Skip to content

chore(deps): bump koa and @nx/react#183

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/multi-19127de5b7
Closed

chore(deps): bump koa and @nx/react#183
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/multi-19127de5b7

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Sep 4, 2025
edited
Loading

Bumps koa to 3.0.1 and updates ancestor dependency @nx/react. These dependencies need to be updated together.

Updates koa from 2.16.1 to 3.0.1

Release notes

Sourced from koa's releases.

v3.0.1

What's Changed

Full Changelog: koajs/koa@v3.0.0...v3.0.1

v3.0.0

This is a major release.

Breaking

  • Minimum node v18
  • Removes .redirect('back'), adds .back(fallback_url) @​fl0w koajs/koa#1115
  • For .redirect(), don't render redirect values in anchor ref koajs/koa@ff25eb4
  • req.origin should display the origin header if it exists, not the current hostname koajs/koa#1008. origin now aligns with the Origin header as used in CORS.
  • .body=<json> should not overwrite type if type already json koajs/koa#1120
  • Remove special ENOENT support koajs/koa#1861 - this is a big change and will require any file servers to adapt to this change for handling 404s / files not found
  • Removes generator deprecation messages. Generators are no longer supported. Koa no longer asserts if generators are used. Set content-length: 0 if body is explicitly set to null @​ognjenjevremovic #1528 Remove obsolete createAsyncCtxStorageMiddleware koajs/koa#1817
  • ctx.throw now requires a format of ctx.throw(status, error, properties). See: https://www.npmjs.com/package/http-errors

New

Fixes

... (truncated)

Changelog

Sourced from koa's changelog.

[!IMPORTANT] Moving forwards we are using the GitHub releases page at https://github.com/koajs/koa/releases in combination with np for publishing releases and their changelogs.

3.0.0-alpha.3 / 2025-02-11

fixes

  • Avoid redos on host and protocol getter

3.0.0-alpha.2 / 2024-11-04

breaking changes

  • Update http-errors to v2.0.0 #1486
  • Remove res.redirect('back'), add back() method to ctx #1115
  • Replace node querystring with URLSearchParams #1828
  • Remove obsolete createAsyncCtxStorageMiddleware #1817

features

  • Add support for web WHATWG #1830

updates

  • Update cookies to ~0.9.1 #1846
  • Update statuses to ^2.0.1
  • Update supertest to ^7.0.0 #1841

fixes

  • Fix exports.defaults in package.json #1630
  • Fix leaky handles in tests #1838
  • Fix body null checks #1814
  • Fix reformatting redirect URLs #1805 #1804
  • Fix passing ctx in error handler #1758

migrations

  • Migrate from jest to the native node test runner #1845

3.0.0-alpha.1 / 2023-04-12

fixes

3.0.0-alpha.0 / 2023-01-02

Breaking Changes

... (truncated)

Commits
  • 1ddb048 3.0.1
  • 422c551 Merge commit from fork
  • 6e51eb1 build(deps-dev): bump form-data from 4.0.3 to 4.0.4 (#1894)
  • d378e5c build(deps-dev): bump supertest from 7.1.1 to 7.1.4 (#1895)
  • cb22d8d build(deps): bump statuses from 2.0.1 to 2.0.2 (#1888)
  • 0acad8f feat: replace cache-content-type with mime-types directly (#1886)
  • 2f6e814 feat: replace debug module with pure node:util::debuglog (#1885)
  • 8620ced build(deps): bump debug from 4.4.0 to 4.4.1 (#1880)
  • dec1ffc build(deps-dev): bump supertest from 7.1.0 to 7.1.1 (#1879)
  • 9057541 chore: removes done callbacks in tests [CHORE-1870] (#1875)
  • Additional commits viewable in compare view

Updates @nx/react from 21.3.5 to 21.4.1

Release notes

Sourced from @​nx/react's releases.

21.4.1 (2025-08-22)

🚀 Features

  • graph: task graph support multiple targets (#32418)
  • js: add includeIgnoredAssetFiles option and per-asset includeIgnoredFiles (#31813)
  • js: detect duplicate project references in @nx/js:typescript-sync (#32443)
  • nx: use platform certificate trust store (#31999)
  • nx-dev: link ukg article on homepage (8d16697547)
  • nx-dev: configure rewrite to astro-docs when NEXT_PUBLIC_ASTRO_URL is set (#32424)
  • repo: add GitHub Actions workflow to validate PR titles (#32458)
  • rspack: add support for converting webpack plugin configs #30292 (#32382, #30292)
  • tools: add repository update system for automated Nx migrations (#32124)
  • webpack: migrate from deprecated url.parse() to WHATWG URL API (70fb618785)

🩹 Fixes

  • angular: set the tsConfig option when possible to aid with angular migrations (#32355, #32138)
  • angular: do not update project configuration when not changes were made in migration (#32448)
  • angular-rspack: do not error on server budget violation (#32445)
  • core: improve Cursor editor detection and extension installation (#32374)
  • core: ensure deterministic dummy task generation in task graphs (#32414)
  • core: handle unsupported platforms in Cursor IDE install command (#32419)
  • core: only prompt for NX Console installation in TTY environments (#32425)
  • core: enhance validation for continuous task dependencies (#31786)
  • core: retry current message when receiving NX_VERSION_CHANGED from daemon (#32417, #29446)
  • core: use black for all fg elements when in light theme (#32415)
  • core: fail fast when running commands in parallel (#32386, #28477)
  • core: handle no daemon when stopping (#32455)
  • core: create pnpm peer deps settings in the appropriate location when creating workspace (#32470)
  • core: repair nx mcp in pnpm/yarn (#32452)
  • devkit: restore peer dep range to 2 majors (#32406, #31801)
  • devkit: include UPDATE changes in findCreatedProjectFiles for generator callbacks (#31429, #29852)
  • expo: export output should be within project directory (#32477)
  • gradle: use AST parsing to migrate updates to version catalogs (#32463)
  • gradle: allow test target name to be configuration from nx.json (#32416)
  • graph: some misc fixes to the graph (#32401)
  • graph: nxArgs.projects can be an empty array (#32479)
  • js: esm loader should handle absolute paths on windows #32376 (#32383, #32376)
  • js: improve @nx/js/typescript plugin check for buildable libraries (#32405, #32116, #32290)
  • js: do not infer the project type in the @nx/js/typescript plugin (#32421)
  • misc: update @​types/node to v20.19.9 to support fetch API (#32092, #31637)
  • misc: respect string values in alwaysAddToPackageJson migration flag (#32433, #30586)
  • misc: check for packages existence to detect pnpm workspaces setup (#32474)
  • module-federation: do not rely on virtualRuntimeEntry #31831 (#32387, #31831, #32404)
  • nx-dev: update navbar CTA buttons and updates event tracking (#32392)
  • plugin: handle directory paths correctly in executor and generator generators (#31856, #31803, #31776)
  • testing: support NX_CACHE_PROJECT_GRAPH when reading inferred config from jest cache file (#32380)
  • testing: fall back to tsconfig.json in the jest resolver (#32083)
  • webpack: migrate from deprecated url.parse() to WHATWG URL API (#32399)

... (truncated)

Commits
  • 3142624 fix(module-federation): module federation does not depend on static remotes p...
  • 8bc3538 fix(react): host generator should not add loadRemote helper when no remotes (...
  • 0452910 fix(vite): add tslib as a dep for @​nx/vite and remove @​swc/helpers (#32341)
  • 721066f fix(misc): ensure generateFiles is called using path.join (#32319)
  • 13f63eb fix(vite): set name property for test to project name #32163 (#32308)
  • 4941173 fix(module-federation): upgrade module federation to 0.18.0 (#32260)
  • 5fcc41a fix(core): update http-proxy-middleware to resolve vulnerability (#32278)
  • b68c349 fix(misc): loose and fix the ts solution setup requirements and use it when t...
  • 9e7b95b fix(react): remote generator should normalize names (#32211)
  • efca9b9 fix(module-federation): re-add support for mf aliases (#31347)
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
chore(deps): bump koa and @nx/react
039a454 
Bumps [koa](https://github.com/koajs/koa) to 3.0.1 and updates ancestor dependency [@nx/react](https://github.com/nrwl/nx/tree/HEAD/packages/react). These dependencies need to be updated together.


Updates `koa` from 2.16.1 to 3.0.1
- [Release notes](https://github.com/koajs/koa/releases)
- [Changelog](https://github.com/koajs/koa/blob/master/History.md)
- [Commits](koajs/koa@v2.16.1...v3.0.1)

Updates `@nx/react` from 21.3.5 to 21.4.1
- [Release notes](https://github.com/nrwl/nx/releases)
- [Commits](https://github.com/nrwl/nx/commits/21.4.1/packages/react)

---
updated-dependencies:
- dependency-name: koa
  dependency-version: 3.0.1
  dependency-type: indirect
- dependency-name: "@nx/react"
  dependency-version: 21.4.1
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Sep 4, 2025
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Nov 17, 2025

Superseded by #205.

@dependabot dependabot bot closed this Nov 17, 2025
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/multi-19127de5b7 branch November 17, 2025 15:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@konowrockis konowrockis Awaiting requested review from konowrockis konowrockis is a code owner

@Komoszek Komoszek Awaiting requested review from Komoszek Komoszek is a code owner

@kamilgacan kamilgacan Awaiting requested review from kamilgacan kamilgacan is a code owner

@katarzynagrasewicz katarzynagrasewicz Awaiting requested review from katarzynagrasewicz katarzynagrasewicz is a code owner

@BeerHobbyist BeerHobbyist Awaiting requested review from BeerHobbyist BeerHobbyist is a code owner

@alszczep alszczep Awaiting requested review from alszczep alszczep is a code owner

@kumalg kumalg Awaiting requested review from kumalg kumalg is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants