Skip to content

Bump morgan from 1.10.1 to 1.11.0#1913

Open
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/npm_and_yarn/morgan-1.11.0
Open

Bump morgan from 1.10.1 to 1.11.0#1913
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/npm_and_yarn/morgan-1.11.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 11, 2026

Copy link
Copy Markdown
Contributor

Bumps morgan from 1.10.1 to 1.11.0.

Release notes

Sourced from morgan's releases.

1.11.0

What's Changed

Security Fix:

New Contributors

Full Changelog: expressjs/morgan@1.10.0...1.11.0

Changelog

Sourced from morgan's changelog.

1.11.0 / 2026-06-02

  • add :pid token

Security Fix:

Commits
  • e0e6f17 Release 1.11.0 (#350)
  • b3f5d9b Merge commit from fork
  • 203c758 build(deps): bump github/codeql-action from 4.32.4 to 4.35.2 (#346)
  • 002bc81 build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#347)
  • 561b0d7 build(deps): bump actions/upload-artifact from 5.0.0 to 7.0.0 (#338)
  • 2db705e build(deps): bump github/codeql-action from 3.29.7 to 4.32.4 (#337)
  • a373c5f build(deps): bump ossf/scorecard-action from 2.3.1 to 2.4.3 (#327)
  • c8e72fa build(deps): bump actions/checkout from 4.1.1 to 6.0.1 (#324)
  • 023300e build(deps): bump actions/upload-artifact from 4.3.1 to 4.6.2 (#307)
  • 9d8d6c0 build(deps): bump coverallsapp/github-action from 1.2.5 to 2.3.6 (#306)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 11, 2026
Bumps [morgan](https://github.com/expressjs/morgan) from 1.10.1 to 1.11.0.
- [Release notes](https://github.com/expressjs/morgan/releases)
- [Changelog](https://github.com/expressjs/morgan/blob/master/HISTORY.md)
- [Commits](expressjs/morgan@1.10.1...1.11.0)

---
updated-dependencies:
- dependency-name: morgan
  dependency-version: 1.11.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/morgan-1.11.0 branch from 021317c to bbc09fc Compare July 13, 2026 16:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants