Bump the npm_and_yarn group across 1 directory with 48 updates #1

dependabot · 2025-04-26T22:30:16Z

Bumps the npm_and_yarn group with 27 updates in the / directory:

Package	From	To
axios	`0.21.1`	`0.30.0`
bootstrap	`4.6.0`	`5.0.0`
express	`4.17.1`	`4.21.2`
sequelize	`6.6.2`	`6.29.0`
sqlite3	`5.0.2`	`5.1.5`
vue	`2.6.12`	`3.0.0`
vue-template-compiler	`2.6.12`	`2.7.16`
@babel/traverse	`7.13.0`	`7.27.0`
ansi-regex	`4.1.0`	`4.1.1`
ansi-regex	`3.0.0`	`4.1.1`
loader-utils	`1.4.0`	`1.4.2`
@vue/cli-plugin-babel	`4.5.11`	`5.0.8`
@vue/cli-plugin-eslint	`4.5.11`	`5.0.8`
@vue/cli-plugin-router	`4.5.11`	`5.0.8`
@vue/cli-plugin-typescript	`4.5.11`	`5.0.8`
@vue/cli-service	`4.5.11`	`5.0.8`
@vue/eslint-config-standard	`5.1.2`	`9.0.1`
browserify-sign	`4.2.1`	`4.2.3`
decode-uri-component	`0.2.0`	`0.2.2`
dottie	`2.0.2`	`2.0.6`
es5-ext	`0.10.53`	`0.10.64`
json-schema	`0.2.3`	`0.4.0`
jsprim	`1.4.1`	`1.4.2`
minimatch	`3.0.4`	`3.0.8`
minimist	`1.2.5`	`1.2.8`
tar	`2.2.2`	`6.2.1`
node-sass	`4.14.1`	`9.0.0`
sass-loader	`8.0.2`	`16.0.5`

Updates axios from 0.21.1 to 0.30.0

Release notes

Sourced from axios's releases.

Release v0.30.0

Release notes:

Bug Fixes

fix: modify log while request is aborted by @mori5321 in axios/axios#4917

fix: update CHANGELOG.md for v0.x by @TehZarathustra in axios/axios#6271

fix: modify upgrade guide for 0.28.1's breaking change by @nafeger in axios/axios#6787

fix: backport allowAbsoluteUrls vulnerability fix to v0.x by @thatguyinabeanie in axios/axios#6829

fix: add allowAbsoluteUrls type by @thatguyinabeanie in axios/axios#6849

Contributors to this release

@mori5321 made their first contribution in axios/axios#4917

@TehZarathustra made their first contribution in axios/axios#6271

@nafeger made their first contribution in axios/axios#6787

@thatguyinabeanie made their first contribution in axios/axios#6829

Full Changelog: axios/axios@v0.29.0...v0.30.0

v0.29.0

Release notes:

Bug Fixes

fix(backport): backport security fixes in commits #6167 and #6163 to v0.x by @Sean-Powell in axios/axios#6402

fix: omit nulls in params by @Willshaw in axios/axios#6394

fix(backport): fix paramsSerializer function validation by @solonzhu in axios/axios#6361

fix: Regular Expression Denial of Service (ReDoS) by @qiongshusheng in axios/axios#6708

Contributors to this release

@Sean-Powell made their first contribution in axios/axios#6402

@Willshaw made their first contribution in axios/axios#6394

@solonzhu made their first contribution in axios/axios#6361

@qiongshusheng made their first contribution in axios/axios#6708

Release v0.28.1

Release notes:

Release notes:

Bug Fixes

fix(backport): custom params serializer support (#6263)

fix(backport): uncaught ReferenceError req is not defined (#6307)

Release v0.28.0

Release notes:

Bug Fixes

fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)

Fixing content-type header repeated #4745

... (truncated)

Changelog

Sourced from axios's changelog.

0.30.0 (2025-03-26)

Release notes:

Bug Fixes

fix: modify log while request is aborted (#4917)

fix: update CHANGELOG.md for v0.x (#6271)

fix: modify upgrade guide for 0.28.1's breaking change (#6787)

fix: backport allowAbsoluteUrls vulnerability fix to v0.x (#6829)

fix: add allowAbsoluteUrls type (#6849)

0.29.0 (2024-11-21)

Release notes:

Bug Fixes

fix(backport): backport security fixes in commits #6167 and #6163 (#6402)

fix: omit nulls in params (#6394)

fix(backport): fix paramsSerializer function validation (#6361)

fix: regular expression denial of service (ReDoS) (#6708)

0.28.1 (2024-03-24)

Release notes:

Bug Fixes

fix(backport): custom params serializer support (#6263)

fix(backport): uncaught ReferenceError req is not defined (#6307)

0.28.0 (2024-02-12)

Release notes:

Bug Fixes

fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)

Fixing content-type header repeated (#4745)

Fixed timeout error message for HTTP (#4738)

Added axios.formToJSON method (#4735)

URL params serializer (#4734)

Fixed toFormData Blob issue on node>v17 (#4728)

Adding types for progress event callbacks (#4675)

Fixed max body length defaults (#4731)

... (truncated)

Commits

6e922e4 chore: added build artifacts
a06ed1e chore: added pre-release artifacts
c010622 feat: add type for allowAbsoluteUrls (#6849)
02c3c69 fix: backport allowAbsoluteUrls vuln fix to v0.x (#6829)
8603e67 docs: modify upgrade guide for 0.28.1's breaking change (#6787)
f0642ee fix(docs): update CHANGELOG.md for v0.x (#6271)
0630c32 fix: modify log while request is aborted (#4917)
7750b8c chore(release): prep release v0.29.0
4840cb2 fix: regular expression denial of service issues (#6708)
2e36cdb fix(backport): fix paramsSerializer function validation (#6361)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jasonsaayman, a new releaser for axios since your current version.

Updates bootstrap from 4.6.0 to 5.0.0

Release notes

Sourced from bootstrap's releases.

v5.0.0

Highlights

#32155: Updated make-col() mixin to generate equal columns when no size is specified #32763: Added new color-scheme() mixin #33389: Dropdown menus now have option become clickable #33453: Added new docs footer #33548: Offcanvas header components are now vertically aligned #33549: Added offcanvas-top modifier #33634: Added support for .dropdown-items wrapped in <li>s #33626: Fix v5 regressions in tab dropdown functionality

🚀 Features

#32763: Add color-scheme mixin

#33389: Dropdown — Add option to make the dropdown menu clickable

#33549: Add offcanvas-top modifier

🎨 CSS

#32155: Add equal column mixin

#32763: Add color-scheme mixin

#33292: Make accordion icon rotation more natural

#33411: Fix validation feedback icon in select multiple

#33478: Make .nav-link color consistent when using buttons

#33482: Dropdown — Apply positioning only when Popper is not used

#33548: Vertically align offcanvas header components

#33549: Add offcanvas-top modifier

#33550: Spinner alignment changes

#33598: Hide validation icons from multiple selects

#33600: Have $form-check-input-border's default derive from $black

#33607: Reduce color-scheme complexity

#33642: use :read-only css selector instead [readonly] for consistency

#33658: fix: use list-group variable instead of alert

#33736: accordion: fix border-top on Firefox

☕️ JavaScript

#32439: Decouple BackDrop from modal

#33245: Decouple Modal's scrollbar functionality

#33249: Simplify Modal Config

#33250: Simplify ScrollSpy config

#33310: fix: make EventHandler better handle mouseenter/mouseleave events

#33389: Dropdown — Add option to make the dropdown menu clickable

#33429: Remove element event listeners through base component

#33451: Add missing things in hide method of dropdown

#33456: Use our isDisabled util on dropdown

#33466: Refactor dropdown's hide functionality

#33479: Fix dropdown escape propagation

#33496: Use cached noop function

... (truncated)

Commits

bf09367 Release v5.0.0 (#33647)
48ae5a7 Rewrite migration guide (#33834)
f086572 refactor(docs): Added form file input variables (#33833)
1a54286 Fix doc typo and Bootstrap Icons link (#33832)
e2df73f Update migration guide for some v5 changes (#33829)
1e6356a Neutralise more words from placeholder text (#33731)
6633845 Bump eslint-config-xo from 0.35.0 to 0.36.0 (#33646)
cb38744 Tweak toast docs (#33810)
c2ff225 Bump rollup from 2.46.0 to 2.47.0 (#33818)
c090ea2 Bump @babel/preset-env from 7.14.0 to 7.14.1 (#33819)
Additional commits viewable in compare view

Updates express from 4.17.1 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

Add funding field (v4) by @bjohansebas in expressjs/express#6065

deps: path-to-regexp@0.1.11 by @blakeembrey in expressjs/express#5956

deps: bump path-to-regexp@0.1.12 by @jonchurch in expressjs/express#6209

Release: 4.21.2 by @UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

Backport a fix for CVE-2024-47764 to the 4.x branch by @joshbuker in expressjs/express#6029

Release: 4.21.1 by @UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

Deprecate "back" magic string in redirects by @blakeembrey in expressjs/express#5935

finalhandler@1.3.1 by @wesleytodd in expressjs/express#5954

fix(deps): serve-static@1.16.2 by @wesleytodd in expressjs/express#5951

Upgraded dependency qs to 6.13.0 to match qs in body-parser by @agadzinski93 in expressjs/express#5946

New Contributors

@agadzinski93 made their first contribution in expressjs/express#5946

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

... (truncated)

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

deps: path-to-regexp@0.1.12

Fix backtracking protection

deps: path-to-regexp@0.1.11

Throws an error on invalid path values

4.21.1 / 2024-10-08

Backported a fix for CVE-2024-47764

4.21.0 / 2024-09-11

Deprecate res.location("back") and res.redirect("back") magic string

deps: serve-static@1.16.2

includes send@0.19.0

deps: finalhandler@1.3.1

deps: qs@6.13.0

4.20.0 / 2024-09-10

deps: serve-static@0.16.0

Remove link renderization in html while redirecting

deps: send@0.19.0

Remove link renderization in html while redirecting

deps: body-parser@0.6.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: path-to-regexp@0.1.10

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align better with URL spec

Deprecate passing options.maxAge and options.expires to res.clearCookie

Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

... (truncated)

Commits

1faf228 4.21.2
2e0fb64 deps: bump path-to-regexp@0.1.12 (#6209)
59fc270 deps: path-to-regexp@0.1.11 (#5956)
51fc39c docs: add funding (#6065)
8e229f9 4.21.1
a024c8a fix(deps): cookie@0.7.1
7e562c6 4.21.0
1bcde96 fix(deps): qs@6.13.0 (#5946)
7d36477 fix(deps): serve-static@1.16.2 (#5951)
40d2d8f fix(deps): finalhandler@1.3.1
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.

Updates sequelize from 6.6.2 to 6.29.0

Release notes

Sourced from sequelize's releases.

v6.29.0

6.29.0 (2023-02-23)

Features

throw an error if attribute includes parentheses (fixes CVE-2023-22578) (#15710) (d3f5b5a)

v6.28.2

6.28.2 (2023-02-22)

Bug Fixes

accept undefined in where (#15703) (13f2e89)

v6.28.1

6.28.1 (2023-02-21)

Bug Fixes

throw if where receives an invalid value (#15699) (d9e0728)

update moment-timezone version (#15685) (48d6193)

v6.28.0

6.28.0 (2022-12-20)

Features

types: use retry-as-promised types for retry options to match documentation (#15484) (fd4afa6)

v6.27.0

6.27.0 (2022-12-12)

Features

add support for bigints (backport of #14485) (#15413) (1247c01)

v6.26.0

6.26.0 (2022-11-29)

Features

postgres: add support for lock_timeout [#15345] (#15355) (94beace)

v6.25.8

... (truncated)

Commits

d3f5b5a feat: throw an error if attribute includes parentheses (fixes CVE-2023-22578)...
53bd9b7 meta: fix null test getWhereConditions (#15705)
13f2e89 fix: accept undefined in where (#15703)
d9e0728 fix: throw if where receives an invalid value (#15699)
48d6193 fix: update moment-timezone version (#15685)
fd4afa6 feat(types): use retry-as-promised types for retry options to match documenta...
1247c01 feat: add support for bigints (backport of #14485) (#15413)
94beace feat(postgres): add support for lock_timeout #15345 (#15355)
7885000 fix(oracle): remove hardcoded maxRows value (#15323)
bc39fd6 fix: fix parameters not being replaced when after $$ strings (#15307)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by sdepold, a new releaser for sequelize since your current version.

Updates sqlite3 from 5.0.2 to 5.1.5

Release notes

Sourced from sqlite3's releases.

v5.1.5

What's Changed

🔒 Fixed code execution vulnerability due to Object coercion by @daniellockyer

Updated bundled SQLite to v3.41.1 by @daniellockyer

Fixed rpath linker option when using a custom sqlite by @jeromew in TryGhost/node-sqlite3#1654

Full Changelog: TryGhost/node-sqlite3@v5.1.4...v5.1.5

v5.1.4

What's Changed

Fixed glibc compatibility by downgrading CI to Ubuntu 20 by @daniellockyer in TryGhost/node-sqlite3#1664

Full Changelog: TryGhost/node-sqlite3@v5.1.3...v5.1.4

v5.1.3

What's Changed

Updated bundled SQLite to v3.40.0 by @daniellockyer

Full Changelog: TryGhost/node-sqlite3@v5.1.2...v5.1.3

v5.1.2

What's Changed

Updated bundled SQLite to v3.39.4 by @daniellockyer

Full Changelog: TryGhost/node-sqlite3@v5.1.1...v5.1.2

v5.1.1

What's Changed

Added Darwin ARM64 binaries by @daniellockyer in TryGhost/node-sqlite3#1594

A huge thanks to MacStadium for providing an M1 Mac Mini so we can offer ARM64 binaries.

Full Changelog: TryGhost/node-sqlite3@v5.1.0...v5.1.1

v5.1.0

✨ We're very excited to announce node-sqlite3's first minor release of v5, packed with features and improvements.

If you encounter any problems, please open a detailed issue using the templates.

What's Changed

Updated bundled SQLite to v3.39.3 by @daniellockyer

Added ability to receive updates from sqlite3_update_hook by @soukand in TryGhost/node-sqlite3#1267

Added support for setting SQLite limits by @paulfitz in TryGhost/node-sqlite3#1548

Added library types file by @bpasero in TryGhost/node-sqlite3#1527

Added package-lock.json to .gitignore by @JoelEinbinder in TryGhost/node-sqlite3#1628

Fixed remaining method declarations by @alexanderfloh in TryGhost/node-sqlite3#1633

... (truncated)

Commits

6a806f8 v5.1.5
edb1934 Fixed code execution vulnerability due to Object coercion
3a48888 Updated bundled SQLite to v3.41.1
c1440bd Fixed rpath linker option when using a custom sqlite (#1654)
93affa4 Update microsoft/setup-msbuild action to v1.3
6f6318e v5.1.4
aeafe25 Revert "Renamed master references to main"
57ce2d4 Fixed glib compatibility by downgrading to Ubuntu 20
af8e567 Renamed master references to main
8fd18a3 Extracted function checking code into macro
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by daniellockyer, a new releaser for sqlite3 since your current version.

Updates vue from 2.6.12 to 3.0.0

Changelog

Sourced from vue's changelog.

3.0.0 (2020-09-18)

3.0.0-rc.13 (2020-09-18)

Bug Fixes

hmr: make hmr working with class components (#2144) (422f05e)

reactivity: avoid length mutating array methods causing infinite updates (#2138) (f316a33), closes #2137

suspense: should discard unmount effects of invalidated pending branch (5bfcad1)

types: component instance inference without props (#2145) (57bdaa2)

Code Refactoring

watch APIs default to trigger pre-flush (49bb447), closes vuejs/vue-next#1706

Features

runtime-core: support using inject() inside props default functions (58c31e3)

watch: support dot-delimited path in watch option (1c9a0b3)

BREAKING CHANGES

watch APIs now default to use flush: 'pre' instead of flush: 'post'. This change affects watch, watchEffect, the watch component option, and this.$watch. See (49bb447) for more details.

3.0.0-rc.12 (2020-09-16)

Bug Fixes

reactivity: effect should only recursively self trigger with explicit options (3810de7), closes #2125

runtime-core: ensure root stable fragments inherit elements for moving (bebd44f), closes #2134

runtime-core: should still do full traverse of stable fragment children in dev + hmr (dd40ad8)

runtime-core/async-component: fix error component when there are no error handlers (c7b4a37), closes #2129

types/tsx: optional props from Mixin/Extends are treated as required (#2048) (89e9ab8)

Features

compiler-sfc: additionalData support for css preprocessors (#2126) (066d514)

3.0.0-rc.11 (2020-09-15)

... (truncated)

Commits

See full diff in compare view

Updates vue-template-compiler from 2.6.12 to 2.7.16

Release notes

Sourced from vue-template-compiler's releases.

v2.7.16 "Swan Song"

This is the final release for Vue 2.

Vue 2 will reach End of Life on December 31st, 2023. For more details, please read this blog post.

Please refer to CHANGELOG.md for details.

v2.7.16-beta.2

Please refer to CHANGELOG.md for details.

v2.7.16-beta.1

Please refer to CHANGELOG.md for details.

v2.7.15

Please refer to CHANGELOG.md for details.

v2.7.14

Please refer to CHANGELOG.md for details.

v2.7.13

Please refer to CHANGELOG.md for details.

v2.7.12

Please refer to CHANGELOG.md for details.

v2.7.11

Please refer to CHANGELOG.md for details.

v2.7.10

Please refer to CHANGELOG.md for details.

v2.7.9

Please refer to CHANGELOG.md for details.

v2.7.8

Please refer to CHANGELOG.md for details.

v2.7.7

Please refer to CHANGELOG.md for details.

v2.7.6

Please refer to CHANGELOG.md for details.

v2.7.5

Please refer to CHANGELOG.md for details.

v2.7.4

Please refer to CHANGELOG.md for details.

v2.7.3

... (truncated)

Changelog

Sourced from vue-template-compiler's changelog.

2.7.16 Swan Song (2023-12-24)

Bug Fixes

lifecycle: ensure component effect scopes are disconnected (56ce7f8), closes #13134

2.7.16-beta.2 (2023-12-14)

Bug Fixes

account for nested render calls (db9c566), closes #13131

types: export more types for v3 alignment (jsx / component options) (895669f), closes #13078 #13128

2.7.16-beta.1 (2023-12-08)

Bug Fixes

compiler-sfc: check template ref usage, (#12985) (83d9535), closes #12984

compiler-sfc: fix rewriteDefault edge cases (25f97a5), closes #13060 #12892 #12906

keep-alive: fix keep-alive memory leak (2632249), closes #12827

keep-alive: fix memory leak without breaking transition tests (e0747f4)

props: should not unwrap props that are raw refs (08382f0), closes #12930

shallowReactive: should track value if already reactive when set in shallowReactive (0ad8e8d)

style: always set new styles (f5ef882), closes #12901 #12946

types: fix shallowRef's return type (#12979) (a174c29), closes #12978

types: fix type augmentation and compiler-sfc types w/moduleResolution: bundler (#13107) (de0b97b), closes #13106

types: provide types for built-in components (3650c12), closes #13002

types: type VNodeChildren should allow type number (#13067) (24fcf69), closes #12973

utils: unwrap refs when stringifying values in template (ae3e4b1), closes #12884 #12888

watch: new property addition should trigger deep watcher with getter (6d857f5), closes #12967 #12972

2.7.15 (2023-10-23)

Bug Fixes

compiler-sfc: add semicolon after defineProps statement (#12879) (51fef2c)

compiler-sfc: fix macro usage in multi-variable declaration (#12873) (d27c128)

compiler-sfc: Optimize the value of emitIdentifier (#12851) (bb59751)

compiler-sfc: Resolve object expression parsing errors in v-on (#12862) (b8c8b3f)

lifecycle: scope might changed when call hook (#13070) (74ca5a1)

... (truncated)

Commits

13f4e7d release: v2.7.16
56ce7f8 fix(lifecycle): esnure component effect scopes are disconnected
305e4ae release: v2.7.16-beta.2
3e1037e chore: bump vitest to 1.0.4
db9c566 fix: account for nested render calls
895669f fix(types): export more types for v3 alignment (jsx / component options)
73bdf14 release: v2.7.16-beta.1
e0747f4 fix(keep-alive): fix memory leak without breaking transition tests
2632249 fix(keep-alive): fix keep-alive memory leak
3650c12 fix(types): provide types for built-in components
Additional commits viewable in compare view

Updates @babel/traverse from 7.13.0 to 7.27.0

Release notes

Sourced from @babel/traverse's releases.

v7.27.0 (2025-03-24)

Thanks @ishchhabra and @vovkasm for your first PRs!

👓 Spec Compliance

babel-generator, babel-parser

#16977 Default importAttributesKeyword to with (@JLHwung)

🚀 New Feature

babel-helper-create-class-features-plugin, babel-traverse, babel-types

#17169 Allow traverseFast to exit early (@liuxingbaoyu)

babel-parser, babel-types

#17110 Add ImportAttributes to Standardized and move its parser test fixtures (@JLHwung)

babel-generator

#17100 fix(babel-generator): add named export of generate function (@vovkasm)

babel-parser, babel-template

#17149 Add allowYieldOutsideFunction to parser (@liuxingbaoyu)

babel-plugin-transform-typescript, babel-traverse

#17102 feat: Add upToScope parameter to hasBinding (@liuxingbaoyu)

babel-parser

#17082 Support ESTree AccessorProperty (@JLHwung)

babel-types

#17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@ishchhabra)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16816 fix: Class reference in type throws error (@liuxingbaoyu)

babel-traverse

#17170 fix: Reset child scopes when scope.crawl() (@liuxingbaoyu)

babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, ba... Description has been truncated

Bumps the npm_and_yarn group with 27 updates in the / directory: | Package | From | To | | --- | --- | --- | | [axios](https://github.com/axios/axios) | `0.21.1` | `0.30.0` | | [bootstrap](https://github.com/twbs/bootstrap) | `4.6.0` | `5.0.0` | | [express](https://github.com/expressjs/express) | `4.17.1` | `4.21.2` | | [sequelize](https://github.com/sequelize/sequelize) | `6.6.2` | `6.29.0` | | [sqlite3](https://github.com/TryGhost/node-sqlite3) | `5.0.2` | `5.1.5` | | [vue](https://github.com/vuejs/core) | `2.6.12` | `3.0.0` | | [vue-template-compiler](https://github.com/vuejs/vue) | `2.6.12` | `2.7.16` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.13.0` | `7.27.0` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `4.1.1` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `3.0.0` | `4.1.1` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `1.4.2` | | [@vue/cli-plugin-babel](https://github.com/vuejs/vue-cli/tree/HEAD/packages/@vue/cli-plugin-babel) | `4.5.11` | `5.0.8` | | [@vue/cli-plugin-eslint](https://github.com/vuejs/vue-cli/tree/HEAD/packages/@vue/cli-plugin-eslint) | `4.5.11` | `5.0.8` | | [@vue/cli-plugin-router](https://github.com/vuejs/vue-cli/tree/HEAD/packages/@vue/cli-plugin-router) | `4.5.11` | `5.0.8` | | [@vue/cli-plugin-typescript](https://github.com/vuejs/vue-cli/tree/HEAD/packages/@vue/cli-plugin-typescript) | `4.5.11` | `5.0.8` | | [@vue/cli-service](https://github.com/vuejs/vue-cli/tree/HEAD/packages/@vue/cli-service) | `4.5.11` | `5.0.8` | | [@vue/eslint-config-standard](https://github.com/vuejs/eslint-config-standard/tree/HEAD/packages/eslint-config-standard) | `5.1.2` | `9.0.1` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.3` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [dottie](https://github.com/mickhansen/dottie.js) | `2.0.2` | `2.0.6` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.53` | `0.10.64` | | [json-schema](https://github.com/kriszyp/json-schema) | `0.2.3` | `0.4.0` | | [jsprim](https://github.com/joyent/node-jsprim) | `1.4.1` | `1.4.2` | | [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.0.8` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` | | [tar](https://github.com/isaacs/node-tar) | `2.2.2` | `6.2.1` | | [node-sass](https://github.com/sass/node-sass) | `4.14.1` | `9.0.0` | | [sass-loader](https://github.com/webpack-contrib/sass-loader) | `8.0.2` | `16.0.5` | Updates `axios` from 0.21.1 to 0.30.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v0.30.0/CHANGELOG.md) - [Commits](axios/axios@v0.21.1...v0.30.0) Updates `bootstrap` from 4.6.0 to 5.0.0 - [Release notes](https://github.com/twbs/bootstrap/releases) - [Commits](twbs/bootstrap@v4.6.0...v5.0.0) Updates `express` from 4.17.1 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.17.1...4.21.2) Updates `sequelize` from 6.6.2 to 6.29.0 - [Release notes](https://github.com/sequelize/sequelize/releases) - [Changelog](https://github.com/sequelize/sequelize/blob/main/CHANGELOG.md) - [Commits](sequelize/sequelize@v6.6.2...v6.29.0) Updates `sqlite3` from 5.0.2 to 5.1.5 - [Release notes](https://github.com/TryGhost/node-sqlite3/releases) - [Commits](TryGhost/node-sqlite3@v5.0.2...v5.1.5) Updates `vue` from 2.6.12 to 3.0.0 - [Release notes](https://github.com/vuejs/core/releases) - [Changelog](https://github.com/vuejs/core/blob/v3.0.0/CHANGELOG.md) - [Commits](https://github.com/vuejs/core/commits/v3.0.0) Updates `vue-template-compiler` from 2.6.12 to 2.7.16 - [Release notes](https://github.com/vuejs/vue/releases) - [Changelog](https://github.com/vuejs/vue/blob/main/CHANGELOG.md) - [Commits](vuejs/vue@v2.6.12...v2.7.16) Updates `@babel/traverse` from 7.13.0 to 7.27.0 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.0/packages/babel-traverse) Updates `ansi-regex` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v4.1.0...v4.1.1) Updates `ansi-regex` from 3.0.0 to 4.1.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v4.1.0...v4.1.1) Updates `loader-utils` from 1.4.0 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.4.0...v1.4.2) Updates `@vue/cli-plugin-babel` from 4.5.11 to 5.0.8 - [Release notes](https://github.com/vuejs/vue-cli/releases) - [Changelog](https://github.com/vuejs/vue-cli/blob/dev/CHANGELOG.md) - [Commits](https://github.com/vuejs/vue-cli/commits/v5.0.8/packages/@vue/cli-plugin-babel) Updates `@vue/cli-plugin-eslint` from 4.5.11 to 5.0.8 - [Release notes](https://github.com/vuejs/vue-cli/releases) - [Changelog](https://github.com/vuejs/vue-cli/blob/dev/CHANGELOG.md) - [Commits](https://github.com/vuejs/vue-cli/commits/v5.0.8/packages/@vue/cli-plugin-eslint) Updates `@vue/cli-plugin-router` from 4.5.11 to 5.0.8 - [Release notes](https://github.com/vuejs/vue-cli/releases) - [Changelog](https://github.com/vuejs/vue-cli/blob/dev/CHANGELOG.md) - [Commits](https://github.com/vuejs/vue-cli/commits/v5.0.8/packages/@vue/cli-plugin-router) Updates `@vue/cli-plugin-typescript` from 4.5.11 to 5.0.8 - [Release notes](https://github.com/vuejs/vue-cli/releases) - [Changelog](https://github.com/vuejs/vue-cli/blob/dev/CHANGELOG.md) - [Commits](https://github.com/vuejs/vue-cli/commits/v5.0.8/packages/@vue/cli-plugin-typescript) Updates `@vue/cli-service` from 4.5.11 to 5.0.8 - [Release notes](https://github.com/vuejs/vue-cli/releases) - [Changelog](https://github.com/vuejs/vue-cli/blob/dev/CHANGELOG.md) - [Commits](https://github.com/vuejs/vue-cli/commits/v5.0.8/packages/@vue/cli-service) Updates `@vue/eslint-config-standard` from 5.1.2 to 9.0.1 - [Release notes](https://github.com/vuejs/eslint-config-standard/releases) - [Changelog](https://github.com/vuejs/eslint-config-standard/blob/main/packages/eslint-config-standard/CHANGELOG.md) - [Commits](https://github.com/vuejs/eslint-config-standard/commits/@vue/eslint-config-standard@9.0.1/packages/eslint-config-standard) Updates `async` from 2.6.3 to 3.2.6 - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v3.2.6) Updates `body-parser` from 1.19.0 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.19.0...1.20.3) Updates `browserify-sign` from 4.2.1 to 4.2.3 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.2.1...v4.2.3) Updates `cookie` from 0.4.0 to 0.7.1 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](jshttp/cookie@v0.4.0...v0.7.1) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `dns-packet` from 1.3.1 to 5.6.1 - [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md) - [Commits](mafintosh/dns-packet@v1.3.1...v5.6.1) Updates `dottie` from 2.0.2 to 2.0.6 - [Release notes](https://github.com/mickhansen/dottie.js/releases) - [Commits](mickhansen/dottie.js@v2.0.2...v2.0.6) Updates `elliptic` from 6.5.4 to 6.6.1 - [Commits](indutny/elliptic@v6.5.4...v6.6.1) Updates `es5-ext` from 0.10.53 to 0.10.64 - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.53...v0.10.64) Updates `follow-redirects` from 1.13.3 to 1.15.9 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.13.3...v1.15.9) Updates `json5` from 0.5.1 to 1.0.1 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v0.5.1...v1.0.1) Updates `http-proxy-middleware` from 0.19.1 to 2.0.9 - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.9/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v0.19.1...v2.0.9) Updates `json-schema` from 0.2.3 to 0.4.0 - [Commits](kriszyp/json-schema@v0.2.3...v0.4.0) Updates `jsprim` from 1.4.1 to 1.4.2 - [Changelog](https://github.com/TritonDataCenter/node-jsprim/blob/v1.4.2/CHANGES.md) - [Commits](TritonDataCenter/node-jsprim@v1.4.1...v1.4.2) Updates `minimatch` from 3.0.4 to 3.0.8 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.0.8) Updates `minimist` from 1.2.5 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.8) Updates `moment` from 2.29.1 to 2.30.1 - [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md) - [Commits](moment/moment@2.29.1...2.30.1) Updates `moment-timezone` from 0.5.33 to 0.5.48 - [Release notes](https://github.com/moment/moment-timezone/releases) - [Changelog](https://github.com/moment/moment-timezone/blob/develop/changelog.md) - [Commits](moment/moment-timezone@0.5.33...0.5.48) Updates `node-fetch` from 2.6.1 to 2.7.0 - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@v2.6.1...v2.7.0) Updates `node-forge` from 0.10.0 to 1.3.1 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@0.10.0...v1.3.1) Updates `tar` from 2.2.2 to 6.2.1 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v2.2.2...v6.2.1) Updates `node-sass` from 4.14.1 to 9.0.0 - [Release notes](https://github.com/sass/node-sass/releases) - [Changelog](https://github.com/sass/node-sass/blob/master/CHANGELOG.md) - [Commits](sass/node-sass@v4.14.1...v9.0.0) Updates `sass-loader` from 8.0.2 to 16.0.5 - [Release notes](https://github.com/webpack-contrib/sass-loader/releases) - [Changelog](https://github.com/webpack-contrib/sass-loader/blob/master/CHANGELOG.md) - [Commits](webpack/sass-loader@v8.0.2...v16.0.5) Updates `path-to-regexp` from 0.1.7 to 0.1.12 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.12) Updates `postcss` from 7.0.35 to 7.0.39 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/7.0.39/CHANGELOG.md) - [Commits](postcss/postcss@7.0.35...7.0.39) Updates `qs` from 6.5.2 to 6.13.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.2...v6.13.0) Updates `send` from 0.17.1 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.17.1...0.19.0) Updates `serve-static` from 1.14.1 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.14.1...v1.16.2) Updates `shell-quote` from 1.7.2 to 1.8.2 - [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md) - [Commits](ljharb/shell-quote@v1.7.2...v1.8.2) Updates `validator` from 10.11.0 to 13.15.0 - [Release notes](https://github.com/validatorjs/validator.js/releases) - [Changelog](https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md) - [Commits](validatorjs/validator.js@10.11.0...13.15.0) Updates `webpack-dev-middleware` from 3.7.3 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v3.7.3...v5.3.4) Updates `ws` from 6.2.1 to 7.5.10 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@6.2.1...7.5.10) --- updated-dependencies: - dependency-name: axios dependency-version: 0.30.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: bootstrap dependency-version: 5.0.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: express dependency-version: 4.21.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: sequelize dependency-version: 6.29.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: sqlite3 dependency-version: 5.1.5 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vue dependency-version: 3.0.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vue-template-compiler dependency-version: 2.7.16 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-version: 7.27.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ansi-regex dependency-version: 4.1.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ansi-regex dependency-version: 4.1.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: loader-utils dependency-version: 1.4.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@vue/cli-plugin-babel" dependency-version: 5.0.8 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@vue/cli-plugin-eslint" dependency-version: 5.0.8 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@vue/cli-plugin-router" dependency-version: 5.0.8 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@vue/cli-plugin-typescript" dependency-version: 5.0.8 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@vue/cli-service" dependency-version: 5.0.8 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: "@vue/eslint-config-standard" dependency-version: 9.0.1 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: async dependency-version: 3.2.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-version: 1.20.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: browserify-sign dependency-version: 4.2.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookie dependency-version: 0.7.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: decode-uri-component dependency-version: 0.2.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: dns-packet dependency-version: 5.6.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: dottie dependency-version: 2.0.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: elliptic dependency-version: 6.6.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: es5-ext dependency-version: 0.10.64 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-version: 1.15.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-version: 1.0.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-proxy-middleware dependency-version: 2.0.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json-schema dependency-version: 0.4.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jsprim dependency-version: 1.4.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 3.0.8 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-version: 1.2.8 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: moment dependency-version: 2.30.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: moment-timezone dependency-version: 0.5.48 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-fetch dependency-version: 2.7.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-forge dependency-version: 1.3.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar dependency-version: 6.2.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-sass dependency-version: 9.0.0 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: sass-loader dependency-version: 16.0.5 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-version: 0.1.12 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: postcss dependency-version: 7.0.39 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-version: 6.13.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-version: 0.19.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-version: 1.16.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: shell-quote dependency-version: 1.8.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: validator dependency-version: 13.15.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-version: 5.3.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-version: 7.5.10 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 26, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 1 directory with 48 updates #1

Bump the npm_and_yarn group across 1 directory with 48 updates #1

Uh oh!

dependabot bot commented on behalf of github Apr 26, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Bump the npm_and_yarn group across 1 directory with 48 updates #1

Are you sure you want to change the base?

Bump the npm_and_yarn group across 1 directory with 48 updates #1

Uh oh!

Conversation

dependabot bot commented on behalf of github Apr 26, 2025

Release v0.30.0

Release notes:

Bug Fixes

Contributors to this release

v0.29.0

Release notes:

Bug Fixes

Contributors to this release

Release v0.28.1

Release notes:

Release notes:

Bug Fixes

Release v0.28.0

Release notes:

Bug Fixes

Backports from v1.x:

0.30.0 (2025-03-26)

Release notes:

Bug Fixes

0.29.0 (2024-11-21)

Release notes:

Bug Fixes

0.28.1 (2024-03-24)

Release notes:

Bug Fixes

0.28.0 (2024-02-12)

Release notes:

Bug Fixes

Backports from v1.x:

v5.0.0

Highlights

🚀 Features

🎨 CSS

☕️ JavaScript

4.21.2

What's Changed

4.21.1

What's Changed

4.21.0

What's Changed

New Contributors

4.20.0

What's Changed

Important

Other Changes

4.21.2 / 2024-11-06

4.21.1 / 2024-10-08

4.21.0 / 2024-09-11

4.20.0 / 2024-09-10

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

v6.29.0

6.29.0 (2023-02-23)

Features

v6.28.2

6.28.2 (2023-02-22)

Bug Fixes

v6.28.1

6.28.1 (2023-02-21)

Bug Fixes

v6.28.0

6.28.0 (2022-12-20)

Features

v6.27.0

6.27.0 (2022-12-12)

Features

v6.26.0

6.26.0 (2022-11-29)

Features

v6.25.8

v5.1.5

What's Changed

v5.1.4

What's Changed