Bump the npm_and_yarn group across 3 directories with 11 updates

Bumps the npm_and_yarn group with 4 updates in the /atm-locator directory: express, ip, semver and nodemon. Bumps the npm_and_yarn group with 7 updates in the /customer-auth directory:

Package	From	To
express	`4.18.2`	`4.19.2`
ip	`2.0.0`	`2.0.1`
semver	`5.7.2`	`7.5.4`
nodemon	`2.0.22`	`3.1.0`
validator	`0.4.28`	``
auth	`0.0.9`	`1.0.2`
es5-ext	`0.10.62`	`0.10.64`

Bumps the npm_and_yarn group with 4 updates in the /ui directory: axios, vite, @babel/traverse and follow-redirects.

Updates express from 4.18.2 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Improved fix for open redirect allow list bypass

Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2

4.19.1

What's Changed

Fix ci after location patch by @wesleytodd in expressjs/express#5552

fixed un-edited version in history.md for 4.19.0 by @wesleytodd in expressjs/express#5556

Full Changelog: https://github.com/expressjs/express/compare/4.19.0...4.19.1

4.19.0

What's Changed

fix typo in release date by @UlisesGascon in expressjs/express#5527

docs: nominating @wesleytodd to be project captian by @wesleytodd in expressjs/express#5511

docs: loosen TC activity rules by @wesleytodd in expressjs/express#5510

Add note on how to update docs for new release by @crandmck in expressjs/express#5541

Prevent open redirect allow list bypass due to encodeurl

Release 4.19.0 by @wesleytodd in expressjs/express#5551

New Contributors

@crandmck made their first contribution in expressjs/express#5541

Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0

4.18.3

Main Changes

Fix routing requests without method

deps: body-parser@1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: raw-body@2.5.2

Other Changes

Use https: protocol instead of deprecated git: protocol by @vcsjones in expressjs/express#5032

build: Node.js@16.18 and Node.js@18.12 by @abenhamdine in expressjs/express#5034

ci: update actions/checkout to v3 by @armujahid in expressjs/express#5027

test: remove unused function arguments in params by @raksbisht in expressjs/express#5124

Remove unused originalIndex from acceptParams by @raksbisht in expressjs/express#5119

Fixed typos by @raksbisht in expressjs/express#5117

examples: remove unused params by @raksbisht in expressjs/express#5113

fix: parameter str is not described in JSDoc by @raksbisht in expressjs/express#5130

fix: typos in History.md by @raksbisht in expressjs/express#5131

build : add Node.js@19.7 by @abenhamdine in expressjs/express#5028

test: remove unused function arguments in params by @raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: cookie@0.6.0

4.18.3 / 2024-02-29

Fix routing requests without method

deps: body-parser@1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: raw-body@2.5.2

deps: cookie@0.6.0

Add partitioned option

Commits

04bc627 4.19.2
da4d763 Improved fix for open redirect allow list bypass
4f0f6cc 4.19.1
a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
a1fa90f fixed un-edited version in history.md for 4.19.0
11f2b1d build: fix build due to inconsistent supertest behavior in older versions
084e365 4.19.0
0867302 Prevent open redirect allow list bypass due to encodeurl
567c9c6 Add note on how to update docs for new release (#5541)
69a4cf2 deps: cookie@0.6.0
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates ip from 2.0.0 to 2.0.1

Commits

3b0994a 2.0.1
32f468f lib: fixed CVE-2023-42282 and added unit test
See full diff in compare view

Updates semver from 5.7.2 to 7.5.4

Release notes

Sourced from semver's releases.

v7.5.4

7.5.4 (2023-07-07)

Bug Fixes

cc6fde2 #588 trim each range set before parsing (@lukekarrys)

99d8287 #583 correctly parse long build ids as valid (#583) (@lukekarrys)

v7.5.3

7.5.3 (2023-06-22)

Bug Fixes

abdd93d #571 set max lengths in regex for numeric and build identifiers (#571) (@lukekarrys)

Documentation

bf53dd8 #569 add example for > comparator (#569) (@mbtools)

v7.5.2

7.5.2 (2023-06-15)

