PhantomRay
commented
1 year ago was wondering the same thing. I checked all commits, the changes are minor though.
Closed mtdvlpr closed 1 year ago
PhantomRay
commented
1 year ago was wondering the same thing. I checked all commits, the changes are minor though.
Leonidas-from-XIV
commented
1 year ago Yes, there is #603 which might break dependencies (see the tests changed in the same commit) but was required to address CVE-2023-0842. Hence I released it as 0.5.0 and not 0.4.24 (which I would have preferred).
If your dependencies are affected mostly depends how they use the returned object.
thetumper
commented
1 year ago Seeing breaking changes, with "[Object: null prototype]" being added at each level of Object/nested Object. Others are experiencing as well. E.g., https://github.com/mattdesl/parse-bmfont-xml/pull/5. I'm using the same workaround:
JSON.parse(JSON.stringify(result). Not sure if there is a better solution, either in this lib, or in using code?
Leonidas-from-XIV
commented
1 year ago Probably either by comparing it with a value that doesn't have prototypes or using a comparison function that ignores prototypes.
Hi, are there any breaking changes that prevent me from forcing my sub-dependencies to use
0.5.0instead of0.4.23?