aws-nodejs-eb-codebuild
aws-nodejs-eb-codebuild copied to clipboard
backspace-academy
Bump pug from 2.0.0-beta11 to 3.0.2
Bumps pug from 2.0.0-beta11 to 3.0.2.
Release notes
Sourced from pug's releases.
[email protected]
Bug Fixes
Sanitise the
prettyoption (#3314)If a malicious attacker could control the
prettyoption, it was possible for them to achieve remote code execution on the server rendering the template. All pug users should upgrade as soon as possible, see #3312 for more details.[email protected]
Bug Fixes
- Serialize Buffers to strings when storing sources for use with compileDebug: true (#3269)
[email protected]
Bug Fixes
- Update
withto resolve core-js deprecation notice (#3259)[email protected]
Bug Fixes
- Properly handle non-string values when rethrowing errors (#3269)
[email protected]
Bug Fixes
Sanitise the
prettyoption (#3314)If a malicious attacker could control the
prettyoption, it was possible for them to achieve remote code execution on the server rendering the template. All pug users should upgrade as soon as possible, see #3312 for more details.[email protected]
Breaking Changes
- Drop support for node 6 and 8 (#3243)
[email protected]
Breaking Changes
- Drop support for node 6 and 8 (#3243)
New Features
- Support
EachOfnodes (#3179)[email protected]
Breaking Changes
... (truncated)
Commits
d4b7f60Properly handle errors originating from included files when compileDebug is e...d6f0615fix capture groups for "each" statements (#3274)73ea7cffix: keep lexer plugins inside tag interpolation (#3296)29a53c5fix: Fix pug-lexer parsed escaped interpolations incorrectly (#3299)60b1b15chore: update supported versions (#3315)991e78ffix: sanitise and escape theprettyoption (#3314)06baa52Fix TypeScript and add eachOf token definition (#3262)13e46e9chore: update with (#3259)c077df4docs: fix rolling versions linkccba7daci: publish canary release (#3257)- Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by pug-bot, a new releaser for pug since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}