CoronaXiv

CoronaXiv copied to clipboard

Bumps [certifi](https://github.com/certifi/python-certifi) from 2020.4.5.2 to 2023.7.22. Commits 8fb96ed 2023.07.22 afe7722 Bump actions/setup-python from 4.6.1 to 4.7.0 (#230) 2038739 Bump dessant/lock-threads from 3.0.0 to 4.0.1 (#229) 44df761 Hash pin Actions and...

dependabot[bot]

Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4. Release notes Sourced from word-wrap's releases. 1.2.4 What's Changed Remove default indent by @​mohd-akram in jonschlinkert/word-wrap#24 🔒fix: CVE 2023 26115 (2) by @​OlafConijn in...

dependabot[bot]

Removes [tough-cookie](https://github.com/salesforce/tough-cookie). It's no longer used after updating ancestor dependencies [tough-cookie](https://github.com/salesforce/tough-cookie), [@vue/cli-plugin-babel](https://github.com/vuejs/vue-cli/tree/HEAD/packages/@vue/cli-plugin-babel), [@vue/cli-plugin-pwa](https://github.com/vuejs/vue-cli/tree/HEAD/packages/@vue/cli-plugin-pwa), [@vue/cli-plugin-router](https://github.com/vuejs/vue-cli/tree/HEAD/packages/@vue/cli-plugin-router) and [node-sass](https://github.com/sass/node-sass). These dependencies need to be updated together. Removes `tough-cookie` Updates `@vue/cli-plugin-babel` from 4.4.5 to...

dependabot[bot]

Bumps [requests](https://github.com/psf/requests) from 2.24.0 to 2.31.0. Release notes Sourced from requests's releases. v2.31.0 2.31.0 (2023-05-22) Security Versions of Requests between v2.3.0 and v2.30.0 are vulnerable to potential forwarding of Proxy-Authorization...

dependabot[bot]

Bumps [flask](https://github.com/pallets/flask) from 1.1.2 to 2.3.2. Release notes Sourced from flask's releases. 2.3.2 This is a security fix release for the 2.3.x release branch. Security advisory: https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq, CVE-2023-30861 Changes: https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-2...

dependabot[bot]

Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (#428) [Fix] utils.merge: avoid a crash with a null target and a truthy...

dependabot[bot]

Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. Release notes Sourced from json5's releases. v1.0.2 Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a...

dependabot[bot]

Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode...

dependabot[bot]