Bump the npm_and_yarn group across 1 directory with 6 updates (#186) · Latina-Dev/latina-dev@25ad7c5

Commit

Bump the npm_and_yarn group across 1 directory with 6 updates (#186)
Bumps the npm_and_yarn group with 4 updates in the / directory:
[@sentry/nextjs](https://github.com/getsentry/sentry-javascript),
[cookie](https://github.com/jshttp/cookie),
[express](https://github.com/expressjs/express) and
[elliptic](https://github.com/indutny/elliptic).

Updates `@sentry/nextjs` from 8.19.0 to 8.41.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-javascript/releases"><code>@sentry/nextjs</code>'s
releases</a>.</em></p>
<blockquote>
<h2>8.41.0</h2>
<h3>Important Changes</h3>
<ul>
<li>
<p><strong>meta(nuxt): Require minimum Nuxt v3.7.0 (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14473">#14473</a>)</strong></p>
<p>We formalized that the Nuxt SDK is at minimum compatible with Nuxt
version 3.7.0 and above.
Additionally, the SDK requires the implicit <code>nitropack</code>
dependency to satisfy version <code>^2.10.0</code> and
<code>ofetch</code> to satisfy <code>^1.4.0</code>.
It is recommended to check your lock-files and manually upgrade these
dependencies if they don't match the version ranges.</p>
</li>
</ul>
<h3>Deprecations</h3>
<p>We are deprecating a few APIs which will be removed in the next
major.</p>
<p>The following deprecations will <em>potentially</em> affect you:</p>
<ul>
<li>
<p><strong>feat(core): Update &amp; deprecate <code>undefined</code>
option handling (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14450">#14450</a>)</strong></p>
<p>In the next major version we will change how passing
<code>undefined</code> to <code>tracesSampleRate</code> /
<code>tracesSampler</code> / <code>enableTracing</code> will behave.</p>
<p>Currently, doing the following:</p>
<pre lang="ts"><code>Sentry.init({
  tracesSampleRate: undefined,
});
</code></pre>
<p>Will result in tracing being <em>enabled</em> (although no spans will
be generated) because the <code>tracesSampleRate</code> key is present
in the options object.
In the next major version, this behavior will be changed so that passing
<code>undefined</code> (or rather having a <code>tracesSampleRate</code>
key) will result in tracing being disabled, the same as not passing the
option at all.
If you are currently relying on <code>undefined</code> being passed, and
and thus have tracing enabled, it is recommended to update your config
to set e.g. <code>tracesSampleRate: 0</code> instead, which will also
enable tracing in v9.</p>
<p>The same applies to <code>tracesSampler</code> and
<code>enableTracing</code>.</p>
</li>
<li>
<p><strong>feat(core): Log warnings when returning <code>null</code> in
<code>beforeSendSpan</code> (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14433">#14433</a>)</strong></p>
<p>Currently, the <code>beforeSendSpan</code> option in
<code>Sentry.init()</code> allows you to drop individual spans from a
trace by returning <code>null</code> from the hook.
Since this API lends itself to creating &quot;gaps&quot; inside traces,
we decided to change how this API will work in the next major
version.</p>
<p>With the next major version the <code>beforeSendSpan</code> API can
only be used to mutate spans, but no longer to drop them.
With this release the SDK will warn you if you are using this API to
drop spans.
Instead, it is recommended to configure instrumentation (i.e.
integrations) directly to control what spans are created.</p>
<p>Additionally, with the next major version, root spans will also be
passed to <code>beforeSendSpan</code>.</p>
</li>
<li>
<p><strong>feat(utils): Deprecate <code>@sentry/utils</code> (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14431">#14431</a>)</strong></p>
<p>With the next major version the <code>@sentry/utils</code> package
will be merged into the <code>@sentry/core</code> package.
It is therefore no longer recommended to use the
<code>@sentry/utils</code> package.</p>
</li>
<li>
<p><strong>feat(vue): Deprecate configuring Vue tracing options anywhere
else other than through the <code>vueIntegration</code>'s
<code>tracingOptions</code> option (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14385">#14385</a>)</strong></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md"><code>@sentry/nextjs</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>8.41.0</h2>
<h3>Important Changes</h3>
<ul>
<li>
<p><strong>meta(nuxt): Require minimum Nuxt v3.7.0 (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14473">#14473</a>)</strong></p>
<p>We formalized that the Nuxt SDK is at minimum compatible with Nuxt
version 3.7.0 and above.
