covid19

covid19 copied to clipboard

Bumps [terser](https://github.com/terser/terser) from 4.6.6 to 4.8.1. Changelog Sourced from terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) v4.8.0 Support for numeric separators (million...

dependabot[bot]

Bumps [moment](https://github.com/moment/moment) from 2.24.0 to 2.29.4. Changelog Sourced from moment's changelog. 2.29.4 Release Jul 6, 2022 #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex 2.29.3 Full changelog Release Apr 17, 2022...

dependabot[bot]

Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.0 to 2.6.7. Release notes Sourced from node-fetch's releases. v2.6.7 Security patch release Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th...

dependabot[bot]

Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.0 to 2.6.1. Release notes Sourced from node-fetch's releases. v2.6.1 This is an important security release. It is strongly recommended to update as soon as possible. See...

dependabot[bot]

Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.23 to 3.2.0. Changelog Sourced from nanoid's changelog. Change Log This project adheres to Semantic Versioning. 3.2 Added --size and --alphabet arguments to binary (by Vitaly Baev)....

dependabot[bot]

Bumps [shelljs](https://github.com/shelljs/shelljs) from 0.8.3 to 0.8.5. Release notes Sourced from shelljs's releases. v0.8.5 This was a small security fix for #1058. v0.8.4 Small patch release to fix a circular dependency...

dependabot[bot]

Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [axios](https://github.com/axios/axios) from 0.19.2 to 0.21.1. Release notes Sourced from axios's releases. v0.21.1 0.21.1 (December 21, 2020) Fixes and Functionality: Hotfix: Prevent SSRF (#3410) Protocol not parsed when setting proxy...

dependabot[bot]

Bumps [axios](https://github.com/axios/axios) from 0.19.2 to 0.21.1. Release notes Sourced from axios's releases. v0.21.1 0.21.1 (December 21, 2020) Fixes and Functionality: Hotfix: Prevent SSRF (#3410) Protocol not parsed when setting proxy...

dependabot[bot]

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]