c59f537b1#7019 - Modify base64 decoding logic to throw on invalid input, rather than silently truncating it.
1.9.2
Patch Changes
d071bd1ac#7007 (fixes #7005) - Move exports.default fields to always be the last field. This fixes a bug caused in 9.17.0 that prevented some bundlers and frameworks from building.
1.9.1
Patch Changes
0bab0b7a7#6981 - Added browser CJS entry points (expected by Jest when using JSDOM mode).
1.9.0
Minor Changes
06dc1364d#6901 - Allow users to specify their environment as node or browser to override Firebase's runtime environment detection and force the SDK to act as if it were in the respective environment.
Patch Changes
d4114a4f7#6874 (fixes #6838) - Reformat a comment that causes compile errors in some build toolchains.
Fix uri scheme validation (@​ChALkeR).
Fix boolean schemas with strictKeywords option (#1270)
v6.12.4
Fix: coercion of one-item arrays to scalar that should fail validation (failing example).
v6.12.3
Pass schema object to processCode function
Option for strictNumbers (@​issacgerges, #1128)
Fixed vulnerability related to untrusted schemas (CVE-2020-15366)
Time formats support two digit and colon-less variants of timezone offset (#1061 , @​cjpillsbury)
Docs: RegExp related security considerations
Tests: Disabled failing typescript test
Bumps the npm_and_yarn group with 19 updates in the /grr/server/grr_response_server/gui/static directory:
1.8.2
1.8.3
0.7.0
4.0.10
2.29.1
2.29.4
4.3.0
6.3.16
0.2.50
1.9.6
7.15.5
10.12.2
5.7.0
5.7.2
5.7.1
5.7.2
6.10.2
6.12.6
6.5.2
6.5.3
2.0.4
2.0.5
0.2.0
0.2.2
1.2.9
1.2.13
1.3.5
1.3.8
0.2.3
0.4.0
1.4.1
1.4.2
2.88.0
removed
3.10.3
3.13.1
3.2.1
3.2.2
5.0.0
5.0.1
Bumps the npm_and_yarn group with 12 updates in the /grr/server/grr_response_server/gui/ui directory:
0.7.0
4.0.10
6.3.20
6.4.3
5.7.1
5.7.2
1.15.2
1.15.6
2.3.2
2.3.3
6.1.13
6.2.1
15.2.5
15.2.6
7.21.4
7.24.7
1.4.1
3.1.0
5.16.0
7.9.0
4.18.2
4.19.2
5.3.3
5.3.4
Updates
angular
from 1.8.2 to 1.8.3Changelog
Sourced from angular's changelog.
Commits
cf16b24
docs(changelog): add release notes for 1.8.3757d56e
docs(*): update end-of-life messages (#17177)f362437
docs(eol): add EOL options text and link to template header used in every pagefb04e42
test(Angular): fixangularInit()
tests on Safari v15+6a52c4f
test(input): fix tests on Firefox v93+ed30c4d
docs(README.md): add wiki link to MVC4032655
chore(deps): bump js-yaml from 3.5.5 to 3.14.147f8c65
chore(deps): bump normalize-url from 4.5.0 to 4.5.156b0ee3
chore(e2e): run tests against Chrome 91 on macOS Catalina58cd897
chore(e2e): run tests against Firefox 85 on macOS CatalinaUpdates
marked
from 0.7.0 to 4.0.10Release notes
Sourced from marked's releases.
... (truncated)
Commits
ae01170
chore(release): 4.0.10 [skip ci]fceda57
🗜️ build [skip ci]8f80657
fix(security): fix redos vulnerabilitiesc4a3ccd
Merge pull request from GHSA-rrrm-qjm4-v8hfd7212a6
chore(deps-dev): Bump jasmine from 4.0.0 to 4.0.1 (#2352)5a84db5
chore(deps-dev): Bump rollup from 2.62.0 to 2.63.0 (#2350)2bc67a5
chore(deps-dev): Bump markdown-it from 12.3.0 to 12.3.2 (#2351)98996b8
chore(deps-dev): Bump@​babel/preset-env
from 7.16.5 to 7.16.7 (#2353)ebc2c95
chore(deps-dev): Bump highlight.js from 11.3.1 to 11.4.0 (#2354)e5171a9
chore(release): 4.0.9 [skip ci]Updates
moment
from 2.29.1 to 2.29.4Changelog
Sourced from moment's changelog.
Commits
000ac18
Build 2.24.4f2006b6
Bump version to 2.24.4536ad0c
Update changelog for 2.29.49a3b589
[bugfix] Fix redos in preprocessRFC2822 regex (#6015)6374fd8
Merge branch 'master' into developb4e6153
Revert "[bugfix] Fix redos in preprocessRFC2822 regex (#6015)"7aebb16
[bugfix] Fix redos in preprocessRFC2822 regex (#6015)57c9062
Build 2.29.3aaf50b6
Fixup release complaints26f4aef
Bump version to 2.29.3Updates
karma
from 4.3.0 to 6.3.16Release notes
Sourced from karma's releases.
... (truncated)
Changelog
Sourced from karma's changelog.
... (truncated)
Commits
ab4b328
chore(release): 6.3.16 [skip ci]ff7edbb
fix(security): mitigate the "Open Redirect Vulnerability"c1befa0
chore(release): 6.3.15 [skip ci]d9dade2
fix(helper): make mkdirIfNotExists helper resilient to concurrent calls653c762
ci: prevent duplicate CI tasks on creating a PRc97e562
chore(release): 6.3.14 [skip ci]91d5acd
fix: remove string template from client code69cfc76
fix: warn whensingleRun
andautoWatch
arefalse
839578c
fix(security): remove XSS vulnerability inreturnUrl
query paramdb53785
chore(release): 6.3.13 [skip ci]Updates
@firebase/util
from 0.2.50 to 1.9.6Changelog
Sourced from
@​firebase/util
's changelog.... (truncated)
Commits
8fb372a
Version Packages (#8236)13762a4
Version Packages (#8101)0c51501
Run npm pkg fix on all packages (#8079)9fa0e9f
Version Packages (#7995)434f841
Fix isSafari() throwing on React Native (fixes #7962) (#7963)ebc694a
Comment changes for OSS (#7778)2be12d7
[CI] update chrome install steps for Auth builds. (#7602)2e7e548
Version Packages (#7069)c59f537
Improve decodeBase64() to throw on invalid input rather than silently accept ...3d605f8
Version Packages (#7008)Updates
firebase
from 7.15.5 to 10.12.2Release notes
Sourced from firebase's releases.
... (truncated)
Commits
d92d01e
Version Packages (#8264)a8bdda6
Merge master into release52d6266
Add vertex preview token to canary deploy workflow. (#8262)0af23e0
Generate dts rollups for auth webextension and cordova (#8251)370b6c8
Add toc (#8257)aa060a7
More robust clean up after unexpected docgen process exits. (#8260)3883133
Fix typings issue (#8256)7381f21
Version Packages (#8254)ff65c13
Merge master into release43a8d99
Add job to create a GitHub release (#8248)Updates
@grpc/grpc-js
from 1.1.1 to 1.9.15Release notes
Sourced from
@​grpc/grpc-js
's releases.... (truncated)
Commits
Updates
semver
from 5.7.0 to 5.7.2Release notes
Sourced from semver's releases.
Changelog
Sourced from semver's changelog.
Commits
f8cc313
chore: release 5.7.22f8fd41
fix: better handling of whitespace (#585)deb5ad5
chore:@​npmcli/template-oss
@​4
.16.0c83c18c
5.7.1956e228
Correct typo in READMEMaintainer changes
This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.
Updates
semver
from 5.7.1 to 5.7.2Release notes
Sourced from semver's releases.
Changelog
Sourced from semver's changelog.
Commits
f8cc313
chore: release 5.7.22f8fd41
fix: better handling of whitespace (#585)deb5ad5
chore:@​npmcli/template-oss
@​4
.16.0c83c18c
5.7.1956e228
Correct typo in READMEMaintainer changes
This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.
Updates
ajv
from 6.10.2 to 6.12.6Release notes
Sourced from ajv's releases.
Commits
fe59143
6.12.6d580d3e
Merge pull request #1298 from ajv-validator/fix-urlfd36389
fix: regular expression for "url" format490e34c
docs: link to v7-beta branch9cd93a1
docs: note about v7 in readme877d286
Merge pull request #1262 from b4h0-c4t/refactor-opt-object-typef1c8e45
6.12.5764035e
Merge branch 'ChALkeR-chalker/fix-comma'3798160
Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...a3c7eba
Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...Updates
qs
from 6.5.2 to 6.5.3Changelog
Sourced from qs's changelog.
Commits
298bfa5
v6.5.3ed0f5dc
[Fix]parse
: ignore__proto__
keys (#428)691e739
[Robustness]stringify
: avoid relying on a globalundefined
(#427)1072d57
[readme] remove travis badge; add github actions/codecov badges; update URLs12ac1c4
[meta] fix README.md (#399)0338716
[actions] backport actions from main5639c20
Clean up license text so it’s properly detected as BSD-3-Clause51b8a0b
add FUNDING.yml45f6759
[Fix] fix for an impossible situation: when the formatter is called with a no...f814a7f
[Dev Deps] backport from mainUpdates
copy-props
from 2.0.4 to 2.0.5Commits
Updates
decode-uri-component
from 0.2.0 to 0.2.2Release notes
Sourced from decode-uri-component's releases.
Commits
a0eea46
0.2.2980e0bf
Prevent overwriting previously decoded tokens3c8a373
0.2.176abc93
Switch to GitHub workflows746ca5d
Fix issue where decode throws - fixes #6486d7e2
Update license (#1)a650457
Tidelift tasks66e1c28
Meta tweaksUpdates
follow-redirects
from 1.9.0 to 1.15.6Commits
35a517c
Release version 1.15.6 of the npm package.c4f847f
Drop Proxy-Authorization across hosts.8526b4a
Use GitHub for disclosure.b1677ce
Release version 1.15.5 of the npm package.d8914f7
Preserve fragment in responseUrl.6585820
Release version 1.15.4 of the npm package.7a6567e
Disallow bracketed hostnames.05629af
Prefer native URL instead of deprecated url.parse.1cba8e8
Prefer native URL instead of legacy url.resolve.72bc2a4
Simplify _processResponse error handling.Updates
fsevents
from 1.2.9 to 1.2.13Release notes
Sourced from fsevents's releases.
Commits
844a05d
Version Bumpf393f2a
Only build fsevents on macOS (#322)6a281a7
[publish binary]acc2bce
[publish binary]f532b6e
[publish binary]4c6a1c0
Add node 13 to travis matrix.92e40aa
Release 1.2.12.909af26
Release v1.2.117074adb
Release v1.2.10Updates
ini
from 1.3.5 to 1.3.8Commits
a2c5da8
1.3.8af5c6bb
Do not use Object.create(null)8b648a1
don't test where our devdeps don't even workc74c8af
1.3.7024b8b5
update deps, add linting032fbaf
Use Object.create(null) to avoid default object property hazards2da9039
1.3.6cfea636
better git push script, before publish instead of after56d2805
do not allow invalid hazardous string as section nameMaintainer changes
This version was pushed to npm by isaacs, a new releaser for ini since your current version.
Updates
minimist
from 0.0.8 to 1.2.8Changelog
Sourced from minimist's changelog.