Skip to content

build(deps): bump the npm_and_yarn group across 1 directory with 23 updates #11

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the npm_and_yarn group across 1 directory with 23 updates #11

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Aug 12, 2025

Bumps the npm_and_yarn group with 16 updates in the /vscode-debugger-extension directory:

Package From To
express 4.19.2 4.20.0
@vitest/coverage-v8 1.6.0 3.2.4
rollup 4.18.0 4.46.2
svelte 4.2.17 4.2.20
vite 5.2.12 5.4.19
vitest 1.6.0 1.6.1
@azure/identity 4.2.0 4.11.1
@babel/runtime 7.24.6 7.28.2
brace-expansion 1.1.11 1.1.12
cookie 0.6.0 0.7.1
express 4.20.0 4.21.2
form-data 4.0.0 4.0.4
micromatch 4.0.7 4.0.8
node-fetch 2.6.1 2.7.0
release 6.3.1 6.3.1
tar-fs 2.1.1 2.1.3
webpack 5.91.0 5.101.1

Updates express from 4.19.2 to 4.20.0

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

  • deps: [email protected]
    • Remove link renderization in html while redirecting
  • deps: [email protected]
    • Remove link renderization in html while redirecting
  • deps: [email protected]
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: [email protected]
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie
Commits

Updates @vitest/coverage-v8 from 1.6.0 to 3.2.4

Release notes

Sourced from @​vitest/coverage-v8's releases.

v3.2.4

   🐞 Bug Fixes

    View changes on GitHub

v3.2.3

   🚀 Features

   🐞 Bug Fixes

    View changes on GitHub

v3.2.2

... (truncated)

Commits

Updates rollup from 4.18.0 to 4.46.2

Changelog

Sourced from rollup's changelog.

4.46.2

2025-07-29

Bug Fixes

  • Fix in-operator handling for external namespace and when the left side cannot be analyzed (#6041)

Pull Requests

4.46.1

2025-07-28

Bug Fixes

  • Do not fail when using the in operator on external namespaces (#6036)

Pull Requests

  • #6036: disables optimization for external namespace when using the in operator (@​TrickyPi)

4.46.0

2025-07-27

Features

  • Optimize in checks on namespaces to keep them treeshake-able (#6029)

Pull Requests

4.45.3

2025-07-26

Bug Fixes

  • Do not fail build if a const is reassigned but warn instead (#6020)
  • Fail with a helpful error message if an exported binding is not defined (#6023)

Pull Requests

  • #6014: chore(deps): update dependency @​vue/language-server to v3 (@​renovate[bot])

... (truncated)

Commits

Updates svelte from 4.2.17 to 4.2.20

Changelog

Sourced from svelte's changelog.

4.2.20

Patch Changes

  • fix: properly remove event listeners in Component's removeEventListener (#13556)

4.2.19

Patch Changes

  • fix: ensure typings for <svelte:options> are picked up (#12902)

  • fix: escape < in attribute strings (#12989)

4.2.18

Patch Changes

  • chore: speed up regex (#11922)
Commits

Updates vite from 5.2.12 to 5.4.19

Changelog

Sourced from vite's changelog.

5.4.19 (2025-04-30)

5.4.18 (2025-04-10)

5.4.17 (2025-04-03)

5.4.16 (2025-03-31)

5.4.15 (2025-03-24)

5.4.14 (2025-01-21)

5.4.13 (2025-01-20)

5.4.12 (2025-01-20)

  • fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (9da4abc)
  • fix!: default server.cors: false to disallow fetching from untrusted origins (dfea38f)
  • fix: verify token for HMR WebSocket connection (b71a5c8)
  • chore: add deps update changelog (ecd2375)

... (truncated)

Commits

Updates vitest from 1.6.0 to 1.6.1

Release notes

Sourced from vitest's releases.

v1.6.1

This release includes security patches for:

   🐞 Bug Fixes

    View changes on GitHub
Commits

Updates @azure/identity from 4.2.0 to 4.11.1

Commits
  • 92a0e89 [Identity] Hot fix change (#35469)
  • 6a3e14f Post release automated changes for identity releases (#35449)
  • ab420d3 [mgmt] refresh hybridconnectivity (#35422)
  • dcac2ed [dev-tool] Support listed dependencies in the API view (#35430)
  • 779cba7 [notfication-hubs] Remove the need for BodilessMatcher in the tests with sani...
  • ce24eca [Identity] VS Code Package Release (#35446)
  • 9313e7f Post release automated changes for identity releases (#35445)
  • c883316 [Identity] August release (#35444)
  • e7399dc [Monitor OpenTelemetry Exporter][Monitor OpenTelemetry] Release Distro 1.12.0...
  • e3e0910 Sync eng/common directory with azure-sdk-tools for PR 11493 (#35441)
  • Additional commits viewable in compare view

Updates @azure/msal-node from 2.8.1 to 3.7.0

Commits

Updates @babel/runtime from 7.24.6 to 7.28.2

Changelog

Sourced from @​babel/runtime's changelog.

v7.28.2 (2025-07-24)

🐛 Bug Fix

  • babel-types
  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3

v7.28.1 (2025-07-12)

🐛 Bug Fix

  • babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator

📝 Documentation

↩️ Revert

  • babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-types

v7.28.0 (2025-07-02)

🚀 New Feature

  • babel-node
  • babel-types
  • babel-compat-data, babel-preset-env
  • babel-core, babel-parser
  • babel-generator, babel-parser
  • babel-plugin-proposal-destructuring-private, babel-plugin-proposal-do-expressions, babel-plugin-transform-object-rest-spread, babel-traverse, babel-types
  • babel-parser, babel-traverse, babel-types
  • babel-generator, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-discard-binding, babel-plugin-transform-destructuring, babel-plugin-transform-explicit-resource-management, babel-plugin-transform-react-display-name, babel-types
  • babel-generator, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-transform-block-scoping, babel-plugin-transform-object-rest-spread, babel-plugin-transform-typescript, babel-traverse, babel-types

🐛 Bug Fix

🏠 Internal

  • babel-compat-data, babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-json-modules, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3

... (truncated)

Commits

Updates brace-expansion from 1.1.11 to 1.1.12

Commits

Updates body-parser from 1.20.2 to 1.20.3

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

  • deps: [email protected]
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.


Updates cookie from 0.6.0 to 0.7.1

Commits
Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.


Updates express from 4.20.0 to 4.21.2

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

  • deps: [email protected]
    • Remove link renderization in html while redirecting
  • deps: [email protected]
    • Remove link renderization in html while redirecting
  • deps: [email protected]
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: [email protected]
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie
Commits

Updates esbuild from 0.20.2 to 0.21.5

Changelog

Sourced from esbuild's changelog.

0.21.5

  • Fix Symbol.metadata on classes without a class decorator (#3781)

    This release fixes a bug with esbuild's support for the decorator metadata proposal. Previously esbuild only added the Symbol.metadata property to decorated classes if there was a decorator on the class element itself. However, the proposal says that the Symbol.metadata property should be present on all classes that have any decorators at all, not just those with a decorator on the class element itself.

  • Allow unknown import attributes to be used with the copy loader (#3792)

    Import attributes (the with keyword on import statements) are allowed to alter how that path is loaded. For example, esbuild cannot assume that it knows how to load ./bagel.js as type bagel:

    // This is an error with "--bundle" without also using "--external:./bagel.js"
import tasty from "./bagel.js" with { type: "bagel" }

    Because of that, bundling this code with esbuild is an error unless the file ./bagel.js is external to the bundle (such as with --bundle --external:./bagel.js).

    However, there is an additional case where it's ok for esbuild to allow this: if the file is loaded using the copy loader. That's because the copy loader behaves similarly to --external in that the file is left external to the bundle. The difference is that the copy loader copies the file into the output folder and rewrites the import path while --external doesn't. That means the following will now work with the copy loader (such as with --bundle --loader:.bagel=copy):

    // This is no longer an error with "--bundle" and "--loader:.bagel=copy"
import tasty from "./tasty.bagel" with { type: "bagel" }

  • Support import attributes with glob-style imports (#3797)

    This release adds support for import attributes (the with option) to glob-style imports (dynamic imports with certain string literal patterns as paths). These imports previously didn't support import attributes due to an oversight. So code like this will now work correctly:

    async function loadLocale(locale: string): Locale {
  const data = await import(`./locales/${locale}.data`, { with: { type: 'json' } })
  return unpackLocale(locale, data)
}

    Previously this didn't work even though esbuild normally supports forcing the JSON loader using an import attribute. Attempting to do this used to result in the following error:

    ✘ [ERROR] No loader is configured for ".data" files: locales/en-US.data

    example.ts:2:28:
  2 │   const data = await import(`./locales/${locale}.data`, { with: { type: 'json' } })
    ╵                             ~~~~~~~~~~~~~~~~~~~~~~~~~~

    In addition, this change means plugins can now access the contents of with for glob-style imports.

  • Support ${configDir} in tsconfig.json files (#3782)

    This adds support for a new feature from the upcoming TypeScript 5.5 release. The character sequence ${configDir} is now respected at the start of baseUrl and paths values, which are used by esbuild during bundling to correctly map import paths to file system paths. This feature lets base tsconfig.json files specified via extends refer to the directory of the top-level tsconfig.json file. Here is an example:

... (truncated)

Commits
  • fc37c2f publish 0.21.5 to npm
  • cb11924 fix Symbol.metadata errors in decorator tests
  • b93a2a9 fix #3781: add metadata to all decorated classes
  • 953dae9 fix #3797: import attributes and glob-style import
  • 98cb2ed fix #3782: support ${configDir} in tsconfig.json
  • 8e6603b run make update-compat-table
  • db1b8ca fix #3792: import attributes and the copy loader
  • de572d0 fix non-deterministic import attribute plugin test
  • ae8d1b4 fix #3794: --supported:object-accessors=false
  • 67cbf87 publish 0.21.4 to npm
  • Additional commits viewable in compare view

Updates form-data from 4.0.0 to 4.0.4

Changelog

Sourced from form-data's changelog.

v4.0.4 - 2025-07-16

Commits

  • [meta] add auto-changelog 811f682
  • [Tests] handle predict-v8-randomness failures in node < 17 and node > 23 1d11a76
  • [Fix] Switch to using crypto random for boundary values 3d17230
  • [Tests] fix linting errors 5e34080
  • [meta] actually ensure the readme backup isn’t published 316c82b
  • [Dev Deps] update @ljharb/eslint-config 58c25d7
  • [meta] fix readme capitalization 2300ca1

v4.0.3 - 2025-06-05

Fixed

Commits

  • [eslint] use a shared config 426ba9a
  • [eslint] fix some spacing issues 2094191
  • [Refactor] use hasown 81ab41b
  • [Fix] validate boundary type in setBoundary() method 8d8e469
  • [Tests] add tests to check the behavior of getBoundary with non-strings Description has been truncated

@dependabot
build(deps): bump the npm_and_yarn group across 1 directory with 23 u…
5c5d40f 
…pdates

Bumps the npm_and_yarn group with 16 updates in the /vscode-debugger-extension directory:

| Package | From | To |
| --- | --- | --- |
| [express](https://github.com/expressjs/express) | `4.19.2` | `4.20.0` |
| [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) | `1.6.0` | `3.2.4` |
| [rollup](https://github.com/rollup/rollup) | `4.18.0` | `4.46.2` |
| [svelte](https://github.com/sveltejs/svelte/tree/HEAD/packages/svelte) | `4.2.17` | `4.2.20` |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.2.12` | `5.4.19` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `1.6.0` | `1.6.1` |
| [@azure/identity](https://github.com/Azure/azure-sdk-for-js) | `4.2.0` | `4.11.1` |
| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.24.6` | `7.28.2` |
| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.12` |
| [cookie](https://github.com/jshttp/cookie) | `0.6.0` | `0.7.1` |
| [express](https://github.com/expressjs/express) | `4.20.0` | `4.21.2` |
| [form-data](https://github.com/form-data/form-data) | `4.0.0` | `4.0.4` |
| [micromatch](https://github.com/micromatch/micromatch) | `4.0.7` | `4.0.8` |
| [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.1` | `2.7.0` |
| [release](https://github.com/vercel/release) | `6.3.1` | `6.3.1` |
| [tar-fs](https://github.com/mafintosh/tar-fs) | `2.1.1` | `2.1.3` |
| [webpack](https://github.com/webpack/webpack) | `5.91.0` | `5.101.1` |



Updates `express` from 4.19.2 to 4.20.0
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.19.2...4.20.0)

Updates `@vitest/coverage-v8` from 1.6.0 to 3.2.4
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v3.2.4/packages/coverage-v8)

Updates `rollup` from 4.18.0 to 4.46.2
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v4.18.0...v4.46.2)

Updates `svelte` from 4.2.17 to 4.2.20
- [Changelog](https://github.com/sveltejs/svelte/blob/[email protected]/packages/svelte/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/svelte/commits/[email protected]/packages/svelte)

Updates `vite` from 5.2.12 to 5.4.19
- [Changelog](https://github.com/vitejs/vite/blob/v5.4.19/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.4.19/packages/vite)

Updates `vitest` from 1.6.0 to 1.6.1
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v1.6.1/packages/vitest)

Updates `@azure/identity` from 4.2.0 to 4.11.1
- [Release notes](https://github.com/Azure/azure-sdk-for-js/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-js/blob/main/documentation/Changelog-for-next-generation.md)
- [Commits](https://github.com/Azure/azure-sdk-for-js/compare/@azure/identity_4.2.0...@azure/identity_4.11.1)

Updates `@azure/msal-node` from 2.8.1 to 3.7.0
- [Commits](https://github.com/AzureAD/microsoft-authentication-library-for-js/commits/msal-node-v3.7.0)

Updates `@babel/runtime` from 7.24.6 to 7.28.2
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.28.2/packages/babel-runtime)

Updates `brace-expansion` from 1.1.11 to 1.1.12
- [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12)

Updates `body-parser` from 1.20.2 to 1.20.3
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.20.2...1.20.3)

Updates `cookie` from 0.6.0 to 0.7.1
- [Commits](jshttp/cookie@v0.6.0...v0.7.1)

Updates `express` from 4.20.0 to 4.21.2
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.19.2...4.20.0)

Updates `esbuild` from 0.20.2 to 0.21.5
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md)
- [Commits](evanw/esbuild@v0.20.2...v0.21.5)

Updates `form-data` from 4.0.0 to 4.0.4
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](form-data/form-data@v4.0.0...v4.0.4)

Updates `micromatch` from 4.0.7 to 4.0.8
- [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/micromatch@4.0.7...4.0.8)

Updates `nanoid` from 3.3.7 to 3.3.11
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](ai/nanoid@3.3.7...3.3.11)

Updates `node-fetch` from 2.6.1 to 2.7.0
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](node-fetch/node-fetch@v2.6.1...v2.7.0)

Updates `release` from 6.3.1 to 6.3.1
- [Commits](vercel/release@6.3.1...6.3.1)

Updates `path-to-regexp` from 0.1.7 to 0.1.12
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](pillarjs/path-to-regexp@v0.1.7...v0.1.12)

Updates `send` from 0.18.0 to 0.19.0
- [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md)
- [Commits](pillarjs/send@0.18.0...0.19.0)

Updates `serve-static` from 1.15.0 to 1.16.2
- [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md)
- [Commits](expressjs/serve-static@v1.15.0...v1.16.2)

Updates `tar-fs` from 2.1.1 to 2.1.3
- [Commits](mafintosh/tar-fs@v2.1.1...v2.1.3)

Updates `webpack` from 5.91.0 to 5.101.1
- [Commits](webpack/webpack@v5.91.0...v5.101.1)

---
updated-dependencies:
- dependency-name: express
  dependency-version: 4.20.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 3.2.4
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-version: 4.46.2
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: svelte
  dependency-version: 4.2.20
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vite
  dependency-version: 5.4.19
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: vitest
  dependency-version: 1.6.1
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@azure/identity"
  dependency-version: 4.11.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@azure/msal-node"
  dependency-version: 3.7.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@babel/runtime"
  dependency-version: 7.28.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: brace-expansion
  dependency-version: 1.1.12
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: body-parser
  dependency-version: 1.20.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cookie
  dependency-version: 0.7.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: express
  dependency-version: 4.21.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: esbuild
  dependency-version: 0.21.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: form-data
  dependency-version: 4.0.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: micromatch
  dependency-version: 4.0.8
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: nanoid
  dependency-version: 3.3.11
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: node-fetch
  dependency-version: 2.7.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: release
  dependency-version: 6.3.1
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: path-to-regexp
  dependency-version: 0.1.12
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: send
  dependency-version: 0.19.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serve-static
  dependency-version: 1.16.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: tar-fs
  dependency-version: 2.1.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: webpack
  dependency-version: 5.101.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Aug 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants