Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)
v2.2.2
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
v2.2.1
Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)
v2.2.2
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
v2.2.1
Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
Bumps the npm_and_yarn group with 26 updates in the /ui directory:
4.14.1
7.0.0
7.14.7
7.24.7
4.1.0
4.1.1
3.0.0
4.1.1
2.6.3
2.6.4
2.2.0
2.2.3
1.0.1
2.2.3
3.2.0
3.2.0
6.5.2
6.5.3
4.2.1
4.2.3
2.2.3
2.2.6
6.0.23
8.4.38
9.8.6
10.4.19
1.0.1
7.1.2
3.0.0
8.1.1
0.2.0
0.2.2
1.1.0
1.1.2
4.17.1
4.19.2
1.14.1
1.15.6
11.12.0
removed
24.9.0
29.7.0
0.2.3
0.4.0
1.4.1
1.4.2
1.4.0
1.4.2
1.2.5
1.2.8
0.10.0
1.3.1
3.11.2
5.0.4
2.5.0
removed
7.0.0
9.0.0
Updates
node-sass
from 4.14.1 to 7.0.0Release notes
Sourced from node-sass's releases.
... (truncated)
Commits
918dcb3
Lint fix0a21792
Set rejectUnauthorized to true by default (#3149)e80d4af
chore: Drop EOL Node 15 (#3122)d753397
feat: Add Node 17 support (#3195)dcf2e75
build(deps-dev): bump eslint from 7.32.0 to 8.0.0bfa1a3c
build(deps): bump actions/setup-node from 2.4.0 to 2.4.180d6c00
chore: Windows x86 on GitHub Actions (#3041)566dc27
build(deps-dev): bump fs-extra from 0.30.0 to 10.0.0 (#3102)7bb5157
build(deps): bump npmlog from 4.1.2 to 5.0.0 (#3156)2efb38f
build(deps): bump chalk from 1.1.3 to 4.1.2 (#3161)Updates
@babel/traverse
from 7.14.7 to 7.24.7Release notes
Sourced from
@babel/traverse
's releases.... (truncated)
Changelog
Sourced from
@babel/traverse
's changelog.... (truncated)
Commits
bf1e9a3
v7.24.74463aa5
fix: incorrectconstantViolations
with destructuring (#16522)07bd000
ImprovegetBindingIdentifiers
(#16544)17a5502
[Babel 8] Removeextra.shorthand
(#16521)7934963
Usetype: module
in allpackage.json
s (#16535)9630250
v7.24.61f010df
Explicitly defineNodePath.prototype.*
(#16488)6e3539b
[babel 8] Publish.d.ts
files for every package (#16416)e37e64d
Use eslint v9 (#16479)3ff20b9
Statically generate boilerplate for bitfield accessors (#16482)Updates
ansi-regex
from 4.1.0 to 4.1.1Commits
64735d2
v4.1.175a657d
Fix potential ReDoS (#37)Updates
ansi-regex
from 3.0.0 to 4.1.1Commits
64735d2
v4.1.175a657d
Fix potential ReDoS (#37)Updates
async
from 2.6.3 to 2.6.4Changelog
Sourced from async's changelog.
Commits
c6bdaca
Version 2.6.48870da9
Update built files4df6754
update changelog8f7f903
Fix prototype pollution vulnerability (#1828)Maintainer changes
This version was pushed to npm by hargasinski, a new releaser for async since your current version.
Updates
json5
from 2.2.0 to 2.2.3Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
Commits
c3a7524
2.2.394fd06d
docs: update CHANGELOG for v2.2.33b8cebf
docs(security): use GitHub security advisoriesf0fd9e1
docs: publish a security policy6a91a05
docs(template): bug -> bug report14f8cb1
2.2.210cc7ca
docs: update CHANGELOG for v2.2.27774c10
fix: add proto to objects and arraysedde30a
Readme: slight tweak to intro97286f8
Improve example in readmeUpdates
json5
from 1.0.1 to 2.2.3Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
Commits
c3a7524
2.2.394fd06d
docs: update CHANGELOG for v2.2.33b8cebf
docs(security): use GitHub security advisoriesf0fd9e1
docs: publish a security policy6a91a05
docs(template): bug -> bug report14f8cb1
2.2.210cc7ca
docs: update CHANGELOG for v2.2.27774c10
fix: add proto to objects and arraysedde30a
Readme: slight tweak to intro97286f8
Improve example in readmeUpdates
extract-loader
from 3.2.0 to 3.2.0Changelog
Sourced from extract-loader's changelog.
Commits
Updates
semver
from 5.3.0 to 5.7.1Changelog
Sourced from semver's changelog.
... (truncated)
Commits
c83c18c
5.7.1956e228
Correct typo in README8055dda
5.7.0604e73d
auto-publishing scriptsbed01e2
remove the nomin comments, since we don't minify any more anyway9cb68f1
document parse method38d42ca
5.7 changelogda8a771
Fix code style and get to 100% coverage4d8306b
drop windows testing1af213f
next-gen tap for testingUpdates
qs
from 6.5.2 to 6.5.3Changelog
Sourced from qs's changelog.
Commits
298bfa5
v6.5.3ed0f5dc
[Fix]parse
: ignore__proto__
keys (#428)691e739
[Robustness]stringify
: avoid relying on a globalundefined
(#427)1072d57
[readme] remove travis badge; add github actions/codecov badges; update URLs12ac1c4
[meta] fix README.md (#399)0338716
[actions] backport actions from main5639c20
Clean up license text so it’s properly detected as BSD-3-Clause51b8a0b
add FUNDING.yml45f6759
[Fix] fix for an impossible situation: when the formatter is called with a no...f814a7f
[Dev Deps] backport from mainUpdates
browserify-sign
from 4.2.1 to 4.2.3Changelog
Sourced from browserify-sign's changelog.
Commits
bf2c3ec
v4.2.39247adf
[patch] widen support to 0.12f427270
[Deps] update `parse-asn187f3a35
[Dev Deps] updateaud
,npmignore
,tape
fb261ce
[Deps] updateelliptic
4d0ee49
[patch] drop minimum node support to v19e2bf12
[Deps] pinhash-base
to ~3.0, due to a breaking change168e16f
[Deps] pinelliptic
due to a breaking change37a4758
[actions] remove redundant finisher4af5a90
v4.2.2Maintainer changes
This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.
Updates
cross-fetch
from 2.2.3 to 2.2.6Commits
bfe5fe2
2.2.61a89b66
added caret range to whatwg-fetch.695a888
removed and disabled package-lock.json.eac6c00
Update away from vulnerable version of node-fetch (#135)3abdc67
2.2.5982e107
Locked node-fetch version.0820407
2.2.419fec4e
Fixed vulnerability CVE-2020-15168 by upgrading node-fetch to 2.6.1.Updates
postcss
from 6.0.23 to 8.4.38Release notes
Sourced from postcss's releases.
... (truncated)
Changelog
Sourced from postcss's changelog.
... (truncated)
Commits
a69d45e
Release 8.4.38 version64e35d9
Update dependenciesc1ad8fb
Merge pull request #1932 from romainmenke/fix-warning-end-index--inventive-nu...b45e7e9
fix endIndex1bea246
failing test: for endIndex 0 in rangeBy0fd1d86
Add changelog auto release on Github49c906e
Release 8.4.37 versionSuperseded by #837.