Bump the security group across 6 directories with 13 updates#1734
Open
dependabot[bot] wants to merge 1 commit into
Open
Bump the security group across 6 directories with 13 updates#1734dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub. 2 Skipped Deployments
|
2016d12 to
38282d4
Compare
bfba319 to
452f8ff
Compare
--- updated-dependencies: - dependency-name: "@angular/common" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: security - dependency-name: "@angular/common" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: security - dependency-name: "@angular/common" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: security - dependency-name: "@angular/common" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: security - dependency-name: "@angular/compiler" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: security - dependency-name: "@angular/compiler" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: security - dependency-name: "@angular/compiler" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: security - dependency-name: "@angular/compiler" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: security - dependency-name: "@angular/core" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: security - dependency-name: "@angular/core" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: security - dependency-name: "@angular/core" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: security - dependency-name: "@angular/core" dependency-version: 20.3.25 dependency-type: direct:production dependency-group: security - dependency-name: "@babel/core" dependency-version: 7.29.6 dependency-type: direct:development dependency-group: security - dependency-name: "@babel/core" dependency-version: 7.29.6 dependency-type: direct:development dependency-group: security - dependency-name: "@babel/core" dependency-version: 7.29.6 dependency-type: direct:development dependency-group: security - dependency-name: "@babel/core" dependency-version: 7.29.6 dependency-type: direct:development dependency-group: security - dependency-name: "@babel/core" dependency-version: 7.29.6 dependency-type: direct:development dependency-group: security - dependency-name: "@babel/core" dependency-version: 7.29.6 dependency-type: direct:development dependency-group: security - dependency-name: "@babel/core" dependency-version: 7.29.6 dependency-type: direct:development dependency-group: security - dependency-name: "@babel/core" dependency-version: 7.29.6 dependency-type: direct:development dependency-group: security - dependency-name: "@babel/core" dependency-version: 7.29.6 dependency-type: direct:development dependency-group: security - dependency-name: "@babel/plugin-transform-modules-systemjs" dependency-version: 7.29.7 dependency-type: indirect dependency-group: security - dependency-name: fast-uri dependency-version: 3.1.2 dependency-type: indirect dependency-group: security - dependency-name: hono dependency-version: 4.12.27 dependency-type: indirect dependency-group: security - dependency-name: http-proxy-middleware dependency-version: 2.0.10 dependency-type: indirect dependency-group: security - dependency-name: next dependency-version: 15.5.18 dependency-type: direct:production dependency-group: security - dependency-name: next dependency-version: 15.5.18 dependency-type: direct:production dependency-group: security - dependency-name: next dependency-version: 15.5.18 dependency-type: direct:production dependency-group: security - dependency-name: next dependency-version: 15.5.18 dependency-type: direct:production dependency-group: security - dependency-name: undici dependency-version: 5.29.0 dependency-type: indirect dependency-group: security - dependency-name: vite dependency-version: 6.4.3 dependency-type: direct:development dependency-group: security - dependency-name: vite dependency-version: 6.4.3 dependency-type: direct:development dependency-group: security - dependency-name: vite dependency-version: 6.4.3 dependency-type: direct:development dependency-group: security - dependency-name: vite dependency-version: 6.4.3 dependency-type: direct:development dependency-group: security - dependency-name: vite dependency-version: 6.4.3 dependency-type: direct:development dependency-group: security - dependency-name: vite dependency-version: 6.4.3 dependency-type: direct:development dependency-group: security - dependency-name: vite dependency-version: 6.4.3 dependency-type: direct:development dependency-group: security - dependency-name: vite dependency-version: 6.4.3 dependency-type: direct:development dependency-group: security - dependency-name: vite dependency-version: 6.4.3 dependency-type: direct:development dependency-group: security - dependency-name: vitest dependency-version: 3.2.6 dependency-type: direct:development dependency-group: security - dependency-name: vitest dependency-version: 3.2.6 dependency-type: direct:development dependency-group: security - dependency-name: vitest dependency-version: 3.2.6 dependency-type: direct:development dependency-group: security - dependency-name: vitest dependency-version: 3.2.6 dependency-type: direct:development dependency-group: security - dependency-name: ws dependency-version: 7.5.11 dependency-type: indirect dependency-group: security ... Signed-off-by: dependabot[bot] <[email protected]>
452f8ff to
8f2e4d3
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the security group with 13 updates in the / directory:
7.20.127.29.63.2.106.4.319.2.2320.3.2519.2.2320.3.2519.2.2320.3.2514.2.3515.5.181.1.33.2.67.23.07.29.73.0.63.1.34.12.34.12.282.0.92.0.105.28.45.29.07.5.97.5.11Bumps the security group with 2 updates in the /apps/swirl-docs directory: next and vitest.
Bumps the security group with 1 update in the /packages/bridge directory: @babel/core.
Bumps the security group with 2 updates in the /packages/swirl-components directory: @babel/core and vite.
Bumps the security group with 3 updates in the /packages/swirl-components-angular directory: @angular/common, @angular/compiler and @angular/core.
Bumps the security group with 1 update in the /packages/swirl-components-react directory: vite.
Updates
@babel/corefrom 7.20.12 to 7.29.6Release notes
Sourced from @babel/core's releases.
... (truncated)
Commits
04ea6b2v7.29.699f498a[7.x packport]Improve input source map handling (#18001)feba0a3Preserve original identifier names from input sourcemaps (#17992) (#17998)aa8394ev7.29.0ad0d03f[7.x backport] feat: Allow specifying startLine in code frame (#17739)d7f4008v7.28.6e130225Polish(standalone): improve message on invalid preset/plugin (#17606)99dcba5chore: enable some ts-eslint rules (#17592)c92c491Improve Unicode handling in code-frame tokenizer (#17589)d725e39AddBABEL_7_TO_8_DANGEROUSLY_DISABLE_VERSION_CHECK(#17569)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for
@babel/coresince your current version.Updates
vitefrom 3.2.10 to 6.4.3Release notes
Sourced from vite's releases.
Changelog
Sourced from vite's changelog.
... (truncated)
Commits
6c2c881release: v6.4.396b0c10fix: backport #22572, reject windows alternate paths (#22576)8fed5cffix(deps): backport #22571, reject UNC paths for launch-editor-middleware (#2...6b3fad0release: v6.4.2ca4da5dfix: avoid path traversal with optimize deps sourcemap handler (#22161)fe28e47fix: apply server.fs check to env transport (#22159) (#22163)5487f4frelease: v6.4.11114b5dfix(dev): trim trailing slash beforeserver.fs.denycheck (#20968) (#20969)f12697crelease: v6.4.0ca6455efeat: allow passing down resolved config to vite's createServer (#20932)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for vite since your current version.
Updates
@angular/commonfrom 19.2.23 to 20.3.25Release notes
Sourced from @angular/common's releases.
... (truncated)
Changelog
Sourced from @angular/common's changelog.
... (truncated)
Commits
06be298fix(http): preserve empty referrer option in HttpRequest9f443bcfix(common): Limits date format string lengthfa940e1fix(http): Rejects non-HTTP(S) URLs in JSONP requests1a62130fix(common): use cryptographically secure SHA-256 for transfer cache key gene...566ad05fix(common): skip transfer cache for uncacheable HTTP traffice2ef1cefix(http): skip transfer cache for fetch credentialed requests3d135cefix(common): add upper bounds for digitsInfo39a4b4cfix(common): sanitize placeholderde7b2a6fix(http): exclude withCredentials requests from transfer cache4233188fix(http): skip TransferCache for cookie-bearing requests by defaultUpdates
@angular/compilerfrom 19.2.23 to 20.3.25Release notes
Sourced from @angular/compiler's releases.
... (truncated)
Changelog
Sourced from @angular/compiler's changelog.
... (truncated)
Commits
a68ec70fix(compiler): sanitize two-way propertiesd40acc6fix(compiler): prevent namespaced SVG <style> elements from being stripped7ae6381test(compiler-cli): align ngtsc sanitization expectations with modern DOM sch...36200bdtest(core): update spec files to match 20.3.x limits and actual contexts (#68...823b37ftest(compiler): remove obsolete schema_extractor import (#68926)e345a58fix(core): normalize tag names in runtime i18n attribute security context loo...8f35b18fix(compiler): normalize tag names with custom namespaces in DomElementSchema...64a89e9fix(compiler): sanitize dynamic href and xlink:href bindings on SVG a element...6404edffix(compiler): strip namespaced SVG script elements during template compilati...dc631effix(core): support prefix-insensitive DOM schema lookups and compile-time i18...Updates
@angular/corefrom 19.2.23 to 20.3.25Release notes
Sourced from @angular/core's releases.
... (truncated)
Changelog
Sourced from @angular/core's changelog.
... (truncated)
Commits
ca48b47fix(core): validate lowercase SVG animation attribute names (#69270)1a62130fix(common): use cryptographically secure SHA-256 for transfer cache key gene...49368c1fix(platform-server): harden platform location origin validation during SSR566ad05fix(common): skip transfer cache for uncacheable HTTP traffic768a349fix(core): harden TransferState restoration against DOM clobbering7ae6381test(compiler-cli): align ngtsc sanitization expectations with modern DOM sch...6595409test(core): update golden symbols and host bindings sanitization spec (#68926)d86e4e7fix(core): reject script element as a dynamic component host (#68926)b8f1f72test(core): remove obsolete blockquote cite host binding tests (#68926)36200bdtest(core): update spec files to match 20.3.x limits and actual contexts (#68...Updates
nextfrom 14.2.35 to 15.5.18Release notes
Sourced from next's releases.
Commits
9ff92cev15.5.1800ebe23[backport] Disable build caches for production/staging/force-preview deploys ...62c97abv15.5.17423623aTurbopack: Match proxy matchers with webpack implementation (#93594)fa78739Turbopack: Fix middleware matcher suffix (#93590)36e62c6[backport] Turbopack: more strict vergen setup (#93588)36589b5[backport][test] Pin package manager to patch versions (#93596)ad6fd4ev15.5.1679d7dffIgnore malformed CSP nonce headers (#103)c4f6908router-server: guard upgrade proxy against absolute-url SSRF (#77) (#102)Maintainer changes
This version was pushed to npm by GitHub Actions, a new releaser for next since your current version.
Updates
vitestfrom 1.1.3 to 3.2.6Release notes
Sourced from vitest's releases.