Pass schema object to processCode function
Option for strictNumbers (@issacgerges, #1128)
Fixed vulnerability related to untrusted schemas (CVE-2020-15366)
Time formats support two digit and colon-less variants of timezone offset (#1061 , @cjpillsbury)
Docs: RegExp related security considerations
Tests: Disabled failing typescript test
v6.10.2
Fix: the unknown keywords were ignored with the option strictKeywords: true (instead of failing compilation) in some sub-schemas (e.g. anyOf), when the sub-schema didn't have known keywords.
Option useDefaults: "empty" to replace null and "" (empty strings) with default values (in addition to assigning defaults to missing and undefined properties).
Update draft-04 meta-schema to remove incorrect usage of "uri" format.
You can trigger a rebase of this PR by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/department-of-veterans-affairs/vets-json-schema/network/alerts).
Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
Bumps the npm_and_yarn group with 3 updates in the / directory: ajv, @babel/traverse and braces.
Updates
ajv
from 4.11.8 to 6.12.3Release notes
Sourced from ajv's releases.
... (truncated)
Commits
521c3a5
6.12.3bd7107b
Merge pull request #1229 from ajv-validator/dependabot/npm_and_yarn/mocha-8.0.19c26bb2
Merge pull request #1234 from ajv-validator/dependabot/npm_and_yarn/eslint-7.3.1c6a6daa
Merge branch 'master' into dependabot/npm_and_yarn/mocha-8.0.115eda23
Merge branch 'master' into dependabot/npm_and_yarn/eslint-7.3.1d6aabb8
test: remove node 8 from travis testc4801ca
Merge pull request #1242 from ajv-validator/refactor988982d
ignore proto propertiesf2b1e3d
whitespace65e3678
Merge pull request #1239 from GrahamLea/patch-1Updates
@babel/traverse
from 7.21.4 to 7.24.7Release notes
Sourced from
@babel/traverse
's releases.... (truncated)
Changelog
Sourced from
@babel/traverse
's changelog.... (truncated)
Commits
bf1e9a3
v7.24.74463aa5
fix: incorrectconstantViolations
with destructuring (#16522)07bd000
ImprovegetBindingIdentifiers
(#16544)17a5502
[Babel 8] Removeextra.shorthand
(#16521)7934963
Usetype: module
in allpackage.json
s (#16535)9630250
v7.24.61f010df
Explicitly defineNodePath.prototype.*
(#16488)6e3539b
[babel 8] Publish.d.ts
files for every package (#16416)e37e64d
Use eslint v9 (#16479)3ff20b9
Statically generate boilerplate for bitfield accessors (#16482)Updates
braces
from 3.0.2 to 3.0.3Commits
74b2db2
3.0.388f1429
update eslint. lint, fix unit tests.415d660
Snyk js braces 6838727 (#40)190510f
fix tests, skip 1 test in test/braces.expand716eb9f
readme bumpa5851e5
Merge pull request #37 from coderaiser/fix/vulnerability2092bd1
feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
remove funding file665ab5d
update keepEscaping doc (#27)You can trigger a rebase of this PR by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show