Bump the npm_and_yarn group across 1 directory with 25 updates by dependabot[bot] · Pull Request #1 · Creiswerth85/wix

dependabot · 2025-03-20T14:16:11Z

Bumps the npm_and_yarn group with 21 updates in the /src/test/wix/TestData/EsprojReact directory:

Package	From	To
@adobe/css-tools	`4.2.0`	`4.4.2`
semver	`6.3.0`	`6.3.1`
@babel/helpers	`7.21.0`	`7.26.10`
@babel/runtime	`7.21.0`	`7.26.10`
@babel/traverse	`7.21.3`	`7.23.2`
jest-editor-support	`31.0.1`	`31.1.2`
body-parser	`1.20.1`	`1.20.3`
express	`4.18.2`	`4.21.2`
braces	`3.0.2`	`3.0.3`
cross-spawn	`7.0.3`	`7.0.6`
ejs	`3.1.9`	`3.1.10`
follow-redirects	`1.15.2`	`1.15.9`
http-proxy-middleware	`2.0.6`	`2.0.7`
micromatch	`4.0.5`	`4.0.8`
nanoid	`3.3.4`	`3.3.11`
rollup	`2.79.1`	`2.79.2`
serialize-javascript	`6.0.1`	`6.0.2`
tough-cookie	`4.1.2`	`4.1.4`
webpack	`5.76.1`	`5.98.0`
webpack-dev-middleware	`5.3.3`	`5.3.4`
word-wrap	`1.2.3`	`1.2.5`

Updates @adobe/css-tools from 4.2.0 to 4.4.2

Changelog

Sourced from @adobe/css-tools's changelog.

4.4.2 / 2025-02-12

Fix regular expression for quoted values in parentheses

4.4.0 / 2024-06-05

add support for @starting-style #319

4.3.3 / 2024-01-24

Update export property #271

4.3.2 / 2023-11-28

Fix redos vulnerability with specific crafted css string - CVE-2023-48631

Fix Problem parsing with :is() and nested :nth-child() #211

4.3.1 / 2023-03-14

Fix redos vulnerability with specific crafted css string - CVE-2023-26364

4.3.0 / 2023-03-07

Update build tools

Update exports path and files

Commits

See full diff in compare view

Updates semver from 6.3.0 to 6.3.1

Release notes

Sourced from semver's releases.

v6.3.1

6.3.1 (2023-07-10)

Bug Fixes

928e56d #591 better handling of whitespace (#591) (@lukekarrys, @joaomoreno, @nicolo-ribaudo)

Changelog

Sourced from semver's changelog.

6.3.1 (2023-07-10)

Bug Fixes

928e56d #591 better handling of whitespace (#591) (@lukekarrys, @joaomoreno, @nicolo-ribaudo)

6.2.0

Coerce numbers to strings when passed to semver.coerce()

Add rtl option to coerce from right to left

6.1.3

Handle X-ranges properly in includePrerelease mode

6.1.2

Do not throw when testing invalid version strings

6.1.1

Add options support for semver.coerce()

Handle undefined version passed to Range.test

6.1.0

Add semver.compareBuild function

Support * in semver.intersects

6.0

Fix intersects logic.

This is technically a bug fix, but since it is also a change to behavior that may require users updating their code, it is marked as a major version increment.

5.7

Add minVersion method

5.6

Move boolean loose param to an options object, with backwards-compatibility protection.

Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

... (truncated)

Commits

44d27bc chore: release 6.3.1
928e56d fix: better handling of whitespace (#591)
39f6326 chore: @npmcli/template-oss@4.16.0
See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates @babel/helpers from 7.21.0 to 7.26.10

Release notes

Sourced from @babel/helpers's releases.

v7.26.10 (2025-03-11)

Thanks @jordan-choi and @mmmsssttt404 for your first PRs!

This release includes a fix for GHSA-968p-4wvh-cqc8, a security vulnerability which affects the .replace method of transpiled regular expressions that use named capturing groups.

👓 Spec Compliance

babel-parser

#17159 Disallow decorator in array pattern (@JLHwung)

🐛 Bug Fix

babel-parser, babel-template

#17164 Fix: always initialize ExportDeclaration attributes (@JLHwung)

babel-core

#17142 fix: "Map maximum size exceeded" in deepClone (@liuxingbaoyu)

babel-parser, babel-plugin-transform-typescript

#17154 Update typescript parser tests (@JLHwung)

babel-traverse

#17151 fix: Should not evaluate vars in child scope (@liuxingbaoyu)

babel-generator

#17153 fix: Correctly generate abstract override (@liuxingbaoyu)

babel-parser

#17107 Fix source type detection when parsing TypeScript (@JLHwung)

babel-helpers, babel-runtime, babel-runtime-corejs2, babel-runtime-corejs3

#17173 Fix processing of replacement pattern with named capture groups (@mmmsssttt404)

💅 Polish

babel-standalone

#17158 Avoid warnings when re-bundling @babel/standalone with webpack (@liuxingbaoyu)

🏠 Internal

babel-parser

#17160 Left-value parsing cleanup (@JLHwung)

Committers: 6

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

Yunyoung Jordan Choi (@jordan-choi)

@liuxingbaoyu

@mmmsssttt404

v7.26.9 (2025-02-14)

🐛 Bug Fix

babel-types

#17103 fix: Definition for TSPropertySignature.kind (@liuxingbaoyu)

babel-generator, babel-types

#17062 Print TypeScript optional/definite in ClassPrivateProperty (@jamiebuilds-signal)

... (truncated)

Changelog

Sourced from @babel/helpers's changelog.

v7.26.10 (2025-03-11)

👓 Spec Compliance

babel-parser

#17159 Disallow decorator in array pattern (@JLHwung)

🐛 Bug Fix

babel-parser, babel-template

#17164 Fix: always initialize ExportDeclaration attributes (@JLHwung)

babel-core

#17142 fix: "Map maximum size exceeded" in deepClone (@liuxingbaoyu)

babel-parser, babel-plugin-transform-typescript

#17154 Update typescript parser tests (@JLHwung)

babel-traverse

#17151 fix: Should not evaluate vars in child scope (@liuxingbaoyu)

babel-generator

#17153 fix: Correctly generate abstract override (@liuxingbaoyu)

babel-parser

#17107 Fix source type detection when parsing TypeScript (@JLHwung)

babel-helpers, babel-runtime, babel-runtime-corejs2, babel-runtime-corejs3

#17173 Fix processing of replacement pattern with named capture groups (@mmmsssttt404)

💅 Polish

babel-standalone

#17158 Avoid warnings when re-bundling @babel/standalone with webpack (@liuxingbaoyu)

🏠 Internal

babel-parser

#17160 Left-value parsing cleanup (@JLHwung)

v7.26.9 (2025-02-14)

🐛 Bug Fix

babel-types

#17103 fix: Definition for TSPropertySignature.kind (@liuxingbaoyu)

babel-generator, babel-types

#17062 Print TypeScript optional/definite in ClassPrivateProperty (@jamiebuilds-signal)

🏠 Internal

babel-types

#17130 Use .ts files with explicit reexports to solve name conflicts (@nicolo-ribaudo)

babel-core

#17127 Do not depend on @types/gensync in Babel 7 (@nicolo-ribaudo)

v7.26.7 (2025-01-24)

🐛 Bug Fix

babel-helpers, babel-preset-env, babel-runtime-corejs3

#17086 Make "object without properties" helpers ES6-compatible (@tquetano-netflix)

babel-plugin-transform-typeof-symbol

#17085 fix: Correctly handle typeof in arrow functions (@liuxingbaoyu)

... (truncated)

Commits

e1ce99d v7.26.10
d5952e8 Fix processing of replacement pattern with named capture groups (#17173)
64bca7b v7.26.9
4cf5c9e [babel 8] Use @babel/types for parser's return type (#17117)
2d95140 v7.26.7
0e6199b Make "object without properties" helpers ES6-compatible (#17086)
cd24cc0 chore: Update TS 5.7 (#17053)
63d3038 v7.26.0
bfa56c4 Support import() in rewriteImportExtensions (#16794)
b07957e v7.25.9
Additional commits viewable in compare view

Updates @babel/runtime from 7.21.0 to 7.26.10

Release notes

Sourced from @babel/runtime's releases.

v7.26.10 (2025-03-11)

Thanks @jordan-choi and @mmmsssttt404 for your first PRs!

This release includes a fix for GHSA-968p-4wvh-cqc8, a security vulnerability which affects the .replace method of transpiled regular expressions that use named capturing groups.

👓 Spec Compliance

babel-parser

#17159 Disallow decorator in array pattern (@JLHwung)

🐛 Bug Fix

babel-parser, babel-template

#17164 Fix: always initialize ExportDeclaration attributes (@JLHwung)

babel-core

#17142 fix: "Map maximum size exceeded" in deepClone (@liuxingbaoyu)

babel-parser, babel-plugin-transform-typescript

#17154 Update typescript parser tests (@JLHwung)

babel-traverse

#17151 fix: Should not evaluate vars in child scope (@liuxingbaoyu)

babel-generator

#17153 fix: Correctly generate abstract override (@liuxingbaoyu)

babel-parser

#17107 Fix source type detection when parsing TypeScript (@JLHwung)

babel-helpers, babel-runtime, babel-runtime-corejs2, babel-runtime-corejs3

#17173 Fix processing of replacement pattern with named capture groups (@mmmsssttt404)

💅 Polish

babel-standalone

#17158 Avoid warnings when re-bundling @babel/standalone with webpack (@liuxingbaoyu)

🏠 Internal

babel-parser

#17160 Left-value parsing cleanup (@JLHwung)

Committers: 6

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

Yunyoung Jordan Choi (@jordan-choi)

@liuxingbaoyu

@mmmsssttt404

v7.26.9 (2025-02-14)

🐛 Bug Fix

babel-types

#17103 fix: Definition for TSPropertySignature.kind (@liuxingbaoyu)

babel-generator, babel-types

#17062 Print TypeScript optional/definite in ClassPrivateProperty (@jamiebuilds-signal)

... (truncated)

Changelog

Sourced from @babel/runtime's changelog.

v7.26.10 (2025-03-11)

👓 Spec Compliance

babel-parser

#17159 Disallow decorator in array pattern (@JLHwung)

🐛 Bug Fix

babel-parser, babel-template

#17164 Fix: always initialize ExportDeclaration attributes (@JLHwung)

babel-core

#17142 fix: "Map maximum size exceeded" in deepClone (@liuxingbaoyu)

babel-parser, babel-plugin-transform-typescript

#17154 Update typescript parser tests (@JLHwung)

babel-traverse

#17151 fix: Should not evaluate vars in child scope (@liuxingbaoyu)

babel-generator

#17153 fix: Correctly generate abstract override (@liuxingbaoyu)

babel-parser

#17107 Fix source type detection when parsing TypeScript (@JLHwung)

babel-helpers, babel-runtime, babel-runtime-corejs2, babel-runtime-corejs3

#17173 Fix processing of replacement pattern with named capture groups (@mmmsssttt404)

💅 Polish

babel-standalone

#17158 Avoid warnings when re-bundling @babel/standalone with webpack (@liuxingbaoyu)

🏠 Internal

babel-parser

#17160 Left-value parsing cleanup (@JLHwung)

v7.26.9 (2025-02-14)

🐛 Bug Fix

babel-types

#17103 fix: Definition for TSPropertySignature.kind (@liuxingbaoyu)

babel-generator, babel-types

#17062 Print TypeScript optional/definite in ClassPrivateProperty (@jamiebuilds-signal)

🏠 Internal

babel-types

#17130 Use .ts files with explicit reexports to solve name conflicts (@nicolo-ribaudo)

babel-core

#17127 Do not depend on @types/gensync in Babel 7 (@nicolo-ribaudo)

v7.26.7 (2025-01-24)

🐛 Bug Fix

babel-helpers, babel-preset-env, babel-runtime-corejs3

#17086 Make "object without properties" helpers ES6-compatible (@tquetano-netflix)

babel-plugin-transform-typeof-symbol

#17085 fix: Correctly handle typeof in arrow functions (@liuxingbaoyu)

... (truncated)

Commits

e1ce99d v7.26.10
d5952e8 Fix processing of replacement pattern with named capture groups (#17173)
64bca7b v7.26.9
2d95140 v7.26.7
63d3038 v7.26.0
b07957e v7.25.9
af91759 fix: Accidentally publishing useless files (#16917)
2533cfb v7.25.7
69d65f1 [babel 8] Require Node.js ^18.20.0 || ^20.17.0 || >=22.8.0 (#16800)
2f72b97 v7.25.6
Additional commits viewable in compare view

Updates @babel/traverse from 7.21.3 to 7.23.2

Release notes

Sourced from @babel/traverse's releases.

v7.23.2 (2023-10-11)

NOTE: This release also re-publishes @babel/core, even if it does not appear in the linked release commit.

Thanks @jimmydief for your first PR!

🐛 Bug Fix

babel-traverse

#16033 Only evaluate own String/Number/Math methods (@nicolo-ribaudo)

babel-preset-typescript

#16022 Rewrite .tsx extension when using rewriteImportExtensions (@jimmydief)

babel-helpers

#16017 Fix: fallback to typeof when toString is applied to incompatible object (@JLHwung)

babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16025 Avoid override mistake in namespace imports (@nicolo-ribaudo)

Committers: 5

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

James Diefenderfer (@jimmydief)

Nicolò Ribaudo (@nicolo-ribaudo)

@liuxingbaoyu

v7.23.1 (2023-09-25)

Re-publishing @babel/helpers due to a publishing error in 7.23.0.

v7.23.0 (2023-09-25)

Thanks @lorenzoferre and @RajShukla1 for your first PRs!

🚀 New Feature

babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import

#15870 Support transforming import source for wasm (@nicolo-ribaudo)

babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone

#15878 Implement import defer proposal transform support (@nicolo-ribaudo)

babel-generator, babel-parser, babel-types

#15845 Implement import defer parsing support (@nicolo-ribaudo)

#15829 Add parsing support for the "source phase imports" proposal (@nicolo-ribaudo)

babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types

#15682 Add createImportExpressions parser option (@JLHwung)

babel-standalone

#15671 Pass through nonce to the transformed script element (@JLHwung)

babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types

#15751 Add support for optional chain in assignments (@nicolo-ribaudo)

babel-helpers, babel-plugin-proposal-decorators

#15895 Implement the "decorator metadata" proposal (@nicolo-ribaudo)

babel-traverse, babel-types

#15893 Add t.buildUndefinedNode (@liuxingbaoyu)

babel-preset-typescript

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.23.2 (2023-10-11)

🐛 Bug Fix

babel-traverse

#16033 Only evaluate own String/Number/Math methods (@nicolo-ribaudo)

babel-preset-typescript

#16022 Rewrite .tsx extension when using rewriteImportExtensions (@jimmydief)

babel-helpers

#16017 Fix: fallback to typeof when toString is applied to incompatible object (@JLHwung)

babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16025 Avoid override mistake in namespace imports (@nicolo-ribaudo)

v7.23.0 (2023-09-25)

🚀 New Feature

babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import

#15870 Support transforming import source for wasm (@nicolo-ribaudo)

babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone

#15878 Implement import defer proposal transform support (@nicolo-ribaudo)

babel-generator, babel-parser, babel-types

#15845 Implement import defer parsing support (@nicolo-ribaudo)

#15829 Add parsing support for the "source phase imports" proposal (@nicolo-ribaudo)

babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types

#15682 Add createImportExpressions parser option (@JLHwung)

babel-standalone

#15671 Pass through nonce to the transformed script element (@JLHwung)

babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types

#15751 Add support for optional chain in assignments (@nicolo-ribaudo)

babel-helpers, babel-plugin-proposal-decorators

#15895 Implement the "decorator metadata" proposal (@nicolo-ribaudo)

babel-traverse, babel-types

#15893 Add t.buildUndefinedNode (@liuxingbaoyu)

babel-preset-typescript

#15913 Add rewriteImportExtensions option to TS preset (@nicolo-ribaudo)

babel-parser

#15896 Allow TS tuples to have both labeled and unlabeled elements (@yukukotani)

🐛 Bug Fix

babel-plugin-transform-block-scoping

#15962 fix: transform-block-scoping captures the variables of the method in the loop (@liuxingbaoyu)

💅 Polish

babel-traverse

#15797 Expand evaluation of global built-ins in @babel/traverse (@lorenzoferre)

babel-plugin-proposal-explicit-resource-management

#15985 Improve source maps for blocks with using declarations (@nicolo-ribaudo)

🔬 Output optimization

babel-core, babel-helper-module-transforms, babel-plugin-transform-async-to-generator, babel-plugin-transform-classes, babel-plugin-transform-dynamic-import, babel-plugin-transform-function-name, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-inline-elements, babel-plugin-transform-runtime, babel-plugin-transform-typescript, babel-preset-env

#15984 Inline exports.XXX = update in simple variable declarations (@nicolo-ribaudo)

v7.22.20 (2023-09-16)

... (truncated)

Commits

b4b9942 v7.23.2
b13376b Only evaluate own String/Number/Math methods (#16033)
ca58ec1 v7.23.0
0f333da Add createImportExpressions parser option (#15682)
3744545 Fix linting
c7e6806 Add t.buildUndefinedNode (#15893)
38ee8b4 Expand evaluation of global built-ins in @babel/traverse (#15797)
9f3dfd9 v7.22.20
3ed28b2 Fully support || and && in pluginToggleBooleanFlag (#15961)
77b0d73 v7.22.19
Additional commits viewable in compare view

Updates jest-editor-support from 31.0.1 to 31.1.2

Release notes

Sourced from jest-editor-support's releases.

v31.1.2 (Oct 30, 2023)

update dependencies

What's Changed

Bump @babel/traverse from 7.20.10 to 7.23.2 by @dependabot in jest-community/jest-editor-support#112

Update node-ci.yml by @connectdotz in jest-community/jest-editor-support#114

Update node-ci.yml by @connectdotz in jest-community/jest-editor-support#115

bump version to 31.1.2 by @connectdotz in jest-community/jest-editor-support#113

Full Changelog: jest-community/jest-editor-support@v31.1.1...v31.1.2

v31.1.1 (Aug 13, 2023)

What's Changed

fix dashed-args for custom args by @connectdotz in jest-community/jest-editor-support#108

Bump semver from 5.7.1 to 5.7.2 by @dependabot in jest-community/jest-editor-support#105

Bump word-wrap from 1.2.3 to 1.2.4 by @dependabot in jest-community/jest-editor-support#106

prepare v31.1.1 release by @connectdotz in jest-community/jest-editor-support#109

Full Changelog: jest-community/jest-editor-support@v31.1.0...v31.1.1

v31.1.0 (Jun 13, 2023)

What's Changed

Bump yaml from 2.1.3 to 2.2.2 by @dependabot in jest-community/jest-editor-support#102

add useDashedArgs workspace setting by @mjamin in jest-community/jest-editor-support#103

prepare for v31.1.0 release by @connectdotz in jest-community/jest-editor-support#104

New Contributors

@mjamin made their first contribution in jest-community/jest-editor-support#103

Full Changelog: jest-community/jest-editor-support@v31.0.1...v31.1.0

Commits

54177db bump version to 31.1.2 (#113)
afa54b3 Update node-ci.yml (#115)
62df392 Update node-ci.yml (#114)
dbffff9 Bump @babel/traverse from 7.20.10 to 7.23.2 (#112)
20b1af6 prepare v31.1.1 release (#109)
73c37e4 Bump word-wrap from 1.2.3 to 1.2.4 (#106)
6c8ecaf Bump semver from 5.7.1 to 5.7.2 (#105)
5260c8f fix dashed-args for custom args (#108)
eff1544 prepare for v31.1.0 release (#104)
28a0be7 add useDashedArgs workspace setting (#103)
Additional commits viewable in compare view

Updates body-parser from 1.20.1 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

deps: qs@6.13.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/body-parser#522

ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/body-parser#523

fix: pin to node@22.4.1 by @wesleytodd in expressjs/body-parser#527

deps: qs@6.12.3 by @melikhov-dev in expressjs/body-parser#521

Add OSSF Scorecard badge by @bjohansebas in expressjs/body-parser#531

Linter by @UlisesGascon in expressjs/body-parser#534

Release: 1.20.3 by @UlisesGascon in expressjs/body-parser#535

New Contributors

@inigomarquinez made their first contribution in expressjs/body-parser#522

@melikhov-dev made their first contribution in expressjs/body-parser#521

@bjohansebas made their first contribution in expressjs/body-parser#531

@UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: raw-body@2.5.2

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

deps: qs@6.13.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: raw-body@2.5.2

Commits

1752951 1.20.3
39744cf chore: linter (#534)
b2695c4 Merge commit from fork
ade0f3f add scorecard to readme (#531)
99a1bd6 deps: qs@6.12.3 (#521)
9478591 fix: pin to node@22.4.1
83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
9d4e212 chore: add support for OSSF scorecard reporting (#522)
ee91374 1.20.2
368a93a Fix strict json error message on Node.js 19+
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates express from 4.18.2 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

Add funding field (v4) by @bjohansebas in expressjs/express#6065

deps: path-to-regexp@0.1.11 by @blakeembrey in expressjs/express#5956

deps: bump path-to-regexp@0.1.12 by @jonchurch in expressjs/express#6209

Release: 4.21.2 by @UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

Backport a fix for CVE-2024-47764 to the 4.x branch by @joshbuker in expressjs/express#6029

Release: 4.21.1 by @UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

Deprecate "back" magic string in redirects by @blakeembrey in expressjs/express#5935

finalhandler@1.3.1 by @wesleytodd in expressjs/express#5954

fix(deps): serve-static@1.16.2 by @wesleytodd in expressjs/express#5951

Upgraded dependency qs to 6.13.0 to match qs in body-parser by @agadzinski93 in expressjs/express#5946

New Contributors

@agadzinski93 made their first contribution in expressjs/express#5946

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)Description has been truncated

Summary by Sourcery

Enhancements:

Update jest-editor-support from 31.0.1 to 31.1.2.

Bumps the npm_and_yarn group with 21 updates in the /src/test/wix/TestData/EsprojReact directory: | Package | From | To | | --- | --- | --- | | [@adobe/css-tools](https://github.com/adobe/css-tools) | `4.2.0` | `4.4.2` | | [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` | | [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.21.0` | `7.26.10` | | [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.21.0` | `7.26.10` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.21.3` | `7.23.2` | | [jest-editor-support](https://github.com/jest-community/jest-editor-support) | `31.0.1` | `31.1.2` | | [body-parser](https://github.com/expressjs/body-parser) | `1.20.1` | `1.20.3` | | [express](https://github.com/expressjs/express) | `4.18.2` | `4.21.2` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [cross-spawn](https://github.com/moxystudio/node-cross-spawn) | `7.0.3` | `7.0.6` | | [ejs](https://github.com/mde/ejs) | `3.1.9` | `3.1.10` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.2` | `1.15.9` | | [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.7` | | [micromatch](https://github.com/micromatch/micromatch) | `4.0.5` | `4.0.8` | | [nanoid](https://github.com/ai/nanoid) | `3.3.4` | `3.3.11` | | [rollup](https://github.com/rollup/rollup) | `2.79.1` | `2.79.2` | | [serialize-javascript](https://github.com/yahoo/serialize-javascript) | `6.0.1` | `6.0.2` | | [tough-cookie](https://github.com/salesforce/tough-cookie) | `4.1.2` | `4.1.4` | | [webpack](https://github.com/webpack/webpack) | `5.76.1` | `5.98.0` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.3` | `5.3.4` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | Updates `@adobe/css-tools` from 4.2.0 to 4.4.2 - [Changelog](https://github.com/adobe/css-tools/blob/main/History.md) - [Commits](https://github.com/adobe/css-tools/commits) Updates `semver` from 6.3.0 to 6.3.1 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v6.3.1/CHANGELOG.md) - [Commits](npm/node-semver@v6.3.0...v6.3.1) Updates `@babel/helpers` from 7.21.0 to 7.26.10 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.26.10/packages/babel-helpers) Updates `@babel/runtime` from 7.21.0 to 7.26.10 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.26.10/packages/babel-runtime) Updates `@babel/traverse` from 7.21.3 to 7.23.2 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse) Updates `jest-editor-support` from 31.0.1 to 31.1.2 - [Release notes](https://github.com/jest-community/jest-editor-support/releases) - [Changelog](https://github.com/jest-community/jest-editor-support/blob/master/CHANGELOG.md) - [Commits](jest-community/jest-editor-support@v31.0.1...v31.1.2) Updates `body-parser` from 1.20.1 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.1...1.20.3) Updates `express` from 4.18.2 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.18.2...4.21.2) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `cookie` from 0.5.0 to 0.7.1 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](jshttp/cookie@v0.5.0...v0.7.1) Updates `cross-spawn` from 7.0.3 to 7.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v7.0.3...v7.0.6) Updates `ejs` from 3.1.9 to 3.1.10 - [Release notes](https://github.com/mde/ejs/releases) - [Commits](mde/ejs@v3.1.9...v3.1.10) Updates `express` from 4.18.2 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md) - [Commits](expressjs/express@4.18.2...4.21.2) Updates `follow-redirects` from 1.15.2 to 1.15.9 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.9) Updates `http-proxy-middleware` from 2.0.6 to 2.0.7 - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.7/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v2.0.6...v2.0.7) Updates `micromatch` from 4.0.5 to 4.0.8 - [Release notes](https://github.com/micromatch/micromatch/releases) - [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md) - [Commits](micromatch/micromatch@4.0.5...4.0.8) Updates `nanoid` from 3.3.4 to 3.3.11 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.3.4...3.3.11) Updates `path-to-regexp` from 0.1.7 to 0.1.12 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.12) Updates `rollup` from 2.79.1 to 2.79.2 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v2.79.1...v2.79.2) Updates `serialize-javascript` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/yahoo/serialize-javascript/releases) - [Commits](yahoo/serialize-javascript@v6.0.1...v6.0.2) Updates `send` from 0.18.0 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `serve-static` from 1.15.0 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...v1.16.2) Updates `tough-cookie` from 4.1.2 to 4.1.4 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.1.2...v4.1.4) Updates `webpack` from 5.76.1 to 5.98.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.76.1...v5.98.0) Updates `webpack-dev-middleware` from 5.3.3 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) --- updated-dependencies: - dependency-name: "@adobe/css-tools" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/helpers" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/runtime" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: jest-editor-support dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cross-spawn dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ejs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: http-proxy-middleware dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: micromatch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: rollup dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serialize-javascript dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

sourcery-ai · 2025-03-20T14:16:18Z

Reviewer's Guide by Sourcery

This pull request updates npm dependencies in the /src/test/wix/TestData/EsprojReact directory. It involves updating the package.json and package-lock.json files to reflect the new versions of the dependencies.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change	Details	Files
Bumped several npm dependencies to newer versions.	Updated @adobe/css-tools from 4.2.0 to 4.4.2. Updated semver from 6.3.0 to 6.3.1. Updated @babel/helpers from 7.21.0 to 7.26.10. Updated @babel/runtime from 7.21.0 to 7.26.10. Updated @babel/traverse from 7.21.3 to 7.23.2. Updated jest-editor-support from 31.0.1 to 31.1.2. Updated body-parser from 1.20.1 to 1.20.3. Updated express from 4.18.2 to 4.21.2. Updated braces from 3.0.2 to 3.0.3. Updated cross-spawn from 7.0.3 to 7.0.6. Updated ejs from 3.1.9 to 3.1.10. Updated follow-redirects from 1.15.2 to 1.15.9. Updated http-proxy-middleware from 2.0.6 to 2.0.7. Updated micromatch from 4.0.5 to 4.0.8. Updated nanoid from 3.3.4 to 3.3.11. Updated rollup from 2.79.1 to 2.79.2. Updated serialize-javascript from 6.0.1 to 6.0.2. Updated tough-cookie from 4.1.2 to 4.1.4. Updated webpack from 5.76.1 to 5.98.0. Updated webpack-dev-middleware from 5.3.3 to 5.3.4. Updated word-wrap from 1.2.3 to 1.2.5.	`src/test/wix/TestData/EsprojReact/package.json` `src/test/wix/TestData/EsprojReact/package-lock.json`

Tips and commands

Interacting with Sourcery

Trigger a new review: Comment @sourcery-ai review on the pull request.
Continue discussions: Reply directly to Sourcery's review comments.
Generate a GitHub issue from a review comment: Ask Sourcery to create an
issue from a review comment by replying to it. You can also reply to a
review comment with @sourcery-ai issue to create an issue from it.
Generate a pull request title: Write @sourcery-ai anywhere in the pull
request title to generate a title at any time. You can also comment
@sourcery-ai title on the pull request to (re-)generate the title at any time.
Generate a pull request summary: Write @sourcery-ai summary anywhere in
the pull request body to generate a PR summary at any time exactly where you
want it. You can also comment @sourcery-ai summary on the pull request to
(re-)generate the summary at any time.
Generate reviewer's guide: Comment @sourcery-ai guide on the pull
request to (re-)generate the reviewer's guide at any time.
Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
pull request to resolve all Sourcery comments. Useful if you've already
addressed all the comments and don't want to see them anymore.
Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
request to dismiss all existing Sourcery reviews. Especially useful if you
want to start fresh with a new review - don't forget to comment
@sourcery-ai review to trigger a new review!
Generate a plan of action for an issue: Comment @sourcery-ai plan on
an issue to generate a plan of action for it.

Customizing Your Experience

Access your dashboard to:

Enable or disable review features such as the Sourcery-generated pull request
summary, the reviewer's guide, and others.
Change the review language.
Add, remove or edit custom review instructions.
Adjust other review settings.

Getting Help

Contact our support team for questions or feedback.
Visit our documentation for detailed guides and information.
Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

sourcery-ai

We have skipped reviewing this pull request. It seems to have been created by a bot (hey, dependabot[bot]!). We assume it knows what it's doing!

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 20, 2025

sourcery-ai Bot reviewed Mar 20, 2025

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 1 directory with 25 updates#1

Bump the npm_and_yarn group across 1 directory with 25 updates#1
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/npm_and_yarn/src/test/wix/TestData/EsprojReact/npm_and_yarn-fe222644ec

dependabot Bot commented on behalf of github Mar 20, 2025 •

edited by sourcery-ai Bot

Loading

Summary by Sourcery

Uh oh!

sourcery-ai Bot commented Mar 20, 2025 •

edited

Loading

Interacting with Sourcery

Customizing Your Experience

Getting Help

Uh oh!

sourcery-ai Bot left a comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Mar 20, 2025 • edited by sourcery-ai Bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

4.4.2 / 2025-02-12

4.4.0 / 2024-06-05

4.3.3 / 2024-01-24

4.3.2 / 2023-11-28

4.3.1 / 2023-03-14

4.3.0 / 2023-03-07

v6.3.1

6.3.1 (2023-07-10)

Bug Fixes

6.3.1 (2023-07-10)

Bug Fixes

6.2.0

6.1.3

6.1.2

6.1.1

6.1.0

6.0

5.7

5.6

5.5

v7.26.10 (2025-03-11)

👓 Spec Compliance

🐛 Bug Fix

💅 Polish

🏠 Internal

Committers: 6

v7.26.9 (2025-02-14)

🐛 Bug Fix

v7.26.10 (2025-03-11)

👓 Spec Compliance

🐛 Bug Fix

💅 Polish

🏠 Internal

v7.26.9 (2025-02-14)

🐛 Bug Fix

🏠 Internal

v7.26.7 (2025-01-24)

🐛 Bug Fix

v7.26.10 (2025-03-11)

👓 Spec Compliance

🐛 Bug Fix

💅 Polish

🏠 Internal

Committers: 6

v7.26.9 (2025-02-14)

🐛 Bug Fix

v7.26.10 (2025-03-11)

👓 Spec Compliance

🐛 Bug Fix

💅 Polish

🏠 Internal

v7.26.9 (2025-02-14)

🐛 Bug Fix

🏠 Internal

v7.26.7 (2025-01-24)

🐛 Bug Fix

v7.23.2 (2023-10-11)

🐛 Bug Fix

Committers: 5

v7.23.1 (2023-09-25)

v7.23.0 (2023-09-25)

🚀 New Feature

v7.23.2 (2023-10-11)

🐛 Bug Fix

v7.23.0 (2023-09-25)

🚀 New Feature

🐛 Bug Fix

💅 Polish

🔬 Output optimization

v7.22.20 (2023-09-16)

v31.1.2 (Oct 30, 2023)

What's Changed

v31.1.1 (Aug 13, 2023)

What's Changed

v31.1.0 (Jun 13, 2023)

What's Changed

New Contributors

dependabot Bot commented on behalf of github Mar 20, 2025 •

edited by sourcery-ai Bot

Loading

sourcery-ai Bot commented Mar 20, 2025 •

edited

Loading