Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)
v2.2.2
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
v2.2.1
Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)
v2.2.2
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
v2.2.1
Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
Bumps the npm_and_yarn group with 26 updates in the /ui directory:
4.14.1
7.0.0
7.14.7
7.24.6
4.1.0
4.1.1
3.0.0
4.1.1
2.6.3
2.6.4
2.2.0
2.2.3
1.0.1
2.2.3
3.2.0
3.2.0
6.5.2
6.5.3
4.2.1
4.2.3
2.2.3
2.2.6
6.0.23
8.4.38
9.8.6
10.4.19
1.0.1
7.1.2
3.0.0
8.1.1
0.2.0
0.2.2
1.1.0
1.1.2
4.17.1
4.19.2
1.14.1
1.15.6
11.12.0
removed
24.9.0
29.7.0
0.2.3
0.4.0
1.4.1
1.4.2
1.4.0
1.4.2
1.2.5
1.2.8
0.10.0
1.3.1
3.11.2
5.0.4
2.5.0
removed
7.0.0
9.0.0
Updates
node-sass
from 4.14.1 to 7.0.0Release notes
Sourced from node-sass's releases.
... (truncated)
Commits
918dcb3
Lint fix0a21792
Set rejectUnauthorized to true by default (#3149)e80d4af
chore: Drop EOL Node 15 (#3122)d753397
feat: Add Node 17 support (#3195)dcf2e75
build(deps-dev): bump eslint from 7.32.0 to 8.0.0bfa1a3c
build(deps): bump actions/setup-node from 2.4.0 to 2.4.180d6c00
chore: Windows x86 on GitHub Actions (#3041)566dc27
build(deps-dev): bump fs-extra from 0.30.0 to 10.0.0 (#3102)7bb5157
build(deps): bump npmlog from 4.1.2 to 5.0.0 (#3156)2efb38f
build(deps): bump chalk from 1.1.3 to 4.1.2 (#3161)Updates
@babel/traverse
from 7.14.7 to 7.24.6Release notes
Sourced from
@babel/traverse
's releases.... (truncated)
Changelog
Sourced from
@babel/traverse
's changelog.... (truncated)
Commits
9630250
v7.24.61f010df
Explicitly defineNodePath.prototype.*
(#16488)6e3539b
[babel 8] Publish.d.ts
files for every package (#16416)e37e64d
Use eslint v9 (#16479)3ff20b9
Statically generate boilerplate for bitfield accessors (#16482)97c3eb1
RemovesyntaxType
option for record-and-tuple (parser&plugin) (#16458)71c247a
[babel 8] Require Node.js^18.20.0 || ^20.10.0 || >=21.0.0
(#16457)ddbea7d
v7.24.5e779cad
fix: TypeScript annotation affects output (#16377)ee48754
Use multiple TypeScript projects (#16430)Updates
ansi-regex
from 4.1.0 to 4.1.1Commits
64735d2
v4.1.175a657d
Fix potential ReDoS (#37)Updates
ansi-regex
from 3.0.0 to 4.1.1Commits
64735d2
v4.1.175a657d
Fix potential ReDoS (#37)Updates
async
from 2.6.3 to 2.6.4Changelog
Sourced from async's changelog.
Commits
c6bdaca
Version 2.6.48870da9
Update built files4df6754
update changelog8f7f903
Fix prototype pollution vulnerability (#1828)Maintainer changes
This version was pushed to npm by hargasinski, a new releaser for async since your current version.
Updates
json5
from 2.2.0 to 2.2.3Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
Commits
c3a7524
2.2.394fd06d
docs: update CHANGELOG for v2.2.33b8cebf
docs(security): use GitHub security advisoriesf0fd9e1
docs: publish a security policy6a91a05
docs(template): bug -> bug report14f8cb1
2.2.210cc7ca
docs: update CHANGELOG for v2.2.27774c10
fix: add proto to objects and arraysedde30a
Readme: slight tweak to intro97286f8
Improve example in readmeUpdates
json5
from 1.0.1 to 2.2.3Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
Commits
c3a7524
2.2.394fd06d
docs: update CHANGELOG for v2.2.33b8cebf
docs(security): use GitHub security advisoriesf0fd9e1
docs: publish a security policy6a91a05
docs(template): bug -> bug report14f8cb1
2.2.210cc7ca
docs: update CHANGELOG for v2.2.27774c10
fix: add proto to objects and arraysedde30a
Readme: slight tweak to intro97286f8
Improve example in readmeUpdates
extract-loader
from 3.2.0 to 3.2.0Changelog
Sourced from extract-loader's changelog.
Commits
Updates
semver
from 5.3.0 to 5.7.1Changelog
Sourced from semver's changelog.
... (truncated)
Commits
c83c18c
5.7.1956e228
Correct typo in README8055dda
5.7.0604e73d
auto-publishing scriptsbed01e2
remove the nomin comments, since we don't minify any more anyway9cb68f1
document parse method38d42ca
5.7 changelogda8a771
Fix code style and get to 100% coverage4d8306b
drop windows testing1af213f
next-gen tap for testingUpdates
qs
from 6.5.2 to 6.5.3Changelog
Sourced from qs's changelog.
Commits
298bfa5
v6.5.3ed0f5dc
[Fix]parse
: ignore__proto__
keys (#428)691e739
[Robustness]stringify
: avoid relying on a globalundefined
(#427)1072d57
[readme] remove travis badge; add github actions/codecov badges; update URLs12ac1c4
[meta] fix README.md (#399)0338716
[actions] backport actions from main5639c20
Clean up license text so it’s properly detected as BSD-3-Clause51b8a0b
add FUNDING.yml45f6759
[Fix] fix for an impossible situation: when the formatter is called with a no...f814a7f
[Dev Deps] backport from mainUpdates
browserify-sign
from 4.2.1 to 4.2.3Changelog
Sourced from browserify-sign's changelog.
Commits
bf2c3ec
v4.2.39247adf
[patch] widen support to 0.12f427270
[Deps] update `parse-asn187f3a35
[Dev Deps] updateaud
,npmignore
,tape
fb261ce
[Deps] updateelliptic
4d0ee49
[patch] drop minimum node support to v19e2bf12
[Deps] pinhash-base
to ~3.0, due to a breaking change168e16f
[Deps] pinelliptic
due to a breaking change37a4758
[actions] remove redundant finisher4af5a90
v4.2.2Maintainer changes
This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.
Updates
cross-fetch
from 2.2.3 to 2.2.6Commits
bfe5fe2
2.2.61a89b66
added caret range to whatwg-fetch.695a888
removed and disabled package-lock.json.eac6c00
Update away from vulnerable version of node-fetch (#135)3abdc67
2.2.5982e107
Locked node-fetch version.0820407
2.2.419fec4e
Fixed vulnerability CVE-2020-15168 by upgrading node-fetch to 2.6.1.Updates
postcss
from 6.0.23 to 8.4.38Release notes
Sourced from postcss's releases.
... (truncated)
Changelog
Sourced from postcss's changelog.
... (truncated)
C... _Description has been truncated_