Additionally, the SDK requires the implicit <code>nitropack</code>
dependency to satisfy version <code>^2.10.0</code> and
<code>ofetch</code> to satisfy <code>^1.4.0</code>.
It is recommended to check your lock-files and manually upgrade these
dependencies if they don't match the version ranges.</p>
</li>
</ul>
<h3>Deprecations</h3>
<p>We are deprecating a few APIs which will be removed in the next
major.</p>
<p>The following deprecations will <em>potentially</em> affect you:</p>
<ul>
<li>
<p><strong>feat(core): Update &amp; deprecate <code>undefined</code>
option handling (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14450">#14450</a>)</strong></p>
<p>In the next major version we will change how passing
<code>undefined</code> to <code>tracesSampleRate</code> /
<code>tracesSampler</code> / <code>enableTracing</code> will behave.</p>
<p>Currently, doing the following:</p>
<pre lang="ts"><code>Sentry.init({
  tracesSampleRate: undefined,
});
</code></pre>
<p>Will result in tracing being <em>enabled</em> (although no spans will
be generated) because the <code>tracesSampleRate</code> key is present
in the options object.
In the next major version, this behavior will be changed so that passing
<code>undefined</code> (or rather having a <code>tracesSampleRate</code>
key) will result in tracing being disabled, the same as not passing the
option at all.
If you are currently relying on <code>undefined</code> being passed, and
and thus have tracing enabled, it is recommended to update your config
to set e.g. <code>tracesSampleRate: 0</code> instead, which will also
enable tracing in v9.</p>
<p>The same applies to <code>tracesSampler</code> and
<code>enableTracing</code>.</p>
</li>
<li>
<p><strong>feat(core): Log warnings when returning <code>null</code> in
<code>beforeSendSpan</code> (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14433">#14433</a>)</strong></p>
<p>Currently, the <code>beforeSendSpan</code> option in
<code>Sentry.init()</code> allows you to drop individual spans from a
trace by returning <code>null</code> from the hook.
Since this API lends itself to creating &quot;gaps&quot; inside traces,
we decided to change how this API will work in the next major
version.</p>
<p>With the next major version the <code>beforeSendSpan</code> API can
only be used to mutate spans, but no longer to drop them.
With this release the SDK will warn you if you are using this API to
drop spans.
Instead, it is recommended to configure instrumentation (i.e.
integrations) directly to control what spans are created.</p>
<p>Additionally, with the next major version, root spans will also be
passed to <code>beforeSendSpan</code>.</p>
</li>
<li>
<p><strong>feat(utils): Deprecate <code>@sentry/utils</code> (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14431">#14431</a>)</strong></p>
<p>With the next major version the <code>@sentry/utils</code> package
will be merged into the <code>@sentry/core</code> package.
It is therefore no longer recommended to use the
<code>@sentry/utils</code> package.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/df843ccd90c812210f1a620a0ec26c9b76c3c8e8"><code>df843cc</code></a>
release: 8.41.0</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/470d4ec3f34c594c1b9ffe1e6793822421325cd4"><code>470d4ec</code></a>
Merge pull request <a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/14502">#14502</a>
from getsentry/prepare-release/8.41.0</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/f7289c4af6538c1ef678c14112910b77278cfcca"><code>f7289c4</code></a>
meta(changelog): Update changelog for 8.41.0</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/a4138e93ca563ec50f6e969a903327063fce3e86"><code>a4138e9</code></a>
perf(opentelemetry): Bucket spans for cleanup (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/14154">#14154</a>)</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/3e7969fba45442017b1232533723b490c2072a49"><code>3e7969f</code></a>
feat: Deprecate <code>registerEsmLoaderHooks.include</code> and
`registerEsmLoaderHooks....</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/1e0cb046f029085b09d0f3193a325f4adeaec3f4"><code>1e0cb04</code></a>
ref(core): Do not check baggage validity (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/14479">#14479</a>)</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/de65590b0e6fff42548be9b07b67df0067eb444d"><code>de65590</code></a>
feat(core): Further optimize debug ID parsing (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/14365">#14365</a>)</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/09a31d11976462154444cccc6fb6dc74f777103d"><code>09a31d1</code></a>
feat(node): Add <code>openTelemetryInstrumentations</code> option (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/14484">#14484</a>)</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/23e378314f3342a62f779623b877f4ab55943e9e"><code>23e3783</code></a>
meta(nuxt): Require minimum Nuxt v3.7.0 (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/14473">#14473</a>)</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/973ef9c356f4d547fe0204e919ae32c480a1fdb7"><code>973ef9c</code></a>
chore: Add GHSA entry for nuxt e2e test (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/14490">#14490</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-javascript/compare/8.19.0...8.41.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `@sentry/browser` from 8.19.0 to 8.41.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-javascript/releases"><code>@sentry/browser</code>'s
releases</a>.</em></p>
<blockquote>
<h2>8.41.0</h2>
<h3>Important Changes</h3>
<ul>
<li>
<p><strong>meta(nuxt): Require minimum Nuxt v3.7.0 (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14473">#14473</a>)</strong></p>
<p>We formalized that the Nuxt SDK is at minimum compatible with Nuxt
version 3.7.0 and above.
Additionally, the SDK requires the implicit <code>nitropack</code>
dependency to satisfy version <code>^2.10.0</code> and
<code>ofetch</code> to satisfy <code>^1.4.0</code>.
It is recommended to check your lock-files and manually upgrade these
dependencies if they don't match the version ranges.</p>
</li>
</ul>
<h3>Deprecations</h3>
<p>We are deprecating a few APIs which will be removed in the next
major.</p>
<p>The following deprecations will <em>potentially</em> affect you:</p>
<ul>
<li>
<p><strong>feat(core): Update &amp; deprecate <code>undefined</code>
option handling (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14450">#14450</a>)</strong></p>
<p>In the next major version we will change how passing
<code>undefined</code> to <code>tracesSampleRate</code> /
<code>tracesSampler</code> / <code>enableTracing</code> will behave.</p>
<p>Currently, doing the following:</p>
<pre lang="ts"><code>Sentry.init({
  tracesSampleRate: undefined,
});
</code></pre>
<p>Will result in tracing being <em>enabled</em> (although no spans will
be generated) because the <code>tracesSampleRate</code> key is present
in the options object.
In the next major version, this behavior will be changed so that passing
<code>undefined</code> (or rather having a <code>tracesSampleRate</code>
key) will result in tracing being disabled, the same as not passing the
option at all.
If you are currently relying on <code>undefined</code> being passed, and
and thus have tracing enabled, it is recommended to update your config
to set e.g. <code>tracesSampleRate: 0</code> instead, which will also
enable tracing in v9.</p>
<p>The same applies to <code>tracesSampler</code> and
<code>enableTracing</code>.</p>
</li>
<li>
<p><strong>feat(core): Log warnings when returning <code>null</code> in
<code>beforeSendSpan</code> (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14433">#14433</a>)</strong></p>
<p>Currently, the <code>beforeSendSpan</code> option in
<code>Sentry.init()</code> allows you to drop individual spans from a
trace by returning <code>null</code> from the hook.
Since this API lends itself to creating &quot;gaps&quot; inside traces,
we decided to change how this API will work in the next major
version.</p>
<p>With the next major version the <code>beforeSendSpan</code> API can
only be used to mutate spans, but no longer to drop them.
With this release the SDK will warn you if you are using this API to
drop spans.
Instead, it is recommended to configure instrumentation (i.e.
integrations) directly to control what spans are created.</p>
<p>Additionally, with the next major version, root spans will also be
passed to <code>beforeSendSpan</code>.</p>
</li>
<li>
<p><strong>feat(utils): Deprecate <code>@sentry/utils</code> (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14431">#14431</a>)</strong></p>
<p>With the next major version the <code>@sentry/utils</code> package
will be merged into the <code>@sentry/core</code> package.
It is therefore no longer recommended to use the
<code>@sentry/utils</code> package.</p>
</li>
<li>
<p><strong>feat(vue): Deprecate configuring Vue tracing options anywhere
else other than through the <code>vueIntegration</code>'s
<code>tracingOptions</code> option (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14385">#14385</a>)</strong></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md"><code>@sentry/browser</code>'s
changelog</a>.</em></p>
<blockquote>
<h2>8.41.0</h2>
<h3>Important Changes</h3>
<ul>
<li>
<p><strong>meta(nuxt): Require minimum Nuxt v3.7.0 (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14473">#14473</a>)</strong></p>
<p>We formalized that the Nuxt SDK is at minimum compatible with Nuxt
version 3.7.0 and above.
Additionally, the SDK requires the implicit <code>nitropack</code>
dependency to satisfy version <code>^2.10.0</code> and
<code>ofetch</code> to satisfy <code>^1.4.0</code>.
It is recommended to check your lock-files and manually upgrade these
dependencies if they don't match the version ranges.</p>
</li>
</ul>
<h3>Deprecations</h3>
<p>We are deprecating a few APIs which will be removed in the next
major.</p>
<p>The following deprecations will <em>potentially</em> affect you:</p>
<ul>
<li>
<p><strong>feat(core): Update &amp; deprecate <code>undefined</code>
option handling (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14450">#14450</a>)</strong></p>
<p>In the next major version we will change how passing
<code>undefined</code> to <code>tracesSampleRate</code> /
<code>tracesSampler</code> / <code>enableTracing</code> will behave.</p>
<p>Currently, doing the following:</p>
<pre lang="ts"><code>Sentry.init({
  tracesSampleRate: undefined,
});
</code></pre>
<p>Will result in tracing being <em>enabled</em> (although no spans will
be generated) because the <code>tracesSampleRate</code> key is present
in the options object.
In the next major version, this behavior will be changed so that passing
<code>undefined</code> (or rather having a <code>tracesSampleRate</code>
key) will result in tracing being disabled, the same as not passing the
option at all.
If you are currently relying on <code>undefined</code> being passed, and
and thus have tracing enabled, it is recommended to update your config
to set e.g. <code>tracesSampleRate: 0</code> instead, which will also
enable tracing in v9.</p>
<p>The same applies to <code>tracesSampler</code> and
<code>enableTracing</code>.</p>
</li>
<li>
<p><strong>feat(core): Log warnings when returning <code>null</code> in
<code>beforeSendSpan</code> (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14433">#14433</a>)</strong></p>
<p>Currently, the <code>beforeSendSpan</code> option in
<code>Sentry.init()</code> allows you to drop individual spans from a
trace by returning <code>null</code> from the hook.
Since this API lends itself to creating &quot;gaps&quot; inside traces,
we decided to change how this API will work in the next major
version.</p>
<p>With the next major version the <code>beforeSendSpan</code> API can
only be used to mutate spans, but no longer to drop them.
With this release the SDK will warn you if you are using this API to
drop spans.
Instead, it is recommended to configure instrumentation (i.e.
integrations) directly to control what spans are created.</p>
<p>Additionally, with the next major version, root spans will also be
passed to <code>beforeSendSpan</code>.</p>
</li>
<li>
<p><strong>feat(utils): Deprecate <code>@sentry/utils</code> (<a
href="https://redirect.github.com/getsentry/sentry-javascript/pull/14431">#14431</a>)</strong></p>
<p>With the next major version the <code>@sentry/utils</code> package
will be merged into the <code>@sentry/core</code> package.
It is therefore no longer recommended to use the
<code>@sentry/utils</code> package.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/df843ccd90c812210f1a620a0ec26c9b76c3c8e8"><code>df843cc</code></a>
release: 8.41.0</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/470d4ec3f34c594c1b9ffe1e6793822421325cd4"><code>470d4ec</code></a>
Merge pull request <a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/14502">#14502</a>
from getsentry/prepare-release/8.41.0</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/f7289c4af6538c1ef678c14112910b77278cfcca"><code>f7289c4</code></a>
meta(changelog): Update changelog for 8.41.0</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/a4138e93ca563ec50f6e969a903327063fce3e86"><code>a4138e9</code></a>
perf(opentelemetry): Bucket spans for cleanup (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/14154">#14154</a>)</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/3e7969fba45442017b1232533723b490c2072a49"><code>3e7969f</code></a>
feat: Deprecate <code>registerEsmLoaderHooks.include</code> and
`registerEsmLoaderHooks....</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/1e0cb046f029085b09d0f3193a325f4adeaec3f4"><code>1e0cb04</code></a>
ref(core): Do not check baggage validity (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/14479">#14479</a>)</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/de65590b0e6fff42548be9b07b67df0067eb444d"><code>de65590</code></a>
feat(core): Further optimize debug ID parsing (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/14365">#14365</a>)</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/09a31d11976462154444cccc6fb6dc74f777103d"><code>09a31d1</code></a>
feat(node): Add <code>openTelemetryInstrumentations</code> option (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/14484">#14484</a>)</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/23e378314f3342a62f779623b877f4ab55943e9e"><code>23e3783</code></a>
meta(nuxt): Require minimum Nuxt v3.7.0 (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/14473">#14473</a>)</li>
<li><a
href="https://github.com/getsentry/sentry-javascript/commit/973ef9c356f4d547fe0204e919ae32c480a1fdb7"><code>973ef9c</code></a>
chore: Add GHSA entry for nuxt e2e test (<a
href="https://redirect.github.com/getsentry/sentry-javascript/issues/14490">#14490</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-javascript/compare/8.19.0...8.41.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `cookie` from 0.6.0 to 0.7.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jshttp/cookie/releases">cookie's
releases</a>.</em></p>
<blockquote>
<h2>0.7.1</h2>
<p><strong>Fixed</strong></p>
<ul>
<li>Allow leading dot for domain (<a
href="https://redirect.github.com/jshttp/cookie/issues/174">#174</a>)
<ul>
<li>Although not permitted in the spec, some users expect this to work
and user agents ignore the leading dot according to spec</li>
</ul>
</li>
<li>Add fast path for <code>serialize</code> without options, use
<code>obj.hasOwnProperty</code> when parsing (<a
href="https://redirect.github.com/jshttp/cookie/issues/172">#172</a>)</li>
</ul>
<p><a
href="https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1">https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1</a></p>
<h2>0.7.0</h2>
<ul>
<li>perf: parse cookies ~10% faster (<a
href="https://redirect.github.com/jshttp/cookie/issues/144">#144</a> by
<a href="https://github.com/kurtextrem"><code>@kurtextrem</code></a>
and <a
href="https://redirect.github.com/jshttp/cookie/issues/170">#170</a>)</li>
<li>fix: narrow the validation of cookies to match RFC6265 (<a
href="https://redirect.github.com/jshttp/cookie/issues/167">#167</a> by
<a href="https://github.com/bewinsnw"><code>@bewinsnw</code></a>)</li>
<li>fix: add <code>main</code> to <code>package.json</code> for rspack
(<a href="https://redirect.github.com/jshttp/cookie/issues/166">#166</a>
by <a
href="https://github.com/proudparrot2"><code>@proudparrot2</code></a>)</li>
</ul>
<p><a
href="https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0">https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014"><code>cf4658f</code></a>
0.7.1</li>
<li><a
href="https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e"><code>6a8b8f5</code></a>
Allow leading dot for domain (<a
href="https://redirect.github.com/jshttp/cookie/issues/174">#174</a>)</li>
<li><a
href="https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0"><code>58015c0</code></a>
Remove more code and perf wins (<a
href="https://redirect.github.com/jshttp/cookie/issues/172">#172</a>)</li>
