Bump jsonata and @elastic.io/component-commons-library

[dependabot]

Bumps jsonata to 1.8.7 and updates ancestor dependency @elastic.io/component-commons-library. These dependencies need to be updated together.

Updates jsonata from 1.7.0 to 1.8.7

Release notes

Sourced from jsonata's releases.

1.8.7 Maintenance Release

• Prevent writing to the object prototype or constructor (PR jsonata-js/jsonata#681)

1.8.6 Maintenance Release

• Fix bug in date/time picture string. Width formatting is not respected without a separator (issue #546)
• Fix error when converting empty array to an object (issue #547)
• Fix Buffer deprecation warning (PR #560)

1.8.5 Maintenance Release

• Fix regression with singleton sequence of array type (issue #462)
• Correctly handle empty array input to group expression (issue #527)
• Fix bug with outer array when evaluating wildcard (issue #495)

1.8.4 Maintenance Release

• Fix bug in $eval when second arg is an empty array (issue #463)
• Fix bug in toMillis() parsing timezones (issue #477)

1.8.3 Maintenance Release

• Remove incomplete polyfill for Array.from() (issue #432)
• Fix $not to return empty sequence for missing inputs (issue #433)
• Fix RangeError (stack overflow) when querying very large objects (issue #434)

1.8.2 Maintenance Release

• Fix bug with regex usage in partially applied functions (issue #427)
• Fix regression when the $string() function is applied to a top-level array (PR #429)

1.8.1 Maintenance Release

• Fix bug in timezone handling for ISO week date formats (issue #403)

1.8.0 Milestone Release

• New syntax (% parent operator) to select the parent of the current context value (issue #299)
• New function $type to return the data type of the argument (issue #208)
• Added versioning to the documentation site (issue #385)
• Fixed bugs #382, #387, #396, #399

Changelog

Sourced from jsonata's changelog.

1.8.7 Maintenance Release

• Prevent writing to the object prototype or constructor (PR jsonata-js/jsonata#681)

1.8.6 Maintenance Release

• Fix bug in date/time picture string. Width formatting is not respected without a separator (issue #546)
• Fix error when converting empty array to an object (issue #547)
• Fix Buffer deprecation warning (PR #560)

1.8.5 Maintenance Release

• Fix regression with singleton sequence of array type (issue #462)
• Correctly handle empty array input to group expression (issue #527)
• Fix bug with outer array when evaluating wildcard (issue #495)

1.8.4 Maintenance Release

• Fix bug in $eval when second arg is an empty array (issue #463)
• Fix bug in toMillis() parsing timezones (issue #477)

1.8.3 Maintenance Release

• Remove incomplete polyfill for Array.from() (issue #432)
• Fix $not to return empty sequence for missing inputs (issue #433)
• Fix RangeError (stack overflow) when querying very large objects (issue #434)

1.8.2 Maintenance Release

• Fix bug with regex usage in partially applied functions (issue #427)
• Fix regression when the $string() function is applied to a top-level array (PR #429)

1.8.1 Maintenance Release

• Fix bug in timezone handling for ISO week date formats (issue #403)

1.8.0 Milestone Release

• New syntax (% parent operator) to select the parent of the current context value (issue #299)
• New function $type to return the data type of the argument (issue #208)
• Added versioning to the documentation site (issue #385)
• Fixed bugs #382, #387, #396, #399

Commits

• 220b45a Publish version 1.8.7 (#682)
• 1d579db Prevent writing to the object prototype or constructor (v1 port) (#681)
• ebdb02a Add workflow
• 8e4abd8 Release v1.8.6
• b2a2bfa Remove dead tech talk link (#562)
• f14f1b3 Fixed Buffer Deprecation warning (#560)
• 65e854d Fixing reported issue jsonata-js/jsonata#547 (#555)
• e6e436d n with consideration of optionalDigits
• c16ba7b Attempt to calculate n for MD
• 44e7941 month correction for expected value
• Additional commits viewable in compare view

Updates @elastic.io/component-commons-library from 2.0.2 to 4.0.0

Release notes

Sourced from @​elastic.io/component-commons-library's releases.

4.0.0

• BREAKING CHANGE – All clients named *RestClient have been removed except for PlatformApiRestClient. Any removed client logic should now be implemented within components.
• PlatformApiRestClient has been migrated from the request library to axios.
• The following libraries have been removed from the main dependencies:
  • @​elastic.io/ntlm-client
  • async
  • bunyan-serializers
  • elasticio-node
  • better-npm-audit
  • remove-leading-slash
  • remove-trailing-slash
  • request
• The axiosReqWithRetryOnServerError function can now operate without requiring a context.

3.2.2

• Updated maester-client to 6.0.0

3.2.1

• Updated maester-client and other dependencies

3.2.0

• Added new functions:
  • isNumberNaN(number)
  • timestamp(date)
  • isDateValid(date)
  • timeToString(date)
• Updated @​elastic.io/jsonata-moment to 1.1.6 to fix a vulnerability found in jsonata 1.8.6

3.1.6

• Changed environment variable API_REQUEST_TIMEOUT maxValue to 120 sec (used to be 20 sec)

3.1.5

• Updated @​elasticio/maester-client to v5.0.1

3.1.4

Add possibility to set RetryOptions for methods getAttachment and uploadAttachment on AttachmentProcessor class.

3.1.2

Update jsonata-moment to 1.1.5 to support Jsonata 1.8.6

3.1.0

• Added method fetchSecretById for PlatformApiLogicClient
• Added method refreshTokenBySecretId for PlatformApiLogicClient
• Added User-Agent headers to PlatformApiRestClient
• Added new REST client FacelessRestClient

Changelog

Sourced from @​elastic.io/component-commons-library's changelog.

4.0.0 (August 05, 2025)

• BREAKING CHANGE – All clients named *RestClient have been removed except for PlatformApiRestClient. Any removed client logic should now be implemented within components.
• PlatformApiRestClient has been migrated from the request library to axios.
• The following libraries have been removed from the main dependencies:
  • @​elastic.io/ntlm-client
  • async
  • bunyan-serializers
  • elasticio-node
  • better-npm-audit
  • remove-leading-slash
  • remove-trailing-slash
  • request
• The axiosReqWithRetryOnServerError function can now operate without requiring a context.

3.2.2 (March 21, 2025)

• Updated maester-client to 6.0.0

3.2.1 (September 11, 2024)

• Updated maester-client

3.2.0 (March 22, 2024)

• Added new functions:
  • isNumberNaN(number)
  • timestamp(date)
  • isDateValid(date)
  • timeToString(date)
• Updated @​elastic.io/jsonata-moment to 1.1.6 to fix a vulnerability found in jsonata 1.8.6

3.1.6 (January 24, 2024)

• Changed environment variable API_REQUEST_TIMEOUT maxValue to 120 sec (used to be 20 sec)

3.1.5 (December 29, 2022)

• Updated @​elasticio/maester-client to v5.0.1

3.1.4 (November 29, 2022)

• To fix the incorrect deploy of 3.1.3

3.1.3 (November 29, 2022)

• Add possibility to set RetryOptions for methods getAttachment and uploadAttachment oa AttachmentProcessor class.

3.1.2 (October 28, 2022)

• To fix the incorrect deploy of 3.1.1

3.1.1 (October 21, 2022)

• Update jsonata-moment to 1.1.5

3.1.0 (September 9, 2022)

• Added method fetchSecretById for PlatformApiLogicClient
• Added method refreshTokenBySecretId for PlatformApiLogicClient
• Added User-Agent headers to PlatformApiRestClient

... (truncated)

Commits

• da108ac Axios migration (#91)
• 2a960fb fastfix
• 8463a01 axios bump (#90)
• 148de1f Revitalize dependencies (#89)
• 93cd06c Few new utils functions added (#88)
• 189e4fb Update package.json
• a57773c Changed environment variable API_REQUEST_TIMEOUT maxValue to 120 sec (used to...
• 10f6dbb 83 update maester (#85)
• 85e6b45 Fix dist (#82)
• 5f9aabd add retryOptions (#81)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by if0s, a new releaser for @​elastic.io/component-commons-library since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.