build(deps): bump the npm_and_yarn group across 2 directories with 10 updates#60
Open
dependabot[bot] wants to merge 1 commit into
Conversation
… updates Bumps the npm_and_yarn group with 1 update in the /archive/frontend/frontend directory: [axios](https://github.com/axios/axios). Bumps the npm_and_yarn group with 5 updates in the /mcp directory: | Package | From | To | | --- | --- | --- | | [ajv](https://github.com/ajv-validator/ajv) | `6.12.6` | `6.15.0` | | [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` | | [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) | `1.17.5` | `1.29.0` | | [@tootallnate/once](https://github.com/TooTallNate/once) | `1.1.2` | `removed` | | [path-to-regexp](https://github.com/pillarjs/path-to-regexp) | `8.3.0` | `8.4.2` | Updates `axios` from 1.15.2 to 1.16.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.15.2...v1.16.0) Updates `ajv` from 6.12.6 to 6.15.0 - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](ajv-validator/ajv@v6.12.6...v6.15.0) Updates `minimatch` from 3.1.2 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.1.2...v3.1.5) Updates `@modelcontextprotocol/sdk` from 1.17.5 to 1.29.0 - [Release notes](https://github.com/modelcontextprotocol/typescript-sdk/releases) - [Commits](modelcontextprotocol/typescript-sdk@1.17.5...v1.29.0) Removes `@tootallnate/once` Updates `body-parser` from 2.2.0 to 2.2.2 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@v2.2.0...v2.2.2) Updates `ip-address` from 10.0.1 to 10.2.0 - [Commits](beaugunderson/ip-address@v10.0.1...v10.2.0) Updates `path-to-regexp` from 8.3.0 to 8.4.2 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v8.3.0...v8.4.2) Updates `qs` from 6.14.0 to 6.15.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.14.0...v6.15.2) Updates `tar` from 6.2.1 to 7.5.15 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.2.1...v7.5.15) --- updated-dependencies: - dependency-name: axios dependency-version: 1.16.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: ajv dependency-version: 6.15.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@modelcontextprotocol/sdk" dependency-version: 1.29.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@tootallnate/once" dependency-version: dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-version: 2.2.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ip-address dependency-version: 10.2.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-version: 8.4.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-version: 6.15.2 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tar dependency-version: 7.5.15 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 1 update in the /archive/frontend/frontend directory: axios.
Bumps the npm_and_yarn group with 5 updates in the /mcp directory:
6.12.66.15.03.1.23.1.51.17.51.29.01.1.2removed8.3.08.4.2Updates
axiosfrom 1.15.2 to 1.16.0Release notes
Sourced from axios's releases.
... (truncated)
Changelog
Sourced from axios's changelog.
... (truncated)
Commits
df53d7dchore(release): prepare release 1.16.0 (#10834)9d92bcdfix: gadgets and smaller issues (#10833)5107ee6fix: prevent undefined error codes in settle (#7276)e573499fix(fetch): defer global access in fetch adapter (#7260)ad68e1afix(http): honor timeout during connect without redirects (#10819)2a51828fix(http): decode URL basic auth credentials (#10825)0e8b6bbfix(http): preserve user-supplied Host header when forwarding through a proxy...79f39e1docs: document paramsSerializer.encode for strict RFC 3986 query encoding (#1...0fe3a5f[Docs/Types] UpdateparseReviverTypeScript definitions for ES2023 and add ...cd6737fchore: matches the sibling responseStream.on(aborted) handler and added tests...Updates
ajvfrom 6.12.6 to 6.15.0Commits
184bc326.15.0fea46aftest/fix prototype pollution via $data ref with format keyword (#2606)e3af0a76.14.0b552ed6add regExp option to address $data exploit via a regular expression (CVE-2025...72f2286docs: update v7 info231e52bMerge pull request #1320 from philsturgeon/patch-1d3475fcAdd spectral, an AJV util from a sponsor413afe0docs: v7.0.0-beta.311e997bupdate readme for v7Updates
minimatchfrom 3.1.2 to 3.1.5Commits
7bba9783.1.5bd25942docs: add warning about ReDoS1a9c27cfix partial matching of globstar patterns1a2e0843.1.4ae24656update lockfileb100374limit recursion for **, improve perf considerably26ffeaalockfile update9eca892lock node version to 1400c323b3.1.330486b2update CI matrix and actionsUpdates
@modelcontextprotocol/sdkfrom 1.17.5 to 1.29.0Release notes
Sourced from @modelcontextprotocol/sdk's releases.
... (truncated)
Commits
e12cbd7chore: bump version to 1.29.0 (#1820)3913fd4fix(stdio): always set windowsHide on Windows, not just in Electron (#1640)5608e78[v1.x backport] Allow servers / clients to advertise extensions in the capabi...7213816v1.x #1623 follow up -add missing types to package.json (#1773)364f38cv1.x npm audit fix (#1780)c95cc09Add typings exports (#1623)ddadaa6[v1.x] fix: add missing size field to ResourceSchema (#1575)2a15851[v1.x] fix: disallow null (infinite) requested TTL (#1339)13e30f1fix: treat v1.x as primary branch for npm latest tag (backport #1577) (#1749)a056569chore: bump version to 1.28.0 (#1746)Maintainer changes
This version was pushed to npm by pcarleton, a new releaser for
@modelcontextprotocol/sdksince your current version.Removes
@tootallnate/onceUpdates
body-parserfrom 2.2.0 to 2.2.2Release notes
Sourced from body-parser's releases.
... (truncated)
Changelog
Sourced from body-parser's changelog.
Commits
3d248662.2.2 (#691)8474a98refactor(json): simplify strict mode error string construction (#693)03f17c2deps: qs@^6.14.1 (#689)ea1f25edocs: use standard jsdoc tags everywhere (#677)d7deef8docs: update URL-encoded parser description to include ISO-8859-1 encoding su...b6f52aadocs: release notes for the v1.20.4 release (#674)2965ca4docs: update links (#673)d96b63d2.2.1 (#659)b204886sec: security patch for CVE-2025-13466e20e351feat: removehistory.mdfrom being packaged on publish (#660)Updates
ip-addressfrom 10.0.1 to 10.2.0Commits
80fccaa10.2.0abaeb4dType Address4.addressMinusSuffix as non-nilable (closes #143)2878c29Preserve subnet prefix through Address6.to4() (closes #123) (#203)586666eReject trailing junk in Address6.fromURL (closes #158) (#202)80bc76eValidate static factories instead of silently overflowing (#201)98927beClarify isValid() accepts CIDRs with host bits set (#81)a0eb073Fix getScope() and broaden getType() classification (closes #122) (#200)ec52105Add networkForm() for CIDR network-address strings (#199)a9443a7Add isMapped4() predicate for IPv4-mapped IPv6 addresses (closes #62) (#198)f01d742Add address-property predicates (private, ULA, loopback, link-local, etc.) (#...Updates
path-to-regexpfrom 8.3.0 to 8.4.2Release notes
Sourced from path-to-regexp's releases.
Commits
cbf30258.4.2937c02dMinimize array allocations (#437)57247e6Improve compile performance (#436)5844988Remove internal tokenization during parse (#435)9a78879Error on trailing backslash (#434)7f058768.4.16bc8e84Remove trie deduplication (#431)5bcd30bAllow backtrack handling to match itself (#427)9f9c6c5Add parsing to benchmarks (#418)9fd31e0Addtrailing: falsetests (#428)Updates
qsfrom 6.14.0 to 6.15.2Changelog
Sourced from qs's changelo...
Description has been truncated