openBSE
openBSE copied to clipboard
iamscottxu
高性能 JavaScript 弹幕引擎。同屏弹幕1000+ A high-performance JavaScript bullet-screen (danmaku) engine.
Bumps [moment](https://github.com/moment/moment) from 2.27.0 to 2.29.4. Changelog Sourced from moment's changelog. 2.29.4 Release Jul 6, 2022 #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex 2.29.3 Full changelog Release Apr 17, 2022...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [copy-props](https://github.com/gulpjs/copy-props) from 2.0.4 to 2.0.5. Release notes Sourced from copy-props's releases. 2.0.5 Fix Avoids prototype pollution (#7) Doc Update license years. Transfer ownership to Gulp Team (#6) Build Update...
Bumps [shell-quote](https://github.com/substack/node-shell-quote) from 1.7.2 to 1.7.3. Changelog Sourced from shell-quote's changelog. 1.7.3 Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the...
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. Commits 7efb22a 1.2.6 ef88b93 security notice for additional prototype pollution issue c2b9819 isConstructorOrProto adapted from PR bc8ecee test from prototype pollution PR See full...
Bumps [cached-path-relative](https://github.com/ashaffer/cached-path-relative) from 1.0.2 to 1.1.0. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [postcss](https://github.com/postcss/postcss) from 7.0.32 to 7.0.36. Release notes Sourced from postcss's releases. 7.0.36 Backport ReDoS vulnerabilities from PostCSS 8. 7.0.35 Add migration guide link to PostCSS 8 error text. 7.0.34...
Bumps [browserslist](https://github.com/browserslist/browserslist) from 4.14.0 to 4.16.6. Changelog Sourced from browserslist's changelog. 4.16.6 Fixed npm-shrinkwrap.json support in --update-db (by Geoff Newman). 4.16.5 Fixed unsafe RegExp (by Yeting Li). 4.16.4 Fixed unsafe...
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9. Changelog Sourced from hosted-git-info's changelog. 2.8.9 (2021-04-07) Bug Fixes backport regex fix from #76 (29adfe5), closes #84 Commits 8d4b369 chore(release): 2.8.9 29adfe5 fix: backport...
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...
Metadata
Owner
Metadata
高性能 JavaScript 弹幕引擎。同屏弹幕1000+ A high-performance JavaScript bullet-screen (danmaku) engine.