Bump the zeppelin-web-angular-security-updates group across 1 directory with 13 updates#5280
Open
dependabot[bot] wants to merge 1 commit into
Conversation
…ry with 13 updates Bumps the zeppelin-web-angular-security-updates group with 8 updates in the /zeppelin-web-angular directory: | Package | From | To | | --- | --- | --- | | [@angular/common](https://github.com/angular/angular/tree/HEAD/packages/common) | `21.2.15` | `21.2.17` | | [@angular/compiler](https://github.com/angular/angular/tree/HEAD/packages/compiler) | `21.2.15` | `21.2.17` | | [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) | `21.2.15` | `21.2.17` | | [rollup](https://github.com/rollup/rollup) | `0.25.8` | `4.60.4` | | [hono](https://github.com/honojs/hono) | `4.12.23` | `4.12.28` | | [js-yaml](https://github.com/nodeca/js-yaml) | `4.1.1` | `4.3.0` | | [shell-quote](https://github.com/ljharb/shell-quote) | `1.8.3` | `1.8.4` | | [tar](https://github.com/isaacs/node-tar) | `7.5.15` | `7.5.19` | Updates `@angular/common` from 21.2.15 to 21.2.17 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v21.2.17/packages/common) Updates `@angular/compiler` from 21.2.15 to 21.2.17 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v21.2.17/packages/compiler) Updates `@angular/core` from 21.2.15 to 21.2.17 - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/main/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/v21.2.17/packages/core) Updates `vite` from 7.3.2 to 7.3.6 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v7.3.6/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v7.3.6/packages/vite) Updates `rollup` from 0.25.8 to 4.60.4 - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG-0.md) - [Commits](rollup/rollup@v0.25.8...v4.60.4) Updates `hono` from 4.12.23 to 4.12.28 - [Release notes](https://github.com/honojs/hono/releases) - [Commits](honojs/hono@v4.12.23...v4.12.28) Updates `http-proxy-middleware` from 2.0.9 to 2.0.10 - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.10/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v2.0.9...v2.0.10) Updates `js-yaml` from 4.1.1 to 4.3.0 - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](nodeca/js-yaml@4.1.1...4.3.0) Updates `launch-editor` from 2.14.0 to 2.14.1 - [Commits](vitejs/launch-editor@v2.14.0...v2.14.1) Updates `shell-quote` from 1.8.3 to 1.8.4 - [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md) - [Commits](ljharb/shell-quote@v1.8.3...v1.8.4) Updates `piscina` from 5.1.4 to 5.2.0 - [Release notes](https://github.com/piscinajs/piscina/releases) - [Changelog](https://github.com/piscinajs/piscina/blob/v5.2.0/CHANGELOG.md) - [Commits](piscinajs/piscina@v5.1.4...v5.2.0) Updates `tar` from 7.5.15 to 7.5.19 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v7.5.15...v7.5.19) Updates `webpack-dev-server` from 5.2.3 to 5.2.5 - [Release notes](https://github.com/webpack/webpack-dev-server/releases) - [Changelog](https://github.com/webpack/webpack-dev-server/blob/main/CHANGELOG.md) - [Commits](webpack/webpack-dev-server@v5.2.3...v5.2.5) --- updated-dependencies: - dependency-name: "@angular/common" dependency-version: 21.2.17 dependency-type: direct:production dependency-group: zeppelin-web-angular-security-updates - dependency-name: "@angular/compiler" dependency-version: 21.2.17 dependency-type: direct:production dependency-group: zeppelin-web-angular-security-updates - dependency-name: "@angular/core" dependency-version: 21.2.17 dependency-type: direct:production dependency-group: zeppelin-web-angular-security-updates - dependency-name: vite dependency-version: 7.3.6 dependency-type: indirect dependency-group: zeppelin-web-angular-security-updates - dependency-name: rollup dependency-version: 4.60.4 dependency-type: indirect dependency-group: zeppelin-web-angular-security-updates - dependency-name: hono dependency-version: 4.12.28 dependency-type: indirect dependency-group: zeppelin-web-angular-security-updates - dependency-name: http-proxy-middleware dependency-version: 2.0.10 dependency-type: indirect dependency-group: zeppelin-web-angular-security-updates - dependency-name: js-yaml dependency-version: 4.3.0 dependency-type: indirect dependency-group: zeppelin-web-angular-security-updates - dependency-name: launch-editor dependency-version: 2.14.1 dependency-type: indirect dependency-group: zeppelin-web-angular-security-updates - dependency-name: shell-quote dependency-version: 1.8.4 dependency-type: indirect dependency-group: zeppelin-web-angular-security-updates - dependency-name: piscina dependency-version: 5.2.0 dependency-type: indirect dependency-group: zeppelin-web-angular-security-updates - dependency-name: tar dependency-version: 7.5.19 dependency-type: indirect dependency-group: zeppelin-web-angular-security-updates - dependency-name: webpack-dev-server dependency-version: 5.2.5 dependency-type: indirect dependency-group: zeppelin-web-angular-security-updates ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the zeppelin-web-angular-security-updates group with 8 updates in the /zeppelin-web-angular directory:
21.2.1521.2.1721.2.1521.2.1721.2.1521.2.170.25.84.60.44.12.234.12.284.1.14.3.01.8.31.8.47.5.157.5.19Updates
@angular/commonfrom 21.2.15 to 21.2.17Release notes
Sourced from @angular/common's releases.
... (truncated)
Changelog
Sourced from @angular/common's changelog.
... (truncated)
Commits
86a56dcfix(common): Limits date format string lengthbcb1b7efix(http): preserve empty referrer option in HttpRequesta810a31fix(http): Rejects non-HTTP(S) URLs in JSONP requestsbc55749fix(common): use cryptographically secure SHA-256 for transfer cache key gene...d846326fix(common): skip transfer cache for uncacheable HTTP traffice245d40fix(http): skip transfer cache for fetch credentialed requestsf6d8e64fix(common): only strip a literal /index.html suffix from URLsUpdates
@angular/compilerfrom 21.2.15 to 21.2.17Release notes
Sourced from @angular/compiler's releases.
... (truncated)
Changelog
Sourced from @angular/compiler's changelog.
... (truncated)
Commits
dc9c996fix(compiler): sanitize two-way propertiesae1c8a1fix(compiler): move projection attributes into constantsUpdates
@angular/corefrom 21.2.15 to 21.2.17Release notes
Sourced from @angular/core's releases.
... (truncated)
Changelog
Sourced from @angular/core's changelog.
... (truncated)
Commits
88832c8fix(core): validate lowercase SVG animation attribute names (#69269)3551074fix(platform-server): harden platform location origin validation during SSRbc55749fix(common): use cryptographically secure SHA-256 for transfer cache key gene...d846326fix(common): skip transfer cache for uncacheable HTTP traffice245d40fix(http): skip transfer cache for fetch credentialed requests1523061fix(core): harden TransferState restoration against DOM clobbering736c4abrefactor(core): fix broken unit test.3fd6897fix(core): harden inherit definition feature against polluted prototypes7e38336fix(core): use Object.create(null) for LOCALE_DATA as a hardening measureUpdates
vitefrom 7.3.2 to 7.3.6Release notes
Sourced from vite's releases.
Changelog
Sourced from vite's changelog.
Commits
0a7b53brelease: v7.3.6a24931efeat: allow esbuild 0.28 (#22743)077945crelease: v7.3.58a6a0c9chore: skip v7.3.4 release8c18556fix: backport #22572, reject windows alternate paths (#22574)f20d64bfix(deps): backport #22571, reject UNC paths for launch-editor-middleware (#2...ca31424release: v7.3.35ab51c0fix: avoid destructure lowering for newer safari (#22346)Updates
rollupfrom 0.25.8 to 4.60.4Release notes
Sourced from rollup's releases.
... (truncated)
Changelog
Sourced from rollup's changelog.
... (truncated)
Commits
d311a844.60.46aa3248fix: stabilize chunk assignment across parallel file reads (#6362)82a0fe7Resolve vulnerabilities (#6375)71f5ebcchore(deps): update dependency lru-cache to v11 (#6371)af91d77chore(deps): lock file maintenance (#6373)65e7b94chore(deps): update react monorepo to v19 (major) (#6372)642587ffix(deps): update minor/patch updates (#6370)b47bdab4.60.315c5f33Add again some unneeded dev dependencies, to make some builds succeed12195dcfix: do not rename nested "exports" bindings that do not conflict (#6360)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for rollup since your current version.
Install script changes
This version adds
preparescript that runs during installation. Review the package contents before updating.Updates
honofrom 4.12.23 to 4.12.28Release notes
Sourced from hono's releases.
... (truncated)
Commits
626b1854.12.28d6b1d32docs(context-storage): fix JSDoc (#5086)45b081bfix(aws-lambda): detect V2 events by request context, not rawPath alone (#5033)a05813cchore: bumpdevDependencies(#5085)872997dfix(bun): report the requested subprotocol on WSContext.protocol (#5059)82b321bfix: avoid circular dependency between body.ts and request.ts (#5071)b20d422fix(utils/body,validator): normalize Content-Type media type for case-insensi...9728702chore: don't publish*.tsbuildinfo(#5066)ed8795edocs(MIGRATION): fix req.raw.headers reference (property, not method) (#5047)03a9416fix(serve-static): treat empty string content as found (#5062)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for hono since your current version.
Updates
http-proxy-middlewarefrom 2.0.9 to 2.0.10Release notes
Sourced from http-proxy-middleware's releases.