chore(deps): bump the npm_and_yarn group across 2 directories with 9 updates #11

dependabot · 2024-02-25T11:02:51Z

Bumps the npm_and_yarn group with 8 updates in the / directory:

Package	From	To
graphql	`16.6.0`	`16.8.1`
@apollo/server	`4.4.1`	`4.9.3`
@babel/traverse	`7.20.13`	`7.23.9`
axios	`1.3.0`	`1.6.7`
ip	`1.1.8`	`1.1.9`
semver	`5.7.1`	`5.7.2`
undici	`5.18.0`	`5.28.3`
word-wrap	`1.2.3`	`1.2.5`
Bumps the npm_and_yarn group with 1 update in the /packages/apollo directory: @apollo/server.

Updates graphql from 16.6.0 to 16.8.1

Release notes

Sourced from graphql's releases.

v16.8.1 (2023-09-19)

Bug Fix 🐞

#3967 OverlappingFieldsCanBeMergedRule: Fix performance degradation (@AaronMoat)

Committers: 1

Aaron Moat(@AaronMoat)

v16.8.0 (2023-08-14)

New Feature 🚀

#3950 Support fourfold nested lists (@gschulze)

Committers: 1

Gunnar Schulze(@gschulze)

v16.7.1 (2023-06-22)

📢 Big shout out to @phryneas, who managed to reproduce this issue and come up with this fix.

Bug Fix 🐞

#3923 instanceOf: workaround bundler issue with process.env (@IvanGoncharov)

Committers: 1

Ivan Goncharov(@IvanGoncharov)

v16.7.0 (2023-06-21)

New Feature 🚀

#3887 check "globalThis.process" before accessing it (@kettanaito)

Bug Fix 🐞

#3707 Fix crash in node when mixing sync/async resolvers (backport of #3706) (@chrskrchr)

#3838 Fix/invalid error propagation custom scalars (backport for 16.x.x) (@stenreijers)

Committers: 3

Artem Zakharchenko(@kettanaito)

Chris Karcher(@chrskrchr)

Sten Reijers(@stenreijers)

Commits

8a95335 16.8.1
8f4c64e OverlappingFieldsCanBeMergedRule: Fix performance degradation (#3967)
e4f759d 16.8.0
bec1b49 Support fourfold nested lists (#3950)
bf6a9f0 16.7.1
a08aaee instanceOf: workaround bundler issue with process.env (#3923)
1519fda 16.7.0
84bb146 check "globalThis.process" before accessing it (#3887)
076972e Fix/invalid error propagation custom scalars (backport for 16.x.x) (#3838)
4a82557 Fix crash in node when mixing sync/async resolvers (backport of #3706) (#3707)
See full diff in compare view

Updates @apollo/server from 4.4.1 to 4.9.3

Release notes

Sourced from @apollo/server's releases.

@apollo/server-integration-testsuite@4.9.3

Patch Changes

Updated dependencies [a1c725eaf]:

@apollo/server@4.9.3

@apollo/server@4.9.3

Patch Changes

a1c725eaf Thanks @trevor-scheer! - Ensure API keys are valid header values on startup

Apollo Server previously performed no sanitization or validation of API keys on startup. In the case that an API key was provided which contained characters that are invalid as header values, Apollo Server could inadvertently log the API key in cleartext.

This only affected users who:

Provide an API key with characters that are invalid as header values

Use either schema or usage reporting

Use the default fetcher provided by Apollo Server or configure their own node-fetch fetcher

Apollo Server now trims whitespace from API keys and validates that they are valid header values. If an invalid API key is provided, Apollo Server will throw an error on startup.

For more details, see the security advisory: GHSA-j5g3-5c8r-7qfx

@apollo/server-integration-testsuite@4.9.2

Patch Changes

Updated dependencies [62e7d940d]:

@apollo/server@4.9.2

@apollo/server@4.9.2

Patch Changes

#7699 62e7d940d Thanks @trevor-scheer! - Fix error path attachment for list items

Previously, when errors occurred while resolving a list item, the trace builder would fail to place the error at the correct path and just default to the root node with a warning message:

Could not find node with path x.y.1, defaulting to put errors on root node.

This change places these errors at their correct paths and removes the log.

@apollo/server-integration-testsuite@4.9.1

Patch Changes

Updated dependencies [ebfde0007]:

@apollo/server@4.9.1

@apollo/server@4.9.1

Patch Changes

... (truncated)

Changelog

Sourced from @apollo/server's changelog.

4.9.3

Patch Changes

a1c725eaf Thanks @trevor-scheer! - Ensure API keys are valid header values on startup

Apollo Server previously performed no sanitization or validation of API keys on startup. In the case that an API key was provided which contained characters that are invalid as header values, Apollo Server could inadvertently log the API key in cleartext.

This only affected users who:

Provide an API key with characters that are invalid as header values

Use either schema or usage reporting

Use the default fetcher provided by Apollo Server or configure their own node-fetch fetcher

Apollo Server now trims whitespace from API keys and validates that they are valid header values. If an invalid API key is provided, Apollo Server will throw an error on startup.

For more details, see the security advisory: GHSA-j5g3-5c8r-7qfx

4.9.2

Patch Changes

#7699 62e7d940d Thanks @trevor-scheer! - Fix error path attachment for list items

Previously, when errors occurred while resolving a list item, the trace builder would fail to place the error at the correct path and just default to the root node with a warning message:

Could not find node with path x.y.1, defaulting to put errors on root node.

This change places these errors at their correct paths and removes the log.

4.9.1

Patch Changes

#7672 ebfde0007 Thanks @trevor-scheer! - Add missing nonce on script tag for non-embedded landing page

4.9.0

Minor Changes
#7617 4ff81ca50 Thanks @trevor-scheer! - Introduce new ApolloServerPluginSubscriptionCallback plugin. This plugin implements the subscription callback protocol which is used by Apollo Router. This feature implements subscriptions over HTTP via a callback URL which Apollo Router registers with Apollo Server. This feature is currently in preview and is subject to change.

You can enable callback subscriptions like so:
import { ApolloServerPluginSubscriptionCallback } from "@apollo/server/plugin/subscriptionCallback";
import { ApolloServer } from "@apollo/server";
const server = new ApolloServer({

... (truncated)

Commits

a9d288a Version Packages (#7712)
2c8106c Merge pull request from GHSA-j5g3-5c8r-7qfx
d6ce603 create README for technical details of landing pages (#7671)
e8c00a7 Version Packages (#7702)
62b941a chore(deps): update all non-major dependencies (#7693)
62e7d94 Fix trace placement for errors occurring in lists (#7699)
b72485a chore: update documentation to include install commands for typescript (#7691)
a48e8e0 Version Packages (#7673)
ebfde00 Add missing nonce to script tag (#7672)
1235611 Version Packages (#7661)
Additional commits viewable in compare view

Updates @babel/traverse from 7.20.13 to 7.23.9

Release notes

Sourced from @babel/traverse's releases.

v7.23.9 (2024-01-25)

🐛 Bug Fix

babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env

#16225 fix: systemjs re-traverses helpers (@liuxingbaoyu)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16226 Improve decorated private method check (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env

#16224 Properly sort core-js@3 imports (@nicolo-ribaudo)

babel-traverse

#15383 fix: Don't throw in getTypeAnnotation when using TS+inference (@liuxingbaoyu)

Other

#16210 [eslint] Fix no-use-before-define for class ref in fields (@nicolo-ribaudo)

🏠 Internal

babel-core, babel-parser, babel-template

#16222 Migrate eslint-parser to cts (@liuxingbaoyu)

babel-types

#16213 Remove @babel/types props that are not produced by the parser (@liuxingbaoyu)

🏃‍♀️ Performance

babel-parser

#16072 perf: Improve parser performance for typescript (@liuxingbaoyu)

🔬 Output optimization

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env

#16218 Improve temporary variables for decorators (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#15959 Improve output of using (@liuxingbaoyu)

Committers: 4

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

@liuxingbaoyu

v7.23.8 (2024-01-08)

🐛 Bug Fix

babel-preset-env

#16181 fix: preset-env throws exception for export * as x (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-decorators

#16201 fix: decorator binds getter/setter to ctx.access for public fields (@liuxingbaoyu)

#16199 fix: Class decorator correctly passes return value (@liuxingbaoyu)

↩️ Revert

#16202 Revert "chore: Update artifact tools (#16184)" (@JLHwung)

🔬 Output optimization

babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-parameters, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.23.9 (2024-01-25)

🐛 Bug Fix

babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env

#16225 fix: systemjs re-traverses helpers (@liuxingbaoyu)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16226 Improve decorated private method check (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env

#16224 Properly sort core-js@3 imports (@nicolo-ribaudo)

babel-traverse

#15383 fix: Don't throw in getTypeAnnotation when using TS+inference (@liuxingbaoyu)

