Bump the npm_and_yarn group across 1 directory with 37 updates

[dependabot]

Bumps the npm_and_yarn group with 31 updates in the / directory:

Package	From	To
@nestjs/core	7.4.2	9.0.5
class-validator	0.12.2	0.14.0
hbs	4.1.1	4.2.0
html-pdf	2.2.0	3.0.1
@types/html-pdf	2.2.0	3.0.3
lodash	4.17.19	4.17.21
nodemailer	6.4.11	6.9.9
passport	0.4.1	0.6.0
typeorm	0.2.25	0.3.0
@babel/traverse	7.10.4	7.24.5
browserify-sign	4.2.0	4.2.3
cookiejar	2.1.2	2.1.4
decode-uri-component	0.2.0	0.2.2
ejs	3.1.3	3.1.10
elliptic	6.5.3	6.5.5
es5-ext	0.10.53	0.10.64
hosted-git-info	2.8.8	2.8.9
ini	1.3.5	1.3.8
jsdom	16.2.2	16.7.0
json5	1.0.1	1.0.2
loader-utils	1.4.0	1.4.2
minimatch	3.0.4	3.1.2
moment-timezone	0.5.31	0.5.45
path-parse	1.0.6	1.0.7
pug-code-gen	2.0.2	2.0.3
qs	6.5.2	6.5.3
ssri	6.0.1	6.0.2
terser	4.8.0	4.8.1
tmpl	1.0.4	1.0.5
word-wrap	1.2.3	1.2.5
y18n	4.0.0	4.0.3

Updates @nestjs/core from 7.4.2 to 9.0.5

Release notes

Sourced from @​nestjs/core's releases.

v9.0.5 (2022-07-20)

Bug fixes

• common, platform-express
  • #9819 fix: use pipeline over stream.pipe (@​jmcdo29)

Enhancements

• microservices
  • #9798 feat(microservices): add noAssert option for RMQ connection (@​frankmangone)
  • #9954 feat(microservices): add Kafka heartbeat callback to KafkaContext (@​kosh-b)
• platform-express, platform-fastify
  • #9926 fix(express,fastify): raw body for urlencoded requests (@​tolgap)

Dependencies

• Other
  • #9959 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/30-event-emitter (@​dependabot[bot])
  • #9960 chore(deps): bump terser from 5.14.1 to 5.14.2 in /sample/32-graphql-federation-schema-first/users-application (@​dependabot[bot])
  • #9961 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/31-graphql-federation-code-first/gateway (@​dependabot[bot])
  • #9962 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/31-graphql-federation-code-first/users-application (@​dependabot[bot])
  • #9963 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/32-graphql-federation-schema-first/posts-application (@​dependabot[bot])
  • #9964 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/32-graphql-federation-schema-first/gateway (@​dependabot[bot])
  • #9965 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/29-file-upload (@​dependabot[bot])
  • #9966 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/28-sse (@​dependabot[bot])
  • #9967 chore(deps): bump terser from 5.10.0 to 5.14.2 in /sample/31-graphql-federation-code-first/posts-application (@​dependabot[bot])
  • #9951 chore(deps-dev): bump mongoose from 6.4.4 to 6.4.5 (@​dependabot[bot])
  • #9952 chore(deps-dev): bump concurrently from 7.2.2 to 7.3.0 (@​dependabot[bot])
• platform-fastify
  • #9950 chore(deps): bump light-my-request from 5.1.0 to 5.2.0 (@​dependabot[bot])

Committers: 4

• Franco Mangone (@​frankmangone)
• Jay McDoniel (@​jmcdo29)
• Tolga Paksoy (@​tolgap)
• @​kosh-b

v9.0.2

Bug fixes

• common
  • #9904 fix(common): Fix CacheModule registerAsync (@​tugascript)

Enhancements

• core
  • #9902 refactor(core): replace our own 1-level flatten by the native one (@​micalevisk)

Dependencies

• #9906 chore(deps-dev): bump mongoose from 6.4.3 to 6.4.4 (@​dependabot[bot])
• #9908 chore(deps-dev): bump cache-manager from 4.0.1 to 4.1.0 (@​dependabot[bot])
• #9910 chore(deps-dev): bump @​nestjs/graphql from 10.0.16 to 10.0.18 (@​dependabot[bot])
• #9911 chore(deps-dev): bump core-js from 3.23.3 to 3.23.4 (@​dependabot[bot])

