rubberduck

rubberduck copied to clipboard

Bumps [moment](https://github.com/moment/moment) from 2.22.2 to 2.29.4. Changelog Sourced from moment's changelog. 2.29.4 Release Jul 6, 2022 #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex 2.29.3 Full changelog Release Apr 17, 2022...

dependabot[bot]

Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.0.7 to 1.1.1. Changelog Sourced from eventsource's changelog. 1.1.1 Do not include authorization and cookie headers on redirect to different origin (#273 Espen Hovlandsdal) 1.1.0 Improve performance...

dependabot[bot]

Bumps [simple-get](https://github.com/feross/simple-get) from 3.0.3 to 3.1.1. Commits 496166d 3.1.1 6eb82c0 Bug fix: Thirdparty cookie leak abdcdb3 3.1.0 73508a8 feat: do not follow redirects and do not error out (#44) 72ecc9f...

dependabot[bot]

Bumps [axios](https://github.com/axios/axios) from 0.17.1 to 0.21.2. Release notes Sourced from axios's releases. v0.21.2 0.21.2 (September 4, 2021) Fixes and Functionality: Updating axios requests to be delayed by pre-emptive promise creation...

dependabot[bot]

Bumps [trim-off-newlines](https://github.com/stevemao/trim-off-newlines) from 1.0.1 to 1.0.3. Commits c3b28d3 1.0.3 6226c95 Merge pull request #4 from Trott/fix-it-again c77691d fix: remediate ReDOS further 76ca93c chore: pin mocha to version that works with...

dependabot[bot]

Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.11 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...

dependabot[bot]

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.4 to 1.5.10. Commits 8cd4c6c 1.5.10 ce7a01f [fix] Improve handling of empty port 0071490 [doc] Update JSDoc comment a7044e3 [minor] Use more descriptive variable name d547792 [security]...

dependabot[bot]

Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.5.9 to 1.14.8. Commits 3d81dc3 Release version 1.14.8 of the npm package. 62e546a Drop confidential headers across schemes. 2ede36d Release version 1.14.7 of the npm package. 8b347cb...

dependabot[bot]

Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.5.5 to 6.12.6. Release notes Sourced from ajv's releases. v6.12.6 Fix performance issue of "url" format. v6.12.5 Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords...

dependabot[bot]

Bumps [pathval](https://github.com/chaijs/pathval) from 1.1.0 to 1.1.1. Release notes Sourced from pathval's releases. v1.1.1 Fixes a security issue around prototype pollution. Commits db6c3e3 chore: v1.1.1 7859e0e Merge pull request #60 from...

dependabot[bot]