Bump the npm_and_yarn group across 1 directory with 25 updates by dependabot[bot] · Pull Request #4 · pgmac-net/metasearch

dependabot · 2024-12-23T07:14:36Z

Warning

Dependabot will stop supporting npm v6!

Please upgrade to one of the following versions: v7, v8, v9, or v10.

Bumps the npm_and_yarn group with 16 updates in the / directory:

Package	From	To
aws-sdk	`2.706.0`	`2.814.0`
axios	`0.21.1`	`1.7.9`
@azure/msal-node	`1.6.0`	`1.18.4`
ejs	`3.1.3`	`3.1.10`
express	`4.17.1`	`4.20.0`
jsonwebtoken	`8.5.1`	`9.0.0`
marked	`1.1.0`	`4.0.10`
sanitize-html	`1.27.0`	`2.12.1`
xml2js	`0.4.23`	`0.6.2`
aws-sdk	`2.814.0`	`2.1692.0`
braces	`3.0.2`	`3.0.3`
json-bigint	`0.3.0`	`1.0.0`
gcp-metadata	`4.1.0`	`4.3.1`
node-fetch	`2.6.1`	`2.7.0`
node-forge	`0.9.1`	`1.3.1`
google-p12-pem	`3.0.1`	`3.1.4`
qs	`6.7.0`	`6.13.1`

Updates aws-sdk from 2.706.0 to 2.814.0

Changelog

Sourced from aws-sdk's changelog.

2.814.0

bugfix: Credentials: SDK will throw if shared ini file's profile name can be resolved to proto

feature: EC2: EBS io2 volumes now supports Multi-Attach

feature: PersonalizeRuntime: Updated FilterValues regex pattern to align with Filter Expression.

feature: RDS: Adds IAM DB authentication information to the PendingModifiedValues output of the DescribeDBInstances API. Adds ClusterPendingModifiedValues information to the output of the DescribeDBClusters API.

2.813.0

feature: ConfigService: Adding PutExternalEvaluation API which grants permission to deliver evaluation result to AWS Config

feature: DLM: Provide Cross-account copy event based policy support in DataLifecycleManager (DLM)

feature: EC2: C6gn instances are powered by AWS Graviton2 processors and offer 100 Gbps networking bandwidth. These instances deliver up to 40% better price-performance benefit versus comparable x86-based instances

feature: Imagebuilder: This release adds support for building and distributing container images within EC2 Image Builder.

feature: KMS: Added CreationDate and LastUpdatedDate timestamps to ListAliases API response

feature: Route53: This release adds support for DNSSEC signing in Amazon Route 53.

feature: Route53Resolver: Route 53 Resolver adds support for enabling resolver DNSSEC validation in virtual private cloud (VPC).

feature: SQS: Amazon SQS adds queue attributes to enable high throughput FIFO.

feature: ServiceCatalog: Support TagOptions sharing with Service Catalog portfolio sharing.

2.812.0

feature: CostExplorer: This release updates the "MonitorArnList" from a list of String to be a list of Arn for both CreateAnomalySubscription and UpdateAnomalySubscription APIs

feature: Location: Initial release of Amazon Location Service. A new geospatial service providing capabilities to render maps, geocode/reverse geocode, track device locations, and detect geofence entry/exit events.

feature: QuickSight: QuickSight now supports connecting to federated data sources of Athena

feature: WellArchitected: This is the first release of AWS Well-Architected Tool API support, use to review your workload and compare against the latest AWS architectural best practices.

2.811.0

feature: Amp: (New Service) Amazon Managed Service for Prometheus is a fully managed Prometheus-compatible monitoring service that makes it easy to monitor containerized applications securely and at scale.

feature: GreengrassV2: AWS IoT Greengrass V2 is a new major version of AWS IoT Greengrass. This release adds several updates such as modular components, continuous deployments, and improved ease of use.

feature: IoTAnalytics: FileFormatConfiguration enables data store to save data in JSON or Parquet format. S3Paths enables you to specify the S3 objects that save your channel messages when you reprocess the pipeline.

feature: IoTFleetHub: AWS IoT Fleet Hub, a new feature of AWS IoT Device Management that provides a web application for monitoring and managing device fleets connected to AWS IoT at scale.

feature: IoTWireless: AWS IoT for LoRaWAN enables customers to setup a private LoRaWAN network by connecting their LoRaWAN devices and gateways to the AWS cloud without managing a LoRaWAN Network Server.

