github.com/cypress-io/request/blob/master/CHANGELOG.md) - [Commits](cypress-io/request@v2.88.11...v3.0.1) Updates `cypress` from 12.17.2 to 13.7.1 - [Release notes](https://github.com/cypress-io/cypress/releases) - [Changelog](https://github.com/cypress-io/cypress/blob/develop/CHANGELOG.md) - [Commits](cypress-io/cypress@v12.17.2...v13.7.1) Updates `tough-cookie` from 2.5.0 to 4.1.3 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v2.5.0...v4.1.3) Updates `axios` from 0.25.0 to 1.6.8 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v0.25.0...v1.6.8) Updates `start-server-and-test` from 1.15.2 to 2.0.3 - [Release notes](https://github.com/bahmutov/start-server-and-test/releases) - [Commits](bahmutov/start-server-and-test@v1.15.2...v2.0.3) Updates `follow-redirects` from 1.15.2 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.6) --- updated-dependencies: - dependency-name: express dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: "@cypress/request" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: cypress dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: "@cypress/request" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: cypress dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: axios dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: start-server-and-test dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2024-06-04T10:40:28Z

Superseded by #436.

dependabot bot added the Type: dependencies Pull requests that update a dependency file label Mar 28, 2024

dependabot bot mentioned this pull request Mar 28, 2024

build(deps): bump the npm_and_yarn group across 2 directories with 7 updates #415

Closed

dependabot bot closed this Jun 4, 2024

dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-security-group-9f4d3df3e3 branch June 4, 2024 10:40

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the npm_and_yarn group across 2 directories with 8 updates #420

build(deps): bump the npm_and_yarn group across 2 directories with 8 updates #420

dependabot bot commented on behalf of github Mar 28, 2024

dependabot bot commented on behalf of github Jun 4, 2024

build(deps): bump the npm_and_yarn group across 2 directories with 8 updates #420

build(deps): bump the npm_and_yarn group across 2 directories with 8 updates #420

Conversation

dependabot bot commented on behalf of github Mar 28, 2024

4.19.2

What's Changed

4.19.1

What's Changed

4.19.0

What's Changed

New Contributors

4.18.3

Main Changes

Other Changes

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

Committers: 4

v7.24.0 (2024-02-28)

🚀 New Feature

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

v7.24.0 (2024-02-28)

🚀 New Feature

v3.0.1

3.0.1 (2023-09-06)

Bug Fixes

v3.0.0

3.0.0 (2023-08-08)

Features

BREAKING CHANGES

v2.88.12

2.88.12 (2023-08-01)

Bug Fixes

Change Log

v2.88.0 (2018/08/10)

v2.87.0 (2018/05/21)

v2.86.0 (2018/05/15)

v2.85.0 (2018/03/12)

v2.84.0 (2018/03/12)

v2.83.0 (2017/09/27)

v2.82.0 (2017/09/19)

v2.81.0 (2017/03/09)

v2.80.0 (2017/03/04)

v13.7.1

v13.7.0

v13.6.6

v13.6.5

v13.6.4

v13.6.3

v13.6.2

v13.6.1

v13.6.0

v13.5.1

v.13.5.0

v13.4.0

v13.3.3

v13.3.2

v13.3.1

v13.3.0

v13.2.0

4.1.3

4.1.2 -- Patch and Bugfix Release

What's Changed

4.1.1

Patch Release

What's Changed

4.1.0

What's Changed

4.19.2

What's Changed