<li><a
href="https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627"><code>ab057d6</code></a>
0.7.0</li>
<li><a
href="https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542"><code>5f02ca8</code></a>
Migrate history to GitHub releases</li>
<li><a
href="https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579"><code>a5d591c</code></a>
Migrate history to GitHub releases</li>
<li><a
href="https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105"><code>51968f9</code></a>
Skip isNaN</li>
<li><a
href="https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc"><code>9e7ca51</code></a>
perf(parse): cache length, return early (<a
href="https://redirect.github.com/jshttp/cookie/issues/144">#144</a>)</li>
<li><a
href="https://github.com/jshttp/cookie/commit/d6f39b0aab5521a8b118b466a515fd6eb0b9f65e"><code>d6f39b0</code></a>
Fix tests for old node</li>
<li><a
href="https://github.com/jshttp/cookie/commit/6bb701f14e59c5e768933bfae9b578db4ed26c6e"><code>6bb701f</code></a>
Remove failing scorecard</li>
<li>Additional commits viewable in <a
href="https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.1">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~blakeembrey">blakeembrey</a>, a new
releaser for cookie since your current version.</p>
</details>
<br />

Updates `express` from 4.21.0 to 4.21.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/releases">express's
releases</a>.</em></p>
<blockquote>
<h2>4.21.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Backport a fix for CVE-2024-47764 to the 4.x branch by <a
href="https://github.com/joshbuker"><code>@joshbuker</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6029">expressjs/express#6029</a></li>
<li>Release: 4.21.1 by <a
href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6031">expressjs/express#6031</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/express/compare/4.21.0...4.21.1">https://github.com/expressjs/express/compare/4.21.0...4.21.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/blob/4.21.1/History.md">express's
changelog</a>.</em></p>
<blockquote>
<h1>4.21.1 / 2024-10-08</h1>
<ul>
<li>Backported a fix for <a
href="https://nvd.nist.gov/vuln/detail/CVE-2024-47764">CVE-2024-47764</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/expressjs/express/commit/8e229f92752ad51462c868b99f6e6c2e559801b0"><code>8e229f9</code></a>
4.21.1</li>
<li><a
href="https://github.com/expressjs/express/commit/a024c8a7b658a178cbdb9bde33030b7500172815"><code>a024c8a</code></a>
fix(deps): cookie@0.7.1</li>
<li>See full diff in <a
href="https://github.com/expressjs/express/compare/4.21.0...4.21.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `elliptic` from 6.5.6 to 6.6.1
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/indutny/elliptic/commit/9b77436a59cc35eccf4ffb848259c8762a492ee7"><code>9b77436</code></a>
6.6.1</li>
<li><a
href="https://github.com/indutny/elliptic/commit/04cb6f54ce552b3ebde6be06d6050419e1c7333e"><code>04cb6f5</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/indutny/elliptic/commit/b8a7edd61a0d9bddd0bbf3436a4b476401edbe20"><code>b8a7edd</code></a>
6.6.0</li>
<li><a
href="https://github.com/indutny/elliptic/commit/34c853478cec1be4e37260ed2cb12cdbdc6402cf"><code>34c8534</code></a>
fix: signature verification due to leading zeros</li>
<li><a
href="https://github.com/indutny/elliptic/commit/3e46a48fdd2ef2f89593e5e058d85530578c9761"><code>3e46a48</code></a>
6.5.7</li>
<li><a
href="https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11"><code>accb61e</code></a>
lib: DER signature decoding correction</li>
<li>See full diff in <a
href="https://github.com/indutny/elliptic/compare/v6.5.6...v6.6.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `express` from 4.21.0 to 4.21.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/releases">express's
releases</a>.</em></p>
<blockquote>
<h2>4.21.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Backport a fix for CVE-2024-47764 to the 4.x branch by <a
href="https://github.com/joshbuker"><code>@joshbuker</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6029">expressjs/express#6029</a></li>
<li>Release: 4.21.1 by <a
href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6031">expressjs/express#6031</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/express/compare/4.21.0...4.21.1">https://github.com/expressjs/express/compare/4.21.0...4.21.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/blob/4.21.1/History.md">express's
changelog</a>.</em></p>
<blockquote>
<h1>4.21.1 / 2024-10-08</h1>
<ul>
<li>Backported a fix for <a
href="https://nvd.nist.gov/vuln/detail/CVE-2024-47764">CVE-2024-47764</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/expressjs/express/commit/8e229f92752ad51462c868b99f6e6c2e559801b0"><code>8e229f9</code></a>
4.21.1</li>
<li><a
href="https://github.com/expressjs/express/commit/a024c8a7b658a178cbdb9bde33030b7500172815"><code>a024c8a</code></a>
fix(deps): cookie@0.7.1</li>
<li>See full diff in <a
href="https://github.com/expressjs/express/compare/4.21.0...4.21.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `rollup` from 3.29.4 to 3.29.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/rollup/rollup/releases">rollup's
releases</a>.</em></p>
<blockquote>
<h2>v3.29.5</h2>
<h2>3.29.5</h2>
<p><em>2024-09-21</em></p>
<h3>Bug Fixes</h3>
<ul>
<li>Fix a vulnerability in generated code that affects IIFE, UMD and CJS
bundles when run in a browser context (<a
href="https://redirect.github.com/rollup/rollup/issues/5671">#5671</a>)</li>
</ul>
<h3>Pull Requests</h3>
<ul>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/5671">#5671</a>:
Fix DOM Clobbering CVE (<a
href="https://github.com/lukastaegert"><code>@lukastaegert</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/rollup/rollup/blob/master/CHANGELOG.md">rollup's
changelog</a>.</em></p>
<blockquote>
<h2>3.29.5</h2>
<p><em>2024-09-21</em></p>
<h3>Bug Fixes</h3>
<ul>
<li>Fix a vulnerability in generated code that affects IIFE, UMD and CJS
bundles when run in a browser context (<a
href="https://redirect.github.com/rollup/rollup/issues/5671">#5671</a>)</li>
</ul>
<h3>Pull Requests</h3>
<ul>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/5671">#5671</a>:
Fix DOM Clobbering CVE (<a
href="https://github.com/lukastaegert"><code>@lukastaegert</code></a>)</li>
</ul>
<h2>4.22.4</h2>
<p><em>2024-09-21</em></p>
<h3>Bug Fixes</h3>
<ul>
<li>Fix a vulnerability in generated code that affects IIFE, UMD and CJS
bundles when run in a browser context (<a
href="https://redirect.github.com/rollup/rollup/issues/5671">#5671</a>)</li>
</ul>
<h3>Pull Requests</h3>
<ul>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/5670">#5670</a>:
refactor: Use object.prototype to check for reserved properties (<a
href="https://github.com/YuHyeonWook"><code>@YuHyeonWook</code></a>)</li>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/5671">#5671</a>:
Fix DOM Clobbering CVE (<a
href="https://github.com/lukastaegert"><code>@lukastaegert</code></a>)</li>
</ul>
<h2>4.22.3</h2>
<p><em>2024-09-21</em></p>
<h3>Bug Fixes</h3>
<ul>
<li>Ensure that mutations in modules without side effects are observed
while properly handling transitive dependencies (<a
href="https://redirect.github.com/rollup/rollup/issues/5669">#5669</a>)</li>
</ul>
<h3>Pull Requests</h3>
<ul>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/5669">#5669</a>:
Ensure impure dependencies of pure modules are added (<a
href="https://github.com/lukastaegert"><code>@lukastaegert</code></a>)</li>
</ul>
<h2>4.22.2</h2>
<p><em>2024-09-20</em></p>
<h3>Bug Fixes</h3>
<ul>
<li>Revert fix for side effect free modules until other issues are
investigated (<a
href="https://redirect.github.com/rollup/rollup/issues/5667">#5667</a>)</li>
</ul>
<h3>Pull Requests</h3>
<ul>
<li><a
href="https://redirect.github.com/rollup/rollup/pull/5667">#5667</a>:
Partially revert <a
href="https://redirect.github.com/rollup/rollup/issues/5658">#5658</a>
and re-apply <a
href="https://redirect.github.com/rollup/rollup/issues/5644">#5644</a>
(<a
href="https://github.com/lukastaegert"><code>@lukastaegert</code></a>)</li>
</ul>
<h2>4.22.1</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/rollup/rollup/commit/dfd233d3a9feb18aa69b49b6c1da0248a4f1c6e3"><code>dfd233d</code></a>
3.29.5</li>
<li><a
href="https://github.com/rollup/rollup/commit/2ef77c00ec2635d42697cff2c0567ccc8db34fb4"><code>2ef77c0</code></a>
Fix DOM Clobbering CVE</li>
<li>See full diff in <a
href="https://github.com/rollup/rollup/compare/v3.29.4...v3.29.5">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/Latina-Dev/latina-dev/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Frances Coronel <hello@francescoronel.com>
Loading branch information
dependabot[bot] and FrancesCoronel authored Dec 1, 2024
1 parent 86cb2b7 commit 25ad7c5
package-lock.json
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
0 comments on commit `25ad7c5`

Please sign in to comment.
Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `25ad7c5`

Commit

There are no files selected for viewing

0 comments on commit 25ad7c5

0 comments on commit `25ad7c5`
