netlify[bot]
commented
7 months ago Deploy Preview for curate-v2 ready!
| Name | Link |
|---|---|
| Latest commit | 906bf4760d311144e4daa9ea4d8a49df325f1fab |
| Latest deploy log | https://app.netlify.com/sites/curate-v2/deploys/6617f477b57e14000702aa09 |
| Deploy Preview | https://deploy-preview-24--curate-v2.netlify.app |
| Preview on mobile | Toggle QR Code...Use your smartphone camera to open QR code link. |
To edit notification comments on pull requests, go to your Netlify site configuration.
Bumps the npm_and_yarn group with 6 updates in the / directory:
4.9.54.9.64.18.24.19.21.15.51.15.62.0.02.0.15.28.25.28.45.3.35.3.4Updates
@openzeppelin/contractsfrom 4.9.5 to 4.9.6Release notes
Sourced from
@openzeppelin/contracts's releases.Changelog
Sourced from
@openzeppelin/contracts's changelog.Commits
dc44c9fRelease v4.9.6 (#4931)a6286d0Port Base64 tests to truffle (#4926) (#4929)Updates
expressfrom 4.18.2 to 4.19.2Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
Commits
04bc6274.19.2da4d763Improved fix for open redirect allow list bypass4f0f6cc4.19.1a003cfaAllow passing non-strings to res.location with new encoding handling checks f...a1fa90ffixed un-edited version in history.md for 4.19.011f2b1dbuild: fix build due to inconsistent supertest behavior in older versions084e3654.19.00867302Prevent open redirect allow list bypass due to encodeurl567c9c6Add note on how to update docs for new release (#5541)69a4cf2deps: cookie@0.6.0Maintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Updates
follow-redirectsfrom 1.15.5 to 1.15.6Commits
35a517cRelease version 1.15.6 of the npm package.c4f847fDrop Proxy-Authorization across hosts.8526b4aUse GitHub for disclosure.Updates
ipfrom 2.0.0 to 2.0.1Commits
3b0994a2.0.132f468flib: fixed CVE-2023-42282 and added unit testUpdates
undicifrom 5.28.2 to 5.28.4Release notes
Sourced from undici's releases.
Commits
fb98306Bumped v5.28.42b39440Merge pull request from GHSA-9qxr-qj54-h67264e3402Merge pull request from GHSA-m4v8-wqvr-p9f7723c4e7Revert "build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 (#2389)"0e9d54bskip failing test due to Node.js changese71cb4cBumped v5.28.320c65b8Fix tests for Node.js v20.11.0 (#2618)8ec52cdFix tests for Node.js v21 (#2609)d3aa574Merge pull request from GHSA-3787-6prv-h9w3Updates
webpack-dev-middlewarefrom 5.3.3 to 5.3.4Release notes
Sourced from webpack-dev-middleware's releases.
Changelog
Sourced from webpack-dev-middleware's changelog.
Commits
86071eachore(release): 5.3.4189c4acfix(security): do not allow to read files above (#1779)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show
PR-Codex overview
This PR updates various npm packages in the
yarn.lockfile. It upgrades@openzeppelin/contractsto version 4.9.6,body-parserto 1.20.2,raw-bodyto 2.5.2,cookieto 0.6.0,expressto 4.19.2, and more.Detailed summary
@openzeppelin/contractsto v4.9.6body-parserto v1.20.2raw-bodyto v2.5.2cookieto v0.6.0expressto v4.19.2