Skip to content

Bump the npm_and_yarn group across 2 directories with 38 updates#46

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/npm_and_yarn-387ef61ff9
Open

Bump the npm_and_yarn group across 2 directories with 38 updates#46
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/npm_and_yarn-387ef61ff9

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 6, 2025

Copy link
Copy Markdown

Bumps the npm_and_yarn group with 5 updates in the / directory:

Package From To
express 4.17.1 4.20.0
decode-uri-component 0.2.0 0.2.2
minimatch 3.0.4 3.1.2
minimist 1.2.5 1.2.8
semver 6.3.0 6.3.1

Bumps the npm_and_yarn group with 9 updates in the /client directory:

Package From To
express 4.17.1 4.21.2
debug 2.6.8 2.6.9
decode-uri-component 0.2.0 0.2.2
minimatch 3.0.3 3.1.2
react-scripts 1.0.10 5.0.1
bootstrap 3.4.1 5.0.0
node-fetch 1.7.3 removed
react 15.6.2 19.1.0
react-dom 15.6.2 19.1.0

Updates express from 4.17.1 to 4.20.0

Release notes

Sourced from express's releases.

4.20.0

What's Changed

Important

  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect

Other Changes

New Contributors

Full Changelog: expressjs/express@4.19.1...4.20.0

... (truncated)

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

  • deps: serve-static@0.16.0
    • Remove link renderization in html while redirecting
  • deps: send@0.19.0
    • Remove link renderization in html while redirecting
  • deps: body-parser@0.6.0
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: path-to-regexp@0.1.10
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

  • Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

  • Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

  • Prevent open redirect allow list bypass due to encodeurl
  • deps: cookie@0.6.0

4.18.3 / 2024-02-29

  • Fix routing requests without method
  • deps: body-parser@1.20.2
    • Fix strict json error message on Node.js 19+
    • deps: content-type@~1.0.5
    • deps: raw-body@2.5.2
  • deps: cookie@0.6.0
    • Add partitioned option

4.18.2 / 2022-10-08

  • Fix regression routing a large stack in a single route
  • deps: body-parser@1.20.1

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.


Updates body-parser from 1.19.0 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

New Contributors

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2

1.20.1

  • deps: qs@6.11.0
  • perf: remove unnecessary object clone

1.20.0

  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: depd@2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
  • deps: http-errors@2.0.0
    • deps: depd@2.0.0
    • deps: statuses@2.0.1
  • deps: on-finished@2.4.1
  • deps: qs@6.10.3

... (truncated)

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2

1.20.1 / 2022-10-06

  • deps: qs@6.11.0
  • perf: remove unnecessary object clone

1.20.0 / 2022-04-02

  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: depd@2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
  • deps: http-errors@2.0.0
    • deps: depd@2.0.0
    • deps: statuses@2.0.1
  • deps: on-finished@2.4.1
  • deps: qs@6.10.3
  • deps: raw-body@2.5.1
    • deps: http-errors@2.0.0

1.19.2 / 2022-02-15

  • deps: bytes@3.1.2
  • deps: qs@6.9.7
    • Fix handling of __proto__ keys
  • deps: raw-body@2.4.3
    • deps: bytes@3.1.2

1.19.1 / 2021-12-10

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.


Updates cookie from 0.4.0 to 0.6.0

Release notes

Sourced from cookie's releases.

0.6.0

  • Add partitioned option

0.5.0

  • Add priority option
  • Fix expires option to reject invalid dates
  • pref: improve default decode speed
  • pref: remove slow string split in parse

0.4.2

  • pref: read value only when assigning in parse
  • pref: remove unnecessary regexp in parse

0.4.1

  • Fix maxAge option to reject invalid values
Changelog

Sourced from cookie's changelog.

0.6.0 / 2023-11-06

  • Add partitioned option

0.5.0 / 2022-04-11

  • Add priority option
  • Fix expires option to reject invalid dates
  • perf: improve default decode speed
  • perf: remove slow string split in parse

0.4.2 / 2022-02-02

  • perf: read value only when assigning in parse
  • perf: remove unnecessary regexp in parse

0.4.1 / 2020-04-21

  • Fix maxAge option to reject invalid values
Commits

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

  • Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

  • Switch to GitHub workflows 76abc93
  • Fix issue where decode throws - fixes #6 746ca5d
  • Update license (#1) 486d7e2
  • Tidelift tasks a650457
  • Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

Updates minimatch from 3.0.4 to 3.1.2

Commits

Updates minimist from 1.2.5 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

Fixed

Commits

  • Merge tag 'v0.2.3' a026794
  • [eslint] fix indentation and whitespace 5368ca4
  • [eslint] fix indentation and whitespace e5f5067
  • [eslint] more cleanup 62fde7d
  • [eslint] more cleanup 36ac5d0
  • [meta] add auto-changelog 73923d2
  • [actions] add reusable workflows d80727d
  • [eslint] add eslint; rules to enable later are warnings 48bc06a
  • [eslint] fix indentation 34b0f1c
  • [readme] rename and add badges 5df0fe4
  • [Dev Deps] switch from covert to nyc a48b128
  • [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
  • [meta] create FUNDING.yml; add funding in package.json 3639e0c
  • [meta] use npmignore to autogenerate an npmignore file be2e038
  • Only apps should have lockfiles 282b570
  • isConstructorOrProto adapted from PR ef9153f
  • [Dev Deps] update @ljharb/eslint-config, aud 098873c
  • [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
  • [meta] add safe-publish-latest 4b927de
  • [Tests] add aud in posttest b32d9bd
  • [meta] update repo URLs f9fdfc0
  • [actions] Avoid 0.6 tests due to build failures ba92fe6
  • [Dev Deps] update tape 950eaa7
  • [Dev Deps] add missing npmignore dev dep 3226afa
  • Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits
  • 6901ee2 v1.2.8
  • a026794 Merge tag 'v0.2.3'
  • c0b2661 v0.2.3
  • 63b8fee [Fix] Fix long option followed by single dash (#17)
  • 72239e6 [Tests] Remove duplicate test (#12)
  • 34b0f1c [eslint] fix indentation
  • 3226afa [Dev Deps] add missing npmignore dev dep
  • 098873c [Dev Deps] update @ljharb/eslint-config, aud
  • 9ec4d27 [Fix] Fix long option followed by single dash
  • ba92fe6 [actions] Avoid 0.6 tests due to build failures
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.


Updates path-to-regexp from 0.1.7 to 0.1.10

Release notes

Sourced from path-to-regexp's releases.

Backtrack protection

Fixed

  • Add backtrack protection to parameters 29b96b4
    • This will break some edge cases but should improve performance

pillarjs/path-to-regexp@v0.1.9...v0.1.10

Support non-lookahead regex output

Added

  • Allow a non-lookahead regex (#312) c4272e4

component/path-to-regexp@v0.1.8...v0.1.9

Support named matching groups in RegExp

Added

  • Add support for named matching groups (#301) 114f62d

pillarjs/path-to-regexp@v0.1.7...v0.1.8

Commits

Updates qs from 6.7.0 to 6.11.0

Changelog

Sourced from qs's changelog.

6.11.0

  • [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option (#442)
  • [readme] fix version badge

6.10.5

  • [Fix] stringify: with arrayFormat: comma, properly include an explicit [] on a single-item array (#434)

6.10.4

  • [Fix] stringify: with arrayFormat: comma, include an explicit [] on a single-item array (#441)
  • [meta] use npmignore to autogenerate an npmignore file
  • [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, object-inspect, tape

6.10.3

  • [Fix] parse: ignore __proto__ keys (#428)
  • [Robustness] stringify: avoid relying on a global undefined (#427)
  • [actions] reuse common workflows
  • [Dev Deps] update eslint, @ljharb/eslint-config, object-inspect, tape

6.10.2

  • [Fix] stringify: actually fix cyclic references (#426)
  • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
  • [Docs] add note and links for coercing primitive values (#408)
  • [actions] update codecov uploader
  • [actions] update workflows
  • [Tests] clean up stringify tests slightly
  • [Dev Deps] update eslint, @ljharb/eslint-config, aud, object-inspect, safe-publish-latest, tape

6.10.1

  • [Fix] stringify: avoid exception on repeated object values (#402)

6.10.0

  • [New] stringify: throw on cycles, instead of an infinite loop (#395, #394, #393)
  • [New] parse: add allowSparse option for collapsing arrays with missing indices (#312)
  • [meta] fix README.md (#399)
  • [meta] only run npm run dist in publish, not install
  • [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbols, tape
  • [Tests] fix tests on node v0.6
  • [Tests] use ljharb/actions/node/install instead of ljharb/actions/node/run
  • [Tests] Revert "[meta] ignore eclint transitive audit warning"

6.9.7

  • [Fix] parse: ignore __proto__ keys (#428)
  • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
  • [Robustness] stringify: avoid relying on a global undefined (#427)
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
  • [Docs] add note and links for coercing primitive values (#408)
  • [Tests] clean up stringify tests slightly
  • [meta] fix README.md (#399)
  • Revert "[meta] ignore eclint transitive audit warning"

... (truncated)

Commits
  • 56763c1 v6.11.0
  • ddd3e29 [readme] fix version badge
  • c313472 [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option
  • 95bc018 v6.10.5
  • 0e903c0 [Fix] stringify: with arrayFormat: comma, properly include an explicit `[...
  • ba9703c v6.10.4
  • 4e44019 [Fix] stringify: with arrayFormat: comma, include an explicit [] on a s...
  • 113b990 [Dev Deps] update object-inspect
  • c77f38f [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, tape
  • 2cf45b2 [meta] use npmignore to autogenerate an npmignore file
  • Additional commits viewable in compare view

Updates semver from 6.3.0 to 6.3.1

Release notes

Sourced from semver's releases.

v6.3.1

6.3.1 (2023-07-10)

Bug Fixes

Changelog

Sourced from semver's changelog.

6.3.1 (2023-07-10)

Bug Fixes

6.2.0

  • Coerce numbers to strings when passed to semver.coerce()
  • Add rtl option to coerce from right to left

6.1.3

  • Handle X-ranges properly in includePrerelease mode

6.1.2

  • Do not throw when testing invalid version strings

6.1.1

  • Add options support for semver.coerce()
  • Handle undefined version passed to Range.test

6.1.0

  • Add semver.compareBuild function
  • Support * in semver.intersects

6.0

  • Fix intersects logic.

    This is technically a bug fix, but since it is also a change to behavior that may require users updating their code, it is marked as a major version increment.

5.7

  • Add minVersion method

5.6

  • Move boolean loose param to an options object, with backwards-compatibility protection.
  • Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.


Updates send from 0.17.1 to 0.18.0

Changelog

Sourced from send's changelog.

0.18.0 / 2022-03-23

  • Fix emitted 416 error missing headers property
  • Limit the headers removed for 304 response
  • deps: depd@2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
  • deps: destroy@1.2.0
  • deps: http-errors@2.0.0
    • deps: depd@2.0.0
    • deps: statuses@2.0.1
  • deps: on-finished@2.4.1
  • deps: statuses@2.0.1

0.17.2 / 2021-12-11

  • pref: ignore empty http tokens
  • deps: http-errors@1.8.1
    • deps: inherits@2.0.4
    • deps: toidentifier@1.0.1
    • deps: setprototypeof@1.2.0
  • deps: ms@2.1.3
Commits

Updates serve-static from 1.14.1 to 1.16.0

Release notes

Sourced from serve-static's releases.

1.16.0

What's Changed

New Contributors

Full Changelog: expressjs/serve-static@v1.15.0...1.16.0

1.15.0

  • deps: send@0.18.0
    • Fix emitted 416 error missing headers property
    • Limit the headers removed for 304 response
    • deps: depd@2.0.0
    • deps: destroy@1.2.0
    • deps: http-errors@2.0.0
    • deps: on-finished@2.4.1
    • deps: statuses@2.0.1

1.14.2

  • deps: send@0.17.2
    • deps: http-errors@1.8.1
    • deps: ms@2.1.3
    • pref: ignore empty http tokens
Changelog

Sourced from serve-static's changelog.

1.16.0 / 2024-09-10

  • Remove link renderization in html while redirecting

1.15.0 / 2022-03-24

  • deps: send@0.18.0
    • Fix emitted 416 error missing headers property
    • Limit the headers removed for 304 response
    • deps: depd@2.0.0
    • deps: destroy@1.2.0
    • deps: http-errors@2.0.0
    • deps: on-finished@2.4.1
    • deps: statuses@2.0.1

1.14.2 / 2021-12-15

  • deps: send@0.17.2
    • deps: http-errors@1.8.1
    • deps: ms@2.1.3
    • pref: ignore empty http tokens
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for serve-static since your current version.


Updates express from 4.17.1 to 4.21.2

Release notes

Sourced from express's releases.

4.20.0

What's Changed

Important

  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect

Other Changes

Bumps the npm_and_yarn group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [express](https://github.com/expressjs/express) | `4.17.1` | `4.20.0` |
| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |
| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.2` |
| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |
| [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` |

Bumps the npm_and_yarn group with 9 updates in the /client directory:

| Package | From | To |
| --- | --- | --- |
| [express](https://github.com/expressjs/express) | `4.17.1` | `4.21.2` |
| [debug](https://github.com/debug-js/debug) | `2.6.8` | `2.6.9` |
| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |
| [minimatch](https://github.com/isaacs/minimatch) | `3.0.3` | `3.1.2` |
| [react-scripts](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-scripts) | `1.0.10` | `5.0.1` |
| [bootstrap](https://github.com/twbs/bootstrap) | `3.4.1` | `5.0.0` |
| [node-fetch](https://github.com/node-fetch/node-fetch) | `1.7.3` | `removed` |
| [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `15.6.2` | `19.1.0` |
| [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `15.6.2` | `19.1.0` |



Updates `express` from 4.17.1 to 4.20.0
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.17.1...4.20.0)

Updates `body-parser` from 1.19.0 to 1.20.3
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.19.0...1.20.3)

Updates `cookie` from 0.4.0 to 0.6.0
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Changelog](https://github.com/jshttp/cookie/blob/v0.6.0/HISTORY.md)
- [Commits](jshttp/cookie@v0.4.0...v0.6.0)

Updates `decode-uri-component` from 0.2.0 to 0.2.2
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

Updates `minimatch` from 3.0.4 to 3.1.2
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.0.4...v3.1.2)

Updates `minimist` from 1.2.5 to 1.2.8
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.5...v1.2.8)

Updates `path-to-regexp` from 0.1.7 to 0.1.10
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.10)

Updates `qs` from 6.7.0 to 6.11.0
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.7.0...v6.11.0)

Updates `semver` from 6.3.0 to 6.3.1
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v6.3.1/CHANGELOG.md)
- [Commits](npm/node-semver@v6.3.0...v6.3.1)

Updates `send` from 0.17.1 to 0.18.0
- [Release notes](https://github.com/pillarjs/send/releases)
- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)
- [Commits](pillarjs/send@0.17.1...0.18.0)

Updates `serve-static` from 1.14.1 to 1.16.0
- [Release notes](https://github.com/expressjs/serve-static/releases)
- [Changelog](https://github.com/expressjs/serve-static/blob/master/HISTORY.md)
- [Commits](expressjs/serve-static@v1.14.1...1.16.0)

Updates `express` from 4.17.1 to 4.21.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.17.1...4.20.0)

Updates `body-parser` from 1.19.0 to 1.20.3
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.19.0...1.20.3)

Updates `cookie` from 0.4.0 to 0.7.1
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Changelog](https://github.com/jshttp/cookie/blob/v0.6.0/HISTORY.md)
- [Commits](jshttp/cookie@v0.4.0...v0.6.0)

Updates `debug` from 2.6.8 to 2.6.9
- [Release notes](https://github.com/debug-js/debug/releases)
- [Changelog](https://github.com/debug-js/debug/blob/2.6.9/CHANGELOG.md)
- [Commits](debug-js/debug@2.6.8...2.6.9)

Updates `decode-uri-component` from 0.2.0 to 0.2.2
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

Updates `minimatch` from 3.0.3 to 3.1.2
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.0.4...v3.1.2)

Updates `react-scripts` from 1.0.10 to 5.0.1
- [Release notes](https://github.com/facebook/create-react-app/releases)
- [Changelog](https://github.com/facebook/create-react-app/blob/main/CHANGELOG-1.x.md)
- [Commits](https://github.com/facebook/create-react-app/commits/react-scripts@5.0.1/packages/react-scripts)

Updates `minimist` from 0.0.8 to 1.2.8
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.5...v1.2.8)

Updates `path-to-regexp` from 0.1.7 to 0.1.12
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.10)

Updates `qs` from 6.4.0 to 6.13.0
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.7.0...v6.11.0)

Updates `semver` from 5.3.0 to 6.3.1
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v6.3.1/CHANGELOG.md)
- [Commits](npm/node-semver@v6.3.0...v6.3.1)

Updates `send` from 0.17.1 to 0.19.0
- [Release notes](https://github.com/pillarjs/send/releases)
- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)
- [Commits](pillarjs/send@0.17.1...0.18.0)

Updates `serve-static` from 1.14.1 to 1.16.2
- [Release notes](https://github.com/expressjs/serve-static/releases)
- [Changelog](https://github.com/expressjs/serve-static/blob/master/HISTORY.md)
- [Commits](expressjs/serve-static@v1.14.1...1.16.0)

Updates `bootstrap` from 3.4.1 to 5.0.0
- [Release notes](https://github.com/twbs/bootstrap/releases)
- [Commits](twbs/bootstrap@v3.4.1...v5.0.0)

Updates `ansi-regex` from 2.1.1 to 5.0.1
- [Release notes](https://github.com/chalk/ansi-regex/releases)
- [Commits](chalk/ansi-regex@2.1.1...v5.0.1)

Updates `ansi-html` from 0.0.7 to 0.0.9
- [Commits](https://github.com/Tjatse/ansi-html/commits)

Updates `async` from 2.6.3 to 3.2.6
- [Release notes](https://github.com/caolan/async/releases)
- [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md)
- [Commits](caolan/async@v2.6.3...v3.2.6)

Updates `braces` from 1.8.5 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@1.8.5...3.0.3)

Updates `fsevents` from 1.1.2 to 2.3.3
- [Release notes](https://github.com/fsevents/fsevents/releases)
- [Commits](fsevents/fsevents@v1.1.2...v2.3.3)

Updates `glob-parent` from 2.0.0 to 5.1.2
- [Release notes](https://github.com/gulpjs/glob-parent/releases)
- [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md)
- [Commits](gulpjs/glob-parent@v2.0.0...v5.1.2)

Updates `cross-spawn` from 5.1.0 to 7.0.6
- [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md)
- [Commits](moxystudio/node-cross-spawn@5.1.0...v7.0.6)

Updates `postcss` from 5.2.18 to 7.0.39
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/7.0.39/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/commits/7.0.39)

Updates `follow-redirects` from 1.13.0 to 1.15.9
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.13.0...v1.15.9)

Updates `json-schema` from 0.2.3 to 0.4.0
- [Commits](kriszyp/json-schema@v0.2.3...v0.4.0)

Updates `tough-cookie` from 2.3.2 to 4.1.4
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v2.3.2...v4.1.4)

Updates `loader-utils` from 0.2.17 to 2.0.4
- [Release notes](https://github.com/webpack/loader-utils/releases)
- [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md)
- [Commits](webpack/loader-utils@v0.2.17...v2.0.4)

Updates `http-proxy-middleware` from 0.17.4 to 2.0.9
- [Release notes](https://github.com/chimurai/http-proxy-middleware/releases)
- [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.9/CHANGELOG.md)
- [Commits](chimurai/http-proxy-middleware@v0.17.4...v2.0.9)

Updates `json5` from 0.5.1 to 1.0.2
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v0.5.1...v1.0.2)

Updates `lodash` from 4.17.20 to 4.17.21
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.20...4.17.21)

Updates `micromatch` from 2.3.11 to 4.0.8
- [Release notes](https://github.com/micromatch/micromatch/releases)
- [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/micromatch@2.3.11...4.0.8)

Removes `node-fetch`

Updates `react` from 15.6.2 to 19.1.0
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.1.0/packages/react)

Updates `react-dom` from 15.6.2 to 19.1.0
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/v19.1.0/packages/react-dom)

Updates `node-forge` from 0.9.0 to 1.3.1
- [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md)
- [Commits](digitalbazaar/forge@0.9.0...v1.3.1)

Updates `shell-quote` from 1.6.1 to 1.8.3
- [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md)
- [Commits](ljharb/shell-quote@v1.6.1...v1.8.3)

Updates `webpack-dev-middleware` from 1.12.2 to 5.3.4
- [Release notes](https://github.com/webpack/webpack-dev-middleware/releases)
- [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md)
- [Commits](webpack/webpack-dev-middleware@v1.12.2...v5.3.4)

Updates `webpack-dev-server` from 2.5.0 to 4.15.2
- [Release notes](https://github.com/webpack/webpack-dev-server/releases)
- [Changelog](https://github.com/webpack/webpack-dev-server/blob/v4.15.2/CHANGELOG.md)
- [Commits](webpack/webpack-dev-server@v2.5.0...v4.15.2)

Updates `word-wrap` from 1.2.3 to 1.2.5
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5)

---
updated-dependencies:
- dependency-name: express
  dependency-version: 4.20.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: body-parser
  dependency-version: 1.20.3
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: cookie
  dependency-version: 0.6.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: decode-uri-component
  dependency-version: 0.2.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimist
  dependency-version: 1.2.8
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: path-to-regexp
  dependency-version: 0.1.10
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-version: 6.11.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: semver
  dependency-version: 6.3.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: send
  dependency-version: 0.18.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serve-static
  dependency-version: 1.16.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: express
  dependency-version: 4.21.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: body-parser
  dependency-version: 1.20.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cookie
  dependency-version: 0.7.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: debug
  dependency-version: 2.6.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: decode-uri-component
  dependency-version: 0.2.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: react-scripts
  dependency-version: 5.0.1
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: minimist
  dependency-version: 1.2.8
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: path-to-regexp
  dependency-version: 0.1.12
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-version: 6.13.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: semver
  dependency-version: 6.3.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: send
  dependency-version: 0.19.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serve-static
  dependency-version: 1.16.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: bootstrap
  dependency-version: 5.0.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: ansi-regex
  dependency-version: 5.0.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ansi-html
  dependency-version: 0.0.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: async
  dependency-version: 3.2.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-version: 3.0.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: fsevents
  dependency-version: 2.3.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: glob-parent
  dependency-version: 5.1.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cross-spawn
  dependency-version: 7.0.6
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-version: 7.0.39
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-version: 1.15.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: json-schema
  dependency-version: 0.4.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: tough-cookie
  dependency-version: 4.1.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: loader-utils
  dependency-version: 2.0.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: http-proxy-middleware
  dependency-version: 2.0.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: json5
  dependency-version: 1.0.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: lodash
  dependency-version: 4.17.21
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: micromatch
  dependency-version: 4.0.8
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: node-fetch
  dependency-version: 
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: react
  dependency-version: 19.1.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: react-dom
  dependency-version: 19.1.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: node-forge
  dependency-version: 1.3.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: shell-quote
  dependency-version: 1.8.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: webpack-dev-middleware
  dependency-version: 5.3.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: webpack-dev-server
  dependency-version: 4.15.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: word-wrap
  dependency-version: 1.2.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants