alveare

alveare copied to clipboard

Bumps [moment](https://github.com/moment/moment) from 2.24.0 to 2.29.4. Changelog Sourced from moment's changelog. 2.29.4 Release Jul 6, 2022 #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex 2.29.3 Full changelog Release Apr 17, 2022...

dependabot[bot]

Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.10.2 to 6.12.6. Release notes Sourced from ajv's releases. v6.12.6 Fix performance issue of "url" format. v6.12.5 Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords...

dependabot[bot]

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.0 to 5.1.2. Release notes Sourced from glob-parent's releases. v5.1.2 Bug Fixes eliminate ReDoS (#36) (f923116) v5.1.1 Bug Fixes unescape exclamation mark (#26) (a98874f) Changelog Sourced from...

dependabot[bot]

Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.4 to 2.8.9. Changelog Sourced from hosted-git-info's changelog. 2.8.9 (2021-04-07) Bug Fixes backport regex fix from #76 (29adfe5), closes #84 2.8.8 (2020-02-29) Bug Fixes #61 & #65...

dependabot[bot]

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...

dependabot[bot]

Bumps [acorn](https://github.com/acornjs/acorn) from 7.1.0 to 7.1.1. Commits 6d19489 Mark release 7.1.1 793c0e5 More rigorously check surrogate pairs in regexp validator b5c1787 Fix incorrect comment in regexp parser 12ae8fe Parameterize dummy...

dependabot[bot]

voivoikeri