Bump the production-dependencies group across 1 directory with 10 updates

[dependabot]

Bumps the production-dependencies group with 8 updates in the / directory:

Package	From	To
@babel/runtime	7.25.7	7.26.7
@natlibfi/melinda-backend-commons	2.3.1	2.3.6
@natlibfi/melinda-commons	13.0.17	13.0.19
@natlibfi/melinda-record-import-commons	11.0.0	11.0.1
@natlibfi/melinda-rest-api-commons	4.2.1	4.2.3
@natlibfi/passport-natlibfi-keycloak	2.2.0-alpha.3	2.2.0-alpha.6
express	4.21.1	4.21.2
http-status	1.7.4	1.8.1

Updates @babel/runtime from 7.25.7 to 7.26.7

Release notes

Sourced from @​babel/runtime's releases.

v7.26.7 (2025-01-24)

Thanks @​branchseer and @​tquetano-netflix for your first PRs!

🐛 Bug Fix

• babel-helpers, babel-preset-env, babel-runtime-corejs3
  • #17086 Make "object without properties" helpers ES6-compatible (@​tquetano-netflix)
• babel-plugin-transform-typeof-symbol
  • #17085 fix: Correctly handle typeof in arrow functions (@​liuxingbaoyu)
• babel-parser
  • #17079 Respect ranges option in estree method value (@​JLHwung)
• babel-core
  • #17052 Do not try to parse .ts configs as JSON if natively supported (@​nicolo-ribaudo)
• babel-plugin-transform-typescript
  • #17050 fix: correctly resolve references to non-constant enum members (@​branchseer)
• babel-plugin-transform-typescript, babel-traverse, babel-types
  • #17025 fix: Remove type-only import x = y.z (@​liuxingbaoyu)

Committers: 6

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• Tony Quetano (@​tquetano-netflix)
• @​branchseer
• @​liuxingbaoyu

v7.26.6 (2025-01-13)

🐛 Bug Fix

• babel-plugin-transform-nullish-coalescing-operator
  • #17061 fix: Chaining nullish coalescing operators output size regression (@​liuxingbaoyu)

Committers: 1

• @​liuxingbaoyu

v7.26.5 (2025-01-10)

👓 Spec Compliance

• babel-parser
  • #17011 Allow the dynamic import.defer() form of import defer (@​babel-bot)

🐛 Bug Fix

• babel-plugin-transform-block-scoped-functions
  • #17024 chore: Avoid calling isInStrictMode in Babel 7 (@​liuxingbaoyu)
• babel-plugin-transform-typescript
  • #17026 fix: Correctly generate exported const enums in namespace (@​liuxingbaoyu)
• babel-parser
  • #17045 [estree] Unify method type parameters handling (@​JLHwung)
  • #17013 fix: Correctly set position for @(a.b)() (@​liuxingbaoyu)
  • #16996 [estree] Adjust the start loc of class methods with type params (@​nicolo-ribaudo)

... (truncated)

Changelog

Sourced from @​babel/runtime's changelog.

v7.26.7 (2025-01-24)

🐛 Bug Fix

• babel-helpers, babel-preset-env, babel-runtime-corejs3
  • #17086 Make "object without properties" helpers ES6-compatible (@​tquetano-netflix)
• babel-plugin-transform-typeof-symbol
  • #17085 fix: Correctly handle typeof in arrow functions (@​liuxingbaoyu)
• babel-parser
  • #17079 Respect ranges option in estree method value (@​JLHwung)
• babel-core
  • #17052 Do not try to parse .ts configs as JSON if natively supported (@​nicolo-ribaudo)
• babel-plugin-transform-typescript
  • #17050 fix: correctly resolve references to non-constant enum members (@​branchseer)
• babel-plugin-transform-typescript, babel-traverse, babel-types
  • #17025 fix: Remove type-only import x = y.z (@​liuxingbaoyu)

v7.26.6 (2025-01-13)

🐛 Bug Fix

• babel-plugin-transform-nullish-coalescing-operator
  • #17061 fix: Chaining nullish coalescing operators output size regression (@​liuxingbaoyu)

v7.26.5 (2025-01-10)

👓 Spec Compliance

• babel-parser
  • #17011 Allow the dynamic import.defer() form of import defer (@​babel-bot)

