Bump the npm_and_yarn group across 1 directory with 22 updates by dependabot[bot] · Pull Request #5 · instagated/create-react-app-auth-amplify

dependabot · 2024-06-19T13:31:20Z

Bumps the npm_and_yarn group with 22 updates in the / directory:

Package	From	To
semver	`6.3.0`	`6.3.1`
@babel/traverse	`7.17.3`	`7.24.7`
ansi-regex	`4.1.0`	`4.1.1`
async	`2.6.3`	`2.6.4`
json5	`1.0.1`	`1.0.2`
loader-utils	`1.4.0`	`1.4.2`
crypto-js	`4.1.1`	`4.2.0`
ejs	`3.1.6`	`3.1.10`
express	`4.17.3`	`4.19.2`
fast-xml-parser	`3.19.0`	`4.4.0`
aws-amplify	`4.3.14`	`6.3.7`
follow-redirects	`1.14.9`	`1.15.6`
minimatch	`3.0.4`	`3.1.2`
recursive-readdir	`2.2.2`	`2.2.3`
minimist	`1.2.5`	`1.2.8`
node-forge	`1.2.1`	`1.3.1`
terser	`5.11.0`	`5.31.1`
tough-cookie	`4.0.0`	`4.1.4`
webpack	`5.69.1`	`5.92.0`
webpack-dev-middleware	`5.3.1`	`5.3.4`
ws	`7.5.7`	`7.5.10`
word-wrap	`1.2.3`	`1.2.5`

Updates semver from 6.3.0 to 6.3.1

Release notes

Sourced from semver's releases.

v6.3.1

6.3.1 (2023-07-10)

Bug Fixes

928e56d #591 better handling of whitespace (#591) (@lukekarrys, @joaomoreno, @nicolo-ribaudo)

Changelog

Sourced from semver's changelog.

6.3.1 (2023-07-10)

Bug Fixes

928e56d #591 better handling of whitespace (#591) (@lukekarrys, @joaomoreno, @nicolo-ribaudo)

6.2.0

Coerce numbers to strings when passed to semver.coerce()

Add rtl option to coerce from right to left

6.1.3

Handle X-ranges properly in includePrerelease mode

6.1.2

Do not throw when testing invalid version strings

6.1.1

Add options support for semver.coerce()

Handle undefined version passed to Range.test

6.1.0

Add semver.compareBuild function

Support * in semver.intersects

6.0

Fix intersects logic.

This is technically a bug fix, but since it is also a change to behavior that may require users updating their code, it is marked as a major version increment.

5.7

Add minVersion method

5.6

Move boolean loose param to an options object, with backwards-compatibility protection.

Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

... (truncated)

Commits

44d27bc chore: release 6.3.1
928e56d fix: better handling of whitespace (#591)
39f6326 chore: @npmcli/template-oss@4.16.0
See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates @babel/traverse from 7.17.3 to 7.24.7

Release notes

Sourced from @babel/traverse's releases.

v7.24.7 (2024-06-05)

🐛 Bug Fix

babel-node

#16554 Allow extra flags in babel-node (@nicolo-ribaudo)

babel-traverse

#16522 fix: incorrect constantViolations with destructuring (@liuxingbaoyu)

babel-helper-transform-fixture-test-runner, babel-plugin-proposal-explicit-resource-management

#16524 fix: Transform using in switch correctly (@liuxingbaoyu)

🏠 Internal

babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16525 Delete unused array helpers (@blakewilson)

Committers: 7

Amjad Yahia Robeen Hassan (@amjed-98)

Babel Bot (@babel-bot)

Blake Wilson (@blakewilson)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

Sukka (@SukkaW)

@liuxingbaoyu

v7.24.6 (2024-05-24)

Thanks @amjed-98, @blakewilson, @coelhucas, and @SukkaW for your first PRs!

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16514 Fix source maps for private member expressions (@nicolo-ribaudo)

babel-core, babel-generator, babel-plugin-transform-modules-commonjs

#16515 Fix source maps for template literals (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16485 Support undecorated static accessor in anonymous classes (@JLHwung)

#16484 Fix decorator bare yield await (@JLHwung)

babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3

#16483 Fix: throw TypeError if addInitializer is called after finished (@JLHwung)

babel-parser, babel-plugin-transform-typescript

#16476 fix: Correctly parse cls.fn<C> = x (@liuxingbaoyu)

🏠 Internal

babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16501 Generate helper metadata at build time (@nicolo-ribaudo)

babel-helpers

#16499 Add tsconfig.json for @babel/helpers/src/helpers (@nicolo-ribaudo)

babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16495 Move all runtime helpers to individual files (@nicolo-ribaudo)

babel-parser, babel-traverse

#16482 Statically generate boilerplate for bitfield accessors (@nicolo-ribaudo)

Other

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.24.7 (2024-06-05)

🐛 Bug Fix

babel-node

#16554 Allow extra flags in babel-node (@nicolo-ribaudo)

babel-traverse

#16522 fix: incorrect constantViolations with destructuring (@liuxingbaoyu)

babel-helper-transform-fixture-test-runner, babel-plugin-proposal-explicit-resource-management

#16524 fix: Transform using in switch correctly (@liuxingbaoyu)

🏠 Internal

babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16525 Delete unused array helpers (@blakewilson)

v7.24.6 (2024-05-24)

🐛 Bug Fix

babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties

#16514 Fix source maps for private member expressions (@nicolo-ribaudo)

babel-core, babel-generator, babel-plugin-transform-modules-commonjs

#16515 Fix source maps for template literals (@nicolo-ribaudo)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16485 Support undecorated static accessor in anonymous classes (@JLHwung)

#16484 Fix decorator bare yield await (@JLHwung)

babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3

#16483 Fix: throw TypeError if addInitializer is called after finished (@JLHwung)

babel-parser, babel-plugin-transform-typescript

#16476 fix: Correctly parse cls.fn<C> = x (@liuxingbaoyu)

🏠 Internal

babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16501 Generate helper metadata at build time (@nicolo-ribaudo)

babel-helpers

#16499 Add tsconfig.json for @babel/helpers/src/helpers (@nicolo-ribaudo)

babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16495 Move all runtime helpers to individual files (@nicolo-ribaudo)

babel-parser, babel-traverse

#16482 Statically generate boilerplate for bitfield accessors (@nicolo-ribaudo)

Other

#16466 Migrate import assertions syntax (@JLHwung)

v7.24.5 (2024-04-29)

🐛 Bug Fix

babel-plugin-transform-classes, babel-traverse

#16377 fix: TypeScript annotation affects output (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3

#16440 Fix suppressed error order (@sossost)

#16408 Await nullish async disposable (@JLHwung)

💅 Polish

babel-parser

... (truncated)

Commits

bf1e9a3 v7.24.7
4463aa5 fix: incorrect constantViolations with destructuring (#16522)
07bd000 Improve getBindingIdentifiers (#16544)
17a5502 [Babel 8] Remove extra.shorthand (#16521)
7934963 Use type: module in all package.jsons (#16535)
9630250 v7.24.6
1f010df Explicitly define NodePath.prototype.* (#16488)
6e3539b [babel 8] Publish .d.ts files for every package (#16416)
e37e64d Use eslint v9 (#16479)
3ff20b9 Statically generate boilerplate for bitfield accessors (#16482)
Additional commits viewable in compare view

Updates ansi-regex from 4.1.0 to 4.1.1

Commits

64735d2 v4.1.1
75a657d Fix potential ReDoS (#37)
See full diff in compare view

Updates async from 2.6.3 to 2.6.4

Changelog

Sourced from async's changelog.

v2.6.4

Fix potential prototype pollution exploit (#1828)

Commits

c6bdaca Version 2.6.4
8870da9 Update built files
4df6754 update changelog
8f7f903 Fix prototype pollution vulnerability (#1828)
See full diff in compare view

Maintainer changes

This version was pushed to npm by hargasinski, a new releaser for async since your current version.

Updates json5 from 1.0.1 to 1.0.2

Release notes

Sourced from json5's releases.

v1.0.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)

Changelog

Sourced from json5's changelog.

