Skip to content

chore(deps): bump the npm_and_yarn group across 2 directories with 24 updates#7

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/npm_and_yarn-2499882d2a
Open

chore(deps): bump the npm_and_yarn group across 2 directories with 24 updates#7
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/npm_and_yarn-2499882d2a

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown

Bumps the npm_and_yarn group with 6 updates in the / directory:

Package From To
react-native 0.61.5 0.69.12
brace-expansion 1.1.11 1.1.16
decode-uri-component 0.2.0 0.2.2
js-yaml 3.14.1 3.15.0
minimatch 3.1.2 3.1.5
serve-static 1.15.0 1.16.3

Bumps the npm_and_yarn group with 16 updates in the /Example directory:

Package From To
@babel/helpers 7.15.3 7.29.7
@babel/traverse 7.15.0 7.29.7
brace-expansion 1.1.11 1.1.16
decode-uri-component 0.2.0 0.2.2
js-yaml 3.14.1 3.15.0
json5 2.2.0 2.2.3
minimatch 3.0.4 3.1.5
minimist 1.2.5 1.2.8
react-devtools-core 4.15.0 4.28.5
serve-static 1.14.1 1.16.3
handlebars 4.7.7 4.7.9
jws 3.2.2 3.2.3
min-document 2.19.0 2.19.2
nanoid 3.1.25 3.3.15
picomatch 2.3.0 2.3.2
url-parse 1.5.3 1.5.10

Updates react-native from 0.61.5 to 0.69.12

Changelog

Sourced from react-native's changelog.

v0.69.12

Changed

iOS specific

Fixed

Android specific

v0.69.11

Fixed

iOS specific

v0.69.10

Fixed

Android specific

v0.69.9

Changed

iOS specific

Fixed

iOS specific

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by react-native-bot, a new releaser for react-native since your current version.


Updates @babel/core from 7.18.9 to 7.29.7

Release notes

Sourced from @​babel/core's releases.

v7.29.7 (2026-05-25)

Re-release all packages with npm provenance attestations

v7.29.6 (2026-05-25)

🐛 Bug Fix

Committers: 3

v7.29.5 (2026-05-05)

🏠 Internal

  • babel-preset-env
    • Update @babel/* dependencies

v7.29.4 (2026-05-05)

🐛 Bug Fix

  • babel-plugin-transform-modules-systemjs
    • #17974 [7.x backport]fix(systemjs): improve module string name support (@​JLHwung)

Committers: 1

v7.29.3 (2026-04-30)

👓 Spec Compliance

🐛 Bug Fix

  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
    • #17931 fix(decorators): replace super within all removed static elements (@​JLHwung)
  • babel-register
  • babel-compat-data, babel-plugin-bugfix-safari-rest-destructuring-rhs-array, babel-preset-env

💅 Polish

  • babel-parser

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​babel/core since your current version.


Updates @babel/helpers from 7.18.9 to 7.29.7

Release notes

Sourced from @​babel/helpers's releases.

v7.29.7 (2026-05-25)

Re-release all packages with npm provenance attestations

v7.29.6 (2026-05-25)

🐛 Bug Fix

Committers: 3

v7.29.5 (2026-05-05)

🏠 Internal

  • babel-preset-env
    • Update @babel/* dependencies

v7.29.4 (2026-05-05)

🐛 Bug Fix

  • babel-plugin-transform-modules-systemjs
    • #17974 [7.x backport]fix(systemjs): improve module string name support (@​JLHwung)

Committers: 1

v7.29.3 (2026-04-30)

👓 Spec Compliance

🐛 Bug Fix

  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
    • #17931 fix(decorators): replace super within all removed static elements (@​JLHwung)
  • babel-register
  • babel-compat-data, babel-plugin-bugfix-safari-rest-destructuring-rhs-array, babel-preset-env

💅 Polish

  • babel-parser

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​babel/helpers since your current version.


Updates brace-expansion from 1.1.11 to 1.1.16

Release notes

Sourced from brace-expansion's releases.

v1.1.15

  • Backport v5.0.6 change to v1 (#111) 0b09384

juliangruber/brace-expansion@v1.1.14...v1.1.15

v1.1.12

  • pkg: publish on tag 1.x c460dbd
  • fmt ccb8ac6
  • Fix potential ReDoS Vulnerability or Inefficient Regular Expression (#65) c3c73c8

juliangruber/brace-expansion@v1.1.11...v1.1.12

Commits

Updates cross-spawn from 5.1.0 to 6.0.5

Changelog

Sourced from cross-spawn's changelog.

