chore(deps): bump strapi-plugin-meilisearch from 0.9.1 to 0.9.2

dependabot[bot] commented 1 year ago

Bumps strapi-plugin-meilisearch from 0.9.1 to 0.9.2.

Release notes

Sourced from strapi-plugin-meilisearch's releases.

v0.9.2 🚀

🔒 Security

⚠️ Update your strapi-plugin-meilisearch ASAP. When defining private fields, they should not be sent to Meilisearch since those indexed fields will be publicly available in public routes like /search. ⚠️ Reindex your collections.

Fix data leaked of private fields: (#703) @brunoocasali

Other security fixes on yarn.lock:

Bump json5 from 1.0.1 to 1.0.2 (#676)

Bump minimist from 1.2.5 to 1.2.8 (#674)

Thanks again to @brunoocasali! 🎉

Commits

066ab18 Merge #704
3af11c8 Update package.json
da3c639 Merge pull request #703 from meilisearch/fix-leak
96c1da1 Rollback update of @strapi/utils to ^4.5.4
b9976ec Update yarn.lock of playground
c9b97a4 Fix data leak of private fields
fe3b489 Merge #699
8d7af70 Merge #668 #674
7bf4546 Merge #676
a798745 Merge #701
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] commented 1 year ago

The following labels could not be found: bot.