Fix uri scheme validation (@ChALkeR).
Fix boolean schemas with strictKeywords option (#1270)
v6.12.4
Fix: coercion of one-item arrays to scalar that should fail validation (failing example).
v6.12.3
Pass schema object to processCode function
Option for strictNumbers (@issacgerges, #1128)
Fixed vulnerability related to untrusted schemas (CVE-2020-15366)
Update the type definitions of write() and end() methods on
Unpack and Parser classes to be compatible with the
NodeJS.WritableStream type in the latest versions of
@types/node.
7.0
Rewrite in TypeScript, provide ESM and CommonJS hybrid
interface
Add tree-shake friendly exports, like import('tar/create')
and import('tar/read-entry') to get individual functions or
classes.
Add chmod option that defaults to false, and deprecate
noChmod. That is, reverse the default option regarding
explicitly setting file system modes to match tar entry
settings.
Add processUmask option to avoid having to call
process.umask() when chmod: true (or noChmod: false) is
set.
6.2
Add support for brotli compression
Add maxDepth option to prevent extraction into excessively
deep folders.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/PaystackHQ/nigerialogos/network/alerts).
Bumps the npm_and_yarn group with 5 updates in the / directory:
4.13.17.0.00.2.00.2.20.0.81.2.80.5.10.5.61.7.21.8.1Updates
node-sassfrom 4.13.1 to 7.0.0Release notes
Sourced from node-sass's releases.
... (truncated)
Changelog
Sourced from node-sass's changelog.
Commits
918dcb3Lint fix0a21792Set rejectUnauthorized to true by default (#3149)e80d4afchore: Drop EOL Node 15 (#3122)d753397feat: Add Node 17 support (#3195)dcf2e75build(deps-dev): bump eslint from 7.32.0 to 8.0.0bfa1a3cbuild(deps): bump actions/setup-node from 2.4.0 to 2.4.180d6c00chore: Windows x86 on GitHub Actions (#3041)566dc27build(deps-dev): bump fs-extra from 0.30.0 to 10.0.0 (#3102)7bb5157build(deps): bump npmlog from 4.1.2 to 5.0.0 (#3156)2efb38fbuild(deps): bump chalk from 1.1.3 to 4.1.2 (#3161)Updates
ajvfrom 6.11.0 to 6.12.6Release notes
Sourced from ajv's releases.
Commits
fe591436.12.6d580d3eMerge pull request #1298 from ajv-validator/fix-urlfd36389fix: regular expression for "url" format490e34cdocs: link to v7-beta branch9cd93a1docs: note about v7 in readme877d286Merge pull request #1262 from b4h0-c4t/refactor-opt-object-typef1c8e456.12.5764035eMerge branch 'ChALkeR-chalker/fix-comma'3798160Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...a3c7ebaMerge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...Updates
decode-uri-componentfrom 0.2.0 to 0.2.2Release notes
Sourced from decode-uri-component's releases.
Commits
a0eea460.2.2980e0bfPrevent overwriting previously decoded tokens3c8a3730.2.176abc93Switch to GitHub workflows746ca5dFix issue where decode throws - fixes #6486d7e2Update license (#1)a650457Tidelift tasks66e1c28Meta tweaksUpdates
json-schemafrom 0.2.3 to 0.4.0Commits
f6f6a3bUse a little more robust method of checking instancesef60987Update versionb62f1daProtect against constructor modification, #84fb427cdLink to json-schema-org repository in addition to site, fixes #5422f1461Don't allow proto property to be used for schema default/coerce, fixes #84c52a27cGet basic test to passb3f42b3Add security policy3b0cec3Update versionc28470fUpdate readme to acknowledge the state of the package7dff9cdMerge pull request #81 from hodovani/patch-1Updates
minimistfrom 0.0.8 to 1.2.8Changelog
Sourced from minimist's changelog.
... (truncated)
Commits
6901ee2v1.2.8a026794Merge tag 'v0.2.3'c0b2661v0.2.363b8fee[Fix] Fix long option followed by single dash (#17)72239e6[Tests] Remove duplicate test (#12)34b0f1c[eslint] fix indentation3226afa[Dev Deps] add missingnpmignoredev dep098873c[Dev Deps] update@ljharb/eslint-config,aud9ec4d27[Fix] Fix long option followed by single dashba92fe6[actions] Avoid 0.6 tests due to build failuresMaintainer changes
This version was pushed to npm by ljharb, a new releaser for minimist since your current version.
Updates
mkdirpfrom 0.5.1 to 0.5.6Commits
92f086d0.5.62a28125clean up testsc905d65update minimist049cf180.5.5bea6382Remove unnecessary umask calls42a012c0.5.42867920fix infinite loop on windows machinesd784e700.5.3d612c5dadd files list so this package isn't a monsterb2e7ba00.5.2Maintainer changes
This version was pushed to npm by isaacs, a new releaser for mkdirp since your current version.
Updates
qsfrom 6.5.2 to 6.5.3Changelog
Sourced from qs's changelog.
Commits
298bfa5v6.5.3ed0f5dc[Fix]parse: ignore__proto__keys (#428)691e739[Robustness]stringify: avoid relying on a globalundefined(#427)1072d57[readme] remove travis badge; add github actions/codecov badges; update URLs12ac1c4[meta] fix README.md (#399)0338716[actions] backport actions from main5639c20Clean up license text so it’s properly detected as BSD-3-Clause51b8a0badd FUNDING.yml45f6759[Fix] fix for an impossible situation: when the formatter is called with a no...f814a7f[Dev Deps] backport from mainUpdates
requestfrom 2.88.0 to 2.88.2Changelog
Sourced from request's changelog.
Commits
Updates
shell-quotefrom 1.7.2 to 1.8.1Changelog
Sourced from shell-quote's changelog.
... (truncated)
Commits
da8a3abv1.8.1a66de94[Tests] increase coverageb42ac73[Refactor]parse: hoistgetVarto module levelfcb2e1a[Refactor]parse: usesliceoversubstr, cache some valuesecf2a60[Fix]parse: preserve whitespace in comments1d58679[Refactor]parse: avoid shadowing a function arg6780ec5[Refactor]parse: a bit of cleanup227d474[Refactor]parse: tweak the regex to not match nothing7bcd90e[Fix] properly support theescapeoption8f0c5c3[Refactor] hoist some vars to module levelMaintainer changes
This version was pushed to npm by ljharb, a new releaser for shell-quote since your current version.
Updates
tarfrom 2.2.2 to 6.2.1Release notes
Sourced from tar's releases.
Changelog
Sourced from tar's changelog.
... (truncated)
Commits
bef7b1e6.2.1fe8cd57prevent extraction in excessively deep subfoldersfe7ebfdremove security.md5bc9d406.2.0fe1ef5echangelog 6.2e483220get rid of npm lint stuff689928aci that works outside of npm orgdb6f539file inference improvements for .tbr and .tgz336fa8frefactor: dry and other pr commentseeba222chore: lint fixesUpdates
tough-cookiefrom 2.4.3 to 2.5.0Commits
7c1fdf12.5.09ff4ba5Qualify the store.removeAllCookies documentation1855bf3Additional documentation for removeAllCookies5cc9bd2Extract tests, cover multiple error path28f0808Only call removeAllCookies if actually implemented62802efremove all cookies from cookie jar at once (#115)8783d46Remove left-over mention of MPL from README8302ebcMerge pull request #121 from salesforce/punycode-2.1d6ea115Merge pull request #120 from salesforce/no-package-lockb897b49Merge pull request #119 from salesforce/inline-versionDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show