Bumps the npm_and_yarn group with 1 update in the / directory: qs.
Bumps the npm_and_yarn group with 1 update in the /examples/rollup directory: ws.
Bumps the npm_and_yarn group with 13 updates in the /examples/webpack directory:
Backported bc8bd34e to the 7.x release line (0435e6e1).
7.5.8
Bug fixes
Backported 0fdcc0af to the 7.x release line (2758ed35).
Backported d68ba9e1 to the 7.x release line (dc1781bc).
7.5.7
Bug fixes
Backported 6946f5fe to the 7.x release line (1f72e2e1).
7.5.6
Bug fixes
Backported b8186dd1 to the 7.x release line (73dec34b).
Backported ed2b8039 to the 7.x release line (22a26afb).
7.5.5
Bug fixes
Backported ec9377ca to the 7.x release line (0e274acd).
7.5.4
Bug fixes
Backported 6a72da3e to the 7.x release line (76087fbf).
Backported 869c9892 to the 7.x release line (27997933).
7.5.3
Bug fixes
The WebSocketServer constructor now throws an error if more than one of the
noServer, server, and port options are specefied (66e58d27).
Fixed a bug where a 'close' event was emitted by a WebSocketServer before
the internal HTTP/S server was actually closed (5a587304).
Fixed a bug that allowed WebSocket connections to be established after
WebSocketServer.prototype.close() was called (772236a1).
7.5.2
Bug fixes
The opening handshake is now aborted if the client receives a
Sec-WebSocket-Extensions header but no extension was requested or if the
server indicates an extension not requested by the client (aca94c86).
Backported bc8bd34e to the 7.x release line (0435e6e1).
7.5.8
Bug fixes
Backported 0fdcc0af to the 7.x release line (2758ed35).
Backported d68ba9e1 to the 7.x release line (dc1781bc).
7.5.7
Bug fixes
Backported 6946f5fe to the 7.x release line (1f72e2e1).
7.5.6
Bug fixes
Backported b8186dd1 to the 7.x release line (73dec34b).
Backported ed2b8039 to the 7.x release line (22a26afb).
7.5.5
Bug fixes
Backported ec9377ca to the 7.x release line (0e274acd).
7.5.4
Bug fixes
Backported 6a72da3e to the 7.x release line (76087fbf).
Backported 869c9892 to the 7.x release line (27997933).
7.5.3
Bug fixes
The WebSocketServer constructor now throws an error if more than one of the
noServer, server, and port options are specefied (66e58d27).
Fixed a bug where a 'close' event was emitted by a WebSocketServer before
the internal HTTP/S server was actually closed (5a587304).
Fixed a bug that allowed WebSocket connections to be established after
WebSocketServer.prototype.close() was called (772236a1).
7.5.2
Bug fixes
The opening handshake is now aborted if the client receives a
Sec-WebSocket-Extensions header but no extension was requested or if the
server indicates an extension not requested by the client (aca94c86).
Bumps the npm_and_yarn group with 1 update in the / directory: qs. Bumps the npm_and_yarn group with 1 update in the /examples/rollup directory: ws. Bumps the npm_and_yarn group with 13 updates in the /examples/webpack directory:
6.2.1
6.2.2
2.6.3
2.6.4
6.7.0
6.11.0
4.17.1
4.19.2
0.21.4
removed
2.0.0
2.5.0
0.2.0
0.2.2
1.3.1
1.3.4
2.7.4
3.1.10
2.5.0
3.0.7
1.14.9
1.15.6
0.10.0
1.3.1
3.11.2
5.0.4
5.35.1
5.91.0
Updates
qs
from 6.11.2 to 6.12.1Changelog
Sourced from qs's changelog.
Commits
29dda21
v6.12.17e18298
[Fix]parse
: DisabledecodeDotInKeys
by default to restore previous behaviorfd3cd7a
[Tests] increase coverage6d7df02
[Performance]utils
: Optimize performance under large data volumes, reduce ...572533c
[Refactor]utils
: use+=
c4d29f3
[meta] add tea.yaml062334a
v6.12.0f09cffc
[meta] make the dist build 50% smaller934dfe8
[meta] run build in prepack, not prepublishc8a269f
[Tests]parse
: remove useless tests; add coverageUpdates
ws
from 7.4.5 to 7.5.9Release notes
Sourced from ws's releases.
... (truncated)
Commits
8a78f87
[dist] 7.5.90435e6e
[security] Fix same host check for ws+unix: redirects4271f07
[dist] 7.5.8dc1781b
[security] Drop sensitive headers when following insecure redirects2758ed3
[fix] Abort the handshake if the Upgrade header is invalida370613
[dist] 7.5.71f72e2e
[security] Drop sensitive headers when following redirects (#2013)8ecd890
[dist] 7.5.622a26af
[fix] Resume the socket in theCLOSING
state73dec34
[fix] Do not throw if the redirect URL is invalidUpdates
ws
from 6.2.1 to 6.2.2Release notes
Sourced from ws's releases.
... (truncated)
Commits
8a78f87
[dist] 7.5.90435e6e
[security] Fix same host check for ws+unix: redirects4271f07
[dist] 7.5.8dc1781b
[security] Drop sensitive headers when following insecure redirects2758ed3
[fix] Abort the handshake if the Upgrade header is invalida370613
[dist] 7.5.71f72e2e
[security] Drop sensitive headers when following redirects (#2013)8ecd890
[dist] 7.5.622a26af
[fix] Resume the socket in theCLOSING
state73dec34
[fix] Do not throw if the redirect URL is invalidUpdates
async
from 2.6.3 to 2.6.4Changelog
Sourced from async's changelog.
Commits
c6bdaca
Version 2.6.48870da9
Update built files4df6754
update changelog8f7f903
Fix prototype pollution vulnerability (#1828)Maintainer changes
This version was pushed to npm by hargasinski, a new releaser for async since your current version.
Updates
qs
from 6.7.0 to 6.11.0Changelog
Sourced from qs's changelog.
Commits
29dda21
v6.12.17e18298
[Fix]parse
: DisabledecodeDotInKeys
by default to restore previous behaviorfd3cd7a
[Tests] increase coverage6d7df02
[Performance]utils
: Optimize performance under large data volumes, reduce ...572533c
[Refactor]utils
: use+=
c4d29f3
[meta] add tea.yaml062334a
v6.12.0f09cffc
[meta] make the dist build 50% smaller934dfe8
[meta] run build in prepack, not prepublishc8a269f
[Tests]parse
: remove useless tests; add coverageUpdates
express
from 4.17.1 to 4.19.2Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
... (truncated)
Commits
04bc627
4.19.2da4d763
Improved fix for open redirect allow list bypass4f0f6cc
4.19.1a003cfa
Allow passing non-strings to res.location with new encoding handling checks f...a1fa90f
fixed un-edited version in history.md for 4.19.011f2b1d
build: fix build due to inconsistent supertest behavior in older versions084e365
4.19.00867302
Prevent open redirect allow list bypass due to encodeurl567c9c6
Add note on how to update docs for new release (#5541)69a4cf2
deps: cookie@0.6.0Maintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Removes
axios
Updates
@webpack-cli/generators
from 2.0.0 to 2.5.0Release notes
Sourced from
@webpack-cli/generators
's releases.... (truncated)
Changelog
Sourced from
@webpack-cli/generators
's changelog.... (truncated)
Commits
20882d4
chore(release): publish new version22f013b
docs: remove redundant link (#3292)3e1df05
chore: update package.json (#3289)402c0fe
fix: improve parsing of--env
flag (#3286)ce7352d
chore: disable length relatedcommitlint
rules (#3287)652cc70
feat: add summary to smoketests (#3288)1072e38
docs: update options (#3285)6075c63
chore(deps-dev): bump@types/node
979dbad
chore(deps-dev): bump typescript-eslint9941274
chore(deps-dev): bump webpack-dev-server from 4.9.1 to 4.9.2 (#3282)Updates
decode-uri-component
from 0.2.0 to 0.2.2Release notes
Sourced from decode-uri-component's releases.
Commits
a0eea46
0.2.2980e0bf
Prevent overwriting previously decoded tokens3c8a373
0.2.176abc93
Switch to GitHub workflows746ca5d
Fix issue where decode throws - fixes #6486d7e2
Update license (#1)a650457
Tidelift tasks66e1c28
Meta tweaksUpdates
dns-packet
from 1.3.1 to 1.3.4Commits
ebdf849
1.3.4ac57872
move all allocUnsafes to allocs for easier maintenancec64c950
1.3.30598ba1
fix .. in encodingLength010aedb
1.3.20d0d593
backport encodingLength fix to v1Updates
ejs
from 2.7.4 to 3.1.10Release notes
Sourced from ejs's releases.
Commits
d3f807d
Version 3.1.109ee26dd
Mocha TDDe469741
Basic pollution protection715e950
Merge pull request #756 from Jeffrey-mu/maincabe314
Include advanced usage examples29b076c
Added header11503c7
Merge branch 'main' of github.com:mde/ejs into main7690404
Added security banner to READMEf47d7ae
Update SECURITY.md828cea1
Update SECURITY.mdUpdates
@webpack-cli/generators
from 2.5.0 to 3.0.7Release notes
Sourced from
@webpack-cli/generators
's releases.... (truncated)
Changelog
Sourced from
@webpack-cli/generators
's changelog.... (truncated)
Commits
20882d4
chore(release): publish new version22f013b
docs: remove redundant link (#3292)3e1df05
chore: update package.json (#3289)402c0fe
fix: improve parsing of--env
flag (#3286)ce7352d
chore: disable length relatedcommitlint
rules (#3287)652cc70
feat: add summary to smoketests (#3288)1072e38
docs: update options (#3285)6075c63
chore(deps-dev): bump@types/node
979dbad
chore(deps-dev): bump typescript-eslint9941274
chore(deps-dev): bump webpack-dev-server from 4.9.1 to 4.9.2 (#3282)Updates
express
from 4.17.1 to 4.19.2Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
... (truncated)
Commits
04bc627
4.19.2da4d763
Improved fix for open redirect allow list bypass4f0f6cc
4.19.1a003cfa
Allow passing non-strings to res.location with new encoding handling checks f...a1fa90f
fixed un-edited version in history.md for 4.19.011f2b1d
build: fix build due to inconsistent supertest behavior in older versions084e365
4.19.00867302
Prevent open redirect allow list bypass due to encodeurl567c9c6
Add note on how to update docs for new release (