Bump the npm_and_yarn group across 2 directories with 31 updates #365

dependabot · 2025-04-11T06:14:10Z

Bumps the npm_and_yarn group with 22 updates in the /examples/react-example directory:

Package	From	To
@adobe/css-tools	`4.1.0`	`4.4.2`
semver	`5.7.1`	`5.7.2`
@babel/helpers	`7.18.2`	`7.27.0`
@babel/runtime	`7.20.13`	`7.27.0`
@babel/traverse	`7.20.13`	`7.27.0`
loader-utils	`2.0.0`	`2.0.4`
body-parser	`1.20.1`	`1.20.3`
express	`4.18.2`	`4.21.2`
braces	`3.0.2`	`3.0.3`
cross-spawn	`7.0.3`	`7.0.6`
ejs	`3.1.8`	`3.1.10`
follow-redirects	`1.15.2`	`1.15.9`
http-proxy-middleware	`2.0.6`	`2.0.9`
json5	`2.2.1`	`2.2.3`
micromatch	`4.0.5`	`4.0.8`
nanoid	`3.3.4`	`3.3.11`
rollup	`2.79.1`	`2.79.2`
serialize-javascript	`6.0.1`	`6.0.2`
tough-cookie	`4.1.2`	`4.1.4`
webpack	`5.75.0`	`5.99.5`
webpack-dev-middleware	`5.3.3`	`5.3.4`
word-wrap	`1.2.3`	`1.2.5`

Bumps the npm_and_yarn group with 7 updates in the /examples/vue-example directory:

Package	From	To
cross-spawn	`7.0.3`	`7.0.6`
nanoid	`3.3.7`	`3.3.11`
postcss	`8.4.47`	`8.5.3`
rollup	`4.22.5`	`4.39.0`
vite	`5.4.8`	`5.4.18`
esbuild	`0.21.5`	`0.25.2`
@vitejs/plugin-vue	`5.1.4`	`5.2.3`
vite	`5.4.18`	`6.2.6`

Updates @adobe/css-tools from 4.1.0 to 4.4.2

Changelog

Sourced from @adobe/css-tools's changelog.

4.4.2 / 2025-02-12

Fix regular expression for quoted values in parentheses

4.4.0 / 2024-06-05

add support for @starting-style #319

4.3.3 / 2024-01-24

Update export property #271

4.3.2 / 2023-11-28

Fix redos vulnerability with specific crafted css string - CVE-2023-48631

Fix Problem parsing with :is() and nested :nth-child() #211

4.3.1 / 2023-03-14

Fix redos vulnerability with specific crafted css string - CVE-2023-26364

4.3.0 / 2023-03-07

Update build tools

Update exports path and files

4.2.0 / 2023-02-21

Add @container support

Add @layer support

Commits

See full diff in compare view

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

5.7

Add minVersion method

5.6

Move boolean loose param to an options object, with backwards-compatibility protection.

Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

Add version coercion capabilities

5.4

Add intersection checking

5.3

Add minSatisfying method

5.2

Add prerelease(v) that returns prerelease components

5.1

Add Backus-Naur for ranges

Remove excessively cute inspection methods

5.0

Remove AMD/Browserified build artifacts

Fix ltr and gtr when using the * range

Fix for range * with a prerelease identifier

Commits

f8cc313 chore: release 5.7.2
2f8fd41 fix: better handling of whitespace (#585)
deb5ad5 chore: @npmcli/template-oss@4.16.0
See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates @babel/helpers from 7.18.2 to 7.27.0

Release notes

Sourced from @babel/helpers's releases.

v7.27.0 (2025-03-24)

Thanks @ishchhabra and @vovkasm for your first PRs!

👓 Spec Compliance

babel-generator, babel-parser

#16977 Default importAttributesKeyword to with (@JLHwung)

🚀 New Feature

babel-helper-create-class-features-plugin, babel-traverse, babel-types

#17169 Allow traverseFast to exit early (@liuxingbaoyu)

babel-parser, babel-types

#17110 Add ImportAttributes to Standardized and move its parser test fixtures (@JLHwung)

babel-generator

#17100 fix(babel-generator): add named export of generate function (@vovkasm)

babel-parser, babel-template

#17149 Add allowYieldOutsideFunction to parser (@liuxingbaoyu)

babel-plugin-transform-typescript, babel-traverse

#17102 feat: Add upToScope parameter to hasBinding (@liuxingbaoyu)

babel-parser

#17082 Support ESTree AccessorProperty (@JLHwung)

babel-types

#17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@ishchhabra)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16816 fix: Class reference in type throws error (@liuxingbaoyu)

babel-traverse

#17170 fix: Reset child scopes when scope.crawl() (@liuxingbaoyu)

babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@JLHwung)

babel-cli

#17182 fix: @babel/cli generates duplicate inline source maps (@liuxingbaoyu)

babel-plugin-transform-named-capturing-groups-regex, babel-types

#17175 Generate computed proto key (@JLHwung)

🏃‍♀️ Performance

babel-types

#16870 perf: Improve builders of @babel/types (@liuxingbaoyu)

babel-helper-create-regexp-features-plugin

#17176 fix: improve duplicate named groups check (@JLHwung)

Committers: 5

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Ish Chhabra (@ishchhabra)

Vladimir Timofeev (@vovkasm)

@liuxingbaoyu

v7.26.10 (2025-03-11)

... (truncated)

Changelog

Sourced from @babel/helpers's changelog.

v7.27.0 (2025-03-24)

👓 Spec Compliance

babel-generator, babel-parser

#16977 Default importAttributesKeyword to with (@JLHwung)

🚀 New Feature

babel-helper-create-class-features-plugin, babel-traverse, babel-types

#17169 Allow traverseFast to exit early (@liuxingbaoyu)

babel-parser, babel-types

#17110 Add ImportAttributes to Standardized and move its parser test fixtures (@JLHwung)

babel-generator

#17100 fix(babel-generator): add named export of generate function (@vovkasm)

babel-parser, babel-template

#17149 Add allowYieldOutsideFunction to parser (@liuxingbaoyu)

babel-plugin-transform-typescript, babel-traverse

#17102 feat: Add upToScope parameter to hasBinding (@liuxingbaoyu)

babel-parser

#17082 Support ESTree AccessorProperty (@JLHwung)

babel-types

#17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@ishchhabra)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16816 fix: Class reference in type throws error (@liuxingbaoyu)

babel-traverse

#17170 fix: Reset child scopes when scope.crawl() (@liuxingbaoyu)

babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@JLHwung)

babel-cli

#17182 fix: @babel/cli generates duplicate inline source maps (@liuxingbaoyu)

babel-plugin-transform-named-capturing-groups-regex, babel-types

#17175 Generate computed proto key (@JLHwung)

🏃‍♀️ Performance

babel-types

#16870 perf: Improve builders of @babel/types (@liuxingbaoyu)

babel-helper-create-regexp-features-plugin

#17176 fix: improve duplicate named groups check (@JLHwung)

v7.26.10 (2025-03-11)

👓 Spec Compliance

babel-parser

#17159 Disallow decorator in array pattern (@JLHwung)

🐛 Bug Fix

babel-parser, babel-template

#17164 Fix: always initialize ExportDeclaration attributes (@JLHwung)

babel-core

#17142 fix: "Map maximum size exceeded" in deepClone (@liuxingbaoyu)

... (truncated)

Commits

5c350ea v7.27.0
ca4865a Fix: align behaviour to tsc rewriteRelativeImportExtensions (#17118)
e1ce99d v7.26.10
d5952e8 Fix processing of replacement pattern with named capture groups (#17173)
64bca7b v7.26.9
4cf5c9e [babel 8] Use @babel/types for parser's return type (#17117)
2d95140 v7.26.7
0e6199b Make "object without properties" helpers ES6-compatible (#17086)
cd24cc0 chore: Update TS 5.7 (#17053)
63d3038 v7.26.0
Additional commits viewable in compare view

Updates @babel/runtime from 7.20.13 to 7.27.0

Release notes

Sourced from @babel/runtime's releases.

v7.27.0 (2025-03-24)

Thanks @ishchhabra and @vovkasm for your first PRs!

👓 Spec Compliance

babel-generator, babel-parser

#16977 Default importAttributesKeyword to with (@JLHwung)

🚀 New Feature

babel-helper-create-class-features-plugin, babel-traverse, babel-types

#17169 Allow traverseFast to exit early (@liuxingbaoyu)

babel-parser, babel-types

#17110 Add ImportAttributes to Standardized and move its parser test fixtures (@JLHwung)

babel-generator

#17100 fix(babel-generator): add named export of generate function (@vovkasm)

babel-parser, babel-template

#17149 Add allowYieldOutsideFunction to parser (@liuxingbaoyu)

babel-plugin-transform-typescript, babel-traverse

#17102 feat: Add upToScope parameter to hasBinding (@liuxingbaoyu)

babel-parser

#17082 Support ESTree AccessorProperty (@JLHwung)

babel-types

#17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@ishchhabra)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16816 fix: Class reference in type throws error (@liuxingbaoyu)

babel-traverse

#17170 fix: Reset child scopes when scope.crawl() (@liuxingbaoyu)

babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@JLHwung)

babel-cli

#17182 fix: @babel/cli generates duplicate inline source maps (@liuxingbaoyu)

babel-plugin-transform-named-capturing-groups-regex, babel-types

#17175 Generate computed proto key (@JLHwung)

🏃‍♀️ Performance

babel-types

#16870 perf: Improve builders of @babel/types (@liuxingbaoyu)

babel-helper-create-regexp-features-plugin

#17176 fix: improve duplicate named groups check (@JLHwung)

Committers: 5

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Ish Chhabra (@ishchhabra)

Vladimir Timofeev (@vovkasm)

@liuxingbaoyu

v7.26.10 (2025-03-11)

... (truncated)

Changelog

Sourced from @babel/runtime's changelog.

v7.27.0 (2025-03-24)

👓 Spec Compliance

babel-generator, babel-parser

#16977 Default importAttributesKeyword to with (@JLHwung)

🚀 New Feature

babel-helper-create-class-features-plugin, babel-traverse, babel-types

#17169 Allow traverseFast to exit early (@liuxingbaoyu)

babel-parser, babel-types

#17110 Add ImportAttributes to Standardized and move its parser test fixtures (@JLHwung)

babel-generator

#17100 fix(babel-generator): add named export of generate function (@vovkasm)

babel-parser, babel-template

#17149 Add allowYieldOutsideFunction to parser (@liuxingbaoyu)

babel-plugin-transform-typescript, babel-traverse

#17102 feat: Add upToScope parameter to hasBinding (@liuxingbaoyu)

babel-parser

#17082 Support ESTree AccessorProperty (@JLHwung)

babel-types

#17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@ishchhabra)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16816 fix: Class reference in type throws error (@liuxingbaoyu)

babel-traverse

#17170 fix: Reset child scopes when scope.crawl() (@liuxingbaoyu)

babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@JLHwung)

babel-cli

#17182 fix: @babel/cli generates duplicate inline source maps (@liuxingbaoyu)

babel-plugin-transform-named-capturing-groups-regex, babel-types

#17175 Generate computed proto key (@JLHwung)

🏃‍♀️ Performance

babel-types

#16870 perf: Improve builders of @babel/types (@liuxingbaoyu)

babel-helper-create-regexp-features-plugin

#17176 fix: improve duplicate named groups check (@JLHwung)

v7.26.10 (2025-03-11)

👓 Spec Compliance

babel-parser

#17159 Disallow decorator in array pattern (@JLHwung)

🐛 Bug Fix

babel-parser, babel-template

#17164 Fix: always initialize ExportDeclaration attributes (@JLHwung)

babel-core

#17142 fix: "Map maximum size exceeded" in deepClone (@liuxingbaoyu)

... (truncated)

Commits

5c350ea v7.27.0
ca4865a Fix: align behaviour to tsc rewriteRelativeImportExtensions (#17118)
e1ce99d v7.26.10
d5952e8 Fix processing of replacement pattern with named capture groups (#17173)
64bca7b v7.26.9
2d95140 v7.26.7
63d3038 v7.26.0
b07957e v7.25.9
af91759 fix: Accidentally publishing useless files (#16917)
2533cfb v7.25.7
Additional commits viewable in compare view

Updates @babel/traverse from 7.20.13 to 7.27.0

Release notes

Sourced from @babel/traverse's releases.

v7.27.0 (2025-03-24)

Thanks @ishchhabra and @vovkasm for your first PRs!

👓 Spec Compliance

babel-generator, babel-parser

#16977 Default importAttributesKeyword to with (@JLHwung)

🚀 New Feature

babel-helper-create-class-features-plugin, babel-traverse, babel-types

#17169 Allow traverseFast to exit early (@liuxingbaoyu)

babel-parser, babel-types

#17110 Add ImportAttributes to Standardized and move its parser test fixtures (@JLHwung)

babel-generator

#17100 fix(babel-generator): add named export of generate function (@vovkasm)

babel-parser, babel-template

#17149 Add allowYieldOutsideFunction to parser (@liuxingbaoyu)

babel-plugin-transform-typescript, babel-traverse

#17102 feat: Add upToScope parameter to hasBinding (@liuxingbaoyu)

babel-parser

#17082 Support ESTree AccessorProperty (@JLHwung)

babel-types

#17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@ishchhabra)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16816 fix: Class reference in type throws error (@liuxingbaoyu)

babel-traverse

#17170 fix: Reset child scopes when scope.crawl() (@liuxingbaoyu)

babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@JLHwung)

babel-cli

#17182 fix: @babel/cli generates duplicate inline source maps (@liuxingbaoyu)

babel-plugin-transform-named-capturing-groups-regex, babel-types

#17175 Generate computed proto key (@JLHwung)

🏃‍♀️ Performance

babel-types

#16870 perf: Improve builders of @babel/types (@liuxingbaoyu)

babel-helper-create-regexp-features-plugin

#17176 fix: improve duplicate named groups check (@JLHwung)

Committers: 5

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Ish Chhabra (@ishchhabra)

Vladimir Timofeev (@vovkasm)

@liuxingbaoyu

v7.26.10 (2025-03-11)

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.27.0 (2025-03-24)

👓 Spec Compliance

babel-generator, babel-parser

#16977 Default importAttributesKeyword to with (@JLHwung)

🚀 New Feature

babel-helper-create-class-features-plugin, babel-traverse, babel-types

#17169 Allow traverseFast to exit early (@liuxingbaoyu)

babel-parser, babel-types

#17110 Add ImportAttributes to Standardized and move its parser test fixtures (@JLHwung)

babel-generator

#17100 fix(babel-generator): add named export of generate function (@vovkasm)

babel-parser, babel-template

#17149 Add allowYieldOutsideFunction to parser (@liuxingbaoyu)

babel-plugin-transform-typescript, babel-traverse

#17102 feat: Add upToScope parameter to hasBinding (@liuxingbaoyu)

babel-parser

#17082 Support ESTree AccessorProperty (@JLHwung)

babel-types

#17162 feat(babel-types): Add support for BigInt literal conversion in valueToNode (@ishchhabra)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16816 fix: Class reference in type throws error (@liuxingbaoyu)

babel-traverse

#17170 fix: Reset child scopes when scope.crawl() (@liuxingbaoyu)

babel-helpers, babel-preset-typescript, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#17118 Fix: align behaviour to tsc rewriteRelativeImportExtensions (@JLHwung)

babel-cli

#17182 fix: @babel/cli generates duplicate inline source maps (@liuxingbaoyu)

babel-plugin-transform-named-capturing-groups-regex, babel-types

#17175 Generate computed proto key (@JLHwung)

🏃‍♀️ Performance

babel-types

#16870 perf: Improve builders of @babel/types (@liuxingbaoyu)

babel-helper-create-regexp-features-plugin

#17176 fix: improve duplicate named groups check (@JLHwung)

v7.26.10 (2025-03-11)

👓 Spec Compliance

babel-parser

#17159 Disallow decorator in array pattern (@JLHwung)

🐛 Bug Fix

babel-parser, babel-template

#17164 Fix: always initialize ExportDeclaration attributes (@JLHwung)

babel-core

#17142 fix: "Map maximum size exceeded" in deepClone (@liuxingbaoyu)

... (truncated)

Commits

5c350ea v7.27.0
582538c Allow traverseFast to exit early (#17169)
4ad63a4 [Babel 8] Remove BLOCK_SCOPED_SYMBOL and NOT_LOCAL_BINDING (#17148)
0d0d577 fix: Reset child scopes when scope.crawl() (#17170)
c51cffd feat: Add upToScope parameter to hasBinding (#17102)
f902742 chore: Update TS 5.8 (#17185)
b1bca3d fix: Uninitialized var declarator in loop marked as constantViolation (#17168)
e1ce99d v7.26.10
51ec746 fix: Should not evaluate vars in child scope (#17151)
64bca7b v7.26.9
Additional commits viewable in compare view

Updates loader-utils from 2.0.0 to 2.0.4

Release notes

Sourced from loader-utils's releases.

v2.0.4

2.0.4 (2022-11-11)

Bug Fixes

ReDoS problem (#225) (ac09944)

v2.0.3

2.0.3 (2022-10-20)

Bug Fixes

security: prototype pollution exploit (#217) (a93cf6f)

v2.0.2

2.0.2 (2021-11-04)

Bug Fixes

base64 generation and unicode characters (#197) (8c2d24e)

v2.0.1

2.0.1 (2021-10-29)

Bug Fixes

md4 support on Node.js v17 (#193) (1069f61)

Changelog

Sourced from loader-utils's changelog.

2.0.4 (2022-11-11)

Bug Fixes

ReDoS problem (#225) (ac09944)

2.0.3 (2022-10-20)

Bug Fixes

security: prototype pollution exploit (#217) (a93cf6f)

2.0.2 (2021-11-04)

Bug Fixes

base64 generation and unicode characters (#197) (8c2d24e)

2.0.1 (2021-10-29)

Bug Fixes

md4 support on Node.js v17 (#193) (1069f61)

Commits

6688b50 chore(release): 2.0.4
ac09944 fix: ReDoS problem (#225)
7162619 chore(release): 2.0.3
a93cf6f fix(security): prototype polution exploit (#217)
90c7c4b chore(release): 2.0.2
8c2d24e fix: base64 generation and unicode characters (#197)
5fb5562 chore(release): 2.0.1
1069f61 fix: md4 support on Node.js v17 (#193)
See full diff in compare view

Updates body-parser from 1.20.1 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

deps: qs@6.13.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/body-parser#522

ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/body-parser#523

fix: pin to node@22.4.1 by @wesleytodd in expressjs/body-parser#527

deps: qs@6.12.3 by @melikhov-dev in expressjs/body-parser#521

Add OSSF Scorecard badge by @bjohansebas in expressjs/body-parser#531

Linter by @UlisesGascon in expressjs/body-parser#534

Release: 1.20.3 by @UlisesGascon in expressjs/body-parser#535

New Contributors

@inigomarquinez made their first contribution in expressjs/body-parser#522

@melikhov-dev made their first contribution in expressjs/body-parser#521

@bjohansebas made their first contribution in expressjs/body-parser#531

@UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: raw-body@2.5.2

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

deps: qs@6.13.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: raw-body@2.5.2

Commits

1752951 1.20.3
39744cf chore: linter (#534)
b2695c4 Merge commit from fork
ade0f3f add scorecard to readme (#531)
99a1bd6 deps: qs@6.12.3 (#521)
9478591 fix: pin to node@22.4.1
83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
9d4e212 chore: add support for OSSF scorecard reporting (#522)
ee91374 1.20.2
368a93a Fix strict json error message on Node.js 19+
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates express from 4.18.2 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

Add funding field (v4) by @bjohansebas in expressjs/express#6065

deps: path-to-regexp@0.1.11 by @blakeembrey in expressjs/express#5956

deps: bump path-to-regexp@0.1.12 by @jonchurch in expressjs/express#6209

Release: 4.21.2 by @UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

Backport a fix for CVE-2024-47764 to the 4.x branch by @joshbuker in expressjs/express#6029

Release: 4.21.1 by @UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

Deprecate "back" magic string in redirects by @blakeembrey in expressjs/express#5935

finalhandler@1.3.1 by @wesleytodd in expressjs/express#5954

fix(deps): serve-static@1.16.2 by @wesleytodd in expressjs/express#5951

Upgraded dependency qs to 6.13.0 to match qs in body-parser by @agadzinski93 in expressjs/express#5946

New Contributors

@agadzinski93 made their first contribution in expressjs/express#5946

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.co... Description has been truncated