6.0.5 (2018-03-02)

Bug Fixes

6.0.4 (2018-01-31)

Bug Fixes

  • fix paths being incorrectly normalized on unix (06ee3c6), closes #90

6.0.3 (2018-01-23)

6.0.2 (2018-01-23)

6.0.1 (2018-01-23)

6.0.0 (2018-01-23)

Bug Fixes

  • fix certain arguments not being correctly escaped or causing batch syntax error (900cf10), closes #82 #51
  • fix commands as posix relatixe paths not working correctly, e.g.: ./my-command (900cf10)
  • fix options argument being mutated (900cf10)
  • fix commands resolution when PATH was actually Path (900cf10)

Features

  • improve compliance with node's ENOENT errors (900cf10)
  • improve detection of node's shell option support (900cf10)

... (truncated)

Commits
  • 301187a chore(release): 6.0.5
  • ae85d40 chore: fix linting errors
  • d5770df fix: avoid using deprecated Buffer constructor (#94)
  • 6b64987 chore(package): update lint-staged to version 7.0.0 (#93)
  • 39166eb chore: update eslint-config-moxy dependency
  • 213aa43 Merge pull request #92 from moxystudio/greenkeeper/eslint-config-moxy-5.0.0
  • 35b1ff0 chore(package): update eslint-config-moxy to version 5.0.0
  • 52e557e chore(release): 6.0.4
  • 6f43a61 Merge pull request #91 from moxystudio/fix-unix-path-normalize
  • 06ee3c6 fix: fix paths being incorrectly normalized on unix
  • Additional commits viewable in compare view

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

  • Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

  • Switch to GitHub workflows 76abc93
  • Fix issue where decode throws - fixes #6 746ca5d
  • Update license (#1) 486d7e2
  • Tidelift tasks a650457
  • Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

Updates hermes-engine from 0.2.1 to 0.11.0

Release notes

Sourced from hermes-engine's releases.

Release v0.4.1

This release fixes a memory leak related to WeakMaps. It's a drop-in replacement for v0.4.0 in react-native 0.62.0.

Release v0.3.0

This release is primarily to publish breaking source changes for integration with the next version of React Native. It is not compatible with existing builds of React Native, up to and including 0.61.4. Please wait for the next React Native release before trying out Hermes v0.3.0!

As always there are many bug fixes and performance improvements, including faster string concatenation and native support for ES6 spread operators.

Commits
  • 2040453 Bump versions for 0.11.0 cut
  • 6c53047 Run Hermes CMake from cargo
  • 67fe974 Bump nanoid from 3.1.22 to 3.2.0 in /website (#666)
  • 10d4945 Handle type params in methods
  • bd64b09 Avoid parens around spread arguments
  • deabbfd Use proper quotes in string literal type annotation
  • ae61d74 Fix extra parens in property assignment
  • 1ba8ef6 Store raw values for string literals as JSX attributes
  • 46faa15 Enable some syscalls to resume after SIGPROF
  • 8bebc9b fix handling of imports
  • Additional commits viewable in compare view

Updates js-yaml from 3.14.1 to 3.15.0

Changelog

Sourced from js-yaml's changelog.

4.3.0, 3.15.0 - 2026-06-27

Security

  • Backported maxTotalMergeKeys option.

[5.2.0] - 2026-06-26

Added

  • Added maxTotalMergeKeys (10000) loader option to limit the total number of keys processed by YAML merge (<<) across one load() / loadAll() call.
  • Added maxAliases (-1) loader option to limit the number of YAML aliases per document.

Removed

  • maxMergeSeqLength replaced with maxTotalMergeKeys for limiting YAML merge processing.

Fixed

  • Round-trip of integers with exponential form (>= 1e21)

[5.1.0] - 2026-06-23

Added

  • Collection tags can finalize an incrementally populated carrier into a different result value.

Changed

  • [breaking] quoteStyle now selects the preferred quote style; use the restored forceQuotes option to force quoting non-key strings.

[5.0.0] - 2026-06-20

Added

  • Added named exports for schemas, tags, parser events and AST utilities.
  • Reworked JSON_SCHEMA and CORE_SCHEMA with spec-compliant scalar resolution rules, and added YAML11_SCHEMA.
  • Added realMapTag for lossless mappings with non-string and complex keys. Object-based mappings now reject complex keys instead of stringifying them.
  • Added dump() transform option for changing the generated AST before rendering.
  • Added dump() options seqInlineFirst, flowBracketPadding, flowSkipCommaSpace, flowSkipColonSpace, quoteFlowKeys, quoteStyle and tagBeforeAnchor.
  • Added formal data layers (events and AST) for modular data pipelines.
    • Added low-level parser (to events), presenter and visitor APIs.
  • Added the YAML Test Suite to the test set.

Changed

  • See the migration guide for upgrade notes.
  • Rewritten in TypeScript and reorganized the public API around flat named exports.

... (truncated)

Commits

Updates json5 from 2.2.1 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Commits
  • c3a7524 2.2.3
  • 94fd06d docs: update CHANGELOG for v2.2.3
  • 3b8cebf docs(security): use GitHub security advisories
  • f0fd9e1 docs: publish a security policy
  • 6a91a05 docs(template): bug -> bug report
  • 14f8cb1 2.2.2
  • 10cc7ca docs: update CHANGELOG for v2.2.2
  • 7774c10 fix: add proto to objects and arrays
  • edde30a Readme: slight tweak to intro
  • 97286f8 Improve example in readme
  • Additional commits viewable in compare view

Updates lodash from 4.17.21 to 4.18.1

Release notes

Sourced from lodash's releases.

4.18.1

Bugs

Fixes a ReferenceError issue in lodash lodash-es lodash-amd and lodash.template when using the template and fromPairs functions from the modular builds. See lodash/lodash#6167

These defects were related to how lodash distributions are built from the main branch using https://github.com/lodash-archive/lodash-cli. When internal dependencies change inside lodash functions, equivalent updates need to be made to a mapping in the lodash-cli. (hey, it was ahead of its time once upon a time!). We know this, but we missed it in the last release. It's the kind of thing that passes in CI, but fails bc the build is not the same thing you tested.

There is no diff on main for this, but you can see the diffs for each of the npm packages on their respective branches:

4.18.0

v4.18.0

Full Changelog: lodash/lodash@4.17.23...4.18.0

Security

_.unset / _.omit: Fixed prototype pollution via constructor/prototype path traversal (GHSA-f23m-r3pf-42rh, fe8d32e). Previously, array-wrapped path segments and primitive roots could bypass the existing guards, allowing deletion of properties from built-in prototypes. Now constructor and prototype are blocked unconditionally as non-terminal path keys, matching baseSet. Calls that previously returned true and deleted the property now return false and leave the target untouched.

_.template: Fixed code injection via imports keys (GHSA-r5fr-rjxr-66jc, CVE-2026-4800, 879aaa9). Fixes an incomplete patch for CVE-2021-23337. The variable option was validated against reForbiddenIdentifierChars but importsKeys was left unguarded, allowing code injection via the same Function() constructor sink. imports keys containing forbidden identifier characters now throw "Invalid imports option passed into _.template".

Docs

  • Add security notice for _.template in threat model and API docs (#6099)
  • Document lower > upper behavior in _.random (#6115)
  • Fix quotes in _.compact jsdoc (#6090)

lodash.* modular packages

Diff

We have also regenerated and published a select number of the lodash.* modular packages.

These modular packages had fallen out of sync significantly from the minor/patch updates to lodash. Specifically, we have brought the following packages up to parity w/ the latest lodash release because they have had CVEs on them in the past:

Commits
  • cb0b9b9 release(patch): bump main to 4.18.1 (#6177)
  • 75535f5 chore: prune stale advisory refs (#6170)
  • 62e91bc docs: remove n_ Node.js < 6 REPL note from README (#6165)
  • 59be2de release(minor): bump to 4.18.0 (#6161)
  • af63457 fix: broken tests for _.template 879aaa9
  • 1073a76 fix: linting issues
  • 879aaa9 fix: validate imports keys in _.template
  • fe8d32e fix: block prototype pollution in baseUnset via constructor/prototype traversal
  • 18ba0a3 refactor(fromPairs): use baseAssignValue for consistent assignment (#6153)
  • b819080 ci: add dist sync validation workflow (#6137)
  • Additional commits viewable in compare view

Updates minimatch from 3.1.2 to 3.1.5

Commits

Updates node-fetch from 1.7.3 to 2.6.7

Release notes

Sourced from node-fetch's releases.

v2.6.7

Security patch release

Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred

What's Changed

Full Changelog: node-fetch/node-fetch@v2.6.6...v2.6.7

v2.6.6

What's Changed

Full Changelog: node-fetch/node-fetch@v2.6.5...v2.6.6

v2.6.2

fixed main path in package.json

v2.6.1

This is an important security release. It is strongly recommended to update as soon as possible.

See CHANGELOG for details.

v2.6.0

See CHANGELOG.

v2.5.0

See CHANGELOG.

v2.4.1

See CHANGELOG.

v2.4.0

See CHANGELOG.

v2.3.0

See CHANGELOG.

v2.2.1

See CHANGELOG.

Version 2.1.2

  • Fix: allow Body methods to work on ArrayBuffer-backed Body` objects
  • Fix: reject promise returned by Body methods when the accumulated Buffer exceeds the maximum size
  • Fix: support custom Host headers with any casing
  • Fix: support importing fetch() from TypeScript in browser.js
  • Fix: handle the redirect response body properly

... (truncated)

Commits
  • 1ef4b56 backport of #1449 (#1453)
  • 8fe5c4e 2.x: Specify encoding as an optional peer dependency in package.json (#1310)
  • f56b0c6 fix(URL): prefer built in URL version when available and fallback to whatwg (...
  • b5417ae fix: import whatwg-url in a way compatible with ESM Node (#1303)
  • 18193c5 fix v2.6.3 that did not sending query params (#1301)
  • ace7536 fix: properly encode url with unicode characters (#1291)
  • 152214c Fix(package.json): Corrected main file path in package.json (#1274)
  • b5e2e41 update version number
  • 2358a6c Honor the size option after following a redirect and revert data uri support
  • 8c197f8 docs: Fix typos and grammatical errors in README.md (#686)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by endless, a new releaser for node-fetch since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


Updates react-devtools-core from 3.6.3 to 4.24.0

Commits
Maintainer changes

This version was pushed to npm by hoxyq, a new releaser for react-devtools-core since your current version.


Updates serve-static from 1.15.0 to 1.16.3

Release notes

Sourced from serve-static's releases.

v1.16.3

What's Changed

Full Changelog: expressjs/serve-static@v1.16.2...v1.16.3

v1.16.2

What's Changed

Full Changelog: expressjs/serve-static@v1.16.1...v1.16.2

v1.16.1

What's Changed

New Contributors

Full Changelog: expressjs/serve-static@1.16.0...v1.16.1

1.16.0

What's Changed

New Contributors

Full Changelog: expressjs/serve-static@v1.15.0...1.16.0

Changelog

Sourced from serve-static's changelog.

1.16.3 / 2024-12-15

  • deps: send@~0.19.1
    • deps: encodeurl@~2.0.0

1.16.2 / 2024-09-11

  • deps: encodeurl@~2.0.0

1.16.1 / 2024-09-11

  • deps: send@0.19.0

1.16.0 / 2024-09-10

  • Remove link renderization in html while redirecting
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for serve-static since your current version.


Updates shell-quote from 1.6.1 to 1.7.3

Changelog

Sourced from shell-quote's changelog.

v1.7.3 - 2021-10-20

  • Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the quoting rules. (CVE-2021-42740)

v1.7.2 - 2019-08-30

  • Fix a regression introduced in 1.6.3. This reverts the Windows path quoting fix. (144e1c2)

v1.7.1 - 2019-08-13

  • Fix $ being removed when not part of an environment variable name. (@​Adman in #32)

v1.7.0 - 2019-08-13

  • Add support for parsing >> and >& redirection operators. (@​forivall in #16)
  • Add support for parsing <( process substitution operator. (@​cuonglm in #15)

v1.6.3 - 2019-08-13

  • Fix Windows path quoting problems. (@​dy in...

    Description has been truncated

… updates

Bumps the npm_and_yarn group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [react-native](https://github.com/facebook/react-native/tree/HEAD/packages/react-native) | `0.61.5` | `0.69.12` |
| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.16` |
| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.15.0` |
| [minimatch](https://github.com/isaacs/minimatch) | `3.1.2` | `3.1.5` |
| [serve-static](https://github.com/expressjs/serve-static) | `1.15.0` | `1.16.3` |

Bumps the npm_and_yarn group with 16 updates in the /Example directory:

| Package | From | To |
| --- | --- | --- |
| [@babel/helpers](https://github.com/babel/babel/tree/HEAD/packages/babel-helpers) | `7.15.3` | `7.29.7` |
| [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.15.0` | `7.29.7` |
| [brace-expansion](https://github.com/juliangruber/brace-expansion) | `1.1.11` | `1.1.16` |
| [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` |
| [js-yaml](https://github.com/nodeca/js-yaml) | `3.14.1` | `3.15.0` |
| [json5](https://github.com/json5/json5) | `2.2.0` | `2.2.3` |
| [minimatch](https://github.com/isaacs/minimatch) | `3.0.4` | `3.1.5` |
| [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` |
| [react-devtools-core](https://github.com/facebook/react/tree/HEAD/packages/react-devtools-core) | `4.15.0` | `4.28.5` |
| [serve-static](https://github.com/expressjs/serve-static) | `1.14.1` | `1.16.3` |
| [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.7.7` | `4.7.9` |
| [jws](https://github.com/brianloveswords/node-jws) | `3.2.2` | `3.2.3` |
| [min-document](https://github.com/Raynos/min-document) | `2.19.0` | `2.19.2` |
| [nanoid](https://github.com/ai/nanoid) | `3.1.25` | `3.3.15` |
| [picomatch](https://github.com/micromatch/picomatch) | `2.3.0` | `2.3.2` |
| [url-parse](https://github.com/unshiftio/url-parse) | `1.5.3` | `1.5.10` |



Updates `react-native` from 0.61.5 to 0.69.12
- [Release notes](https://github.com/facebook/react-native/releases)
- [Changelog](https://github.com/react/react-native/blob/main/CHANGELOG-0.6x.md)
- [Commits](https://github.com/facebook/react-native/commits/v0.69.12/packages/react-native)

Updates `@babel/core` from 7.18.9 to 7.29.7
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.29.7/packages/babel-core)

Updates `@babel/helpers` from 7.18.9 to 7.29.7
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.29.7/packages/babel-helpers)

Updates `brace-expansion` from 1.1.11 to 1.1.16
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@1.1.11...v1.1.16)

Updates `cross-spawn` from 5.1.0 to 6.0.5
- [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md)
- [Commits](moxystudio/node-cross-spawn@5.1.0...v6.0.5)

Updates `decode-uri-component` from 0.2.0 to 0.2.2
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

Updates `hermes-engine` from 0.2.1 to 0.11.0
- [Release notes](https://github.com/facebook/hermes/releases)
- [Commits](facebook/hermes@v0.2.1...v0.11.0)

Updates `js-yaml` from 3.14.1 to 3.15.0
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@3.14.1...3.15.0)

Updates `json5` from 2.2.1 to 2.2.3
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v2.2.0...v2.2.3)

Updates `lodash` from 4.17.21 to 4.18.1
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.21...4.18.1)

Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `node-fetch` from 1.7.3 to 2.6.7
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](node-fetch/node-fetch@1.7.3...v2.6.7)

Updates `react-devtools-core` from 3.6.3 to 4.24.0
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/HEAD/packages/react-devtools-core)

Updates `serve-static` from 1.15.0 to 1.16.3
- [Release notes](https://github.com/expressjs/serve-static/releases)
- [Changelog](https://github.com/expressjs/serve-static/blob/master/HISTORY.md)
- [Commits](expressjs/serve-static@v1.15.0...v1.16.3)

Updates `shell-quote` from 1.6.1 to 1.7.3
- [Changelog](https://github.com/ljharb/shell-quote/blob/main/CHANGELOG.md)
- [Commits](ljharb/shell-quote@v1.6.1...v1.7.3)

Updates `ws` from 1.1.5 to 6.2.4
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@1.1.5...6.2.4)

Updates `@babel/helpers` from 7.15.3 to 7.29.7
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.29.7/packages/babel-helpers)

Updates `@babel/traverse` from 7.15.0 to 7.29.7
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.29.7/packages/babel-traverse)

Updates `brace-expansion` from 1.1.11 to 1.1.16
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](juliangruber/brace-expansion@1.1.11...v1.1.16)

Updates `decode-uri-component` from 0.2.0 to 0.2.2
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2)

Updates `js-yaml` from 3.14.1 to 3.15.0
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@3.14.1...3.15.0)

Updates `json5` from 2.2.0 to 2.2.3
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v2.2.0...v2.2.3)

Updates `minimatch` from 3.0.4 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](isaacs/minimatch@v3.1.2...v3.1.5)

Updates `minimist` from 1.2.5 to 1.2.8
- [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md)
- [Commits](minimistjs/minimist@v1.2.5...v1.2.8)

Updates `react-devtools-core` from 4.15.0 to 4.28.5
- [Release notes](https://github.com/facebook/react/releases)
- [Changelog](https://github.com/react/react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/react/commits/HEAD/packages/react-devtools-core)

Updates `serve-static` from 1.14.1 to 1.16.3
- [Release notes](https://github.com/expressjs/serve-static/releases)
- [Changelog](https://github.com/expressjs/serve-static/blob/master/HISTORY.md)
- [Commits](expressjs/serve-static@v1.15.0...v1.16.3)

Updates `handlebars` from 4.7.7 to 4.7.9
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md)
- [Commits](handlebars-lang/handlebars.js@v4.7.7...v4.7.9)

Updates `jws` from 3.2.2 to 3.2.3
- [Release notes](https://github.com/brianloveswords/node-jws/releases)
- [Changelog](https://github.com/auth0/node-jws/blob/master/CHANGELOG.md)
- [Commits](auth0/node-jws@v3.2.2...v3.2.3)

Updates `min-document` from 2.19.0 to 2.19.2
- [Commits](Raynos/min-document@v2.19.0...v2.19.2)

Updates `nanoid` from 3.1.25 to 3.3.15
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/3.3.15/CHANGELOG.md)
- [Commits](ai/nanoid@3.1.25...3.3.15)

Updates `picomatch` from 2.3.0 to 2.3.2
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](micromatch/picomatch@2.3.0...2.3.2)

Updates `url-parse` from 1.5.3 to 1.5.10
- [Commits](unshiftio/url-parse@1.5.3...1.5.10)

---
updated-dependencies:
- dependency-name: react-native
  dependency-version: 0.69.12
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@babel/core"
  dependency-version: 7.29.7
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@babel/helpers"
  dependency-version: 7.29.7
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: brace-expansion
  dependency-version: 1.1.16
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cross-spawn
  dependency-version: 6.0.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: decode-uri-component
  dependency-version: 0.2.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: hermes-engine
  dependency-version: 0.11.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: js-yaml
  dependency-version: 3.15.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: json5
  dependency-version: 2.2.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: lodash
  dependency-version: 4.18.1
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: node-fetch
  dependency-version: 2.6.7
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: react-devtools-core
  dependency-version: 4.24.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serve-static
  dependency-version: 1.16.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: shell-quote
  dependency-version: 1.7.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: ws
  dependency-version: 6.2.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@babel/helpers"
  dependency-version: 7.29.7
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@babel/traverse"
  dependency-version: 7.29.7
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: brace-expansion
  dependency-version: 1.1.16
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: decode-uri-component
  dependency-version: 0.2.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: js-yaml
  dependency-version: 3.15.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: json5
  dependency-version: 2.2.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimatch
  dependency-version: 3.1.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: minimist
  dependency-version: 1.2.8
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: react-devtools-core
  dependency-version: 4.28.5
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: serve-static
  dependency-version: 1.16.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: handlebars
  dependency-version: 4.7.9
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jws
  dependency-version: 3.2.3
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: min-document
  dependency-version: 2.19.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: nanoid
  dependency-version: 3.3.15
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: picomatch
  dependency-version: 2.3.2
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: url-parse
  dependency-version: 1.5.10
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants