Bump the npm_and_yarn group across 1 directory with 14 updates #131

dependabot · 2024-03-28T10:12:03Z

Bumps the npm_and_yarn group with 8 updates in the / directory:

Package	From	To
gatsby	`2.20.25`	`4.25.7`
gatsby-plugin-sharp	`2.5.6`	`4.25.1`
gatsby-transformer-remark	`2.7.3`	`5.25.1`
decode-uri-component	`0.2.0`	`0.2.2`
minimist	`0.2.1`	`0.2.4`
qs	`6.5.2`	`6.5.3`
simple-git	`2.6.0`	``
graphql-tools	`6.0.10`	`6.2.6`

Updates gatsby from 2.20.25 to 4.25.7

Release notes

Sourced from gatsby's releases.

v4.24

Welcome to gatsby@4.24.0 release (September 2022 #2)

Key highlights of this release:

Gatsby 5 Alpha

Updating File System Routes on data changes

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.23

Welcome to gatsby@4.23.0 release (September 2022 #1)

Key highlights of this release:

Open RFCs

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.22

Welcome to gatsby@4.22.0 release (August 2022 #3)

Key highlights of this release:

Open RFCs

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.21

Welcome to gatsby@4.21.0 release (August 2022 #2)

Key highlights of this release:

gatsby-plugin-mdx v4

Open RFCs

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

... (truncated)

Commits

db5eb18 chore(release): Publish
fc22f4b fix(gatsby): don't serve codeframes for files outside of compilation (#38059)...
8889bfe chore(release): Publish
d3d5fd0 fix(gatsby-source-wordpress): prevent inconsistent schema customization (#377...
5bdef4a fix(gatsby): don't block event loop during inference (#37780) (#37801)
50e3f94 chore(release): Publish
3f8477d chore: Update get-unowned-packages script to use npm 9 syntax
dcf88ed fix(gatsby-plugin-sharp): don't serve static assets that are not result of cu...
3be4a80 chore(release): Publish
98c4d27 feat(gatsby): add initial webhook body env var to bootstrap context (#37478) ...
Additional commits viewable in compare view

Updates gatsby-plugin-sharp from 2.5.6 to 4.25.1

Release notes

Sourced from gatsby-plugin-sharp's releases.

v4.24

Welcome to gatsby@4.24.0 release (September 2022 #2)

Key highlights of this release:

Gatsby 5 Alpha

Updating File System Routes on data changes

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.23

Welcome to gatsby@4.23.0 release (September 2022 #1)

Key highlights of this release:

Open RFCs

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.22

Welcome to gatsby@4.22.0 release (August 2022 #3)

Key highlights of this release:

Open RFCs

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.21

Welcome to gatsby@4.21.0 release (August 2022 #2)

Key highlights of this release:

gatsby-plugin-mdx v4

Open RFCs

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

... (truncated)

Changelog

Sourced from gatsby-plugin-sharp's changelog.

Changelog: gatsby-plugin-sharp

All notable changes to this project will be documented in this file. See Conventional Commits for commit guidelines.

5.13.1 (2024-01-23)

Note: Version bump only for package gatsby-plugin-sharp

5.13.0 (2023-12-18)

🧾 Release notes

Chores

upgrade sharp to latest v0.32.6 #38374 (ca15ef3)

5.12.3 (2023-10-26)

Note: Version bump only for package gatsby-plugin-sharp

5.12.2 (2023-10-20)

Note: Version bump only for package gatsby-plugin-sharp

5.12.1 (2023-10-09)

Chores

upgrade sharp to latest v0.32.6 #38374 #38617 (f1a4107)

5.12.0 (2023-08-24)

🧾 Release notes

Bug Fixes

update dependency semver to ^7.5.3 #38296 (11e64e2)

5.11.0 (2023-06-15)

🧾 Release notes

Chores

update semver #38171 (208cdef)

5.10.0 (2023-05-16)

🧾 Release notes

... (truncated)

Commits

50e3f94 chore(release): Publish
dcf88ed fix(gatsby-plugin-sharp): don't serve static assets that are not result of cu...
5e72a5d chore(release): Publish
2dc715d chore: remove tracedSVG (#37093) (#37127)
9f4c0b9 chore(release): Publish
87f280a chore(release): Publish next
ea00e12 chore(release): Publish next
6815536 chore(release): Publish next
53a4e5a chore(changelogs): update changelogs (#36605)
ba43263 chore(release): Publish next pre-minor
Additional commits viewable in compare view

