crowdsource-dataplatform

crowdsource-dataplatform copied to clipboard

Bumps [shell-quote](https://github.com/substack/node-shell-quote) from 1.7.2 to 1.7.3. Changelog Sourced from shell-quote's changelog. 1.7.3 Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the...

dependabot[bot]

Bumps [got](https://github.com/sindresorhus/got) from 11.8.2 to 11.8.5. Release notes Sourced from got's releases. v11.8.5 Backport security fix https://github.com/sindresorhus/got/commit/861ccd9ac2237df762a9e2beed7edd88c60782dc CVE-2022-33987 https://github.com/sindresorhus/got/compare/v11.8.4...v11.8.5 v11.8.3 Bump cacheable-request dependency (#1921) 9463bb6 Fix HTTPError missing .code property...

dependabot[bot]

Bumps [jpeg-js](https://github.com/eugeneware/jpeg-js) from 0.4.3 to 0.4.4. Release notes Sourced from jpeg-js's releases. v0.4.4 v0.4.4 (2022-06-07) feat: add comment tag encoding (#87) (13e1ffa), closes #87 fix: validate sampling factors (#106) (9ccd35f),...

dependabot[bot]

Bumps [sharp](https://github.com/lovell/sharp) from 0.29.3 to 0.30.5. Changelog Sourced from sharp's changelog. v0.30.5 - 23rd May 2022 Install: pass PKG_CONFIG_PATH via env rather than substitution. @​dwisiswant0 Add support for --libc flag...

dependabot[bot]

Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 4.1.0 to 4.1.1. Commits 64735d2 v4.1.1 75a657d Fix potential ReDoS (#37) See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this...

dependabot[bot]

Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 5.0.0 to 5.0.1. Release notes Sourced from ansi-regex's releases. v5.0.1 Fixes (backport of 6.0.1 to v5) This is a backport of the minor ReDos vulnerability in ansi-regex@<6.0.1,...

dependabot[bot]

Bumps [ansi-regex](https://github.com/chalk/ansi-regex) from 3.0.0 to 3.0.1. Commits f545bdb 3.0.1 c57d4c2 fix a few old XO issues for backport 419250f Fix potential ReDoS (#37) See full diff in compare view [![Dependabot...

dependabot[bot]

Bumps [cross-fetch](https://github.com/lquixada/cross-fetch) from 3.1.4 to 3.1.5. Release notes Sourced from cross-fetch's releases. v3.1.5 What's Changed chore: updated node-fetch version to 2.6.7 by @​dlafreniere in lquixada/cross-fetch#124 New Contributors @​dlafreniere made their...

dependabot[bot]

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. Commits 7efb22a 1.2.6 ef88b93 security notice for additional prototype pollution issue c2b9819 isConstructorOrProto adapted from PR bc8ecee test from prototype pollution PR See full...

dependabot[bot]

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. Commits 7efb22a 1.2.6 ef88b93 security notice for additional prototype pollution issue c2b9819 isConstructorOrProto adapted from PR bc8ecee test from prototype pollution PR See full...

dependabot[bot]