search

celeroncoder / notary-API

Notes App with NestJS-Typescript, MongoDB.
MIT License
2 stars 1 forks source link

chore(deps): bump class-validator from 0.13.1 to 0.13.2 #67

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps class-validator from 0.13.1 to 0.13.2.

Changelog

Sourced from class-validator's changelog.

0.13.2 (2021-11-20)

NOTE: This version fixes a security vulnerability allowing denial of service attacks with a specially crafted request payload. Please update as soon as possible.

Fixed

  • switched to use Array.isArray in array checks from instanceof operator

Changed

  • libphonenumber-js package updated to 1.9.43 from 1.9.7
  • validator package updated to 13.5.2 from 13.5.2
  • various dev-dependencies updated
Commits
  • 5f91937 merge: release 0.13.2 (#1409)
  • 8e841ef refactor: ignore linter error
  • 6a57621 refactor: format code with latest Prettier
  • 6c50113 build: bump version to 0.13.2
  • 495a275 docs: add changelog for 0.13.2
  • 70278ab build: move @​types/validator to dev dependencies
  • bdcf15c fix: use Array.isArray instead of instanceof checks
  • c6984bb build: squash dependabot commits into one since last release
  • d0cb39f build: update GH action for Dependabot auto-merge
  • 945f154 build(deps-dev): bump eslint-plugin-jest from 24.1.9 to 24.3.2 (#973)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @khushalbhardwaj-0111.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
ghost commented 2 years ago

CodeSee Review Map:

Review these changes using an interactive CodeSee Map

Review in an interactive map

View more CodeSee Maps

Legend

CodeSee Map Legend

celeroncoder commented 2 years ago

@dependabot merge