Unreleased [code, diff]

v2.2.3 [code, diff]

Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

... (truncated)

Commits

a62db1e 1.0.2
e0c23fe docs: update CHANGELOG for v1.0.2
62a6540 fix: add proto to objects and arrays
See full diff in compare view

Updates loader-utils from 1.4.0 to 1.4.2

Release notes

Sourced from loader-utils's releases.

v1.4.2

1.4.2 (2022-11-11)

Bug Fixes

ReDoS problem (#226) (17cbf8f)

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

Changelog

Sourced from loader-utils's changelog.

1.4.2 (2022-11-11)

Bug Fixes

ReDoS problem (#226) (17cbf8f)

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

Commits

331ad50 chore(release): 1.4.2
17cbf8f fix: ReDoS problem (#226)
8f082b3 chore(release): 1.4.1
4504e34 fix: security problem (#220)
See full diff in compare view

Updates crypto-js from 4.1.1 to 4.2.0

Commits

808f499 Merge branch 'release/4.2.0'
d5af3ae Update release notes.
9496e07 Bump version.
421dd53 Change default hash algorithm and iteration's for PBKDF2 to prevent weak secu...
d1f4f4d Update grunt.
c755289 Discontinued
1da3dab Discontinued
4dcaa7a Merge pull request #380 from Alanscut/dev
762feb2 chore: rename BF to Blowfish
fb81418 feat: blowfish support
Additional commits viewable in compare view

Updates ejs from 3.1.6 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

v3.1.9

Version 3.1.9

v3.1.8

Version 3.1.8

v3.1.7

Version 3.1.7

Commits

d3f807d Version 3.1.10
9ee26dd Mocha TDD
e469741 Basic pollution protection
715e950 Merge pull request #756 from Jeffrey-mu/main
cabe314 Include advanced usage examples
29b076c Added header
11503c7 Merge branch 'main' of github.com:mde/ejs into main
7690404 Added security banner to README
f47d7ae Update SECURITY.md
828cea1 Update SECURITY.md
Additional commits viewable in compare view

Updates express from 4.17.3 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

Fix ci after location patch by @wesleytodd in expressjs/express#5552

fixed un-edited version in history.md for 4.19.0 by @wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

fix typo in release date by @UlisesGascon in expressjs/express#5527

docs: nominating @wesleytodd to be project captian by @wesleytodd in expressjs/express#5511

docs: loosen TC activity rules by @wesleytodd in expressjs/express#5510

Add note on how to update docs for new release by @crandmck in expressjs/express#5541

Prevent open redirect allow list bypass due to encodeurl

Release 4.19.0 by @wesleytodd in expressjs/express#5551

New Contributors

@crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

Fix routing requests without method

deps: body-parser@1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: raw-body@2.5.2

Other Changes

Use https: protocol instead of deprecated git: protocol by @vcsjones in expressjs/express#5032

build: Node.js@16.18 and Node.js@18.12 by @abenhamdine in expressjs/express#5034

ci: update actions/checkout to v3 by @armujahid in expressjs/express#5027

test: remove unused function arguments in params by @raksbisht in expressjs/express#5124

Remove unused originalIndex from acceptParams by @raksbisht in expressjs/express#5119

Fixed typos by @raksbisht in expressjs/express#5117

examples: remove unused params by @raksbisht in expressjs/express#5113

fix: parameter str is not described in JSDoc by @raksbisht in expressjs/express#5130

fix: typos in History.md by @raksbisht in expressjs/express#5131

build : add Node.js@19.7 by @abenhamdine in expressjs/express#5028

test: remove unused function arguments in params by @raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: cookie@0.6.0

4.18.3 / 2024-02-29

Fix routing requests without method

deps: body-parser@1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: raw-body@2.5.2

deps: cookie@0.6.0

Add partitioned option

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: body-parser@1.20.1

deps: qs@6.11.0

perf: remove unnecessary object clone

deps: qs@6.11.0

4.18.1 / 2022-04-29

Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

... (truncated)

Commits

04bc627 4.19.2
da4d763 Improved fix for open redirect allow list bypass
4f0f6cc 4.19.1
a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
a1fa90f fixed un-edited version in history.md for 4.19.0
11f2b1d build: fix build due to inconsistent supertest behavior in older versions
084e365 4.19.0
0867302 Prevent open redirect allow list bypass due to encodeurl
567c9c6 Add note on how to update docs for new release (#5541)
69a4cf2 deps: cookie@0.6.0
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates fast-xml-parser from 3.19.0 to 4.4.0

Release notes

Sourced from fast-xml-parser's releases.

Security Fix

Update to this release if you use entity parsing in Fast XML Parser.

v4

Generating different combined, parser only, builder only, validator only browser bundles

Keeping cjs modules as they can be imported in cjs and esm modules both. Otherwise refer esm branch.

4.0.0-beta.8 / 2021-12-13

call tagValueProcessor for stop nodes

4.0.0-beta.7 / 2021-12-09

fix Validator bug when an attribute has no value but '=' only

XML Builder should suppress unpaired tags by default.

documents update for missing features

refactoring to use Object.assign

refactoring to remove repeated code

4.0.0-beta.6 / 2021-12-05

Support PI Tags processing

Support suppressBooleanAttributes by XML Builder for attributes with value true.

4.0.0-beta.5 / 2021-12-04

fix: when a tag with name "attributes"

4.0.0-beta.4 / 2021-12-02

Support HTML document parsing

skip stop nodes parsing when building the XML from JS object

Support external entites without DOCTYPE

update dev dependency: strnum v1.0.5 to fix long number issue

4.0.0-beta.3 / 2021-11-30

support global stopNodes expression like "*.stop"

support self-closing and paired unpaired tags

fix: CDATA should not be parsed.

Fix typings for XMLBuilder (#396)(By Anders Emil Salvesen)

supports XML entities, HTML entities, DOCTYPE entities

⚠️ 4.0.0-beta.2 / 2021-11-19

rename attrMap to attibutes in parser output when preserveOrder:true

supports unpairedTags

⚠️ 4.0.0-beta.1 / 2021-11-18

Parser returns an array now

to make the structure common

and to return root level detail

renamed cdataTagName to cdataPropName

Added commentPropName

fix typings

⚠️ 4.0.0-beta.0 / 2021-11-16

... (truncated)

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

4.4.0 / 2024-05-18

fix #654: parse attribute list correctly for self closing stop node.

fix: validator bug when closing tag is not opened. (#647) (By Ryosuke Fukatani)

fix #581: typings; return type of tagValueProcessor & attributeValueProcessor (#582) (By monholm)

4.3.6 / 2024-03-16

Add support for parsing HTML numeric entities (#645) (By Jonas Schade )

4.3.5 / 2024-02-24

code for v5 is added for experimental use

4.3.4 / 2024-01-10

fix: Don't escape entities in CDATA sections (#633) (By wackbyte)

4.3.3 / 2024-01-10

Remove unnecessary regex

4.3.2 / 2023-10-02

fix jObj.hasOwnProperty when give input is null (By Arda TANRIKULU)

4.3.1 / 2023-09-24

revert back "Fix typings for builder and parser to make return type generic" to avoid failure of existing projects. Need to decide a common approach.

4.3.0 / 2023-09-20

Fix stopNodes to work with removeNSPrefix (#607) (#608) (By [Craig Andrews]https://github.com/candrews))

Fix #610 ignore properties set to Object.prototype

Fix typings for builder and parser to make return type generic (By Sarah Dayan)

4.2.7 / 2023-07-30

Fix: builder should set text node correctly when only textnode is present (#589) (By qianqing)

Fix: Fix for null and undefined attributes when building xml (#585) (#598). A null or undefined value should be ignored. (By Eugenio Ceschia)

4.2.6 / 2023-07-17

Fix: Remove trailing slash from jPath for self-closing tags (#595) (By Maciej Radzikowski)

4.2.5 / 2023-06-22

change code implementation

4.2.4 / 2023-06-06

fix security bug

4.2.3 / 2023-06-05

fix security bug

4.2.2 / 2023-04-18

fix #562: fix unpaired tag when it comes in last of a nested tag. Also throw error when unpaired tag is used as closing tag

4.2.1 / 2023-04-18

... (truncated)

Commits

96f7501 update package detail
151b8f4 fix #654: parse attribute list correctly for self closing stop node
1a384a5 Run PR tests on node 16
2ae1f62 fix: return type for tagValueProcessor & attributeValueProcessor (#582)
9118736 docs: fix typos in v5 document fast-xml-parse (#650)
a96b968 fix: validator bag when closing tag is not opened. (#647)
3ab1b3b update pcakge detail
4c26aaa fix v5 options, add docs
391f24f Add support for parsing HTML numeric entities (#645)
072b2b0 update dev dependencies
Additional commits viewable in compare view

Updates aws-amplify from 4.3.14 to 6.3.7

Release notes

Sourced from aws-amplify's releases.

2024-06-18 Amplify JS release - aws-amplify@6.3.7

What's Changed

chore: Fix broken README links by @jimblanc in aws-amplify/amplify-js#13468

chore(actions): run codeql on PRs to release by @ashwinkumar6 in aws-amplify/amplify-js#13460

release(required): an expired token that has valid signature is not considered a valid token by @HuiSF in aws-amplify/amplify-js#13464

chore(auth): enable lint on tests by @HuiSF in aws-amplify/amplify-js#13429

chore: add additional codeowners by @HuiSF in aws-amplify/amplify-js#13491

ci: disable websocket disruption e2e by @iartemiev in aws-amplify/amplify-js#13496

chore(repo): add ssr two clients E2E by @HuiSF in aws-amplify/amplify-js#13482

chore(deps): bump braces from 3.0.2 to 3.0.3 by @dependabot in aws-amplify/amplify-js#13497

release: Amplify JS release by @jimblanc in aws-amplify/amplify-js#13502

Full Changelog: https://github.com/aws-amplify/amplify-js/compare/aws-amplify@6.3.6...aws-amplify@6.3.7

2024-06-06 Amplify JS release - aws-amplify@6.3.6

What's Changed

release(required): Parsing custom oAuth in amplify_outputs by @ashika112 in aws-amplify/amplify-js#13474

Full Changelog: https://github.com/aws-amplify/amplify-js/compare/aws-amplify@6.3.5...aws-amplify@6.3.6

2024-06-04 Amplify JS release - aws-amplify@6.3.5

What's Changed

chore: Merge release into main by @aws-amplify-ops in aws-amplify/amplify-js#13417

chore: Merge release into main by @aws-amplify-ops in aws-amplify/amplify-js#13423

Update CONTRIBUTING.md by @haverchuck in aws-amplify/amplify-js#13427

chore: (api-rest) enable linting on tests by @ashika112 in aws-amplify/amplify-js#13441

chore(analytics): enable linting on tests by @HuiSF in aws-amplify/amplify-js#13430

chore: (Geo) enable linting on tests by @ashika112 in aws-amplify/amplify-js#13437

chore: (Notifications) enable linting on tests by @ashika112 in aws-amplify/amplify-js#13438

chore(repo): remove esm for watch modes from onboarding guidelines by @joon-won in aws-amplify/amplify-js#13442

chore: Store NPM logs as artifacts in CI by @jimblanc in aws-amplify/amplify-js#13447

fix: pin node version in gh actions by @erinleigh90 in aws-amplify/amplify-js#13450

fix(storage): Fix MD5 calculation by @cshfang in aws-amplify/amplify-js#13458

feat(ci): enable sign-in-with-oauth e2e test on vue by @israx in aws-amplify/amplify-js#13449

release: Amplify JS release by @erinleigh90 in aws-amplify/amplify-js#13459

New Contributors

@joon-won made their first contribution in aws-amplify/amplify-js#13442

Full Changelog: https://github.com/aws-amplify/amplify-js/compare/aws-amplify@6.3.4...aws-amplify@6.3.5

2024-05-23 Amplify JS release - aws-amplify@6.3.4

What's Changed

release(required): adapter-nextjs validate if access and id tokens are valid cognito tokens by @ashwinkumar6 in aws-amplify/amplify-js#13415

Full Changelog: https://github.com/aws-amplify/amplify-js/compare/aws-amplify@6.3.3...aws-amplify@6.3.4

2024-05-22 Amplify JS release - aws-amplify@6.3.3

... (truncated)

Commits

83f892a chore(release): Publish [skip release]
5c6b6f1 release: Amplify JS release (#13502)
de6b06d chore(deps): bump braces from 3.0.2 to 3.0.3 (#13497)
5d97010 chore(repo): add ssr two clients E2E (#13482)
85a826e ci: disable websocket disruption e2e (#13496)
d7354f8 chore: add additional codeowners (#13491)
abebe1f chore(auth): enable lint on tests (#13429)
d93b687 chore: Merge release into main (#13481)
dc9b8ee Merge branch 'main' into temp/release-merge-1717787845
61b2bf1 chore(release): update API docs [skip release]
Additional commits viewable in compare view

Updates follow-redirects from 1.14.9 to 1.15.6

Commits

35a517c Release version 1.15.6 of the npm package.
c4f847f Drop Proxy-Authorization across hosts.
8526b4a Use GitHub for disclosure.
b1677ce Release version 1.15.5 of the npm package.
d8914f7 Preserve fragment in responseUrl.
6585820 Release version 1.15.4 of the npm package.
7a6567e Disallow bracketed hostnames.
05629af Prefer native URL instead of deprecated url.parse.
1cba8e8 Prefer native URL instead of legacy url.resolve.
72bc2a4 Simplify _processResponse error handling.
Additional commits view...
Description has been truncated

Bumps the npm_and_yarn group with 22 updates in the / directory: | Package | From | To | | --- | --- | --- | | [semver](https://github.com/npm/node-semver) | `6.3.0` | `6.3.1` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.17.3` | `7.24.7` | | [ansi-regex](https://github.com/chalk/ansi-regex) | `4.1.0` | `4.1.1` | | [async](https://github.com/caolan/async) | `2.6.3` | `2.6.4` | | [json5](https://github.com/json5/json5) | `1.0.1` | `1.0.2` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.4.0` | `1.4.2` | | [crypto-js](https://github.com/brix/crypto-js) | `4.1.1` | `4.2.0` | | [ejs](https://github.com/mde/ejs) | `3.1.6` | `3.1.10` | | [express](https://github.com/expressjs/express) | `4.17.3` | `4.19.2` | | [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `3.19.0` | `4.4.0` | | [aws-amplify](https://github.com/aws-amplify/amplify-js) | `4.3.14` | `6.3.7` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.14.9` | `1.15.6` | | [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.2` | | [recursive-readdir](https://github.com/jergason/recursive-readdir) | `2.2.2` | `2.2.3` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` | | [node-forge](https://github.com/digitalbazaar/forge) | `1.2.1` | `1.3.1` | | [terser](https://github.com/terser/terser) | `5.11.0` | `5.31.1` | | [tough-cookie](https://github.com/salesforce/tough-cookie) | `4.0.0` | `4.1.4` | | [webpack](https://github.com/webpack/webpack) | `5.69.1` | `5.92.0` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.1` | `5.3.4` | | [ws](https://github.com/websockets/ws) | `7.5.7` | `7.5.10` | | [word-wrap](https://github.com/jonschlinkert/word-wrap) | `1.2.3` | `1.2.5` | Updates `semver` from 6.3.0 to 6.3.1 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v6.3.1/CHANGELOG.md) - [Commits](npm/node-semver@v6.3.0...v6.3.1) Updates `@babel/traverse` from 7.17.3 to 7.24.7 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.7/packages/babel-traverse) Updates `ansi-regex` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/chalk/ansi-regex/releases) - [Commits](chalk/ansi-regex@v4.1.0...v4.1.1) Updates `async` from 2.6.3 to 2.6.4 - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) Updates `json5` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v1.0.1...v1.0.2) Updates `loader-utils` from 1.4.0 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.4.0...v1.4.2) Updates `crypto-js` from 4.1.1 to 4.2.0 - [Commits](brix/crypto-js@4.1.1...4.2.0) Updates `ejs` from 3.1.6 to 3.1.10 - [Release notes](https://github.com/mde/ejs/releases) - [Commits](mde/ejs@v3.1.6...v3.1.10) Updates `express` from 4.17.3 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.17.3...4.19.2) Updates `fast-xml-parser` from 3.19.0 to 4.4.0 - [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases) - [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md) - [Commits](NaturalIntelligence/fast-xml-parser@3.19.0...v4.4.0) Updates `aws-amplify` from 4.3.14 to 6.3.7 - [Release notes](https://github.com/aws-amplify/amplify-js/releases) - [Commits](https://github.com/aws-amplify/amplify-js/compare/aws-amplify@4.3.14...aws-amplify@6.3.7) Updates `follow-redirects` from 1.14.9 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.14.9...v1.15.6) Updates `minimatch` from 3.0.4 to 3.1.2 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.2) Updates `recursive-readdir` from 2.2.2 to 2.2.3 - [Changelog](https://github.com/jergason/recursive-readdir/blob/master/CHANGELOG.md) - [Commits](https://github.com/jergason/recursive-readdir/commits/v2.2.3) Updates `minimist` from 1.2.5 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.8) Updates `node-forge` from 1.2.1 to 1.3.1 - [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md) - [Commits](digitalbazaar/forge@v1.2.1...v1.3.1) Updates `terser` from 5.11.0 to 5.31.1 - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](terser/terser@v5.11.0...v5.31.1) Updates `tough-cookie` from 4.0.0 to 4.1.4 - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](salesforce/tough-cookie@v4.0.0...v4.1.4) Updates `webpack` from 5.69.1 to 5.92.0 - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.69.1...v5.92.0) Updates `webpack-dev-middleware` from 5.3.1 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.1...v5.3.4) Updates `ws` from 7.5.7 to 7.5.10 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@7.5.7...7.5.10) Updates `word-wrap` from 1.2.3 to 1.2.5 - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5) --- updated-dependencies: - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ansi-regex dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: async dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: crypto-js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ejs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: fast-xml-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: aws-amplify dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimatch dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: recursive-readdir dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: node-forge dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: terser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: tough-cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: word-wrap dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

vercel · 2024-06-19T13:31:22Z

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
create-react-app-auth-amplify	❌ Failed (Inspect)			Jun 19, 2024 1:32pm

dependabot bot added the dependencies Pull requests that update a dependency file label Jun 19, 2024

dependabot bot mentioned this pull request Jun 19, 2024

Bump the npm_and_yarn group across 1 directory with 22 updates #4

Closed

vercel bot had a problem deploying to Preview June 19, 2024 13:32 Failure

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 1 directory with 22 updates#5

Bump the npm_and_yarn group across 1 directory with 22 updates#5
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/npm_and_yarn-09d5d2cdf9

dependabot bot commented on behalf of github Jun 19, 2024

Uh oh!

vercel bot commented Jun 19, 2024 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Jun 19, 2024

v6.3.1

6.3.1 (2023-07-10)

Bug Fixes

6.3.1 (2023-07-10)

Bug Fixes

6.2.0

6.1.3

6.1.2

6.1.1

6.1.0

6.0

5.7

5.6

5.5

v7.24.7 (2024-06-05)

🐛 Bug Fix

🏠 Internal

Committers: 7

v7.24.6 (2024-05-24)

🐛 Bug Fix

🏠 Internal

v7.24.7 (2024-06-05)

🐛 Bug Fix

🏠 Internal

v7.24.6 (2024-05-24)

🐛 Bug Fix

🏠 Internal

v7.24.5 (2024-04-29)

🐛 Bug Fix

💅 Polish

v2.6.4

v1.0.2

Unreleased [code, diff]

v2.2.3 [code, diff]

v2.2.2 [code, diff]

v2.2.1 [code, diff]

v2.2.0 [code, diff]

v2.1.3 [code, diff]

v2.1.2 [code, diff]

v1.4.2

1.4.2 (2022-11-11)

Bug Fixes

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

1.4.2 (2022-11-11)

Bug Fixes

1.4.1 (2022-11-07)

Bug Fixes

v3.1.10

v3.1.9

v3.1.8

v3.1.7

4.19.2

What's Changed

4.19.1

What's Changed

4.19.0

What's Changed

New Contributors

4.18.3

Main Changes

Other Changes

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

4.18.2 / 2022-10-08

4.18.1 / 2022-04-29

4.18.0 / 2022-04-25

Security Fix

v4

2024-06-18 Amplify JS release - aws-amplify@6.3.7

What's Changed

2024-06-06 Amplify JS release - aws-amplify@6.3.6

What's Changed

2024-06-04 Amplify JS release - aws-amplify@6.3.5

What's Changed

vercel bot commented Jun 19, 2024 •

edited

Loading