cosmic-cli
cosmic-cli copied to clipboard
cosmicjs
The official command line tool for Cosmic
Bumps [async](https://github.com/caolan/async) from 2.6.0 to 2.6.4. Changelog Sourced from async's changelog. v2.6.4 Fix potential prototype pollution exploit (#1828) v2.6.3 Updated lodash to squelch a security warning (#1675) v2.6.2 Updated lodash...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [axios](https://github.com/axios/axios) from 0.21.1 to 0.21.4. Release notes Sourced from axios's releases. v0.21.4 0.21.4 (September 6, 2021) Fixes and Functionality: Fixing JSON transform when data is stringified. Providing backward compatibility...
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.1 to 1.14.8. Commits 3d81dc3 Release version 1.14.8 of the npm package. 62e546a Drop confidential headers across schemes. 2ede36d Release version 1.14.7 of the npm package. 8b347cb...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.5 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [striptags](https://github.com/ericnorris/striptags) from 3.1.1 to 3.2.0. Release notes Sourced from striptags's releases. v3.2.0 This release fixes a potential type confusion vulnerability when passing in a non-string argument to the function....
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.5.0 to 2.8.9. Changelog Sourced from hosted-git-info's changelog. 2.8.9 (2021-04-07) Bug Fixes backport regex fix from #76 (29adfe5), closes #84 2.8.8 (2020-02-29) Bug Fixes #61 & #65...
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.4 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...
Bumps [extend](https://github.com/justmoon/node-extend) from 3.0.1 to 3.0.2. Changelog Sourced from extend's changelog. 3.0.2 / 2018-07-19 [Fix] Prevent merging __proto__ property (#48) [Dev Deps] update eslint, @ljharb/eslint-config, tape [Tests] up to node...
Bumps [dot-prop](https://github.com/sindresorhus/dot-prop) from 4.2.0 to 4.2.1. Release notes Sourced from dot-prop's releases. v4.2.1 Backport https://github.com/sindresorhus/dot-prop/commit/3039c8c07f6fdaa8b595ec869ae0895686a7a0f2 to the v4.x release line. Commits c914124 feat: patch 4.2.0 with fixes for CVE-2020-8116 See...
Bumps [stringstream](https://github.com/mhart/StringStream) from 0.0.5 to 0.0.6. Commits fee31c5 0.0.6 2f4a9d4 Merge pull request #9 from mhart/fix-buffer-constructor-vuln afbc744 Ensure data is not a number in Buffer constructor See full diff in...