Treat a backslash in the authority section as a delimiter which starts the
path section (CVE-2023-28628, with thanks to @luigigubello for the report)
1.13.95 (2022-01-28 / a9cbeff)
Fixed
Fix a stack overflow in normalize/char-seq for really large query parameter
values
1.12.89 (2021-11-29 / 2118a75)
Changed
Support toString on Babashka (requires recent bb)
1.11.86 (2021-10-28 / 22c27af)
Fixed
Fixed an issue in lambdaisland.uri.normalize/normalize-query which did
not take into account utf-16 encoding.
1.10.79 (2021-10-12 / d90c6a8)
Changed
lambdaisland.uri.normalize/normalize now also normalizes the fragment.
1.4.74 (2021-09-06 / e07f9fd)
Added
uri-str as an explicit lambdaisland.uri.URI to string conversion
Fixed
Fixed compatibility with Babashka/SCI. Note that on babashka we can't
implement IFn or toString, so converting a URI back to a string needs to be
done explicitly with uri-str, and it is not possible to use a URI as a
function. ((:path uri) is ok, (uri :path) is not).
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/WormBase/pseudoace/network/alerts).
Bumps uri from 1.4.49 to 1.14.120.
Release notes
Sourced from uri's releases.
Changelog
Sourced from uri's changelog.
... (truncated)
Commits
416ba61
# 1.14.120 (2023-03-27 / a1da1b7)a1da1b7
Bump tooling and test dependencies75351af
More repl sessionsf46db3e
Merge pull request from GHSA-cp4w-6x4w-v2h567063ed
Treat a backslash in the authority section as part of the pathd3355fc
Poke morea316751
Merge pull request #39 from lambdaisland/laurence/fix-README-bug-on-using-domaind9ec7ff
fix README173b91e
Merge pull request #38 from lambdaisland/alysbrooks-bump-ci278540e
Pin Babashka for tests for nowDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/WormBase/pseudoace/network/alerts).