Bump the npm_and_yarn group with 11 updates #77

dependabot · 2024-09-11T07:19:34Z

Bumps the npm_and_yarn group with 11 updates:

Package	From	To
karma	`6.3.4`	`6.4.4`
body-parser	`1.19.0`	`1.20.3`
json5	`2.2.0`	`2.2.3`
log4js	`6.3.0`	`6.9.1`
minimist	`1.2.5`	`1.2.8`
nanoid	`3.1.23`	`3.3.1`
mocha	`9.0.3`	`9.2.2`
qs	`6.7.0`	`6.13.0`
socket.io	`3.1.2`	`4.7.5`
socket.io-parser	`4.0.4`	`4.2.4`
ws	`7.4.6`	`8.17.1`

Updates karma from 6.3.4 to 6.4.4

Release notes

Sourced from karma's releases.

v6.4.4

6.4.4 (2024-07-29)

v6.4.3

6.4.3 (2024-02-24)

Bug Fixes

add build commits for patch release (d7f2d69)

v6.4.2

6.4.2 (2023-04-21)

Bug Fixes

few typos (c6a4271)

v6.4.1

6.4.1 (2022-09-19)

Bug Fixes

pass integrity value (63d86be)

v6.4.0

6.4.0 (2022-06-14)

Features

support SRI verification of link tags (dc51a2e)

support SRI verification of script tags (6a54b1c)

v6.3.20

6.3.20 (2022-05-13)

Bug Fixes

prefer IPv4 addresses when resolving domains (e17698f), closes #3730

v6.3.19

6.3.19 (2022-04-19)

Bug Fixes

... (truncated)

Changelog

Sourced from karma's changelog.

6.4.4 (2024-07-29)

6.4.3 (2024-02-24)

Bug Fixes

add build commits for patch release (d7f2d69)

6.4.2 (2023-04-21)

Bug Fixes

few typos (c6a4271)

6.4.1 (2022-09-19)

Bug Fixes

pass integrity value (63d86be)

6.4.0 (2022-06-14)

Features

support SRI verification of link tags (dc51a2e)

support SRI verification of script tags (6a54b1c)

6.3.20 (2022-05-13)

Bug Fixes

prefer IPv4 addresses when resolving domains (e17698f), closes #3730

6.3.19 (2022-04-19)

Bug Fixes

client: error out when opening a new tab fails (099b85e)

6.3.18 (2022-04-13)

Bug Fixes

... (truncated)

Commits

84f85e7 chore(release): 6.4.4 [skip ci]
a4d1284 build(deps-dev): bump ws from 6.2.1 to 6.2.3
d8cf806 chore(release): 6.4.3 [skip ci]
d7f2d69 fix: add build commits for patch release
85a2eeb build(deps-dev): bump decode-uri-component from 0.2.0 to 0.2.2
0bffce2 build(deps): updated socket.io version to fix security issues with socket.io-...
86667ab build(deps): bump follow-redirects from 1.11.0 to 1.15.4
450fdfd docs: Add deprecation notice to Karma README
9de3c00 chore(release): 6.4.2 [skip ci]
c6a4271 fix: few typos
Additional commits viewable in compare view

Updates body-parser from 1.19.0 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/body-parser#522

ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/body-parser#523

fix: pin to [email protected] by @wesleytodd in expressjs/body-parser#527

deps: [email protected] by @melikhov-dev in expressjs/body-parser#521

Add OSSF Scorecard badge by @bjohansebas in expressjs/body-parser#531

Linter by @UlisesGascon in expressjs/body-parser#534

Release: 1.20.3 by @UlisesGascon in expressjs/body-parser#535

New Contributors

@inigomarquinez made their first contribution in expressjs/body-parser#522

@melikhov-dev made their first contribution in expressjs/body-parser#521

@bjohansebas made their first contribution in expressjs/body-parser#531

@UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: [email protected]

1.20.1

deps: [email protected]

perf: remove unnecessary object clone

1.20.0

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

... (truncated)

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: [email protected]

1.20.1 / 2022-10-06

deps: [email protected]

perf: remove unnecessary object clone

1.20.0 / 2022-04-02

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

1.19.2 / 2022-02-15

deps: [email protected]

deps: [email protected]

Fix handling of __proto__ keys

deps: [email protected]

deps: [email protected]

1.19.1 / 2021-12-10

... (truncated)

Commits

1752951 1.20.3
39744cf chore: linter (#534)
b2695c4 Merge commit from fork
ade0f3f add scorecard to readme (#531)
99a1bd6 deps: [email protected] (#521)
9478591 fix: pin to [email protected]
83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
9d4e212 chore: add support for OSSF scorecard reporting (#522)
ee91374 1.20.2
368a93a Fix strict json error message on Node.js 19+
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates json5 from 2.2.0 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Commits

c3a7524 2.2.3
94fd06d docs: update CHANGELOG for v2.2.3
3b8cebf docs(security): use GitHub security advisories
f0fd9e1 docs: publish a security policy
6a91a05 docs(template): bug -> bug report
14f8cb1 2.2.2
10cc7ca docs: update CHANGELOG for v2.2.2
7774c10 fix: add proto to objects and arrays
edde30a Readme: slight tweak to intro
97286f8 Improve example in readme
Additional commits viewable in compare view

Updates log4js from 6.3.0 to 6.9.1

Changelog

Sourced from log4js's changelog.

6.9.1

fix(7922e82): regex for stacktrace - thanks @lamweili

addresses #1377 which has a regression since 6.8.0 from #1363 at commit 7922e82

6.9.0

feat: support for idempotent logging on browser - thanks @aellerton

addresses #968, #1270, #1288, #1372

docs: added that log4js.getLogger() may call log4js.configure() - thanks @lamweili

6.8.0

feat: added log4js.isConfigured() API - thanks @lamweili

docs: added log4js.isConfigured() - thanks @lamweili

feat(layout): support a specifier on %m - thanks @lamweili

fix: tilde expansion for windows - thanks @lamweili

docs: updated typescript usage - thanks @lamweili

test: improved test for fileAppender - thanks @lamweili

ci: generate coverage report in both text and html - thanks @lamweili

ci: replaced deprecated github set-output - thanks @lamweili

chore(deps): updated dependencies - thanks @lamweili

chore(deps): bump streamroller from 3.1.3 to 3.1.5

chore(deps): updated package-lock.json

chore(deps-dev): updated dependencies - thanks @lamweili

chore(deps-dev): bump @commitlint/cli from 17.3.0 to 17.4.4

chore(deps-dev): bump @commitlint/config-conventional from 17.3.0 to 17.4.4

chore(deps-dev): bump eslint from 8.28.0 to 8.34.0

chore(deps-dev): bump eslint-config-prettier from 8.5.0 to 8.6.0

chore(deps-dev): bump eslint-import-resolver-node from 0.3.6 to 0.3.7

chore(deps-dev): bump eslint-plugin-import from 2.26.0 to 2.27.5

chore(deps-dev): bump fs-extra from 10.1.0 to 11.1.0

chore(deps-dev): bump husky from 8.0.2 to 8.0.3

chore(deps-dev): bump prettier from 2.8.0 to 2.8.4

chore(deps-dev): bump tap from 16.3.2 to 16.3.4

chore(deps-dev): bump typescript from 4.9.3 to 4.9.5

chore(deps-dev): updated package-lock.json

chore(deps-dev): bump json5 from 1.0.1 to 1.0.2 - thanks @Dependabot

6.7.1

type: updated Configuration.levels type to allow for custom log levels - thanks @lamweili

docs: fixed typo in layouts.md - thanks @dtslvr

chore(deps-dev): updated dependencies - thanks @lamweili

chore(deps-dev): bump @commitlint/cli from 17.1.2 to 17.3.0

chore(deps-dev): bump @commitlint/config-conventional from 17.1.0 to 17.3.0

chore(deps-dev): bump eslint from 8.24.0 to 8.28.0

chore(deps-dev): bump husky from 8.0.1 to 8.0.2

chore(deps-dev): bump prettier from 2.7.1 to 2.8.0

chore(deps-dev): bump tap from 16.3.0 to 16.3.2

... (truncated)

Commits

26dcec6 6.9.1
63ae5b9 Merge pull request #1379 from log4js-node/update-docs
185fa66 docs: updated changelog for 6.9.1
ed54dc2 Merge pull request #1378 from log4js-node/1377-defaultparsecallstack-cant-par...
2628688 fix(7922e82): regex for stacktrace
b3919d8 6.9.0
7cfe8a4 Merge pull request #1376 from log4js-node/update-docs
f89e7b6 docs: updated changelog for 6.9.0
0082928 Merge pull request #1375 from log4js-node/update-docs
c0db6a4 docs: added that log4js.getLogger() may call log4js.configure()
Additional commits viewable in compare view

Updates minimist from 1.2.5 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

[Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)

[Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)

[Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

[Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)

[Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)

[Fix] Fix long option followed by single dash [#15](https://github.com/minimistjs/minimist/issues/15)

[Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)

[Fix] Fix handling of short option with non-trivial equals [#5](https://github.com/minimistjs/minimist/issues/5)

[Tests] Remove duplicate test [#8](https://github.com/minimistjs/minimist/issues/8)

[Fix] opt.string works with multiple aliases [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

Merge tag 'v0.2.3' a026794

[eslint] fix indentation and whitespace 5368ca4

[eslint] fix indentation and whitespace e5f5067

[eslint] more cleanup 62fde7d

[eslint] more cleanup 36ac5d0

[meta] add auto-changelog 73923d2

[actions] add reusable workflows d80727d

[eslint] add eslint; rules to enable later are warnings 48bc06a

[eslint] fix indentation 34b0f1c

[readme] rename and add badges 5df0fe4

[Dev Deps] switch from covert to nyc a48b128

[Dev Deps] update covert, tape; remove unnecessary tap f0fb958

[meta] create FUNDING.yml; add funding in package.json 3639e0c

[meta] use npmignore to autogenerate an npmignore file be2e038

Only apps should have lockfiles 282b570

isConstructorOrProto adapted from PR ef9153f

[Dev Deps] update @ljharb/eslint-config, aud 098873c

[Dev Deps] update @ljharb/eslint-config, aud 3124ed3

[meta] add safe-publish-latest 4b927de

[Tests] add aud in posttest b32d9bd

[meta] update repo URLs f9fdfc0

[actions] Avoid 0.6 tests due to build failures ba92fe6

[Dev Deps] update tape 950eaa7

[Dev Deps] add missing npmignore dev dep 3226afa

Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits

6901ee2 v1.2.8
a026794 Merge tag 'v0.2.3'
c0b2661 v0.2.3
63b8fee [Fix] Fix long option followed by single dash (#17)
72239e6 [Tests] Remove duplicate test (#12)
34b0f1c [eslint] fix indentation
3226afa [Dev Deps] add missing npmignore dev dep
098873c [Dev Deps] update @ljharb/eslint-config, aud
9ec4d27 [Fix] Fix long option followed by single dash
ba92fe6 [actions] Avoid 0.6 tests due to build failures
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.

Updates nanoid from 3.1.23 to 3.3.1

Changelog

Sourced from nanoid's changelog.

3.3.1

Reduced package size.

3.3

Added size argument to function from customAlphabet (by Stefan Sundin).

3.2

Added --size and --alphabet arguments to binary (by Vitaly Baev).

3.1.32

Reduced async exports size (by Artyom Arutyunyan).

Moved from Jest to uvu (by Vitaly Baev).

3.1.31

Fixed collision vulnerability on object in size (by Artyom Arutyunyan).

3.1.30

Reduced size for project with brotli compression (by Anton Khlynovskiy).

3.1.29

Reduced npm package size.

3.1.28

Reduced npm package size.

3.1.27

Cleaned dependencies from development tools.

3.1.26

Improved performance (by Eitan Har-Shoshanim).

Reduced npm package size.

3.1.25

Fixed browserify support.

3.1.24

Fixed browserify support (by Artur Paikin).

Commits

ec6f809 Release 3.3.1 version
c7d8578 Update dependencies
05b2596 Remove old tests
368a6e7 Remove process.env.NODE_ENV
ee7dee3 Remove @napi-rs/uuid to fix CI
defe20f Try to fix CI
ee85121 Try to fix CI
c7f4219 Sync English and Russian docs
f74a41d Release 3.3 version
9c09cdc Fix coverage config
Additional commits viewable in compare view

Updates mocha from 9.0.3 to 9.2.2

Release notes

Sourced from mocha's releases.

v9.2.2

9.2.2 / 2022-03-11

Please also note our announcements.

🐛 Fixes

#4842: Loading of reporter throws wrong error (@juergba)

#4839: dry-run: prevent potential call-stack crash (@juergba)

🔩 Other

#4843: Update production dependencies (@juergba)

v9.2.1

9.2.1 / 2022-02-19

Please also note our announcements.

🐛 Fixes

#4832: Loading of config files throws wrong error (@juergba)

#4799: Reporter: configurable maxDiffSize reporter-option (@norla)

v9.2.0

9.2.0 / 2022-01-24

Please also note our announcements.

🎉 Enhancements

#4813: Parallel: assign each worker a worker-id (@forty)

🔩 Other

#4818: Update production dependencies (@juergba)

v9.1.4

9.1.4 / 2022-01-14

Please also note our announcements.

🐛 Fixes

#4807: import throws wrong error if loader is used (@giltayar)

🔩 Other

... (truncated)

Changelog

Sourced from mocha's changelog.

9.2.2 / 2022-03-11

🐛 Fixes

#4842: Loading of reporter throws wrong error (@juergba)

#4839: dry-run: prevent potential call-stack crash (@juergba)

🔩 Other

#4843: Update production dependencies (@juergba)

9.2.1 / 2022-02-19

🐛 Fixes

#4832: Loading of config files throws wrong error (@juergba)

#4799: Reporter: configurable maxDiffSize reporter-option (@norla)

9.2.0 / 2022-01-24

🎉 Enhancements

#4813: Parallel: assign each worker a worker-id (@forty)

🔩 Other

#4818: Update production dependencies (@juergba)

9.1.4 / 2022-01-14

🐛 Fixes

#4807: import throws wrong error if loader is used (@giltayar)

🔩 Other

#4777: Add Node v17 to CI test matrix (@outsideris)

9.1.3 / 2021-10-15

🐛 Fixes

#4769: Browser: re-enable bdd ES6 style import (@juergba)

🔩 Other

#4764: Revert deprecation of EVENT_SUITE_ADD_* events (@beatfactor)

... (truncated)

Commits

24b5243 build(v9.2.2): release
22a1560 build(v9.2.2): update CHANGELOG [ci skip]
632e602 chore: update dependencies (#4843)
241964b fix: wrong error thrown while loading reporter (#4842)
22f9306 fix(dry-run): potential call-stack crash with 'dry-run' option (#4839)
547ffd7 build(v9.2.1): release
ca7432a build(v9.2.1): update CHANGELOG [ci skip]
86305cf fix: wrong error thrown while loading config files (#4832)
11c4560 fix: configurable max diff size (#4799)
509938d doc: fix to show sponsors in narrow view (#4793)
Additional commits viewable in compare view

Updates qs from 6.7.0 to 6.13.0

Changelog

Sourced from qs's changelog.

6.13.0

[New] parse: add strictDepth option (#511)

[Tests] use npm audit instead of aud

6.12.3

[Fix] parse: properly account for strictNullHandling when allowEmptyArrays

[meta] fix changelog indentation

6.12.2

[Fix] parse: parse encoded square brackets (#506)

[readme] add CII best practices badge

6.12.1

[Fix] parse: Disable decodeDotInKeys by default to restore previous behavior (#501)

[Performance] utils: Optimize performance under large data volumes, reduce memory usage, and speed up processing (#502)

[Refactor] utils: use +=

[Tests] increase coverage

6.12.0

[New] parse/stringify: add decodeDotInKeys/encodeDotKeys options (#488)

[New] parse: add duplicates option

[New] parse/stringify: add allowEmptyArrays option to allow [] in object values (#487)

[Refactor] parse/stringify: move allowDots config logic to its own variable

[Refactor] stringify: move option-handling code into normalizeStringifyOptions

[readme] update readme, add logos (#484)

[readme] stringify: clarify default arrayFormat behavior

[readme] fix line wrapping

[readme] remove dead badges

[Deps] update side-channel

[meta] make the dist build 50% smaller

[meta] add sideEffects flag

[meta] run build in prepack, not prepublish

[Tests] parse: remove useless tests; add coverage

[Tests] stringify: increase coverage

[Tests] use mock-property

[Tests] stringify: improve coverage

[Dev Deps] update @ljharb/eslint-config , aud, has-override-mistake, has-property-descriptors, mock-property, npmignore, object-inspect, tape

[Dev Deps] pin glob, since v10.3.8+ requires a broken jackspeak

[Dev Deps] pin jackspeak since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6

6.11.2

[Fix] parse: Fix parsing when the global Object prototype is frozen (#473)

[Tests] add passing test cases with empty keys (#473)

6.11.1

[Fix] stringify: encode comma values more consistently (#463)

[readme] add usage of filter option for injecting custom serialization, i.e. of custom types (#447)

[meta] remove extraneous code backticks (#457)

[meta] fix changelog markdown

... (truncated)

Commits

5cf516c v6.13.0
8d56df2 [New] parse: add strictDepth option
c9a6694 [Tests] use npm audit instead of aud
f90cc35 v6.12.3
1bf9f7a [Fix] parse: properly account for strictNullHandling when allowEmptyArrays
7ebf48b [meta] fix changelog indentation
d0dff11 v6.12.2
f0b8d03 [Dev Deps] update @ljharb/eslint-config, object-inspect, tape
81835ff [Fix]: parse: parse encoded square brackets
db47dcc [readme] add CII best practices badge
Additional commits viewable in compare view

Updates socket.io from 3.1.2 to 4.7.5

Release notes

Sourced from socket.io's releases.

4.7.5

Bug Fixes

close the adapters when the server is closed (bf64870)

remove duplicate pipeline when serving bundle (e426f3e)

Links

Diff: socketio/socket.io@4.7.4...4.7.5

Client release: 4.7.5

engine.io@~6.5.2 (no change)

ws@~8.11.0 (no change)

4.7.4

Bug Fixes

typings: calling io.emit with no arguments incorrectly errored (cb6d2e0), closes #4914

Links

Diff: socketio/socket.io@4.7.3...4.7.4

Client release: 4.7.4

engine.io@~6.5.2 (no change)

ws@~8.11.0 (no change)

4.7.3

Bug Fixes

return the first response when broadcasting to a single socket (#4878) (df8e70f)

typings: allow to bind to a non-secure Http2Server (#4853) (8c9ebc3)

Links

Diff: socketio/socket.io@4.7.2...4.7.3

Client release: 4.7.3

engine.io@~6.5.2 (no change)

ws@~8.11.0 (no change)

4.7.2

Bug Fixes

clean up child namespace when client is rejected in middleware (#4773) (0731c0d)

webtransport: properly handle WebTransport-only connections (3468a19)

webtransport: add proper framing (a306db0)

Links

... (truncated)

Changelog

Sourced from socket.io's changelog.

4.7.5 (2024-03-14)

Bug Fixes

close the adapters when the server is closed (bf64870)

remove duplicate pipeline when serving bundle (e426f3e)

Dependencies

engine.io@~6.5.2 (no change)

ws@~8.11.0 (no change)

4.7.4 (2024-01-12)

Bug Fixes

typings: calling io.emit with no arguments incorrectly errored (cb6d2e0), closes #4914

Dependencies

engine.io@~6.5.2 (no change)

ws@~8.11.0 (no change)

4.7.3 (2024-01-03)

Bug Fixes

return the first response when broadcasting to a single socket (#4878) (df8e70f)

typings: allow to bind to a non-secure Http2Server (#4853) (8c9ebc3)

Dependencies

engine.io@~6.5.2 (no change)

ws@~8.11.0 (no change)

4.7.2 (2023-08-02)

... (truncated)

Commits

5017681 chore(release): 4.7.5
bf64870 fix: close the adapters when the server is closed
748e18c ci: test with older TypeScript version
b9ce6a2 refactor: create specific adapter for parent namespaces (#4950)
54dabe5 ci: upgrade to actions/checkout@4 and actions/setup-node@4
e426f3e fix: remove duplicate pipeline when serving bundle
e36062c docs: update the webtransport example
0bbe8ae docs: only execute the passport middleware once
914a8bd docs: add example with JWT
d943c3e docs: update the Passport.js example
Additional commits viewable in compare view

Updates socket.io-parser from 4.0.4 to 4.2.4

Release notes

Sourced from socket.io-parser's releases.

4.2.4

Bug Fixes

ensure reserved events cannot be used as event names (d9db473)

properly detect plain objects (b0e6400)

Links

Diff: socketio/socket.io-parser@4.2.3...4.2.4

4.2.3

⚠️ This release contains an important security fix ⚠️

A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:
TypeError: Cannot convert object to primitive value
       at Socket.emit (node:events:507:25)
       at .../node_modules/socket.io/lib/socket.js:531:14
Please upgrade as soon as possible.

Bug Fixes

che...
Description has been truncated

Bumps the npm_and_yarn group with 11 updates: | Package | From | To | | --- | --- | --- | | [karma](https://github.com/karma-runner/karma) | `6.3.4` | `6.4.4` | | [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.3` | | [json5](https://github.com/json5/json5) | `2.2.0` | `2.2.3` | | [log4js](https://github.com/log4js-node/log4js-node) | `6.3.0` | `6.9.1` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` | | [nanoid](https://github.com/ai/nanoid) | `3.1.23` | `3.3.1` | | [mocha](https://github.com/mochajs/mocha) | `9.0.3` | `9.2.2` | | [qs](https://github.com/ljharb/qs) | `6.7.0` | `6.13.0` | | [socket.io](https://github.com/socketio/socket.io) | `3.1.2` | `4.7.5` | | [socket.io-parser](https://github.com/Automattic/socket.io-parser) | `4.0.4` | `4.2.4` | | [ws](https://github.com/websockets/ws) | `7.4.6` | `8.17.1` | Updates `karma` from 6.3.4 to 6.4.4 - [Release notes](https://github.com/karma-runner/karma/releases) - [Changelog](https://github.com/karma-runner/karma/blob/master/CHANGELOG.md) - [Commits](karma-runner/karma@v6.3.4...v6.4.4) Updates `body-parser` from 1.19.0 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.19.0...1.20.3) Updates `json5` from 2.2.0 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.0...v2.2.3) Updates `log4js` from 6.3.0 to 6.9.1 - [Changelog](https://github.com/log4js-node/log4js-node/blob/master/CHANGELOG.md) - [Commits](log4js-node/log4js-node@v6.3.0...v6.9.1) Updates `minimist` from 1.2.5 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.8) Updates `nanoid` from 3.1.23 to 3.3.1 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.23...3.3.1) Updates `mocha` from 9.0.3 to 9.2.2 - [Release notes](https://github.com/mochajs/mocha/releases) - [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md) - [Commits](mochajs/mocha@v9.0.3...v9.2.2) Updates `qs` from 6.7.0 to 6.13.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.7.0...v6.13.0) Updates `socket.io` from 3.1.2 to 4.7.5 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/4.7.5/CHANGELOG.md) - [Commits](socketio/socket.io@3.1.2...4.7.5) Updates `socket.io-parser` from 4.0.4 to 4.2.4 - [Release notes](https://github.com/Automattic/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/4.2.4/CHANGELOG.md) - [Commits](socketio/socket.io-parser@4.0.4...4.2.4) Updates `ws` from 7.4.6 to 8.17.1 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@7.4.6...8.17.1) --- updated-dependencies: - dependency-name: karma dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: log4js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: mocha dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-09-11T08:37:27Z

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

dependabot bot added the dependencies Pull requests that update a dependency file label Sep 11, 2024

dependabot bot requested a review from a team as a code owner September 11, 2024 07:19

This was referenced Sep 11, 2024

Bump minimist from 1.2.5 to 1.2.8 #67

Closed

Bump json5 from 2.2.0 to 2.2.3 #68

Closed

Bump nanoid and mocha #69

Closed

Bump qs and body-parser #71

Closed

keithamus closed this Sep 11, 2024

dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-b0c6ef82fa branch September 11, 2024 08:37

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group with 11 updates #77

Bump the npm_and_yarn group with 11 updates #77

dependabot bot commented on behalf of github Sep 11, 2024

dependabot bot commented on behalf of github Sep 11, 2024

Bump the npm_and_yarn group with 11 updates #77

Bump the npm_and_yarn group with 11 updates #77

Conversation

dependabot bot commented on behalf of github Sep 11, 2024

v6.4.4

6.4.4 (2024-07-29)

v6.4.3

6.4.3 (2024-02-24)

Bug Fixes

v6.4.2

6.4.2 (2023-04-21)

Bug Fixes

v6.4.1

6.4.1 (2022-09-19)

Bug Fixes

v6.4.0

6.4.0 (2022-06-14)

Features

v6.3.20

6.3.20 (2022-05-13)

Bug Fixes

v6.3.19

6.3.19 (2022-04-19)

Bug Fixes

6.4.4 (2024-07-29)

6.4.3 (2024-02-24)

Bug Fixes

6.4.2 (2023-04-21)

Bug Fixes

6.4.1 (2022-09-19)

Bug Fixes

6.4.0 (2022-06-14)

Features

6.3.20 (2022-05-13)

Bug Fixes

6.3.19 (2022-04-19)

Bug Fixes

6.3.18 (2022-04-13)

Bug Fixes

1.20.3

What's Changed

Important

Other changes

New Contributors

1.20.2

1.20.1

1.20.0

1.20.3 / 2024-09-10

1.20.2 / 2023-02-21

1.20.1 / 2022-10-06

1.20.0 / 2022-04-02

1.19.2 / 2022-02-15

1.19.1 / 2021-12-10

v2.2.3

v2.2.2

v2.2.1

v2.2.3 [code, diff]

v2.2.2 [code, diff]

v2.2.1 [code, diff]

6.9.1

6.9.0

6.8.0

6.7.1

v1.2.8 - 2023-02-09

Merged

Fixed

Commits

v1.2.7 - 2022-10-10

Commits

3.3.1

3.3

3.2

3.1.32

3.1.31

3.1.30

3.1.29

3.1.28

3.1.27

3.1.26

3.1.25