Bump lodash, babel-core, babel-loader and http-proxy-middleware by dependabot[bot] · Pull Request #21 · OpsMx/dockerswarm-ssdmay

dependabot · 2026-01-23T20:59:53Z

Bumps lodash, babel-core, babel-loader and http-proxy-middleware. These dependencies needed to be updated together.
Updates lodash from 4.17.21 to 4.17.23

Commits

dec55b7 Bump main to v4.17.23 (#6088)
19c9251 fix: setCacheHas JSDoc return type should be boolean (#6071)
b5e6729 jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (#6062)
edadd45 Prevent prototype pollution on baseUnset function
4879a7a doc: fix autoLink function, conversion of source links (#6056)
9648f69 chore: remove yarn.lock file (#6053)
dfa407d ci: remove legacy configuration files (#6052)
156e196 feat: add renovate setup (#6039)
933e106 ci: add pipeline for Bun (#6023)
072a807 docs: update links related to Open JS Foundation (#5968)
Additional commits viewable in compare view

Updates babel-core from 5.8.38 to 6.26.3

Commits

d8be710 v6.26.3
a8ddf5e Only convert input mappings if we get mappings from Babel
280cfed v6.26.2
6fa027e Merge pull request #7812 from loganfsmyth/backported-sourcemap-changes
c8b4c28 Implement minNodeVersion for babel-cli tests too.
753c2af Disable 2 tests on Node 0.10
ae43e06 Backport minNodeVersion test option from #5765 for 6.x
e72cf66 Fix Babel 6 builds on Node 0.10
80f433a Backport #7761 for 6.x
7360a30 Backport #7312 for 6.x
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by loganfsmyth, a new releaser for babel-core since your current version.

Updates babel-loader from 5.4.2 to 10.0.0

Release notes

Sourced from babel-loader's releases.

v10.0.0

What's Changed

Breaking Changes

bump node requirement to ^18.20.0 || ^20.10.0 || >=22.0.0 and webpack requirement to >= 5.61.0 by @JLHwung in babel/babel-loader#1026

breaking: use output.hashFunction as loader cache hasher by @JLHwung in babel/babel-loader#1027

New Features

Add babel-loader logger by @JLHwung in babel/babel-loader#1034

Support cache with external dependencies by @JLHwung in babel/babel-loader#1033

Bug Fixes

[Bugfix] Ensure stability of filename cache-keys by @stefanpenner in babel/babel-loader#909

Docs

docs: clarify that cacheIdentifier is computed from the merged options by @JLHwung in babel/babel-loader#1000

Create SECURITY.md by @JLHwung in babel/babel-loader#1032

Add babel-loader v10 readme by @JLHwung in babel/babel-loader#1046

add readme section for loggingDebug support by @JLHwung in babel/babel-loader#1038

Update readme and repo templates by @JLHwung in babel/babel-loader#1041

Dependencies

migrate to c8 by @JLHwung in babel/babel-loader#996

Bump word-wrap from 1.2.3 to 1.2.4 by @dependabot in babel/babel-loader#998

Bump dev dependencies by @JLHwung in babel/babel-loader#1001

Bump braces from 3.0.2 to 3.0.3 by @dependabot in babel/babel-loader#1020

Update deps by @JLHwung in babel/babel-loader#1025

refactor: replace find-cache-dir by find-up by @JLHwung in babel/babel-loader#1031

Bump webpack from 5.93.0 to 5.94.0 by @dependabot in babel/babel-loader#1035

chore: update dev deps by @JLHwung in babel/babel-loader#1036

Bump cross-spawn from 7.0.3 to 7.0.6 by @dependabot in babel/babel-loader#1049

Internal

Remove caller option check by @JLHwung in babel/babel-loader#1007

Update tests by @JLHwung in babel/babel-loader#1003

Update metadata test by @JLHwung in babel/babel-loader#1024

Migrate to node test runner by @JLHwung in babel/babel-loader#1028

chore: use default eslint rules by @JLHwung in babel/babel-loader#1029

refactor: use webpack builtin schema util by @JLHwung in babel/babel-loader#1030

New Contributors

@stefanpenner made their first contribution in babel/babel-loader#909

Full Changelog: babel/babel-loader@v9.1.3...v10.0.0

v9.2.1

What's Changed

Avoid error on missing getLogger by @nicolo-ribaudo in babel/babel-loader#1045

... (truncated)

Changelog

Sourced from babel-loader's changelog.

Changelog

For changes in version v7.0.0 and up please go to release

Old Changelog

v6.4.1

🐛 Bug Fix

Fixed reset of BABEL_ENV when options.forceEnv is used (#420) @nikopavlica

v6.4.0

🚀 New Feature

added metadata passing from babel to webpack, which is currently used by react-intl (#398) @Ognian

v6.3.2

😢 Regression

forceEnv was interfering with regular environment handling

v6.3.1

🐛 Bug Fix

The new forceEnv options wasn't working as expected (#379) @chrisvasz

v6.3.0

🚀 New Feature

Add new config option forceEnv (#368) @moimael

Allow to override BABEL_ENV/NODE_ENV at loader-level. Useful for isomorphic applications which have separate babel config for client and server.

🐛 Bug Fix

Update loader-utils dependency to ^0.2.16 to fix compatibility with webpack 2 (#371) @leonaves

💅 Polish

Improve FS caching to do less sync calls which improves performance slightly (#375) @akx

v6.2.10

Support for webpack 2.2-rc has been added in this release

... (truncated)

Commits

10456d3 10.0.0
5a223cf Add babel-loader v10 readme (#1046)
8f88667 Bump cross-spawn from 7.0.3 to 7.0.6 (#1049)
f765949 Update readme and repo templates (#1041)
b582028 add readme section for loggingDebug support (#1038)
a0c450d feat: add babel-loader debug logger (#1034)
d4181b8 Support cache with external dependencies (#1033)
7fcb533 chore: update dev deps (#1036)
c2a90e5 Bump webpack from 5.93.0 to 5.94.0 (#1035)
70a3710 refactor: replace find-cache-dir by find-up (#1031)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by nicolo-ribaudo, a new releaser for babel-loader since your current version.

Updates http-proxy-middleware from 0.9.1 to 3.0.5

Release notes

Sourced from http-proxy-middleware's releases.

v3.0.5

What's Changed

fix(fixRequestBody): check readableLength by @chimurai in chimurai/http-proxy-middleware#1096

chore(package): v3.0.5 by @chimurai in chimurai/http-proxy-middleware#1098

Full Changelog: chimurai/http-proxy-middleware@v3.0.4...v3.0.5

v3.0.4

What's Changed

chore(package): bump dev dependencies by @chimurai in chimurai/http-proxy-middleware#1045

chore(package): update yarn.lock by @chimurai in chimurai/http-proxy-middleware#1046

docs(readme): fix example code syntax error by @17hz in chimurai/http-proxy-middleware#1014

chore(package): bump express to v4.21.1 by @chimurai in chimurai/http-proxy-middleware#1047

chore(examples): update yarn.lock by @chimurai in chimurai/http-proxy-middleware#1048

chore(package): bump dev deps by @chimurai in chimurai/http-proxy-middleware#1059

chore(package): bump dev dependencies by @chimurai in chimurai/http-proxy-middleware#1060

chore(package): bump dev dependencies by @chimurai in chimurai/http-proxy-middleware#1074

ci(github-actions): pipeline improvements by @chimurai in chimurai/http-proxy-middleware#1082

feat(types): export Plugin type by @oktapodia in chimurai/http-proxy-middleware#1071

fix(fixRequestBody): support multipart/form-data by @JS-mark in chimurai/http-proxy-middleware#896

chore(package.json): bump dev deps by @chimurai in chimurai/http-proxy-middleware#1083

ci(package): patch http-proxy by @chimurai in chimurai/http-proxy-middleware#1084

ci(pkg-pr-new): publish package for testing purposes by @chimurai in chimurai/http-proxy-middleware#1085

build(patch-package): run patch-package in 'development' only by @chimurai in chimurai/http-proxy-middleware#1086

chore(examples): update next deps by @chimurai in chimurai/http-proxy-middleware#1087

ci(github-actions): update spellcheck config by @chimurai in chimurai/http-proxy-middleware#1088

fix(websocket): handle errors in handleUpgrade by @nwalters512 in chimurai/http-proxy-middleware#823

fix(fixRequestBody): prevent multiple .write() calls by @chimurai in chimurai/http-proxy-middleware#1089

fix(fixRequestBody): handle invalid request by @chimurai in chimurai/http-proxy-middleware#1092

docs(CHANGELOG): update changelog by @chimurai in chimurai/http-proxy-middleware#1093

chore(package): v3.0.4 by @chimurai in chimurai/http-proxy-middleware#1095

New Contributors

@17hz made their first contribution in chimurai/http-proxy-middleware#1014

@oktapodia made their first contribution in chimurai/http-proxy-middleware#1071

@JS-mark made their first contribution in chimurai/http-proxy-middleware#896

@nwalters512 made their first contribution in chimurai/http-proxy-middleware#823

Full Changelog: chimurai/http-proxy-middleware@v3.0.3...v3.0.4

v3.0.3

What's Changed

fix(pathFilter): handle errors by @chimurai in chimurai/http-proxy-middleware#1043

chore(package): v3.0.3 by @chimurai in chimurai/http-proxy-middleware#1044

Full Changelog: chimurai/http-proxy-middleware@v3.0.2...v3.0.3

v3.0.2

... (truncated)