🐛 Bug Fix

• babel-plugin-transform-block-scoped-functions
  • #17024 chore: Avoid calling isInStrictMode in Babel 7 (@​liuxingbaoyu)
• babel-plugin-transform-typescript
  • #17026 fix: Correctly generate exported const enums in namespace (@​liuxingbaoyu)
• babel-parser
  • #17045 [estree] Unify method type parameters handling (@​JLHwung)
  • #17013 fix: Correctly set position for @(a.b)() (@​liuxingbaoyu)
  • #16996 [estree] Adjust the start loc of class methods with type params (@​nicolo-ribaudo)
• babel-generator, babel-parser, babel-plugin-transform-flow-strip-types, babel-types
  • #17028 Support flow jsx opening element type arguments (@​JLHwung)
• babel-compat-data, babel-preset-env
  • #17031 fix: More accurate transform-typeof-symbol compat data (@​liuxingbaoyu)
• babel-generator, babel-parser, babel-types
  • #17019 Fix incomplete visitor keys (@​JLHwung)

🔬 Output optimization

• babel-plugin-transform-nullish-coalescing-operator
  • #16612 Improve nullish coalescing operator output (@​liuxingbaoyu)

v7.26.4 (2024-12-05)

↩️ Revert

• babel-traverse
  • #17005 Revert "perf: Improve scope information collection performance" (@​JLHwung)

... (truncated)

Commits

• 2d95140 v7.26.7
• 63d3038 v7.26.0
• b07957e v7.25.9
• af91759 fix: Accidentally publishing useless files (#16917)
• See full diff in compare view

Updates @natlibfi/melinda-backend-commons from 2.3.1 to 2.3.6

Release notes

Sourced from @​natlibfi/melinda-backend-commons's releases.

v2.3.6

What's Changed

• Test by @​natlibfi-jonollil in NatLibFi/melinda-backend-commons-js#139
• update poistot mail template by @​natlibfi-jonollil in NatLibFi/melinda-backend-commons-js#140
• Dependency update by @​ammsalme in NatLibFi/melinda-backend-commons-js#143

Full Changelog: NatLibFi/melinda-backend-commons-js@v2.3.3...v2.3.6

v2.3.3

What's Changed

• Dependency update by @​ammsalme in NatLibFi/melinda-backend-commons-js#134

Full Changelog: NatLibFi/melinda-backend-commons-js@v2.3.1...v2.3.3

Commits

• 6f72371 2.3.6
• fb1d853 Dependency update (#143)
• 1321d89 2.3.5
• 4783db9 update poistot mail template (#140)
• 2c16fca 2.3.4
• 641904e Test (#139)
• b821873 2.3.3
• aa70a10 Dependency update (#134)
• 7057de2 2.3.2
• aeef354 Update utils.js
• See full diff in compare view

Updates @natlibfi/melinda-commons from 13.0.17 to 13.0.19

Release notes

Sourced from @​natlibfi/melinda-commons's releases.

v13.0.19

What's Changed

• Dependency & Maintenance Update by @​ammsalme in NatLibFi/melinda-commons-js#208

Full Changelog: NatLibFi/melinda-commons-js@v13.0.18...v13.0.19

v13.0.18

What's Changed

• Dependency update by @​ammsalme in NatLibFi/melinda-commons-js#178
• Dependency update by @​ammsalme in NatLibFi/melinda-commons-js#193

Full Changelog: NatLibFi/melinda-commons-js@v13.0.16...v13.0.18

Commits

• 17e543a 13.0.19
• beae172 Dependency & Maintenance Update (#208)
• 90101f0 13.0.18
• b4c59b1 Dependency update (#193)
• bca0869 Dependency update (#178)
• See full diff in compare view

Updates @natlibfi/melinda-record-import-commons from 11.0.0 to 11.0.1

Commits

• 8912099 11.0.1
• 7b2c0df Fix blob updates (#74)
• 9b1f844 fix error on right amount of records
• See full diff in compare view

Updates @natlibfi/melinda-rest-api-commons from 4.2.1 to 4.2.3

Release notes

Sourced from @​natlibfi/melinda-rest-api-commons's releases.

v4.2.3

What's Changed

• Dependency update by @​ammsalme in NatLibFi/melinda-rest-api-commons#292

Full Changelog: NatLibFi/melinda-rest-api-commons@v4.2.2...v4.2.3

v4.2.2

What's Changed

• Add strip melinda temp subfields fix (#281) by @​ammsalme in NatLibFi/melinda-rest-api-commons#282

Full Changelog: NatLibFi/melinda-rest-api-commons@v4.2.1...v4.2.2

Commits

• ae12025 4.2.3
• 8e252a7 Dependency update (#292)
• 6ea6cdf 4.2.2
• 509b6c9 Add strip melinda temp subfields fix (#281) (#282)
• See full diff in compare view

Updates @natlibfi/passport-natlibfi-keycloak from 2.2.0-alpha.3 to 2.2.0-alpha.6

Commits

• 4ee8ed0 2.2.0-alpha.6
• dce4ced Add latest @​natlibfi/passport-keycloak v2.2.0 alpha version
• e482521 Merge branch 'main' into feature-cookie-strategy
• 84d6af0 2.1.4
• 405bc41 Maintenance update (#93)
• a07d4f1 2.2.0-alpha.5
• a504888 remove dependencies that can be replaced easily (#91)
• 58a0e4e 2.2.0-alpha.4
• cbf19f6 fix dependencies
• 918c2a2 Update deps
• Additional commits viewable in compare view

Updates debug from 4.3.7 to 4.4.0

Release notes

Sourced from debug's releases.

4.4.0

Fixes (hopefully) the inefficient regex warnings in .enable().

Minor version as this is invariably going to break certain users who misuse the .enable() API and expected it to work with regexes, which was never supported nor documented. That's on you, sorry - that functionality won't be added back.

Full Changelog: debug-js/debug@4.3.7...4.4.0

Commits

• 7e3814c 4.4.0
• d2d6bf0 fix inefficient .enable() regex and .enabled() test
• See full diff in compare view

Updates express from 4.21.1 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

• Add funding field (v4) by @​bjohansebas in expressjs/express#6065
• deps: [email protected] by @​blakeembrey in expressjs/express#5956
• deps: bump [email protected] by @​jonchurch in expressjs/express#6209
• Release: 4.21.2 by @​UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

• deps: [email protected]
  • Fix backtracking protection
• deps: [email protected]
  • Throws an error on invalid path values

Commits

• 1faf228 4.21.2
• 2e0fb64 deps: bump [email protected] (#6209)
• 59fc270 deps: [email protected] (#5956)
• 51fc39c docs: add funding (#6065)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.

Updates http-status from 1.7.4 to 1.8.1

Changelog

Sourced from http-status's changelog.

1.8.1 (2024-10-21)

• Revert changes introduced by 1.8.0

Commits

• a1001e0 chore(release): 1.8.1
• See full diff in compare view

Updates mongodb from 6.9.0 to 6.12.0

Release notes

Sourced from mongodb's releases.

v6.12.0

6.12.0 (2024-12-10)

The MongoDB Node.js team is pleased to announce version 6.12.0 of the mongodb package!

Release Notes

[email protected] is now supported for zstd compression

The new @​mongodb-js/zstd@​2.0 release can now be used with the driver for zstd compression.

Populate ServerDescription.error field when primary marked stale

We now attach an error to the newly created ServerDescription object when marking a primary as stale. This helps with debugging SDAM issues when monitoring SDAM events.

BSON upgraded to v6.10.1

See: https://github.com/mongodb/js-bson/releases/tag/v6.10.1

Socket read stream set to object mode

Socket data was being read with a stream set to buffer mode when it should be set to object mode to prevent inaccurate data chunking, which may have caused message parsing errors in rare cases.

SOCKS5: MongoNetworkError wrap fix

If the driver encounters an error while connecting to a socks5 proxy, the driver wraps the socks5 error in a MongoNetworkError. In some circumstances, this resulted in the driver wrapping MongoNetworkErrors inside MongoNetworkErrors.

The driver no longer double wraps errors in MongoNetworkErrors.

