Sourced from micromatch's releases.
\n\n\n4.0.8
\nUltimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.
\n4.0.4
\n\n
\n- fix: Update picomatch to fix regression #179 (8becb55)
\n4.0.3
\n\n
\n- Enforce newer version of picomatch with bugfixes
\n
Sourced from micromatch's changelog.
\n\n\n[4.0.8] - 2024-08-22
\n\n
\n- backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch
\n[4.0.7] - 2024-05-22
\n\n
\n- this is basically v4.0.5, with some README updates
\n- it is vulnerable to CVE-2024-4067
\n- Updated braces to v3.0.3 to avoid CVE-2024-4068
\n- does NOT break API compatibility
\n[4.0.6] - 2024-05-21
\n\n
\n- Added
\nhasBraces
to check if a pattern contains braces.- Fixes CVE-2024-4067
\n- BREAKS API COMPATIBILITY
\n- Should be labeled as a major release, but it's not.
\n[4.0.1 - 4.0.5]
\n[4.0.0] - 2019-03-20
\nAdded
\n\n
\n- Adds support for
\noptions.onMatch
. See the readme for details- Adds support for
\noptions.onIgnore
. See the readme for details- Adds support for
\noptions.onResult
. See the readme for detailsBreaking changes
\n\n
\n- Require Node.js >= 8.6
\n- Removed support for passing an array of brace patterns to
\nmicromatch.braces()
.- To strictly enforce closing brackets (for
\n{
,[
, and(
), you must now usestrictBrackets=true
instead ofstrictErrors
.- \n
cache
- caching and all related options and methods have been removed- \n
options.unixify
was renamed tooptions.windows
- \n
options.nodupes
Was removed. Duplicates are always removed by default. You can override this with custom behavior by using theonMatch
,onResult
andonIgnore
functions.- \n
options.snapdragon
was removed, as snapdragon is no longer used.- \n
options.sourcemap
was removed, as snapdragon is no longer used, which provided sourcemap support.[3.0.0] - 2017-04-11
\nComplete overhaul, with 36,000+ new unit tests validated against actual output generated by Bash and minimatch. More specifically, 35,000+ of the tests:
\n\n
\n- micromatch results are directly compared to bash results
\n- in rare cases, when micromatch and bash disagree, micromatch's results are compared to minimatch's results
\n- micromatch is much more accurate than minimatch, so there were cases where I had to make assumptions. I'll try to document these.
\nThis refactor introduces a parser and compiler that are supersets of more granular parsers and compilers from other sub-modules. Each of these sub-modules has a singular responsibility and focuses on a certain type of matching that aligns with a specific part of the Bash "expansion" API.
\nThese sub-modules work like plugins to seamlessly create the micromatch parser/compiler, so that strings are parsed in one pass, an AST is created, then a new string is generated by the compiler.
\n\n
... (truncated)
\n8bd704e
4.0.8a0e6841
run verb to generate README documentation4ec2884
Merge branch 'v4' into hauserkristof-feature/v4.0.803aa805
Merge pull request #266 from hauserkristof/feature/v4.0.8814f5f7
lint67fcce6
fix: CHANGELOG about braces & CVE-2024-4068, v4.0.5113f2e3
fix: CVE numbers in CHANGELOGd9dbd9a
feat: updated CHANGELOG2ab1315
fix: use actions/setup-node@v41406ea3
feat: rework test to work on macos with node 10,12 and 14Sourced from ws's releases.
\n\n\n5.2.4
\nBug fixes
\n\n
\n- Backported e55e5106 to the 5.x release line (4abd8f6d).
\n
aa8fe0a
[dist] 5.2.44abd8f6
[security] Fix crash when the Upgrade header cannot be read (#2231)36a3f4d
[lint] Add space before function parentheses74b2db2
3.0.388f1429
update eslint. lint, fix unit tests.415d660
Snyk js braces 6838727 (#40)190510f
fix tests, skip 1 test in test/braces.expand716eb9f
readme bumpa5851e5
Merge pull request #37 from coderaiser/fix/vulnerability2092bd1
feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
remove funding file665ab5d
update keepEscaping doc (#27)Sourced from ejs's releases.
\n\n\nv3.1.10
\nVersion 3.1.10
\nv3.1.9
\nVersion 3.1.9
\nv3.1.8
\nVersion 3.1.8
\n
d3f807d
Version 3.1.109ee26dd
Mocha TDDe469741
Basic pollution protection715e950
Merge pull request #756 from Jeffrey-mu/maincabe314
Include advanced usage examples29b076c
Added header11503c7
Merge branch 'main' of github.com:mde/ejs into main7690404
Added security banner to READMEf47d7ae
Update SECURITY.md828cea1
Update SECURITY.mdSourced from es5-ext's releases.
\n\n\n0.10.63 (2024-02-23)
\nBug Fixes
\n\n
\n- Do not rely on problematic regex (3551cdd), addresses #201
\n- Support ES2015+ function definitions in
\nfunction#toStringTokens()
(a52e957), addresses #021- Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)
\nMaintenance Improvements
\n\n
\n- Simplify the manifest message (7855319)
\n
\n\n0.10.62 (2022-08-02)
\nMaintenance Improvements
\n\n
\n\n0.10.61 (2022-04-20)
\nBug Fixes
\n\n
\n- Ensure postinstall script does not error (a0be4fd)
\nMaintenance Improvements
\n\n
\n- Bump dependencies (d7e0a61)
\n
\n\n0.10.60 (2022-04-07)
\nMaintenance Improvements
\n\n
\n- Improve
\npostinstall
script configuration (ab6b121)
\n\n0.10.59 (2022-03-17)
\nMaintenance Improvements
\n\n\n
... (truncated)
\nSourced from es5-ext's changelog.
\n\n\n0.10.63 (2024-02-23)
\nBug Fixes
\n\n
\n- Do not rely on problematic regex (3551cdd), addresses #201
\n- Support ES2015+ function definitions in
\nfunction#toStringTokens()
(a52e957), addresses #021- Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)
\nMaintenance Improvements
\n\n
\n- Simplify the manifest message (7855319)
\n0.10.62 (2022-08-02)
\nMaintenance Improvements
\n\n0.10.61 (2022-04-20)
\nBug Fixes
\n\n
\n- Ensure postinstall script does not error (a0be4fd)
\nMaintenance Improvements
\n\n
\n- Bump dependencies (d7e0a61)
\n0.10.60 (2022-04-07)
\nMaintenance Improvements
\n\n
\n- Improve
\npostinstall
script configuration (ab6b121)0.10.59 (2022-03-17)
\nMaintenance Improvements
\n\n0.10.58 (2022-03-11)
\nMaintenance Improvements
\n\n
\n- Improve "call for peace" manifest (3beace4)
\n0.10.57 (2022-03-08)
\n\n
... (truncated)
\nde4e03c
chore: Release v0.10.633fd53b7
chore: Upgrade lint-staged
to v13bf8ed79
chore: Ensure postinstall script does not crash on Windows2cbbb07
chore: Bump dependencies22d0416
chore: Bump LICENSE yeara52e957
fix: Support ES2015+ function definitions in function#toStringTokens()
3551cdd
fix: Do not rely on problematic regex7855319
chore: Simplify the manifest message78e041f
chore: Release v0.10.62c51d552
chore: Improve manifest6585820
Release version 1.15.4 of the npm package.7a6567e
Disallow bracketed hostnames.05629af
Prefer native URL instead of deprecated url.parse.1cba8e8
Prefer native URL instead of legacy url.resolve.72bc2a4
Simplify _processResponse error handling.3d42aec
Add bracket tests.bcbb096
Do not directly set Error properties.192dbe7
Release version 1.15.3 of the npm package.bd8c81e
Fix resource leak on destroy.9c728c3
Split linting and testing.Sourced from postcss's releases.
\n\n\n8.4.31
\n\n
\n- Fixed
\n\\r
parsing to fix CVE-2023-44270.8.4.30
\n\n
\n- Improved source map performance (by
\n@romainmenke
).8.4.29
\n\n8.4.28
\n\n
\n- Fixed
\nRoot.source.end
for better source map (by@romainmenke
).- Fixed
\nResult.root
types whenprocess()
has no parser.8.4.27
\n\n
\n- Fixed
\nContainer
clone methods types.8.4.26
\n\n
\n- Fixed clone methods types.
\n8.4.25
\n\n
\n- Improve stringify performance (by
\n@romainmenke
).- Fixed docs (by
\n@vikaskaliramna07
).8.4.24
\n\n
\n- Fixed
\nPlugin
types.8.4.23
\n\n
\n- Fixed warnings in TypeDoc.
\n8.4.22
\n\n
\n- Fixed TypeScript support with
\nnode16
(by@remcohaszing
).8.4.21
\n\n
\n- Fixed
\nInput#error
types (by@hudochenkov
).8.4.20
\n\n
\n- Fixed source map generation for childless at-rules like
\n@layer
.8.4.19
\n\n
\n- Fixed whitespace preserving after AST transformations (by
\n@romainmenke
).8.4.18
\n\n
\n- Fixed an error on
\nabsolute: true
with emptysourceContent
(by@KingSora
).8.4.17
\n\n
\n- Fixed
\nNode.before()
unexpected behavior (by@romainmenke
).- Added TOC to docs (by
\n@muddv
).8.4.16
\n\n
... (truncated)
\nSourced from postcss's changelog.
\n\n\n8.4.31
\n\n
\n- Fixed
\n\\r
parsing to fix CVE-2023-44270.8.4.30
\n\n
\n- Improved source map performance (by Romain Menke).
\n8.4.29
\n\n
\n- Fixed
\nNode#source.offset
(by Ido Rosenthal).- Fixed docs (by Christian Oliff).
\n8.4.28
\n\n
\n- Fixed
\nRoot.source.end
for better source map (by Romain Menke).- Fixed
\nResult.root
types whenprocess()
has no parser.8.4.27
\n\n
\n- Fixed
\nContainer
clone methods types.8.4.26
\n\n
\n- Fixed clone methods types.
\n8.4.25
\n\n
\n- Improve stringify performance (by Romain Menke).
\n- Fixed docs (by
\n@vikaskaliramna07
).8.4.24
\n\n
\n- Fixed
\nPlugin
types.8.4.23
\n\n
\n- Fixed warnings in TypeDoc.
\n8.4.22
\n\n
\n- Fixed TypeScript support with
\nnode16
(by Remco Haszing).8.4.21
\n\n
\n- Fixed
\nInput#error
types (by Aleks Hudochenkov).8.4.20
\n\n
\n- Fixed source map generation for childless at-rules like
\n@layer
.8.4.19
\n\n
\n- Fixed whitespace preserving after AST transformations (by Romain Menke).
\n8.4.18
\n\n
\n- Fixed an error on
\nabsolute: true
with emptysourceContent
(by Rene Haas).8.4.17
\n\n
\n- Fixed
\nNode.before()
unexpected behavior (by Romain Menke).- Added TOC to docs (by Mikhail Dedov).
\n8.4.16
\n\n
... (truncated)
\n90208de
Release 8.4.31 version58cc860
Fix carrier return parsing4fff8e4
Improve pnpm test outputcd43ed1
Update dependenciescaa916b
Update dependencies8972f76
Typo11a5286
Typo45c5501
Release 8.4.30 versionbc3c341
Update linterb2be58a
Merge pull request #1881 from romainmenke/improve-sourcemap-performance--phil...8fbc66c
Releasef016446
fixup tests missing graphReff0c84d4
Merge pull request from GHSA-j5g3-5c8r-7qfx84852fc
Releasea2b8fc6
Update dependency on graphql-upload fork to fix #706091de501
Releaseae444b2
Release82d4498
Disable graphql-upload integration when it is not used (#6476)a725306
Release5069bd8
apollo-server-core: update GraphQL Playground React appThis version was pushed to npm by apollo-bot, a new releaser for apollo-server-core since your current version.
\nSourced from word-wrap's releases.
\n\n\n1.2.4
\nWhat's Changed
\n\n
\n- Remove default indent by
\n@mohd-akram
in jonschlinkert/word-wrap#24- 🔒fix: CVE 2023 26115 (2) by
\n@OlafConijn
in jonschlinkert/word-wrap#41- :lock: fix: CVE-2023-26115 by
\n@aashutoshrathi
in jonschlinkert/word-wrap#33- chore: publish workflow by
\n@OlafConijn
in jonschlinkert/word-wrap#42New Contributors
\n\n
\n- \n
@mohd-akram
made their first contribution in jonschlinkert/word-wrap#24- \n
@OlafConijn
made their first contribution in jonschlinkert/word-wrap#41- \n
@aashutoshrathi
made their first contribution in jonschlinkert/word-wrap#33Full Changelog: https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4
\n
f64b188
run verb to generate README03ea082
Merge pull request #42 from jonschlinkert/chore/publish-workflow420dce9
Merge pull request #41 from jonschlinkert/fix/CVE-2023-26115-2bfa694e
Update .github/workflows/publish.ymlace0b3c
chore: bump version to 1.2.46fd7275
chore: add publish workflow30d6daf
chore: fix test655929c
chore: remove package-lock49e08bb
chore: added an additional testcase9f62693
fix: cve 2023-26115