Other

#16210 [eslint] Fix no-use-before-define for class ref in fields (@nicolo-ribaudo)

🏠 Internal

babel-core, babel-parser, babel-template

#16222 Migrate eslint-parser to cts (@liuxingbaoyu)

babel-types

#16213 Remove @babel/types props that are not produced by the parser (@liuxingbaoyu)

🏃‍♀️ Performance

babel-parser

#16072 perf: Improve parser performance for typescript (@liuxingbaoyu)

🔬 Output optimization

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env

#16218 Improve temporary variables for decorators (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#15959 Improve output of using (@liuxingbaoyu)

v7.23.8 (2024-01-08)

🐛 Bug Fix

babel-preset-env

#16181 fix: preset-env throws exception for export * as x (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-decorators

#16201 fix: decorator binds getter/setter to ctx.access for public fields (@liuxingbaoyu)

#16199 fix: Class decorator correctly passes return value (@liuxingbaoyu)

↩️ Revert

#16202 Revert "chore: Update artifact tools (#16184)" (@JLHwung)

🔬 Output optimization

babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-parameters, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16194 Improve output of super() (@liuxingbaoyu)

v7.23.7 (2023-12-29)

🐛 Bug Fix

babel-traverse

#16191 fix: Crash when removing without Program (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-decorators

... (truncated)

Commits

a0dd614 v7.23.9
1200542 fix: Don't throw in getTypeAnnotation when using TS+inference (#15383)
e428a6d v7.23.7
d292822 fix: Crash when removing without Program (#16191)
d02c1f7 v7.23.6
cce807f Bump debug to ^4.3.1 (#16164)
8479012 v7.23.5
da7dc40 Do not remove bindings when removing assignment expression path (#16131)
fadc081 fix: Unexpected duplication of comments (#16110)
13a5c83 v7.23.4
Additional commits viewable in compare view

Updates axios from 1.3.0 to 1.6.7

Release notes

Sourced from axios's releases.

Release v1.6.7

Release notes:

Bug Fixes

capture async stack only for rejections with native error objects; (#6203) (1a08f90)

Contributors to this release

Dmitriy Mozgovoy

zhoulixiang

Release v1.6.6

Release notes:

Bug Fixes

fixed missed dispatchBeforeRedirect argument (#5778) (a1938ff)

wrap errors to improve async stack trace (#5987) (123f354)

Contributors to this release

Ilya Priven

Zao Soula

Release v1.6.5

Release notes:

Bug Fixes

ci: refactor notify action as a job of publish action; (#6176) (0736f95)

dns: fixed lookup error handling; (#6175) (f4f2b03)

Contributors to this release

Dmitriy Mozgovoy

Jay

Release v1.6.4

Release notes:

Bug Fixes

security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)

security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)

Contributors to this release

Jay

Dmitriy Mozgovoy

Guy Nesher

Release v1.6.3

Release notes:

... (truncated)

Changelog

Sourced from axios's changelog.

1.6.7 (2024-01-25)

Bug Fixes

capture async stack only for rejections with native error objects; (#6203) (1a08f90)

Contributors to this release

Dmitriy Mozgovoy

zhoulixiang

1.6.6 (2024-01-24)

Bug Fixes

fixed missed dispatchBeforeRedirect argument (#5778) (a1938ff)

wrap errors to improve async stack trace (#5987) (123f354)

Contributors to this release

Ilya Priven

Zao Soula

1.6.5 (2024-01-05)

Bug Fixes

ci: refactor notify action as a job of publish action; (#6176) (0736f95)

dns: fixed lookup error handling; (#6175) (f4f2b03)

Contributors to this release

Dmitriy Mozgovoy

Jay

1.6.4 (2024-01-03)

Bug Fixes

security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)

security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)

Contributors to this release

Jay

Dmitriy Mozgovoy

... (truncated)

Commits

a52e4d9 chore(release): v1.6.7 (#6204)
2b69888 chore: remove unnecessary check (#6186)
1a08f90 fix: capture async stack only for rejections with native error objects; (#6203)
104aa3f chore(release): v1.6.6 (#6199)
a1938ff fix: fixed missed dispatchBeforeRedirect argument (#5778)
123f354 fix: wrap errors to improve async stack trace (#5987)
6d4c421 chore(release): v1.6.5 (#6177)
0736f95 fix(ci): refactor notify action as a job of publish action; (#6176)
f4f2b03 fix(dns): fixed lookup error handling; (#6175)
1f73dcb docs: update sponsor links
Additional commits viewable in compare view

Updates follow-redirects from 1.15.2 to 1.15.5

Commits

b1677ce Release version 1.15.5 of the npm package.
d8914f7 Preserve fragment in responseUrl.
6585820 Release version 1.15.4 of the npm package.
7a6567e Disallow bracketed hostnames.
05629af Prefer native URL instead of deprecated url.parse.
1cba8e8 Prefer native URL instead of legacy url.resolve.
72bc2a4 Simplify _processResponse error handling.
3d42aec Add bracket tests.
bcbb096 Do not directly set Error properties.
192dbe7 Release version 1.15.3 of the npm package.
Additional commits viewable in compare view

Updates ip from 1.1.8 to 1.1.9

Commits

1ecbf2f 1.1.9
6a3ada9 lib: fixed CVE-2023-42282 and added unit test
See full diff in compare view

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

5.7

Add minVersion method

5.6

Move boolean loose param to an options object, with backwards-compatibility protection.

Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

Add version coercion capabilities

5.4

Add intersection checking

5.3

Add minSatisfying method

5.2

Add prerelease(v) that returns prerelease components

5.1

Add Backus-Naur for ranges

Remove excessively cute inspection methods

5.0

Remove AMD/Browserified build artifacts

Fix ltr and gtr when using the * range

Fix for range * with a prerelease identifier

Commits

f8cc313 chore: release 5.7.2
2f8fd41 fix: better handling of whitespace (#585)
deb5ad5 chore: @npmcli/template-oss@4.16.0
See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates undici from 5.18.0 to 5.28.3

Release notes

Sourced from undici's releases.

v5.28.3

⚠️ Security Release ⚠️

Fixes:

CVE-2024-24758 Proxy-Authorization header not cleared on cross-origin redirect in fetch

Full Changelog: nodejs/undici@v5.28.2...v5.28.3

v5.28.2

What's Changed

fix: remove optional chainning for compatible with Nodejs12 and below by @bugb in nodejs/undici#2470

fix: remove node: prefix by @tsctx in nodejs/undici#2471

perf: avoid Headers initialization by @tsctx in nodejs/undici#2468

fix: handle SharedArrayBuffer correctly by @tsctx in nodejs/undici#2466

fix: Add null type to signal in RequestInit by @gebsh in nodejs/undici#2455

fix: correctly handle data URL with hashes. by @tsctx in nodejs/undici#2475

fix: check response for timinginfo allow flag by @ToshB in nodejs/undici#2477

Make call to onBodySent conditional in RetryHandler by @MzUgM in nodejs/undici#2478

refactor: better integrity check by @tsctx in nodejs/undici#2462

fix: Added support for inline URL username:password proxy auth by @matt-way in nodejs/undici#2473

build(deps-dev): bump jsdom from 22.1.0 to 23.0.0 by @dependabot in nodejs/undici#2472

build(deps-dev): bump sinon from 16.1.3 to 17.0.1 by @dependabot in nodejs/undici#2405

build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.1 by @dependabot in nodejs/undici#2396

build(deps): bump actions/setup-node from 3.8.1 to 4.0.0 by @dependabot in nodejs/undici#2395

build(deps): bump step-security/harden-runner from 2.5.0 to 2.6.0 by @dependabot in nodejs/undici#2392

build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 by @dependabot in nodejs/undici#2389

build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in nodejs/undici#2302

New Contributors

@bugb made their first contribution in nodejs/undici#2470

@gebsh made their first contribution in nodejs/undici#2455

@ToshB made their first contribution in nodejs/undici#2477

@MzUgM made their first contribution in nodejs/undici#2478

@matt-way made their first contribution in nodejs/undici#2473

Full Changelog: nodejs/undici@v5.28.1...v5.28.2

v5.28.1

What's Changed

perf: Improve normalizeMethod by @tsctx in nodejs/undici#2456

fix: dispatch error handling by @ronag in nodejs/undici#2459

perf(request): optimize if headers are given by @tsctx in nodejs/undici#2454

Full Changelog: nodejs/undici@v5.28.0...v5.28.1

v5.28.0

What's Changed

fix(parseHeaders): util.parseHeaders handle correctly array of buffer… by @mdoria12 in nodejs/undici#2398

... (truncated)

Commits

e71cb4c Bumped v5.28.3
20c65b8 Fix tests for Node.js v20.11.0 (#2618)
8ec52cd Fix tests for Node.js v21 (#2609)
d3aa574 Merge pull request from GHSA-3787-6prv-h9w3
9a14e5f Bumped v5.28.2
fcdfe87 build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 (#2302)
169c157 build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 (#2389)
9788177 build(deps): bump step-security/harden-runner from 2.5.0 to 2.6.0 (#2392)
1f6d159 build(deps): bump actions/setup-node from 3.8.1 to 4.0.0 (#2395)
a393a86 build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.1 (#2396)
Additional commits viewable in compare view

Updates word-wrap from 1.2.3 to 1.2.5

Release notes

Sourced from word-wrap's releases.

1.2.5

Changes:

Reverts default value for options.indent to two spaces ' '.

Full Changelog: jonschlinkert/word-wrap@1.2.4...1.2.5

1.2.4

What's Changed

Remove default indent by @mohd-akram in jonschlinkert/word-wrap#24

🔒fix: CVE 2023 26115 (2) by @OlafConijn in jonschlinkert/word-wrap#41

🔒 fix: CVE-2023-26115 by @aashutoshrathi in jonschlinkert/word-wrap#33

chore: publish workflow by @OlafConijn in jonschlinkert/word-wrap#42

New Contributors

@mohd-akram made their first contribution in jonschlinkert/word-wrap#24

@OlafConijn made their first contribution in jonschlinkert/word-wrap#41

@aashutoshrathi made their first contribution in jonschlinkert/word-wrap#33

Full Changelog: jonschlinkert/word-wrap@1.2.3...1.2.4

Commits

207044e 1.2.5
9894315 revert default indent
f64b188 run verb to generate README
03ea082 Merge pull request #42 from jonschlinkert/chore/publish-workflow
420dce9 Merge pull request #41 from jonschlinkert/fix/CVE-2023-26115-2
bfa694e Update .github/workflows/publish.yml
ace0b3c chore: bump version to 1.2.4
6fd7275 chore: add publish workflow
30d6daf chore: fix test
655929c chore: remove package-lock
Additional commits viewable in compare view

Updates @apollo/server from 4.4.1 to 4.9.3

Release notes

Sourced from @apollo/server's releases.

@apollo/server-integration-testsuite@4.9.3

Patch Changes

Updated dependencies [a1c725eaf]:

@apollo/server@4.9.3

@apollo/server@4.9.3

Patch Changes

a1c725eaf Thanks @trevor-scheer! - Ensure API keys are valid header values on startup

Apollo Server previously performed no sanitization or validation of API keys on startup. In the case that an API key was provided which contained characters that are invalid as header values, Apollo Server could inadvertently log the API key in cleartext.

This only affected users who:

Provide an API key with characters that are invalid as header values

Use either schema or usage reporting

Use the default fetcher provided by Apollo Server or configure their own node-fetch fetcher

Apollo Server now trims whitespace from API keys and validates that they are valid header values. If an invalid API key is provided, Apollo Server will throw an error on startup.

For more details, see the security advisory: GHSA-j5g3-5c8r-7qfx

@apollo/server-integration-testsuite@4.9.2

Patch Changes

Updated dependencies [62e7d940d]:

@apollo/server@4.9.2

@apollo/server@4.9.2

Patch Changes

#7699 62e7d940d Thanks @trevor-scheer! - Fix error path attachment for list items

Previously, when errors occurred while resolving a list item, the trace builder would fail to place the error at the correct path and ju...
Description has been truncated

…updates Bumps the npm_and_yarn group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [graphql](https://github.com/graphql/graphql-js) | `16.6.0` | `16.8.1` | | [@apollo/server](https://github.com/apollographql/apollo-server/tree/HEAD/packages/server) | `4.4.1` | `4.9.3` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.20.13` | `7.23.9` | | [axios](https://github.com/axios/axios) | `1.3.0` | `1.6.7` | | [ip](https://github.com/indutny/node-ip) | `1.1.8` | `1.1.9` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [undici](https://github.com/nodejs/undici) | `5.18.0` | `5.28.3` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | Bumps the npm_and_yarn group with 1 update in the /packages/apollo directory: [@apollo/server](https://github.com/apollographql/apollo-server/tree/HEAD/packages/server). Updates `graphql` from 16.6.0 to 16.8.1 - [Release notes](https://github.com/graphql/graphql-js/releases) - [Commits](graphql/graphql-js@v16.6.0...v16.8.1) Updates `@apollo/server` from 4.4.1 to 4.9.3 - [Release notes](https://github.com/apollographql/apollo-server/releases) - [Changelog](https://github.com/apollographql/apollo-server/blob/main/packages/server/CHANGELOG.md) - [Commits](https://github.com/apollographql/apollo-server/commits/@apollo/server@4.9.3/packages/server) Updates `@babel/traverse` from 7.20.13 to 7.23.9 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.9/packages/babel-traverse) Updates `axios` from 1.3.0 to 1.6.7 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.3.0...v1.6.7) Updates `follow-redirects` from 1.15.2 to 1.15.5 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.2...v1.15.5) Updates `ip` from 1.1.8 to 1.1.9 - [Commits](indutny/node-ip@v1.1.8...v1.1.9) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `undici` from 5.18.0 to 5.28.3 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v5.18.0...v5.28.3) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) Updates `@apollo/server` from 4.4.1 to 4.9.3 - [Release notes](https://github.com/apollographql/apollo-server/releases) - [Changelog](https://github.com/apollographql/apollo-server/blob/main/packages/server/CHANGELOG.md) - [Commits](https://github.com/apollographql/apollo-server/commits/@apollo/server@4.9.3/packages/server) --- updated-dependencies: - dependency-name: graphql dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: "@apollo/server" dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: axios dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: ip dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: undici dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: "@apollo/server" dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2024-03-16T18:17:05Z

Superseded by #12.

dependabot bot added the dependencies label Feb 25, 2024

dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-security-group-ca14d907ac branch from 6df1b6b to d5b3da7 Compare February 25, 2024 11:02

dependabot bot closed this Mar 16, 2024

dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-security-group-ca14d907ac branch March 16, 2024 18:17

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump the npm_and_yarn group across 2 directories with 9 updates #11

chore(deps): bump the npm_and_yarn group across 2 directories with 9 updates #11

Uh oh!

dependabot bot commented on behalf of github Feb 25, 2024

Uh oh!

dependabot bot commented on behalf of github Mar 16, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

chore(deps): bump the npm_and_yarn group across 2 directories with 9 updates #11

chore(deps): bump the npm_and_yarn group across 2 directories with 9 updates #11

Uh oh!

Conversation

dependabot bot commented on behalf of github Feb 25, 2024

v16.8.1 (2023-09-19)

Bug Fix 🐞

Committers: 1

v16.8.0 (2023-08-14)

New Feature 🚀

Committers: 1

v16.7.1 (2023-06-22)

Bug Fix 🐞

Committers: 1

v16.7.0 (2023-06-21)

New Feature 🚀

Bug Fix 🐞

Committers: 3

@​apollo/server-integration-testsuite@​4.9.3

Patch Changes

@​apollo/server@​4.9.3

Patch Changes

@​apollo/server-integration-testsuite@​4.9.2

Patch Changes

@​apollo/server@​4.9.2

Patch Changes

@​apollo/server-integration-testsuite@​4.9.1

Patch Changes

@​apollo/server@​4.9.1

Patch Changes

4.9.3

Patch Changes

4.9.2

Patch Changes

4.9.1

Patch Changes

4.9.0

Minor Changes

v7.23.9 (2024-01-25)

🐛 Bug Fix

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

Committers: 4

v7.23.8 (2024-01-08)

🐛 Bug Fix

↩️ Revert

🔬 Output optimization

v7.23.9 (2024-01-25)

🐛 Bug Fix

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

v7.23.8 (2024-01-08)

🐛 Bug Fix

↩️ Revert

🔬 Output optimization

v7.23.7 (2023-12-29)

🐛 Bug Fix

Release v1.6.7

Release notes:

Bug Fixes

Contributors to this release

Release v1.6.6

Release notes:

Bug Fixes

Contributors to this release

Release v1.6.5

Release notes:

Bug Fixes

Contributors to this release

Release v1.6.4

Release notes:

Bug Fixes

Contributors to this release

Release v1.6.3

Release notes:

1.6.7 (2024-01-25)

Bug Fixes

Contributors to this release

`@apollo/server-integration-testsuite@4`.9.3

`@apollo/server@4`.9.3

`@apollo/server-integration-testsuite@4`.9.2

`@apollo/server@4`.9.2

`@apollo/server-integration-testsuite@4`.9.1

`@apollo/server@4`.9.1

`@apollo/server-integration-testsuite@4`.9.3

`@apollo/server@4`.9.3

`@apollo/server-integration-testsuite@4`.9.2

`@apollo/server@4`.9.2