chore(deps): bump the production-dependencies group with 4 updates

[dependabot[bot]]

Bumps the production-dependencies group with 4 updates: js-sql-parser, proj4, express and winston.

Updates js-sql-parser from 1.5.0 to 1.6.0

Changelog

Sourced from js-sql-parser's changelog.

1.0.6 add MIT license. 1.0.7 fix alias for identifier #16 , pr: #17 1.0.8 support union grammar follow: https://dev.mysql.com/doc/refman/8.0/en/union.html 1.0.9 fix stringify having #29 , pr: #28 1.1.0 hotfix: Remove unused import 1.1.1 fix stringify having #29 , pr: #28 1.2.0 fix typo "refrence" to "reference" #24 1.2.1 fix stringify having #29 , pr: #28 1.2.2 feat: add support for "" quoted alias, pr: [#33](https://github.com/JavaScriptor/js-sql-parser/issues/33) 1.3.0 fix tableFactor alias bug. AST changed in tableFactor. [#34](https://github.com/JavaScriptor/js-sql-parser/issues/34) 1.4.0 fix bug using ' & " for column alias?` #40 #44 1.4.1 hogfix "support quoted alias: multiple alias and orderby support"

Commits

• 26e0b61 Merge pull request #61 from JavaScriptor/feat-use-function-in-table-ref
• 14b3146 feat: support function call in table_factor.
• ca3c259 Merge pull request #58 from luizzappa/unicode-extended
• 1064642 Merge branch 'master' of github.com:JavaScriptor/js-sql-parser into unicode-e...
• 199a1c6 feat(): unicode extended char support for column name or alias
• See full diff in compare view

Updates proj4 from 2.10.0 to 2.11.0

Release notes

Sourced from proj4's releases.

2.11.0

What's Changed

• Add equal earth projection by @​ahocevar in proj4js/proj4js#465

Full Changelog: https://github.com/proj4js/proj4js/compare/2.10.0...2.11.0

Commits

• 76693cf build 2.11.0
• b8b4236 Merge pull request #465 from proj4js/eqearth
• 18326d2 Add equal earth projection
• 3c3e1f4 Update version to 2.10.1-alpha
• See full diff in compare view

Updates express from 4.18.3 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

• Improved fix for open redirect allow list bypass

Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2

4.19.1

What's Changed

• Fix ci after location patch by @​wesleytodd in expressjs/express#5552
• fixed un-edited version in history.md for 4.19.0 by @​wesleytodd in expressjs/express#5556

Full Changelog: https://github.com/expressjs/express/compare/4.19.0...4.19.1

4.19.0

What's Changed

• fix typo in release date by @​UlisesGascon in expressjs/express#5527
• docs: nominating @​wesleytodd to be project captian by @​wesleytodd in expressjs/express#5511
• docs: loosen TC activity rules by @​wesleytodd in expressjs/express#5510
• Add note on how to update docs for new release by @​crandmck in expressjs/express#5541
• Prevent open redirect allow list bypass due to encodeurl
• Release 4.19.0 by @​wesleytodd in expressjs/express#5551

New Contributors

• @​crandmck made their first contribution in expressjs/express#5541

Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

• Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

• Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

• Prevent open redirect allow list bypass due to encodeurl
• deps: cookie@0.6.0

Commits

• 04bc627 4.19.2
• da4d763 Improved fix for open redirect allow list bypass
• 4f0f6cc 4.19.1
• a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
• a1fa90f fixed un-edited version in history.md for 4.19.0
• 11f2b1d build: fix build due to inconsistent supertest behavior in older versions
• 084e365 4.19.0
• 0867302 Prevent open redirect allow list bypass due to encodeurl
• 567c9c6 Add note on how to update docs for new release (#5541)
• 69a4cf2 deps: cookie@0.6.0
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates winston from 3.12.0 to 3.13.0

Release notes

Sourced from winston's releases.

v3.13.0

• fix(http): allow passing maximumDepth to prevent big object being stringified (#2425) a237865

https://github.com/winstonjs/winston/compare/v3.12.1...v3.13.0

v3.12.1

• Bump @​types/node from 20.11.24 to 20.11.29 (#2431) b10b98f
• Revert "Remove nonexistent Logger methods from types" (#2434) 0277035
• fixed flaky test case (#2412) d95c948

https://github.com/winstonjs/winston/compare/v3.12.0...v3.12.1

Commits

• c63a5ad 3.13.0
• a237865 fix(http): allow passing maximumDepth to prevent big object being stringified...
• b5eecf0 3.12.1
• b10b98f Bump @​types/node from 20.11.24 to 20.11.29 (#2431)
• 0277035 Revert "Remove nonexistent Logger methods from types" (#2434)
• d95c948 fixed flaky test case (#2412)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[changeset-bot[bot]]

⚠️ No Changeset found

Latest commit: bcd65981ccb7166f91163ae6b74044a46833cba0

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR