birdland-starter
birdland-starter copied to clipboard
Rich-Harris
Starter repo for birdland
Bumps [terser](https://github.com/terser/terser) from 4.7.0 to 4.8.1. Changelog Sourced from terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) v4.8.0 Support for numeric separators (million...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [svelte](https://github.com/sveltejs/svelte) from 3.23.2 to 3.49.0. Changelog Sourced from svelte's changelog. 3.49.0 Improve performance of string escaping during SSR (#5701) Add ComponentType and ComponentProps convenience types (#6770) Add support for...
Bumps [shell-quote](https://github.com/substack/node-shell-quote) from 1.7.2 to 1.7.3. Changelog Sourced from shell-quote's changelog. 1.7.3 Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the...
Bumps [cross-fetch](https://github.com/lquixada/cross-fetch) from 3.0.4 to 3.1.5. Release notes Sourced from cross-fetch's releases. v3.1.5 What's Changed chore: updated node-fetch version to 2.6.7 by @dlafreniere in lquixada/cross-fetch#124 New Contributors @dlafreniere made their...
Bumps [express-openid-connect](https://github.com/auth0/express-openid-connect) from 1.0.2 to 2.7.2. Release notes Sourced from express-openid-connect's releases. v2.7.2 Security URL Redirection to Untrusted Site ('Open Redirect') in express-openid-connect GHSA-7p99-3798-f85c v2.7.1 Fixed transactionCookie configuration should be...
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. Commits 7efb22a 1.2.6 ef88b93 security notice for additional prototype pollution issue c2b9819 isConstructorOrProto adapted from PR bc8ecee test from prototype pollution PR See full...
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.7 to 1.5.10. Commits 8cd4c6c 1.5.10 ce7a01f [fix] Improve handling of empty port 0071490 [doc] Update JSDoc comment a7044e3 [minor] Use more descriptive variable name d547792 [security]...
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.7 to 1.5.3. Commits ad44493 [dist] 1.5.3 c798461 [fix] Fix host parsing for file URLs (#210) 201034b [dist] 1.5.2 2d9ac2c [fix] Sanitize only special URLs (#209) fb128af...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [jose](https://github.com/panva/jose) from 1.27.1 to 1.28.1. Release notes Sourced from jose's releases. v1.28.1 Bug Fixes defer AES CBC w/ HMAC decryption after tag verification passes (08e1bc5), fixes CVE-2021-29443 v1.28.0 Features...