Bug Fixes

58c791f #566 diff when detecting major change from prerelease (#566) (@lukekarrys)

5c8efbc #565 preserve build in raw after inc (#565) (@lukekarrys)

717534e #564 better handling of whitespace (#564) (@lukekarrys)

v7.5.1

7.5.1 (2023-05-12)

Bug Fixes

d30d25a #559 show type on invalid semver error (#559) (@tjenkinson)

v7.5.0

7.5.0 (2023-04-17)

Features

503a4e5 #548 allow identifierBase to be false (#548) (@lsvalina)

Bug Fixes

e219bb4 #552 throw on bad version with correct error message (#552) (@wraithgar)

fc2f3df #546 incorrect results from diff sometimes with prerelease versions (#546) (@tjenkinson)

2781767 #547 avoid re-instantiating SemVer during diff compare (#547) (@macno)

v7.4.0

7.4.0 (2023-04-10)

... (truncated)

Changelog

Sourced from semver's changelog.

7.5.4 (2023-07-07)

Bug Fixes

cc6fde2 #588 trim each range set before parsing (@lukekarrys)

99d8287 #583 correctly parse long build ids as valid (#583) (@lukekarrys)

7.5.3 (2023-06-22)

Bug Fixes

abdd93d #571 set max lengths in regex for numeric and build identifiers (#571) (@lukekarrys)

Documentation

bf53dd8 #569 add example for > comparator (#569) (@mbtools)

7.5.2 (2023-06-15)

Bug Fixes

58c791f #566 diff when detecting major change from prerelease (#566) (@lukekarrys)

5c8efbc #565 preserve build in raw after inc (#565) (@lukekarrys)

717534e #564 better handling of whitespace (#564) (@lukekarrys)

7.5.1 (2023-05-12)

Bug Fixes

d30d25a #559 show type on invalid semver error (#559) (@tjenkinson)

7.5.0 (2023-04-17)

Features

503a4e5 #548 allow identifierBase to be false (#548) (@lsvalina)

Bug Fixes

e219bb4 #552 throw on bad version with correct error message (#552) (@wraithgar)

fc2f3df #546 incorrect results from diff sometimes with prerelease versions (#546) (@tjenkinson)

2781767 #547 avoid re-instantiating SemVer during diff compare (#547) (@macno)

7.4.0 (2023-04-10)

Features

113f513 #532 identifierBase parameter for .inc (#532) (@wraithgar, @b-bly)

48d8f8f #530 export new RELEASE_TYPES constant (@hcharley)

... (truncated)

Commits

36cd334 chore: release 7.5.4
8456d87 chore: postinstall for dependabot template-oss PR
dde1f00 chore: postinstall for dependabot template-oss PR
dffcd1b chore: bump @npmcli/template-oss from 4.16.0 to 4.17.0
d619f66 chore: postinstall for dependabot template-oss PR
3bc4247 chore: bump @npmcli/template-oss from 4.15.1 to 4.16.0
cc6fde2 fix: trim each range set before parsing
99d8287 fix: correctly parse long build ids as valid (#583)
4f0f6b1 chore: fix arguments in whitespace test (#574)
6bd1a37 chore: remove duplicate test in semver class (#575)
Additional commits viewable in compare view

Updates nodemon from 2.0.22 to 3.1.0

Release notes

Sourced from nodemon's releases.

v3.1.0

3.1.0 (2024-02-22)

Features

Enable nodemon to monitor file removal (#2182) (02d216f)

v3.0.3

3.0.3 (2024-01-16)

Bug Fixes

use node when using --import (d3ee86e), closes #2157

v3.0.2

3.0.2 (2023-12-01)

Bug Fixes

bump debug out of vuln range (533ad9c), closes #2146

v3.0.1

3.0.1 (2023-07-09)

Bug Fixes

restore default ext watch behaviour (95bee00), closes #2124 #1957

v3.0.0

3.0.0 (2023-07-08)

Bug Fixes

also watch cjs (86d5f40)

node@10 support back in (af3b9e2)

semver vuln dep (6bb8766), closes #2119

Features

always use polling on IBM i (3b58104)

BREAKING CHANGES

... (truncated)

Commits

02d216f feat: Enable nodemon to monitor file removal (#2182)
c0ea423 chore: web site render
3938c69 chore: web site render
9651680 chore: web site render
da328ed chore: forced release
2072383 chore: supporters
d3ee86e fix: use node when using --import
6fd8ce7 chore: web site render
33260c3 chore: web site render
43133a0 chore: web site render
Additional commits viewable in compare view

Updates express from 4.18.2 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Improved fix for open redirect allow list bypass

Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2

4.19.1

What's Changed

Fix ci after location patch by @wesleytodd in expressjs/express#5552

fixed un-edited version in history.md for 4.19.0 by @wesleytodd in expressjs/express#5556

Full Changelog: https://github.com/expressjs/express/compare/4.19.0...4.19.1

4.19.0

What's Changed

fix typo in release date by @UlisesGascon in expressjs/express#5527

docs: nominating @wesleytodd to be project captian by @wesleytodd in expressjs/express#5511

docs: loosen TC activity rules by @wesleytodd in expressjs/express#5510

Add note on how to update docs for new release by @crandmck in expressjs/express#5541

Prevent open redirect allow list bypass due to encodeurl

Release 4.19.0 by @wesleytodd in expressjs/express#5551

New Contributors

@crandmck made their first contribution in expressjs/express#5541

Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0

4.18.3

Main Changes

Fix routing requests without method

deps: body-parser@1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: raw-body@2.5.2

Other Changes

Use https: protocol instead of deprecated git: protocol by @vcsjones in expressjs/express#5032

build: Node.js@16.18 and Node.js@18.12 by @abenhamdine in expressjs/express#5034

ci: update actions/checkout to v3 by @armujahid in expressjs/express#5027

test: remove unused function arguments in params by @raksbisht in expressjs/express#5124

Remove unused originalIndex from acceptParams by @raksbisht in expressjs/express#5119

Fixed typos by @raksbisht in expressjs/express#5117

examples: remove unused params by @raksbisht in expressjs/express#5113

fix: parameter str is not described in JSDoc by @raksbisht in expressjs/express#5130

fix: typos in History.md by @raksbisht in expressjs/express#5131

build : add Node.js@19.7 by @abenhamdine in expressjs/express#5028

test: remove unused function arguments in params by @raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: cookie@0.6.0

4.18.3 / 2024-02-29

Fix routing requests without method

deps: body-parser@1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: raw-body@2.5.2

deps: cookie@0.6.0

Add partitioned option

Commits

04bc627 4.19.2
da4d763 Improved fix for open redirect allow list bypass
4f0f6cc 4.19.1
a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
a1fa90f fixed un-edited version in history.md for 4.19.0
11f2b1d build: fix build due to inconsistent supertest behavior in older versions
084e365 4.19.0
0867302 Prevent open redirect allow list bypass due to encodeurl
567c9c6 Add note on how to update docs for new release (#5541)
69a4cf2 deps: cookie@0.6.0
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates ip from 2.0.0 to 2.0.1

Commits

3b0994a 2.0.1
32f468f lib: fixed CVE-2023-42282 and added unit test
See full diff in compare view

Updates semver from 5.7.2 to 7.5.4

Release notes

Sourced from semver's releases.

v7.5.4

7.5.4 (2023-07-07)

Bug Fixes

cc6fde2 #588 trim each range set before parsing (@lukekarrys)

99d8287 #583 correctly parse long build ids as valid (#583) (@lukekarrys)

v7.5.3

7.5.3 (2023-06-22)

Bug Fixes

abdd93d #571 set max lengths in regex for numeric and build identifiers (#571) (@lukekarrys)

Documentation

bf53dd8 #569 add example for > comparator (#569) (@mbtools)

v7.5.2

7.5.2 (2023-06-15)

Bug Fixes

58c791f #566 diff when detecting major change from prerelease (#566) (@lukekarrys)