feature: Iot: AWS IoT Rules Engine adds Kafka Action that allows sending data to Apache Kafka clusters inside a VPC. AWS IoT Device Defender adds custom metrics and machine-learning based anomaly detection.

feature: IotDeviceAdvisor: AWS IoT Core Device Advisor is fully managed test capability for IoT devices. Device manufacturers can use Device Advisor to test their IoT devices for reliable and secure connectivity with AWS IoT.

feature: Lambda: Added support for Apache Kafka as a event source. Added support for TumblingWindowInSeconds for streams event source mappings. Added support for FunctionResponseTypes for streams event source mappings

feature: SSM: Adding support for Change Manager API content

2.810.0

feature: DevOpsGuru: Documentation updates for DevOps Guru.

feature: EC2: Add c5n.metal to ec2 instance types list

feature: GlobalAccelerator: This release adds support for custom routing accelerators

2.809.0

feature: AutoScaling: Documentation updates and corrections for Amazon EC2 Auto Scaling API Reference and SDKs.

feature: CloudTrail: CloudTrailInvalidClientTokenIdException is now thrown when a call results in the InvalidClientTokenId error code. The Name parameter of the AdvancedEventSelector data type is now optional.

feature: IoTSiteWise: Added the ListAssetRelationships operation and support for composite asset models, which represent structured sets of properties within asset models.

2.808.0

feature: EC2: TGW connect simplifies connectivity of SD-WAN appliances; IGMP support for TGW multicast; VPC Reachability Analyzer for VPC resources connectivity analysis.

feature: Kendra: Amazon Kendra now supports adding synonyms to an index through the new Thesaurus resource.

feature: NetworkManager: This release adds API support for Transit Gateway Connect integration into AWS Network Manager.

2.807.0

... (truncated)

Commits

8875a35 Updates SDK to v2.814.0
dd83d67 throw at invalid profile name in shared ini file (#3585)
ee0c5a3 Updates SDK to v2.813.0
468d15b Updates SDK to v2.812.0
c50132f Update README.md with references to JS SDK V3 (#3582)
3e19b08 Updates SDK to v2.811.0
f26c00d Updates SDK to v2.810.0
b393a6e Adds automatic PreSignedUrl generation to RDS.StartDBInstanceAutomatedBackups...
fa57967 Updates SDK to v2.809.0
9a52018 Updates SDK to v2.808.0
Additional commits viewable in compare view

Updates axios from 0.21.1 to 1.7.9

Release notes

Sourced from axios's releases.

Release v1.7.9

Release notes:

Reverts

Revert "fix(types): export CJS types from ESM (#6218)" (#6729) (c44d2f2), closes #6218 #6729

Contributors to this release

Jay

Release v1.7.8

Release notes:

Bug Fixes

allow passing a callback as paramsSerializer to buildURL (#6680) (eac4619)

core: fixed config merging bug (#6668) (5d99fe4)

fixed width form to not shrink after 'Send Request' button is clicked (#6644) (7ccd5fd)

http: add support for File objects as payload in http adapter (#6588) (#6605) (6841d8d)

http: fixed proxy-from-env module import (#5222) (12b3295)

http: use globalThis.TextEncoder when available (#6634) (df956d1)

ios11 breaks when build (#6608) (7638952)

types: add missing types for mergeConfig function (#6590) (00de614)

types: export CJS types from ESM (#6218) (c71811b)

updated stream aborted error message to be more clear (#6615) (cc3217a)

use URL API instead of DOM to fix a potential vulnerability warning; (#6714) (0a8d6e1)

Contributors to this release

Remco Haszing

Jay

Aayush Yadav

Dmitriy Mozgovoy

Ell Bradshaw

Amit Saini

Tommaso Paulon

Akki

Sampo Silvennoinen

Kasper Isager Dalsgarð

Christian Clauss

Pavan Welihinda

Taylor Flatt

Kenzo Wada

Ngole Lawson

Haven

Shrivali Dutt

Henco Appel

Release v1.7.7

Release notes:

Bug Fixes

... (truncated)

Changelog

Sourced from axios's changelog.