Changelog

Sourced from http-proxy-middleware's changelog.

v3.0.5

fix(fixRequestBody): check readableLength (#1096)

v3.0.4

fix(fixRequestBody): handle invalid request (#1092)

fix(fixRequestBody): prevent multiple .write() calls (#1089)

fix(websocket): handle errors in handleUpgrade (#823)

ci(package): patch http-proxy (#1084)

fix(fixRequestBody): support multipart/form-data (#896)

feat(types): export Plugin type (#1071)

v3.0.3

fix(pathFilter): handle errors

v3.0.2

refactor(dependency): replace is-plain-obj with is-plain-object (#1031)

chore(package): upgrade to eslint v9 (#1032)

fix(logger-plugin): handle undefined protocol and hostname (#1036)

v3.0.1

fix(type): fix RequestHandler return type (#980)

refactor(errors): improve pathFilter error message (#987)

fix(logger-plugin): fix missing target port (#989)

ci(package): npm package provenance (#991)

fix(logger-plugin): log target port when router option is used (#1001)

refactor: fix circular dependencies (#1010)

fix(fix-request-body): support '+json' content-type suffix (#1015)

v3.0.0

This release contains some breaking changes.

Please read the V3 discussion chimurai/http-proxy-middleware#768 or follow the MIGRATION.md guide.

feat(typescript): type improvements (#882)

chore(deps): update micromatch to 4.0.5

chore(package): bump devDependencies

feat(legacyCreateProxyMiddleware): show migration tips (#756)

feat(legacyCreateProxyMiddleware): adapter with v2 behavior (#754)

docs(proxy events): fix new syntax (#753)

feat(debug): improve troubleshooting (#752)

test(path-rewriter): improve coverage (#751)

feat(ejectPlugins): skip registering default plugins (#750)

refactor: logging [BREAKING CHANGE] (#749)

... (truncated)

Commits

d3851ed chore(package): v3.0.5 (#1098)
1bdccbe fix(fixRequestBody): check readableLength (#1096)
01934d3 chore(package): v3.0.4 (#1095)
3364c0a docs(CHANGELOG): update changelog (#1093)
bd3c124 fix(fixRequestBody): handle invalid request (#1092)
0209760 fix(fixRequestBody): prevent multiple .write() calls (#1089)
fd0f568 fix(websocket): handle errors in handleUpgrade (#823)
e94087e ci(github-actions): update spellcheck config (#1088)
397748a chore(examples): update next deps (#1087)
6fb6032 build(patch-package): run patch-package in 'development' only (#1086)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [lodash](https://github.com/lodash/lodash), [babel-core](https://github.com/babel/babel), [babel-loader](https://github.com/babel/babel-loader) and [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware). These dependencies needed to be updated together. Updates `lodash` from 4.17.21 to 4.17.23 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) Updates `babel-core` from 5.8.38 to 6.26.3 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](babel/babel@v5.8.38...v6.26.3) Updates `babel-loader` from 5.4.2 to 10.0.0 - [Release notes](https://github.com/babel/babel-loader/releases) - [Changelog](https://github.com/babel/babel-loader/blob/main/CHANGELOG.md) - [Commits](babel/babel-loader@v5.4.2...v10.0.0) Updates `http-proxy-middleware` from 0.9.1 to 3.0.5 - [Release notes](https://github.com/chimurai/http-proxy-middleware/releases) - [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/master/CHANGELOG.md) - [Commits](chimurai/http-proxy-middleware@v0.9.1...v3.0.5) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.17.23 dependency-type: direct:production - dependency-name: babel-core dependency-version: 6.26.3 dependency-type: direct:development - dependency-name: babel-loader dependency-version: 10.0.0 dependency-type: direct:development - dependency-name: http-proxy-middleware dependency-version: 3.0.5 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jan 23, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump lodash, babel-core, babel-loader and http-proxy-middleware#21

Bump lodash, babel-core, babel-loader and http-proxy-middleware#21
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/multi-5b298c85a6

dependabot bot commented on behalf of github Jan 23, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Jan 23, 2026

v10.0.0

What's Changed

Breaking Changes

New Features

Bug Fixes

Docs

Dependencies

Internal

New Contributors

v9.2.1

What's Changed

Changelog

Old Changelog

v6.4.1

🐛 Bug Fix

v6.4.0

🚀 New Feature

v6.3.2

😢 Regression

v6.3.1

🐛 Bug Fix

v6.3.0

🚀 New Feature

🐛 Bug Fix

💅 Polish

v6.2.10

v3.0.5

What's Changed

v3.0.4

What's Changed

New Contributors

v3.0.3

What's Changed

v3.0.2

v3.0.5

v3.0.4

v3.0.3

v3.0.2

v3.0.1

v3.0.0

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants