Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/gmacario/learning-nodered/network/alerts).
Bumps qs to 6.10.3 and updates ancestor dependencies qs, qs, node-red, body-parser and express. These dependencies need to be updated together.
Updates
qs
from 6.5.2 to 6.10.3Changelog
Sourced from qs's changelog.
... (truncated)
Commits
f92ddb5
v6.10.3d9e9529
[Dev Deps] updateeslint
8b4cc14
[Fix]parse
: ignore__proto__
keysad63d36
[actions] reuse common workflowsc028385
[Dev Deps] updateeslint
,@ljharb/eslint-config
,object-inspect
,tape
0a1d3e8
[Robustness]stringify
: avoid relying on a globalundefined
408ff95
v6.10.23cea04d
[Dev Deps] update@ljharb/eslint-config
28fba8f
[Dev Deps] updateeslint
,@ljharb/eslint-config
,tape
9aee773
[Fix]stringify
: actually fix cyclic referencesUpdates
qs
from 6.7.0 to 6.10.3Changelog
Sourced from qs's changelog.
... (truncated)
Commits
f92ddb5
v6.10.3d9e9529
[Dev Deps] updateeslint
8b4cc14
[Fix]parse
: ignore__proto__
keysad63d36
[actions] reuse common workflowsc028385
[Dev Deps] updateeslint
,@ljharb/eslint-config
,object-inspect
,tape
0a1d3e8
[Robustness]stringify
: avoid relying on a globalundefined
408ff95
v6.10.23cea04d
[Dev Deps] update@ljharb/eslint-config
28fba8f
[Dev Deps] updateeslint
,@ljharb/eslint-config
,tape
9aee773
[Fix]stringify
: actually fix cyclic referencesUpdates
node-red
from 1.0.2 to 3.0.2Release notes
Sourced from node-red's releases.
... (truncated)
Changelog
Sourced from node-red's changelog.
... (truncated)
Commits
5365786
Merge pull request #3830 from node-red/release-302c9b0a7c
Bump for 3.0.2371d804
Merge pull request #3776 from hardillb/relaxed-http-req-headersbe343cb
Merge pull request #3812 from bonanitech/workspace-chart-bottome9eabd6
Merge pull request #3802 from Dennis14e/patch-de-2abccdc7
Update packages/node_modules/@node-red/nodes/
locales/en-US/messages.json4ae914f
Merge pull request #3801 from kazuhitoyokoi/master-subflowcolor86ac955
Merge pull request #3817 from node-red/fix-regex-name-handle9734691
Merge pull request #3808 from bonanitech/overflow-autod94f3a4
Merge pull request #3818 from node-red/fix-subflow-module-node-lookupUpdates
body-parser
from 1.19.0 to 1.20.0Release notes
Sourced from body-parser's releases.
Changelog
Sourced from body-parser's changelog.
Commits
1f6f58e
1.20.07861a00
docs: update CI badge link601a076
docs: add security policy77bcc0e
deps: qs@6.10.3eac5f22
build: Node.js@17.88611539
build: mocha@9.2.22a2f471
Fix internal error when inflated body exceeds limit9db582d
Fix error message for json parse whitespace in strictbd702d2
lint: remove deprecated String.prototype.substr96df60f
deps: depd@2.0.0Updates
express
from 4.17.1 to 4.18.1Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
... (truncated)
Commits
d854c43
4.18.1b02a95c
build: Node.js@16.15631ada0
Fix hanging on large stack of sync routes75e0c7a
bench: remove unused parametere2482b7
build: ejs@3.1.72df96e3
build: supertest@6.2.3a38fae1
build: mocha@9.2.2547fdd4
4.18.00b330ef
bench: print latency and vary connections158a170
build: support Node.js 18.xDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/gmacario/learning-nodered/network/alerts).