Sourced from [jszip's changelog](https://github.com/Stuk/jszip/blob/main/CHANGES.md).
v3.10.1 2022-08-02
Add sponsorship files.
If you appreciate the time spent maintaining JSZip then I would really appreciate [your sponsorship](https://github.com/sponsors/Stuk).
Consolidate metadata types and expose OnUpdateCallback [#851](https://github-redirect.dependabot.com/Stuk/jszip/pull/851) and [#852](https://github-redirect.dependabot.com/Stuk/jszip/pull/852)
use const instead var in example from README.markdown [#828](https://github-redirect.dependabot.com/Stuk/jszip/pull/828)
Switch manual download link to HTTPS [#839](https://github-redirect.dependabot.com/Stuk/jszip/pull/839)
Internals:
Replace jshint with eslint [#842](https://github-redirect.dependabot.com/Stuk/jszip/pull/842)
Change setimmediate dependency to more efficient one. Fixes [Stuk/jszip#617](https://github-redirect.dependabot.com/Stuk/jszip/issues/617) (see [#829](https://github-redirect.dependabot.com/Stuk/jszip/pull/829))
Update types of currentFile metadata to include null (see [#826](https://github-redirect.dependabot.com/Stuk/jszip/pull/826))
v3.9.1 2022-04-06
Fix recursive definition of InputFileFormat introduced in 3.9.0.
v3.9.0 2022-04-04
Update types JSZip#loadAsync to accept a promise for data, and remove arguments from new JSZip() (see [#752](https://github-redirect.dependabot.com/Stuk/jszip/pull/752))
Update types for compressionOptions to JSZipFileOptions and JSZipGeneratorOptions (see [#722](https://github-redirect.dependabot.com/Stuk/jszip/pull/722))
Add types for generateInternalStream (see [#774](https://github-redirect.dependabot.com/Stuk/jszip/pull/774))
v3.8.0 2022-03-30
Santize filenames when files are loaded with loadAsync, to avoid ["zip slip" attacks](https://snyk.io/research/zip-slip-vulnerability). The original filename is available on each zip entry as unsafeOriginalName. See the [documentation](https://stuk.github.io/jszip/documentation/api_jszip/load_async.html). Many thanks to McCaulay Hudson for reporting.
cc554da Merge pull request [#841](https://github-redirect.dependabot.com/Stuk/jszip/issues/841) from stevennyman/patch-2
caefbc0 Merge pull request [#834](https://github-redirect.dependabot.com/Stuk/jszip/issues/834) from Stuk/benchmark
Additional commits viewable in [compare view](https://github.com/Stuk/jszip/compare/v3.7.1...v3.10.1)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
* `@dependabot rebase` will rebase this PR
* `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
* `@dependabot merge` will merge this PR after your CI passes on it
* `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
* `@dependabot cancel merge` will cancel a previously requested merge and block automerging
* `@dependabot reopen` will reopen this PR if it is closed
* `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
* `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
* `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
* `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
* `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
* `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
* `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
* `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/vlafranca/ngxAutocomPlace/network/alerts).
Bumps jszip from 3.7.1 to 3.10.1.
Changelog
Sourced from [jszip's changelog](https://github.com/Stuk/jszip/blob/main/CHANGES.md).
Commits
0f2f1e4
3.10.1cae5510
Updates for v3.10.1179c9a0
Update changelog for 3.10.161e1df5
Add Jekyll files to gitignoref299cce
Merge pull request [#852](https://github-redirect.dependabot.com/Stuk/jszip/issues/852) from Stuk/metadata-ts852887a
Consolidate metadata types and expose OnUpdateCallback5be00df
Add sponsorship filesdabe864
Update package-lock for benchmarkcc554da
Merge pull request [#841](https://github-redirect.dependabot.com/Stuk/jszip/issues/841) from stevennyman/patch-2caefbc0
Merge pull request [#834](https://github-redirect.dependabot.com/Stuk/jszip/issues/834) from Stuk/benchmarkDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: * `@dependabot rebase` will rebase this PR * `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it * `@dependabot merge` will merge this PR after your CI passes on it * `@dependabot squash and merge` will squash and merge this PR after your CI passes on it * `@dependabot cancel merge` will cancel a previously requested merge and block automerging * `@dependabot reopen` will reopen this PR if it is closed * `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually * `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) * `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) * `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) * `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language * `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language * `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language * `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/vlafranca/ngxAutocomPlace/network/alerts).
┆Issue is synchronized with this Clickup by Unito