Bump the npm_and_yarn group across 2 directories with 2 updates by dependabot[bot] · Pull Request #5587 · microsoft/BotFramework-WebChat
⚠️ Dependabot is rebasing this PR ⚠️
Rebasing might not happen immediately, so don't worry if this takes some time.
Note: if you make any changes to this PR yourself, they will take precedence over the rebase.
Bumps the npm_and_yarn group with 1 update in the / directory: tmp.
Bumps the npm_and_yarn group with 1 update in the /packages/embed directory: @babel/runtime.
Updates tmp from 0.2.3 to 0.2.5
Commits
3d2fe38Bump up the versione162828Merge pull request #309 from fflorent/fix-tmp-dir-with-dirb847d2fFix use of tmp.dir() withdiroption08fa3abUpdate version1cf4ec5Merge commit from fork188b25eFix GHSA-52f5-9888-hmc673b9fe4Add test case for GHSA-52f5-9888-hmc6b8e2f29Remove broken tests2892a02Remove outdated URLf592318Reformat package.json- Additional commits viewable in compare view
Updates @babel/runtime from 7.17.2 to 7.26.10
Release notes
Sourced from @babel/runtime's releases.
v7.26.10 (2025-03-11)
Thanks
@jordan-choiand@mmmsssttt404for your first PRs!This release includes a fix for GHSA-968p-4wvh-cqc8, a security vulnerability which affects the
.replacemethod of transpiled regular expressions that use named capturing groups.👓 Spec Compliance
🐛 Bug Fix
babel-parser,babel-templatebabel-core
- #17142 fix: "Map maximum size exceeded" in deepClone (
@liuxingbaoyu)babel-parser,babel-plugin-transform-typescriptbabel-traverse
- #17151 fix: Should not evaluate vars in child scope (
@liuxingbaoyu)babel-generator
- #17153 fix: Correctly generate
abstract override(@liuxingbaoyu)babel-parserbabel-helpers,babel-runtime,babel-runtime-corejs2,babel-runtime-corejs3
- #17173 Fix processing of replacement pattern with named capture groups (
@mmmsssttt404)💅 Polish
babel-standalone
- #17158 Avoid warnings when re-bundling
@babel/standalonewith webpack (@liuxingbaoyu)🏠 Internal
Committers: 6
- Babel Bot (
@babel-bot)- Huáng Jùnliàng (
@JLHwung)- Nicolò Ribaudo (
@nicolo-ribaudo)- Yunyoung Jordan Choi (
@jordan-choi)@liuxingbaoyu@mmmsssttt404v7.26.9 (2025-02-14)
🐛 Bug Fix
babel-types
- #17103 fix: Definition for
TSPropertySignature.kind(@liuxingbaoyu)babel-generator,babel-types
- #17062 Print TypeScript optional/definite in ClassPrivateProperty (
@jamiebuilds-signal)
... (truncated)
Changelog
Sourced from @babel/runtime's changelog.
v7.26.10 (2025-03-11)
👓 Spec Compliance
🐛 Bug Fix
babel-parser,babel-templatebabel-core
- #17142 fix: "Map maximum size exceeded" in deepClone (
@liuxingbaoyu)babel-parser,babel-plugin-transform-typescriptbabel-traverse
- #17151 fix: Should not evaluate vars in child scope (
@liuxingbaoyu)babel-generator
- #17153 fix: Correctly generate
abstract override(@liuxingbaoyu)babel-parserbabel-helpers,babel-runtime,babel-runtime-corejs2,babel-runtime-corejs3
- #17173 Fix processing of replacement pattern with named capture groups (
@mmmsssttt404)💅 Polish
babel-standalone
- #17158 Avoid warnings when re-bundling
@babel/standalonewith webpack (@liuxingbaoyu)🏠 Internal
v7.26.9 (2025-02-14)
🐛 Bug Fix
babel-types
- #17103 fix: Definition for
TSPropertySignature.kind(@liuxingbaoyu)babel-generator,babel-types
- #17062 Print TypeScript optional/definite in ClassPrivateProperty (
@jamiebuilds-signal)🏠 Internal
babel-types
- #17130 Use
.tsfiles with explicit reexports to solve name conflicts (@nicolo-ribaudo)babel-core
- #17127 Do not depend on
@types/gensyncin Babel 7 (@nicolo-ribaudo)v7.26.7 (2025-01-24)
🐛 Bug Fix
babel-helpers,babel-preset-env,babel-runtime-corejs3
- #17086 Make "object without properties" helpers ES6-compatible (
@tquetano-netflix)babel-plugin-transform-typeof-symbol
- #17085 fix: Correctly handle
typeofin arrow functions (@liuxingbaoyu)
... (truncated)
Commits
e1ce99dv7.26.10d5952e8Fix processing of replacement pattern with named capture groups (#17173)64bca7bv7.26.92d95140v7.26.763d3038v7.26.0b07957ev7.25.9af91759fix: Accidentally publishing useless files (#16917)2533cfbv7.25.769d65f1[babel 8] Require Node.js^18.20.0 || ^20.17.0 || >=22.8.0(#16800)2f72b97v7.25.6- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.