Software-Engineering-Project

Software-Engineering-Project copied to clipboard

Bumps [json5](https://github.com/json5/json5) to 2.2.3 and updates ancestor dependencies [json5](https://github.com/json5/json5), [json5](https://github.com/json5/json5) and [@vue/cli-service](https://github.com/vuejs/vue-cli/tree/HEAD/packages/@vue/cli-service). These dependencies need to be updated together. Updates `json5` from 2.1.3 to 2.2.3 Release notes Sourced from json5's...

dependabot[bot]

Bumps [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) from 8.5.1 to 9.0.0. Changelog Sourced from jsonwebtoken's changelog. 9.0.0 - 2022-12-21 Breaking changes: See Migration from v8 to v9 Breaking changes Removed support for Node versions 11...

dependabot[bot]

Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.18.2. Release notes Sourced from express's releases. 4.18.2 Fix regression routing a large stack in a single route deps: [email protected] deps: [email protected] perf: remove unnecessary...

dependabot[bot]

Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (#428) [Fix] utils.merge: avoid a crash with a null target and a truthy...

dependabot[bot]

Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode...

dependabot[bot]

Bumps [degenerator](https://github.com/TooTallNate/node-degenerator) and [urllib](https://github.com/node-modules/urllib). These dependencies needed to be updated together. Updates `degenerator` from 1.0.4 to 3.0.2 Release notes Sourced from degenerator's releases. 3.0.2 Patches Update vm2 to v3.9.8: f690e194041f9dacba5341d5a98bbd1a65996048...

dependabot[bot]

Bumps [terser](https://github.com/terser/terser) from 4.6.10 to 4.8.1. Changelog Sourced from terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) v4.8.0 Support for numeric separators (million...

dependabot[bot]

Bumps [moment](https://github.com/moment/moment) from 2.24.0 to 2.29.4. Changelog Sourced from moment's changelog. 2.29.4 Release Jul 6, 2022 #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex 2.29.3 Full changelog Release Apr 17, 2022...

dependabot[bot]

Bumps [shell-quote](https://github.com/substack/node-shell-quote) from 1.7.2 to 1.7.3. Changelog Sourced from shell-quote's changelog. 1.7.3 Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the...

dependabot[bot]

Bumps [fastjson](https://github.com/alibaba/fastjson) from 1.2.47 to 1.2.83. Release notes Sourced from fastjson's releases. FASTJSON 1.2.83版本发布（安全修复） 这是一个安全修复版本，修复最近收到在特定场景下可以绕过autoType关闭限制的漏洞，建议fastjson用户尽快采取安全措施保障系统安全。 安全修复方案 ：https://github.com/alibaba/fastjson/wiki/security_update_20220523 Issues 安全加固 修复JDK17下setAccessible报错的问题 #4077 下载 https://repo1.maven.org/maven2/com/alibaba/fastjson/1.2.83/ 文档 https://github.com/alibaba/fastjson/wiki/%E5%B8%B8%E8%A7%81%E9%97%AE%E9%A2%98 源码 https://github.com/alibaba/fastjson/tree/1.2.83 fastjson 1.2.79版本发布，BUG修复 这又是一个bug...

dependabot[bot]