Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump path-to-regexp and sinon #817

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump path-to-regexp and sinon #817

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 10, 2024

Bumps path-to-regexp to 8.1.0 and updates ancestor dependency sinon. These dependencies need to be updated together.

Updates path-to-regexp from 6.2.2 to 8.1.0

Release notes

Sourced from path-to-regexp's releases.

v8.1.0

Added

  • Adds pathToRegexp method back for generating a regex
  • Adds stringify method for converting TokenData into a path string

pillarjs/path-to-regexp@v8.0.0...v8.1.0

Simpler API

Heads up! This is a fairly large change (again) and I need to apologize in advance. If I foresaw what this version would have ended up being I would not have released version 7. A longer blog post and explanation will be incoming this week, but the pivot has been due to work on Express.js v5 and this will the finalized syntax used in Express moving forward.

Added

  • Adds key names to wildcards using *name syntax, aligns with : behavior but using an asterisk instead

Changed

  • Removes group suffixes of ?, +, and * - only optional exists moving forward (use wildcards for +, {*foo} for *)
  • Parameter names follow JS identifier rules and allow unicode characters

Added

  • Parameter names can now be quoted, e.g. :"foo-bar"
  • Match accepts an array of values, so the signature is now string | TokenData | Array<string | TokenData>

Removed

  • Removes loose mode
  • Removes regular expression overrides of parameters

pillarjs/path-to-regexp@v7.1.0...v8.0.0

Support array inputs (again)

Added

  • Support array inputs for match and pathToRegexp 3fdd88f

pillarjs/path-to-regexp@v7.1.0...v7.2.0

Strict mode

Added

  • Adds a strict option to detect potential ReDOS issues

Fixed

  • Fixes separator to default to suffix + prefix when not specified
  • Allows separator to be undefined in TokenData
    • This is only relevant if you are building TokenData manually, previously parse filled it in automatically

... (truncated)

Commits

Updates sinon from 17.0.1 to 18.0.0

Changelog

Sourced from sinon's changelog.

18.0.0

This is what 17.0.2 should have been, as that contained two breaking changes. After updating Nise we are down to one breaking change, which only affects sinon-test (which has been updated), so most people are not affected. The legacyRoutes flag that is currently enabled in Nise by default will at some later version be disabled. We will then issue a little migration note.

  • 01d45312 Use Nise 6 with legacyRoutes flag enabled (Carl-Erik Kopseng)

    This should be disabled in a future Sinon version by default.

  • c618edc5 fix #2594: remove needless sandbox creation (Carl-Erik Kopseng)

Released by Carl-Erik Kopseng on 2024-05-15.

17.0.2

  • f6dca0ba upgrade packages (#2595) (Carl-Erik Kopseng)
  • 5025d001 Avoid return and callArg* clearing each other's state (#2593) (Carl-Erik Kopseng)
    • Partially revert "fix returns does not override call through (#2567)"
    • revert to the old manual clearing of props
  • ed068a88 Bump ip from 1.1.8 to 1.1.9 (#2587) (dependabot[bot])
  • ec4d592e fix #2589: avoid invoking getter as side-effect (#2592) (Carl-Erik Kopseng)
  • 9972e1e3 Fix typo in mocks documentation (#2591) (Eduardo de la Cruz Palacios)
  • 52e6e4c5 chore: prefer cache option of setup-node (Morgan Roderick)
  • 08da1235 Bump actions/cache from 3 to 4 (dependabot[bot])
  • 404ef47e Bump nokogiri from 1.14.3 to 1.16.2 (dependabot[bot])
  • fd79612c Update Bug_report.md (Carl-Erik Kopseng)
  • 1fbc812a Re-add about (Carl-Erik Kopseng)
  • fc8f6c3e Fix formatting :clown: (Carl-Erik Kopseng)
  • c57e38ae Remove old template (Carl-Erik Kopseng)
  • 754bf7a9 Update Bug_report.md (Carl-Erik Kopseng)
  • 87eed9d2 Fix some typos at code comments (#2581) (EliyahuMachluf)
  • cbae6997 Link to createStubInstance util.md docs in stubs.md (#2577) (Daniel Kaplan)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump path-to-regexp and sinon
f407b6f 
Bumps [path-to-regexp](https://github.com/pillarjs/path-to-regexp) to 8.1.0 and updates ancestor dependency [sinon](https://github.com/sinonjs/sinon). These dependencies need to be updated together.


Updates `path-to-regexp` from 6.2.2 to 8.1.0
- [Release notes](https://github.com/pillarjs/path-to-regexp/releases)
- [Changelog](https://github.com/pillarjs/path-to-regexp/blob/master/History.md)
- [Commits](pillarjs/path-to-regexp@v6.2.2...v8.1.0)

Updates `sinon` from 17.0.1 to 18.0.0
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](sinonjs/sinon@v17.0.1...v18.0.0)

---
updated-dependencies:
- dependency-name: path-to-regexp
  dependency-type: indirect
- dependency-name: sinon
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Sep 10, 2024
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Sep 10, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants