Skip to content

Comments

Bump the production-dependencies group across 1 directory with 10 updates#98

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/backend/production-dependencies-6703438e7a
Closed

Bump the production-dependencies group across 1 directory with 10 updates#98
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/backend/production-dependencies-6703438e7a

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Dec 9, 2024
edited
Loading

Bumps the production-dependencies group with 10 updates in the /backend directory:

Package From To
@prisma/client 5.16.0 6.0.1
axios 1.7.2 1.7.9
body-parser 1.20.2 1.20.3
bull 4.15.1 4.16.4
@types/bull 4.10.0 4.10.4
debug 4.3.5 4.4.0
express 4.19.2 4.21.2
prisma 5.16.0 6.0.1
simple-git 3.25.0 3.27.0
typescript 5.5.2 5.7.2

Updates @prisma/client from 5.16.0 to 6.0.1

Release notes

Sourced from @​prisma/client's releases.

6.0.1

Today we are releasing the 6.0.1 patch release to address an issue with using Prisma Client generated in a custom output path with Next.js.

Changes

6.0.0

We’re excited to share the Prisma ORM v6 release today 🎉

As this is a major release, it includes a few breaking changes that may affect your application. Before upgrading, we recommend that you check out our upgrade guide to understand the impact on your application.

If you want to have an overview of what we accomplished since v5, check out our announcement blog post: Prisma 6: Better Performance, More Flexibility & Type-Safe SQL.

🌟 Help us spread the word about Prisma by starring the repo ☝️ or posting on X about the release.

Breaking changes

⚠️ This section contains a list of breaking changes. If you upgrade your application to Prisma ORM v6 without addressing these, your application is going to break! For detailed upgrade instructions, check out the upgrade guide. ⚠️ 

Minimum supported Node.js versions

The new minimum supported Node.js versions for Prisma ORM v6 are:

  • for Node.js 18 the minimum supported version is 18.18.0
  • for Node.js 20 the minimum supported version is 20.9.0
  • for Node.js 22 the minimum supported version is 22.11.0

There is no official support for Node.js <18.18.0, 19, 21, 23.

Minimum supported TypeScript version

The new minimum supported TypeScript version for Prisma ORM v6 is: 5.1.0.

Schema change for implicit m-n relations on PostgreSQL

If you're using PostgreSQL and are defining implicit many-to-many relations in your Prisma schema, Prisma ORM maintains the relation table for you under the hood. This relation table has A and B columns to represent the tables of the models that are part of this relation.

Previous versions of Prisma ORM used to create a unique index on these two columns. In Prisma v6, this unique index is changing to a primary key in order to simplify for the default replica identity behaviour.

If you're defining implicit m-n relations in your Prisma schema, the next migration you'll create will contain ALTER TABLE statements for all the relation tables that belong to these relations.

Full-text search on PostgreSQL

The fullTextSearch Preview feature is promoted to General Availability only for MySQL. This means that if you're using PostgreSQL and currently make use of this Preview feature, you now need to use the new fullTextSearchPostgres Preview feature.

Usage of Buffer

Prisma v6 replaces the usage of Buffer with Uint8Array to represent fields of type Bytes. Make sure to replace all your occurrences of the Buffer type with the new Uint8Array.

... (truncated)

Commits
  • a4689bd fix(client): evert "type": "commonjs" addition in generated package.json ...
  • 73e168a chore(deps): update engines to 5.23.0-27.5dbef10bdbfb579e07d35cc85fb1518d357c...
  • 6fa385e feat(client): generate unused enum definitions (#25740)
  • 5b505cf chore(deps): update engines to 5.23.0-25.1886abc311c2408082a16615b21bdb872116...
  • 048b190 fix: update tests to account for a sqlserver fix in prisma/prisma-engines#505...
  • 914f1b3 fix: Specify 'type': 'commonjs' in generated client package.json (#25734)
  • f35b6e3 chore(deps): update engines to 5.23.0-18.c1f560085eac7ac5a5014b5a5a9f7ddf9b9f...
  • 5e39f28 chore(deps): update engines to 5.23.0-15.4180c299dc941abed5230a37241c42318c5a...
  • 4a827d4 chore(deps): update jest (#25682)
  • 8f9ba06 chore(deps): update opentelemetry packages (#25686)
  • Additional commits viewable in compare view

Updates axios from 1.7.2 to 1.7.9

Release notes

Sourced from axios's releases.

Release v1.7.9

Release notes:

Reverts

Contributors to this release

Release v1.7.8

Release notes:

Bug Fixes

  • allow passing a callback as paramsSerializer to buildURL (#6680) (eac4619)
  • core: fixed config merging bug (#6668) (5d99fe4)
  • fixed width form to not shrink after 'Send Request' button is clicked (#6644) (7ccd5fd)
  • http: add support for File objects as payload in http adapter (#6588) (#6605) (6841d8d)
  • http: fixed proxy-from-env module import (#5222) (12b3295)
  • http: use globalThis.TextEncoder when available (#6634) (df956d1)
  • ios11 breaks when build (#6608) (7638952)
  • types: add missing types for mergeConfig function (#6590) (00de614)
  • types: export CJS types from ESM (#6218) (c71811b)
  • updated stream aborted error message to be more clear (#6615) (cc3217a)
  • use URL API instead of DOM to fix a potential vulnerability warning; (#6714) (0a8d6e1)

Contributors to this release

Release v1.7.7

Release notes:

Bug Fixes

... (truncated)

Changelog

Sourced from axios's changelog.

1.7.9 (2024-12-04)

Reverts

Contributors to this release

1.7.8 (2024-11-25)

Bug Fixes

  • allow passing a callback as paramsSerializer to buildURL (#6680) (eac4619)
  • core: fixed config merging bug (#6668) (5d99fe4)
  • fixed width form to not shrink after 'Send Request' button is clicked (#6644) (7ccd5fd)
  • http: add support for File objects as payload in http adapter (#6588) (#6605) (6841d8d)
  • http: fixed proxy-from-env module import (#5222) (12b3295)
  • http: use globalThis.TextEncoder when available (#6634) (df956d1)
  • ios11 breaks when build (#6608) (7638952)
  • types: add missing types for mergeConfig function (#6590) (00de614)
  • types: export CJS types from ESM (#6218) (c71811b)
  • updated stream aborted error message to be more clear (#6615) (cc3217a)
  • use URL API instead of DOM to fix a potential vulnerability warning; (#6714) (0a8d6e1)

Contributors to this release

1.7.7 (2024-08-31)

... (truncated)

Commits

Updates body-parser from 1.20.2 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

New Contributors

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.


Updates bull from 4.15.1 to 4.16.4

Release notes

Sourced from bull's releases.

v4.16.4

4.16.4 (2024-11-01)

Bug Fixes

  • deps: bump msgpackr to 1.1.2 to resolve ERR_BUFFER_OUT_OF_BOUNDS error (#2783) fixes #2782 (bc0ae0a)

v4.16.3

4.16.3 (2024-09-10)

Bug Fixes

  • metrics: differentiate points in different minutes to be more accurate (#2770) (fbf2fa3)

v4.16.2

4.16.2 (2024-09-05)

Performance Improvements

  • metrics: save zeros as much as max data points (#2767) (3a09840)

v4.16.1

4.16.1 (2024-08-28)

Bug Fixes

v4.16.0

4.16.0 (2024-07-30)

Features

Changelog

Sourced from bull's changelog.

4.16.4 (2024-11-01)

Bug Fixes

  • deps: bump msgpackr to 1.1.2 to resolve ERR_BUFFER_OUT_OF_BOUNDS error (#2783) fixes #2782 (bc0ae0a)

4.16.3 (2024-09-10)

Bug Fixes

  • metrics: differentiate points in different minutes to be more accurate (#2770) (fbf2fa3)

4.16.2 (2024-09-05)

Performance Improvements

  • metrics: save zeros as much as max data points (#2767) (3a09840)

4.16.1 (2024-08-28)

Bug Fixes

4.16.0 (2024-07-30)

Features

Commits
  • 65355b8 chore(release): 4.16.4 [skip ci]
  • bc0ae0a fix(deps): bump msgpackr to 1.1.2 to resolve ERR_BUFFER_OUT_OF_BOUNDS error (...
  • c2f37ee docs(readme): replace gitter with slack (#2775)
  • 461afc7 build(deps): bump path-to-regexp from 1.8.0 to 1.9.0 (#2771)
  • 66f8241 chore(release): 4.16.3 [skip ci]
  • fbf2fa3 fix(metrics): differentiate points in different minutes to be more accurate (...
  • f59473b chore(release): 4.16.2 [skip ci]
  • 3a09840 perf(metrics): save zeros as much as max data points (#2767)
  • 090c529 docs: update phrasing to clarify promise usage over done callback (#2766)
  • 8564453 chore(release): 4.16.1 [skip ci]
  • Additional commits viewable in compare view

Updates @types/bull from 4.10.0 to 4.10.4

Commits

Updates debug from 4.3.5 to 4.4.0

Release notes

Sourced from debug's releases.

4.4.0

Fixes (hopefully) the inefficient regex warnings in .enable().

Minor version as this is invariably going to break certain users who misuse the .enable() API and expected it to work with regexes, which was never supported nor documented. That's on you, sorry - that functionality won't be added back.

Full Changelog: debug-js/debug@4.3.7...4.4.0

4.3.7

What's Changed

Full Changelog: debug-js/debug@4.3.6...4.3.7

4.3.6

What's Changed

New Contributors

Full Changelog: debug-js/debug@4.3.5...4.3.6

Commits

Updates express from 4.19.2 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

New Contributors

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect

Other Changes

... (truncated)

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

  • deps: path-to-regexp@0.1.12
    • Fix backtracking protection
  • deps: path-to-regexp@0.1.11
    • Throws an error on invalid path values

4.21.1 / 2024-10-08

4.21.0 / 2024-09-11

  • Deprecate res.location("back") and res.redirect("back") magic string
  • deps: serve-static@1.16.2
    • includes send@0.19.0
  • deps: finalhandler@1.3.1
  • deps: qs@6.13.0

4.20.0 / 2024-09-10

  • deps: serve-static@0.16.0
    • Remove link renderization in html while redirecting
  • deps: send@0.19.0
    • Remove link renderization in html while redirecting
  • deps: body-parser@0.6.0
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: path-to-regexp@0.1.10
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie
Commits
Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.


Updates prisma from 5.16.0 to 6.0.1

Release notes

Sourced from prisma's releases.

6.0.1

Today we are releasing the 6.0.1 patch release to address an issue with using Prisma Client generated in a custom output path with Next.js.

Changes

6.0.0

We’re excited to share the Prisma ORM v6 release today 🎉

As this is a major release, it includes a few breaking changes that may affect your application. Before upgrading, we recommend that you check out our upgrade guide to understand the impact on your application.

If you want to have an overview of what we accomplished since v5, check out our announcement blog post: Prisma 6: Better Performance, More Flexibility & Type-Safe SQL.

🌟 Help us spread the word about Prisma by starring the repo ☝️ or posting on X about the release.

Breaking changes

⚠️ This section contains a list of breaking changes. If you upgrade your application to Prisma ORM v6 without addressing these, your application is going to break! For detailed upgrade instructions, check out the upgrade guide. ⚠️ 

Minimum supported Node.js versions

The new minimum supported Node.js versions for Prisma ORM v6 are:

  • for Node.js 18 the minimum supported version is 18.18.0
  • for Node.js 20 the minimum supported version is 20.9.0
  • for Node.js 22 the minimum supported version is 22.11.0

There is no official support for Node.js <18.18.0, 19, 21, 23.

Minimum supported TypeScript version

The new minimum supported TypeScript version for Prisma ORM v6 is: 5.1.0.

Schema change for implicit m-n relations on PostgreSQL

If you're using PostgreSQL and are defining implicit many-to-many relations in your Prisma schema, Prisma ORM maintains the relation table for you under the hood. This relation table has A and B columns to represent the tables of the models that are part of this relation.

Previous versions of Prisma ORM used to create a unique index on these two columns. In Prisma v6, this unique index is changing to a primary key in order to simplify for the default replica identity behaviour.

If you're defining implicit m-n relations in your Prisma schema, the next migration you'll create will contain ALTER TABLE statements for all the relation tables that belong to these relations.

Full-text search on PostgreSQL

The fullTextSearch Preview feature is promoted to General Availability only for MySQL. This means that if you're using PostgreSQL and currently make use of this Preview feature, you now need to use the new fullTextSearchPostgres Preview feature.

Usage of Buffer

Prisma v6 replaces the usage of Buffer with Uint8Array to represent fields of type Bytes. Make sure to replace all your occurrences of the Buffer type with the new Uint8Array.

... (truncated)

Commits

Updates simple-git from 3.25.0 to 3.27.0

Release notes

Sourced from simple-git's releases.

simple-git@3.27.0

Minor Changes

  • 52f767b: Add similarity to the DiffResultNameStatusFile interface used when fetching log/diff with the --name-status option.
  • 739b0d9: Diff summary includes original name of renamed files when run wiht the --name-status option.
  • bc90e7e: Fixes an issue with reporting name changes in the files array returned by git.status. Thank you @​mark-codesphere for the contribution.

Patch Changes

  • 03e1c64: Resolve error in log parsing when fields have empty values.

simple-git@3.26.0

Minor Changes

  • 28d545b: Upgrade build tools and typescript
Changelog

Sourced from simple-git's changelog.

3.27.0

Minor Changes

  • 52f767b: Add similarity to the DiffResultNameStatusFile interface used when fetching log/diff with the --name-status option.
  • 739b0d9: Diff summary includes original name of renamed files when run wiht the --name-status option.
  • bc90e7e: Fixes an issue with reporting name changes in the files array returned by git.status. Thank you @​mark-codesphere for the contribution.

Patch Changes

  • 03e1c64: Resolve error in log parsing when fields have empty values.

3.26.0

Minor Changes

  • 28d545b: Upgrade build tools and typescript
Commits

Updates typescript from 5.5.2 to 5.7.2

Release notes

Sourced from typescript's releases.

TypeScript 5.7

For release notes, check out the release announcement.

Downloads are available on:

TypeScript 5.7 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.7 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

@dependabot
Bump the production-dependencies group across 1 directory with 10 upd…
95a4c83 
…ates

Bumps the production-dependencies group with 10 updates in the /backend directory:

| Package | From | To |
| --- | --- | --- |
| [@prisma/client](https://github.com/prisma/prisma/tree/HEAD/packages/client) | `5.16.0` | `6.0.1` |
| [axios](https://github.com/axios/axios) | `1.7.2` | `1.7.9` |
| [body-parser](https://github.com/expressjs/body-parser) | `1.20.2` | `1.20.3` |
| [bull](https://github.com/OptimalBits/bull) | `4.15.1` | `4.16.4` |
| [@types/bull](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/bull) | `4.10.0` | `4.10.4` |
| [debug](https://github.com/debug-js/debug) | `4.3.5` | `4.4.0` |
| [express](https://github.com/expressjs/express) | `4.19.2` | `4.21.2` |
| [prisma](https://github.com/prisma/prisma/tree/HEAD/packages/cli) | `5.16.0` | `6.0.1` |
| [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) | `3.25.0` | `3.27.0` |
| [typescript](https://github.com/microsoft/TypeScript) | `5.5.2` | `5.7.2` |



Updates `@prisma/client` from 5.16.0 to 6.0.1
- [Release notes](https://github.com/prisma/prisma/releases)
- [Commits](https://github.com/prisma/prisma/commits/6.0.1/packages/client)

Updates `axios` from 1.7.2 to 1.7.9
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.7.2...v1.7.9)

Updates `body-parser` from 1.20.2 to 1.20.3
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.20.2...1.20.3)

Updates `bull` from 4.15.1 to 4.16.4
- [Release notes](https://github.com/OptimalBits/bull/releases)
- [Changelog](https://github.com/OptimalBits/bull/blob/develop/CHANGELOG.md)
- [Commits](OptimalBits/bull@v4.15.1...v4.16.4)

Updates `@types/bull` from 4.10.0 to 4.10.4
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/bull)

Updates `debug` from 4.3.5 to 4.4.0
- [Release notes](https://github.com/debug-js/debug/releases)
- [Commits](debug-js/debug@4.3.5...4.4.0)

Updates `express` from 4.19.2 to 4.21.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md)
- [Commits](expressjs/express@4.19.2...4.21.2)

Updates `prisma` from 5.16.0 to 6.0.1
- [Release notes](https://github.com/prisma/prisma/releases)
- [Commits](https://github.com/prisma/prisma/commits/6.0.1/packages/cli)

Updates `simple-git` from 3.25.0 to 3.27.0
- [Release notes](https://github.com/steveukx/git-js/releases)
- [Changelog](https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md)
- [Commits](https://github.com/steveukx/git-js/commits/simple-git@3.27.0/simple-git)

Updates `typescript` from 5.5.2 to 5.7.2
- [Release notes](https://github.com/microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](microsoft/TypeScript@v5.5.2...v5.7.2)

---
updated-dependencies:
- dependency-name: "@prisma/client"
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: body-parser
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: bull
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: "@types/bull"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: debug
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: express
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: prisma
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: simple-git
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: typescript
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Dec 9, 2024
@dependabot dependabot bot mentioned this pull request Dec 9, 2024
Closed
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Dec 23, 2024

Superseded by #107.

@dependabot dependabot bot closed this Dec 23, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/backend/production-dependencies-6703438e7a branch December 23, 2024 15:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants