authr

authr copied to clipboard

I really like this package and the fact that a company with a strong engineering background is behind it. But the use of `any` everywhere is really deterring me from...

moltar

https://github.com/cloudflare/authr/blob/3f6129d97d06e61033a7f237d84e35e678db490f/ts/src/conditionSet.ts#L1 This will not tree shake, and it is recommended to import lodash this way: ```ts import isPlainObject from 'lodash/isPlainObject' ```

moltar

Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode...

dependabot[bot]

Bumps [loader-utils](https://github.com/webpack/loader-utils) from 1.4.0 to 1.4.2. Release notes Sourced from loader-utils's releases. v1.4.2 1.4.2 (2022-11-11) Bug Fixes ReDoS problem (#226) (17cbf8f) v1.4.1 1.4.1 (2022-11-07) Bug Fixes security problem (#220) (4504e34)...

dependabot[bot]

Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. Commits 7efb22a 1.2.6 ef88b93 security notice for additional prototype pollution issue c2b9819 isConstructorOrProto adapted from PR bc8ecee test from prototype pollution PR See full...

dependabot[bot]

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Updating Semgrep.yml file - Semgrep is a tool that will be used to scan Cloudflare's public repos for Supply chain, code and secrets. This work is part of Application &...

hrushikeshdeshpande