Skip to content

Bump the prod-deps group across 1 directory with 7 updates #1512

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
bdehamer merged 2 commits into from
Dec 3, 2025
Merged

Bump the prod-deps group across 1 directory with 7 updates #1512

bdehamer merged 2 commits into from
Dec 3, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 3, 2025
edited
Loading

Bumps the prod-deps group with 7 updates in the / directory:

Package From To
@oclif/core 4.7.2 4.8.0
@oclif/plugin-help 6.2.34 6.2.36
make-fetch-happen 15.0.2 15.0.3
@peculiar/x509 1.14.0 1.14.2
pkijs 3.2.5 3.3.3
pvutils 1.1.3 1.1.5
express 5.1.0 5.2.1

Updates @oclif/core from 4.7.2 to 4.8.0

Release notes

Sourced from @​oclif/core's releases.

4.8.0

Features

Changelog

Sourced from @​oclif/core's changelog.

4.8.0 (2025-10-28)

Features

Commits
  • d19a7ae chore(release): 4.8.0 [skip ci]
  • 48d250e Merge pull request #1492 from oclif/mdonnalley/show-env-in-help
  • 8297b68 Merge pull request #1494 from oclif/dependabot-npm_and_yarn-oclif-plugin-plug...
  • 1facb82 chore(dev-deps): bump @​oclif/plugin-plugins from 5.4.50 to 5.4.51
  • 97c0bde feat: show env in flag help
  • See full diff in compare view

Updates @oclif/plugin-help from 6.2.34 to 6.2.36

Release notes

Sourced from @​oclif/plugin-help's releases.

6.2.36

Bug Fixes

6.2.35

Bug Fixes

  • deps: bump @​oclif/core from 4.7.2 to 4.8.0 (#1052) (93b6338)
Changelog

Sourced from @​oclif/plugin-help's changelog.

6.2.36 (2025-11-15)

Bug Fixes

6.2.35 (2025-11-01)

Bug Fixes

  • deps: bump @​oclif/core from 4.7.2 to 4.8.0 (#1052) (93b6338)
Commits
  • d8c233d chore(release): 6.2.36 [skip ci]
  • 9a87922 fix(deps): bump js-yaml from 4.1.0 to 4.1.1 (#1058)
  • 11b665a chore(dev-deps): bump oclif from 4.22.39 to 4.22.41 (#1053)
  • b0ab3b8 chore(dev-deps): bump eslint from 9.39.0 to 9.39.1 (#1054)
  • a05c587 chore(dev-deps): bump eslint-config-oclif from 6.0.114 to 6.0.115 (#1055)
  • d3d917d chore(dev-deps): bump eslint from 9.38.0 to 9.39.0 (#1048)
  • 5ee08b2 chore(dev-deps): bump oclif from 4.22.32 to 4.22.38 (#1049)
  • 3880865 chore(dev-deps): bump @​eslint/compat from 1.4.0 to 1.4.1 (#1050)
  • 00d8cfb chore(dev-deps): bump eslint-config-oclif from 6.0.110 to 6.0.114 (#1051)
  • 62c567f chore(release): 6.2.35 [skip ci]
  • Additional commits viewable in compare view

Updates make-fetch-happen from 15.0.2 to 15.0.3

Release notes

Sourced from make-fetch-happen's releases.

v15.0.3

15.0.3 (2025-11-13)

Dependencies

Changelog

Sourced from make-fetch-happen's changelog.

15.0.3 (2025-11-13)

Dependencies

Commits

Updates @peculiar/x509 from 1.14.0 to 1.14.2

Release notes

Sourced from @​peculiar/x509's releases.

Release v1.14.2

What's Changed

New Contributors

Full Changelog: PeculiarVentures/x509@v1.14.1...v1.14.2

Release v1.14.1

What's Changed

Full Changelog: PeculiarVentures/x509@v1.14.0...v1.14.1

Commits
  • 23efd13 1.14.2
  • 27e9f87 Merge pull request #108 from TimoGlastra/fix/pass-crypto
  • a3c16d4 1.14.1
  • 49428ec chore(deps): update dependencies to latest versions
  • 02241b3 Merge pull request #111 from PeculiarVentures/donskov/eslint-migration
  • 7c5634e chore: remove unnecessary whitespace and improve code formatting across multi...
  • 3e1219d chore: disable additional ESLint rule for padding line between statements
  • e06d6b5 chore: update ESLint configuration and dependencies
  • 28801b5 chore: migrate from Yarn to npm (#110)
  • eec45ac chore: update documentation workflow and package management (#109)
  • Additional commits viewable in compare view

Updates pkijs from 3.2.5 to 3.3.3

Release notes

Sourced from pkijs's releases.

Release v3.3.3

What's Changed

New Contributors

Full Changelog: PeculiarVentures/PKI.js@v3.3.2...v3.3.3

Release v3.3.2

Full Changelog: PeculiarVentures/PKI.js@v3.3.1...v3.3.2

Release v3.3.1

What's Changed

New Contributors

Full Changelog: PeculiarVentures/PKI.js@v3.3.0...v3.3.1

Release v3.3.0

What's Changed

Full Changelog: PeculiarVentures/PKI.js@v3.2.5...v3.3.0

Commits
  • c9fd2bc 3.3.3
  • e2c1a40 Merge pull request #455 from nrtmr1211:fix/ocsp-request-explicit-extensions
  • e8c7ccc Merge pull request #453 from nrtmr1211:fix/ocsp-single-response-explicit-exte...
  • 7c5349d fix: ocsp - validate Request.singleRequestExtensions as [0] EXPLICIT Extensio...
  • 2eb63fd fix: ocsp - encode SingleResponse.singleExtensions as [1] EXPLICIT (fixes #452)
  • 995dc5a 3.3.2
  • aeebfeb fix: update Node.js engine requirement to support older versions
  • 1875b52 3.3.1
  • f9c4ba0 Merge pull request #450 from mozkeeler/opaque-signature
  • 74742ea fixes #449: makes SignedCertificateTimestamp.signature an ArrayBuffer
  • Additional commits viewable in compare view

Updates pvutils from 1.1.3 to 1.1.5

Changelog

Sourced from pvutils's changelog.

1.1.5 (2025-10-24)

1.1.4 (2025-10-24)

Commits
  • 1b3ee7e chore(release): 1.1.5
  • 70b283e chore: update Node.js engine requirement to >=16.0.0 in package.json and pack...
  • fc48a95 chore(release): 1.1.4
  • 4968fe7 chore: update package-lock.json and package.json to include standard-version ...
  • e9cf165 Merge pull request #17 from PeculiarVentures/donskov/yarn-to-npm
  • f20e620 Update .github/workflows/publish.yml
  • 62d386a ci: enhance test workflow with parallel execution and finish step
  • bb72411 ci: restrict workflow triggers to master branch only
  • 6a0aa5e chore: update dependencies and workflows
  • See full diff in compare view

Updates express from 5.1.0 to 5.2.1

Release notes

Sourced from express's releases.

v5.2.1

What's Changed

[!IMPORTANT]
The prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.

Full Changelog: expressjs/express@v5.2.0...v5.2.1

v5.2.0

Important: Security

What's Changed

... (truncated)

Changelog

Sourced from express's changelog.

5.2.1 / 2025-12-01

5.2.0 / 2025-12-01

  • Security fix for CVE-2024-51999 (GHSA-pj86-cfqh-vqx6)
  • deps: body-parser@^2.2.1
  • A deprecation warning was added when using res.redirect with undefined arguments, Express now emits a warning to help detect calls that pass undefined as the status or URL and make them easier to fix.
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Dec 3, 2025
@dependabot dependabot bot requested a review from a team as a code owner December 3, 2025 17:38
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Dec 3, 2025
@changeset-bot
Copy link

changeset-bot bot commented Dec 3, 2025
edited
Loading

⚠️ No Changeset found

Latest commit: 46eb9d4

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/prod-deps-8836c75120 branch 4 times, most recently from c967cea to 509284f Compare December 3, 2025 17:48
@dependabot
Bump the prod-deps group across 1 directory with 7 updates
ee36d43 
Bumps the prod-deps group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@oclif/core](https://github.com/oclif/core) | `4.7.2` | `4.8.0` |
| [@oclif/plugin-help](https://github.com/oclif/plugin-help) | `6.2.34` | `6.2.36` |
| [make-fetch-happen](https://github.com/npm/make-fetch-happen) | `15.0.2` | `15.0.3` |
| [@peculiar/x509](https://github.com/PeculiarVentures/x509) | `1.14.0` | `1.14.2` |
| [pkijs](https://github.com/PeculiarVentures/PKI.js) | `3.2.5` | `3.3.3` |
| [pvutils](https://github.com/PeculiarVentures/pvutils) | `1.1.3` | `1.1.5` |
| [express](https://github.com/expressjs/express) | `5.1.0` | `5.2.1` |



Updates `@oclif/core` from 4.7.2 to 4.8.0
- [Release notes](https://github.com/oclif/core/releases)
- [Changelog](https://github.com/oclif/core/blob/main/CHANGELOG.md)
- [Commits](oclif/core@4.7.2...4.8.0)

Updates `@oclif/plugin-help` from 6.2.34 to 6.2.36
- [Release notes](https://github.com/oclif/plugin-help/releases)
- [Changelog](https://github.com/oclif/plugin-help/blob/main/CHANGELOG.md)
- [Commits](oclif/plugin-help@6.2.34...6.2.36)

Updates `make-fetch-happen` from 15.0.2 to 15.0.3
- [Release notes](https://github.com/npm/make-fetch-happen/releases)
- [Changelog](https://github.com/npm/make-fetch-happen/blob/main/CHANGELOG.md)
- [Commits](npm/make-fetch-happen@v15.0.2...v15.0.3)

Updates `@peculiar/x509` from 1.14.0 to 1.14.2
- [Release notes](https://github.com/PeculiarVentures/x509/releases)
- [Commits](PeculiarVentures/x509@v1.14.0...v1.14.2)

Updates `pkijs` from 3.2.5 to 3.3.3
- [Release notes](https://github.com/PeculiarVentures/PKI.js/releases)
- [Commits](PeculiarVentures/PKI.js@v3.2.5...v3.3.3)

Updates `pvutils` from 1.1.3 to 1.1.5
- [Changelog](https://github.com/PeculiarVentures/pvutils/blob/master/CHANGELOG.md)
- [Commits](PeculiarVentures/pvutils@v1.1.3...v1.1.5)

Updates `express` from 5.1.0 to 5.2.1
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@v5.1.0...v5.2.1)

---
updated-dependencies:
- dependency-name: "@oclif/core"
  dependency-version: 4.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps
- dependency-name: "@oclif/plugin-help"
  dependency-version: 6.2.36
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: make-fetch-happen
  dependency-version: 15.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: "@peculiar/x509"
  dependency-version: 1.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: pkijs
  dependency-version: 3.3.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps
- dependency-name: pvutils
  dependency-version: 1.1.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-deps
- dependency-name: express
  dependency-version: 5.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/prod-deps-8836c75120 branch from 509284f to ee36d43 Compare December 3, 2025 17:50
@bdehamer
fix type error
46eb9d4 
Signed-off-by: Brian DeHamer <[email protected]>
@bdehamer bdehamer merged commit 31aa7c3 into main Dec 3, 2025
23 checks passed
@bdehamer bdehamer deleted the dependabot/npm_and_yarn/prod-deps-8836c75120 branch December 3, 2025 19:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bdehamer bdehamer bdehamer approved these changes

@ejahnGithub ejahnGithub ejahnGithub approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@bdehamer @ejahnGithub