Bump debug, compression, express, serve-index and karma in /crnk-ui

[dependabot[bot]]

Bumps debug to 2.6.9 and updates ancestor dependencies debug, compression, express, serve-index and karma. These dependencies need to be updated together.

Updates debug from 2.6.8 to 2.6.9

Release notes

Sourced from debug's releases.

2.6.9

Patches

• Remove ReDoS regexp in %o formatter: #504

Credits

Huge thanks to @​zhuangya for their help!

Changelog

Sourced from debug's changelog.

2.6.9 / 2017-09-22

• remove ReDoS regexp in %o formatter (#504)

Commits

• 13abeae Release 2.6.9
• f53962e remove ReDoS regexp in %o formatter (#504)
• See full diff in compare view

Updates compression from 1.7.0 to 1.7.4

Release notes

Sourced from compression's releases.

1.7.4

• deps: compressible@~2.0.16
  • Mark text/less as compressible
  • deps: mime-db@'>= 1.38.0 < 2'
• deps: on-headers@~1.0.2
  • Fix res.writeHead patch missing return value
• perf: prevent unnecessary buffer copy

1.7.3

• deps: accepts@~1.3.5
  • deps: mime-types@~2.1.18
• deps: compressible@~2.0.14
  • Mark all XML-derived types as compressible
  • deps: mime-db@'>= 1.34.0 < 2'
• deps: safe-buffer@5.1.2

1.7.2

• deps: compressible@~2.0.13
  • deps: mime-db@'>= 1.33.0 < 2'

1.7.1

• deps: accepts@~1.3.4
  • deps: mime-types@~2.1.16
• deps: bytes@3.0.0
• deps: compressible@~2.0.11
  • deps: mime-db@'>= 1.29.0 < 2'
• deps: debug@2.6.9
• deps: vary@~1.1.2
  • perf: improve header token parsing speed

Changelog

Sourced from compression's changelog.

1.7.4 / 2019-03-18

• deps: compressible@~2.0.16
  • Mark text/less as compressible
  • deps: mime-db@'>= 1.38.0 < 2'
• deps: on-headers@~1.0.2
  • Fix res.writeHead patch missing return value
• perf: prevent unnecessary buffer copy

1.7.3 / 2018-07-15

• deps: accepts@~1.3.5
  • deps: mime-types@~2.1.18
• deps: compressible@~2.0.14
  • Mark all XML-derived types as compressible
  • deps: mime-db@'>= 1.34.0 < 2'
• deps: safe-buffer@5.1.2

1.7.2 / 2018-02-18

• deps: compressible@~2.0.13
  • deps: mime-db@'>= 1.33.0 < 2'

1.7.1 / 2017-09-26

• deps: accepts@~1.3.4
  • deps: mime-types@~2.1.16
• deps: bytes@3.0.0
• deps: compressible@~2.0.11
  • deps: mime-db@'>= 1.29.0 < 2'
• deps: debug@2.6.9
• deps: vary@~1.1.2
  • perf: improve header token parsing speed

Commits

• dd5055d 1.7.4
• 7e91b18 perf: prevent unnecessary buffer copy
• f6873b5 build: supertest@4.0.0
• b07e7fd build: eslint-plugin-import@2.16.0
• aed82c0 build: eslint@5.15.1
• 5b7d4c0 build: mocha@6.0.2
• ddf2b6e build: simplify & speed up logic in Travis CI build steps
• 61a438d build: Node.js@11.10
• 7ee13e1 deps: on-headers@~1.0.2
• 8fb7dca deps: compressible@~2.0.16
• Additional commits viewable in compare view

Updates express from 4.15.3 to 4.18.2

Release notes

Sourced from express's releases.

4.18.2

• Fix regression routing a large stack in a single route
• deps: body-parser@1.20.1
  • deps: qs@6.11.0
  • perf: remove unnecessary object clone
• deps: qs@6.11.0

4.18.1

• Fix hanging on large stack of sync routes

4.18.0

• Add "root" option to res.download
• Allow options without filename in res.download
• Deprecate string and non-integer arguments to res.status
• Fix behavior of null/undefined as maxAge in res.cookie
• Fix handling very large stacks of sync middleware
• Ignore Object.prototype values in settings through app.set/app.get
• Invoke default with same arguments as types in res.format
• Support proper 205 responses using res.send
• Use http-errors for res.format error
• deps: body-parser@1.20.0
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: depd@2.0.0
  • deps: http-errors@2.0.0
  • deps: on-finished@2.4.1
  • deps: qs@6.10.3
  • deps: raw-body@2.5.1
• deps: cookie@0.5.0
  • Add priority option
  • Fix expires option to reject invalid dates
• deps: depd@2.0.0
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: finalhandler@1.2.0
  • Remove set content headers that break response
  • deps: on-finished@2.4.1
  • deps: statuses@2.0.1
• deps: on-finished@2.4.1
  • Prevent loss of async hooks context
• deps: qs@6.10.3
• deps: send@0.18.0
  • Fix emitted 416 error missing headers property
  • Limit the headers removed for 304 response
  • deps: depd@2.0.0
  • deps: destroy@1.2.0
  • deps: http-errors@2.0.0
  • deps: on-finished@2.4.1

... (truncated)

Changelog

Sourced from express's changelog.

4.18.2 / 2022-10-08

• Fix regression routing a large stack in a single route
• deps: body-parser@1.20.1
  • deps: qs@6.11.0
  • perf: remove unnecessary object clone
• deps: qs@6.11.0

4.18.1 / 2022-04-29

• Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

• Add "root" option to res.download
• Allow options without filename in res.download
• Deprecate string and non-integer arguments to res.status
• Fix behavior of null/undefined as maxAge in res.cookie
• Fix handling very large stacks of sync middleware
• Ignore Object.prototype values in settings through app.set/app.get
• Invoke default with same arguments as types in res.format
• Support proper 205 responses using res.send
• Use http-errors for res.format error
• deps: body-parser@1.20.0
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: depd@2.0.0
  • deps: http-errors@2.0.0
  • deps: on-finished@2.4.1
  • deps: qs@6.10.3
  • deps: raw-body@2.5.1
• deps: cookie@0.5.0
  • Add priority option
  • Fix expires option to reject invalid dates
• deps: depd@2.0.0
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: finalhandler@1.2.0
  • Remove set content headers that break response
  • deps: on-finished@2.4.1
  • deps: statuses@2.0.1
• deps: on-finished@2.4.1
  • Prevent loss of async hooks context
• deps: qs@6.10.3
• deps: send@0.18.0

... (truncated)

Commits

• 8368dc1 4.18.2
• 61f4049 docs: replace Freenode with Libera Chat
• bb7907b build: Node.js@18.10
• f56ce73 build: supertest@6.3.0
• 24b3dc5 deps: qs@6.11.0
• 689d175 deps: body-parser@1.20.1
• 340be0f build: eslint@8.24.0
• 33e8dc3 docs: use Node.js name style
• 644f646 build: supertest@6.2.4
• ecd7572 build: Node.js@14.20
• Additional commits viewable in compare view

Updates serve-index from 1.9.0 to 1.9.1

Release notes

Sourced from serve-index's releases.

1.9.1

• deps: accepts@~1.3.4
  • deps: mime-types@~2.1.16
• deps: debug@2.6.9
• deps: http-errors@~1.6.2
  • deps: depd@1.1.1
• deps: mime-types@~2.1.17
  • Add new mime types
  • deps: mime-db@~1.30.0
• deps: parseurl@~1.3.2
  • perf: reduce overhead for full URLs
  • perf: unroll the "fast-path" RegExp

Changelog

Sourced from serve-index's changelog.

1.9.1 / 2017-09-28

• deps: accepts@~1.3.4
  • deps: mime-types@~2.1.16
• deps: debug@2.6.9
• deps: http-errors@~1.6.2
  • deps: depd@1.1.1
• deps: mime-types@~2.1.17
  • Add new mime types
  • deps: mime-db@~1.30.0
• deps: parseurl@~1.3.2
  • perf: reduce overhead for full URLs
  • perf: unroll the "fast-path" RegExp

Commits

• a399faa 1.9.1
• fc69533 deps: parseurl@~1.3.2
• 45dbe4f docs: add express.static to the express example
• 76e3c3a deps: debug@2.6.9
• da37631 build: Node.js@8.3
• 3e09fb2 build: Node.js@6.11
• 0894f8c deps: mime-types@~2.1.17
• a4f1ef3 deps: http-errors@~1.6.2
• ccbeaeb deps: accepts@~1.3.4
• See full diff in compare view

Updates karma from 1.7.0 to 1.7.1

Release notes

Sourced from karma's releases.

1.7.1

Bug Fixes

• debug-runner: support asynchronous tests in the debug runner (a36f3eb), closes #2811
• file-list: Stop polluting global environment with core-js (0988022)
• preprocessor: renamed handeFile to readFileCallback (92a8c81)
• preprocessor: retry if fs.readFile fails (4b60513)
• preprocessor: throw if retry fails (2789bf5)

Features

• ci: disable testing of node versions below 4 (ec92ea9)
• client: log global error stack trace (523d608), closes #2812
• config: remove polling usage (b0f41c7), closes #2669
• deps: add support for node@​8 (7feaee3), closes #2754
• deps: update socket.io to 1.7.4 to avoid issue with ws[@1](https://github.com/1).1.2 (264442b), closes #2593
• watcher: Debounce autoWatchBatchDelay (2f8c049), closes #2331

Changelog

Sourced from karma's changelog.

1.7.1 (2017-08-25)

Bug Fixes

• debug-runner: support asynchronous tests in the debug runner (a36f3eb), closes #2811
• file-list: Stop polluting global environment with core-js (0988022)
• preprocessor: renamed handeFile to readFileCallback (92a8c81)
• preprocessor: retry if fs.readFile fails (4b60513)
• preprocessor: throw if retry fails (2789bf5)

Features

• ci: disable testing of node versions below 4 (ec92ea9)
• client: log global error stack trace (523d608), closes #2812
• config: remove polling usage (b0f41c7), closes #2669
• deps: add support for node@​8 (7feaee3), closes #2754
• deps: update socket.io to 1.7.4 to avoid issue with ws[@1](https://github.com/1).1.2 (264442b), closes #2593
• watcher: Debounce autoWatchBatchDelay (2f8c049), closes #2331

2.0.0 (2017-12-21)

Bug Fixes

• config: Call debug log methods after setting the loglevel based upon config/cli-options. (99fd3f0)
• config: Call debug log methods after setting the loglevel based upon config/cli-options. (a340dae)
• config: Retry install with appveyor-retry. (17d5791)
• config: Workaround npm 5.4 windows bug (ec47d81)
• deps: update socket.io to version 2.0.3. (3b7b019), closes #2821 #2777
• logging: Upgrade to log4js 2.x API. (#2868) (f6f8707), closes #2858
• reporter: show file path correctly when urlRoot specified (34dc7d3), closes #2897
• debug-runner: support asynchronous tests in the debug runner (a36f3eb), closes #2811
• file-list: Stop polluting global environment with core-js (0988022)
• preprocessor: renamed handeFile to readFileCallback (92a8c81)
• preprocessor: retry if fs.readFile fails (4b60513)
• preprocessor: throw if retry fails (2789bf5)

Features

• cli: Warn on commands with underscores. (0801a7f)
• config: allow to use newer versions of CoffeeScript (c1fcf42)
• launcher: trim whitespace in browser name (871d46f)
• launcher: trim whitespace in browser name (334f9fb)
• middleware: added manual file type option (0330cd1), closes #2824

... (truncated)

Commits

• 446c1f3 chore: release v2.0.1
• 25fdf3e chore: update contributors
• 2270abb Merge pull request #2948 from devoto13/es2015
• 0e6d46c refactor: migrate EmitterWrapped to ES2015
• 9b472c4 refactor: migrate misc files to ES2015
• 75ec567 refactor: migrate config to ES2015
• a1f4716 refactor: migrate complection to ES2015
• aeb4541 refactor: migrate cli to ES2015
• 33b1078 refactor: migrate BrowserResult class to ES2015
• 5809653 refactor: migrate BrowserCollection class to ES2015
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/crnk-project/crnk-framework/network/alerts).