Bumps the npm_and_yarn group with 1 update in the /packages/typescript-dev-private/publish-package directory: semver.
Bumps the npm_and_yarn group with 1 update in the /packages/typescript-private/console-open-api directory: express.
Bumps the npm_and_yarn group with 1 update in the /packages/typescript-private/nestjs-common directory: ws.
Bumps the npm_and_yarn group with 2 updates in the /packages/typescript-private/types directory: protobufjs and @grpc/grpc-js.
Bumps the npm_and_yarn group with 2 updates in the /packages/typescript/action-kit directory: axios and yaml.
Bumps the npm_and_yarn group with 1 update in the /packages/typescript/common directory: axios.
Bumps the npm_and_yarn group with 1 update in the /packages/typescript/dest directory: axios.
Bumps the npm_and_yarn group with 2 updates in the /packages/typescript/device-client directory: ws and axios.
Bumps the npm_and_yarn group with 1 update in the /packages/typescript/device-client-common directory: axios.
Bumps the npm_and_yarn group with 2 updates in the /packages/typescript/jest-environment directory: axios and zod.
Bumps the npm_and_yarn group with 4 updates in the /packages/typescript/node directory: ws, axios, yaml and octokit.
Bumps the npm_and_yarn group with 1 update in the /packages/typescript/toolkit directory: axios.
Bumps the npm_and_yarn group with 1 update in the /packages/typescript/types directory: protobufjs.
Bumps the npm_and_yarn group with 2 updates in the /prebuilds/protocol-exporter directory: protobufjs and @grpc/grpc-js.
Bumps the npm_and_yarn group with 3 updates in the /projects/console-web-front directory: axios, @sentry/nextjs and next.
Bumps the npm_and_yarn group with 5 updates in the /projects/console-web-server directory:
Bumps the npm_and_yarn group with 1 update in the /projects/nexus-initializer directory: axios.
Bumps the npm_and_yarn group with 1 update in the /projects/test-executor directory: sharp.
Bumps the npm_and_yarn group with 1 update in the /validators directory: axios.
Deprecate onentry in favor of onReadEntry for clarity.
7.3
Add onWriteEntry option
7.2
DRY the command definitions into a single makeCommand method,
and update the type signatures to more appropriately infer the
return type from the options and arguments provided.
7.1
Update minipass to v7.1.0
Update the type definitions of write() and end() methods on
Unpack and Parser classes to be compatible with the
NodeJS.WritableStream type in the latest versions of
@types/node.
7.0
Rewrite in TypeScript, provide ESM and CommonJS hybrid
interface
Add tree-shake friendly exports, like import('tar/create')
and import('tar/read-entry') to get individual functions or
classes.
Add chmod option that defaults to false, and deprecate
noChmod. That is, reverse the default option regarding
explicitly setting file system modes to match tar entry
settings.
Add processUmask option to avoid having to call
process.umask() when chmod: true (or noChmod: false) is
set.
6.2
Add support for brotli compression
Add maxDepth option to prevent extraction into excessively
deep folders.
In vulnerable versions of ws, the issue can be mitigated in the following ways:
Reduce the maximum allowed length of the request headers using the
[--max-http-header-size=size][] and/or the [maxHeaderSize][] options so
that no more headers than the server.maxHeadersCount limit can be sent.
This patch release includes a fix for an error that could be thrown in parseDocument for degenerate input. Otherwise, it's a patch release uplifting a few fixes from the ongoing v2.3 work to v2.2:
Corner case failure in error pretty-printer (CVE-2023-2251)
Use correct argument order when stringifying flow collection comments (#443)
Bumps the npm_and_yarn group with 17 updates in the / directory:
6.1.15
6.2.1
8.9.0
8.17.1
1.3.5
1.6.0
2.2.1
2.2.2
3.21.4
3.22.3
2.0.7
3.1.2
7.1.2
7.2.5
7.4.3
7.4.4
7.5.0
7.5.2
4.18.2
4.19.2
1.7.3
1.8.22
7.50.0
7.77.0
13.4.4
14.1.1
6.9.7
6.9.9
5.89.0
5.90.0
0.32.4
0.32.6
4.2.2
4.2.5
Bumps the npm_and_yarn group with 1 update in the /packages/typescript-dev-private/publish-package directory: semver. Bumps the npm_and_yarn group with 1 update in the /packages/typescript-private/console-open-api directory: express. Bumps the npm_and_yarn group with 1 update in the /packages/typescript-private/nestjs-common directory: ws. Bumps the npm_and_yarn group with 2 updates in the /packages/typescript-private/types directory: protobufjs and @grpc/grpc-js. Bumps the npm_and_yarn group with 2 updates in the /packages/typescript/action-kit directory: axios and yaml. Bumps the npm_and_yarn group with 1 update in the /packages/typescript/common directory: axios. Bumps the npm_and_yarn group with 1 update in the /packages/typescript/dest directory: axios. Bumps the npm_and_yarn group with 2 updates in the /packages/typescript/device-client directory: ws and axios. Bumps the npm_and_yarn group with 1 update in the /packages/typescript/device-client-common directory: axios. Bumps the npm_and_yarn group with 2 updates in the /packages/typescript/jest-environment directory: axios and zod. Bumps the npm_and_yarn group with 4 updates in the /packages/typescript/node directory: ws, axios, yaml and octokit. Bumps the npm_and_yarn group with 1 update in the /packages/typescript/toolkit directory: axios. Bumps the npm_and_yarn group with 1 update in the /packages/typescript/types directory: protobufjs. Bumps the npm_and_yarn group with 2 updates in the /prebuilds/protocol-exporter directory: protobufjs and @grpc/grpc-js. Bumps the npm_and_yarn group with 3 updates in the /projects/console-web-front directory: axios, @sentry/nextjs and next. Bumps the npm_and_yarn group with 5 updates in the /projects/console-web-server directory:
8.14.2
8.17.1
1.5.1
1.6.0
4.18.2
4.19.2
6.9.7
6.9.9
5.89.0
5.92.1
Bumps the npm_and_yarn group with 1 update in the /projects/nexus-initializer directory: axios. Bumps the npm_and_yarn group with 1 update in the /projects/test-executor directory: sharp. Bumps the npm_and_yarn group with 1 update in the /validators directory: axios.
Updates
tar
from 6.1.15 to 6.2.1Changelog
Sourced from tar's changelog.
... (truncated)
Commits
bef7b1e
6.2.1fe8cd57
prevent extraction in excessively deep subfoldersfe7ebfd
remove security.md5bc9d40
6.2.0fe1ef5e
changelog 6.2e483220
get rid of npm lint stuff689928a
ci that works outside of npm orgdb6f539
file inference improvements for .tbr and .tgz336fa8f
refactor: dry and other pr commentseeba222
chore: lint fixesUpdates
ws
from 8.9.0 to 8.17.1Release notes
Sourced from ws's releases.
... (truncated)
Commits
3c56601
[dist] 8.17.1e55e510
[security] Fix crash when the Upgrade header cannot be read (#2231)6a00029
[test] Increase code coverageddfe4a8
[perf] Reduce the amount ofcrypto.randomFillSync()
callsb73b118
[dist] 8.17.029694a5
[test] Use thehighWaterMark
variable934c9d6
[ci] Test on node 221817bac
[ci] Do not test on node 2196c9b3d
[major] Flip the default value ofallowSynchronousEvents
(#2221)e5f32c7
[fix] Emit at most one event per event loop iteration (#2218)Updates
axios
from 1.3.5 to 1.6.0Release notes
Sourced from axios's releases.
... (truncated)
Changelog
Sourced from axios's changelog.
... (truncated)
Commits
f7adacd
chore(release): v1.6.0 (#6031)9917e67
chore(ci): fix release-it arg; (#6032)96ee232
fix(CSRF): fixed CSRF vulnerability CVE-2023-45857 (#6028)7d45ab2
chore(tests): fixed tests to pass in node v19 and v20 withkeep-alive
enabl...5aaff53
fix(dns): fixed lookup function decorator to work properly in node v20; (#6011)a48a63a
chore(docs): added AxiosHeaders docs; (#5932)a1c8ad0
fix(types): fix AxiosHeaders types; (#5931)2ac731d
chore(docs): update readme.md (#5889)88fb52b
chore(release): v1.5.1 (#5920)e410779
fix(adapters): improved adapters loading logic to have clear error messages; ...Updates
yaml
from 2.2.1 to 2.2.2Release notes
Sourced from yaml's releases.
Commits
f21fa45
2.2.2984f578
fix: Corner case failure in error pretty-printer443e3aa
fix: First-line folding for block scalars (fixes #422)5af5d3d
fix: Use correct argument order when stringifying flow collection comments (f...Updates
zod
from 3.21.4 to 3.22.3Release notes
Sourced from zod's releases.
... (truncated)
Commits
1e61d76
3.22.32ba00fe
[2609] fix ReDoS vulnerability in email regex (#2824)ae0f7a2
docs: update ref to discriminated-unions docs (#2485)ad2ee9c
2718 Updated Custom Schemas documentation example to use type narrowing (#2778)28c1927
Update sponsors18115a8
Formatting64dcc8e
Update sponsorsf59be09
clarify datetime ISO 8601 (#2673)9bd3879
docs: remove obsolete text about readonly types (#2676)1e23990
CommitUpdates
octokit
from 2.0.7 to 3.1.2Release notes
Sourced from octokit's releases.
... (truncated)
Commits
b59da80
fix: updates app.js for the handling of an error being thrown by the verify m...f514e4b
build(deps): lock file maintenance (#2574)fdc9bba
chore(deps): update dependency prettier to v3.1.0d3a9984
build(deps): lock file maintenance870d89d
build(deps): lock file maintenance (#2565)78735dd
build(deps): lock file maintenance (#2562)72ea679
chore(deps): update dependency@types/node
to v20692f7db
ci(action): update actions/setup-node action to v4 (#2560)5b47b84
build(deps): lock file maintenance (#2558)941c584
docs: fixing typos in README (#2557)Updates
protobufjs
from 7.1.2 to 7.2.5Release notes
Sourced from protobufjs's releases.
... (truncated)
Changelog
Sourced from protobufjs's changelog.
... (truncated)
Commits
4436cc7
chore: release master (#1925)e93286e
fix: deprecation warning for new Buffer (#1905)eaf9f0a
fix: crash in comment parsing (#1890)f2a8620
fix: possible infinite loop when parsing option (#1923)42e5a9c
chore: release master (#1900)e66379f
fix: do not let setProperty change the prototype (#1899)56b1e64
chore: release master (#1879)8817ee6
fix: type names can be split into multiple tokens (#1877)e721d04
chore: release master (#1867)14f0536
fix: do not allow to extend same field twice to prevent the error (#1784)Updates
minimatch
from 7.4.3 to 7.4.4Commits
32bad34
7.4.481ba7b0
unroll NodeJS.Platform typeUpdates
semver
from 7.5.0 to 7.5.2Release notes
Sourced from semver's releases.
Changelog
Sourced from semver's changelog.
Commits
e7b78de
chore: release 7.5.258c791f
fix: diff when detecting major change from prerelease (#566)5c8efbc
fix: preserve build in raw after inc (#565)717534e
fix: better handling of whitespace (#564)2f738e9
chore: bump@npmcli/template-oss
from 4.14.1 to 4.15.1 (#558)aa016a6
chore: release 7.5.1d30d25a
fix: show type on invalid semver error (#559)09c69e2
chore: bump@npmcli/template-oss
from 4.13.0 to 4.14.1 (#555)Updates
express
from 4.18.2 to 4.19.2Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
Commits
04bc627
4.19.2da4d763
Improved fix for open redirect allow list bypass4f0f6cc
4.19.1a003cfa
Allow passing non-strings to res.location with new encoding handling checks f...a1fa90f
fixed un-edited version in history.md for 4.19.011f2b1d
build: fix build due to inconsistent supertest behavior in older versions084e365
4.19.00867302
Prevent open redirect allow list bypass due to encodeurl567c9c6
Add note on how to update docs for new release (#5541)69a4cf2
deps: cookie@0.6.0Maintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Updates
@grpc/grpc-js
from 1.7.3 to 1.8.22Release notes
Sourced from
@grpc/grpc-js
's releases.