Fix uri scheme validation (@ChALkeR).
Fix boolean schemas with strictKeywords option (#1270)
v6.12.4
Fix: coercion of one-item arrays to scalar that should fail validation (failing example).
v6.12.3
Pass schema object to processCode function
Option for strictNumbers (@issacgerges, #1128)
Fixed vulnerability related to untrusted schemas (CVE-2020-15366)
Time formats support two digit and colon-less variants of timezone offset (#1061 , @cjpillsbury)
Docs: RegExp related security considerations
Tests: Disabled failing typescript test
This is a prerelease version to test our ability to release.
Other than removing or updating dependencies, it contains no intended user-facing changes.
Bumps the npm_and_yarn group with 18 updates in the / directory:
6.10.2
6.12.6
3.0.2
3.0.3
4.2.0
4.2.1
4.1.0
5.0.2
6.2.0
10.4.0
1.15.2
1.15.6
1.3.5
1.3.8
3.2.1
3.2.2
7.0.0
13.1.2
5.9.0
5.9.2
0.0.8
1.2.7
0.5.1
0.5.6
1.1.0
1.1.1
6.7.0
6.11.0
1.19.0
1.20.2
4.2.1
4.2.4
8.2.3
8.17.1
4.5.3
4.7.5
Updates
ajv
from 6.10.2 to 6.12.6Release notes
Sourced from ajv's releases.
Commits
fe59143
6.12.6d580d3e
Merge pull request #1298 from ajv-validator/fix-urlfd36389
fix: regular expression for "url" format490e34c
docs: link to v7-beta branch9cd93a1
docs: note about v7 in readme877d286
Merge pull request #1262 from b4h0-c4t/refactor-opt-object-typef1c8e45
6.12.5764035e
Merge branch 'ChALkeR-chalker/fix-comma'3798160
Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...a3c7eba
Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...Updates
braces
from 3.0.2 to 3.0.3Commits
74b2db2
3.0.388f1429
update eslint. lint, fix unit tests.415d660
Snyk js braces 6838727 (#40)190510f
fix tests, skip 1 test in test/braces.expand716eb9f
readme bumpa5851e5
Merge pull request #37 from coderaiser/fix/vulnerability2092bd1
feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
remove funding file665ab5d
update keepEscaping doc (#27)Updates
dot-prop
from 4.2.0 to 4.2.1Release notes
Sourced from dot-prop's releases.
Commits
c914124
feat: patch 4.2.0 with fixes for CVE-2020-8116Updates
flat
from 4.1.0 to 5.0.2Commits
e5ffd66
Release 5.0.2fdb79d5
Update dependencies, refresh lockfile, format with standard.e52185d
Test against node 14 in CI.0189cb1
Avoid arrow function syntax.f25d3a1
Release 5.0.154cc7ad
use standard formatting779816e
drop dependencies2eea6d3
Bump lodash from 4.17.15 to 4.17.19a61a554
Bump acorn from 7.1.0 to 7.4.020ef0ef
Fix prototype pollution on unflattenMaintainer changes
This version was pushed to npm by timoxley, a new releaser for flat since your current version.
Updates
mocha
from 6.2.0 to 10.4.0Release notes
Sourced from mocha's releases.
... (truncated)
Changelog
Sourced from mocha's changelog.
... (truncated)
Commits
ffd9557
Release v10.4.07ac67f3
build(deps): bump the github-actions group with 2 updates (#5125)7a2781c
chore: activate dependabot for workflows (#5123)97dcbb2
fix: harden error handling inlib/cli/run.js
(#5074)6f3f45e
fix: xunit integration test (#5122)a5b5652
docs: fix documentation concerning glob expansion on UNIX (#4869)efbb147
feat: add file path to xunit reporter (#4985)a2e600d
fix: closes #5115 (#5116)3735873
feat: include.cause
stacks in the error stack traces (#4829)b88978d
chore: bump ESLint ecmaVersion to 2020 (#5104)Maintainer changes
This version was pushed to npm by voxpelli, a new releaser for mocha since your current version.
Updates
follow-redirects
from 1.15.2 to 1.15.6Commits
35a517c
Release version 1.15.6 of the npm package.c4f847f
Drop Proxy-Authorization across hosts.8526b4a
Use GitHub for disclosure.b1677ce
Release version 1.15.5 of the npm package.d8914f7
Preserve fragment in responseUrl.6585820
Release version 1.15.4 of the npm package.7a6567e
Disallow bracketed hostnames.05629af
Prefer native URL instead of deprecated url.parse.1cba8e8
Prefer native URL instead of legacy url.resolve.72bc2a4
Simplify _processResponse error handling.Updates
ini
from 1.3.5 to 1.3.8Commits
a2c5da8
1.3.8af5c6bb
Do not use Object.create(null)8b648a1
don't test where our devdeps don't even workc74c8af
1.3.7024b8b5
update deps, add linting032fbaf
Use Object.create(null) to avoid default object property hazards2da9039
1.3.6cfea636
better git push script, before publish instead of after56d2805
do not allow invalid hazardous string as section nameMaintainer changes
This version was pushed to npm by isaacs, a new releaser for ini since your current version.
Updates
y18n
from 3.2.1 to 3.2.2Release notes
Sourced from y18n's releases.
Commits
Maintainer changes
This version was pushed to npm by oss-bot, a new releaser for y18n since your current version.
Updates
yargs-parser
from 7.0.0 to 13.1.2Changelog
Sourced from yargs-parser's changelog.
... (truncated)
Commits
Maintainer changes
This version was pushed to npm by oss-bot, a new releaser for yargs-parser since your current version.
Updates
npm-check
from 5.9.0 to 5.9.2Commits
f8ce810
5.9.2edc4a6d
Downgrade depcheck to restore older Node.js supportdcb8bbe
5.9.1c610aa8
Merge pull request #368 from omrilotan/2019-10-29-fix-vulnce892a9
Update depcheck4b633e2
Fix vulnerabilitiesf569c7d
Merge pull request #326 from mansona/fixing-cib713af5
adding later node versions to CI76cefd6
fixing CI for Node 4f47c605
Merge pull request #321 from dyun8080/patch-1Updates
minimist
from 0.0.8 to 1.2.7Changelog
Sourced from minimist's changelog.
... (truncated)
Commits
c590d75
v1.2.70ebf4eb
[meta] addauto-changelog
e115b63
[actions] add reusable workflows01fc23f
[meta] addsafe-publish-latest
f58745b
[eslint] add eslint; rules to enable later are warnings228ae93
[Tests] addaud
inposttest
236f4a0
[readme] rename and add badgesab03356
[Dev Deps] switch fromcovert
tonyc
49c5f9f
[Dev Deps] updatecovert
,tape
; remove unnecessarytap
783a49b
[meta] create FUNDING.yml; addfunding
in package.jsonMaintainer changes
This version was pushed to npm by ljharb, a new releaser for minimist since your current version.
Updates
mkdirp
from 0.5.1 to 0.5.6Commits
92f086d
0.5.62a28125
clean up testsc905d65
update minimist049cf18
0.5.5bea6382
Remove unnecessary umask calls42a012c
0.5.42867920
fix infinite loop on windows machinesd784e70
0.5.3d612c5d
add files list so this package isn't a monsterb2e7ba0
0.5.2Maintainer changes
This version was pushed to npm by isaacs, a new releaser for mkdirp since your current version.
Updates
pathval
from 1.1.0 to 1.1.1Release notes
Sourced from pathval's releases.
Commits
db6c3e3
chore: v1.1.17859e0e
Merge pull request #60 from deleonio/fix/vulnerability-prototype-pollution49ce1f4
style: correct rule in package.jsonc77b9d2
fix: prototype pollution vulnerability + working tests49031e4
chore: remove very old nodejs57730a9
chore: update deps and tool configurationa123018
Merge pull request #55 from chaijs/remove-lgtm07eb4a8
Delete MAINTAINERSa0147cd
Merge pull request #54 from astorije/patch-1aebb278
Center repo name on READMEMaintainer changes
This version was pushed to npm by chai, a new releaser for pathval since your current version.
Updates
qs
from 6.7.0 to 6.11.0Changelog
Sourced from qs's changelog.
... (truncated)
Commits
56763c1
v6.11.0ddd3e29
[readme] fix version badgec313472
[New] [Fix]stringify
: revert 0e903c0; addcommaRoundTrip
option95bc018
v6.10.50e903c0
[Fix]stringify
: witharrayFormat: comma
, properly include an explicit `[...ba9703c
v6.10.44e44019
[Fix]stringify
: witharrayFormat: comma
, include an explicit[]
on a s...113b990
[Dev Deps] updateobject-inspect
c77f38f
[Dev Deps] updateeslint
,@ljharb/eslint-config
,aud
,has-symbol
,tape
2cf45b2
[meta] usenpmignore
to autogenerate an npmignore fileUpdates
body-parser
from 1.19.0 to 1.20.2Release notes
Sourced from body-parser's releases.
Changelog
Sourced from body-parser's changelog.
... (truncated)
Commits
ee91374
1.20.2368a93a
Fix strict json error message on Node.js 19+0385872
deps: raw-body@2.5.22c35b41
build: eslint@8.34.0f0646c2
build: Node.js@18.14f345fb1
build: Node.js@14.216842efc
deps: content-type@~1.0.55af7315
build: eslint-plugin-promise@6.1.18e605b3
build: supertest@6.3.3cba6e77
build: mocha@10.2.0Updates
socket.io-parser
from 4.2.1 to 4.2.4Release notes
Sourced from socket.io-parser's releases.