1.7.9 (2024-12-04)

Reverts

Revert "fix(types): export CJS types from ESM (#6218)" (#6729) (c44d2f2), closes #6218 #6729

Contributors to this release

Jay

1.7.8 (2024-11-25)

Bug Fixes

allow passing a callback as paramsSerializer to buildURL (#6680) (eac4619)

core: fixed config merging bug (#6668) (5d99fe4)

fixed width form to not shrink after 'Send Request' button is clicked (#6644) (7ccd5fd)

http: add support for File objects as payload in http adapter (#6588) (#6605) (6841d8d)

http: fixed proxy-from-env module import (#5222) (12b3295)

http: use globalThis.TextEncoder when available (#6634) (df956d1)

ios11 breaks when build (#6608) (7638952)

types: add missing types for mergeConfig function (#6590) (00de614)

types: export CJS types from ESM (#6218) (c71811b)

updated stream aborted error message to be more clear (#6615) (cc3217a)

use URL API instead of DOM to fix a potential vulnerability warning; (#6714) (0a8d6e1)

Contributors to this release

Remco Haszing

Jay

Aayush Yadav

Dmitriy Mozgovoy

Ell Bradshaw

Amit Saini

Tommaso Paulon

Akki

Sampo Silvennoinen

Kasper Isager Dalsgarð

Christian Clauss

Pavan Welihinda

Taylor Flatt

Kenzo Wada

Ngole Lawson

Haven

Shrivali Dutt

Henco Appel

1.7.7 (2024-08-31)

... (truncated)

Commits

b2cb45d chore(release): v1.7.9 (#6730)
c44d2f2 Revert "fix(types): export CJS types from ESM (#6218)" (#6729)
415ca94 chore(release): v1.7.8 (#6715)
0a8d6e1 fix: use URL API instead of DOM to fix a potential vulnerability warning; (#6...
c71811b fix(types): export CJS types from ESM (#6218)
4355a6d chore(sponsor): update sponsor block (#6709)
5d54d22 chore(sponsor): update sponsor block (#6707)
eac4619 fix: allow passing a callback as paramsSerializer to buildURL (#6680)
df956d1 fix(http): use globalThis.TextEncoder when available (#6634)
7139ce9 chore(deps): bump cookie and socket.io (#6704)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jasonsaayman, a new releaser for axios since your current version.

Updates @azure/msal-node from 1.6.0 to 1.18.4

Commits

bf61f42 Update popup & redirect flows to use invokeAsync (#6612)
13e8fc5 Update configuration.md (#6568)
ffe542b Fix downstream ESM imports, fixes #6573 (#6600)
bfb5b4a Bump next from 13.4.19 to 13.5.0 (#6606)
5f49a5e Refactor token cache entities into types (#6580)
f0092e2 Add pipeline to run 1p PWB e2e tests (#6598)
a944241 Fix iframe fallback when RT is not found in cache (#6599)
289b937 Add express session maxAge (#6554)
3e4c956 Don't use temporary cache for silent & popup flows (#6586)
ce665da October Release #2 (#6587)
Additional commits viewable in compare view

Updates ejs from 3.1.3 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

v3.1.9

Version 3.1.9

v3.1.8

Version 3.1.8

v3.1.7

Version 3.1.7

v3.1.6

Version 3.1.6

v3.1.5

Version 3.1.5

Commits

d3f807d Version 3.1.10
9ee26dd Mocha TDD
e469741 Basic pollution protection
715e950 Merge pull request #756 from Jeffrey-mu/main
cabe314 Include advanced usage examples
29b076c Added header
11503c7 Merge branch 'main' of github.com:mde/ejs into main
7690404 Added security banner to README
f47d7ae Update SECURITY.md
828cea1 Update SECURITY.md
Additional commits viewable in compare view

Updates express from 4.17.1 to 4.20.0

Release notes

Sourced from express's releases.

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

deps: encodeurl@~2.0.0 by @blakeembrey in expressjs/express#5569

skip QUERY method test by @jonchurch in expressjs/express#5628

ignore ETAG query test on 21 and 22, reuse skip util by @jonchurch in expressjs/express#5639

add support Node.js@22 in the CI by @mertcanaltin in expressjs/express#5627

doc: add table of contents, tc/triager lists to readme by @mertcanaltin in expressjs/express#5619

List and sort all projects, add captains by @blakeembrey in expressjs/express#5653

docs: add @UlisesGascon as captain for cookie-parser by @UlisesGascon in expressjs/express#5666

✨ bring back query tests for node 21 by @ctcpip in expressjs/express#5690

[v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by @jonchurch in expressjs/express#5672

skip QUERY tests for Node 21 only, still not supported by @jonchurch in expressjs/express#5695

