Changelog
*Sourced from [helmet's changelog](https://github.com/helmetjs/helmet/blob/master/CHANGELOG.md).*
> ## 3.18.0 - 2019-05-05
> ### Added
> - `featurePolicy` has 19 new features: `ambientLightSensor`, `documentDomain`, `documentWrite`, `encryptedMedia`, `fontDisplayLateSwap`, `layoutAnimations`, `legacyImageFormats`, `loadingFrameDefaultEager`, `oversizedImages`, `pictureInPicture`, `serial`, `syncScript`, `unoptimizedImages`, `unoptimizedLosslessImages`, `unoptimizedLossyImages`, `unsizedMedia`, `verticalScroll`, `wakeLock`, and `xr`
>
> ### Changed
> - Updated `expect-ct` to v0.2.0
> - Updated `feature-policy` to v0.3.0
> - Updated `frameguard` to v3.1.0
> - Updated `nocache` to v2.1.0
>
> ## 3.17.0 - 2019-05-03
> ### Added
> - `referrerPolicy` now supports multiple values
>
> ### Changed
> - Updated `referrerPolicy` to v1.2.0
Commits
- [`238d3a4`](https://github.com/helmetjs/helmet/commit/238d3a4c35b6f2ea13b12957dd0cd0a6e332df88) 3.18.0
- [`65a5d23`](https://github.com/helmetjs/helmet/commit/65a5d23be9302104a9831f9a5bf5853b5761ec41) Update expect-ct, feature-policy, frameguard, and nocache
- [`6ac5e84`](https://github.com/helmetjs/helmet/commit/6ac5e843af380946f962ac1b26d2fb5652de0aef) Minor: remove line breaks from CHANGELOG markdown
- [`87f8d15`](https://github.com/helmetjs/helmet/commit/87f8d15b6708f728c7969ccc5aee1a1517a076b5) 3.17.0
- [`d13893c`](https://github.com/helmetjs/helmet/commit/d13893cc32084069c0a9566ceab9ce22ad0bc95d) Update devDependencies to latest versions
- [`ea6c415`](https://github.com/helmetjs/helmet/commit/ea6c415fddf3ed4e66133a971cea509f2be362b4) Update referrer-policy to 1.2.0
- [`f7a531a`](https://github.com/helmetjs/helmet/commit/f7a531a8036615e5542aec5868cc8a05a386f8db) Whitelist published files with `files`
- [`123e93c`](https://github.com/helmetjs/helmet/commit/123e93ced0ad903b72cfd95da0537355ccd4abb9) 3.16.0
- [`e9c6eab`](https://github.com/helmetjs/helmet/commit/e9c6eabe450b5b41e7db8b34f9aedebe123069f9) Update changelog for 3.16.0 release
- [`1cff218`](https://github.com/helmetjs/helmet/commit/1cff21896da47d8c2c37187f3969f30143723364) Update ienoopen to v1.1.0
- Additional commits viewable in [compare view](https://github.com/helmetjs/helmet/compare/v3.16.0...v3.18.0)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Automerge options (never/patch/minor, and dev/runtime dependencies)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Finally, you can contact us by mentioning @dependabot.
Bumps helmet from 3.16.0 to 3.18.0.
Changelog
*Sourced from [helmet's changelog](https://github.com/helmetjs/helmet/blob/master/CHANGELOG.md).* > ## 3.18.0 - 2019-05-05 > ### Added > - `featurePolicy` has 19 new features: `ambientLightSensor`, `documentDomain`, `documentWrite`, `encryptedMedia`, `fontDisplayLateSwap`, `layoutAnimations`, `legacyImageFormats`, `loadingFrameDefaultEager`, `oversizedImages`, `pictureInPicture`, `serial`, `syncScript`, `unoptimizedImages`, `unoptimizedLosslessImages`, `unoptimizedLossyImages`, `unsizedMedia`, `verticalScroll`, `wakeLock`, and `xr` > > ### Changed > - Updated `expect-ct` to v0.2.0 > - Updated `feature-policy` to v0.3.0 > - Updated `frameguard` to v3.1.0 > - Updated `nocache` to v2.1.0 > > ## 3.17.0 - 2019-05-03 > ### Added > - `referrerPolicy` now supports multiple values > > ### Changed > - Updated `referrerPolicy` to v1.2.0Commits
- [`238d3a4`](https://github.com/helmetjs/helmet/commit/238d3a4c35b6f2ea13b12957dd0cd0a6e332df88) 3.18.0 - [`65a5d23`](https://github.com/helmetjs/helmet/commit/65a5d23be9302104a9831f9a5bf5853b5761ec41) Update expect-ct, feature-policy, frameguard, and nocache - [`6ac5e84`](https://github.com/helmetjs/helmet/commit/6ac5e843af380946f962ac1b26d2fb5652de0aef) Minor: remove line breaks from CHANGELOG markdown - [`87f8d15`](https://github.com/helmetjs/helmet/commit/87f8d15b6708f728c7969ccc5aee1a1517a076b5) 3.17.0 - [`d13893c`](https://github.com/helmetjs/helmet/commit/d13893cc32084069c0a9566ceab9ce22ad0bc95d) Update devDependencies to latest versions - [`ea6c415`](https://github.com/helmetjs/helmet/commit/ea6c415fddf3ed4e66133a971cea509f2be362b4) Update referrer-policy to 1.2.0 - [`f7a531a`](https://github.com/helmetjs/helmet/commit/f7a531a8036615e5542aec5868cc8a05a386f8db) Whitelist published files with `files` - [`123e93c`](https://github.com/helmetjs/helmet/commit/123e93ced0ad903b72cfd95da0537355ccd4abb9) 3.16.0 - [`e9c6eab`](https://github.com/helmetjs/helmet/commit/e9c6eabe450b5b41e7db8b34f9aedebe123069f9) Update changelog for 3.16.0 release - [`1cff218`](https://github.com/helmetjs/helmet/commit/1cff21896da47d8c2c37187f3969f30143723364) Update ienoopen to v1.1.0 - Additional commits viewable in [compare view](https://github.com/helmetjs/helmet/compare/v3.16.0...v3.18.0)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) Finally, you can contact us by mentioning @dependabot.