Blog
Blog copied to clipboard
Jacksgong
知识, 学习、沉淀与分享
Bumps [moment](https://github.com/moment/moment) from 2.24.0 to 2.29.4. Changelog Sourced from moment's changelog. 2.29.4 Release Jul 6, 2022 #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex 2.29.3 Full changelog Release Apr 17, 2022...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.7.1 to 2.8.9. Changelog Sourced from hosted-git-info's changelog. 2.8.9 (2021-04-07) Bug Fixes backport regex fix from #76 (29adfe5), closes #84 2.8.8 (2020-02-29) Bug Fixes #61 & #65...
Bumps [underscore](https://github.com/jashkenas/underscore) from 1.8.3 to 1.13.1. Commits 943977e Merge branch 'umd-alias', tag 1.13.1 release 5630f88 Add version 1.13.1 to the change log 5aa5b52 Update the bundle sizes 76c8d8a Bump the...
Bumps [y18n](https://github.com/yargs/y18n) from 3.2.1 to 3.2.2. Commits See full diff in compare view Maintainer changes This version was pushed to npm by oss-bot, a new releaser for y18n since your...
Bumps [highlight.js](https://github.com/highlightjs/highlight.js) from 9.14.2 to 9.18.5. Release notes Sourced from highlight.js's releases. 10.3.2 - Oops, "Javascript". Tiny tiny release, just to fix the website incorrectly not listing Javascript in the...
Bumps [decompress](https://github.com/kevva/decompress) from 4.2.0 to 4.2.1. Release notes Sourced from decompress's releases. v4.2.1 Prevent directory traversal (#73) 967146e https://github.com/kevva/decompress/compare/v4.2.0...v4.2.1 Commits 84a8c10 4.2.1 fafff47 Meta tweaks 967146e Prevent directory traversal (#73)...
Bumps [lodash.merge](https://github.com/lodash/lodash) from 4.6.1 to 4.6.2. Commits - See full diff in [compare view](https://github.com/lodash/lodash/commits) [](https://help.github.com/articles/configuring-automated-security-fixes) Dependabot will resolve any conflicts with this PR as long as you don't...
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.12.1 to 3.13.1. Changelog *Sourced from [js-yaml's changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md).* > ## [3.13.1] - 2019-04-05 > ### Security > - Fix possible code execution in (already unsafe) `.load()`, [#480](https://github-redirect.dependabot.com/nodeca/js-yaml/issues/480)....
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.1 to 1.3.2. Commits - [`754f0c2`](https://github.com/jonschlinkert/mixin-deep/commit/754f0c20e1bc13ea5a21a64fbc7d6ba5f7b359b9) 1.3.2 - [`90ee1fa`](https://github.com/jonschlinkert/mixin-deep/commit/90ee1fab375fccfd9b926df718243339b4976d50) ensure keys are valid when mixing in values - See full diff in [compare view](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2) Maintainer changes This...