📝 update people, add ctcpip to TC by @ctcpip in expressjs/express#5683

remove minor version pinning from ci by @jonchurch in expressjs/express#5722

Fix link variable use in attribution section of CODE OF CONDUCT by @IamLizu in expressjs/express#5762

Replace Appveyor windows testing with GHA by @jonchurch in expressjs/express#5599

Add OSSF Scorecard badge by @UlisesGascon in expressjs/express#5436

update scorecard link by @bjohansebas in expressjs/express#5814

Nominate @IamLizu to the triage team by @UlisesGascon in expressjs/express#5836

deps: path-to-regexp@0.1.8 by @blakeembrey in expressjs/express#5603

docs: specify new instructions for question and discuss by @IamLizu in expressjs/express#5835

4.x: Upgrade merge-descriptors dependency by @RobinTail in expressjs/express#5781

path-to-regexp@0.1.10 by @blakeembrey in expressjs/express#5902

New Contributors

@marco-ippolito made their first contribution in expressjs/express#5565

@inigomarquinez made their first contribution in expressjs/express#5590

@mertcanaltin made their first contribution in expressjs/express#5627

@ctcpip made their first contribution in expressjs/express#5690

@bjohansebas made their first contribution in expressjs/express#5814

Full Changelog: expressjs/express@4.19.1...4.20.0

... (truncated)

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

deps: serve-static@0.16.0

Remove link renderization in html while redirecting

deps: send@0.19.0

Remove link renderization in html while redirecting

deps: body-parser@0.6.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: path-to-regexp@0.1.10

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align better with URL spec

Deprecate passing options.maxAge and options.expires to res.clearCookie

Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: cookie@0.6.0

4.18.3 / 2024-02-29

Fix routing requests without method

deps: body-parser@1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: raw-body@2.5.2

deps: cookie@0.6.0

Add partitioned option

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: body-parser@1.20.1

... (truncated)

Commits

21df421 4.20.0
4c9ddc1 feat: upgrade to serve-static@0.16.0
9ebe5d5 feat: upgrade to send@0.19.0 (#5928)
ec4a01b feat: upgrade to body-parser@1.20.3 (#5926)
54271f6 fix: don't render redirect values in anchor href
125bb74 path-to-regexp@0.1.10 (#5902)
2a980ad merge-descriptors@1.0.3 (#5781)
a3e7e05 docs: specify new instructions for question and discuss
c5addb9 deps: path-to-regexp@0.1.8 (#5603)
e35380a docs: add @IamLizu to the triage team (#5836)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.

Updates jsonwebtoken from 8.5.1 to 9.0.0

Changelog

Sourced from jsonwebtoken's changelog.

9.0.0 - 2022-12-21

Breaking changes: See Migration from v8 to v9

Breaking changes

Removed support for Node versions 11 and below.

The verify() function no longer accepts unsigned tokens by default. ([834503079514b72264fd13023a3b8d648afd6a16]auth0/node-jsonwebtoken@8345030)

RSA key size must be 2048 bits or greater. ([ecdf6cc6073ea13a7e71df5fad043550f08d0fa6]auth0/node-jsonwebtoken@ecdf6cc)

Key types must be valid for the signing / verification algorithm

Security fixes

security: fixes Arbitrary File Write via verify function - CVE-2022-23529

security: fixes Insecure default algorithm in jwt.verify() could lead to signature validation bypass - CVE-2022-23540

security: fixes Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC - CVE-2022-23541

security: fixes Unrestricted key type could lead to legacy keys usage - CVE-2022-23539

Commits

e1fa9dc Merge pull request from GHSA-8cf7-32gw-wr33
5eaedbf chore(ci): remove github test actions job (#861)
cd4163e chore(ci): configure Github Actions jobs for Tests & Security Scanning (#856)
ecdf6cc fix!: Prevent accidental use of insecure key sizes & misconfiguration of secr...
8345030 fix(sign&verify)!: Remove default none support from sign and verify met...
7e6a86b Upload OpsLevel YAML (#849)
74d5719 docs: update references vercel/ms references (#770)
d71e383 docs: document "invalid token" error
3765003 docs: fix spelling in README.md: Peak -> Peek (#754)
a46097e docs: make decode impossible to discover before verify
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by julien.wollscheid, a new releaser for jsonwebtoken since your current version.

Updates marked from 1.1.0 to 4.0.10

Release notes

Sourced from marked's releases.

v4.0.10

4.0.10 (2022-01-13)

Bug Fixes

security: fix redos vulnerabilities (8f80657)

v4.0.9

4.0.9 (2022-01-06)

Bug Fixes

retain line breaks in tokens properly (#2341) (a9696e2)

v4.0.8

4.0.8 (2021-12-19)

Bug Fixes

spaces on a newline after a table (#2319) (f82ea2c)

v4.0.7

4.0.7 (2021-12-09)

Bug Fixes

Fix every third list item broken (#2318) (346b162), closes #2314

v4.0.6

4.0.6 (2021-12-02)

Bug Fixes

speed up parsing long lists (#2302) (e0005d8)

v4.0.5

4.0.5 (2021-11-25)

Bug Fixes

table after paragraph without blank line (#2298) (5714212)

v4.0.4

4.0.4 (2021-11-19)

... (truncated)

Commits

ae01170 chore(release): 4.0.10 [skip ci]
fceda57 🗜️ build [skip ci]
8f80657 fix(security): fix redos vulnerabilities
c4a3ccd Merge pull request from GHSA-rrrm-qjm4-v8hf
d7212a6 chore(deps-dev): Bump jasmine from 4.0.0 to 4.0.1 (#2352)
5a84db5 chore(deps-dev): Bump rollup from 2.62.0 to 2.63.0 (#2350)
2bc67a5 chore(deps-dev): Bump markdown-it from 12.3.0 to 12.3.2 (#2351)
98996b8 chore(deps-dev): Bump @babel/preset-env from 7.16.5 to 7.16.7 (#2353)
ebc2c95 chore(deps-dev): Bump highlight.js from 11.3.1 to 11.4.0 (#2354)
e5171a9 chore(release): 4.0.9 [skip ci]
Additional commits viewable in compare view

Updates sanitize-html from 1.27.0 to 2.12.1

Changelog

Sourced from sanitize-html's changelog.

2.12.1 (2024-02-22)

Do not parse sourcemaps in post-css. This fixes a vulnerability in which information about the existence or non-existence of files on a server could be disclosed via properly crafted HTML input when the style attribute is allowed by the configuration. Thanks to the Snyk Security team for the disclosure and to Dylan Armstrong for the fix.

2.12.0 (2024-02-21)

Introduced the allowedEmptyAttributes option, enabling explicit specification of empty string values for select attributes, with the default attribute set to alt. Thanks to Na for the contribution.

Clarified the use of SVGs with a new test and changes to documentation. Thanks to Gauav Kumar for the contribution.

Do not process source maps when processing style tags with PostCSS.

2.11.0 (2023-06-21)

Fix to allow false in allowedClasses attributes. Thanks to Kevin Jiang for this fix!

Upgrade mocha version

Apply small linter fixes in tests

Add .idea temp files to .gitignore

Thanks to Vitalii Shpital for the updates!

Show parseStyleAttributes warning in browser only. Thanks to mog422 for this update!

Remove empty non-boolean attributes via an exhaustive, configurable list of known non-boolean attributes. Thanks to Dylan Armstrong for this update!

2.10.0 (2023-02-17)

Fix auto-adding escaped closing tags. In other words, do not add implied closing tags to disallowed tags when disallowedTagMode is set to any variant of escape -- just escape the disallowed tags that are present. This fixes [issue #464](apostrophecms/sanitize-html#464). Thanks to Daniel Liebner

Add tagAllowed() helper function which takes a tag name and checks it against options.allowedTags and returns true if the tag is allowed and false if it is not.

2.9.0 (2023-01-27)

Add option parseStyleAttributes to skip style parsing. This fixes [issue #547](apostrophecms/sanitize-html#547). Thanks to Bert Verhelst.

2.8.1 (2022-12-21)

If the argument is a number, convert it to a string, for backwards compatibility. Thanks to Alexander Schranz.

2.8.0 (2022-12-12)

Upgrades htmlparser2 to new major version ^8.0.0. Thanks to Kedar Chandrayan for this contribution.

2.7.3 (2022-10-24)

If allowedTags is falsy but not exactly false, then do not assume that all tags are allowed. Rather, allow no tags in this case, to be on the safe side. This matches the existing documentation and fixes [issue #176](apostrophecms/sanitize-html#176). Thanks to Kedar Chandrayan for the fix.

2.7.2 (2022-09-15)

Closing tags must agree with opening tags. This fixes [issue #549](apostrophecms/sanitize-html#549), in which closing tags not associated with any permitted opening tag could be passed through. No known exploit exists, but it's better not to permit this. Thanks to Kedar Chandrayan for the report and the fix.

2.7.1 (2022-07-20)

... (truncated)

Commits

See full diff in compare view

Updates xml2js from 0.4.23 to 0.6.2

Commits

See full diff in compare view

Updates aws-sdk from 2.814.0 to 2.1692.0

Changelog

Sourced from aws-sdk's changelog.

2.814.0

bugfix: Credentials: SDK will throw if shared ini file's profile name can be resolved to proto

feature: EC2: EBS io2 volumes now supports Multi-Attach

feature: PersonalizeRuntime: Updated FilterValues regex pattern to align with Filter Expression.

feature: RDS: Adds IAM DB authentication information to the PendingModifiedValues output of the DescribeDBInstances API. Adds ClusterPendingModifiedValues information to the output of the DescribeDBClusters API.

2.813.0

feature: ConfigService: Adding PutExternalEvaluation API which grants permission to deliver evaluation result to AWS Config

feature: DLM: Provide Cross-account copy event based policy support in DataLifecycleManager (DLM)

feature: EC2: C6gn instances are powered by AWS Graviton2 processors and offer 100 Gbps networking bandwidth. These instances deliver up to 40% better price-performance benefit versus comparable x86-based instances

feature: Imagebuilder: This release adds support for building and distributing container images within EC2 Image Builder.

feature: KMS: Added CreationDate and LastUpdatedDate timestamps to ListAliases API response

feature: Route53: This release adds support for DNSSEC signing in Amazon Route 53.

feature: Route53Resolver: Route 53 Resolver adds support for enabling resolver DNSSEC validation in virtual private cloud (VPC).

feature: SQS: Amazon SQS adds queue attributes to enable high throughput FIFO.

feature: ServiceCatalog: Support TagOptions sharing with Service Catalog portfolio sharing.

2.812.0

feature: CostExplorer: This release updates the "MonitorArnList" from a list of String to be a list of Arn for both CreateAnomalySubscription and UpdateAnomalySubscription APIs

feature: Location: Initial release of Amazon Location Service. A new geospatial service providing capabilities to render maps, geocode/reverse geocode, track device locations, and detect geofence entry/exit events.

feature: QuickSight: QuickSight now supports connecting to federated data sources of Athena

feature: WellArchitected: This is the first release of AWS Well-Architected Tool API support, use to review your workload and compare against the latest AWS architectural best practices.

2.811.0

feature: Amp: (New Service) Amazon Managed Service for Prometheus is a fully managed Prometheus-compatible monitoring service that makes it easy to monitor containerized applications securely and at scale.

feature: GreengrassV2: AWS IoT Greengrass V2 is a new major version of AWS IoT Greengrass. This release adds several updates such as modular components, continuous deployments, and improved ease of use.

feature: IoTAnalytics: FileFormatConfiguration enables data store to save data in JSON or Parquet format. S3Paths enables you to specify the S3 objects that save your channel messages when you reprocess the pipeline.

feature: IoTFleetHub: AWS IoT Fleet Hub, a new feature of AWS IoT Device Management that provides a web application for monitoring and managing device fleets connected to AWS IoT at scale.

feature: IoTWireless: AWS IoT for LoRaWAN enables customers to setup a private LoRaWAN network by connecting their LoRaWAN devices and gateways to the AWS cloud without managing a LoRaWAN Network Server.

feature: Iot: AWS IoT Rules Engine adds Kafka Action that allows sending data to Apache Kafka clusters inside a VPC. AWS IoT Device Defender adds custom metrics and machine-learning based anomaly detection.

feature: IotDeviceAdvisor: AWS IoT Core Device Advisor is fully managed test capability for IoT devices. Device manufacturers can use Device Advisor to test their IoT devices for reliable and secure connectivity with AWS IoT.

feature: Lambda: Added support for Apache Kafka as a event source. Added support for TumblingWindowInSeconds for streams event source mappings. Added support for FunctionResponseTypes for streams event source mappings

feature: SSM: Adding support for Change Manager API content

2.810.0

feature: DevOpsGuru: Documentation updates for DevOps Guru.

