netlify-cms-widgets
netlify-cms-widgets copied to clipboard
Published
20 hours ago •
ekoeryanto
ekoeryanto
build(deps-dev): [security] bump rollup-plugin-serve from 0.6.0 to 1.0.2
trafficstars
Bumps rollup-plugin-serve from 0.6.0 to 1.0.2. This update includes a security fix.
Vulnerabilities fixed
Sourced from The GitHub Security Advisory Database.
Path traversal in rollup-plugin-serve Path traversal in npm package
rollup-plugin-servebefore version 1.0.2. There is no path sanitization inreadFileoperation.Affected versions: < 1.0.2
Changelog
Sourced from rollup-plugin-serve's changelog.
[1.0.2] - 2020-07-17
Fixed
- Fix path traversal issue
[1.0.1] - 2019-01-27
Added
- Add Intellisense support #34
Fixed
- Set minimum version for
mimepackage[1.0.0] - 2019-01-11
Fixed
- Update
ongeneratetogenerateBundleRemoved
- Remove built-in
favicon.ico#20[0.6.1] - 2018-12-23
Added
- Add support for
rollup --watch(Release http server on rollup reload)[0.5.0] - 2018-09-18
Added
- Allow to override path for historyApiFallback option
- Option
openPageFixed
- Fix host option
[0.4.2] - 2017-08-25
Added
- Option
https[0.4.1] - 2017-08-16
Added
- Option
headersFixed
- Close the server when a termination signal is encountered
[0.4.0] - 2017-07-02
Fixed
- Various fixes to contentBase handling
[0.3.0] - 2017-04-07
Changed
- Allow to pass array as contentBase
[0.2.0] - 2017-04-07
... (truncated)
Commits
3678e12v1.0.23d144f2Fix path traversal issue71cc20dv1.0.1c9c4f4eSet minimum version for mime package0154280Merge pull request #34 from kuzivany/jsdocb139780Add JSDoc descriptioncaf8a50Add JSDoc1ea9096Merge pull request #32 from thgh/v14179afbv1.0.0567ec48Update rollup- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language@dependabot badge mewill comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot dashboard:
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Automerge options (never/patch/minor, and dev/runtime dependencies)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
![dependabot-preview[bot] avatar](https://avatars.githubusercontent.com/in/2141?v=4 "Published by a pub.dev verified publisher"){kind=small}