dapps
dapps copied to clipboard
MetaMask
Bump ua-parser-js from 0.7.24 to 0.7.35
Bumps ua-parser-js from 0.7.24 to 0.7.35.
Changelog
Sourced from ua-parser-js's changelog.
Version 0.7.35 / 1.0.35
- Fix result from user-supplied user-agent being altered
- Add new browser: Heytap, TikTok
- Add new engine: LibWeb
- Add new OS: SerenityOS
- Improve browser detection: Yandex
- Improve device detection: iPhone, Amazon Echo
- Improve OS detection: iOS
Version 0.7.34 / 1.0.34
- Fix Sharp Mobile detected as Huawei Tablet
- Fix IE8 bug
- Add new devices : Kobo e-Reader, Apple Watch, and some new SmartTV devices
- Add new OS : watchOS
- Improve browser detection : Kakao, Naver, Brave
- Improve device detection : Oculus, iPad
- Improve OS detection : Chrome OS
- Using navigator.userAgentData as fallback for device.type & os.name
Version 0.7.33 / 1.0.33
- Add new browser : Cobalt
- Identify Macintosh as an Apple device
- Fix ReDoS vulnerability
Version 0.7.32 / 1.0.32
- Add new browser : DuckDuckGo, Huawei Browser, LinkedIn
- Add new OS : HarmonyOS
- Add some Huawei models
- Add Sharp Aquos TV
- Improve detection Xiaomi Mi CC9
- Fix Sony Xperia 1 III misidentified as Acer tablet
- Fix Detect Sony BRAVIA as SmartTV
- Fix Detect Xiaomi Mi TV as SmartTV
- Fix Detect Galaxy Tab S8 as tablet
- Fix WeGame mistakenly identified as WeChat
- Fix included commas in Safari / Mobile Safari version
- Increase UA_MAX_LENGTH to 350
Version 0.7.31 / 1.0.2
- Fix OPPO Reno A5 incorrect detection
- Fix TypeError Bug
- Use AST to extract regexes and verify them with safe-regex
Version 0.7.30 / 1.0.1
- Add new browser : Obigo, UP.Browser, Klar
- Add new device : Oculus, Roku
... (truncated)
Commits
32d326bUpdate readme786d502Bump version 0.7.355b8adfeBackport - Prevent altering the result when supplied user-agent is different ...2e06a34Backport - Add new browser: TikTokbf9ac43Backport - Add new engine: LibWeb + Add new OS: SerenityOS3f8b5baBackport - Add new browser: Heytap1747707Backport - Fix #678 - Improve Yandex detectiond414045Backport - Fix #519 #521 #616 - Improve iPhone & iOS detectionba067bdBackport - Fix #624 - Detect Amazon Echo3218051Bump version 0.7.34- Additional commits viewable in compare view
You can trigger a rebase of this PR by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}
New dependency changes detected. Learn more about Socket for GitHub ↗︎
🚨 Potential security issues found in this pull request. To accept the risk, merge this PR and you will not be notified again.
Bot Commands
To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore [email protected] bar@* or ignore all packages with @SocketSecurity ignore-all
@SocketSecurity ignore [email protected]
⚠️ Chronological version anomaly
Semantic versions published out of chronological order.
This could either indicate dependency confusion or a patched vulnerability.
| Package | Previous Chronological | Previous Semver | Source |
|---|---|---|---|
| [email protected] (upgraded) | [email protected] (3/29/2023, 11:03:42 AM) | [email protected] (3/5/2023, 2:21:07 PM) | package.json via [email protected] |
![socket-security[bot] avatar](https://avatars.githubusercontent.com/in/156372?v=4 "Published by a pub.dev verified publisher"){kind=small}