oview
oview copied to clipboard
MrGaoGang
Vue移动端图表库(饼状图,柱状图,条形图,折线图,雷达图,散点图,气泡图等)
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2. Commits 699c459 3.1.2 2f2b5ff fix: trim pattern 25d7c0d 3.1.1 55dda29 fix: treat nocase:true as always having magic 5e1fb8d 3.1.0 f8145c5 Add 'allowWindowsEscape' option 570e8b1...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.0.7 to 1.1.1. Changelog Sourced from eventsource's changelog. 1.1.1 Do not include authorization and cookie headers on redirect to different origin (#273 Espen Hovlandsdal) 1.1.0 Improve performance...
Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.0.7 to 1.1.1. Changelog Sourced from eventsource's changelog. 1.1.1 Do not include authorization and cookie headers on redirect to different origin (#273 Espen Hovlandsdal) 1.1.0 Improve performance...
检测到 MrGaoGang/oview 一共引入了724个开源组件,存在35个漏洞 ``` 漏洞标题:serialize-javascript 代码问题漏洞 缺陷组件:[email protected] 漏洞编号:CVE-2020-7660 漏洞描述:Verizon serialize-javascript是美国威瑞森电信(Verizon)公司的一款支持将JavaScript序列化为 JSON超集的软件包。 serialize-javascript 3.1.0之前版本中存在代码问题漏洞。远程攻击者可借助index.js文件中的‘deleteFunctions’函数利用该漏洞注入任意代码。 国家漏洞库信息:https://www.cnvd.org.cn/flaw/show/CNVD-2020-53801 影响范围:(∞, 3.1.0) 最小修复版本:3.1.0 缺陷组件引入路径:[email protected]>[email protected]>[email protected]>[email protected] [email protected]>[email protected]>[email protected] [email protected]>[email protected]>[email protected] ``` 另外还有35个漏洞,详细报告:https://mofeisec.com/jr?p=i9a4b3
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.6 to 1.5.10. Commits 8cd4c6c 1.5.10 ce7a01f [fix] Improve handling of empty port 0071490 [doc] Update JSDoc comment a7044e3 [minor] Use more descriptive variable name d547792 [security]...
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.6 to 1.5.10. Commits 8cd4c6c 1.5.10 ce7a01f [fix] Improve handling of empty port 0071490 [doc] Update JSDoc comment a7044e3 [minor] Use more descriptive variable name d547792 [security]...
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.7.0 to 1.14.8. Commits 3d81dc3 Release version 1.14.8 of the npm package. 62e546a Drop confidential headers across schemes. 2ede36d Release version 1.14.7 of the npm package. 8b347cb...
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.7.0 to 1.14.8. Commits 3d81dc3 Release version 1.14.8 of the npm package. 62e546a Drop confidential headers across schemes. 2ede36d Release version 1.14.7 of the npm package. 8b347cb...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...