Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump body-parser, express, @nestjs/core, @nestjs/microservices, @nestjs/platform-express, @nestjs/swagger and @nestjs/testing #359

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 16, 2024

Bumps body-parser to 1.20.3 and updates ancestor dependencies body-parser, express, @nestjs/core, @nestjs/microservices, @nestjs/platform-express, @nestjs/swagger and @nestjs/testing. These dependencies need to be updated together.

Updates body-parser from 1.20.2 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

New Contributors

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.


Updates express from 4.18.2 to 4.21.0

Release notes

Sourced from express's releases.

4.21.0

What's Changed

New Contributors

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect

Other Changes

... (truncated)

Changelog

Sourced from express's changelog.

4.21.0 / 2024-09-11

  • Deprecate res.location("back") and res.redirect("back") magic string
  • deps: serve-static@1.16.2
    • includes send@0.19.0
  • deps: finalhandler@1.3.1
  • deps: qs@6.13.0

4.20.0 / 2024-09-10

  • deps: serve-static@0.16.0
    • Remove link renderization in html while redirecting
  • deps: send@0.19.0
    • Remove link renderization in html while redirecting
  • deps: body-parser@0.6.0
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: path-to-regexp@0.1.10
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

  • Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

  • Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

  • Prevent open redirect allow list bypass due to encodeurl
  • deps: cookie@0.6.0

4.18.3 / 2024-02-29

  • Fix routing requests without method
  • deps: body-parser@1.20.2
    • Fix strict json error message on Node.js 19+
    • deps: content-type@~1.0.5

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.


Updates @nestjs/core from 9.4.0 to 10.4.2

Release notes

Sourced from @​nestjs/core's releases.

v10.4.2 (2024-09-16)

Dependencies

Committers: 3

v10.3.10 (2024-07-01)

Bug fixes

Enhancements

  • platform-fastify

Dependencies

... (truncated)

Commits

Updates @nestjs/microservices from 9.4.0 to 10.4.2

Release notes

Sourced from @​nestjs/microservices's releases.

v10.4.2 (2024-09-16)

Dependencies

Committers: 3

v10.3.10 (2024-07-01)

Bug fixes

Enhancements

  • platform-fastify

Dependencies

... (truncated)

Commits

Updates @nestjs/platform-express from 9.4.0 to 10.4.2

Release notes

Sourced from @​nestjs/platform-express's releases.

v10.4.2 (2024-09-16)

Dependencies

Committers: 3

v10.3.10 (2024-07-01)

Bug fixes

Enhancements

  • platform-fastify

Dependencies

... (truncated)

Commits

Updates @nestjs/swagger from 6.3.0 to 7.4.1

Release notes

Sourced from @​nestjs/swagger's releases.

Release 7.4.1

  • Merge pull request #3071 from nestjs/renovate/npm-path-to-regexp-vulnerability (057e560)
  • chore(deps): update dependency @​types/jest to v29.5.13 (7721ad5)
  • chore(deps): update dependency husky to v9.1.6 (ba963e1)
  • fix(deps): update dependency path-to-regexp to v3.3.0 [security] (0c1e756)
  • chore(deps): update commitlint monorepo to v19.5.0 (4e13bb0)
  • chore(deps): update dependency express to v4.20.0 (df76aa1)
  • chore(deps): update typescript-eslint monorepo to v8.5.0 (f5f1b02)
  • chore(deps): update dependency @​types/node to v20.16.5 (d1a3da6)
  • chore(deps): update dependency @​types/node to v20.16.4 (f7098ce)
  • chore(deps): update dependency eslint-plugin-import to v2.30.0 (bdbbeb9)
  • chore(deps): update typescript-eslint monorepo to v8.4.0 (e3976b5)
  • chore(deps): update dependency lint-staged to v15.2.10 (2ef9f9e)
  • chore(deps): update dependency @​types/node to v20.16.3 (526801f)
  • chore(deps): update commitlint monorepo to v19.4.1 (375e3ac)
  • chore(deps): update dependency @​types/node to v20.16.2 (7f0b3a9)
  • chore(deps): update typescript-eslint monorepo to v8.3.0 (84cfcd2)
  • chore(deps): update dependency ts-jest to v29.2.5 (1374005)
  • chore(deps): update dependency husky to v9.1.5 (39a5a15)
  • chore(deps): update typescript-eslint monorepo to v8.2.0 (c3f98b2)
  • chore(deps): update dependency @​types/node to v20.16.1 (ca5f7a5)
  • chore(deps): update dependency @​types/node to v20.16.0 (5d4436f)
  • chore(deps): update dependency @​types/node to v20.15.0 (986351f)
  • chore(deps): update nest monorepo to v10.4.1 (2e11b2d)
  • chore(deps): update dependency lint-staged to v15.2.9 (2e4b4dd)
  • chore(deps): update typescript-eslint monorepo to v8.1.0 (f499e54)
  • chore(deps): update nest monorepo to v10.4.0 (15ad2b6)
  • chore(deps): update dependency @​types/node to v20.14.15 (ea25697)
  • chore(deps): update dependency @​commitlint/cli to v19.4.0 (51d7f50)
  • chore(deps): update typescript-eslint monorepo to v8.0.1 (341918a)
  • chore(deps): update dependency lint-staged to v15.2.8 (02e0341)
  • chore(deps): update dependency @​types/node to v20.14.14 (9cb4742)
  • chore(deps): update dependency ts-jest to v29.2.4 (ab74629)
  • chore(deps): update typescript-eslint monorepo to v8 (c5964c0)
  • chore(deps): update typescript-eslint monorepo to v7.18.0 (13f99fe)
  • chore(deps): update dependency husky to v9.1.4 (6715367)
  • chore(deps): update dependency @​types/node to v20.14.13 (b122574)
  • chore(deps): update dependency husky to v9.1.3 (68b9814)
  • chore(deps): update dependency husky to v9.1.2 (6f83cd0)
  • chore(deps): update dependency @​types/node to v20.14.12 (8323c3b)
  • chore(deps): update typescript-eslint monorepo to v7.17.0 (5f40531)
  • chore(deps): update dependency ts-jest to v29.2.3 (def2f77)
  • chore(deps): update dependency husky to v9.1.1 (7c175bb)
  • chore(deps): update dependency husky to v9.1.0 (0637912)
  • chore(deps): update dependency @​types/node to v20.14.11 (28424c9)
  • chore(deps): update dependency @​types/lodash to v4.17.7 (976d5c5)
  • chore(deps): update typescript-eslint monorepo to v7.16.1 (29f59e9)
  • chore(deps): update dependency release-it to v17.6.0 (f42c75f)
  • chore(deps): update dependency ts-jest to v29.2.2 (05db366)
  • chore(deps): update dependency ts-jest to v29.2.1 (b4e4f91)

... (truncated)

Commits
  • 14f6521 chore(): release v7.4.1
  • 057e560 Merge pull request #3071 from nestjs/renovate/npm-path-to-regexp-vulnerability
  • 7721ad5 chore(deps): update dependency @​types/jest to v29.5.13
  • ba963e1 chore(deps): update dependency husky to v9.1.6
  • 0c1e756 fix(deps): update dependency path-to-regexp to v3.3.0 [security]
  • 4e13bb0 chore(deps): update commitlint monorepo to v19.5.0
  • df76aa1 chore(deps): update dependency express to v4.20.0
  • f5f1b02 chore(deps): update typescript-eslint monorepo to v8.5.0
  • d1a3da6 chore(deps): update dependency @​types/node to v20.16.5
  • f7098ce chore(deps): update dependency @​types/node to v20.16.4
  • Additional commits viewable in compare view

Updates @nestjs/testing from 9.4.0 to 10.4.2

Release notes

Sourced from @​nestjs/testing's releases.

v10.4.2 (2024-09-16)

Dependencies

Committers: 3

v10.3.10 (2024-07-01)

Bug fixes

Enhancements

  • platform-fastify

Dependencies

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

[//]: # (dependabot-au...

Description has been truncated

…rvices, @nestjs/platform-express, @nestjs/swagger and @nestjs/testing

Bumps [body-parser](https://github.com/expressjs/body-parser) to 1.20.3 and updates ancestor dependencies [body-parser](https://github.com/expressjs/body-parser), [express](https://github.com/expressjs/express), [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core), [@nestjs/microservices](https://github.com/nestjs/nest/tree/HEAD/packages/microservices), [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express), [@nestjs/swagger](https://github.com/nestjs/swagger) and [@nestjs/testing](https://github.com/nestjs/nest/tree/HEAD/packages/testing). These dependencies need to be updated together.


Updates `body-parser` from 1.20.2 to 1.20.3
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.20.2...1.20.3)

Updates `express` from 4.18.2 to 4.21.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md)
- [Commits](expressjs/express@4.18.2...4.21.0)

Updates `@nestjs/core` from 9.4.0 to 10.4.2
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v10.4.2/packages/core)

Updates `@nestjs/microservices` from 9.4.0 to 10.4.2
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v10.4.2/packages/microservices)

Updates `@nestjs/platform-express` from 9.4.0 to 10.4.2
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v10.4.2/packages/platform-express)

Updates `@nestjs/swagger` from 6.3.0 to 7.4.1
- [Release notes](https://github.com/nestjs/swagger/releases)
- [Changelog](https://github.com/nestjs/swagger/blob/master/.release-it.json)
- [Commits](nestjs/swagger@6.3.0...7.4.1)

Updates `@nestjs/testing` from 9.4.0 to 10.4.2
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v10.4.2/packages/testing)

---
updated-dependencies:
- dependency-name: body-parser
  dependency-type: indirect
- dependency-name: express
  dependency-type: indirect
- dependency-name: "@nestjs/core"
  dependency-type: direct:production
- dependency-name: "@nestjs/microservices"
  dependency-type: direct:production
- dependency-name: "@nestjs/platform-express"
  dependency-type: direct:production
- dependency-name: "@nestjs/swagger"
  dependency-type: direct:production
- dependency-name: "@nestjs/testing"
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Sep 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants