Bump the npm_and_yarn group group with 15 updates #22

dependabot · 2024-03-24T23:41:22Z

Bumps the npm_and_yarn group group with 15 updates:

Package	From	To
gatsby	`4.16.0`	`4.25.7`
@babel/traverse	`7.18.5`	`7.24.1`
cross-fetch	`3.1.4`	`3.1.5`
decode-uri-component	`0.2.0`	`0.2.2`
follow-redirects	`1.15.1`	`1.15.6`
webpack-dev-middleware	`3.7.3`	`4.3.0`
got	`9.6.0`	`11.8.6`
gatsby	`4.25.7`	`5.13.3`
json5	`1.0.1`	`1.0.2`
loader-utils	`1.4.0`	`2.0.4`
parse-path	`4.0.4`	`7.0.0`
parse-url	`6.0.0`	`8.1.0`
postcss	`8.4.14`	`8.4.38`
sharp	`0.30.6`	`0.32.6`
socket.io-parser	`4.0.4`	`4.2.4`
webpack	`5.73.0`	`5.91.0`

Updates gatsby from 4.16.0 to 4.25.7

Release notes

Sourced from gatsby's releases.

v4.24

Welcome to [email protected] release (September 2022 #2)

Key highlights of this release:

Gatsby 5 Alpha

Updating File System Routes on data changes

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.23

Welcome to [email protected] release (September 2022 #1)

Key highlights of this release:

Open RFCs

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.22

Welcome to [email protected] release (August 2022 #3)

Key highlights of this release:

Open RFCs

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.21

Welcome to [email protected] release (August 2022 #2)

Key highlights of this release:

gatsby-plugin-mdx v4

Open RFCs

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

... (truncated)

Commits

db5eb18 chore(release): Publish
fc22f4b fix(gatsby): don't serve codeframes for files outside of compilation (#38059)...
8889bfe chore(release): Publish
d3d5fd0 fix(gatsby-source-wordpress): prevent inconsistent schema customization (#377...
5bdef4a fix(gatsby): don't block event loop during inference (#37780) (#37801)
50e3f94 chore(release): Publish
3f8477d chore: Update get-unowned-packages script to use npm 9 syntax
dcf88ed fix(gatsby-plugin-sharp): don't serve static assets that are not result of cu...
3be4a80 chore(release): Publish
98c4d27 feat(gatsby): add initial webhook body env var to bootstrap context (#37478) ...
Additional commits viewable in compare view

Updates @babel/traverse from 7.18.5 to 7.24.1

Release notes

Sourced from @babel/traverse's releases.

v7.24.1 (2024-03-19)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16350 Fix decorated class computed keys ordering (@JLHwung)

#16344 Fix decorated class static field private access (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env

#16329 Respect moduleName for @babel/runtime/regenerator imports (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties

#16331 Fix decorator memoiser binding kind (@JLHwung)

babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

#16325 Fix decorator evaluation private environment (@JLHwung)

📝 Documentation

#16319 Update SECURITY.md (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16359 Replace chalk with picocolors (@nicolo-ribaudo)

babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow

#16352 Run Babel transform tests on old node if possible (@JLHwung)

babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx

#16349 Support merging imports in import injector (@nicolo-ribaudo)

Other

#16332 Test Babel 7 plugins compatibility with Babel 8 core (@nicolo-ribaudo)

🔬 Output optimization

babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime

#16345 Optimize the use of assertThisInitialized after super() (@liuxingbaoyu)

babel-plugin-transform-class-properties, babel-plugin-transform-classes

#16343 Use simpler assertThisInitialized more often (@liuxingbaoyu)

babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse

#16342 Consider well-known and registered symbols as literals (@nicolo-ribaudo)

babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

#16326 Reduce the use of class names (@liuxingbaoyu)

Committers: 4

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

@liuxingbaoyu

v7.24.0 (2024-02-28)

Thanks @ajihyf for your first PR!

Release post with summary and highlights: https://babeljs.io/7.24.0

🚀 New Feature

babel-standalone

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.24.1 (2024-03-19)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16350 Fix decorated class computed keys ordering (@JLHwung)

#16344 Fix decorated class static field private access (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env

#16329 Respect moduleName for @babel/runtime/regenerator imports (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties

#16331 Fix decorator memoiser binding kind (@JLHwung)

babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties

#16325 Fix decorator evaluation private environment (@JLHwung)

📝 Documentation

#16319 Update SECURITY.md (@nicolo-ribaudo)

🏠 Internal

babel-code-frame, babel-highlight

#16359 Replace chalk with picocolors (@nicolo-ribaudo)

babel-helper-fixtures, babel-helpers, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow

#16352 Run Babel transform tests on old node if possible (@JLHwung)

babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3, babel-runtime, babel-standalone

#16323 Allow separate helpers to be excluded in Babel 8 (@liuxingbaoyu)

babel-helper-module-imports, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-record-and-tuple, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx

#16349 Support merging imports in import injector (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-bugfix-v8-spread-parameters-in-optional-chaining, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-external-helpers, babel-plugin-proposal-async-do-expressions, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-plugin-proposal-duplicate-named-capturing-groups-regex, babel-plugin-proposal-explicit-resource-management, babel-plugin-proposal-export-default-from, babel-plugin-proposal-function-bind, babel-plugin-proposal-function-sent, babel-plugin-proposal-import-attributes-to-assertions, babel-plugin-proposal-import-defer, babel-plugin-proposal-import-wasm-source, babel-plugin-proposal-json-modules, babel-plugin-proposal-optional-chaining-assign, babel-plugin-proposal-partial-application, babel-plugin-proposal-pipeline-operator, babel-plugin-proposal-record-and-tuple, babel-plugin-proposal-regexp-modifiers, babel-plugin-proposal-throw-expressions, babel-plugin-syntax-async-do-expressions, babel-plugin-syntax-decimal, babel-plugin-syntax-decorators, babel-plugin-syntax-destructuring-private, babel-plugin-syntax-do-expressions, babel-plugin-syntax-explicit-resource-management, babel-plugin-syntax-export-default-from, babel-plugin-syntax-flow, babel-plugin-syntax-function-bind, babel-plugin-syntax-function-sent, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-plugin-syntax-import-defer, babel-plugin-syntax-import-reflection, babel-plugin-syntax-import-source, babel-plugin-syntax-jsx, babel-plugin-syntax-module-blocks, babel-plugin-syntax-optional-chaining-assign, babel-plugin-syntax-partial-application, babel-plugin-syntax-pipeline-operator, babel-plugin-syntax-record-and-tuple, babel-plugin-syntax-throw-expressions, babel-plugin-syntax-typescript, babel-plugin-transform-arrow-functions, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoped-functions, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-classes, babel-plugin-transform-computed-properties, babel-plugin-transform-destructuring, babel-plugin-transform-dotall-regex, babel-plugin-transform-duplicate-keys, babel-plugin-transform-dynamic-import, babel-plugin-transform-exponentiation-operator, babel-plugin-transform-export-namespace-from, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-for-of, babel-plugin-transform-function-name, babel-plugin-transform-instanceof, babel-plugin-transform-jscript, babel-plugin-transform-json-strings, babel-plugin-transform-literals, babel-plugin-transform-logical-assignment-operators, babel-plugin-transform-member-expression-literals, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-modules-umd, babel-plugin-transform-new-target, babel-plugin-transform-nullish-coalescing-operator, babel-plugin-transform-numeric-separator, babel-plugin-transform-object-assign, babel-plugin-transform-object-rest-spread, babel-plugin-transform-object-set-prototype-of-to-assign, babel-plugin-transform-object-super, babel-plugin-transform-optional-catch-binding, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-property-literals, babel-plugin-transform-property-mutators, babel-plugin-transform-proto-to-assign, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-display-name, babel-plugin-transform-react-inline-elements, babel-plugin-transform-react-jsx-compat, babel-plugin-transform-react-jsx-self, babel-plugin-transform-react-jsx-source, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-reserved-words, babel-plugin-transform-runtime, babel-plugin-transform-shorthand-properties, babel-plugin-transform-spread, babel-plugin-transform-sticky-regex, babel-plugin-transform-strict-mode, babel-plugin-transform-template-literals, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-plugin-transform-unicode-escapes, babel-plugin-transform-unicode-property-regex, babel-plugin-transform-unicode-regex, babel-plugin-transform-unicode-sets-regex, babel-preset-env, babel-preset-flow, babel-preset-react, babel-preset-typescript

#16332 Test Babel 7 plugins compatibility with Babel 8 core (@nicolo-ribaudo)

babel-compat-data, babel-plugin-transform-object-rest-spread, babel-preset-env

#16318 [babel 8] Fix @babel/compat-data package.json (@nicolo-ribaudo)

🔬 Output optimization

babel-helper-replace-supers, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-parameters, babel-plugin-transform-runtime

#16345 Optimize the use of assertThisInitialized after super() (@liuxingbaoyu)

babel-plugin-transform-class-properties, babel-plugin-transform-classes

#16343 Use simpler assertThisInitialized more often (@liuxingbaoyu)

babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-object-rest-spread, babel-traverse

#16342 Consider well-known and registered symbols as literals (@nicolo-ribaudo)

babel-core, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-function-bind, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-flow-comments, babel-plugin-transform-flow-strip-types, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env

#16326 Reduce the use of class names (@liuxingbaoyu)

v7.24.0 (2024-02-28)

🚀 New Feature

babel-standalone

#11696 Export babel tooling packages in @babel/standalone (@ajihyf)

babel-core, babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-transform-class-properties

#16267 Implement noUninitializedPrivateFieldAccess assumption (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-helpers, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-syntax-decorators, babel-plugin-transform-class-properties, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16242 Support decorator 2023-11 normative updates (@JLHwung)

babel-preset-flow

#16309 [babel 7] Allow setting ignoreExtensions in Flow preset (@nicolo-ribaudo)

... (truncated)

Commits

822b025 v7.24.1
fc0d5ad Update typescript and lint tools (#16351)
69e7928 Consider well-known and registered symbols as literals (#16342)
40110e9 Update source map deps (#16327)
ce59160 v7.24.0
bd5abd5 fix: avoid popContext on unvisited node paths (#16305)
08a057c Use Object.hasOwn when available (#16248)
a0dd614 v7.23.9
1200542 fix: Don't throw in getTypeAnnotation when using TS+inference (#15383)
e428a6d v7.23.7
Additional commits viewable in compare view

Updates cross-fetch from 3.1.4 to 3.1.5

Release notes

Sourced from cross-fetch's releases.

v3.1.5

What's Changed

chore: updated node-fetch version to 2.6.7 by @dlafreniere in lquixada/cross-fetch#124

New Contributors

@dlafreniere made their first contribution in lquixada/cross-fetch#124

Full Changelog: lquixada/cross-fetch@v3.1.4...v3.1.5

Commits

c6089df chore(release): 3.1.5
a3b3a94 chore: updated node-fetch version to 2.6.7 (#124)
efed703 chore: updated node-fetch version to 2.6.5
694ff77 refactor: removed ora from dependencies
efc5956 refactor: added .vscode to .gitignore
da605d5 refactor: renamed test/fetch/ to test/fetch-api/ and test/module/ to test/mod...
0f0d51d chore: updated minor and patch versions of dev dependencies
c6e34ea refactor: removed sinon.js
f524a52 fix: yargs was incompatible with node 10
7906fcf chore: updated dev dependencies
Additional commits viewable in compare view

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

Switch to GitHub workflows 76abc93

Fix issue where decode throws - fixes #6 746ca5d

Update license (#1) 486d7e2

Tidelift tasks a650457

Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

a0eea46 0.2.2
980e0bf Prevent overwriting previously decoded tokens
3c8a373 0.2.1
76abc93 Switch to GitHub workflows
746ca5d Fix issue where decode throws - fixes #6
486d7e2 Update license (#1)
a650457 Tidelift tasks
66e1c28 Meta tweaks
See full diff in compare view

Updates follow-redirects from 1.15.1 to 1.15.6

Commits

35a517c Release version 1.15.6 of the npm package.
c4f847f Drop Proxy-Authorization across hosts.
8526b4a Use GitHub for disclosure.
b1677ce Release version 1.15.5 of the npm package.
d8914f7 Preserve fragment in responseUrl.
6585820 Release version 1.15.4 of the npm package.
7a6567e Disallow bracketed hostnames.
05629af Prefer native URL instead of deprecated url.parse.
1cba8e8 Prefer native URL instead of legacy url.resolve.
72bc2a4 Simplify _processResponse error handling.
Additional commits viewable in compare view

Updates webpack-dev-middleware from 3.7.3 to 4.3.0

Release notes

Sourced from webpack-dev-middleware's releases.

v4.3.0

4.3.0 (2021-05-19)

Features

add getFilenameFromUrl to API (#911) (1edc726)

v4.2.0

4.2.0 (2021-05-10)

Features

allow the headers option to accept function (#897) (966afb3)

v4.1.0

4.1.0 (2021-01-15)

Features

added the stats option (376cdba)

v4.0.4

4.0.4 (2021-01-13)

Bug Fixes

compatibility with webpack@4 (#816) (acdfd4d)

v4.0.3

4.0.3 (2021-01-12)

Bug Fixes

output stats to stdout instead stderr, how does webpack-cli, if you need hide stats from output please use { stats: false } or { stats: 'none' } (4de0f97)

colors are working for stats (4de0f97)

schema description (#783) (f9ce2b2)

skip Content-type header on unknown types (#809) (5c9eee5)

v4.0.2

4.0.2 (2020-11-10)

Bug Fixes

compatibility with the headers option (#763) (7c4cac5)

... (truncated)

Changelog

Sourced from webpack-dev-middleware's changelog.

4.3.0 (2021-05-19)

Features

add getFilenameFromUrl to API (#911) (1edc726)

Bug Fixes

husky config (#904) (8a423be)

typo depandabot -> dependabot (#905) (7062990)

4.2.0 (2021-05-10)

Features

allow the headers option to accept function (#897) (966afb3)

4.1.0 (2021-01-15)

Features

added the stats option (376cdba)

4.0.4 (2021-01-13)

Bug Fixes

compatibility with webpack@4 (#816) (acdfd4d)

4.0.3 (2021-01-12)

Bug Fixes

output stats to stdout instead stderr, how does webpack-cli, if you need hide stats from output please use { stats: false } or { stats: 'none' } (4de0f97)

colors are working for stats (4de0f97)

schema description (#783) (f9ce2b2)

skip Content-type header on unknown types (#809) (5c9eee5)

4.0.2 (2020-11-10)

Bug Fixes

compatibility with the headers option (#763) (7c4cac5)

... (truncated)

Commits

e08d1e7 chore(release): 4.3.0
8ba3e2d chore: small tweak (#917)
ea31175 chore(deps-dev): bump webpack from 5.37.0 to 5.37.1 (#916)
09b923a style: avoid options for prettier (#915)
1f7a65e chore(deps): update (#914)
1edc726 feat: add getFilenameFromUrl to API (#911)
08f32fe chore(deps-dev): bump @babel/cli
5434068 chore(deps-dev): bump @babel/core
668fca4 chore(deps-dev): bump @commitlint/cli from 12.1.3 to 12.1.4 (#909)
7062990 fix: typo depandabot -> dependabot (#905)
Additional commits viewable in compare view

Updates got from 9.6.0 to 11.8.6

Release notes

Sourced from got's releases.

v11.8.6

Destroy request object after successful response

sindresorhus/got@v11.8.5...v11.8.6

v11.8.5

Backport security fix sindresorhus/got@861ccd9

CVE-2022-33987

sindresorhus/got@v11.8.4...v11.8.5

v11.8.3

Bump cacheable-request dependency (#1921) 9463bb6

Fix HTTPError missing .code property (#1739) 0e167b8

sindresorhus/got@v11.8.2...v11.8.3

v11.8.2

Make the dnsCache option lazy (#1529) 3bd245f This slightly improves Got startup performance and fixes an issue with Jest.

sindresorhus/got@v11.8.1...v11.8.2

v11.8.1

Do not throw on custom stack traces (#1491) 4c815c3a609eb74d0eb139414d9996b4f65dc3c0

v11.8.0

Fix for sending files with size 0 on stat (#1488) 7acd380

beforeRetry allows stream body if different from original (#1501) 3dd2273

Set default value for an options object (#1495) 390b145

sindresorhus/got@v11.7.0...v11.8.0

v11.7.0

Improvements

Add pfx HTTPS option (#1364) c33df7f

Update body after beforeRequest (#1453) e1c1844

Don't allocate buffer twice (#1403) 7bc69d9

Fixes

Fix a regression where body was sent after redirect 88b32ea

Fix destructure error on promise.json() c97ce7c

Do not ignore userinfo on a redirect to the same origin 52de13b

sindresorhus/got@v11.6.2...v11.7.0

v11.6.2

Bug fixes

... (truncated)

Commits

2b1482c 11.8.6
2d1497e Destroy request object after successful response (#2187)
5e17bb7 11.8.5
bce8ce7 Backport 861ccd9ac2237df762a9e2beed7edd88c60782dc
8ced192 Fix build
670eb04 11.8.4
20f29fe Backport #1543: Initialize globalResponse in case of ignored HTTPError (#2017)
0da732f 11.8.3
9463bb6 Bump cacheable-request dependency (#1921)
0e167b8 HTTPError code set to 'HTTPError' #1711 (#1739)
Additional commits viewable in compare view

Updates gatsby from 4.25.7 to 5.13.3

Release notes

Sourced from gatsby's releases.

v4.24

Welcome to [email protected] release (September 2022 #2)

Key highlights of this release:

Gatsby 5 Alpha

Updating File System Routes on data changes

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.23

Welcome to [email protected] release (September 2022 #1)

Key highlights of this release:

Open RFCs

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.22

Welcome to [email protected] release (August 2022 #3)

Key highlights of this release:

Open RFCs

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.21

Welcome to [email protected] release (August 2022 #2)

Key highlights of this release:

gatsby-plugin-mdx v4

Open RFCs

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

... (truncated)

Commits

db5eb18 chore(release): Publish
fc22f4b fix(gatsby): don't serve codeframes for files outside of compilation (#38059)...
8889bfe chore(release): Publish
d3d5fd0 fix(gatsby-source-wordpress): prevent inconsistent schema customization (#377...
5bdef4a fix(gatsby): don't block event loop during inference (#37780) (#37801)
50e3f94 chore(release): Publish
3f8477d chore: Update get-unowned-packages script to use npm 9 syntax
dcf88ed fix(gatsby-plugin-sharp): don't serve static assets that are not result of cu...
3be4a80 chore(release): Publish
98c4d27 feat(gatsby): add initial webhook body env var to bootstrap context (#37478) ...
Additional commits viewable in compare view

Updates json5 from 1.0.1 to 1.0.2

Release notes

Sourced from json5's releases.

v1.0.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)

Changelog

Sourced from json5's changelog.

Unreleased [code, diff]

v2.2.3 [code, diff]

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

... (truncated)

Commits

a62db1e 1.0.2
e0c23fe docs: update CHANGELOG for v1.0.2
62a6540 fix: add proto to objects and arrays
See full diff in compare view

Updates loader-utils from 1.4.0 to 2.0.4

Release notes

Description has been truncated

Bumps the npm_and_yarn group group with 15 updates: | Package | From | To | | --- | --- | --- | | [gatsby](https://github.com/gatsbyjs/gatsby) | `4.16.0` | `4.25.7` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.18.5` | `7.24.1` | | [cross-fetch](https://github.com/lquixada/cross-fetch) | `3.1.4` | `3.1.5` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.1` | `1.15.6` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `3.7.3` | `4.3.0` | | [got](https://github.com/sindresorhus/got) | `9.6.0` | `11.8.6` | | [gatsby](https://github.com/gatsbyjs/gatsby) | `4.25.7` | `5.13.3` | | [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `2.0.4` | | [parse-path](https://github.com/IonicaBizau/parse-path) | `4.0.4` | `7.0.0` | | [parse-url](https://github.com/IonicaBizau/parse-url) | `6.0.0` | `8.1.0` | | [postcss](https://github.com/postcss/postcss) | `8.4.14` | `8.4.38` | | [sharp](https://github.com/lovell/sharp) | `0.30.6` | `0.32.6` | | [socket.io-parser](https://github.com/socketio/socket.io-parser) | `4.0.4` | `4.2.4` | | [webpack](https://github.com/webpack/webpack) | `5.73.0` | `5.91.0` | Updates `gatsby` from 4.16.0 to 4.25.7 - [Release notes](https://github.com/gatsbyjs/gatsby/releases) - [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/CHANGELOG.md) - [Commits](https://github.com/gatsbyjs/gatsby/compare/[email protected]@4.25.7) Updates `@babel/traverse` from 7.18.5 to 7.24.1 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.1/packages/babel-traverse) Updates `cross-fetch` from 3.1.4 to 3.1.5 - [Release notes](https://github.com/lquixada/cross-fetch/releases) - [Changelog](https://github.com/lquixada/cross-fetch/blob/v4.x/CHANGELOG.md) - [Commits](lquixada/cross-fetch@v3.1.4...v3.1.5) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Updates `follow-redirects` from 1.15.1 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.1...v1.15.6) Updates `webpack-dev-middleware` from 3.7.3 to 4.3.0 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/master/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v3.7.3...v4.3.0) Updates `got` from 9.6.0 to 11.8.6 - [Release notes](https://github.com/sindresorhus/got/releases) - [Commits](sindresorhus/got@v9.6.0...v11.8.6) Updates `gatsby` from 4.25.7 to 5.13.3 - [Release notes](https://github.com/gatsbyjs/gatsby/releases) - [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/CHANGELOG.md) - [Commits](https://github.com/gatsbyjs/gatsby/compare/[email protected]@4.25.7) Updates `json5` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) Updates `loader-utils` from 1.4.0 to 2.0.4 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.4.0...v2.0.4) Updates `parse-path` from 4.0.4 to 7.0.0 - [Release notes](https://github.com/IonicaBizau/parse-path/releases) - [Commits](IonicaBizau/parse-path@4.0.4...7.0.0) Updates `parse-url` from 6.0.0 to 8.1.0 - [Release notes](https://github.com/IonicaBizau/parse-url/releases) - [Commits](IonicaBizau/parse-url@6.0.0...8.1.0) Updates `postcss` from 8.4.14 to 8.4.38 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.14...8.4.38) Updates `sharp` from 0.30.6 to 0.32.6 - [Release notes](https://github.com/lovell/sharp/releases) - [Changelog](https://github.com/lovell/sharp/blob/main/docs/changelog.md) - [Commits](lovell/sharp@v0.30.6...v0.32.6) Updates `socket.io-parser` from 4.0.4 to 4.2.4 - [Release notes](https://github.com/socketio/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io-parser@4.0.4...4.2.4) Updates `webpack` from 5.73.0 to 5.91.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.73.0...v5.91.0) --- updated-dependencies: - dependency-name: gatsby dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: cross-fetch dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: got dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: gatsby dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: parse-path dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: parse-url dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: sharp dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: webpack dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-03-24T23:53:20Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 24, 2024

dependabot bot closed this Mar 24, 2024

dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-security-group-b467ec29ed branch March 24, 2024 23:53

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group group with 15 updates #22

Bump the npm_and_yarn group group with 15 updates #22

dependabot bot commented on behalf of github Mar 24, 2024 •

edited

Loading

dependabot bot commented on behalf of github Mar 24, 2024

Bump the npm_and_yarn group group with 15 updates #22

Bump the npm_and_yarn group group with 15 updates #22

Conversation

dependabot bot commented on behalf of github Mar 24, 2024 • edited Loading

v4.24

v4.23

v4.22

v4.21

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

Committers: 4

v7.24.0 (2024-02-28)

🚀 New Feature

v7.24.1 (2024-03-19)

🐛 Bug Fix

📝 Documentation

🏠 Internal

🔬 Output optimization

v7.24.0 (2024-02-28)

🚀 New Feature

v3.1.5

What's Changed

New Contributors

v0.2.2

v0.2.1

v4.3.0

4.3.0 (2021-05-19)

Features

v4.2.0

4.2.0 (2021-05-10)

Features

v4.1.0

4.1.0 (2021-01-15)

Features

v4.0.4

4.0.4 (2021-01-13)

Bug Fixes

v4.0.3

4.0.3 (2021-01-12)

Bug Fixes

v4.0.2

4.0.2 (2020-11-10)

Bug Fixes

4.3.0 (2021-05-19)

Features

Bug Fixes

4.2.0 (2021-05-10)

Features

4.1.0 (2021-01-15)

Features

4.0.4 (2021-01-13)

Bug Fixes

4.0.3 (2021-01-12)

Bug Fixes

4.0.2 (2020-11-10)

Bug Fixes

v11.8.6

v11.8.5

v11.8.3

v11.8.2

v11.8.1

v11.8.0

v11.7.0

Improvements

Fixes

v11.6.2

Bug fixes

v4.24

v4.23

v4.22

v4.21

v1.0.2

Unreleased [code, diff]

v2.2.3 [code, diff]

v2.2.2 [code, diff]

v2.2.1 [code, diff]

v2.2.0 [code, diff]

dependabot bot commented on behalf of github Mar 24, 2024 •

edited

Loading