Crypto-Compare

Crypto-Compare copied to clipboard

Bumps [tar](https://github.com/npm/node-tar) from 4.4.4 to 4.4.19. Commits 9a6faa0 4.4.19 70ef812 drop dirCache for symlink on all platforms 3e35515 4.4.18 52b09e3 fix: prevent path escape using drive-relative paths bb93ba2 fix: reserve...

dependabot[bot]

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [tar](https://github.com/npm/node-tar) from 4.4.4 to 4.4.15. **This update includes security fixes.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization Impact...

dependabot-preview[bot]

Bumps [url-parse](https://github.com/unshiftio/url-parse) from 1.4.4 to 1.5.3. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Path reaversal in url-parse url-parse before 1.5.0 mishandles certain...

dependabot-preview[bot]

Bumps [color-string](https://github.com/Qix-/color-string) from 1.5.3 to 1.6.0. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Regular Expression Denial of Service (ReDOS) A Regular Expression...

dependabot-preview[bot]

Bumps [prettier](https://github.com/prettier/prettier) from 2.0.5 to 2.3.2. Release notes Sourced from prettier's releases. 2.3.2 changelog v2.3.1 Changelog 2.3.0 diff 🔗 Release Notes 2.2.1 🔗 Changelog 2.2.0 diff 🔗 Release Notes 2.1.2...

dependabot-preview[bot]

Upgrade to GitHub-native Dependabot

1

_Dependabot Preview will be shut down on August 3rd, 2021. In order to keep getting Dependabot updates, please merge this PR and migrate to GitHub-native Dependabot before then._ Dependabot has...

dependabot-preview[bot]

Bumps [ws](https://github.com/websockets/ws) from 5.2.2 to 5.2.3. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. ReDoS in Sec-Websocket-Protocol header Impact A specially crafted value...

dependabot-preview[bot]

Bumps [merge-deep](https://github.com/jonschlinkert/merge-deep) from 3.0.2 to 3.0.3. Commits 628ff47 3.0.3 cfbe20c run verb to generate README documentation e370968 Merge pull request #17 from jonschlinkert/key-properties 393e2cb adding a test to ensure using...

dependabot[bot]

Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4. **This update includes a security fix.** Vulnerabilities fixed Sourced from The GitHub Security Advisory Database. Potential memory exposure in dns-packet This affects the package...

dependabot-preview[bot]