5c8efbc #565 preserve build in raw after inc (#565) (@lukekarrys)

717534e #564 better handling of whitespace (#564) (@lukekarrys)

v7.5.1

7.5.1 (2023-05-12)

Bug Fixes

d30d25a #559 show type on invalid semver error (#559) (@tjenkinson)

v7.5.0

7.5.0 (2023-04-17)

Features

503a4e5 #548 allow identifierBase to be false (#548) (@lsvalina)

Bug Fixes

e219bb4 #552 throw on bad version with correct error message (#552) (@wraithgar)

fc2f3df #546 incorrect results from diff sometimes with prerelease versions (#546) (@tjenkinson)

2781767 #547 avoid re-instantiating SemVer during diff compare (#547) (@macno)

v7.4.0

7.4.0 (2023-04-10)

... (truncated)

Changelog

Sourced from semver's changelog.

7.5.4 (2023-07-07)

Bug Fixes

cc6fde2 #588 trim each range set before parsing (@lukekarrys)

99d8287 #583 correctly parse long build ids as valid (#583) (@lukekarrys)

7.5.3 (2023-06-22)

Bug Fixes

abdd93d #571 set max lengths in regex for numeric and build identifiers (#571) (@lukekarrys)

Documentation

bf53dd8 #569 add example for > comparator (#569) (@mbtools)

7.5.2 (2023-06-15)

Bug Fixes

58c791f #566 diff when detecting major change from prerelease (#566) (@lukekarrys)

5c8efbc #565 preserve build in raw after inc (#565) (@lukekarrys)

717534e #564 better handling of whitespace (#564) (@lukekarrys)

7.5.1 (2023-05-12)

Bug Fixes

d30d25a #559 show type on invalid semver error (#559) (@tjenkinson)

7.5.0 (2023-04-17)

Features

503a4e5 #548 allow identifierBase to be false (#548) (@lsvalina)

Bug Fixes

e219bb4 #552 throw on bad version with correct error message (#552) (@wraithgar)

fc2f3df #546 incorrect results from diff sometimes with prerelease versions (#546) (@tjenkinson)

2781767 #547 avoid re-instantiating SemVer during diff compare (#547) (@macno)

7.4.0 (2023-04-10)

Features

113f513 #532 identifierBase parameter for .inc (#532) (@wraithgar, @b-bly)

48d8f8f #530 export new RELEASE_TYPES constant (@hcharley)

... (truncated)

Commits

36cd334 chore: release 7.5.4
8456d87 chore: postinstall for dependabot template-oss PR
dde1f00 chore: postinstall for dependabot template-oss PR
dffcd1b chore: bump @npmcli/template-oss from 4.16.0 to 4.17.0
d619f66 chore: postinstall for dependabot template-oss PR
3bc4247 chore: bump @npmcli/template-oss from 4.15.1 to 4.16.0
cc6fde2 fix: trim each range set before parsing
99d8287 fix: correctly parse long build ids as valid (#583)
4f0f6b1 chore: fix arguments in whitespace test (#574)
6bd1a37 chore: remove duplicate test in semver class (#575)
Additional commits viewable in compare view

Updates nodemon from 2.0.22 to 3.1.0

Release notes

Sourced from nodemon's releases.

v3.1.0

3.1.0 (2024-02-22)

Features

Enable nodemon to monitor file removal (#2182) (02d216f)

v3.0.3

3.0.3 (2024-01-16)

Bug Fixes

use node when using --import (d3ee86e), closes #2157

v3.0.2

3.0.2 (2023-12-01)

Bug Fixes

bump debug out of vuln range (533ad9c), closes #2146

v3.0.1

3.0.1 (2023-07-09)

Bug Fixes

restore default ext watch behaviour (95bee00), closes #2124 #1957

v3.0.0

3.0.0 (2023-07-08)

Bug Fixes

also watch cjs (86d5f40)

node@10 support back in (af3b9e2)

semver vuln dep (6bb8766), closes #2119

Features

always use polling on IBM i (3b58104)

BREAKING CHANGES

... (truncated)

Commits

02d216f feat: Enable nodemon to monitor file removal (#2182)
c0ea423 chore: web site render
3938c69 chore: web site render
9651680 chore: web site render
da328ed chore: forced release
2072383 chore: supporters
d3ee86e fix: use node when using --import
6fd8ce7 chore: web site render
33260c3 chore: web site render
43133a0 chore: web site render
Additional commits viewable in compare view

Removes validator

Updates auth from 0.0.9 to 1.0.2

Commits

See full diff in compare view

Maintainer changes

This version was pushed to npm by balazsorban, a new releaser for auth since your current version.