Features

• NODE-6593: add support for [email protected] (#4346) (ea8a33f)
• NODE-6605: add error message when invalidating primary (#4340) (37613f1)

Bug Fixes

• NODE-6583: upgrade to BSON v6.10.1 to remove internal unbounded type cache (#4338) (249c279)
• NODE-6600: set object mode correctly for message chunking in SizedMessageTransform (#4345) (5558573)
• NODE-6602: only wrap errors from SOCKS in network errors (#4347) (ed83f36)

Documentation

• Reference
• API
• Changelog

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

v6.11.0

6.11.0 (2024-11-22)

... (truncated)

Changelog

Sourced from mongodb's changelog.

6.12.0 (2024-12-10)

Features

• NODE-6593: add support for [email protected] (#4346) (ea8a33f)
• NODE-6605: add error message when invalidating primary (#4340) (37613f1)

Bug Fixes

• NODE-6583: upgrade to BSON v6.10.1 to remove internal unbounded type cache (#4338) (249c279)
• NODE-6600: set object mode correctly for message chunking in SizedMessageTransform (#4345) (5558573)
• NODE-6602: only wrap errors from SOCKS in network errors (#4347) (ed83f36)

6.11.0 (2024-11-22)

Features

• NODE-5682: set maxTimeMS on commands and preempt I/O (#4174) (e4e6a5e)
• NODE-5844: add iscryptd to ServerDescription (#4239) (c39d443)
• NODE-6069: OIDC k8s machine workflow (#4270) (82c931c)
• NODE-6090: Implement CSOT logic for connection checkout and server selection (bd8a9f4)
• NODE-6231: Add CSOT behaviour for retryable reads and writes (#4186) (2ffd5eb)
• NODE-6274: add CSOT support to bulkWrite (#4250) (c5a9ae5)
• NODE-6275: Add CSOT support to GridFS (#4246) (3cb8187)
• NODE-6304: add CSOT support for non-tailable cursors (#4195) (131f6ed)
• NODE-6305: Add CSOT support to tailable cursors (#4218) (2398fc6)
• NODE-6312: add error transformation for server timeouts (#4192) (c2c0cb9)
• NODE-6313: add CSOT support to sessions and transactions (#4199) (5f1102f)
• NODE-6387: Add CSOT support to change streams (#4256) (4588ff2)
• NODE-6389: add support for timeoutMS in StateMachine.execute() (#4243) (c55f965)
• NODE-6390: Add timeoutMS support to auto encryption (#4265) (55e08e7)
• NODE-6391: Add timeoutMS support to explicit encryption (#4269) (f745b99)
• NODE-6392: add timeoutMS support to ClientEncryption helpers part 1 (#4281) (e86f11e)
• NODE-6403: add CSOT support to client bulk write (#4261) (365d63b)
• NODE-6421: add support for timeoutMS to explain helpers (#4268) (5b2629b)
• NODE-6446: deprecate legacy timeout options (#4279) (c28608b)
• NODE-6551: update bson to 6.10.0 (#4329) (adb15fe)

Bug Fixes

• NODE-6374: MongoOperationTimeoutError inherits MongoRuntimeError (#4237) (9fb896a)
• NODE-6412: read stale response from previously timed out connection (#4273) (fd8f3bd)
• NODE-6454: use timeoutcontext for state machine execute() cursor options (#4291) (5dd8ee5)
• NODE-6469: pool is cleared before connection checkin on error (#4296) (06a2e2c)
• NODE-6523: deleteMany in gridfs passes timeoutMS to predicate, not options (#4319) (1965ed5)

... (truncated)

Commits

• b4e5f49 chore(main): release 6.12.0 [skip-ci] (#4348)
• bc41f2e docs(NODE-6483): Add documentation for countDocuments $match operator (#4342)
• 37613f1 feat(NODE-6605): add error message when invalidating primary (#4340)
• ea8a33f feat(NODE-6593): add support for [email protected] (#4346)
• ed83f36 fix(NODE-6602): only wrap errors from SOCKS in network errors (#4347)
• ed2bdbe docs(NODE-6595): update compatibility table for [email protected] (#4349)
• 63e1459 test(NODE-6532): unskip transactions tests on serverless (#4332)
• 249c279 fix(NODE-6583): upgrade to BSON v6.10.1 to remove internal unbounded type cac...
• 5558573 fix(NODE-6600): set object mode correctly for message chunking in SizedMessag...
• 260e052 test(NODE-6527): sync pool-checkout-returned-connection-maxConnecting tests (...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions