rengorum
rengorum copied to clipboard
endiliey
:rocket: Forum app built in React, Redux & Django
Bumps [terser](https://github.com/terser/terser) from 4.3.1 to 4.8.1. Changelog Sourced from terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) v4.8.0 Support for numeric separators (million...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.0.7 to 1.1.1. Changelog Sourced from eventsource's changelog. 1.1.1 Do not include authorization and cookie headers on redirect to different origin (#273 Espen Hovlandsdal) 1.1.0 Improve performance...
Bumps [pyjwt](https://github.com/jpadilla/pyjwt) from 1.6.1 to 2.4.0. Release notes Sourced from pyjwt's releases. 2.4.0 Security [CVE-2022-29217] Prevent key confusion through non-blocklisted public key formats. https://github.com/jpadilla/pyjwt/security/advisories/GHSA-ffqj-6fqr-9h24 What's Changed Add support for Python...
Bumps [async](https://github.com/caolan/async) from 2.6.3 to 2.6.4. Changelog Sourced from async's changelog. v2.6.4 Fix potential prototype pollution exploit (#1828) Commits c6bdaca Version 2.6.4 8870da9 Update built files 4df6754 update changelog 8f7f903...
Bumps [pillow](https://github.com/python-pillow/Pillow) from 6.2.0 to 9.0.1. Release notes Sourced from pillow's releases. 9.0.1 https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html Changes In show_file, use os.remove to remove temporary images. CVE-2022-24303 #6010 [@radarhere, @hugovk] Restrict builtins within...
Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.3 to 1.5.10. Commits 8cd4c6c 1.5.10 ce7a01f [fix] Improve handling of empty port 0071490 [doc] Update JSDoc comment a7044e3 [minor] Use more descriptive variable name d547792 [security]...
Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.19 to 0.7.31. Commits 97f3368 Bump version 0.7.31 b86860e Merge pull request #546 from hansott/master 157af1e Merge pull request #547 from sunny-mwx/patch-1 b4cfe1b Merge pull request #535...
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [set-value](https://github.com/jonschlinkert/set-value) from 3.0.1 to 4.1.0. Commits c574eb8 4.1.0 276ce85 run benchmarks, build readme with verb cdc7446 fixes jonschlinkert/set-value#11 7cf8073 4.0.1 17ac6b7 lint b057b1b Merge pull request #33 from ready-research/ready-research-Prototype-Pollution...
Bumps [tar](https://github.com/npm/node-tar) from 4.4.6 to 4.4.19. Commits 9a6faa0 4.4.19 70ef812 drop dirCache for symlink on all platforms 3e35515 4.4.18 52b09e3 fix: prevent path escape using drive-relative paths bb93ba2 fix: reserve...