Skip to content

Bump the npm_and_yarn group across 3 directories with 30 updates#1

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-005ae66205
Open

Bump the npm_and_yarn group across 3 directories with 30 updates#1
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-005ae66205

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Feb 1, 2025

Copy link
Copy Markdown

Bumps the npm_and_yarn group with 17 updates in the / directory:

Package From To
@redwoodjs/api 2.0.0 2.2.5
firebase 9.6.7 10.9.0
postcss 8.4.14 8.4.31
browserify-sign 4.2.1 4.2.3
decode-uri-component 0.2.0 0.2.2
dset 3.1.1 3.1.4
elliptic 6.5.4 6.6.1
es5-ext 0.10.53 0.10.64
express 4.18.1 4.21.2
follow-redirects 1.14.9 1.15.9
http-cache-semantics 4.1.0 4.1.1
http-proxy-middleware 2.0.6 2.0.7
jose 2.0.5 2.0.7
store2 2.13.1 2.14.4
tough-cookie 4.0.0 4.1.4
ua-parser-js 0.7.31 0.7.40
word-wrap 1.2.3 1.2.5

Bumps the npm_and_yarn group with 7 updates in the /api directory:

Package From To
@redwoodjs/api 0.41.0 2.2.5
axios 0.21.4 1.7.9
supertokens-node 9.0.0 21.1.0
crypto-js 4.1.1 4.2.0
@redwoodjs/api 2.2.5 8.5.0
jose 2.0.5 2.0.7
jsonwebtoken 8.5.1 removed
@clerk/clerk-sdk-node 2.10.0 5.1.6

Bumps the npm_and_yarn group with 1 update in the /web directory: firebase.

Updates @redwoodjs/api from 2.0.0 to 2.2.5

Changelog

Sourced from @​redwoodjs/api's changelog.

v2.2.5

v2.2.4

v2.2.3

v2.2.2

v2.2.1

v2.2.0

v2.1.1

v2.1.0

Commits

Updates firebase from 9.6.7 to 10.9.0

Commits

Updates postcss from 8.4.14 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

8.4.30

8.4.29

8.4.28

  • Fixed Root.source.end for better source map (by @​romainmenke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.

8.4.23

  • Fixed warnings in TypeDoc.

8.4.22

8.4.21

8.4.20

  • Fixed source map generation for childless at-rules like @layer.

8.4.19

  • Fixed whitespace preserving after AST transformations (by @​romainmenke).

8.4.18

  • Fixed an error on absolute: true with empty sourceContent (by @​KingSora).

8.4.17

8.4.16

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.31

8.4.30

  • Improved source map performance (by Romain Menke).

8.4.29

  • Fixed Node#source.offset (by Ido Rosenthal).
  • Fixed docs (by Christian Oliff).

8.4.28

  • Fixed Root.source.end for better source map (by Romain Menke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.

8.4.23

  • Fixed warnings in TypeDoc.

8.4.22

  • Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

  • Fixed Input#error types (by Aleks Hudochenkov).

8.4.20

  • Fixed source map generation for childless at-rules like @layer.

8.4.19

  • Fixed whitespace preserving after AST transformations (by Romain Menke).

8.4.18

  • Fixed an error on absolute: true with empty sourceContent (by Rene Haas).

8.4.17

  • Fixed Node.before() unexpected behavior (by Romain Menke).
  • Added TOC to docs (by Mikhail Dedov).

8.4.16

... (truncated)

Commits

Updates @grpc/grpc-js from 1.5.7 to 1.9.15

Release notes

Sourced from @​grpc/grpc-js's releases.

@​grpc/grpc-js 1.9.15

  • Avoid buffering significantly more than grpc.max_receive_message_size per received message.