Updates gatsby-transformer-remark from 2.7.3 to 5.25.1

Release notes

Sourced from gatsby-transformer-remark's releases.

v5.13.0

Welcome to gatsby@5.13.0 release (December 2023 #1)

Key highlight of this release:

Custom Image and File CDN URL generators

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.12.0

Welcome to gatsby@5.12.0 release (August 2023 #1)

Key highlight of this release:

Adapters

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

v5.11.0

Welcome to gatsby@5.11.0 release (June 2023 #1)

Key highlights of this release:

RFC: Adapters

gatsby-source-wordpress: Support for multiple instances

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.10.0

Welcome to gatsby@5.10.0 release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to gatsby@5.9.0 release (April 2023 #1)

... (truncated)

Changelog

Sourced from gatsby-transformer-remark's changelog.

Changelog: gatsby-transformer-remark

All notable changes to this project will be documented in this file. See Conventional Commits for commit guidelines.

6.13.1 (2024-01-23)

Note: Version bump only for package gatsby-transformer-remark

6.13.0 (2023-12-18)

🧾 Release notes

Note: Version bump only for package gatsby-transformer-remark

6.12.3 (2023-10-26)

Note: Version bump only for package gatsby-transformer-remark

6.12.2 (2023-10-20)

Note: Version bump only for package gatsby-transformer-remark

6.12.1 (2023-10-09)

Note: Version bump only for package gatsby-transformer-remark

6.12.0 (2023-08-24)

🧾 Release notes

Bug Fixes

update dependency sanitize-html to ^2.11.0 for gatsby-transformer-remark #38315 (87a3412)

6.11.0 (2023-06-15)

🧾 Release notes

Note: Version bump only for package gatsby-transformer-remark

6.10.0 (2023-05-16)

🧾 Release notes

Note: Version bump only for package gatsby-transformer-remark

6.9.0 (2023-04-18)

🧾 Release notes

... (truncated)

Commits

4dcca80 chore(release): Publish
59076c8 fix(gatsby-transformer-remark): Disallow JS frontmatter by default (#37244) (...
5e72a5d chore(release): Publish
9f4c0b9 chore(release): Publish
87f280a chore(release): Publish next
ea00e12 chore(release): Publish next
53a4e5a chore(changelogs): update changelogs (#36605)
ba43263 chore(release): Publish next pre-minor
3bc957b chore(changelogs): update changelogs (#36501)
232d3b6 chore(release): Publish next
Additional commits viewable in compare view

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

Switch to GitHub workflows 76abc93

Fix issue where decode throws - fixes #6 746ca5d

Update license (#1) 486d7e2

Tidelift tasks a650457

Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

a0eea46 0.2.2
980e0bf Prevent overwriting previously decoded tokens
3c8a373 0.2.1
76abc93 Switch to GitHub workflows
746ca5d Fix issue where decode throws - fixes #6
486d7e2 Update license (#1)
a650457 Tidelift tasks
66e1c28 Meta tweaks
See full diff in compare view

Updates engine.io from 3.4.1 to 6.2.1

Release notes

Sourced from engine.io's releases.

6.2.1

⚠️ This release contains an important security fix ⚠️

A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:
Error: read ECONNRESET
    at TCP.onStreamRead (internal/stream_base_commons.js:209:20)
Emitted 'error' event on Socket instance at:
    at emitErrorNT (internal/streams/destroy.js:106:8)
    at emitErrorCloseNT (internal/streams/destroy.js:74:3)
    at processTicksAndRejections (internal/process/task_queues.js:80:21) {
  errno: -104,
  code: 'ECONNRESET',
  syscall: 'read'
}
Please upgrade as soon as possible.

Bug Fixes

catch errors when destroying invalid upgrades (#658) (425e833)

6.2.0

Features

add the "maxPayload" field in the handshake details (088dcb4)

So that clients in HTTP long-polling can decide how many packets they have to send to stay under the maxHttpBufferSize value.

This is a backward compatible change which should not mandate a new major revision of the protocol (we stay in v4), as we only add a field in the JSON-encoded handshake data:
0{"sid":"lv_VI97HAXpY6yYWAAAC","upgrades":["websocket"],"pingInterval":25000,"pingTimeout":5000,"maxPayload":1000000}
Links

Diff: socketio/engine.io@6.1.3...6.2.0

Client release: 6.2.0

ws version: ~8.2.3

6.1.3

Bug Fixes

typings: allow CorsOptionsDelegate as cors options (#641) (a463d26)

uws: properly handle chunked content (#642) (3367440)

... (truncated)

Changelog

Sourced from engine.io's changelog.

6.2.1 (2022-11-20)

⚠️ This release contains an important security fix ⚠️

A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:
Error: read ECONNRESET
    at TCP.onStreamRead (internal/stream_base_commons.js:209:20)
Emitted 'error' event on Socket instance at:
    at emitErrorNT (internal/streams/destroy.js:106:8)
    at emitErrorCloseNT (internal/streams/destroy.js:74:3)
    at processTicksAndRejections (internal/process/task_queues.js:80:21) {
  errno: -104,
  code: 'ECONNRESET',
  syscall: 'read'
}
Please upgrade as soon as possible.

Bug Fixes

catch errors when destroying invalid upgrades (#658) (425e833)

Dependencies

ws@~8.2.3 (no change)

3.6.0 (2022-06-06)

Bug Fixes

add extension in the package.json main entry (#608) (3ad0567)

do not reset the ping timer after upgrade (1f5d469), closes socketio/socket.io-client-swift#1309

Features

decrease the default value of maxHttpBufferSize (58e274c)

This change reduces the default value from 100 mb to a more sane 1 mb.

This helps protect the server against denial of service attacks by malicious clients sending huge amounts of data.

See also: GHSA-j4f2-536g-r55m

... (truncated)

Commits

24b847b chore(release): 6.2.1
425e833 fix: catch errors when destroying invalid upgrades (#658)
99adb00 chore(deps): bump xmlhttprequest-ssl and engine.io-client in /examples/latenc...
d196f6a chore(deps): bump minimatch from 3.0.4 to 3.1.2 (#660)
7c1270f chore(deps): bump nanoid from 3.1.25 to 3.3.1 (#659)
535a01d ci: add Node.js 18 in the test matrix
1b71a6f docs: remove "Vanilla JS" highlight from README (#656)
917d1d2 refactor: replace deprecated String.prototype.substr() (#646)
020801a chore: add changelog for version 3.6.0
ed1d6f9 test: make test script work on Windows (#643)
Additional commits viewable in compare view

Updates flat from 4.1.0 to 5.0.2

Commits

e5ffd66 Release 5.0.2
fdb79d5 Update dependencies, refresh lockfile, format with standard.
e52185d Test against node 14 in CI.
0189cb1 Avoid arrow function syntax.
f25d3a1 Release 5.0.1
54cc7ad use standard formatting
779816e drop dependencies
2eea6d3 Bump lodash from 4.17.15 to 4.17.19
a61a554 Bump acorn from 7.1.0 to 7.4.0
20ef0ef Fix prototype pollution on unflatten
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by timoxley, a new releaser for flat since your current version.

Updates minimatch from 3.0.3 to 3.0.4

Commits

e46989a v3.0.4
ddfacbd update brace-expansion
55ed736 update package scripts and deps
See full diff in compare view

Updates minimist from 0.2.1 to 0.2.4

Changelog

Sourced from minimist's changelog.

v0.2.4 - 2023-02-24

Commits

[Tests] check side-effects of pollution protection 3dbebff

[Robustness] rework isConstructorOrProto 34e20b8

[Dev Deps] update tape d031f9b

v0.2.3 - 2023-02-09

Merged

[Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)

[Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)

[Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

[Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)

[Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)

[Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

[eslint] fix indentation and whitespace e5f5067

[eslint] more cleanup 36ac5d0

[eslint] fix indentation 34b0f1c

isConstructorOrProto adapted from PR ef9153f

[Dev Deps] update @ljharb/eslint-config, aud 098873c

[Dev Deps] add missing npmignore dev dep 3226afa

v0.2.2 - 2022-10-10

Commits

[meta] add auto-changelog 73923d2

[actions] add reusable workflows d80727d

[eslint] add eslint; rules to enable later are warnings 48bc06a

[readme] rename and add badges 5df0fe4

[Dev Deps] switch from covert to nyc a48b128

[Dev Deps] update covert, tape; remove unnecessary tap f0fb958

[meta] create FUNDING.yml; add funding in package.json 3639e0c

[meta] use npmignore to autogenerate an npmignore file be2e038

Only apps should have lockfiles 282b570

[meta] add safe-publish-latest 4b927de

[Tests] add aud in posttest b32d9bd

[meta] update repo URLs f9fdfc0

Commits

8c6be48 v0.2.4
d031f9b [Dev Deps] update tape
3dbebff [Tests] check side-effects of pollution protection
34e20b8 [Robustness] rework isConstructorOrProto
c0b2661 v0.2.3
63b8fee [Fix] Fix long option followed by single dash (#17)
72239e6 [Tests] Remove duplicate test (#12)
34b0f1c [eslint] fix indentation
3226afa [Dev Deps] add missing npmignore dev dep
098873c [Dev Deps] update @ljharb/eslint-config, aud
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.

Updates http-cache-semantics from 3.8.1 to 4.1.0

Commits

ed83aec Explain trust server date
1b35980 rfc 5861 (stale-if-error, stale-while-revalidate)
2c2fac2 Drop trustServerDate
eb7028f Test names
84cc9a8 Bump
ae5ecd5 Add status to tests
385b5d3 Minor storable bug
8ff37cb Fix test
1988c3f Rename var
7160146 Merge pull request #24 from non-binary/nb/fix-validators-typo
Additional commits viewable in compare view

Updates qs from 6.5.2 to 6.5.3

Changelog

Sourced from qs's changelog.

6.5.3

[Fix] parse: ignore __proto__ keys (#428)

[Fix] utils.merge: avoid a crash with a null target and a truthy non-array source

[Fix] correctly parse nested arrays

[Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)

[Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided

[Fix] when parseArrays is false, properly handle keys ending in []

[Fix] fix for an impossible situation: when the formatter is called with a non-string value

[Fix] utils.merge: avoid a crash with a null target and an array source

[Refactor] utils: reduce observable [[Get]]s

[Refactor] use cached Array.isArray

[Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)

[Refactor] parse: only need to reassign the var once

[Robustness] stringify: avoid relying on a global undefined (#427)

[readme] remove travis badge; add github actions/codecov badges; update URLs

[Docs] Clean up license text so it’s properly detected as BSD-3-Clause

[Docs] Clarify the need for "arrayLimit" option

[meta] fix README.md (#399)

[meta] add FUNDING.yml

[actions] backport actions from main

[Tests] always use String(x) over x.toString()

[Tests] remove nonexistent tape option

[Dev Deps] backport from main

Commits

298bfa5 v6.5.3
ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
12ac1c4 [meta] fix README.md (#399)
0338716 [actions] backport actions from main
5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
51b8a0b add FUNDING.yml
45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
f814a7f [Dev Deps] backport from main
Additional commits viewable in compare view

Removes simple-git

Updates graphql-tools from 6.0.10 to 6.2.6

Changelog

Sourced from graphql-tools's changelog.

6.2.6

Patch Changes

96a7555d: Fix release

Last PATCH release actually transitively updated graphql-tools and @graphql-tools/delegate to use latest MAJOR version of dependencies.

Updated dependencies [96a7555d]

@graphql-tools/batch-delegate@6.2.6

6.2.5

Patch Changes

Updated dependencies [be1a1575]

@graphql-tools/batch-execute@7.0.0

@graphql-tools/delegate@7.0.0

@graphql-tools/mock@7.0.0

@graphql-tools/schema@7.0.0

@graphql-tools/stitch@7.0.0

@graphql-tools/utils@7.0.0

@graphql-tools/wrap@7.0.0

@graphql-tools/links@6.2.5

@graphql-tools/merge@6.2.5

@graphql-tools/batch-delegate@6.2.5

@graphql-tools/url-loader@6.3.1

@graphql-tools/graphql-tag-pluck@6.2.6

@graphql-tools/load@6.2.5

@graphql-tools/code-file-loader@6.2.5

@graphql-tools/git-loader@6.2.5

@graphql-tools/github-loader@6.2.5

@graphql-tools/graphql-file-loader@6.2.5

@graphql-tools/json-file-loader@6.2.5

@graphql-tools/module-loader@6.2.5

@graphql-tools/relay-operation-optimizer@6.2.5

@graphql-tools/resolvers-composition@6.2.5

6.2.4

Patch Changes

533d6d53: Bump all packages to allow adjustments

Updated dependencies [32c3c4f8]

Updated dependencies [32c3c4f8]

Updated dependencies [32c3c4f8]

Updated dependencies [32c3c4f8]

Updated dependencies [32c3c4f8]

Updated dependencies [533d6d53]

@graphql-tools/stitch@6.2.4

... (truncated)

Commits

69d8499 chore(release): update monorepo packages versions (#2132)
96a7555 fix(release): don't transitively update to v7 (#2131)
9468a46 chore(release): update monorepo packages versions (#2129)
be1a157 v7 (#1935)
6ba5acc chore(release): update monorepo packages versions (#2077)
533d6d5 introduce changesets to manage release and canary flows (#2008)
3aa8565 v6.2.3
63a176d v6.2.2
42a11d9 v6.2.1
427093b Add an additional ES5-compatible bundle (#1909)
Additional commits viewable in compare view

Updates socket.io-parser from 3.3.0 to 4.2.4

Release notes

Sourced from socket.io-parser's releases.

4.2.4

Bug Fixes

ensure reserved events cannot be used as event names (d9db473)

properly detect plain objects (b0e6400)

Links

Diff: socketio/socket.io-parser@4.2.3...4.2.4

4.2.3

⚠️ This release contains an important security fix ⚠️

A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:
TypeError: Cannot convert object to primitive value
       at Socket.emit (node:events:507:25)
       at .../node_modules/socket.io/lib/socket.js:531:14
Please upgrade as soon as possible.

Bug Fixes

check the format of the event name (3b78117)

Links

Diff: socketio/socket.io-parser@4.2.2...4.2.3

4.2.2

Bug Fixes

calling destroy() should clear all internal state (22c42e3)

do not modify the input packet upon encoding (ae8dd88)

Links

Diff: socketio/socket.io-parser@4.2.1...4.2.2

4.2.1

Bug Fixes

check the format of the index of each attachment (b5d0cb7)

Links

Diff: socketio/socket.io-parser@4.2.0...4.2.1

... (truncated)

Changelog

Sourced from socket.io-parser's changelog.

4.2.4 (2023-05-31)

Bug Fixes

ensure reserved events cannot be used as event names (d9db473)

properly detect plain objects (b0e6400)

3.4.3 (2023-05-22)

Bug Fixes

check the format of the event name (2dc3c92)

4.2.3 (2023-05-22)

Bug Fixes

check the format of the event name (3b78117)

4.2.2 (2023-01-19)

Bug Fixes

calling destroy() should clear all internal state (22c42e3)

do not modify the input packet upon encoding (ae8dd88)

3.3.3 (2022-11-09)

Bug Fixes

check the format of the index of each attachment (fb21e42)

3.4.2 (2022-11-09)

... (truncated)

Commits

164ba2a chore(release): 4.2.4
b0e6400 fix: properly detect plain objects
d9db473 fix: ensure reserved events cannot be used as event names
6a5a004 docs(changelog): include changelog for release 3.4.3
b6c824f chore(release): 4.2.3
dcc70d9 refactor: export typescript declarations for the commonjs build
3b78117 fix: check the format of the event name
0841bd5 chore: bump ua-parser-js from 1.0.32 to 1.0.33 (#121)
28dd668 chore(release): 4.2.2
22c42e3 fix: calling destroy() should clear all internal state
Additional commits viewable in compare view

Updates `ua-pa...

Description has been truncated

Bumps the npm_and_yarn group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [gatsby](https://github.com/gatsbyjs/gatsby) | `2.20.25` | `4.25.7` | | [gatsby-plugin-sharp](https://github.com/gatsbyjs/gatsby/tree/HEAD/packages/gatsby-plugin-sharp) | `2.5.6` | `4.25.1` | | [gatsby-transformer-remark](https://github.com/gatsbyjs/gatsby/tree/HEAD/packages/gatsby-transformer-remark) | `2.7.3` | `5.25.1` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [minimist](https://github.com/minimistjs/minimist) | `0.2.1` | `0.2.4` | | [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.5.3` | | [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `2.6.0` | `` | | [graphql-tools](https://github.com/ardatan/graphql-tools/tree/HEAD/packages/graphql-tools) | `6.0.10` | `6.2.6` | Updates `gatsby` from 2.20.25 to 4.25.7 - [Release notes](https://github.com/gatsbyjs/gatsby/releases) - [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/CHANGELOG.md) - [Commits](https://github.com/gatsbyjs/gatsby/compare/gatsby@2.20.25...gatsby@4.25.7) Updates `gatsby-plugin-sharp` from 2.5.6 to 4.25.1 - [Release notes](https://github.com/gatsbyjs/gatsby/releases) - [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-plugin-sharp/CHANGELOG.md) - [Commits](https://github.com/gatsbyjs/gatsby/commits/gatsby-plugin-sharp@4.25.1/packages/gatsby-plugin-sharp) Updates `gatsby-transformer-remark` from 2.7.3 to 5.25.1 - [Release notes](https://github.com/gatsbyjs/gatsby/releases) - [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-transformer-remark/CHANGELOG.md) - [Commits](https://github.com/gatsbyjs/gatsby/commits/gatsby-transformer-remark@5.25.1/packages/gatsby-transformer-remark) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `engine.io` from 3.4.1 to 6.2.1 - [Release notes](https://github.com/socketio/engine.io/releases) - [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md) - [Commits](socketio/engine.io@3.4.1...6.2.1) Updates `flat` from 4.1.0 to 5.0.2 - [Release notes](https://github.com/hughsk/flat/releases) - [Commits](hughsk/flat@4.1.0...5.0.2) Updates `minimatch` from 3.0.3 to 3.0.4 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.3...v3.0.4) Updates `minimist` from 0.2.1 to 0.2.4 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v0.2.1...v0.2.4) Updates `http-cache-semantics` from 3.8.1 to 4.1.0 - [Commits](kornelski/http-cache-semantics@v3.8.1...v4.1.0) Updates `qs` from 6.5.2 to 6.5.3 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.2...v6.5.3) Removes `simple-git` Updates `graphql-tools` from 6.0.10 to 6.2.6 - [Release notes](https://github.com/ardatan/graphql-tools/releases) - [Changelog](https://github.com/ardatan/graphql-tools/blob/master/packages/graphql-tools/CHANGELOG.md) - [Commits](https://github.com/ardatan/graphql-tools/commits/graphql-tools@6.2.6/packages/graphql-tools) Updates `socket.io-parser` from 3.3.0 to 4.2.4 - [Release notes](https://github.com/socketio/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io-parser@3.3.0...4.2.4) Updates `ua-parser-js` from 0.7.21 to 1.0.37 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/1.0.37/changelog.md) - [Commits](faisalman/ua-parser-js@0.7.21...1.0.37) --- updated-dependencies: - dependency-name: gatsby dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: gatsby-plugin-sharp dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: gatsby-transformer-remark dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: engine.io dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: flat dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: minimatch dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: http-cache-semantics dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: simple-git dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: graphql-tools dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Mar 28, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 1 directory with 14 updates #131

Bump the npm_and_yarn group across 1 directory with 14 updates #131

dependabot bot commented on behalf of github Mar 28, 2024

Bump the npm_and_yarn group across 1 directory with 14 updates #131

Are you sure you want to change the base?

Bump the npm_and_yarn group across 1 directory with 14 updates #131

Conversation

dependabot bot commented on behalf of github Mar 28, 2024

v4.24

v4.23

v4.22

v4.21

v4.24

v4.23

v4.22

v4.21

Changelog: gatsby-plugin-sharp

5.13.1 (2024-01-23)

5.13.0 (2023-12-18)

Chores

5.12.3 (2023-10-26)

5.12.2 (2023-10-20)

5.12.1 (2023-10-09)

Chores

5.12.0 (2023-08-24)

Bug Fixes

5.11.0 (2023-06-15)

Chores

5.10.0 (2023-05-16)

v5.13.0

v5.12.0

v5.11.0

v5.10.0

v5.9.0

Changelog: gatsby-transformer-remark

6.13.1 (2024-01-23)

6.13.0 (2023-12-18)

6.12.3 (2023-10-26)

6.12.2 (2023-10-20)

6.12.1 (2023-10-09)

6.12.0 (2023-08-24)

Bug Fixes

6.11.0 (2023-06-15)

6.10.0 (2023-05-16)

6.9.0 (2023-04-18)

v0.2.2

v0.2.1

6.2.1

Bug Fixes

6.2.0

Features

Links

6.1.3

Bug Fixes

6.2.1 (2022-11-20)

Bug Fixes

Dependencies

3.6.0 (2022-06-06)

Bug Fixes

Features

v0.2.4 - 2023-02-24

Commits

v0.2.3 - 2023-02-09

Merged

Fixed

Commits

v0.2.2 - 2022-10-10

Commits

6.5.3

6.2.6

Patch Changes

6.2.5

Patch Changes

6.2.4

Patch Changes

4.2.4

Bug Fixes

Links

4.2.3

Bug Fixes

Links

4.2.2

Bug Fixes

Changelog: `gatsby-plugin-sharp`

Changelog: `gatsby-transformer-remark`