Closed dependabot[bot] closed 1 year ago
xss
xss
Cross-site scripting vulnerabilities occur when unescaped input is rendered into a page displayed to the user. When HTML or script is included in the input, it will be processed by a user's browser as HTML or script and can alter the appearance of the page or execute malicious scripts in their user context.
Cross-site scripting vulnerabilities occur when unescaped input is rendered into a page displayed to the user. When HTML or script is included in the input, it will be processed by a user's browser as HTML or script and can alter the appearance of the page or execute malicious scripts in their user context.
sqli
This is probably one of the two most exploited vulnerabilities in web applications and has led to a number of high profile company breaches. It occurs when an application fails to sanitize or validate input before using it to dynamically construct a statement. An attacker that exploits this vulnerability will be able to gain access to the underlying database and view or modify data without permission.
OK, I won't notify you again about this release, but will get in touch when a new version is available.
If you change your mind, just re-open this PR and I'll resolve any conflicts on it.
Bumps http-cache-semantics to 4.1.1 and updates ancestor dependency @angular/cli. These dependencies need to be updated together.
Updates
http-cache-semantics
from 3.8.1 to 4.1.1Commits
2449650
Update mocha560b2d8
Don't use regex to trim whitespaceb1bdb92
Remove linting package zooc20dc7e
Cache 308ed83aec
Explain trust server date1b35980
rfc 5861 (stale-if-error, stale-while-revalidate)2c2fac2
Drop trustServerDateeb7028f
Test names84cc9a8
Bumpae5ecd5
Add status to testsUpdates
@angular/cli
from 10.0.4 to 15.1.4Release notes
Sourced from
@angular/cli
's releases.... (truncated)
Changelog
Sourced from
@angular/cli
's changelog.... (truncated)
Commits
1bfcc18
release: cut the v15.1.4 release6c8fdfc
fix(@angular-devkit/build-angular
): load JavaScript bundles as modules in karma317452e
fix(@angular-devkit/build-angular
): print server builder errors and warningsb27ce5d
release: cut the v15.1.3 release3c459c3
build: update bazel aspect lib to 1.23.3e293cb1
docs(@angular/cli
): minor updates tong run
description2c04f4a
fix(@schematics/angular
): update browserslist config to include last 2 Chrome...c152a4a
fix(@angular-devkit/build-angular
): update browserslist config to include las...9de9920
fix(@angular-devkit/core
): handle number like strings in workspace writerf31bf30
fix(@angular-devkit/build-angular
): avoid undefined module path for Sass impo...Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mlim-scw/angular/network/alerts).