Security fix for Prototype Pollution discovery in #282. This is a minor release, although output from the inspect utility is affected by this change, we felt this change was important enough to be pushed into the next patch.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/nhn/tui.grid/network/alerts).
Bumps tough-cookie to 4.1.3 and updates ancestor dependencies tough-cookie, @applitools/eyes-storybook, cypress and start-server-and-test. These dependencies need to be updated together.
Updates
tough-cookie
from 2.4.3 to 4.1.3Release notes
Sourced from tough-cookie's releases.
... (truncated)
Commits
4ff4d29
4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)12d4747
Prevent prototype pollution in cookie memstore (#283)f06b72d
Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...b1a8898
fix: allow set cookies with localhost (#253)ec70796
4.1.1 Patch -- allow special use domains by default (#250)d4ac580
fix: allow special use domains by default (#249)79c2f7d
4.1.0 release to NPM (#245)4fafc17
Prepare tough-cookie 4.1 for publishing (updated GitHub actions, move Dockerf...aa4396d
fix: distinguish between no samesite and samesite=none (#240)b8d7511
Modernize README (#234)Maintainer changes
This version was pushed to npm by awaterma, a new releaser for tough-cookie since your current version.
Updates
@applitools/eyes-storybook
from 3.5.3 to 3.39.0Release notes
Sourced from
@applitools/eyes-storybook
's releases.... (truncated)
Changelog
Sourced from
@applitools/eyes-storybook
's changelog.... (truncated)
Commits
1cb49d8
chore: release master (#1862)354b7bb
chore: release master (#1859)532756b
feat: rework log event on opent eyes (#1842)0bdf6da
chore: release master (#1858)e133678
chore: cleanup change logs0d69f11
chore: release master (#1831)4ad38e3
chore: release master (#1824)619bc8b
chore: release master (#1822)01c528a
fix: wait for initializationPromise (#1628)4fde56f
docs: index and sharding (#1734)Maintainer changes
This version was pushed to npm by applitools-admin, a new releaser for
@applitools/eyes-storybook
since your current version.Updates
cypress
from 4.9.0 to 4.12.1Commits
2156e3e
release 4.12.1 [skip ci]a54d793
chore(deps): update dependency markdown-it to version .x 🌟 (#8183)640505e
chore(deps): update dependency react-inspector to version .x 🌟 (#8182)d3e90d6
fix(deps): update dependency electron-context-menu to version .x 🌟 (#8180)996fe97
fix(deps): update dependency md5 to version 2.3.0 🌟 (#8161)3ad06db
fix: it.skip no longer causes hooks to be assigned to the wrong test (#8113)580087d
release 4.12.0 [skip ci]9d19a9f
fix: Capture env vars from AWS Code Build (#8159)e0f587e
fix: iFrame input focus should not cause blur if input already activeElement ...19393e0
fix(reporter): minor UI fixes and improvements (#8153)Updates
start-server-and-test
from 1.10.0 to 1.15.4Release notes
Sourced from start-server-and-test's releases.
... (truncated)
Commits
9e8713b
fix: add expected default value 200, closes #3492ebf1ba
fix(deps): update dependency wait-on to v7 (#347)4e33599
fix(deps): update dependency wait-on to v6.0.19cfb60e
fix(deps): update dependency debug to v4.3.417a427c
feat: use the --expect parameter to specify HTTP response code (#343)6bedc4c
fix: add explicit license file, closes #336 (#342)7294173
update the CI workflow (#341)776c7b6
add CLI processing with arg module (#340)693dc2c
FEAT: Allow interval option from environment variable (#315)7ac144f
explain the server not responding (#314)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show