Bumps the npm_and_yarn group with 22 updates in the /examples/react-example directory: | Package | From | To | | --- | --- | --- | | [@adobe/css-tools](https://github.com/adobe/css-tools) | `4.1.0` | `4.4.2` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.18.2` | `7.27.0` | | [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.20.13` | `7.27.0` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.20.13` | `7.27.0` | | [loader-utils](https://github.com/webpack/loader-utils) | `2.0.0` | `2.0.4` | | [body-parser](https://github.com/expressjs/body-parser) | `1.20.1` | `1.20.3` | | [express](https://github.com/expressjs/express) | `4.18.2` | `4.21.2` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` | | [ejs](https://github.com/mde/ejs) | `3.1.8` | `3.1.10` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.2` | `1.15.9` | | [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.9` | | [json5](https://github.com/json5/json5) | `2.2.1` | `2.2.3` | | [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` | `4.0.8` | | [nanoid](https://github.com/ai/nanoid) | `3.3.4` | `3.3.11` | | [rollup](https://github.com/rollup/rollup) | `2.79.1` | `2.79.2` | | [serialize-javascript](https://github.com/yahoo/serialize-javascript) | `6.0.1` | `6.0.2` | | [tough-cookie](https://github.com/salesforce/tough-cookie) | `4.1.2` | `4.1.4` | | [webpack](https://github.com/webpack/webpack) | `5.75.0` | `5.99.5` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.3` | `5.3.4` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | Bumps the npm_and_yarn group with 7 updates in the /examples/vue-example directory: | Package | From | To | | --- | --- | --- | | [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` | | [nanoid](https://github.com/ai/nanoid) | `3.3.7` | `3.3.11` | | [postcss](https://github.com/postcss/postcss) | `8.4.47` | `8.5.3` | | [rollup](https://github.com/rollup/rollup) | `4.22.5` | `4.39.0` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.8` | `5.4.18` | | [esbuild](https://github.com/evanw/esbuild) | `0.21.5` | `0.25.2` | | [@vitejs/plugin-vue](https://github.com/vitejs/vite-plugin-vue/tree/HEAD/packages/plugin-vue) | `5.1.4` | `5.2.3` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.4.18` | `6.2.6` | Updates `@adobe/css-tools` from 4.1.0 to 4.4.2 - [Changelog](https://github.com/adobe/css-tools/blob/main/History.md) - [Commits](https://github.com/adobe/css-tools/commits) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `@babel/helpers` from 7.18.2 to 7.27.0 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.0/packages/babel-helpers) Updates `@babel/runtime` from 7.20.13 to 7.27.0 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.0/packages/babel-runtime) Updates `@babel/traverse` from 7.20.13 to 7.27.0 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.27.0/packages/babel-traverse) Updates `loader-utils` from 2.0.0 to 2.0.4 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md) - [Commits](webpack/loader-utils@v2.0.0...v2.0.4) Updates `body-parser` from 1.20.1 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.1...1.20.3) Updates `express` from 4.18.2 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.18.2...4.21.2) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `cookie` from 0.5.0 to 0.7.1 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](jshttp/cookie@v0.5.0...v0.7.1) Updates `cross-spawn` from 7.0.3 to 7.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v7.0.3...v7.0.6) Updates `ejs` from 3.1.8 to 3.1.10 - [Release notes](https://github.com/mde/ejs/releases) - [Commits](mde/ejs@v3.1.8...v3.1.10) Updates `express` from 4.18.2 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.18.2...4.21.2) Updates `follow-redirects` from 1.15.2 to 1.15.9 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.9) Updates `http-proxy-middleware` from 2.0.6 to 2.0.9 - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.9/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v2.0.6...v2.0.9) Updates `json5` from 2.2.1 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.1...v2.2.3) Updates `micromatch` from 4.0.5 to 4.0.8 - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.5...4.0.8) Updates `nanoid` from 3.3.4 to 3.3.11 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.3.4...3.3.11) Updates `path-to-regexp` from 0.1.7 to 0.1.12 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.12) Updates `rollup` from 2.79.1 to 2.79.2 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v2.79.1...v2.79.2) Updates `serialize-javascript` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/yahoo/serialize-javascript/releases) - [Commits](yahoo/serialize-javascript@v6.0.1...v6.0.2) Updates `send` from 0.18.0 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `serve-static` from 1.15.0 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...v1.16.2) Updates `tough-cookie` from 4.1.2 to 4.1.4 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.1.2...v4.1.4) Updates `webpack` from 5.75.0 to 5.99.5 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.75.0...v5.99.5) Updates `webpack-dev-middleware` from 5.3.3 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) Updates `cross-spawn` from 7.0.3 to 7.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v7.0.3...v7.0.6) Updates `nanoid` from 3.3.7 to 3.3.11 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.3.4...3.3.11) Updates `postcss` from 8.4.47 to 8.5.3 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.47...8.5.3) Updates `rollup` from 4.22.5 to 4.39.0 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v2.79.1...v2.79.2) Updates `elliptic` from 6.5.7 to 6.6.1 - [Commits](indutny/elliptic@v6.5.7...v6.6.1) Updates `vite` from 5.4.8 to 5.4.18 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.18/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.18/packages/vite) Updates `esbuild` from 0.21.5 to 0.25.2 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md) - [Commits](evanw/esbuild@v0.21.5...v0.25.2) Updates `@vitejs/plugin-vue` from 5.1.4 to 5.2.3 - [Release notes](https://github.com/vitejs/vite-plugin-vue/releases) - [Changelog](https://github.com/vitejs/vite-plugin-vue/blob/main/packages/plugin-vue/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite-plugin-vue/commits/plugin-vue@5.2.3/packages/plugin-vue) Updates `vite` from 5.4.18 to 6.2.6 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.4.18/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.4.18/packages/vite) --- updated-dependencies: - dependency-name: "@adobe/css-tools" dependency-version: 4.4.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver dependency-version: 5.7.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/helpers" dependency-version: 7.27.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/runtime" dependency-version: 7.27.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-version: 7.27.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: loader-utils dependency-version: 2.0.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-version: 1.20.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-version: 4.21.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-version: 3.0.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookie dependency-version: 0.7.1 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cross-spawn dependency-version: 7.0.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ejs dependency-version: 3.1.10 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-version: 4.21.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-version: 1.15.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-proxy-middleware dependency-version: 2.0.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-version: 2.2.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: micromatch dependency-version: 4.0.8 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-version: 3.3.11 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-version: 0.1.12 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-version: 2.79.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serialize-javascript dependency-version: 6.0.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-version: 0.19.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-version: 1.16.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-version: 4.1.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack dependency-version: 5.99.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-version: 5.3.4 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: word-wrap dependency-version: 1.2.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cross-spawn dependency-version: 7.0.6 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-version: 3.3.11 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: postcss dependency-version: 8.5.3 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: rollup dependency-version: 4.39.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: elliptic dependency-version: 6.6.1 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 5.4.18 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: esbuild dependency-version: 0.25.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@vitejs/plugin-vue" dependency-version: 5.2.3 dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: vite dependency-version: 6.2.6 dependency-type: direct:development dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2025-05-06T13:13:23Z

Superseded by #368.

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 11, 2025

dependabot bot closed this May 6, 2025

dependabot bot deleted the dependabot/npm_and_yarn/examples/react-example/npm_and_yarn-06ac482e27 branch May 6, 2025 13:13

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the npm_and_yarn group across 2 directories with 31 updates #365

Bump the npm_and_yarn group across 2 directories with 31 updates #365

Uh oh!

dependabot bot commented on behalf of github Apr 11, 2025 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github May 6, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Bump the npm_and_yarn group across 2 directories with 31 updates #365

Bump the npm_and_yarn group across 2 directories with 31 updates #365

Uh oh!

Conversation

dependabot bot commented on behalf of github Apr 11, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

4.4.2 / 2025-02-12

4.4.0 / 2024-06-05

4.3.3 / 2024-01-24

4.3.2 / 2023-11-28

4.3.1 / 2023-03-14

4.3.0 / 2023-03-07

4.2.0 / 2023-02-21

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

5.7.2 (2023-07-10)

Bug Fixes

5.7

5.6

5.5

5.4

5.3

5.2

5.1

5.0

v7.27.0 (2025-03-24)

👓 Spec Compliance

🚀 New Feature

🐛 Bug Fix

🏃‍♀️ Performance

Committers: 5

v7.26.10 (2025-03-11)

v7.27.0 (2025-03-24)

👓 Spec Compliance

🚀 New Feature

🐛 Bug Fix

🏃‍♀️ Performance

v7.26.10 (2025-03-11)

👓 Spec Compliance

🐛 Bug Fix

v7.27.0 (2025-03-24)

👓 Spec Compliance

🚀 New Feature

🐛 Bug Fix

🏃‍♀️ Performance

Committers: 5

v7.26.10 (2025-03-11)

v7.27.0 (2025-03-24)

👓 Spec Compliance

🚀 New Feature

🐛 Bug Fix

🏃‍♀️ Performance

v7.26.10 (2025-03-11)

👓 Spec Compliance

🐛 Bug Fix

v7.27.0 (2025-03-24)

👓 Spec Compliance

🚀 New Feature

🐛 Bug Fix

🏃‍♀️ Performance

Committers: 5

v7.26.10 (2025-03-11)

v7.27.0 (2025-03-24)

👓 Spec Compliance

🚀 New Feature

🐛 Bug Fix

🏃‍♀️ Performance

v7.26.10 (2025-03-11)

👓 Spec Compliance

🐛 Bug Fix

v2.0.4

2.0.4 (2022-11-11)

Bug Fixes

v2.0.3

2.0.3 (2022-10-20)

Bug Fixes

v2.0.2

2.0.2 (2021-11-04)

Bug Fixes

dependabot bot commented on behalf of github Apr 11, 2025 •

edited

Loading