... (truncated)

Commits

• ad08626 chore(@​nestjs) publish v9.0.5 release
• df4d99d chore(@​nestjs) publish v9.0.4 release
• 8cd150d Merge pull request #9915 from thiagomini/refactor/instance-wrapper
• 4c16d20 refactor(core): remove providers type assertions
• f4b3c7f chore(@​nestjs) publish v9.0.3 release
• 1ff1389 fix(core): scoped factories should not fail with optional deps
• a2f4b34 test(core): add instance wrapper test
• b0d735d test(core): add instance wrapper test
• 7696f43 test(core): add instance wrapper test
• 2a7fc84 test(core): add instance wrapper test
• Additional commits viewable in compare view

Updates class-validator from 0.12.2 to 0.14.0

Changelog

Sourced from class-validator's changelog.

0.14.0 (2022-12-09)

Added

• add @IsTimeZone decorator to check if given string is valid IANA time zone
• add @IsISO4217CurrencyCode decorator to check if the string is an ISO 4217 currency code
• add @IsStrongPassword decorator to check if given password matches specific complexity criteria
• add @IsBase58 decorator to check if a string is base58 encoded
• add @IsTaxId decorator to check if a given string is a valid tax ID in a given locale
• add support for passing function as date generator in @MinDate and @MaxDate decorators
• add option to print constraint error message instead of constraint type in validation error
• improve decorator metadata lookup performance
• return possible values in error message for @IsEnum decorator

Fixed

• re-added @types/validator as dependency
• fix error generation when using @NestedValidation
• pass validation options correctly to validator in @IsDateString decorator
• support passing Symbol as parameter in error message generation
• specify supported locales for @IsAlphanumeric decorator
• correctly assign decorator name in metadata instead of loosing it
• fix various spelling errors in documentation
• fix various spelling errors and inconsistencies in JSDoc for decorators

Changed

• enable forbidUnknownValues option by default
• remove documentation about deprecated schema based validation and added warning
• update warning message logged about missing decorator metadata
• update libphonenumber-js to ^1.10.14 from ^1.9.43
• update various dev-dependencies

BREAKING CHANGES

forbidUnknownValues option is enabled by default

From this release the forbidUnknownValues is enabled by default. This is the desired behavior for majority of use-cases, but this change may break validation for some. The two scenarios that results in failed validation:

• when attempting to validate a class instance without metadata for it
• when using group validation and the specified validation group results in zero validation applied

The old behavior can be restored via specifying forbidUnknownValues: false option when calling the validate functions.

For more details see [PR #1798](typestack/class-validator#1798) and #1422 (comment).

@NestedValidation decorator correctly assigns validation errors

Until now the errors from a nested validation in some cases were incorrectly assigned

... (truncated)

Commits

• 5f0d424 merge: release 0.14.0 (#1841)
• e3d0708 build: bump version to 0.14.0
• ad76890 docs: add changelog for 0.14.0
• 9a775c5 build(deps-dev): bump @​types/node from 18.11.11 to 18.11.12 (#1840)
• 53bc9f6 build(deps-dev): bump @​typescript-eslint/eslint-plugin (#1837)
• d9b4072 build(deps-dev): bump @​typescript-eslint/parser from 5.45.1 to 5.46.0 (#1838)
• f993e9e build(deps-dev): bump typescript from 4.9.3 to 4.9.4 (#1835)
• ad1a41d build(deps-dev): bump @​rollup/plugin-commonjs from 23.0.3 to 23.0.4 (#1836)
• 42b4f7f build(deps-dev): bump prettier from 2.8.0 to 2.8.1 (#1834)
• 0c986d4 build(deps-dev): bump @​types/node from 18.11.10 to 18.11.11 (#1833)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by typestack-release-bot, a new releaser for class-validator since your current version.

Updates hbs from 4.1.1 to 4.2.0

Changelog

Sourced from hbs's changelog.

4.2.0 / 2021-11-16

• Add rename option to registerPartials
• Ensure all partials are registered before rendering
• Fix function context in async helpers
• deps: walk@2.3.15

4.1.2 / 2021-04-15

• deps: handlebars@4.7.7

Commits

• 5790e5e v4.2.0
• 1ef46ee build: Node.js@16.13
• 9771a6f build: mocha@9.1.3
• e501201 build: update CI for npm TLS upgrade
• 9f1fee2 docs: fix linux build badge
• 9bd9de2 docs: add preamble to install section
• 73559c1 Add rename option to registerPartials
• 3b34543 build: Node.js@16.10
• df4fd3d build: Node.js@14.18
• e5e6e39 deps: walk@2.3.15
• Additional commits viewable in compare view

Updates html-pdf from 2.2.0 to 3.0.1

Release notes

Sourced from html-pdf's releases.

Version 3.0.1

• 🐛 Actually fix the localUrlAccess: true in #616 using marcbachmann/node-html-pdf#623 support as the option accidentally got inverted

Version 3.0.0

Changelog

• 🛡️ Prevent local file access by default using the localUrlAccess: false option
• 💥 Drop node versions older than v12

💥 Breaking Change

Prevent local file access by default to fix a security issue. Please provide the localUrlAccess: true option if you want to keep the old behavior but keep your system vulnerable to local file access.

Not sure this module is even usable without installing phantomjs manually. On linux you might need to download the executable.

The tests are running locally on macos.

Commits

• bac0f69 3.0.1
• c12d697 Invert localUrlAccess to fix https://www.npmjs.com/advisories/1095
• 7f054b6 Fix options.base example path to avoid #508
• 13b438c 3.0.0
• 296313e chore: Update circleci config
• 236a297 fix: Prevent local file access by default using the localUrlAccess: false o...
• 85e2470 chore: Add package-lock.json
• 36a551c Fixed error handling
• 4e15719 Satisfying test for TravisCI
• 9349b6f Added null checker
• Additional commits viewable in compare view

Updates @types/html-pdf from 2.2.0 to 3.0.3

Commits

• See full diff in compare view

Updates lodash from 4.17.19 to 4.17.21

Commits

• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• ded9bc6 Bump to v4.17.20.
• 63150ef Documentation fixes.
• 00f0f62 test.js: Remove trailing comma.
• 846e434 Temporarily use a custom fork of lodash-cli.
• 5d046f3 Re-enable Travis tests on 4.17 branch.
• aa816b3 Remove /npm-package.
• See full diff in compare view

Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Updates nodemailer from 6.4.11 to 6.9.9

Release notes

Sourced from nodemailer's releases.

v6.9.9

6.9.9 (2024-02-01)

Bug Fixes

• security: Fix issues described in GHSA-9h6g-pr28-7cqp. Do not use eternal matching pattern if only a few occurences are expected (dd8f5e8)
• tests: Use native node test runner, added code coverage support, removed grunt (#1604) (be45c1b)

v6.9.8

6.9.8 (2023-12-30)

Bug Fixes

• punycode: do not use native punycode module (b4d0e0c)

v6.9.7

6.9.7 (2023-10-22)

Bug Fixes

• customAuth: Do not require user and pass to be set for custom authentication schemes (fixes #1584) (41d482c)

v6.9.6

6.9.6 (2023-10-09)

Bug Fixes

• inline: Use 'inline' as the default Content Dispostion value for embedded images (db32c93)
• tests: Removed Node v12 from test matrix as it is not compatible with the test framework anymore (7fe0a60)

v6.9.5

6.9.5 (2023-09-06)

Bug Fixes

• license: Updated license year (da4744e)

Changelog

Sourced from nodemailer's changelog.

6.9.9 (2024-02-01)

Bug Fixes

• security: Fix issues described in GHSA-9h6g-pr28-7cqp. Do not use eternal matching pattern if only a few occurences are expected (dd8f5e8)
• tests: Use native node test runner, added code coverage support, removed grunt (#1604) (be45c1b)

6.9.8 (2023-12-30)

Bug Fixes

• punycode: do not use native punycode module (b4d0e0c)

6.9.7 (2023-10-22)

Bug Fixes

• customAuth: Do not require user and pass to be set for custom authentication schemes (fixes #1584) (41d482c)

6.9.6 (2023-10-09)

Bug Fixes

• inline: Use 'inline' as the default Content Dispostion value for embedded images (db32c93)
• tests: Removed Node v12 from test matrix as it is not compatible with the test framework anymore (7fe0a60)

6.9.5 (2023-09-06)

Bug Fixes

• license: Updated license year (da4744e)

6.9.4 2023-07-19

• Renamed SendinBlue to Brevo

6.9.3 2023-05-29

• Specified license identifier (was defined as MIT, actual value MIT-0)
• If SMTP server disconnects with a message, process it and include as part of the response error

6.9.2 2023-05-11

• Fix uncaught exception on invalid attachment content payload

... (truncated)

Commits

• 5a2e10f chore(master): release 6.9.9 [skip-ci] (#1606)
• dd8f5e8 fix(security): Fix issues described in GHSA-9h6g-pr28-7cqp. Do not use eterna...
• 2c2b46a chore: do not use caret in version specifier
• be45c1b fix(tests): Use native node test runner, added code coverage support, removed...
• 4233f6f chore(master): release 6.9.8 [skip-ci] (#1605)
• 09d502f chore: removed double file
• b4d0e0c fix(punycode): do not use native punycode module
• 8376c02 Test new github notice syntax for README
• bc46a3b Updated stale github action
• 78bdaf8 chore: remove redundant AWS SDK for JavaScript v2 (#1593)
• Additional commits viewable in compare view

Updates passport from 0.4.1 to 0.6.0

Changelog

Sourced from passport's changelog.

[0.6.0] - 2022-05-20

Added

• authenticate(), req#login, and req#logout accept a keepSessionInfo: true option to keep session information after regenerating the session.

Changed

• req#login() and req#logout() regenerate the the session and clear session information by default.
• req#logout() is now an asynchronous function and requires a callback function as the last argument.

Security

• Improved robustness against session fixation attacks in cases where there is physical access to the same system or the application is susceptible to cross-site scripting (XSS).

[0.5.3] - 2022-05-16

Fixed

• initialize() middleware extends request with login(), logIn(), logout(), logOut(), isAuthenticated(), and isUnauthenticated() functions again, reverting change from 0.5.1.

[0.5.2] - 2021-12-16

Fixed

• Introduced a compatibility layer for strategies that depend directly on passport@0.4.x or earlier (such as passport-azure-ad), which were broken by the removal of private variables in passport@0.5.1.

[0.5.1] - 2021-12-15

Added

• Informative error message in session strategy if session support is not available.

Changed

• authenticate() middleware, rather than initialize() middleware, extends request with login(), logIn(), logout(), logOut(), isAuthenticated(), and isUnauthenticated() functions.

[0.5.0] - 2021-09-23

Changed

• initialize() middleware extends request with login(), logIn(), logout(), logOut(), isAuthenticated(), and isUnauthenticated() functions.

... (truncated)

Commits

• c33067b 0.6.0
• 3052bb4 Update changelog.
• 42630cb Merge pull request #900 from jaredhanson/fix-fixation
• 8dd79fe Use utils-merge rather than Object.assign for compatibility.
• 4f6bd5b Change keepSessionData to keepSessionData.
• 46756e5 Silence verbose logging.
• 987b191 Add tests.
• f8a175f Add tests.
• 29a90d6 No need to guard callback existence.
• bfba8a1 Add tests.
• Additional commits viewable in compare view

Updates typeorm from 0.2.25 to 0.3.0

Release notes

Sourced from typeorm's releases.

0.3.0

Changes in the version includes changes from the next branch and typeorm@next version. They were pending their migration from 2018. Finally, they are in the master branch and master version.

Features

• compilation target now is es2020. This requires Node.JS version 14+

• TypeORM now properly works when installed within different node_modules contexts (often happen if TypeORM is a dependency of another library or TypeORM is heavily used in monorepo projects)

• Connection was renamed to DataSource. Old Connection is still there, but now it's deprecated. It will be completely removed in next version. New API:

export const dataSource = new DataSource({
    // ... options ...
})
// load entities, establish db connection, sync schema, etc.
await dataSource.connect()

Previously, you could use new Connection(), createConnection(), getConnectionManager().create(), etc. They all deprecated in favour of new syntax you can see above.

New way gives you more flexibility and simplicity in usage.

• new custom repositories syntax:

export const UserRepository = myDataSource.getRepository(UserEntity).extend({
    findUsersWithPhotos() {
        return this.find({
            relations: {
                photos: true
            }
        })
    }
})

Old ways of custom repository creation were dropped.

• added new option on relation load strategy called relationLoadStrategy. Relation load strategy is used on entity load and determines how relations must be loaded when you query entities and their relations from the database. Used on find* methods and QueryBuilder. Value can be set to join or query.

  • join - loads relations using SQL JOIN expression

... (truncated)

Changelog

Sourced from typeorm's changelog.

0.3.0 (2022-03-17)

Changes in the version includes changes from the next branch and typeorm@next version. They were pending their migration from 2018. Finally, they are in the master branch and master version.

Features

• compilation target now is es2020. This requires Node.JS version 14+

• TypeORM now properly works when installed within different node_modules contexts (often happen if TypeORM is a dependency of another library or TypeORM is heavily used in monorepo projects)

• Connection was renamed to DataSource. Old Connection is still there, but now it's deprecated. It will be completely removed in next version. New API:

export const dataSource = new DataSource({
    // ... options ...
})
// load entities, establish db connection, sync schema, etc.
await dataSource.connect()

Previously, you could use new Connection(), createConnection(), getConnectionManager().create(), etc. They all deprecated in favour of new syntax you can see above.

New way gives you more flexibility and simplicity in usage.

• new custom repositories syntax:

export const UserRepository = myDataSource.getRepository(UserEntity).extend({
    findUsersWithPhotos() {
        return this.find({
            relations: {
                photos: true,
            },
        })
    },
})

Old ways of custom repository creation were dropped.

• added new option on relation load strategy called relationLoadStrategy. Relation load strategy is used on entity load and determines how relations must be loaded when you query entities and their relations from the database. Used on find* methods and QueryBuilder. Value can be set to join or query.

... (truncated)

Commits

• 941b584 version bump
• 3b8a031 0.3.0 (#8616)
• 5608956 refactor: remove spaces for consistency (#8751)
• 486f8c5 version bump
• 0fc093d fix: discard duplicated columns on update (#8724)
• f3cfdd2 fix: allow clearing database inside a transaction (#8712)
• 96ac8f7 feat: add transformer to ViewColumnOptions (#8717)
• 32549fe refactor: DefaultNamingStrategy#getTableName should be protected, not private...
• 411fa54 fix: force web bundlers to ignore index.mjs and use the browser ESM version d...
• 10f46d9 fixing failing test
• Additional commits viewable in compare view

Updates @babel/traverse from 7.10.4 to 7.24.5

Release notes

Sourced from @​babel/traverse's releases.

v7.24.5 (2024-04-29)

Thanks @​romgrk and @​sossost for your first PRs!

🐛 Bug Fix

• babel-plugin-transform-classes, babel-traverse
  • #16377 fix: TypeScript annotation affects output (@​liuxingbaoyu)
• babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3
  • #16440 Fix suppressed error order (@​sossost)
  • #16408 Await nullish async disposable (@​JLHwung)

💅 Polish

• babel-parser
  • #16407 Recover from exported using declaration (@​JLHwung)

🏠 Internal

• Other
  • #16414 Relax ESLint peerDependency constraint to allow v9 (@​liuxingbaoyu)
• babel-parser
  • #16425 Improve @babel/parser AST types (@​nicolo-ribaudo)
  • #16417 Always pass type argument to .startNode (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-helper-module-transforms, babel-helper-split-export-declaration, babel-helper-wrap-function, babel-helpers, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-block-scoping, babel-plugin-transform-destructuring, babel-plugin-transform-object-rest-spread, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx-self, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-traverse
  • #16439 Make NodePath<T | U> distributive (@​nicolo-ribaudo)
• babel-plugin-proposal-partial-application, babel-types
  • #16421 Remove JSXNamespacedName from valid CallExpression args (@​nicolo-ribaudo)
• babel-plugin-transform-class-properties, babel-preset-env
  • #16406 Do not load unnecessary Babel 7 syntax plugins in Babel 8 (@​nicolo-ribaudo)

🏃‍♀️ Performance

• babel-helpers, babel-preset-env, babel-runtime-corejs3
  • #16357 Performance: improve objectWithoutPropertiesLoose on V8 (@​romgrk)

Committers: 6

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• Rom Grk (@​romgrk)
• @​liuxingbaoyu
• ynnsuis (@​sossost)

v7.24.4 (2024-04-03)

Thanks @​Dunqing, @​luiscubal, and @​samualtnorman for your first PRs!

👓 Spec Compliance

• babel-parser
  • #16403 Forbid initializerless using (@​JLHwung)
• babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
  • #16388 Ensure decorators are callable (@​JLHwung)

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.24.5 (2024-04-29)

🐛 Bug Fix

• babel-plugin-transform-classes, babel-traverse
  • #16377 fix: TypeScript annotation affects output (@​liuxingbaoyu)
• babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3
  • #16440 Fix suppressed error order (@​sossost)
  • #16408 Await nullish async disposable (@​JLHwung)

💅 Polish

• babel-parser
  • #16407 Recover from exported using declaration (@​JLHwung)

🏠 Internal

• Other
  • #16414 Relax ESLint peerDependency constraint to allow v9 (@​liuxingbaoyu)
• babel-parser
  • #16425 Improve @babel/parser AST types (@​nicolo-ribaudo)
  • #16417 Always pass type argument to .startNode (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-helper-module-transforms, babel-helper-split-export-declaration, babel-helper-wrap-function, babel-helpers, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-block-scoping, babel-plugin-transform-destructuring, babel-plugin-transform-object-rest-spread, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx-self, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-traverse
  • #16439 Make NodePath<T | U> distributive (@​nicolo-ribaudo)
• babel-plugin-proposal-partial-application, babel-types
  • #16421 Remove JSXNamespacedName from valid CallExpression args (@​nicolo-ribaudo)
• babel-plugin-transform-class-properties, babel-preset-env
  • #16406 Do not load unnecessary Babel 7 syntax plugins in Babel 8 (@​nicolo-ribaudo)

🏃‍♀️ Performance

• babel-helpers, babel-preset-env, babel-runtime-corejs3
  • #16357 Performance: improve objectWithoutPropertiesLoose on V8 (@​romgrk)

v7.24.4 (2024-04-03)

👓 Spec Compliance

• babel-parser
  • #16403 Forbid initializerless using (@​JLHwung)
• babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
  • #16388 Ensure decorators are callable (@​JLHwung)

🐛 Bug Fix

• babel-generator
  • #16402 fix: Correctly prints { [key in Bar]? } (@​liuxingbaoyu)
  • #16394 fix: Correctly generate TSMappedType (@​liuxingbaoyu)
• babel-compat-data, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-preset-env
  • #16390 Create bugfix plugin for classes in computed keys in Firefox (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • #16387 fix: support mutated outer decorated class binding (@​JLHwung)
  • #16385 fix: Decorators when super() exists and protoInit is not needed (@​liuxingbaoyu)
• babel-plugin-transform-block-scoping
  • #16384 fix: Transform scoping for for X in loop (@​liuxingbaoyu)
  • #16368 fix: Capture let when the for body is not a block (@​liuxingbaoyu)
• babel-core, babel-plugin-transform-block-scoped-functions, babel-plugin-transform-block-scoping

... (truncated)

Commits

• ddbea7d v7.24.5
• e779cad fix: TypeScript annotation affects output (#16377)
• ee48754 Use multiple TypeScript projects (#16430)
• 4d8b2d0 Make NodePath\<T | U> distributive (#16439)
• a84ec28 Enable eqeqeq rule (#16404)
• 822b025 v7.24.1
• fc0d5ad Update typescript and lint tools (#16351)
• 69e7928 Consider well-known and registered symbols as literals (#16342)
• 40110e9 Update source map deps (#16327)
• ce59160 v7.24.0
• Additional commits viewable in compare view

Updates browserify-sign from 4.2.0 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

• [patch] widen support to 0.12 9247adf
• [patch] drop minimum node support to v1 4d0ee49
• [Dev Deps] update aud, npmignore, tape 87f3a35
• [actions] remove redundant finisher 37a4758
• [Deps] pin hash-base to ~3.0, due to a breaking change 9e2bf12
• [Deps] update parse-asn1 [f427270`](browserify/browserify-sign@f427270)
• [Deps] update elliptic fb261ce
• [Deps] pin elliptic due to a breaking change 168e16f

v4.2.2 - 2023-10-25

Fixed

• [Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

• Only apps should have lockfiles 09a8995
• [eslint] switch to eslint 83fe463
• [meta] add npmignore and auto-changelog 4418183
• [meta] fix package.json indentation 9ac5a5e
• [Tests] migrate from travis to github actions d845d85
• [Fix] sign: throw on unsupported padding scheme 8767739
• [Fix] properly check the upper bound for DSA signatures 85994cd
• [Tests] handle openSSL not supporting a scheme f5f17c2
• [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
• [Dev Deps] update nyc, standard, tape cc5350b
• [Tests] always run coverage; downgrade nyc 75ce1d5
• [meta] add safe-publish-latest dcf49ce
• [Tests] add npm run posttest 75dd8fd
• [Dev Deps] update tape 3aec038
• [Tests] skip unsupported schemes 703c83e
• [Tests] node < 6 lacks array includes