Skip to content

Update dependencies: Bump the all-dependencies group with 4 updates#275

Merged
ilovepixelart merged 1 commit intomainfrom
dependabot-npm_and_yarn-all-dependencies-8fd2c74fee
Feb 3, 2025
Merged

Update dependencies: Bump the all-dependencies group with 4 updates#275
ilovepixelart merged 1 commit intomainfrom
dependabot-npm_and_yarn-all-dependencies-8fd2c74fee

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 3, 2025

Bumps the all-dependencies group with 4 updates: semver, @types/node, bson and mongoose.

Updates semver from 7.6.3 to 7.7.0

Release notes

Sourced from semver's releases.

v7.7.0

7.7.0 (2025-01-29)

Features

Bug Fixes

Documentation

Chores

Changelog

Sourced from semver's changelog.

7.7.0 (2025-01-29)

Features

Bug Fixes

Documentation

Chores

Commits
  • 2cfcbb5 chore: release 7.7.0 (#750)
  • d588e37 fix(diff): fix prerelease to stable version diff logic (#755)
  • 753e02b chore: bump @​npmcli/template-oss from 4.23.3 to 4.23.4 (#747)
  • 8a34bde fix: add identifier validation to inc() (#754)
  • 0864b3c feat: add "release" inc type (#753)
  • 67e5478 docs(readme): added missing period for consistency (#756)
  • 868d4bb docs: clarify comment about obsolete prefixes (#749)
  • 145c554 chore: bump @​npmcli/eslint-config from 4.0.5 to 5.0.0
  • 0b812d5 chore: postinstall for dependabot template-oss PR
  • 6502a15 chore: bump @​npmcli/template-oss from 4.23.1 to 4.23.3
  • Additional commits viewable in compare view

Updates @types/node from 22.10.10 to 22.13.0

Commits

Updates bson from 6.10.1 to 6.10.2

Release notes

Sourced from bson's releases.

v6.10.2

6.10.2 (2025-01-29)

The MongoDB Node.js team is pleased to announce version 6.10.2 of the bson package!

Release Notes

Fix calculateObjectSize not accounting for BigInt value size

BSON.calculateObjectSize was missing a condition for BigInt values, meaning it did not account for them in the same way that it would for Long values. This has been corrected.

We also added a new default condition that will catch any new values that may be returned by typeof in the future and will throw an error rather than returning an inaccurate size.

Bug Fixes

  • NODE-6608: calculateObjectSize returns the wrong value for bigint (#742) (1fed073)

Documentation

We invite you to try the bson library immediately, and report any issues to the NODE project.

Changelog

Sourced from bson's changelog.

6.10.2 (2025-01-29)

Bug Fixes

  • NODE-6608: calculateObjectSize returns the wrong value for bigint (#742) (1fed073)
Commits
  • 306b607 chore(main): release 6.10.2 [skip-ci] (#743)
  • bf5b66e test(NODE-6679): restore node latest testing (#746)
  • eca63c9 chore(NODE-6634): pin NPM to 10 when Node version is 18 (#745)
  • 1fed073 fix(NODE-6608): calculateObjectSize returns the wrong value for bigint (#742)
  • See full diff in compare view

Updates mongoose from 8.9.5 to 8.9.6

Release notes

Sourced from mongoose's releases.

8.9.6 / 2025-01-31

  • fix(document): allow setting values to undefined with set(obj) syntax with strict: false #15207 #15192
  • fix(schema): improve reason for UUID cast error, currently a TypeError #15215 #15202
  • fix(aggregate): improve error when calling near() with invalid coordinates #15206 #15188
Changelog

Sourced from mongoose's changelog.

8.9.6 / 2025-01-31

  • fix(document): allow setting values to undefined with set(obj) syntax with strict: false #15207 #15192
  • fix(schema): improve reason for UUID cast error, currently a TypeError #15215 #15202
  • fix(aggregate): improve error when calling near() with invalid coordinates #15206 #15188

7.8.6 / 2025-01-20

  • chore: remove coverage output from bundle

6.13.8 / 2025-01-20

  • chore: remove coverage output from bundle

7.8.5 / 2025-01-20

  • chore: re-release to force npm audit to pick up 6.x fix for CVE-2025-23061

6.13.7 / 2025-01-20

  • chore: re-release to force npm audit to pick up 6.x fix for CVE-2025-23061
Commits
  • 6107403 chore: release 8.9.6
  • 5f0c105 Merge pull request #15215 from Automattic/vkarpov15/gh-15202
  • 1e8db47 fix(schema): improve reason for UUID cast error, currently a TypeError
  • 25bd7d8 Merge pull request #15206 from Automattic/vkarpov15/gh-15188
  • a6c8513 docs(aggregate): add note explaining near
  • fbd63c7 Merge pull request #15207 from Automattic/vkarpov15/gh-15192
  • fd11431 fix(document): allow setting values to undefined with set(obj) syntax with st...
  • 6e5e048 fix tests
  • 37fd3a0 fix(aggregate): improve error when calling near() with invalid coordinates
  • 1020947 chore: remove dangling git merge issue from changelog
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Update dependencies: Bump the all-dependencies group with 4 updates
3073331 
Bumps the all-dependencies group with 4 updates: [semver](https://github.com/npm/node-semver), [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [bson](https://github.com/mongodb/js-bson) and [mongoose](https://github.com/Automattic/mongoose).


Updates `semver` from 7.6.3 to 7.7.0
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.6.3...v7.7.0)

Updates `@types/node` from 22.10.10 to 22.13.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `bson` from 6.10.1 to 6.10.2
- [Release notes](https://github.com/mongodb/js-bson/releases)
- [Changelog](https://github.com/mongodb/js-bson/blob/main/HISTORY.md)
- [Commits](mongodb/js-bson@v6.10.1...v6.10.2)

Updates `mongoose` from 8.9.5 to 8.9.6
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md)
- [Commits](Automattic/mongoose@8.9.5...8.9.6)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: bson
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: mongoose
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 3, 2025
@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 3, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@ilovepixelart ilovepixelart merged commit 90d1369 into main Feb 3, 2025
9 checks passed
@ilovepixelart ilovepixelart deleted the dependabot-npm_and_yarn-all-dependencies-8fd2c74fee branch February 3, 2025 07:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ilovepixelart