Bumps the npm_and_yarn group with 1 update in the /docs/recipes/docker-server directory: mysql2.
Bumps the npm_and_yarn group with 1 update in the /packages/server directory: plotly.js.
Fix to prevent accessing undefined (hoverText.hoverLabels) in case all currently shown markers
have hoverinfo: "none" (regression introduced in 2.6.0) #6614,
Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
New locales (es-mx, bn-bd).
Minor bugfixes and locale improvements.
More tests.
Moment is in maintenance mode. Read more at this link:
https://momentjs.com/docs/#/-project-status/
Bumps the npm_and_yarn group with 18 updates in the / directory:
2.1.0
3.9.8
4.3.1
4.3.2
4.16.4
4.19.2
1.48.3
2.25.2
5.7.3
5.7.4
3.1.9
3.1.10
0.10.50
0.10.64
1.0.1
1.0.2
3.0.4
3.1.2
1.3.1
1.3.2
2.26.0
2.30.1
2.6.0
2.7.0
6.5.2
6.5.3
1.9.1
1.13.6
6.1.1
6.1.3
1.2.3
1.2.5
6.2.2
6.2.3
4.0.0
4.0.3
Bumps the npm_and_yarn group with 1 update in the /docs/recipes/docker-server directory: mysql2. Bumps the npm_and_yarn group with 1 update in the /packages/server directory: plotly.js.
Updates
mysql2
from 2.1.0 to 3.9.8Release notes
Sourced from mysql2's releases.
... (truncated)
Changelog
Sourced from mysql2's changelog.
... (truncated)
Commits
f637d3f
chore(master): release 3.9.8 (#2700)efe3db5
fix(security): sanitize fields and tables when using nestTables (#2702)2e03694
fix: support deno + caching_sha2_password FULL_AUTHENTICATION_PACKET flow (#2...8b5f691
fix(typings): typo fromjonServerPublicKey
toonServerPublicKey
(#2699)5c75802
build(deps-dev): bump tsx from 4.10.5 to 4.11.0 in /website (#2695)179769f
build(deps): bump@easyops-cn/docusaurus-search-local
in /website (#2696)56289e2
build(deps-dev): bump poku from 1.12.1 to 1.13.0 (#2698)b029308
build(deps-dev): bump poku from 1.12.1 to 1.13.0 in /website (#2697)539acb8
build(deps): bump lucide-react from 0.378.0 to 0.379.0 in /website (#2693)dc80580
build(deps-dev): bump@typescript-eslint/eslint-plugin
from 7.9.0 to 7.10.0 i...Updates
debug
from 4.3.1 to 4.3.2Release notes
Sourced from debug's releases.
Commits
e47f96d
4.3.21e9d38c
cache enabled status per-logger (#799)Updates
express
from 4.16.4 to 4.19.2Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
... (truncated)
Commits
04bc627
4.19.2da4d763
Improved fix for open redirect allow list bypass4f0f6cc
4.19.1a003cfa
Allow passing non-strings to res.location with new encoding handling checks f...a1fa90f
fixed un-edited version in history.md for 4.19.011f2b1d
build: fix build due to inconsistent supertest behavior in older versions084e365
4.19.00867302
Prevent open redirect allow list bypass due to encodeurl567c9c6
Add note on how to update docs for new release (#5541)69a4cf2
deps: cookie@0.6.0Maintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Updates
plotly.js
from 1.48.3 to 2.25.2Release notes
Sourced from plotly.js's releases.
... (truncated)
Changelog
Sourced from plotly.js's changelog.
... (truncated)
Commits
e824199
2.25.2920a50e
update readme and changelog for v2.25.227932d6
Merge pull request #6705 from plotly/reduce-flakiness0249840
Merge pull request #6704 from plotly/nestedProperty-protoa4a69d5
reduce flakiness on CIa860a32
Merge pull request #6690 from Mkranj/croatian_translation5cfbd6e
add test2bec998
guard against polluting proto in nestedProperty5efd2a1
Merge pull request #6703 from plotly/expandObjectPaths-protoe1e3175
fix delay in testMaintainer changes
This version was pushed to npm by archmoj, a new releaser for plotly.js since your current version.
Updates
acorn
from 5.7.3 to 5.7.4Commits
6370e90
Mark version 5.7.4fbc15b1
More rigorously check surrogate pairs in regexp validatorUpdates
bl
from 1.2.2 to 2.2.1Release notes
Sourced from bl's releases.
Commits
8cb93f4
Bumped v2.2.1dacc4ac
Fix unintialized memory accessb6284a8
Bumped v2.2.0.538a988
Merge pull request #60 from reconbot/reconbot/indexof-readme635b6ce
Merge pull request #65 from reconbot/reconbot/empty-slice9b80b00
fix: empty shallowSlice return055a3ff
Merge pull request #63 from nwoltman/patch-1c768eb8
Use Buffer.from() in the documentation270e5f5
Bumped v2.1.291cbaf9
Merge pull request #62 from jhaenchen/DontUseES2015ConstUpdates
ejs
from 3.1.9 to 3.1.10Release notes
Sourced from ejs's releases.
Commits
d3f807d
Version 3.1.109ee26dd
Mocha TDDe469741
Basic pollution protection715e950
Merge pull request #756 from Jeffrey-mu/maincabe314
Include advanced usage examples29b076c
Added header11503c7
Merge branch 'main' of github.com:mde/ejs into main7690404
Added security banner to READMEf47d7ae
Update SECURITY.md828cea1
Update SECURITY.mdUpdates
es5-ext
from 0.10.50 to 0.10.64Release notes
Sourced from es5-ext's releases.
... (truncated)
Changelog
Sourced from es5-ext's changelog.
... (truncated)
Commits
f76b03d
chore: Release v0.10.642881acd
chore: Bump dependenciesc2e2bb9
fix: Revert update meant to fix Powershell issue, as it's a regression16f2b72
docs: Fix date in the changelogde4e03c
chore: Release v0.10.633fd53b7
chore: Upgradelint-staged
to v13bf8ed79
chore: Ensure postinstall script does not crash on Windows2cbbb07
chore: Bump dependencies22d0416
chore: Bump LICENSE yeara52e957
fix: Support ES2015+ function definitions infunction#toStringTokens()
Updates
json5
from 1.0.1 to 1.0.2Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
... (truncated)
Commits
a62db1e
1.0.2e0c23fe
docs: update CHANGELOG for v1.0.262a6540
fix: add proto to objects and arraysUpdates
minimatch
from 3.0.4 to 3.1.2Commits
699c459
3.1.22f2b5ff
fix: trim pattern25d7c0d
3.1.155dda29
fix: treat nocase:true as always having magic5e1fb8d
3.1.0f8145c5
Add 'allowWindowsEscape' option570e8b1
add publishConfig for v3 publishes5b7cd33
3.0.620b4b56
[fix] revert all breaking syntax changes2ff0388
document, expose, and test 'partial:true' optionUpdates
minimist
from 0.0.5 to 0.0.8Changelog
Sourced from minimist's changelog.
Commits
3754568
0.0.866c248f
handle joined single lettersfa63ed4
return '' if flag is string and emptycd46bf9
0.0.7d1da408
another swap of .test for .match8ef0bdf
0.0.67e0d1ad
use .test() instead of .match() to not crash on non-string values in the argu...Updates
mixin-deep
from 1.3.1 to 1.3.2Commits
754f0c2
1.3.290ee1fa
ensure keys are valid when mixing in valuesMaintainer changes
This version was pushed to npm by doowb, a new releaser for mixin-deep since your current version.
Updates
moment
from 2.26.0 to 2.30.1Changelog
Sourced from moment's changelog.
... (truncated)
Commits
485d9a7
Build 2.30.1e048b09
Bump version to 2.30.1f9f2d58
Update changelog for 2.30.1a52ffb2
Revert "Merge pull request #5827 from BobZombie:feature/fix_d.ts"ddd6809
Build 2.30.0be64d00
Bump version to 2.30.0ad41179
Update changelog for 2.30.063fe479
[misc] Make code ES6 compatible0f0195f
Revert "Merge pull request #5599 from Alanscut:issue_4985"15b82f5
Revert "Merge pull request #5597 from Alanscut:issue-5596"Updates
node-fetch
from 2.6.0 to 2.7.0Release notes
Sourced from node-fetch's releases.
... (truncated)
Commits
9b9d458
feat:AbortError
(#1744)Looks like these dependencies are updatable in another way, so this is no longer needed.