@​grpc/grpc-js 1.9.14

  • Fix a bug that could rarely cause connection leaks (#2644)
  • Fix a bug that could cause clients to go IDLE incorrectly some time after calling waitForReady (#2643)

@​grpc/grpc-js 1.9.13

  • Fix a bug that could cause the Node process to close early when establishing a connection while a request is pending (#2626)

@​grpc/grpc-js 1.9.12

  • Fix a bug that could cause connectivity state information to become stale in some circumstances (#2623)

@​grpc/grpc-js 1.9.11

  • Fix a busy loop when recovering from a failure to establish a connection to a unix domain socket address target (#2618)
  • Fix a bug that caused clients to stop trying to connect to a fixed IP address target after a working connection drops (#2619)

@​grpc/grpc-js 1.9.10

  • Provide the correct port to the proxy when connecting to a target without an explicitly specified port (#2608 contributed by @​segevfiner)
  • Properly handle goaway events with no additional data attached (#2611)

@​grpc/grpc-js 1.9.9

  • Fix a busy loop when recovering from a failure to establish a connection to a fixed IP address target (#2609)

@​grpc/grpc-js 1.9.8

  • Fix a memory leak caused by creating and closing multiple clients (#2606)

@​grpc/grpc-js 1.9.7

  • Fix a bug that could cause a client to not update name resolution after multiple failed connection attempts (#2602)

@​grpc/grpc-js 1.9.6

  • Include more information in most "No connection established" errors (#2598)
  • Remove the index tracer, and add more information to other trace logs (#2599)

@​grpc/grpc-js 1.9.5

  • Fix a type inconsistency in server-call.ts (#2589 contributed by @​rsnullptr)
  • Close ports if the server is shut down while the bind operation is ongoing (#2590)

@​grpc/grpc-js 1.9.4

  • Fix a bug that could cause a client to sometimes incorrectly hold the process open when no longer in use (#2586)

@​grpc/grpc-js 1.9.3

  • Make a few improvements to DNS resolving timing (#2571)

Experimental changes:

  • Added grpc.experimental.BackoffTimeout#getEndTime

@​grpc/grpc-js 1.9.2

  • Handle error when sending keepalive pings (#2563)

... (truncated)

Commits
  • 08b0422 Merge pull request from GHSA-7v5v-9h63-cj86
  • c75e048 grpc-js: Bump to 1.9.15
  • d5d62b4 grpc-js: Avoid buffering significantly more than max_receive_message_size per...
  • 02d0344 Merge pull request #2741 from sergiitk/backport-1.9-psm-interop-common-prod-t...
  • cf14020 Merge pull request #2729 from sergiitk/psm-interop-common-prod-tests
  • da44229 Merge pull request #2738 from murgatroid99/backport-1.9-grpc-js_linkify-it_fix
  • 5ae7c8c Merge pull request #2735 from murgatroid99/grpc-js_linkify-it_fix
  • eed21ba Merge pull request #2714 from sergiitk/backport-1.9-psm-interop-pkg-dev
  • 63763a4 Merge pull request #2712 from sergiitk/psm-interop-pkg-dev
  • 5be83dd Merge pull request #2643 from murgatroid99/grpc-js_idle_timer_fix
  • Additional commits viewable in compare view

Updates browserify-sign from 4.2.1 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

  • Only apps should have lockfiles 09a8995
  • [eslint] switch to eslint 83fe463
  • [meta] add npmignore and auto-changelog 4418183
  • [meta] fix package.json indentation 9ac5a5e
  • [Tests] migrate from travis to github actions d845d85
  • [Fix] sign: throw on unsupported padding scheme 8767739
  • [Fix] properly check the upper bound for DSA signatures 85994cd
  • [Tests] handle openSSL not supporting a scheme f5f17c2
  • [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
  • [Dev Deps] update nyc, standard, tape cc5350b
  • [Tests] always run coverage; downgrade nyc 75ce1d5
  • [meta] add safe-publish-latest dcf49ce
  • [Tests] add npm run posttest 75dd8fd
  • [Dev Deps] update tape 3aec038
  • [Tests] skip unsupported schemes 703c83e
  • [Tests] node < 6 lacks array includes 3aa43cf
  • [Dev Deps] fix eslint range 98d4e0d
Commits
  • bf2c3ec v4.2.3
  • 9247adf [patch] widen support to 0.12
  • f427270 [Deps] update `parse-asn1
  • 87f3a35 [Dev Deps] update aud, npmignore, tape
  • fb261ce [Deps] update elliptic
  • 4d0ee49 [patch] drop minimum node support to v1
  • 9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
  • 168e16f [Deps] pin elliptic due to a breaking change
  • 37a4758 [actions] remove redundant finisher
  • 4af5a90 v4.2.2
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.


Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

  • Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

  • Switch to GitHub workflows 76abc93
  • Fix issue where decode throws - fixes #6 746ca5d
  • Update license (#1) 486d7e2
  • Tidelift tasks a650457
  • Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

Updates dset from 3.1.1 to 3.1.4

Release notes

Sourced from dset's releases.

v3.1.3

Patches

  • Add "types" export conditions for TypeScript "nodenext"/"node16" resolution: #40 Thank you @​Akkuma

Full Changelog: lukeed/dset@v3.1.2...v3.1.3

v3.1.2

Patches

  • (dset/merge): Prevent possible prototype pollution (#34): 2d156c7 Thank you @​n1ru4l~!

Chores


Full Changelog: lukeed/dset@v3.1.1...v3.1.2

Commits

Updates elliptic from 6.5.4 to 6.6.1

Commits

Updates es5-ext from 0.10.53 to 0.10.64

Release notes

Sourced from es5-ext's releases.

0.10.64 (2024-02-27)

Bug Fixes

  • Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

Comparison since last release

0.10.63 (2024-02-23)

Bug Fixes

  • Do not rely on problematic regex (3551cdd), addresses #201
  • Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021
  • Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

  • Simplify the manifest message (7855319)

Comparison since last release

0.10.62 (2022-08-02)

Maintenance Improvements


Comparison since last release

0.10.61 (2022-04-20)

Bug Fixes

  • Ensure postinstall script does not error (a0be4fd)

Maintenance Improvements


Comparison since last release

0.10.60 (2022-04-07)

Maintenance Improvements

  • Improve postinstall script configuration (ab6b121)

... (truncated)

Changelog

Sourced from es5-ext's changelog.

0.10.64 (2024-02-27)

Bug Fixes

  • Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

0.10.63 (2024-02-23)

Bug Fixes

  • Do not rely on problematic regex (3551cdd), addresses #201
  • Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021
  • Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

  • Simplify the manifest message (7855319)

0.10.62 (2022-08-02)

Maintenance Improvements

0.10.61 (2022-04-20)

Bug Fixes

  • Ensure postinstall script does not error (a0be4fd)

Maintenance Improvements

0.10.60 (2022-04-07)

Maintenance Improvements

  • Improve postinstall script configuration (ab6b121)

0.10.59 (2022-03-17)

Maintenance Improvements

0.10.58 (2022-03-11)

... (truncated)

Commits
  • f76b03d chore: Release v0.10.64
  • 2881acd chore: Bump dependencies
  • c2e2bb9 fix: Revert update meant to fix Powershell issue, as it's a regression
  • 16f2b72 docs: Fix date in the changelog
  • de4e03c chore: Release v0.10.63
  • 3fd53b7 chore: Upgrade lint-staged to v13
  • bf8ed79 chore: Ensure postinstall script does not crash on Windows
  • 2cbbb07 chore: Bump dependencies
  • 22d0416 chore: Bump LICENSE year
  • a52e957 fix: Support ES2015+ function definitions in function#toStringTokens()
  • Additional commits viewable in compare view

Updates express from 4.18.1 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

New Contributors

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect

Other Changes

... (truncated)

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

  • deps: path-to-regexp@0.1.12
    • Fix backtracking protection
  • deps: path-to-regexp@0.1.11
    • Throws an error on invalid path values

4.21.1 / 2024-10-08

4.21.0 / 2024-09-11

  • Deprecate res.location("back") and res.redirect("back") magic string
  • deps: serve-static@1.16.2
    • includes send@0.19.0
  • deps: finalhandler@1.3.1
  • deps: qs@6.13.0

4.20.0 / 2024-09-10

  • deps: serve-static@0.16.0
    • Remove link renderization in html while redirecting
  • deps: send@0.19.0
    • Remove link renderization in html while redirecting
  • deps: body-parser@0.6.0
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: path-to-regexp@0.1.10
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

  • Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

  • Allow passing non-strings to res.location with new encoding handling checks

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.


Updates follow-redirects from 1.14.9 to 1.15.9

Commits
  • e4e55c7 Release version 1.15.9 of the npm package.
  • 31a1abf Attempt much more gentle detection.
  • d2aaa97 Fix url field.
  • 62558f0 Release version 1.15.8 of the npm package.
  • a8d1cee Return subtlety.
  • 458ca8e Fix native URL test for Node 20.
  • ca49e44 Handle KeepAlive connections in tests.
  • f3711d7 Test on Node 20 and 22.
  • fda0faf Fix typo.
  • 760757f Release version 1.15.7 of the npm package.
  • Additional commits viewable in compare view

Updates http-cache-semantics from 4.1.0 to 4.1.1

Commits

Updates http-proxy-middleware from 2.0.6 to 2.0.7

Release notes

Sourced from http-proxy-middleware's releases.

v2.0.7

Full Changelog: chimurai/http-proxy-middleware@v2.0.6...v2.0.7

v2.0.7-beta.1

Full Changelog: chimurai/http-proxy-middleware@v2.0.7-beta.0...v2.0.7-beta.1

v2.0.7-beta.0

Full Changelog: chimurai/http-proxy-middleware@v2.0.6...v2.0.7-beta.0

Changelog

Sourced from http-proxy-middleware's changelog.

v2.0.7

  • ci(github actions): add publish.yml
  • fix(filter): handle errors
Commits

Updates jose from 2.0.5 to 2.0.7

Release notes

Sourced from jose's releases.

v2.0.7

Fixes

v2.0.6

Fixes

  • limit default PBES2 alg's computational expense (c1512be)
Changelog

Sourced from jose's changelog.

2.0.7 (2024-03-07)

Bug Fixes

  • add a maxOutputLength option to zlib inflate (02a6579)

2.0.6 (2022-09-01)

Bug Fixes

  • limit default PBES2 alg's computational expense (c1512be)
Commits
  • 0fbe2e6 chore(release): 2.0.7
  • 02a6579 fix: add a maxOutputLength option to zlib inflate
  • d1be83f chore(release): 2.0.6
  • c1512be fix: limit default PBES2 alg's computational expense
  • See full diff in compare view

Updates nanoid from 3.3.4 to 3.3.8

Changelog

Sourced from nanoid's changelog.

3.3.8

  • Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

3.3.7

  • Fixed node16 TypeScript support (by Saadi Myftija).

3.3.6

  • Fixed package.

3.3.5

  • Backport funding information.
Description has been truncated

Bumps the npm_and_yarn group with 17 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@redwoodjs/api](https://github.com/redwoodjs/redwood/tree/HEAD/packages/api) | `2.0.0` | `2.2.5` |
| [firebase](https://github.com/firebase/firebase-js-sdk) | `9.6.7` | `10.9.0` |
| [postcss](https://github.com/postcss/postcss) | `8.4.14` | `8.4.31` |
| [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.2.1` | `4.2.3` |
| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |
| [dset](https://github.com/lukeed/dset) | `3.1.1` | `3.1.4` |
| [elliptic](https://github.com/indutny/elliptic) | `6.5.4` | `6.6.1` |
| [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.53` | `0.10.64` |
| [express](https://github.com/expressjs/express) | `4.18.1` | `4.21.2` |
| [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.9` | `1.15.9` |
| [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) | `4.1.0` | `4.1.1` |
| [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) | `2.0.6` | `2.0.7` |
| [jose](https://github.com/panva/jose) | `2.0.5` | `2.0.7` |
| [store2](https://github.com/nbubna/store) | `2.13.1` | `2.14.4` |
| [tough-cookie](https://github.com/salesforce/tough-cookie) | `4.0.0` | `4.1.4` |
| [ua-parser-js](https://github.com/faisalman/ua-parser-js) | `0.7.31` | `0.7.40` |
| [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` |

Bumps the npm_and_yarn group with 7 updates in the /api directory:

| Package | From | To |
| --- | --- | --- |
| [@redwoodjs/api](https://github.com/redwoodjs/redwood/tree/HEAD/packages/api) | `0.41.0` | `2.2.5` |
| [axios](https://github.com/axios/axios) | `0.21.4` | `1.7.9` |
| [supertokens-node](https://github.com/supertokens/supertokens-node) | `9.0.0` | `21.1.0` |
| [crypto-js](https://github.com/brix/crypto-js) | `4.1.1` | `4.2.0` |
| [@redwoodjs/api](https://github.com/redwoodjs/redwood/tree/HEAD/packages/api) | `2.2.5` | `8.5.0` |
| [jose](https://github.com/panva/jose) | `2.0.5` | `2.0.7` |
| [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) | `8.5.1` | `removed` |
| [@clerk/clerk-sdk-node](https://github.com/clerk/javascript/tree/HEAD/packages/sdk-node) | `2.10.0` | `5.1.6` |

Bumps the npm_and_yarn group with 1 update in the /web directory: [firebase](https://github.com/firebase/firebase-js-sdk).


Updates `@redwoodjs/api` from 2.0.0 to 2.2.5
- [Release notes](https://github.com/redwoodjs/redwood/releases)
- [Changelog](https://github.com/redwoodjs/redwood/blob/main/CHANGELOG.md)
- [Commits](https://github.com/redwoodjs/redwood/commits/v2.2.5/packages/api)

Updates `firebase` from 9.6.7 to 10.9.0
- [Release notes](https://github.com/firebase/firebase-js-sdk/releases)
- [Changelog](https://github.com/firebase/firebase-js-sdk/blob/main/CHANGELOG.md)
- [Commits](https://github.com/firebase/firebase-js-sdk/compare/firebase@9.6.7...firebase@10.9.0)

Updates `postcss` from 8.4.14 to 8.4.31
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.4.14...8.4.31)

Updates `@grpc/grpc-js` from 1.5.7 to 1.9.15
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.5.7...@grpc/grpc-js@1.9.15)

Updates `browserify-sign` from 4.2.1 to 4.2.3
- [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md)
- [Commits](browserify/browserify-sign@v4.2.1...v4.2.3)

Updates `decode-uri-component` from 0.2.0 to 0.2.2
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

Updates `dset` from 3.1.1 to 3.1.4
- [Release notes](https://github.com/lukeed/dset/releases)
- [Commits](lukeed/dset@v3.1.1...v3.1.4)

Updates `elliptic` from 6.5.4 to 6.6.1
- [Commits](indutny/elliptic@v6.5.4...v6.6.1)

Updates `es5-ext` from 0.10.53 to 0.10.64
- [Release notes](https://github.com/medikoo/es5-ext/releases)
- [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md)
- [Commits](medikoo/es5-ext@v0.10.53...v0.10.64)

Updates `express` from 4.18.1 to 4.21.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md)
- [Commits](expressjs/express@4.18.1...4.21.2)

Updates `follow-redirects` from 1.14.9 to 1.15.9
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.14.9...v1.15.9)

Updates `http-cache-semantics` from 4.1.0 to 4.1.1
- [Commits](kornelski/http-cache-semantics@v4.1.0...v4.1.1)

Updates `http-proxy-middleware` from 2.0.6 to 2.0.7
- [Release notes](https://github.com/chimurai/http-proxy-middleware/releases)
- [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/v2.0.7/CHANGELOG.md)
- [Commits](chimurai/http-proxy-middleware@v2.0.6...v2.0.7)

Updates `jose` from 2.0.5 to 2.0.7
- [Release notes](https://github.com/panva/jose/releases)
- [Changelog](https://github.com/panva/jose/blob/v2.0.7/CHANGELOG.md)
- [Commits](panva/jose@v2.0.5...v2.0.7)

Updates `nanoid` from 3.3.4 to 3.3.8
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](ai/nanoid@3.3.4...3.3.8)

Updates `path-to-regexp` from 0.1.7 to 0.1.12
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.12)

Updates `protobufjs` from 6.11.2 to 7.4.0
- [Release notes](https://github.com/protobufjs/protobuf.js/releases)
- [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md)
- [Commits](protobufjs/protobuf.js@v6.11.2...protobufjs-v7.4.0)

Updates `serve-static` from 1.15.0 to 1.16.2
- [Release notes](https://github.com/expressjs/serve-static/releases)
- [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md)
- [Commits](expressjs/serve-static@v1.15.0...v1.16.2)

Updates `store2` from 2.13.1 to 2.14.4
- [Commits](nbubna/store@2.13.1...2.14.4)

Updates `tough-cookie` from 4.0.0 to 4.1.4
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v4.0.0...v4.1.4)

Updates `ua-parser-js` from 0.7.31 to 0.7.40
- [Release notes](https://github.com/faisalman/ua-parser-js/releases)
- [Changelog](https://github.com/faisalman/ua-parser-js/blob/0.7.40/changelog.md)
- [Commits](faisalman/ua-parser-js@0.7.31...0.7.40)

Updates `word-wrap` from 1.2.3 to 1.2.5
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5)

Updates `@redwoodjs/api` from 0.41.0 to 2.2.5
- [Release notes](https://github.com/redwoodjs/redwood/releases)
- [Changelog](https://github.com/redwoodjs/redwood/blob/main/CHANGELOG.md)
- [Commits](https://github.com/redwoodjs/redwood/commits/v2.2.5/packages/api)

Updates `axios` from 0.21.4 to 1.7.9
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v0.21.4...v1.7.9)

Updates `supertokens-node` from 9.0.0 to 21.1.0
- [Release notes](https://github.com/supertokens/supertokens-node/releases)
- [Changelog](https://github.com/supertokens/supertokens-node/blob/master/CHANGELOG.md)
- [Commits](supertokens/supertokens-node@v9.0.0...v21.1.0)

Updates `cookie` from 0.4.0 to 0.7.2
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Commits](jshttp/cookie@v0.4.0...v0.7.2)

Updates `crypto-js` from 4.1.1 to 4.2.0
- [Commits](brix/crypto-js@4.1.1...4.2.0)

Updates `@redwoodjs/api` from 2.2.5 to 8.5.0
- [Release notes](https://github.com/redwoodjs/redwood/releases)
- [Changelog](https://github.com/redwoodjs/redwood/blob/main/CHANGELOG.md)
- [Commits](https://github.com/redwoodjs/redwood/commits/v2.2.5/packages/api)

Updates `follow-redirects` from 1.14.9 to 1.15.9
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](follow-redirects/follow-redirects@v1.14.9...v1.15.9)

Updates `jose` from 2.0.5 to 2.0.7
- [Release notes](https://github.com/panva/jose/releases)
- [Changelog](https://github.com/panva/jose/blob/v2.0.7/CHANGELOG.md)
- [Commits](panva/jose@v2.0.5...v2.0.7)

Removes `jsonwebtoken`

Updates `@clerk/clerk-sdk-node` from 2.10.0 to 5.1.6
- [Release notes](https://github.com/clerk/javascript/releases)
- [Changelog](https://github.com/clerk/javascript/blob/@clerk/clerk-sdk-node@5.1.6/packages/sdk-node/CHANGELOG.md)
- [Commits](https://github.com/clerk/javascript/commits/@clerk/clerk-sdk-node@5.1.6/packages/sdk-node)

Updates `qs` from 6.7.0 to 6.14.0
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.7.0...v6.14.0)

Updates `semver` from 5.7.1 to 7.7.0
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v5.7.1...v7.7.0)

Updates `firebase` from 9.23.0 to 11.2.0
- [Release notes](https://github.com/firebase/firebase-js-sdk/releases)
- [Changelog](https://github.com/firebase/firebase-js-sdk/blob/main/CHANGELOG.md)
- [Commits](https://github.com/firebase/firebase-js-sdk/compare/firebase@9.6.7...firebase@10.9.0)

---
updated-dependencies:
- dependency-name: "@redwoodjs/api"
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: firebase
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@grpc/grpc-js"
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: browserify-sign
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: decode-uri-component
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: dset
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: elliptic
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: es5-ext
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: express
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: http-cache-semantics
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: http-proxy-middleware
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jose
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: nanoid
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: path-to-regexp
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: protobufjs
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serve-static
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: store2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: tough-cookie
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ua-parser-js
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: word-wrap
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@redwoodjs/api"
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: axios
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: supertokens-node
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: cookie
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: crypto-js
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@redwoodjs/api"
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: follow-redirects
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jose
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jsonwebtoken
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@clerk/clerk-sdk-node"
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: qs
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: semver
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: firebase
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Feb 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants