foundry
foundry copied to clipboard
CodeChain-io
A programmable open source blockchain engine
Bumps [crossbeam-channel](https://github.com/crossbeam-rs/crossbeam) from 0.4.3 to 0.4.4. Commits 48b13dc Bump crossbeam-channel to v0.4.4 679dac8 Bump crossbeam-channel to v0.4.3 f652c6a Change crossbeam-channel's license to MIT OR Apache-2.0. 149a3c9 Release crossbeam-queue 0.2.3 18363b5...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [actix-http](https://github.com/actix/actix-web) from 2.0.0 to 2.2.1. Commits c9c3667 bump actix http version 655d7b4 sec fixes 24d525d prepare web 3.3.2 release 1f70ef1 Fix match_pattern() returning None for scope with resource of...
Bumps [smallvec](https://github.com/servo/rust-smallvec) from 0.4.5 to 1.4.2. Release notes Sourced from smallvec's releases. v1.4.2 insert_many no longer leaks elements if the provided iterator panics (#213). The unstable const_generics and specialization features...
Bumps [simple-get](https://github.com/feross/simple-get) from 3.1.0 to 3.1.1. Commits 496166d 3.1.1 6eb82c0 Bug fix: Thirdparty cookie leak See full diff in compare view Maintainer changes This version was pushed to npm by...
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.1 to 2.6.7. Release notes Sourced from node-fetch's releases. v2.6.7 Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th...
Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.12.0 to 6.12.6. Release notes Sourced from ajv's releases. v6.12.6 Fix performance issue of "url" format. v6.12.5 Fix uri scheme validation (@ChALkeR). Fix boolean schemas with strictKeywords...
Bumps [pathval](https://github.com/chaijs/pathval) from 1.1.0 to 1.1.1. Release notes Sourced from pathval's releases. v1.1.1 Fixes a security issue around prototype pollution. Commits db6c3e3 chore: v1.1.1 7859e0e Merge pull request #60 from...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [ws](https://github.com/websockets/ws) from 7.2.5 to 7.4.6. Release notes Sourced from ws's releases. 7.4.6 Bug fixes Fixed a ReDoS vulnerability (00c425ec). A specially crafted value of the Sec-Websocket-Protocol header could be...
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...