search

mwood77 / winderoo

Winderoo - Supercharge your Open Source Watch Winder (OSWW) build!
https://winderoo.com
Creative Commons Attribution Share Alike 4.0 International
24 stars 5 forks source link

Bump the npm_and_yarn group in /src/angular/osww-frontend with 9 updates #67

Open dependabot[bot] opened 1 month ago

dependabot[bot] commented 1 month ago

Bumps the npm_and_yarn group in /src/angular/osww-frontend with 9 updates:

Package From To
body-parser 1.20.1 1.20.3
express 4.18.2 4.21.1
braces 3.0.2 3.0.3
cookie 0.4.2 0.7.2
socket.io 4.6.0 4.8.0
webpack-dev-middleware 5.3.3 7.4.2
@angular-devkit/build-angular 14.2.10 18.2.8
ws 8.11.0 8.17.1
socket.io-adapter 2.5.2 2.5.5

Updates body-parser from 1.20.1 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

New Contributors

Full Changelog: https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3

1.20.2

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2
Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.


Updates express from 4.18.2 to 4.21.1

Release notes

Sourced from express's releases.

4.21.1

What's Changed

Full Changelog: https://github.com/expressjs/express/compare/4.21.0...4.21.1

4.21.0

What's Changed

New Contributors

Full Changelog: https://github.com/expressjs/express/compare/4.20.0...4.21.0

4.20.0

What's Changed

Important

  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect

Other Changes

... (truncated)

Changelog

Sourced from express's changelog.

4.21.1 / 2024-10-08

4.21.0 / 2024-09-11

  • Deprecate res.location("back") and res.redirect("back") magic string
  • deps: serve-static@1.16.2
    • includes send@0.19.0
  • deps: finalhandler@1.3.1
  • deps: qs@6.13.0

4.20.0 / 2024-09-10

  • deps: serve-static@0.16.0
    • Remove link renderization in html while redirecting
  • deps: send@0.19.0
    • Remove link renderization in html while redirecting
  • deps: body-parser@0.6.0
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: path-to-regexp@0.1.10
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

  • Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

  • Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

  • Prevent open redirect allow list bypass due to encodeurl
  • deps: cookie@0.6.0

4.18.3 / 2024-02-29

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.


Updates braces from 3.0.2 to 3.0.3

Commits


Updates cookie from 0.4.2 to 0.7.2

Release notes

Sourced from cookie's releases.

v0.7.2

Fixed

  • Fix object assignment of hasOwnProperty (#177) bc38ffd

https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2

0.7.1

Fixed

  • Allow leading dot for domain (#174)
    • Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec
  • Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1

0.7.0

https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0

0.6.0

  • Add partitioned option

0.5.0

  • Add priority option
  • Fix expires option to reject invalid dates
  • pref: improve default decode speed
  • pref: remove slow string split in parse
Commits
Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.


Updates socket.io from 4.6.0 to 4.8.0

Release notes

Sourced from socket.io's releases.

socket.io-client@4.8.0

Features

Custom transport implementations

The transports option now accepts an array of transport implementations:

import { io } from "socket.io-client";
import { XHR, WebSocket } from "engine.io-client";

const socket = io({
transports: [XHR, WebSocket]
});

Here is the list of provided implementations:

Transport Description
Fetch HTTP long-polling based on the built-in fetch() method.
NodeXHR HTTP long-polling based on the XMLHttpRequest object provided by the xmlhttprequest-ssl package.
XHR HTTP long-polling based on the built-in XMLHttpRequest object.
NodeWebSocket WebSocket transport based on the WebSocket object provided by the ws package.
WebSocket WebSocket transport based on the built-in WebSocket object.
WebTransport WebTransport transport based on the built-in WebTransport object.

Usage:

Transport browser Node.js Deno Bun
Fetch :white_check_mark: :white_check_mark: (1) :white_check_mark: :white_check_mark:
NodeXHR :white_check_mark: :white_check_mark: :white_check_mark:
XHR :white_check_mark:
NodeWebSocket :white_check_mark: :white_check_mark: :white_check_mark:
WebSocket :white_check_mark: :white_check_mark: (2) :white_check_mark: :white_check_mark:
WebTransport :white_check_mark: :white_check_mark:

(1) since v18.0.0 (2) since v21.0.0

Added in f4d898e and b11763b.

Test each low-level transports

When setting the tryAllTransports option to true, if the first transport (usually, HTTP long-polling) fails, then the other transports will be tested too:

import { io } from "socket.io-client";
</tr></table>

... (truncated)

Commits
  • d0fc720 chore(release): socket.io@4.8.0
  • 4a0555c chore(release): socket.io-client@4.8.0
  • 2b60df1 chore(release): engine.io@6.6.1
  • d4cb375 ci: ignore tests when publishing to npm
  • c251ae7 chore(release): engine.io-client@6.6.1
  • 8a2f5a3 fix(eio-client): move 'offline' event listener at the top
  • b04fa64 fix(sio): allow to join a room in a middleware (uws)
  • 7085f0e refactor(sio-client): mangle private attributes
  • 4f66708 chore(sio-client): use babel loose mode when transpiling classes
  • 1a95db2 chore(sio-client): add a script to compute the bundle size
  • Additional commits viewable in compare view


Updates express from 4.18.2 to 4.21.1

Release notes

Sourced from express's releases.

4.21.1

What's Changed

Full Changelog: https://github.com/expressjs/express/compare/4.21.0...4.21.1

4.21.0

What's Changed

New Contributors

Full Changelog: https://github.com/expressjs/express/compare/4.20.0...4.21.0

4.20.0

What's Changed

Important

  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect

Other Changes

... (truncated)

Changelog

Sourced from express's changelog.

4.21.1 / 2024-10-08

4.21.0 / 2024-09-11

  • Deprecate res.location("back") and res.redirect("back") magic string
  • deps: serve-static@1.16.2
    • includes send@0.19.0
  • deps: finalhandler@1.3.1
  • deps: qs@6.13.0

4.20.0 / 2024-09-10

  • deps: serve-static@0.16.0
    • Remove link renderization in html while redirecting
  • deps: send@0.19.0
    • Remove link renderization in html while redirecting
  • deps: body-parser@0.6.0
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: path-to-regexp@0.1.10
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

  • Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

  • Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

  • Prevent open redirect allow list bypass due to encodeurl
  • deps: cookie@0.6.0

4.18.3 / 2024-02-29

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.


Updates socket.io from 4.6.0 to 4.8.0

Release notes

Sourced from socket.io's releases.

socket.io-client@4.8.0

Features

Custom transport implementations

The transports option now accepts an array of transport implementations:

import { io } from "socket.io-client";
import { XHR, WebSocket } from "engine.io-client";

const socket = io({
transports: [XHR, WebSocket]
});

Here is the list of provided implementations:

Transport Description
Fetch HTTP long-polling based on the built-in fetch() method.
NodeXHR HTTP long-polling based on the XMLHttpRequest object provided by the xmlhttprequest-ssl package.
XHR HTTP long-polling based on the built-in XMLHttpRequest object.
NodeWebSocket WebSocket transport based on the WebSocket object provided by the ws package.
WebSocket WebSocket transport based on the built-in WebSocket object.
WebTransport WebTransport transport based on the built-in WebTransport object.

Usage:

Transport browser Node.js Deno Bun
Fetch :white_check_mark: :white_check_mark: (1) :white_check_mark: :white_check_mark:
NodeXHR :white_check_mark: :white_check_mark: :white_check_mark:
XHR :white_check_mark:
NodeWebSocket :white_check_mark: :white_check_mark: :white_check_mark:
WebSocket :white_check_mark: :white_check_mark: (2) :white_check_mark: :white_check_mark:
WebTransport :white_check_mark: :white_check_mark:

(1) since v18.0.0 (2) since v21.0.0

Added in f4d898e and b11763b.

Test each low-level transports

When setting the tryAllTransports option to true, if the first transport (usually, HTTP long-polling) fails, then the other transports will be tested too:

import { io } from "socket.io-client";
</tr></table>

... (truncated)

Commits
  • d0fc720 chore(release): socket.io@4.8.0
  • 4a0555c chore(release): socket.io-client@4.8.0
  • 2b60df1 chore(release): engine.io@6.6.1
  • d4cb375 ci: ignore tests when publishing to npm
  • c251ae7 chore(release): engine.io-client@6.6.1
  • 8a2f5a3 fix(eio-client): move 'offline' event listener at the top
  • b04fa64 fix(sio): allow to join a room in a middleware (uws)
  • 7085f0e refactor(sio-client): mangle private attributes
  • 4f66708 chore(sio-client): use babel loose mode when transpiling classes
  • 1a95db2 chore(sio-client): add a script to compute the bundle size
  • Additional commits viewable in compare view


Updates webpack-dev-middleware from 5.3.3 to 7.4.2

Release notes

Sourced from webpack-dev-middleware's releases.

