chore(deps): bump body-parser, express, @nestjs/core, @nestjs/microservices, @nestjs/platform-express, @nestjs/swagger and @nestjs/testing #359

dependabot · 2024-09-16T22:01:02Z

Bumps body-parser to 1.20.3 and updates ancestor dependencies body-parser, express, @nestjs/core, @nestjs/microservices, @nestjs/platform-express, @nestjs/swagger and @nestjs/testing. These dependencies need to be updated together.

Updates body-parser from 1.20.2 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/body-parser#522

ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/body-parser#523

fix: pin to [email protected] by @wesleytodd in expressjs/body-parser#527

deps: [email protected] by @melikhov-dev in expressjs/body-parser#521

Add OSSF Scorecard badge by @bjohansebas in expressjs/body-parser#531

Linter by @UlisesGascon in expressjs/body-parser#534

Release: 1.20.3 by @UlisesGascon in expressjs/body-parser#535

New Contributors

@inigomarquinez made their first contribution in expressjs/body-parser#522

@melikhov-dev made their first contribution in expressjs/body-parser#521

@bjohansebas made their first contribution in expressjs/body-parser#531

@UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Commits

1752951 1.20.3
39744cf chore: linter (#534)
b2695c4 Merge commit from fork
ade0f3f add scorecard to readme (#531)
99a1bd6 deps: [email protected] (#521)
9478591 fix: pin to [email protected]
83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
9d4e212 chore: add support for OSSF scorecard reporting (#522)
See full diff in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates express from 4.18.2 to 4.21.0

Release notes

Sourced from express's releases.

4.21.0

What's Changed

Deprecate "back" magic string in redirects by @blakeembrey in expressjs/express#5935

[email protected] by @wesleytodd in expressjs/express#5954

fix(deps): [email protected] by @wesleytodd in expressjs/express#5951

Upgraded dependency qs to 6.13.0 to match qs in body-parser by @agadzinski93 in expressjs/express#5946

New Contributors

@agadzinski93 made their first contribution in expressjs/express#5946

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

deps: encodeurl@~2.0.0 by @blakeembrey in expressjs/express#5569

skip QUERY method test by @jonchurch in expressjs/express#5628

ignore ETAG query test on 21 and 22, reuse skip util by @jonchurch in expressjs/express#5639

add support Node.js@22 in the CI by @mertcanaltin in expressjs/express#5627

doc: add table of contents, tc/triager lists to readme by @mertcanaltin in expressjs/express#5619

List and sort all projects, add captains by @blakeembrey in expressjs/express#5653

docs: add @UlisesGascon as captain for cookie-parser by @UlisesGascon in expressjs/express#5666

✨ bring back query tests for node 21 by @ctcpip in expressjs/express#5690

[v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by @jonchurch in expressjs/express#5672

skip QUERY tests for Node 21 only, still not supported by @jonchurch in expressjs/express#5695

📝 update people, add ctcpip to TC by @ctcpip in expressjs/express#5683

remove minor version pinning from ci by @jonchurch in expressjs/express#5722

Fix link variable use in attribution section of CODE OF CONDUCT by @IamLizu in expressjs/express#5762

Replace Appveyor windows testing with GHA by @jonchurch in expressjs/express#5599

Add OSSF Scorecard badge by @UlisesGascon in expressjs/express#5436

update scorecard link by @bjohansebas in expressjs/express#5814

Nominate @IamLizu to the triage team by @UlisesGascon in expressjs/express#5836

deps: [email protected] by @blakeembrey in expressjs/express#5603

... (truncated)

Changelog

Sourced from express's changelog.

4.21.0 / 2024-09-11

Deprecate res.location("back") and res.redirect("back") magic string

deps: [email protected]

includes [email protected]

deps: [email protected]

deps: [email protected]

4.20.0 / 2024-09-10

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

Remove link renderization in html while redirecting

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: [email protected]

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align better with URL spec

Deprecate passing options.maxAge and options.expires to res.clearCookie

Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: [email protected]

4.18.3 / 2024-02-29

Fix routing requests without method

deps: [email protected]

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

... (truncated)

Commits

7e562c6 4.21.0
1bcde96 fix(deps): [email protected] (#5946)
7d36477 fix(deps): [email protected] (#5951)
40d2d8f fix(deps): [email protected]
77ada90 Deprecate "back" magic string in redirects (#5935)
21df421 4.20.0
4c9ddc1 feat: upgrade to [email protected]
9ebe5d5 feat: upgrade to [email protected] (#5928)
ec4a01b feat: upgrade to [email protected] (#5926)
54271f6 fix: don't render redirect values in anchor href
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates @nestjs/core from 9.4.0 to 10.4.2

Release notes

Sourced from @nestjs/core's releases.

v10.4.2 (2024-09-16)

Dependencies

common, core, microservices, platform-express, platform-fastify, platform-socket.io, platform-ws, testing, websockets

#13911 chore(deps): bump tslib from 2.6.3 to 2.7.0 (@dependabot[bot])

platform-fastify

#13938 chore(deps): bump light-my-request from 5.13.0 to 6.0.0 (@dependabot[bot])

Other

#13936 chore(deps-dev): bump lint-staged from 15.2.9 to 15.2.10 (@dependabot[bot])

#13946 chore(deps): bump webpack and @nestjs/cli in /sample/02-gateways (@dependabot[bot])

#13947 chore(deps-dev): bump webpack from 5.91.0 to 5.94.0 (@dependabot[bot])

#13966 chore(deps): bump dset from 3.1.2 to 3.1.4 in /sample/32-graphql-federation-schema-first/gateway (@dependabot[bot])

#13967 chore(deps): bump dset from 3.1.3 to 3.1.4 (@dependabot[bot])

#13968 chore(deps-dev): bump @commitlint/cli from 19.4.0 to 19.5.0 (@dependabot[bot])

#13969 chore(deps-dev): bump mongoose from 8.6.0 to 8.6.2 (@dependabot[bot])

#13973 chore(deps-dev): bump @types/node from 22.5.1 to 22.5.5 (@dependabot[bot])

#13922 chore(deps): bump @apollo/gateway from 2.2.3 to 2.9.0 in /sample/31-graphql-federation-code-first/users-application (@dependabot[bot])

#13921 chore(deps): bump @apollo/query-planner from 2.4.8 to 2.9.0 in /sample/31-graphql-federation-code-first/posts-application (@dependabot[bot])

#13926 chore(deps-dev): bump mongoose from 8.5.3 to 8.6.0 (@dependabot[bot])

#13928 chore(deps-dev): bump @types/node from 22.5.0 to 22.5.1 (@dependabot[bot])

#13929 chore(deps-dev): bump @commitlint/config-angular from 19.3.0 to 19.4.1 (@dependabot[bot])

#13893 chore(deps-dev): bump @typescript-eslint/eslint-plugin from 7.18.0 to 8.2.0 (@dependabot[bot])

#13896 chore(deps-dev): bump husky from 9.1.4 to 9.1.5 (@dependabot[bot])

#13897 chore(deps-dev): bump core-js from 3.38.0 to 3.38.1 (@dependabot[bot])

#13901 chore(deps-dev): bump @types/node from 22.3.0 to 22.5.0 (@dependabot[bot])

#13902 chore(deps-dev): bump artillery from 2.0.19 to 2.0.20 (@dependabot[bot])

#13884 chore(deps-dev): bump mongoose from 8.5.2 to 8.5.3 (@dependabot[bot])

#13885 chore(deps-dev): bump lint-staged from 15.2.8 to 15.2.9 (@dependabot[bot])

#13890 chore(deps-dev): bump @types/node from 22.2.0 to 22.3.0 (@dependabot[bot])

Committers: 3

Kamil Mysliwiec (@kamilmysliwiec)

Micael Levi L. Cavalcante (@micalevisk)

@haouvw

v10.3.10 (2024-07-01)

Bug fixes

core

#13712 fix(core): when using forward references on exports array (@micalevisk)

Enhancements

platform-fastify

#13734 feat(fastify-adapter): support for skipping middie registration (@ancyrweb)

Dependencies

Other

#13706 chore(deps-dev): bump nodemon from 3.1.3 to 3.1.4 (@dependabot[bot])

#13716 chore(deps-dev): bump ts-morph from 22.0.0 to 23.0.0 (@dependabot[bot])

#13697 chore(deps): bump ws from 8.13.0 to 8.17.1 in /sample/16-gateways-ws (@dependabot[bot])

... (truncated)

Commits

696b441 chore(@nestjs) publish v10.4.2 release
fff4b96 chore(deps): bump tslib from 2.6.3 to 2.7.0
e0d2ba6 chore(core,express,fastify): fix deps with security issues
8b4af57 chore: fix some comments
67f32e8 chore(@nestjs) publish v10.4.1 release
6f624d1 chore: update readme
5bcd024 chore(@nestjs) publish v10.4.0 release
821b080 fix(core): unhandled promise rejection in interceptors consumer
b59d5ac chore(@nestjs) publish v10.3.10 release
284f437 docs: update readme
Additional commits viewable in compare view

Updates @nestjs/microservices from 9.4.0 to 10.4.2

Release notes

Sourced from @nestjs/microservices's releases.

v10.4.2 (2024-09-16)

Dependencies

common, core, microservices, platform-express, platform-fastify, platform-socket.io, platform-ws, testing, websockets

#13911 chore(deps): bump tslib from 2.6.3 to 2.7.0 (@dependabot[bot])

platform-fastify

#13938 chore(deps): bump light-my-request from 5.13.0 to 6.0.0 (@dependabot[bot])

Other

#13936 chore(deps-dev): bump lint-staged from 15.2.9 to 15.2.10 (@dependabot[bot])

#13946 chore(deps): bump webpack and @nestjs/cli in /sample/02-gateways (@dependabot[bot])

#13947 chore(deps-dev): bump webpack from 5.91.0 to 5.94.0 (@dependabot[bot])

#13966 chore(deps): bump dset from 3.1.2 to 3.1.4 in /sample/32-graphql-federation-schema-first/gateway (@dependabot[bot])

#13967 chore(deps): bump dset from 3.1.3 to 3.1.4 (@dependabot[bot])

#13968 chore(deps-dev): bump @commitlint/cli from 19.4.0 to 19.5.0 (@dependabot[bot])

#13969 chore(deps-dev): bump mongoose from 8.6.0 to 8.6.2 (@dependabot[bot])

#13973 chore(deps-dev): bump @types/node from 22.5.1 to 22.5.5 (@dependabot[bot])

#13922 chore(deps): bump @apollo/gateway from 2.2.3 to 2.9.0 in /sample/31-graphql-federation-code-first/users-application (@dependabot[bot])

#13921 chore(deps): bump @apollo/query-planner from 2.4.8 to 2.9.0 in /sample/31-graphql-federation-code-first/posts-application (@dependabot[bot])

#13926 chore(deps-dev): bump mongoose from 8.5.3 to 8.6.0 (@dependabot[bot])

#13928 chore(deps-dev): bump @types/node from 22.5.0 to 22.5.1 (@dependabot[bot])

#13929 chore(deps-dev): bump @commitlint/config-angular from 19.3.0 to 19.4.1 (@dependabot[bot])

#13893 chore(deps-dev): bump @typescript-eslint/eslint-plugin from 7.18.0 to 8.2.0 (@dependabot[bot])

#13896 chore(deps-dev): bump husky from 9.1.4 to 9.1.5 (@dependabot[bot])

#13897 chore(deps-dev): bump core-js from 3.38.0 to 3.38.1 (@dependabot[bot])

#13901 chore(deps-dev): bump @types/node from 22.3.0 to 22.5.0 (@dependabot[bot])

#13902 chore(deps-dev): bump artillery from 2.0.19 to 2.0.20 (@dependabot[bot])

#13884 chore(deps-dev): bump mongoose from 8.5.2 to 8.5.3 (@dependabot[bot])

#13885 chore(deps-dev): bump lint-staged from 15.2.8 to 15.2.9 (@dependabot[bot])

#13890 chore(deps-dev): bump @types/node from 22.2.0 to 22.3.0 (@dependabot[bot])

Committers: 3

Kamil Mysliwiec (@kamilmysliwiec)

Micael Levi L. Cavalcante (@micalevisk)

@haouvw

v10.3.10 (2024-07-01)

Bug fixes

core

#13712 fix(core): when using forward references on exports array (@micalevisk)

Enhancements

platform-fastify

#13734 feat(fastify-adapter): support for skipping middie registration (@ancyrweb)

Dependencies

Other

#13706 chore(deps-dev): bump nodemon from 3.1.3 to 3.1.4 (@dependabot[bot])

#13716 chore(deps-dev): bump ts-morph from 22.0.0 to 23.0.0 (@dependabot[bot])

#13697 chore(deps): bump ws from 8.13.0 to 8.17.1 in /sample/16-gateways-ws (@dependabot[bot])

... (truncated)

Commits

696b441 chore(@nestjs) publish v10.4.2 release
fff4b96 chore(deps): bump tslib from 2.6.3 to 2.7.0
67f32e8 chore(@nestjs) publish v10.4.1 release
6f624d1 chore: update readme
0c84c7e test: update client unit tests, add cleanup
1b8e328 fix(microservices): hold nats client connection promise ref #13880
5bcd024 chore(@nestjs) publish v10.4.0 release
ccfa23e Merge pull request #13731 from JadenKim-dev/grpc-package-name
b59d5ac chore(@nestjs) publish v10.3.10 release
284f437 docs: update readme
Additional commits viewable in compare view

Updates @nestjs/platform-express from 9.4.0 to 10.4.2

Release notes

Sourced from @nestjs/platform-express's releases.

v10.4.2 (2024-09-16)

Dependencies

common, core, microservices, platform-express, platform-fastify, platform-socket.io, platform-ws, testing, websockets

#13911 chore(deps): bump tslib from 2.6.3 to 2.7.0 (@dependabot[bot])

platform-fastify

#13938 chore(deps): bump light-my-request from 5.13.0 to 6.0.0 (@dependabot[bot])

Other

#13936 chore(deps-dev): bump lint-staged from 15.2.9 to 15.2.10 (@dependabot[bot])

#13946 chore(deps): bump webpack and @nestjs/cli in /sample/02-gateways (@dependabot[bot])

#13947 chore(deps-dev): bump webpack from 5.91.0 to 5.94.0 (@dependabot[bot])

#13966 chore(deps): bump dset from 3.1.2 to 3.1.4 in /sample/32-graphql-federation-schema-first/gateway (@dependabot[bot])

#13967 chore(deps): bump dset from 3.1.3 to 3.1.4 (@dependabot[bot])

#13968 chore(deps-dev): bump @commitlint/cli from 19.4.0 to 19.5.0 (@dependabot[bot])

#13969 chore(deps-dev): bump mongoose from 8.6.0 to 8.6.2 (@dependabot[bot])

#13973 chore(deps-dev): bump @types/node from 22.5.1 to 22.5.5 (@dependabot[bot])

#13922 chore(deps): bump @apollo/gateway from 2.2.3 to 2.9.0 in /sample/31-graphql-federation-code-first/users-application (@dependabot[bot])

#13921 chore(deps): bump @apollo/query-planner from 2.4.8 to 2.9.0 in /sample/31-graphql-federation-code-first/posts-application (@dependabot[bot])

#13926 chore(deps-dev): bump mongoose from 8.5.3 to 8.6.0 (@dependabot[bot])

#13928 chore(deps-dev): bump @types/node from 22.5.0 to 22.5.1 (@dependabot[bot])

#13929 chore(deps-dev): bump @commitlint/config-angular from 19.3.0 to 19.4.1 (@dependabot[bot])

#13893 chore(deps-dev): bump @typescript-eslint/eslint-plugin from 7.18.0 to 8.2.0 (@dependabot[bot])

#13896 chore(deps-dev): bump husky from 9.1.4 to 9.1.5 (@dependabot[bot])

#13897 chore(deps-dev): bump core-js from 3.38.0 to 3.38.1 (@dependabot[bot])

#13901 chore(deps-dev): bump @types/node from 22.3.0 to 22.5.0 (@dependabot[bot])

#13902 chore(deps-dev): bump artillery from 2.0.19 to 2.0.20 (@dependabot[bot])

#13884 chore(deps-dev): bump mongoose from 8.5.2 to 8.5.3 (@dependabot[bot])

#13885 chore(deps-dev): bump lint-staged from 15.2.8 to 15.2.9 (@dependabot[bot])

#13890 chore(deps-dev): bump @types/node from 22.2.0 to 22.3.0 (@dependabot[bot])

Committers: 3

Kamil Mysliwiec (@kamilmysliwiec)

Micael Levi L. Cavalcante (@micalevisk)

@haouvw

v10.3.10 (2024-07-01)

Bug fixes

core

#13712 fix(core): when using forward references on exports array (@micalevisk)

Enhancements

platform-fastify

#13734 feat(fastify-adapter): support for skipping middie registration (@ancyrweb)

Dependencies

Other

#13706 chore(deps-dev): bump nodemon from 3.1.3 to 3.1.4 (@dependabot[bot])

#13716 chore(deps-dev): bump ts-morph from 22.0.0 to 23.0.0 (@dependabot[bot])

#13697 chore(deps): bump ws from 8.13.0 to 8.17.1 in /sample/16-gateways-ws (@dependabot[bot])

... (truncated)

Commits

696b441 chore(@nestjs) publish v10.4.2 release
fff4b96 chore(deps): bump tslib from 2.6.3 to 2.7.0
e0d2ba6 chore(core,express,fastify): fix deps with security issues
67f32e8 chore(@nestjs) publish v10.4.1 release
6f624d1 chore: update readme
5bcd024 chore(@nestjs) publish v10.4.0 release
b59d5ac chore(@nestjs) publish v10.3.10 release
284f437 docs: update readme
99d31e3 chore(deps): bump tslib from 2.6.2 to 2.6.3
013dbd3 chore: update readmes
Additional commits viewable in compare view

Updates @nestjs/swagger from 6.3.0 to 7.4.1

Release notes

Sourced from @nestjs/swagger's releases.

Release 7.4.1

Merge pull request #3071 from nestjs/renovate/npm-path-to-regexp-vulnerability (057e560)

chore(deps): update dependency @types/jest to v29.5.13 (7721ad5)

chore(deps): update dependency husky to v9.1.6 (ba963e1)

fix(deps): update dependency path-to-regexp to v3.3.0 [security] (0c1e756)

chore(deps): update commitlint monorepo to v19.5.0 (4e13bb0)

chore(deps): update dependency express to v4.20.0 (df76aa1)

chore(deps): update typescript-eslint monorepo to v8.5.0 (f5f1b02)

chore(deps): update dependency @types/node to v20.16.5 (d1a3da6)

chore(deps): update dependency @types/node to v20.16.4 (f7098ce)

chore(deps): update dependency eslint-plugin-import to v2.30.0 (bdbbeb9)

chore(deps): update typescript-eslint monorepo to v8.4.0 (e3976b5)

chore(deps): update dependency lint-staged to v15.2.10 (2ef9f9e)

chore(deps): update dependency @types/node to v20.16.3 (526801f)

chore(deps): update commitlint monorepo to v19.4.1 (375e3ac)

chore(deps): update dependency @types/node to v20.16.2 (7f0b3a9)

chore(deps): update typescript-eslint monorepo to v8.3.0 (84cfcd2)

chore(deps): update dependency ts-jest to v29.2.5 (1374005)

chore(deps): update dependency husky to v9.1.5 (39a5a15)

chore(deps): update typescript-eslint monorepo to v8.2.0 (c3f98b2)

chore(deps): update dependency @types/node to v20.16.1 (ca5f7a5)

chore(deps): update dependency @types/node to v20.16.0 (5d4436f)

chore(deps): update dependency @types/node to v20.15.0 (986351f)

chore(deps): update nest monorepo to v10.4.1 (2e11b2d)

chore(deps): update dependency lint-staged to v15.2.9 (2e4b4dd)

chore(deps): update typescript-eslint monorepo to v8.1.0 (f499e54)

chore(deps): update nest monorepo to v10.4.0 (15ad2b6)

chore(deps): update dependency @types/node to v20.14.15 (ea25697)

chore(deps): update dependency @commitlint/cli to v19.4.0 (51d7f50)

chore(deps): update typescript-eslint monorepo to v8.0.1 (341918a)

chore(deps): update dependency lint-staged to v15.2.8 (02e0341)

chore(deps): update dependency @types/node to v20.14.14 (9cb4742)

chore(deps): update dependency ts-jest to v29.2.4 (ab74629)

chore(deps): update typescript-eslint monorepo to v8 (c5964c0)

chore(deps): update typescript-eslint monorepo to v7.18.0 (13f99fe)

chore(deps): update dependency husky to v9.1.4 (6715367)

chore(deps): update dependency @types/node to v20.14.13 (b122574)

chore(deps): update dependency husky to v9.1.3 (68b9814)

chore(deps): update dependency husky to v9.1.2 (6f83cd0)

chore(deps): update dependency @types/node to v20.14.12 (8323c3b)

chore(deps): update typescript-eslint monorepo to v7.17.0 (5f40531)

chore(deps): update dependency ts-jest to v29.2.3 (def2f77)

chore(deps): update dependency husky to v9.1.1 (7c175bb)

chore(deps): update dependency husky to v9.1.0 (0637912)

chore(deps): update dependency @types/node to v20.14.11 (28424c9)

chore(deps): update dependency @types/lodash to v4.17.7 (976d5c5)

chore(deps): update typescript-eslint monorepo to v7.16.1 (29f59e9)

chore(deps): update dependency release-it to v17.6.0 (f42c75f)

chore(deps): update dependency ts-jest to v29.2.2 (05db366)

chore(deps): update dependency ts-jest to v29.2.1 (b4e4f91)

... (truncated)

Commits

14f6521 chore(): release v7.4.1
057e560 Merge pull request #3071 from nestjs/renovate/npm-path-to-regexp-vulnerability
7721ad5 chore(deps): update dependency @types/jest to v29.5.13
ba963e1 chore(deps): update dependency husky to v9.1.6
0c1e756 fix(deps): update dependency path-to-regexp to v3.3.0 [security]
4e13bb0 chore(deps): update commitlint monorepo to v19.5.0
df76aa1 chore(deps): update dependency express to v4.20.0
f5f1b02 chore(deps): update typescript-eslint monorepo to v8.5.0
d1a3da6 chore(deps): update dependency @types/node to v20.16.5
f7098ce chore(deps): update dependency @types/node to v20.16.4
Additional commits viewable in compare view

Updates @nestjs/testing from 9.4.0 to 10.4.2

Release notes

Sourced from @nestjs/testing's releases.

v10.4.2 (2024-09-16)

Dependencies

common, core, microservices, platform-express, platform-fastify, platform-socket.io, platform-ws, testing, websockets

#13911 chore(deps): bump tslib from 2.6.3 to 2.7.0 (@dependabot[bot])

platform-fastify

#13938 chore(deps): bump light-my-request from 5.13.0 to 6.0.0 (@dependabot[bot])

Other

#13936 chore(deps-dev): bump lint-staged from 15.2.9 to 15.2.10 (@dependabot[bot])

#13946 chore(deps): bump webpack and @nestjs/cli in /sample/02-gateways (@dependabot[bot])

#13947 chore(deps-dev): bump webpack from 5.91.0 to 5.94.0 (@dependabot[bot])

#13966 chore(deps): bump dset from 3.1.2 to 3.1.4 in /sample/32-graphql-federation-schema-first/gateway (@dependabot[bot])

#13967 chore(deps): bump dset from 3.1.3 to 3.1.4 (@dependabot[bot])

#13968 chore(deps-dev): bump @commitlint/cli from 19.4.0 to 19.5.0 (@dependabot[bot])

#13969 chore(deps-dev): bump mongoose from 8.6.0 to 8.6.2 (@dependabot[bot])

#13973 chore(deps-dev): bump @types/node from 22.5.1 to 22.5.5 (@dependabot[bot])

#13922 chore(deps): bump @apollo/gateway from 2.2.3 to 2.9.0 in /sample/31-graphql-federation-code-first/users-application (@dependabot[bot])

#13921 chore(deps): bump @apollo/query-planner from 2.4.8 to 2.9.0 in /sample/31-graphql-federation-code-first/posts-application (@dependabot[bot])

#13926 chore(deps-dev): bump mongoose from 8.5.3 to 8.6.0 (@dependabot[bot])

#13928 chore(deps-dev): bump @types/node from 22.5.0 to 22.5.1 (@dependabot[bot])

#13929 chore(deps-dev): bump @commitlint/config-angular from 19.3.0 to 19.4.1 (@dependabot[bot])

#13893 chore(deps-dev): bump @typescript-eslint/eslint-plugin from 7.18.0 to 8.2.0 (@dependabot[bot])

#13896 chore(deps-dev): bump husky from 9.1.4 to 9.1.5 (@dependabot[bot])

#13897 chore(deps-dev): bump core-js from 3.38.0 to 3.38.1 (@dependabot[bot])

#13901 chore(deps-dev): bump @types/node from 22.3.0 to 22.5.0 (@dependabot[bot])

#13902 chore(deps-dev): bump artillery from 2.0.19 to 2.0.20 (@dependabot[bot])

#13884 chore(deps-dev): bump mongoose from 8.5.2 to 8.5.3 (@dependabot[bot])

#13885 chore(deps-dev): bump lint-staged from 15.2.8 to 15.2.9 (@dependabot[bot])

#13890 chore(deps-dev): bump @types/node from 22.2.0 to 22.3.0 (@dependabot[bot])

Committers: 3

Kamil Mysliwiec (@kamilmysliwiec)

Micael Levi L. Cavalcante (@micalevisk)

@haouvw

v10.3.10 (2024-07-01)

Bug fixes

core

#13712 fix(core): when using forward references on exports array (@micalevisk)

Enhancements

platform-fastify

#13734 feat(fastify-adapter): support for skipping middie registration (@ancyrweb)

Dependencies

Other

#13706 chore(deps-dev): bump nodemon from 3.1.3 to 3.1.4 (@dependabot[bot])

#13716 chore(deps-dev): bump ts-morph from 22.0.0 to 23.0.0 (@dependabot[bot])

#13697 chore(deps): bump ws from 8.13.0 to 8.17.1 in /sample/16-gateways-ws (@dependabot[bot])

... (truncated)

Commits

696b441 chore(@nestjs) publish v10.4.2 release
fff4b96 chore(deps): bump tslib from 2.6.3 to 2.7.0
67f32e8 chore(@nestjs) publish v10.4.1 release
6f624d1 chore: update readme
5bcd024 chore(@nestjs) publish v10.4.0 release
b59d5ac chore(@nestjs) publish v10.3.10 release
284f437 docs: update readme
99d31e3 chore(deps): bump tslib from 2.6.2 to 2.6.3
013dbd3 chore: update readmes
fcd2c58 chore(@nestjs) publish v10.3.9 release
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

[//]: # (dependabot-au...

Description has been truncated

…rvices, @nestjs/platform-express, @nestjs/swagger and @nestjs/testing Bumps [body-parser](https://github.com/expressjs/body-parser) to 1.20.3 and updates ancestor dependencies [body-parser](https://github.com/expressjs/body-parser), [express](https://github.com/expressjs/express), [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core), [@nestjs/microservices](https://github.com/nestjs/nest/tree/HEAD/packages/microservices), [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express), [@nestjs/swagger](https://github.com/nestjs/swagger) and [@nestjs/testing](https://github.com/nestjs/nest/tree/HEAD/packages/testing). These dependencies need to be updated together. Updates `body-parser` from 1.20.2 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.2...1.20.3) Updates `express` from 4.18.2 to 4.21.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.0/History.md) - [Commits](expressjs/express@4.18.2...4.21.0) Updates `@nestjs/core` from 9.4.0 to 10.4.2 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v10.4.2/packages/core) Updates `@nestjs/microservices` from 9.4.0 to 10.4.2 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v10.4.2/packages/microservices) Updates `@nestjs/platform-express` from 9.4.0 to 10.4.2 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v10.4.2/packages/platform-express) Updates `@nestjs/swagger` from 6.3.0 to 7.4.1 - [Release notes](https://github.com/nestjs/swagger/releases) - [Changelog](https://github.com/nestjs/swagger/blob/master/.release-it.json) - [Commits](nestjs/swagger@6.3.0...7.4.1) Updates `@nestjs/testing` from 9.4.0 to 10.4.2 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v10.4.2/packages/testing) --- updated-dependencies: - dependency-name: body-parser dependency-type: indirect - dependency-name: express dependency-type: indirect - dependency-name: "@nestjs/core" dependency-type: direct:production - dependency-name: "@nestjs/microservices" dependency-type: direct:production - dependency-name: "@nestjs/platform-express" dependency-type: direct:production - dependency-name: "@nestjs/swagger" dependency-type: direct:production - dependency-name: "@nestjs/testing" dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Sep 16, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump body-parser, express, @nestjs/core, @nestjs/microservices, @nestjs/platform-express, @nestjs/swagger and @nestjs/testing #359

chore(deps): bump body-parser, express, @nestjs/core, @nestjs/microservices, @nestjs/platform-express, @nestjs/swagger and @nestjs/testing #359

dependabot bot commented on behalf of github Sep 16, 2024

chore(deps): bump body-parser, express, @nestjs/core, @nestjs/microservices, @nestjs/platform-express, @nestjs/swagger and @nestjs/testing #359

Are you sure you want to change the base?

chore(deps): bump body-parser, express, @nestjs/core, @nestjs/microservices, @nestjs/platform-express, @nestjs/swagger and @nestjs/testing #359

Conversation

dependabot bot commented on behalf of github Sep 16, 2024

1.20.3

What's Changed

Important

Other changes

New Contributors

1.20.3 / 2024-09-10

4.21.0

What's Changed

New Contributors

4.20.0

What's Changed

Important

Other Changes

4.21.0 / 2024-09-11

4.20.0 / 2024-09-10

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

v10.4.2 (2024-09-16)

Dependencies

Committers: 3

v10.3.10 (2024-07-01)

Bug fixes

Enhancements

Dependencies

v10.4.2 (2024-09-16)

Dependencies

Committers: 3

v10.3.10 (2024-07-01)

Bug fixes

Enhancements

Dependencies

v10.4.2 (2024-09-16)

Dependencies

Committers: 3

v10.3.10 (2024-07-01)

Bug fixes

Enhancements

Dependencies

Release 7.4.1

v10.4.2 (2024-09-16)

Dependencies

Committers: 3

v10.3.10 (2024-07-01)

Bug fixes

Enhancements

Dependencies