Security updates from Dependabot #67

wojtekzyla · 2024-04-02T14:05:56Z

No description provided.

Bumps [mongodb](https://github.com/mongodb/node-mongodb-native) from 4.17.2 to 5.8.0. - [Release notes](https://github.com/mongodb/node-mongodb-native/releases) - [Changelog](https://github.com/mongodb/node-mongodb-native/blob/v5.8.0/HISTORY.md) - [Commits](mongodb/node-mongodb-native@v4.17.2...v5.8.0) --- updated-dependencies: - dependency-name: mongodb dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

) Bumps [@adobe/css-tools](https://github.com/adobe/css-tools) from 4.2.0 to 4.3.3. - [Changelog](https://github.com/adobe/css-tools/blob/main/History.md) - [Commits](https://github.com/adobe/css-tools/commits) --- updated-dependencies: - dependency-name: "@adobe/css-tools" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.3 to 5.3.4. - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) --- updated-dependencies: - dependency-name: webpack-dev-middleware dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [express](https://github.com/expressjs/express) from 4.18.1 to 4.19.2. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.1...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…#63) Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.1 to 1.15.6. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.1...v1.15.6) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [ip](https://github.com/indutny/node-ip) from 2.0.0 to 2.0.1. - [Commits](indutny/node-ip@v2.0.0...v2.0.1) --- updated-dependencies: - dependency-name: ip dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: wojtekzyla <108660584+wojtekzyla@users.noreply.github.com>

## [1.0.2-beta.1](v1.0.1...v1.0.2-beta.1) (2024-04-02) ### Bug Fixes * bump axios from 1.6.7 to 1.6.8 ([#66](#66)) ([cb3a134](cb3a134))

ajasnosz · 2024-04-03T08:08:32Z

Add description on what version were updated here or to release notes.

srv-rr-github-token · 2024-04-04T14:06:09Z

🎉 This PR is included in version 1.0.2-beta.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

wojtekzyla · 2024-04-05T07:22:37Z

Updated the following dependencies from frontend/packages/manager/package.json and frontend/package.json:

mongodb from "^4.8.0" to "^5.8.0"
axios from "^1.6.0" to "^1.6.8"

Other updates from yarn.lock:

body-parser from "1.20.0" to "1.20.2"
content-type from "1.0.4" to "1.0.5"
cookie from "0.5.0" to "0.6.0"
express from "4.18.2" to "4.19.2"
follow-redirects from versions "1.15.1", "1.15.2", "1.15.5" to single version "1.15.6."
ip from "2.0.0" to "2.0.1"
qs from "6.10.3" to "6.11.0"
raw-body from "2.5.1" to "2.5.2"
webpack-dev-middleware from "5.3.3" to "5.3.4"

srv-rr-github-token · 2024-04-05T12:47:49Z

🎉 This PR is included in version 1.0.2 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

dependabot bot and others added 8 commits April 2, 2024 15:31

fix: bump axios from 1.6.7 to 1.6.8 (#66)

cb3a134

chore(release): 1.0.2-beta.1

46738f9

## [1.0.2-beta.1](v1.0.1...v1.0.2-beta.1) (2024-04-02) ### Bug Fixes * bump axios from 1.6.7 to 1.6.8 ([#66](#66)) ([cb3a134](cb3a134))

wojtekzyla requested a review from ajasnosz April 2, 2024 14:27

ajasnosz approved these changes Apr 3, 2024

View reviewed changes

wojtekzyla merged commit 9f26c5b into main Apr 3, 2024
12 checks passed

wojtekzyla deleted the develop branch April 3, 2024 08:19

srv-rr-github-token added the released on @beta label Apr 4, 2024

srv-rr-github-token added the released label Apr 5, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security updates from Dependabot #67

Security updates from Dependabot #67

wojtekzyla commented Apr 2, 2024

ajasnosz commented Apr 3, 2024

srv-rr-github-token commented Apr 4, 2024

wojtekzyla commented Apr 5, 2024

srv-rr-github-token commented Apr 5, 2024

Security updates from Dependabot #67

Security updates from Dependabot #67

Conversation

wojtekzyla commented Apr 2, 2024

ajasnosz commented Apr 3, 2024

srv-rr-github-token commented Apr 4, 2024

wojtekzyla commented Apr 5, 2024

srv-rr-github-token commented Apr 5, 2024