v7.4.2

7.4.2 (2024-08-21)

Bug Fixes

v7.4.1

7.4.1 (2024-08-20)

Bug Fixes

v7.4.0

7.4.0 (2024-08-15)

Features

  • added the cacheImmutable option to cache immutable assets (assets with a hash in file name like image.e12ab567.jpg) (5ed629d)
  • allow to configure the Cache-Control header (#1923) (f7529c3)

Bug Fixes

  • support devServer: false (b443f4d)

v7.3.0

7.3.0 (2024-07-18)

Features

v7.2.1

7.2.1 (2024-04-02)

Bug Fixes

  • avoid extra log

v7.2.0

7.2.0 (2024-03-29)

... (truncated)

Changelog

Sourced from webpack-dev-middleware's changelog.

7.4.2 (2024-08-21)

Bug Fixes

7.4.1 (2024-08-20)

Bug Fixes

7.4.0 (2024-08-15)

Features

  • added the cacheImmutable option to cache immutable assets (assets with a hash in file name like image.e12ab567.jpg) (5ed629d)
  • allow to configure the Cache-Control header (#1923) (f7529c3)

Bug Fixes

  • support devServer: false (b443f4d)

7.3.0 (2024-07-18)

Features

7.2.1 (2024-04-02)

Bug Fixes

  • avoid extra log

7.2.0 (2024-03-29)

Features

... (truncated)

Commits
  • 5a916d8 chore(release): 7.4.2
  • c20f1d9 fix: no crash when headers are already sent (#1929)
  • 0f9a6c9 chore(deps-dev): bump the dependencies group with 4 updates (#1928)
  • 99e9b77 chore(release): 7.4.1
  • 8f9aa16 chore: ignore Rspack word
  • 21f1797 fix: assetsInfo may be undefined (rspack) (#1927)
  • 0034dd9 test: fix (#1926)
  • 60a2bc4 chore(deps-dev): bump the dependencies group with 4 updates (#1925)
  • 792ab65 chore(release): 7.4.0
  • 5ed629d feat: added the cacheImmutable option to cache immutable assets (assets with ...
  • Additional commits viewable in compare view


Updates @angular-devkit/build-angular from 14.2.10 to 18.2.8

Release notes

Sourced from @​angular-devkit/build-angular's releases.

v18.2.8

18.2.8 (2024-10-09)

@​schematics/angular

Commit Description
fix - b522002ff add validation for component and directive class name
fix - dfd2d5c05 include index.csr.html in resources asset group

@​angular/build

Commit Description
fix - 9445916f9 Ctrl + C not terminating dev-server with SSR
fix - 9b5cfaa8c always generate a new hash for optimized chunk

v18.2.7

18.2.7 (2024-10-02)

@​schematics/angular

Commit Description
fix - 3f98193d6 support single quote setting in JetBrains IDEs

@​angular/build

Commit Description
fix - 8274184e1 add animate to valid self-closing elements
fix - 2648e811e add few more SVG elements animateMotion, animateTransform, and feBlend etc. to valid self-closing elements
fix - 736e126e4 separate Vite cache by project

v18.2.6

18.2.6 (2024-09-25)

@​angular/build

Commit Description
fix - 9d0b67124 allow missing HTML file request to fallback to index
fix - 5fea635b2 update rollup to 4.22.4

v18.2.5

18.2.5 (2024-09-18)

@​angular/build

Commit Description
fix - 707431625 support HTTP HEAD requests for virtual output files
fix - 1032b3da1 update vite to 5.4.6

v18.2.4

18.2.4 (2024-09-11)

@​angular/build

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

18.2.8 (2024-10-09)

@​schematics/angular

Commit Type Description
b522002ff fix add validation for component and directive class name
dfd2d5c05 fix include index.csr.html in resources asset group

@​angular/build

Commit Type Description
9445916f9 fix Ctrl + C not terminating dev-server with SSR
9b5cfaa8c fix always generate a new hash for optimized chunk

19.0.0-next.9 (2024-10-02)

@​angular-devkit/build-angular

Commit Type Description
0a4ef3026 feat karma-coverage w/ app builder
dcbdca85c feat karma+esbuild+watch
9d7613db9 fix zone.js/testing + karma + esbuild

@​angular/build

Commit Type Description
f63072668 feat utilize ssr.entry during prerendering to enable access to local API routes
  • © Githubissues.
  • Githubissues is a development platform for aggregating issues.