feature: EC2: Add c5n.metal to e...
Description has been truncated

Bumps the npm_and_yarn group with 16 updates in the / directory: | Package | From | To | | --- | --- | --- | | [aws-sdk](https://github.com/aws/aws-sdk-js) | `2.706.0` | `2.814.0` | | [axios](https://github.com/axios/axios) | `0.21.1` | `1.7.9` | | [@azure/msal-node](https://github.com/AzureAD/microsoft-authentication-library-for-js) | `1.6.0` | `1.18.4` | | [ejs](https://github.com/mde/ejs) | `3.1.3` | `3.1.10` | | [express](https://github.com/expressjs/express) | `4.17.1` | `4.20.0` | | [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `8.5.1` | `9.0.0` | | [marked](https://github.com/markedjs/marked) | `1.1.0` | `4.0.10` | | [sanitize-html](https://github.com/apostrophecms/sanitize-html) | `1.27.0` | `2.12.1` | | [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) | `0.4.23` | `0.6.2` | | [aws-sdk](https://github.com/aws/aws-sdk-js) | `2.814.0` | `2.1692.0` | | [braces](https://github.com/micromatch/braces) | `3.0.2` | `3.0.3` | | [json-bigint](https://github.com/sidorares/json-bigint) | `0.3.0` | `1.0.0` | | [gcp-metadata](https://github.com/googleapis/gcp-metadata) | `4.1.0` | `4.3.1` | | [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.1` | `2.7.0` | | [node-forge](https://github.com/digitalbazaar/forge) | `0.9.1` | `1.3.1` | | [google-p12-pem](https://github.com/googleapis/google-p12-pem) | `3.0.1` | `3.1.4` | | [qs](https://github.com/ljharb/qs) | `6.7.0` | `6.13.1` | Updates `aws-sdk` from 2.706.0 to 2.814.0 - [Release notes](https://github.com/aws/aws-sdk-js/releases) - [Changelog](https://github.com/aws/aws-sdk-js/blob/v2.814.0/CHANGELOG.md) - [Commits](aws/aws-sdk-js@v2.706.0...v2.814.0) Updates `axios` from 0.21.1 to 1.7.9 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v0.21.1...v1.7.9) Updates `@azure/msal-node` from 1.6.0 to 1.18.4 - [Release notes](https://github.com/AzureAD/microsoft-authentication-library-for-js/releases) - [Commits](AzureAD/microsoft-authentication-library-for-js@msal-node-v1.6.0...msal-node-v1.18.4) Updates `ejs` from 3.1.3 to 3.1.10 - [Release notes](https://github.com/mde/ejs/releases) - [Commits](mde/ejs@v3.1.3...v3.1.10) Updates `express` from 4.17.1 to 4.20.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.1...4.20.0) Updates `jsonwebtoken` from 8.5.1 to 9.0.0 - [Changelog](https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md) - [Commits](auth0/node-jsonwebtoken@v8.5.1...v9.0.0) Updates `marked` from 1.1.0 to 4.0.10 - [Release notes](https://github.com/markedjs/marked/releases) - [Changelog](https://github.com/markedjs/marked/blob/master/.releaserc.json) - [Commits](markedjs/marked@v1.1.0...v4.0.10) Updates `sanitize-html` from 1.27.0 to 2.12.1 - [Changelog](https://github.com/apostrophecms/sanitize-html/blob/main/CHANGELOG.md) - [Commits](https://github.com/apostrophecms/sanitize-html/commits/2.12.1) Updates `xml2js` from 0.4.23 to 0.6.2 - [Commits](https://github.com/Leonidas-from-XIV/node-xml2js/commits/0.6.2) Updates `aws-sdk` from 2.814.0 to 2.1692.0 - [Release notes](https://github.com/aws/aws-sdk-js/releases) - [Changelog](https://github.com/aws/aws-sdk-js/blob/v2.814.0/CHANGELOG.md) - [Commits](aws/aws-sdk-js@v2.706.0...v2.814.0) Updates `follow-redirects` from 1.13.3 to 1.15.9 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.13.3...v1.15.9) Updates `body-parser` from 1.19.0 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.19.0...1.20.3) Updates `braces` from 3.0.2 to 3.0.3 - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) Updates `cookie` from 0.4.0 to 0.6.0 - [Release notes](https://github.com/jshttp/cookie/releases) - [Changelog](https://github.com/jshttp/cookie/blob/v0.6.0/HISTORY.md) - [Commits](jshttp/cookie@v0.4.0...v0.6.0) Updates `json-bigint` from 0.3.0 to 1.0.0 - [Commits](sidorares/json-bigint@v0.3.0...v1.0.0) Updates `gcp-metadata` from 4.1.0 to 4.3.1 - [Release notes](https://github.com/googleapis/gcp-metadata/releases) - [Changelog](https://github.com/googleapis/gcp-metadata/blob/main/CHANGELOG.md) - [Commits](googleapis/gcp-metadata@v4.1.0...v4.3.1) Updates `minimatch` from 3.0.4 to 3.1.2 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.2) Updates `node-fetch` from 2.6.1 to 2.7.0 - [Release notes](https://github.com/node-fetch/node-fetch/releases) - [Commits](node-fetch/node-fetch@v2.6.1...v2.7.0) Updates `node-forge` from 0.9.1 to 1.3.1 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@0.9.1...v1.3.1) Updates `google-p12-pem` from 3.0.1 to 3.1.4 - [Release notes](https://github.com/googleapis/google-p12-pem/releases) - [Changelog](https://github.com/googleapis/google-p12-pem/blob/main/CHANGELOG.md) - [Commits](googleapis/google-p12-pem@v3.0.1...v3.1.4) Updates `path-to-regexp` from 0.1.7 to 0.1.10 - [Release notes](https://github.com/pillarjs/path-to-regexp/releases) - [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md) - [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.10) Updates `postcss` from 7.0.32 to 8.4.49 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@7.0.32...8.4.49) Updates `qs` from 6.7.0 to 6.13.1 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.7.0...v6.13.1) Updates `semver` from 5.7.1 to 7.6.3 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v7.6.3) Updates `send` from 0.17.1 to 0.18.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.17.1...0.18.0) Updates `serve-static` from 1.14.1 to 1.16.0 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/master/HISTORY.md) - [Commits](expressjs/serve-static@v1.14.1...1.16.0) --- updated-dependencies: - dependency-name: aws-sdk dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: "@azure/msal-node" dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: ejs dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: jsonwebtoken dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: marked dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: sanitize-html dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: xml2js dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: aws-sdk dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: braces dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json-bigint dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: gcp-metadata dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-fetch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-forge dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: google-p12-pem dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: path-to-regexp dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: serve-static dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added the dependencies Pull requests that update a dependency file label Dec 23, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 1 directory with 25 updates#4

Bump the npm_and_yarn group across 1 directory with 25 updates#4
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/npm_and_yarn-758ba9647e

dependabot Bot commented on behalf of github Dec 23, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Dec 23, 2024

2.814.0

2.813.0

2.812.0

2.811.0

2.810.0

2.809.0

2.808.0

2.807.0

Release v1.7.9

Release notes:

Reverts

Contributors to this release

Release v1.7.8

Release notes:

Bug Fixes

Contributors to this release

Release v1.7.7

Release notes:

Bug Fixes

1.7.9 (2024-12-04)

Reverts

Contributors to this release

1.7.8 (2024-11-25)

Bug Fixes

Contributors to this release

1.7.7 (2024-08-31)

v3.1.10

v3.1.9

v3.1.8

v3.1.7

v3.1.6

v3.1.5

4.20.0

What's Changed

Important

Other Changes

New Contributors

4.20.0 / 2024-09-10

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

4.18.2 / 2022-10-08

9.0.0 - 2022-12-21

Breaking changes

Security fixes

v4.0.10

4.0.10 (2022-01-13)

Bug Fixes

v4.0.9

4.0.9 (2022-01-06)

Bug Fixes

v4.0.8

4.0.8 (2021-12-19)

Bug Fixes

v4.0.7

4.0.7 (2021-12-09)

Bug Fixes

v4.0.6

4.0.6 (2021-12-02)

Bug Fixes

v4.0.5

4.0.5 (2021-11-25)

Bug Fixes

v4.0.4

4.0.4 (2021-11-19)

2.12.1 (2024-02-22)

2.12.0 (2024-02-21)

2.11.0 (2023-06-21)

2.10.0 (2023-02-17)

2.9.0 (2023-01-27)

2.8.1 (2022-12-21)

2.8.0 (2022-12-12)

2.7.3 (2022-10-24)

2.7.2 (2022-09-15)

2.7.1 (2022-07-20)

2.814.0

2.813.0