chore(deps): bump the npm_and_yarn group across 1 directory with 10 updates #9

dependabot · 2024-04-03T18:20:02Z

Bumps the npm_and_yarn group with 10 updates in the / directory:

Package	From	To
@apollo/experimental-nextjs-app-support	`0.5.2`	`0.7.0`
axios	`1.6.7`	`1.6.8`
express	`4.18.2`	`4.19.2`
es5-ext	`0.10.62`	`0.10.64`
follow-redirects	`1.15.5`	`1.15.6`
ip	`2.0.0`	`2.0.1`
jose	`4.15.4`	`4.15.5`
undici	`5.28.2`	`5.28.4`
vite	`5.0.12`	`5.2.8`
webpack-dev-middleware	`5.3.3`	`5.3.4`

Updates @apollo/experimental-nextjs-app-support from 0.5.2 to 0.7.0

Release notes

Sourced from @apollo/experimental-nextjs-app-support's releases.

0.7.0: important security fix

This version fixes CVE-2024-23841.
You can see more details in the security advisory.

There are no known workarounds for this issue, please update immediately.

0.6.0: reduced bundle size and "nonce" support

This release reduces the bundle size by changing an import from graphql. (#161)

It also adds support for a "nonce" in the script tags created by this package, by introducing a new extraScriptProps option. (#160)

Usage example:
    <ApolloNextAppProvider
      makeClient={makeClient}
      extraScriptProps={{
        nonce: actualNonce,
      }}
    >{...}</ApolloNextAppProvider>
As you should not pass a sensitive value like a nonce or a token as props from a Server Component into a Client Component, you can use the ssr-only-secrets we published for that purpose.

Generate a jwk-formatted AES-CBC key (see details in the linked package) and set it as an environment variable, e.g. "SECRET_KEY_VAR"

In a Server Component:
import { cloakSSROnlySecret } from "ssr-only-secrets";
const MyServerComponent = () => {
const nonce = headers().get('x-nonce')
return <ApolloWrapper nonce={cloakSSROnlySecret(nonce, "SECRET_KEY_VAR")} />
}
In your ApolloWrapper:
export function ApolloWrapper({
  children,
  nonce,
}: React.PropsWithChildren<{ nonce?: string }>) {
// other code, e.g. makeClient
const actualNonce = useSSROnlySecret(nonce, "SECRET_KEY_VAR");
return (
<ApolloNextAppProvider
makeClient={makeClient}
extraScriptProps={{
nonce: actualNonce,
</tr></table>

... (truncated)

Commits

b92bc42 Merge pull request from GHSA-rv8p-rr2h-fgpg
4271a8c feat: adds user survey workflow and link in README (#180)
99acf6a chore(deps): update dependency next to v14.1.0 (#177)
2adedfa chore(deps): update all devdependencies (#172)
bf8af08 Merge pull request #173 from apollographql/renovate/major-all-dev
6b7d50a Merge branch 'main' into renovate/major-all-dev
3d8ff60 also add & configure eslint-plugin-react-hooks
2976a0c chore(deps): update secops orb to v2.0.7 (#176)
745bda7 chore(deps): update all devdependencies to v6
4930d28 feat: SECOPS-2525 - add semgrep job (#174)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by apollo-bot, a new releaser for @apollo/experimental-nextjs-app-support since your current version.

Updates axios from 1.6.7 to 1.6.8

Release notes

Sourced from axios's releases.

Release v1.6.8

Release notes:

Bug Fixes

AxiosHeaders: fix AxiosHeaders conversion to an object during config merging (#6243) (2656612)

import: use named export for EventEmitter; (7320430)

vulnerability: update follow-redirects to 1.15.6 (#6300) (8786e0f)

Contributors to this release

Jay

Dmitriy Mozgovoy

Mitchell

Emmanuel

Lucas Keller

Aditya Mogili

Miroslav Petrov

Changelog

Sourced from axios's changelog.

1.6.8 (2024-03-15)

Bug Fixes

AxiosHeaders: fix AxiosHeaders conversion to an object during config merging (#6243) (2656612)

import: use named export for EventEmitter; (7320430)

vulnerability: update follow-redirects to 1.15.6 (#6300) (8786e0f)

Contributors to this release

Jay

Dmitriy Mozgovoy

Mitchell

Emmanuel

Lucas Keller

Aditya Mogili

Miroslav Petrov

Commits

ab3f0f9 chore(release): v1.6.8 (#6303)
2656612 fix(AxiosHeaders): fix AxiosHeaders conversion to an object during config mer...
7320430 fix(import): use named export for EventEmitter;
8786e0f fix(vulnerability): update follow-redirects to 1.15.6 (#6300)
d844227 chore: update and bump deps (#6238)
caa0625 docs: update README responseEncoding types (#6194)
41c4584 docs: Update README.md to point to current axios version in CDN links (#6196)
bf6974f chore(ci): add npm tag action; (#6231)
See full diff in compare view

Updates express from 4.18.2 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

Fix ci after location patch by @wesleytodd in expressjs/express#5552

fixed un-edited version in history.md for 4.19.0 by @wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

fix typo in release date by @UlisesGascon in expressjs/express#5527

docs: nominating @wesleytodd to be project captian by @wesleytodd in expressjs/express#5511

docs: loosen TC activity rules by @wesleytodd in expressjs/express#5510

Add note on how to update docs for new release by @crandmck in expressjs/express#5541

Prevent open redirect allow list bypass due to encodeurl

Release 4.19.0 by @wesleytodd in expressjs/express#5551

New Contributors

@crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

Fix routing requests without method

deps: body-parser@1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: raw-body@2.5.2

Other Changes

Use https: protocol instead of deprecated git: protocol by @vcsjones in expressjs/express#5032

build: Node.js@16.18 and Node.js@18.12 by @abenhamdine in expressjs/express#5034

ci: update actions/checkout to v3 by @armujahid in expressjs/express#5027

test: remove unused function arguments in params by @raksbisht in expressjs/express#5124

Remove unused originalIndex from acceptParams by @raksbisht in expressjs/express#5119

Fixed typos by @raksbisht in expressjs/express#5117

examples: remove unused params by @raksbisht in expressjs/express#5113

fix: parameter str is not described in JSDoc by @raksbisht in expressjs/express#5130

fix: typos in History.md by @raksbisht in expressjs/express#5131

build : add Node.js@19.7 by @abenhamdine in expressjs/express#5028

test: remove unused function arguments in params by @raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: cookie@0.6.0

4.18.3 / 2024-02-29

Fix routing requests without method

deps: body-parser@1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: raw-body@2.5.2

deps: cookie@0.6.0

Add partitioned option

Commits

04bc627 4.19.2
da4d763 Improved fix for open redirect allow list bypass
4f0f6cc 4.19.1
a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
a1fa90f fixed un-edited version in history.md for 4.19.0
11f2b1d build: fix build due to inconsistent supertest behavior in older versions
084e365 4.19.0
0867302 Prevent open redirect allow list bypass due to encodeurl
567c9c6 Add note on how to update docs for new release (#5541)
69a4cf2 deps: cookie@0.6.0
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates es5-ext from 0.10.62 to 0.10.64

Release notes

Sourced from es5-ext's releases.

0.10.64 (2024-02-27)

Bug Fixes

Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

Comparison since last release

0.10.63 (2024-02-23)

Bug Fixes

Do not rely on problematic regex (3551cdd), addresses #201

Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021

Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

Simplify the manifest message (7855319)

Comparison since last release

Changelog

Sourced from es5-ext's changelog.

0.10.64 (2024-02-27)

Bug Fixes

Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

0.10.63 (2024-02-23)

Bug Fixes

Do not rely on problematic regex (3551cdd), addresses #201

Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021

Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

Simplify the manifest message (7855319)

Commits

f76b03d chore: Release v0.10.64
2881acd chore: Bump dependencies
c2e2bb9 fix: Revert update meant to fix Powershell issue, as it's a regression
16f2b72 docs: Fix date in the changelog
de4e03c chore: Release v0.10.63
3fd53b7 chore: Upgrade lint-staged to v13
bf8ed79 chore: Ensure postinstall script does not crash on Windows
2cbbb07 chore: Bump dependencies
22d0416 chore: Bump LICENSE year
a52e957 fix: Support ES2015+ function definitions in function#toStringTokens()
Additional commits viewable in compare view

Updates follow-redirects from 1.15.5 to 1.15.6

Commits

35a517c Release version 1.15.6 of the npm package.
c4f847f Drop Proxy-Authorization across hosts.
8526b4a Use GitHub for disclosure.
See full diff in compare view

Updates ip from 2.0.0 to 2.0.1

Commits

3b0994a 2.0.1
32f468f lib: fixed CVE-2023-42282 and added unit test
See full diff in compare view

Updates jose from 4.15.4 to 4.15.5

Release notes

Sourced from jose's releases.

v4.15.5

Fixes

add a maxOutputLength option to zlib inflate (1b91d88), fixes CVE-2024-28176

Changelog

Sourced from jose's changelog.

4.15.5 (2024-03-07)

Fixes

add a maxOutputLength option to zlib inflate (1b91d88)

Commits

765aafd chore(release): 4.15.5
b36e45e test: add export check to x509 pem import tests
e839ecb test: stop testing JWE RSA1_5 Algorithm
1b91d88 fix: add a maxOutputLength option to zlib inflate
9ca2b24 build: remove release action
f3035d8 chore: cleanup after release
See full diff in compare view

Updates undici from 5.28.2 to 5.28.4

Release notes

Sourced from undici's releases.

v5.28.4

⚠️ Security Release ⚠️

Fixes GHSA-m4v8-wqvr-p9f7 CVE-2024-30260

Fixes GHSA-9qxr-qj54-h672 CVE-2024-30261

Full Changelog: nodejs/undici@v5.28.3...v5.28.4

v5.28.3

⚠️ Security Release ⚠️

Fixes:

CVE-2024-24758 Proxy-Authorization header not cleared on cross-origin redirect in fetch

Full Changelog: nodejs/undici@v5.28.2...v5.28.3

Commits

fb98306 Bumped v5.28.4
2b39440 Merge pull request from GHSA-9qxr-qj54-h672
64e3402 Merge pull request from GHSA-m4v8-wqvr-p9f7
723c4e7 Revert "build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 (#2389)"
0e9d54b skip failing test due to Node.js changes
e71cb4c Bumped v5.28.3
20c65b8 Fix tests for Node.js v20.11.0 (#2618)
8ec52cd Fix tests for Node.js v21 (#2609)
d3aa574 Merge pull request from GHSA-3787-6prv-h9w3
See full diff in compare view

Updates vite from 5.0.12 to 5.2.8

Release notes

Sourced from vite's releases.

create-vite@5.2.3

Please refer to CHANGELOG.md for details.

create-vite@5.2.2

Please refer to CHANGELOG.md for details.

create-vite@5.2.1

Please refer to CHANGELOG.md for details.

create-vite@5.2.0

Please refer to CHANGELOG.md for details.

create-vite@5.1.0

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

5.2.8 (2024-04-03)

fix: csp nonce injection when no closing tag (#16281) (#16282) (3c85c6b), closes #16281 #16282

fix: do not access document in /@vite/client when not defined (#16318) (646319c), closes #16318

fix: fix sourcemap when using object as define value (#15805) (445c4f2), closes #15805

fix(css): unknown file error happened with lightningcss (#16306) (01af308), closes #16306

fix(hmr): multiple updates happened when invalidate is called while multiple tabs open (#16307) (21cc10b), closes #16307

fix(scanner): duplicate modules for same id if glob is used in html-like types (#16305) (eca68fa), closes #16305

chore(deps): update all non-major dependencies (#16325) (a78e265), closes #16325

refactor: use types from sass instead of @types/sass (#16340) (4581e83), closes #16340

5.2.7 (2024-03-29)

chore: deprecate splitVendorChunkPlugin (#16274) (45a06da), closes #16274

fix: skip injecting __vite__mapDeps when it's not used (#16271) (890538a), closes #16271

fix(deps): update all non-major dependencies (#16258) (7caef42), closes #16258

fix(hmr): don't mutate module graph when collecting modules (#16302) (dfffea1), closes #16302

fix(hmr): trigger hmr for missing file import errored module after file creation (#16303) (ffedc06), closes #16303

fix(sourcemap): don't warn even if the sourcesContent is an empty string (#16273) (24e376a), closes #16273

feat(hmr): reload when HTML file is created/deleted (#16288) (1f53796), closes #16288

5.2.6 (2024-03-24)

fix: fs.deny with globs with directories (#16250) (ba5269c), closes #16250

5.2.5 (2024-03-24)

fix: avoid SSR requests in waitForRequestIdle (#16246) (7093f77), closes #16246

docs: clarify enforce vs hook.order (#16226) (3a73e48), closes #16226

5.2.4 (2024-03-23)

fix: dont resolve imports with malformed URI (#16244) (fbf69d5), closes #16244

5.2.3 (2024-03-22)

fix: handle warmup request error correctly (#16223) (d7c5256), closes #16223

fix: skip encode if is data uri (#16233) (8617e76), closes #16233

fix(optimizer): fix optimizeDeps.include glob syntax for ./* exports (#16230) (f184c80), closes #16230

fix(runtime): fix sourcemap with prepareStackTrace (#16220) (dad7f4f), closes #16220

... (truncated)

Commits

8b8d402 release: v5.2.8
646319c fix: do not access document in /@vite/client when not defined (#16318)
445c4f2 fix: fix sourcemap when using object as define value (#15805)
a78e265 chore(deps): update all non-major dependencies (#16325)
4581e83 refactor: use types from sass instead of @types/sass (#16340)
3c85c6b fix: csp nonce injection when no closing tag (#16281) (#16282)
21cc10b fix(hmr): multiple updates happened when invalidate is called while multiple ...
01af308 fix(css): unknown file error happened with lightningcss (#16306)
eca68fa fix(scanner): duplicate modules for same id if glob is used in html-like type...
ad246da release: v5.2.7
Additional commits viewable in compare view

Updates webpack-dev-middleware from 5.3.3 to 5.3.4

Release notes

Sourced from webpack-dev-middleware's releases.

v5.3.4

5.3.4 (2024-03-20)

Bug Fixes

security: do not allow to read files above (#1779) (189c4ac)

Changelog

Sourced from webpack-dev-middleware's changelog.

5.3.4 (2024-03-20)

Bug Fixes

security: do not allow to read files above (#1779) (189c4ac)

Commits

86071ea chore(release): 5.3.4
189c4ac fix(security): do not allow to read files above (#1779)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

…pdates Bumps the npm_and_yarn group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@apollo/experimental-nextjs-app-support](https://github.com/apollographql/apollo-client-nextjs) | `0.5.2` | `0.7.0` | | [axios](https://github.com/axios/axios) | `1.6.7` | `1.6.8` | | [express](https://github.com/expressjs/express) | `4.18.2` | `4.19.2` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.62` | `0.10.64` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.15.5` | `1.15.6` | | [ip](https://github.com/indutny/node-ip) | `2.0.0` | `2.0.1` | | [jose](https://github.com/panva/jose) | `4.15.4` | `4.15.5` | | [undici](https://github.com/nodejs/undici) | `5.28.2` | `5.28.4` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.0.12` | `5.2.8` | | [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `5.3.3` | `5.3.4` | Updates `@apollo/experimental-nextjs-app-support` from 0.5.2 to 0.7.0 - [Release notes](https://github.com/apollographql/apollo-client-nextjs/releases) - [Commits](apollographql/apollo-client-nextjs@v0.5.2...v.0.7.0) Updates `axios` from 1.6.7 to 1.6.8 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v1.6.7...v1.6.8) Updates `express` from 4.18.2 to 4.19.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.19.2) Updates `es5-ext` from 0.10.62 to 0.10.64 - [Release notes](https://github.com/medikoo/es5-ext/releases) - [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md) - [Commits](medikoo/es5-ext@v0.10.62...v0.10.64) Updates `follow-redirects` from 1.15.5 to 1.15.6 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.5...v1.15.6) Updates `ip` from 2.0.0 to 2.0.1 - [Commits](indutny/node-ip@v2.0.0...v2.0.1) Updates `jose` from 4.15.4 to 4.15.5 - [Release notes](https://github.com/panva/jose/releases) - [Changelog](https://github.com/panva/jose/blob/v4.15.5/CHANGELOG.md) - [Commits](panva/jose@v4.15.4...v4.15.5) Updates `undici` from 5.28.2 to 5.28.4 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v5.28.2...v5.28.4) Updates `vite` from 5.0.12 to 5.2.8 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.2.8/packages/vite) Updates `webpack-dev-middleware` from 5.3.3 to 5.3.4 - [Release notes](https://github.com/webpack/webpack-dev-middleware/releases) - [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md) - [Commits](webpack/webpack-dev-middleware@v5.3.3...v5.3.4) --- updated-dependencies: - dependency-name: "@apollo/experimental-nextjs-app-support" dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: axios dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: express dependency-type: direct:production dependency-group: npm_and_yarn-security-group - dependency-name: es5-ext dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: ip dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: jose dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: undici dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: vite dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: webpack-dev-middleware dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2024-04-11T14:27:16Z

Superseded by #11.

dependabot bot added the dependencies Pull requests that update a dependency file label Apr 3, 2024

This was referenced Apr 3, 2024

chore(deps): bump the npm_and_yarn group across 1 directories with 5 updates #5

Closed

chore(deps): bump the npm_and_yarn group across 1 directory with 8 updates #8

Closed

dependabot bot closed this Apr 11, 2024

dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-security-group-9480da0d42 branch April 11, 2024 14:27

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the npm_and_yarn group across 1 directory with 10 updates #9

chore(deps): bump the npm_and_yarn group across 1 directory with 10 updates #9

dependabot bot commented on behalf of github Apr 3, 2024

dependabot bot commented on behalf of github Apr 11, 2024

chore(deps): bump the npm_and_yarn group across 1 directory with 10 updates #9

chore(deps): bump the npm_and_yarn group across 1 directory with 10 updates #9

Conversation

dependabot bot commented on behalf of github Apr 3, 2024

0.7.0: important security fix

0.6.0: reduced bundle size and "nonce" support

Release v1.6.8

Release notes:

Bug Fixes

Contributors to this release

1.6.8 (2024-03-15)

Bug Fixes

Contributors to this release

4.19.2

What's Changed

4.19.1

What's Changed

4.19.0

What's Changed

New Contributors

4.18.3

Main Changes

Other Changes

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

0.10.64 (2024-02-27)

Bug Fixes

0.10.63 (2024-02-23)

Bug Fixes

Maintenance Improvements

0.10.64 (2024-02-27)

Bug Fixes

0.10.63 (2024-02-23)

Bug Fixes

Maintenance Improvements

v4.15.5

Fixes

4.15.5 (2024-03-07)

Fixes

v5.28.4

⚠️ Security Release ⚠️

v5.28.3

⚠️ Security Release ⚠️

create-vite@5.2.3

create-vite@5.2.2

create-vite@5.2.1

create-vite@5.2.0

create-vite@5.1.0

5.2.8 (2024-04-03)

5.2.7 (2024-03-29)

5.2.6 (2024-03-24)

5.2.5 (2024-03-24)

5.2.4 (2024-03-23)

5.2.3 (2024-03-22)

v5.3.4

5.3.4 (2024-03-20)

Bug Fixes

5.3.4 (2024-03-20)

Bug Fixes

dependabot bot commented on behalf of github Apr 11, 2024