search

OriginProtocol / oeth.com

Frontend for oeth.com
2 stars 1 forks source link

Bump the npm_and_yarn group across 1 directory with 7 updates #151

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 4 months ago

Bumps the npm_and_yarn group with 6 updates in the / directory:

Package From To
axios 1.5.1 1.6.0
next 13.4.19 14.2.4
sanitize-html 2.11.0 2.12.1
@babel/traverse 7.22.11 7.24.7
@solana/web3.js 1.78.4 1.93.0
follow-redirects 1.15.3 1.15.6

Updates axios from 1.5.1 to 1.6.0

Release notes

Sourced from axios's releases.

Release v1.6.0

Release notes:

Bug Fixes

  • CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028) (96ee232)
  • dns: fixed lookup function decorator to work properly in node v20; (#6011) (5aaff53)
  • types: fix AxiosHeaders types; (#5931) (a1c8ad0)

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Contributors to this release

Changelog

Sourced from axios's changelog.

1.6.0 (2023-10-26)

Bug Fixes

  • CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028) (96ee232)
  • dns: fixed lookup function decorator to work properly in node v20; (#6011) (5aaff53)
  • types: fix AxiosHeaders types; (#5931) (a1c8ad0)

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Contributors to this release

Commits


Updates next from 13.4.19 to 14.2.4

Release notes

Sourced from next's releases.

v14.2.4

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • fix: ensure route handlers properly track dynamic access (#66446)
  • fix NextRequest proxy in edge runtime (#66551)
  • Fix next/dynamic with babel and src dir (#65177)
  • Use vercel deployment url for metadataBase fallbacks (#65089)
  • fix(next/image): detect react@19 for fetchPriority prop (#65235)
  • Fix loading navigation with metadata and prefetch (#66447)
  • prevent duplicate RSC fetch when action redirects (#66620)
  • ensure router cache updates reference the latest cache values (#66681)
  • Prevent append of trailing slash in cases where path ends with a file extension (#66636)
  • Fix inconsistency with 404 getStaticProps cache-control (#66674)
  • Use addDependency to track metadata route file changes (#66714)
  • Add timeout/retry handling for fetch cache (#66652)
  • fix: app-router prefetch crash when an invalid URL is passed to Link (#66755)

Credits

Huge thanks to @​ztanner, @​ijjk, @​wbinnssmith, @​huozhi, and @​lubieowoce for helping!

Commits
  • 3078441 v14.2.4
  • 0538a0d [not a backport] fix lint errors
  • 2807fb4 fix: app-router prefetch crash when an invalid URL is passed to Link (#66755)
  • efb476e Add timeout/retry handling for fetch cache (#66652)
  • c16a3f9 Use addDependency to track metadata route file changes (#66714)
  • 942e45a Fix inconsistency with 404 getStaticProps cache-control (#66674)
  • 9728a35 Prevent append of trailing slash in cases where path ends with a file extensi...
  • 44661c2 ensure router cache updates reference the latest cache values (#66681)
  • f7ec039 prevent duplicate RSC fetch when action redirects (#66620)
  • dd6ab93 Fix loading navigation with metadata and prefetch (#66447)
  • Additional commits viewable in compare view


Updates sanitize-html from 2.11.0 to 2.12.1

Changelog

Sourced from sanitize-html's changelog.

2.12.1 (2024-02-22)

  • Do not parse sourcemaps in post-css. This fixes a vulnerability in which information about the existence or non-existence of files on a server could be disclosed via properly crafted HTML input when the style attribute is allowed by the configuration. Thanks to the Snyk Security team for the disclosure and to Dylan Armstrong for the fix.

2.12.0 (2024-02-21)

  • Introduced the allowedEmptyAttributes option, enabling explicit specification of empty string values for select attributes, with the default attribute set to alt. Thanks to Na for the contribution.

  • Clarified the use of SVGs with a new test and changes to documentation. Thanks to Gauav Kumar for the contribution.

  • Do not process source maps when processing style tags with PostCSS.

Commits
  • 4a7d7dd Merge pull request #654 from apostrophecms/release-2.12.1
  • f8e02be release 2.12.1
  • c5dbdf7 Merge pull request #650 from dylanarmstrong/fix/ignore-source-maps
  • 5a5a74e Merge pull request #652 from apostrophecms/add-thanks-to-changelog
  • ee71ff0 Add community contribution thanks you
  • a226fe7 Merge pull request #651 from apostrophecms/release-2.12.0
  • ff18600 release 2.12.0
  • 1e2294c test: added test for postcss map
  • c376501 doc: update changelog
  • 075499d fix: ignore source maps when processing with postcss
  • Additional commits viewable in compare view


Updates postcss from 8.4.30 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

  • Fixed \r parsing to fix CVE-2023-44270.
Changelog

Sourced from postcss's changelog.

8.4.31

  • Fixed \r parsing to fix CVE-2023-44270.
Commits


Updates @babel/traverse from 7.22.11 to 7.24.7

Release notes

Sourced from @​babel/traverse's releases.

v7.24.7 (2024-06-05)

:bug: Bug Fix

:house: Internal

  • babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

Committers: 7

v7.24.6 (2024-05-24)

Thanks @​amjed-98, @​blakewilson, @​coelhucas, and @​SukkaW for your first PRs!

:bug: Bug Fix

  • babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • babel-core, babel-generator, babel-plugin-transform-modules-commonjs
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
    • #16483 Fix: throw TypeError if addInitializer is called after finished (@​JLHwung)
  • babel-parser, babel-plugin-transform-typescript

:house: Internal

  • babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-helpers
  • babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-parser, babel-traverse
  • Other

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.24.7 (2024-06-05)

:bug: Bug Fix

:house: Internal

  • babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

v7.24.6 (2024-05-24)

:bug: Bug Fix

  • babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • babel-core, babel-generator, babel-plugin-transform-modules-commonjs
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
    • #16483 Fix: throw TypeError if addInitializer is called after finished (@​JLHwung)
  • babel-parser, babel-plugin-transform-typescript

:house: Internal

  • babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-helpers
  • babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-parser, babel-traverse
  • Other

v7.24.5 (2024-04-29)

:bug: Bug Fix

  • babel-plugin-transform-classes, babel-traverse
  • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3

:nail_care: Polish

  • babel-parser

... (truncated)

Commits


Updates @solana/web3.js from 1.78.4 to 1.93.0

Release notes

Sourced from @​solana/web3.js's releases.

v1.93.0

1.93.0 (2024-06-12)

Features

v1.92.3

1.92.3 (2024-06-06)

Bug Fixes

  • Rewrite the message printer as a parser to avoid problems with regexes in old browsers (#2785) (4f19842)

v1.92.2

1.92.2 (2024-06-05)

Bug Fixes

  • Add getter for logs to sendTransactionError (#2771) (327dc9d)

v1.92.1

1.92.1 (2024-06-04)

Bug Fixes

v1.92.0

1.92.0 (2024-06-04)

Features

  • added transaction logs to send transaction functions (#2736) (9369269)

v1.91.9

1.91.9 (2024-06-03)

Bug Fixes

  • library-legacy/deps: rpc-websockets@^7.11.0->^7.11.1 (#2758) (5527b0e)

v1.91.8

1.91.8 (2024-05-03)

Bug Fixes

... (truncated)

Commits
  • 1a54096 chore: repair broken lockfile no thanks to Dependabot
  • c12c726 chore: bump tslib from 2.6.2 to 2.6.3 (#2802)
  • b20731d feat: upgrade to rpc-websockets v9 (#2800)
  • 0445a81 Revert "chore: bump turbo from 1.13.3 to 2.0.3 (#2798)"
  • 9344bbf chore: convert GitHub repository URL in npm task to https version
  • dd0a601 chore: convert repository URL in semantic release config to https version
  • e535eaa chore: bump all semantic-release dependencies
  • cd2c4a3 chore: bump turbo from 1.13.3 to 2.0.3 (#2798)
  • ec3a540 Tidy up versions that we forgot to bump to preview.3
  • bfe6329 chore: bump tsx from 4.11.0 to 4.15.2 (#2796)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by lorisleiva, a new releaser for @​solana/web3.js since your current version.


Updates follow-redirects from 1.15.3 to 1.15.6

Commits
  • 35a517c Release version 1.15.6 of the npm package.
  • c4f847f Drop Proxy-Authorization across hosts.
  • 8526b4a Use GitHub for disclosure.
  • b1677ce Release version 1.15.5 of the npm package.
  • d8914f7 Preserve fragment in responseUrl.
  • 6585820 Release version 1.15.4 of the npm package.
  • 7a6567e Disallow bracketed hostnames.
  • 05629af Prefer native URL instead of deprecated url.parse.
  • 1cba8e8 Prefer native URL instead of legacy url.resolve.
  • 72bc2a4 Simplify _processResponse error handling.
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/OriginProtocol/oeth.com/network/alerts).
dependabot[bot] commented 4 months ago

Superseded by #152.