Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/porter-finance/v1-core/network/alerts).
Bumps qs, body-parser and express. These dependencies needed to be updated together. Updates
qs
from 6.5.2 to 6.10.3Changelog
Sourced from qs's changelog.
... (truncated)
Commits
f92ddb5
v6.10.3d9e9529
[Dev Deps] updateeslint
8b4cc14
[Fix]parse
: ignore__proto__
keysad63d36
[actions] reuse common workflowsc028385
[Dev Deps] updateeslint
,@ljharb/eslint-config
,object-inspect
,tape
0a1d3e8
[Robustness]stringify
: avoid relying on a globalundefined
408ff95
v6.10.23cea04d
[Dev Deps] update@ljharb/eslint-config
28fba8f
[Dev Deps] updateeslint
,@ljharb/eslint-config
,tape
9aee773
[Fix]stringify
: actually fix cyclic referencesUpdates
body-parser
from 1.19.0 to 1.20.0Release notes
Sourced from body-parser's releases.
Changelog
Sourced from body-parser's changelog.
Commits
1f6f58e
1.20.07861a00
docs: update CI badge link601a076
docs: add security policy77bcc0e
deps: qs@6.10.3eac5f22
build: Node.js@17.88611539
build: mocha@9.2.22a2f471
Fix internal error when inflated body exceeds limit9db582d
Fix error message for json parse whitespace in strictbd702d2
lint: remove deprecated String.prototype.substr96df60f
deps: depd@2.0.0Updates
express
from 4.17.1 to 4.17.3Release notes
Sourced from express's releases.
Changelog
Sourced from express's changelog.
Commits
3d7fce5
4.17.3f906371
build: update example dependencies6381bc6
deps: qs@6.9.7a007863
deps: body-parser@1.19.2e98f584
Revert "build: use minimatch@3.0.4 for Node.js < 4"a659137
tests: use strict modea39e409
tests: prevent leaking changes to NODE_ENV82de4de
examples: fix path traversal in downloads example12310c5
build: use nyc for test coverage884657d
examples: remove bitwise syntax for includes checkDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/porter-finance/v1-core/network/alerts).