Bump the npm_and_yarn group across 8 directories with 4 updates

[dependabot]

Bumps the npm_and_yarn group with 1 update in the /frameworks/JavaScript/express directory: mysql2.
Bumps the npm_and_yarn group with 2 updates in the /frameworks/JavaScript/fastify directory: mysql2 and handlebars.
Bumps the npm_and_yarn group with 3 updates in the /frameworks/JavaScript/hapi directory: mysql2, handlebars and async.
Bumps the npm_and_yarn group with 2 updates in the /frameworks/JavaScript/koa directory: mysql2 and handlebars.
Bumps the npm_and_yarn group with 3 updates in the /frameworks/JavaScript/nodejs directory: mysql2, handlebars and async.
Bumps the npm_and_yarn group with 3 updates in the /frameworks/JavaScript/sailsjs directory: mysql2, handlebars and async.
Bumps the npm_and_yarn group with 1 update in the /frameworks/JavaScript/spliffy directory: mysql2.
Bumps the npm_and_yarn group with 1 update in the /frameworks/PHP/laravel directory: axios.

Updates mysql2 from 3.9.8 to 3.11.4

Release notes

Sourced from mysql2's releases.

v3.11.4

3.11.4 (2024-11-05)

Bug Fixes

• types: correct TypeCast's Next callback to return unknown (#3129) (401db79)

v3.11.3

3.11.3 (2024-09-14)

Bug Fixes

• typings: synchronize types of sqlstring (#3047) (81be01b)

v3.11.2

3.11.2 (2024-09-11)

Bug Fixes

• resolve LRU conflicts, cache loss and premature engine breaking change (#2988) (2c3c858)

v3.11.1

3.11.1 (2024-09-10)

Bug Fixes

• createPoolCluster: add pattern and selector to promise-based getConnection (#3017) (ab7c49f)
• update connection cleanup process to handle expired connections and exceeding config.maxIdle (#3022) (b091cf4)

v3.11.0

3.11.0 (2024-07-27)

Features

• fully support VECTOR type results (9576742 and sidorares/node-mysql2@3659488 )

v3.10.3

3.10.3 (2024-07-15)

Bug Fixes

• handshake SSL error with AWS RDS (#2857) (de071bb)

v3.10.2

... (truncated)

Changelog

Sourced from mysql2's changelog.

3.11.4 (2024-11-05)

Bug Fixes

• types: correct TypeCast's Next callback to return unknown (#3129) (401db79)

3.11.3 (2024-09-14)

Bug Fixes

• typings: synchronize types of sqlstring (#3047) (81be01b)

3.11.2 (2024-09-11)

Bug Fixes

• resolve LRU conflicts, cache loss and premature engine breaking change (#2988) (2c3c858)

3.11.1 (2024-09-10)

Bug Fixes

• createPoolCluster: add pattern and selector to promise-based getConnection (#3017) (ab7c49f), closes #1381
• update connection cleanup process to handle expired connections and exceeding config.maxIdle (#3022) (b091cf4)

3.11.0 (2024-07-27)

Features

• fully support VECTOR type results (9576742)

3.10.3 (2024-07-15)

Bug Fixes

• handshake SSL error with AWS RDS (#2857) (de071bb)

3.10.2 (2024-07-01)

Bug Fixes

• typeCast: ensure the same behavior for field.string() with query and execute (#2820) (27e38ea)

... (truncated)

Commits

• 05543c7 chore(master): release 3.11.4 (#3176)
• 5085799 build(deps-dev): bump @​types/node from 22.8.6 to 22.9.0 (#3188)
• cd57bcd build(deps-dev): bump @​types/node from 22.8.5 to 22.8.6 in /website (#3179)
• 3697d88 build(deps-dev): bump @​types/node from 22.8.5 to 22.8.6 (#3178)
• aacf706 build(deps-dev): bump @​types/node from 22.8.4 to 22.8.5 (#3175)
• 401db79 fix(types): correct TypeCast's Next callback to return unknown (#3129)
• 4c6e140 build(deps-dev): bump @​types/node from 22.8.4 to 22.8.5 in /website (#3174)
• 16966e1 build(deps): bump sass from 1.80.4 to 1.80.5 in /website (#3172)
• 9afb855 build(deps-dev): bump @​types/node from 22.8.2 to 22.8.4 (#3171)
• 6598060 build(deps-dev): bump @​types/node from 22.8.1 to 22.8.4 in /website (#3168)
• Additional commits viewable in compare view

Updates mysql2 from 3.9.7 to 3.9.8

Release notes

Sourced from mysql2's releases.

v3.11.4

3.11.4 (2024-11-05)

Bug Fixes

• types: correct TypeCast's Next callback to return unknown (#3129) (401db79)

v3.11.3

3.11.3 (2024-09-14)

Bug Fixes

• typings: synchronize types of sqlstring (#3047) (81be01b)

v3.11.2

3.11.2 (2024-09-11)

Bug Fixes

• resolve LRU conflicts, cache loss and premature engine breaking change (#2988) (2c3c858)

v3.11.1

3.11.1 (2024-09-10)

Bug Fixes

• createPoolCluster: add pattern and selector to promise-based getConnection (#3017) (ab7c49f)
• update connection cleanup process to handle expired connections and exceeding config.maxIdle (#3022) (b091cf4)

v3.11.0

3.11.0 (2024-07-27)

Features

• fully support VECTOR type results (9576742 and sidorares/node-mysql2@3659488 )

v3.10.3

3.10.3 (2024-07-15)

Bug Fixes

• handshake SSL error with AWS RDS (#2857) (de071bb)

v3.10.2

... (truncated)

Changelog

Sourced from mysql2's changelog.

3.11.4 (2024-11-05)

Bug Fixes

• types: correct TypeCast's Next callback to return unknown (#3129) (401db79)

3.11.3 (2024-09-14)

Bug Fixes

• typings: synchronize types of sqlstring (#3047) (81be01b)

3.11.2 (2024-09-11)

Bug Fixes

• resolve LRU conflicts, cache loss and premature engine breaking change (#2988) (2c3c858)

3.11.1 (2024-09-10)

Bug Fixes

• createPoolCluster: add pattern and selector to promise-based getConnection (#3017) (ab7c49f), closes #1381
• update connection cleanup process to handle expired connections and exceeding config.maxIdle (#3022) (b091cf4)

3.11.0 (2024-07-27)

Features

• fully support VECTOR type results (9576742)

3.10.3 (2024-07-15)

Bug Fixes

• handshake SSL error with AWS RDS (#2857) (de071bb)

3.10.2 (2024-07-01)

Bug Fixes

• typeCast: ensure the same behavior for field.string() with query and execute (#2820) (27e38ea)

... (truncated)

Commits

• 05543c7 chore(master): release 3.11.4 (#3176)
• 5085799 build(deps-dev): bump @​types/node from 22.8.6 to 22.9.0 (#3188)
• cd57bcd build(deps-dev): bump @​types/node from 22.8.5 to 22.8.6 in /website (#3179)
• 3697d88 build(deps-dev): bump @​types/node from 22.8.5 to 22.8.6 (#3178)
• aacf706 build(deps-dev): bump @​types/node from 22.8.4 to 22.8.5 (#3175)
• 401db79 fix(types): correct TypeCast's Next callback to return unknown (#3129)
• 4c6e140 build(deps-dev): bump @​types/node from 22.8.4 to 22.8.5 in /website (#3174)
• 16966e1 build(deps): bump sass from 1.80.4 to 1.80.5 in /website (#3172)
• 9afb855 build(deps-dev): bump @​types/node from 22.8.2 to 22.8.4 (#3171)
• 6598060 build(deps-dev): bump @​types/node from 22.8.1 to 22.8.4 in /website (#3168)
• Additional commits viewable in compare view

Updates handlebars from 4.7.6 to 4.7.7

Changelog

Sourced from handlebars's changelog.

v4.7.7 - February 15th, 2021

• fix weird error in integration tests - eb860c0
• fix: check prototype property access in strict-mode (#1736) - b6d3de7
• fix: escape property names in compat mode (#1736) - f058970
• refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
• chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

• the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

Commits

• a9a8e40 v4.7.7
• e66aed5 Update release notes
• 7d4d170 disable IE in Saucelabs tests
• eb860c0 fix weird error in integration tests
• b6d3de7 fix: check prototype property access in strict-mode (#1736)
• f058970 fix: escape property names in compat mode (#1736)
• 77825f8 refator: In spec tests, use expectTemplate over equals and shouldThrow (#1683)
• 3789a30 chore: start testing on Node.js 12 and 13
• See full diff in compare view

Updates mysql2 from 3.9.8 to 3.11.4

Release notes

Sourced from mysql2's releases.

v3.11.4

3.11.4 (2024-11-05)

Bug Fixes

• types: correct TypeCast's Next callback to return unknown (#3129) (401db79)

v3.11.3

3.11.3 (2024-09-14)

Bug Fixes

• typings: synchronize types of sqlstring (#3047) (81be01b)

v3.11.2

3.11.2 (2024-09-11)

Bug Fixes

• resolve LRU conflicts, cache loss and premature engine breaking change (#2988) (2c3c858)

v3.11.1

3.11.1 (2024-09-10)

Bug Fixes

• createPoolCluster: add pattern and selector to promise-based getConnection (#3017) (ab7c49f)
• update connection cleanup process to handle expired connections and exceeding config.maxIdle (#3022) (b091cf4)

v3.11.0

3.11.0 (2024-07-27)

Features

• fully support VECTOR type results (9576742 and sidorares/node-mysql2@3659488 )

v3.10.3

3.10.3 (2024-07-15)

Bug Fixes

• handshake SSL error with AWS RDS (#2857) (de071bb)

v3.10.2

... (truncated)

Changelog

Sourced from mysql2's changelog.

3.11.4 (2024-11-05)

Bug Fixes

• types: correct TypeCast's Next callback to return unknown (#3129) (401db79)

3.11.3 (2024-09-14)

Bug Fixes

• typings: synchronize types of sqlstring (#3047) (81be01b)

3.11.2 (2024-09-11)

Bug Fixes

• resolve LRU conflicts, cache loss and premature engine breaking change (#2988) (2c3c858)

3.11.1 (2024-09-10)

Bug Fixes

• createPoolCluster: add pattern and selector to promise-based getConnection (#3017) (ab7c49f), closes #1381
• update connection cleanup process to handle expired connections and exceeding config.maxIdle (#3022) (b091cf4)

3.11.0 (2024-07-27)

Features

• fully support VECTOR type results (9576742)

3.10.3 (2024-07-15)

Bug Fixes

• handshake SSL error with AWS RDS (#2857) (de071bb)

3.10.2 (2024-07-01)

Bug Fixes

• typeCast: ensure the same behavior for field.string() with query and execute (#2820) (27e38ea)

... (truncated)

Commits

• 05543c7 chore(master): release 3.11.4 (#3176)
• 5085799 build(deps-dev): bump @​types/node from 22.8.6 to 22.9.0 (#3188)
• cd57bcd build(deps-dev): bump @​types/node from 22.8.5 to 22.8.6 in /website (#3179)
• 3697d88 build(deps-dev): bump @​types/node from 22.8.5 to 22.8.6 (#3178)
• aacf706 build(deps-dev): bump @​types/node from 22.8.4 to 22.8.5 (#3175)
• 401db79 fix(types): correct TypeCast's Next callback to return unknown (#3129)
• 4c6e140 build(deps-dev): bump @​types/node from 22.8.4 to 22.8.5 in /website (#3174)
• 16966e1 build(deps): bump sass from 1.80.4 to 1.80.5 in /website (#3172)
• 9afb855 build(deps-dev): bump @​types/node from 22.8.2 to 22.8.4 (#3171)
• 6598060 build(deps-dev): bump @​types/node from 22.8.1 to 22.8.4 in /website (#3168)
• Additional commits viewable in compare view

Updates handlebars from 4.3.0 to 4.7.7

Changelog

Sourced from handlebars's changelog.

v4.7.7 - February 15th, 2021

• fix weird error in integration tests - eb860c0
• fix: check prototype property access in strict-mode (#1736) - b6d3de7
• fix: escape property names in compat mode (#1736) - f058970
• refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
• chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

• the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

Commits

• a9a8e40 v4.7.7
• e66aed5 Update release notes
• 7d4d170 disable IE in Saucelabs tests
• eb860c0 fix weird error in integration tests
• b6d3de7 fix: check prototype property access in strict-mode (#1736)
• f058970 fix: escape property names in compat mode (#1736)
• 77825f8 refator: In spec tests, use expectTemplate over equals and shouldThrow (#1683)
• 3789a30 chore: start testing on Node.js 12 and 13
• See full diff in compare view

Updates async from 2.1.5 to 2.6.4

Release notes

Sourced from async's releases.

v2.3.0

• Added support for ES2017 async functions. Wherever you can pass a Node-style/CPS function that uses a callback, you can also pass an async function. Previously, you had to wrap async functions with asyncify. The caveat is that it will only work if async functions are supported natively in your environment, transpiled implementations can't be detected. (#1386, #1390)

v2.2.0

• Added groupBy, and the Series/Limit equivalents, analogous to _.groupBy (#1364)
• Fixed transform bug when callback was not passed (#1381)

Changelog

Sourced from async's changelog.

v2.6.4

• Fix potential prototype pollution exploit (#1828)

v2.6.3

• Updated lodash to squelch a security warning (#1675)

v2.6.2

• Updated lodash to squelch a security warning (#1620)

v2.6.1

• Updated lodash to prevent npm audit warnings. (#1532, #1533)
• Made async-es more optimized for webpack users (#1517)
• Fixed a stack overflow with large collections and a synchronous iterator (#1514)
• Various small fixes/chores (#1505, #1511, #1527, #1530)

v2.6.0

• Added missing aliases for many methods. Previously, you could not (e.g.) require('async/find') or use async.anyLimit. (#1483)
• Improved queue performance. (#1448, #1454)
• Add missing sourcemap (#1452, #1453)
• Various doc updates (#1448, #1471, #1483)

v2.5.0

• Added concatLimit, the Limit equivalent of concat (#1426, #1430)
• concat improvements: it now preserves order, handles falsy values and the iteratee callback takes a variable number of arguments (#1437, #1436)
• Fixed an issue in queue where there was a size discrepancy between workersList().length and running() (#1428, #1429)
• Various doc fixes (#1422, #1424)

v2.4.1

• Fixed a bug preventing functions wrapped with timeout() from being re-used. (#1418, #1419)

v2.4.0

• Added tryEach, for running async functions in parallel, where you only expect one to succeed. (#1365, #687)
• Improved performance, most notably in parallel and waterfall (#1395)
• Added queue.remove(), for removing items in a queue (#1397, #1391)
• Fixed using eval, preventing Async from running in pages with Content Security Policy (#1404, #1403)
• Fixed errors thrown in an asyncifyed function's callback being caught by the underlying Promise (#1408)
• Fixed timing of queue.empty() (#1367)
• Various doc fixes (#1314, #1394, #1412)

v2.3.0

• Added support for ES2017 async functions. Wherever you can pass a Node-style/CPS function that uses a callback, you can also pass an async function. Previously, you had to wrap async functions with asyncify. The caveat is that it will only work if async functions are supported natively in your environment, transpiled implementations can't be detected. (#1386, #1390)
• Small doc fix (#1392)

v2.2.0

• Added groupBy, and the Series/Limit equivalents, analogous to _.groupBy (#1364)
• Fixed transform bug when callback was not passed (#1381)
• Added note about reflect to parallel docs (#1385)

Commits

• c6bdaca Version 2.6.4
• 8870da9 Update built files
• 4df6754 update changelog
• 8f7f903 Fix prototype pollution vulnerability (#1828)
• f1d8383 Version 2.6.3
• 2b674c1 update changelog
• eab740f fix: udpate lodash. closes #1675
• eaf32be Version 2.6.2
• 684b42e Update built files
• e1bd3da update changelog
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by hargasinski, a new releaser for async since your current version.

Updates mysql2 from 3.9.8 to 3.11.4

Release notes

Sourced from mysql2's releases.

v3.11.4

3.11.4 (2024-11-05)

Bug Fixes

• types: correct TypeCast's Next callback to return unknown (#3129) (401db79)

v3.11.3

3.11.3 (2024-09-14)

Bug Fixes

• typings: synchronize types of sqlstring (#3047) (81be01b)

v3.11.2

3.11.2 (2024-09-11)

Bug Fixes

• resolve LRU conflicts, cache loss and premature engine breaking change (#2988) (2c3c858)

v3.11.1

3.11.1 (2024-09-10)

Bug Fixes

• createPoolCluster: add pattern and selector to promise-based getConnection (#3017) (ab7c49f)
• update connection cleanup process to handle expired connections and exceeding config.maxIdle (#3022) (b091cf4)

v3.11.0

3.11.0 (2024-07-27)

Features

• fully support VECTOR type results (9576742 and sidorares/node-mysql2@3659488 )

v3.10.3

3.10.3 (2024-07-15)

Bug Fixes

• handshake SSL error with AWS RDS (#2857) (de071bb)

v3.10.2

... (truncated)

Changelog

Sourced from mysql2's changelog.

3.11.4 (2024-11-05)

Bug Fixes

• types: correct TypeCast's Next callback to return unknown (#3129) (401db79)

3.11.3 (2024-09-14)

Bug Fixes

• typings: synchronize types of sqlstring (#3047) (81be01b)

3.11.2 (2024-09-11)

Bug Fixes

• resolve LRU conflicts, cache loss and premature engine breaking change (#2988) (2c3c858)

3.11.1 (2024-09-10)

Bug Fixes

• createPoolCluster: add pattern and selector to promise-based getConnection (#3017) (ab7c49f), closes #1381
• update connection cleanup process to handle expired connections and exceeding config.maxIdle (#3022) (b091cf4)

3.11.0 (2024-07-27)

Features

• fully support VECTOR type results (9576742)

3.10.3 (2024-07-15)

Bug Fixes

• handshake SSL error with AWS RDS (#2857) (de071bb)

3.10.2 (2024-07-01)

Bug Fixes

• typeCast: ensure the same behavior for field.string() with query and execute (#2820) (27e38ea)

... (truncated)

Commits

• 05543c7 chore(master): release 3.11.4 (#3176)
• 5085799 build(deps-dev): bump @​types/node from 22.8.6 to 22.9.0 (#3188)
• cd57bcd build(deps-dev): bump @​types/node from 22.8.5 to 22.8.6 in /website (#3179)
• 3697d88 build(deps-dev): bump @​types/node from 22.8.5 to 22.8.6 (#3178)
• aacf706 build(deps-dev): bump @​types/node from 22.8.4 to 22.8.5 (#3175)
• 401db79 fix(types): correct TypeCast's Next callback to return unknown (#3129)
• 4c6e140 build(deps-dev): bump @​types/node from 22.8.4 to 22.8.5 in /website (#3174)
• 16966e1 build(deps): bump sass from 1.80.4 to 1.80.5 in /website (#3172)
• 9afb855 build(deps-dev): bump @​types/node from 22.8.2 to 22.8.4 (#3171)
• 6598060 build(deps-dev): bump @​types/node from 22.8.1 to 22.8.4 in /website (#3168)
• Additional commits viewable in compare view

Updates handlebars from 4.3.0 to 4.7.7

Changelog

Sourced from handlebars's changelog.

v4.7.7 - February 15th, 2021

• fix weird error in integration tests - eb860c0
• fix: check prototype property access in strict-mode (#1736) - b6d3de7
• fix: escape property names in compat mode (#1736) - f058970
• refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
• chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

• the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

Commits

• a9a8e40 v4.7.7
• e66aed5 Update release notes
• 7d4d170 disable IE in Saucelabs tests
• eb860c0 fix weird error in integration tests
• b6d3de7 fix: check prototype property access in strict-mode (#1736)
• f058970 fix: escape property names in compat mode (#1736)
• 77825f8 refator: In spec tests, use expectTemplate over equals and shouldThrow (#1683)
• 3789a30 chore: start testing on Node.js 12 and 13
• See full diff in compare view

Updates mysql2 from 3.9.8 to 3.11.4

Release notes

Sourced from mysql2's releases.

v3.11.4

3.11.4 (2024-11-05)

Bug Fixes

• types: correct TypeCast's Next callback to return unknown (#3129) (401db79)

v3.11.3

3.11.3 (2024-09-14)

Bug Fixes

• typings: synchronize types of sqlstring (#3047) (81be01b)

v3.11.2

3.11.2 (2024-09-11)

Bug Fixes

• resolve LRU conflicts, cache loss and premature engine breaking change (#2988) (2c3c858)

v3.11.1

3.11.1 (2024-09-10)

Bug Fixes

• createPoolCluster: add pattern and selector to promise-based getConnection (#3017) (ab7c49f)
• update connection cleanup process to handle expired connections and exceeding config.maxIdle (#3022) (b091cf4)

v3.11.0

3.11.0 (2024-07-27)

Features

• fully support VECTOR type results (9576742 and sidorares/node-mysql2@3659488 )

v3.10.3

3.10.3 (2024-07-15)

Bug Fixes

• handshake SSL error with AWS RDS (#2857) (de071bb)

v3.10.2

... (truncated)

Changelog

Sourced from mysql2's changelog.Description has been truncated

Summary by Sourcery

Bump various npm dependencies across multiple directories, including updates to 'mysql2', 'handlebars', 'async', and 'axios' to their latest versions.

Enhancements:

• Update 'mysql2' dependency to version 3.11.4 across multiple JavaScript frameworks including express, fastify, hapi, koa, nodejs, sailsjs, and spliffy.
• Update 'handlebars' dependency to version 4.7.7 in fastify, hapi, koa, nodejs, and sailsjs frameworks.
• Update 'async' dependency to version 2.6.4 in hapi and nodejs frameworks, and to 3.2.6 in sailsjs framework.
• Update 'axios' dependency to version 1.7 in the PHP/laravel framework.

[sourcery-ai]

Reviewer's Guide by Sourcery

This pull request updates several npm packages across 8 different JavaScript and PHP frameworks, with the main focus on upgrading mysql2, handlebars, async, and axios dependencies to newer versions. The changes are primarily dependency version bumps to address security vulnerabilities and incorporate bug fixes.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change	Details	Files
Update mysql2 package across multiple frameworks	Upgrade from 3.9.8 to 3.11.4 in most frameworks Add support for VECTOR type results Fix TypeCast's Next callback typing Resolve LRU conflicts and cache loss issues Fix handshake SSL error with AWS RDS	frameworks/JavaScript/hapi/package.json frameworks/JavaScript/nodejs/package.json frameworks/JavaScript/sailsjs/package.json frameworks/JavaScript/fastify/package.json frameworks/JavaScript/koa/package.json frameworks/JavaScript/express/package.json frameworks/JavaScript/spliffy/package.json
Update handlebars package to address security concerns	Upgrade from various older versions to 4.7.7 Fix prototype property access in strict-mode Add escape property names in compat mode	frameworks/JavaScript/hapi/package.json frameworks/JavaScript/nodejs/package.json frameworks/JavaScript/sailsjs/package.json frameworks/JavaScript/fastify/package.json frameworks/JavaScript/koa/package.json
Update async package with security fixes	Upgrade from 2.1.5/2.5.0 to 2.6.4 in hapi and nodejs Upgrade from 1.5.2 to 3.2.6 in sailsjs Fix prototype pollution vulnerability	frameworks/JavaScript/hapi/package.json frameworks/JavaScript/nodejs/package.json frameworks/JavaScript/sailsjs/package.json
Update axios in Laravel framework	Upgrade from 0.18 to 1.7 to address security vulnerabilities	frameworks/PHP/laravel/package.json

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time. You can also use
  this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[sourcery-ai]

We have skipped reviewing this pull request. It seems to have been created by a bot (hey, dependabot[bot]!). We assume it knows what it's doing!