schm
schm copied to clipboard
diegohaz
Composable schemas for JavaScript and Node.js
Bumps [trim-off-newlines](https://github.com/stevemao/trim-off-newlines) from 1.0.1 to 1.0.3. Commits c3b28d3 1.0.3 6226c95 Merge pull request #4 from Trott/fix-it-again c77691d fix: remediate ReDOS further 76ca93c chore: pin mocha to version that works with...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [ws](https://github.com/websockets/ws) from 5.2.2 to 5.2.3. Release notes Sourced from ws's releases. 5.2.3 Bug fixes Backported 00c425ec to the 5.x release line (76d47c14). Commits 6dd88e7 [dist] 5.2.3 76d47c1 [security] Fix...
Bumps [async](https://github.com/caolan/async) from 2.6.1 to 2.6.4. Changelog Sourced from async's changelog. v2.6.4 Fix potential prototype pollution exploit (#1828) v2.6.3 Updated lodash to squelch a security warning (#1675) v2.6.2 Updated lodash...
Bumps [urijs](https://github.com/medialize/URI.js) from 1.19.1 to 1.19.11. Release notes Sourced from urijs's releases. 1.19.11 (April 3rd 2022) SECURITY fixing URI.parse() handle excessive slashes in scheme-relative URLs - disclosed by zeyu2001 via...
Bumps [chownr](https://github.com/isaacs/chownr) from 1.0.1 to 1.1.4. Commits 814f642 1.1.4 a0d7ae0 push to github before npm 1a3667a ignore stuff 147eac4 Full tests, handle errors properly in many cases 578fb9f update tap,...
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [tar](https://github.com/npm/node-tar) from 2.2.1 to 2.2.2. Commits 523c5c7 2.2.2 7ecef07 Bump fstream to fix hardlink overwriting vulnerability 9fc84b9 Use {} for hardlink tracking instead of [] 15e59f1 Only track previously...
Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.1.1 to 4.16.6. Changelog Sourced from browserslist's changelog. 4.16.6 Fixed npm-shrinkwrap.json support in --update-db (by Geoff Newman). 4.16.5 Fixed unsafe RegExp (by Yeting Li). 4.16.4 Fixed unsafe...
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.7.1 to 2.8.9. Changelog Sourced from hosted-git-info's changelog. 2.8.9 (2021-04-07) Bug Fixes backport regex fix from #76 (29adfe5), closes #84 2.8.8 (2020-02-29) Bug Fixes #61 & #65...