web

web copied to clipboard

Bumps [moment](https://github.com/moment/moment) from 2.22.2 to 2.29.4. Changelog Sourced from moment's changelog. 2.29.4 Release Jul 6, 2022 #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex 2.29.3 Full changelog Release Apr 17, 2022...

dependabot[bot]

Bumps [@angular/core](https://github.com/angular/angular/tree/HEAD/packages/core) from 7.1.1 to 11.0.5. Changelog Sourced from @​angular/core's changelog. 11.0.5 (2020-12-16) Bug Fixes compiler: handle strings inside bindings that contain binding characters (#39826) (f5aab2b), closes #39601 core: fix...

dependabot[bot]

Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.0.7 to 1.1.1. Changelog Sourced from eventsource's changelog. 1.1.1 Do not include authorization and cookie headers on redirect to different origin (#273 Espen Hovlandsdal) 1.1.0 Improve performance...

dependabot[bot]

Bumps [chownr](https://github.com/isaacs/chownr) from 1.0.1 to 1.1.4. Commits 814f642 1.1.4 a0d7ae0 push to github before npm 1a3667a ignore stuff 147eac4 Full tests, handle errors properly in many cases 578fb9f update tap,...

dependabot[bot]

Bumps [urijs](https://github.com/medialize/URI.js) from 1.19.1 to 1.19.11. Release notes Sourced from urijs's releases. 1.19.11 (April 3rd 2022) SECURITY fixing URI.parse() handle excessive slashes in scheme-relative URLs - disclosed by zeyu2001 via...

dependabot[bot]

Bumps [karma](https://github.com/karma-runner/karma) from 3.0.0 to 6.3.16. Release notes Sourced from karma's releases. v6.3.16 6.3.16 (2022-02-10) Bug Fixes security: mitigate the "Open Redirect Vulnerability" (ff7edbb) v6.3.15 6.3.15 (2022-02-05) Bug Fixes helper:...

dependabot[bot]

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.4 to 1.5.10. Commits 8cd4c6c 1.5.10 ce7a01f [fix] Improve handling of empty port 0071490 [doc] Update JSDoc comment a7044e3 [minor] Use more descriptive variable name d547792 [security]...

dependabot[bot]

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.5.0 to 1.14.8. Commits 3d81dc3 Release version 1.14.8 of the npm package. 62e546a Drop confidential headers across schemes. 2ede36d Release version 1.14.7 of the npm package. 8b347cb...

dependabot[bot]

Bumps [shelljs](https://github.com/shelljs/shelljs) from 0.8.3 to 0.8.5. Release notes Sourced from shelljs's releases. v0.8.5 This was a small security fix for #1058. v0.8.4 Small patch release to fix a circular dependency...

dependabot[bot]

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.5 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]