Closed dependabot[bot] closed 3 weeks ago
⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪ |
🧪 No relevant tests |
🔒 No security concerns identified |
⚡ No key issues to review |
No code suggestions found for the PR.
Looks like these dependencies are up-to-date now, so this is no longer needed.
User description
Bumps body-parser and express. These dependencies needed to be updated together. Updates
body-parser
from 1.20.0 to 1.20.3Release notes
Sourced from body-parser's releases.
Changelog
Sourced from body-parser's changelog.
Commits
1752951
1.20.339744cf
chore: linter (#534)b2695c4
Merge commit from forkade0f3f
add scorecard to readme (#531)99a1bd6
deps: qs@6.12.3 (#521)9478591
fix: pin to node@22.4.183db46a
ci: fix errors in ci github action for node 8 and 9 (#523)9d4e212
chore: add support for OSSF scorecard reporting (#522)ee91374
1.20.2368a93a
Fix strict json error message on Node.js 19+Maintainer changes
This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.
Updates
express
from 4.18.1 to 4.21.0Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
... (truncated)
Commits
7e562c6
4.21.01bcde96
fix(deps): qs@6.13.0 (#5946)7d36477
fix(deps): serve-static@1.16.2 (#5951)40d2d8f
fix(deps): finalhandler@1.3.177ada90
Deprecate"back"
magic string in redirects (#5935)21df421
4.20.04c9ddc1
feat: upgrade to serve-static@0.16.09ebe5d5
feat: upgrade to send@0.19.0 (#5928)ec4a01b
feat: upgrade to body-parser@1.20.3 (#5926)54271f6
fix: don't render redirect values in anchor hrefMaintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show
PR Type
dependencies
Description
body-parser
dependency from version 1.20.0 to 1.20.3 to include important changes such as the newdepth
option.express
dependency from version 4.18.1 to 4.21.0, which includes various improvements and bug fixes.define-data-property
,es-define-property
, andes-errors
to support updated packages.Changes walkthrough 📝
package-lock.json
Update dependencies in package-lock.json
package-lock.json
body-parser
from version 1.20.0 to 1.20.3.express
from version 4.18.1 to 4.21.0.define-data-property
,es-define-property
, andes-errors
.package.json
Update express dependency version in package.json
package.json - Updated `express` dependency version from 4.18.1 to 4.21.0.