Updates es5-ext from 0.10.62 to 0.10.64

Release notes

Sourced from es5-ext's releases.

0.10.64 (2024-02-27)

Bug Fixes

Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

Comparison since last release

0.10.63 (2024-02-23)

Bug Fixes

Do not rely on problematic regex (3551cdd), addresses #201

Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021

Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

Simplify the manifest message (7855319)

Comparison since last release

Changelog

Sourced from es5-ext's changelog.

0.10.64 (2024-02-27)

Bug Fixes

Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

0.10.63 (2024-02-23)

Bug Fixes

Do not rely on problematic regex (3551cdd), addresses #201

Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021

Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

Simplify the manifest message (7855319)

Commits

f76b03d chore: Release v0.10.64
2881acd chore: Bump dependencies
c2e2bb9 fix: Revert update meant to fix Powershell issue, as it's a regression
16f2b72 docs: Fix date in the changelog
de4e03c chore: Release v0.10.63
3fd53b7 chore: Upgrade lint-staged to v13
bf8ed79 chore: Ensure postinstall script does not crash on Windows
2cbbb07 chore: Bump dependencies
22d0416 chore: Bump LICENSE year
a52e957 fix: Support ES2015+ function definitions in function#toStringTokens()
Additional commits viewable in compare view

Updates axios from 1.5.1 to 1.6.0

Release notes

Sourced from axios's releases.

Release v1.6.0

Release notes:

Bug Fixes

CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028) (96ee232)

dns: fixed lookup function decorator to work properly in node v20; (#6011) (5aaff53)

types: fix AxiosHeaders types; (#5931) (a1c8ad0)

PRs

CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
Contributors to this release

Dmitriy Mozgovoy

Valentin Panov

Rinku Chaudhari

Changelog

Sourced from axios's changelog.

1.6.0 (2023-10-26)

Bug Fixes

CSRF: ... _Description has been truncated_

cisco-open / martian-bank-demo

Bump the npm_and_yarn group across 3 directories with 11 updates #59

4.19.2

What's Changed

4.19.1

What's Changed

4.19.0

What's Changed

New Contributors

4.18.3

Main Changes

Other Changes

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

v7.5.4

7.5.4 (2023-07-07)

Bug Fixes

v7.5.3

7.5.3 (2023-06-22)

Bug Fixes

Documentation

v7.5.2

7.5.2 (2023-06-15)

Bug Fixes

v7.5.1

7.5.1 (2023-05-12)

Bug Fixes

v7.5.0

7.5.0 (2023-04-17)

Features

Bug Fixes

v7.4.0

7.4.0 (2023-04-10)

7.5.4 (2023-07-07)

Bug Fixes

7.5.3 (2023-06-22)

Bug Fixes

Documentation

7.5.2 (2023-06-15)

Bug Fixes

7.5.1 (2023-05-12)

Bug Fixes

7.5.0 (2023-04-17)

Features

Bug Fixes

7.4.0 (2023-04-10)

Features

v3.1.0

3.1.0 (2024-02-22)

Features

v3.0.3

3.0.3 (2024-01-16)

Bug Fixes

v3.0.2

3.0.2 (2023-12-01)

Bug Fixes

v3.0.1

3.0.1 (2023-07-09)

Bug Fixes

v3.0.0

3.0.0 (2023-07-08)

Bug Fixes

Features

BREAKING CHANGES

4.19.2

What's Changed

4.19.1

What's Changed

4.19.0

What's Changed

New Contributors

4.18.3

Main Changes

Other Changes

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29