• See full diff in compare view

Sourced from node-fetch's releases.

v3.3.2

3.3.2 (2023-07-25)

Bug Fixes

• Remove the default connection close header. (#1736) (8b3320d), closes #1735 #1473

v3.3.1

3.3.1 (2023-03-11)

Bug Fixes

• release "Allow URL class object as an argument for fetch()" #1696 (#1716) (7b86e94)

v3.3.0

3.3.0 (2022-11-10)

Features

• add static Response.json (#1670) (55a4870)

v3.2.10

3.2.10 (2022-07-31)

Bug Fixes

• ReDoS referrer (#1611) (2880238)

v3.2.9

3.2.9 (2022-07-18)

Bug Fixes

• Headers: don't forward secure headers on protocol change (#1599) (e87b093)

v3.2.8

3.2.8 (2022-07-12)

Bug Fixes

• possibly flaky test (#1523) (11b7033)

... (truncated)

• 8b3320d fix: Remove the default connection close header. (#1736)
• 7b86e94 fix: release "Allow URL class object as an argument for fetch()" #1696 (#1716)
• 8ced5b9 docs: readme - non ESM example (#1707)
• 71e376b ci(release): use latest Node LTS (#1697)
• e093030 Allow URL class object as an argument for fetch() (#1696)
• 55a4870 feat: add static Response.json (#1670)
• c071406 (1138) - Fixed HTTPResponseError with correct constructor and usage (#1666)
• 6f72caa docs: fix missing comma in example (#1623)
• 2880238 fix: ReDoS referrer (#1611)
• e87b093 fix(Headers): don't forward secure headers on protocol change (#1599)
• Additional commits viewable in compare view

This version was pushed to npm by node-fetch-bot, a new releaser for node-fetch since your current version.

Sourced from minimatch's changelog.

change log

9.0

• No default export, only named exports.

8.0

• Recursive descent parser for extglob, allowing correct support for arbitrarily nested extglob expressions
• Bump required Node.js version

7.4

• Add escape() method
• Add unescape() method
• Add Minimatch.hasMagic() method

7.3

• Add support for posix character classes in a unicode-aware way.

7.2

• Add windowsNoMagicRoot option

7.1

• Add optimizationLevel configuration option, and revert the default back to the 6.2 style minimal optimizations, making the advanced transforms introduced in 7.0 opt-in. Also, process provided file paths in the same way in optimizationLevel:2 mode, so most things that matched with optimizationLevel 1 or 0 should match with level 2 as well. However, level 1 is the default, out of an abundance of caution.

7.0

• Preprocess patterns to simplify complicated patterns and reduce out .. pattern portions where possible. Note that this means a pattern like a/b/../* will be equivalent to a/*, and will not match the string a/b/../c. If this causes problems, it can be addressed in a patch release by resolving .. portions in the test string.

6.2

• Add nocaseMagicOnly flag

6.1

... (truncated)

• 26d281d 4.0.0
• f20fe55 engines declaration
• e73729f Update to modern JS syntax
• 270dbea v3.0.0
• 668a1f4 Don't package browser version
• 6afb85f v2.0.10
• 6c14860 Do not crash on nested negative extglobs
• See full diff in compare view

Sourced from semver's releases.

v7.5.3

7.5.3 (2023-06-22)

Bug Fixes

• abdd93d #571 set max lengths in regex for numeric and build identifiers (#571) (@​lukekarrys)

Documentation

• bf53dd8 #569 add example for > comparator (#569) (@​mbtools)

Sourced from semver's changelog.

7.5.3 (2023-06-22)

Bug Fixes

• abdd93d #571 set max lengths in regex for numeric and build identifiers (#571) (@​lukekarrys)

Documentation

• bf53dd8 #569 add example for > comparator (#569) (@​mbtools)

• 7fdf1ef chore: release 7.5.3
• bf53dd8 docs: add example for > comparator (#569)
• abdd93d fix: set max lengths in regex for numeric and build identifiers (#571)
• See full diff in compare view

Sourced from jsonwebtoken's changelog.

9.0.2 - 2023-08-30

• security: updating semver to 7.5.4 to resolve CVE-2022-25883, closes #921.
• refactor: reduce library size by using lodash specific dependencies, closes #878.

9.0.1 - 2023-07-05

• fix(stubs): allow decode method to be stubbed

• bc28861 Release 9.0.2 (#935)
• 96b8906 refactor: use specific lodash packages (#933)
• ed35062 security: Updating semver to 7.5.4 to resolve CVE-2022-25883 (#932)
• 84539b2 Updating package version to 9.0.1 (#920)
• a99fd4b fix(stubs): allow decode method to be stubbed (#876)
• See full diff in compare view

This version was pushed to npm by charlesrea, a new releaser for jsonwebtoken since your current version.

• See full diff in compare view

Sourced from ws's releases.

8.17.0

Features

• The WebSocket constructor now accepts the createConnection option (#2219).

Other notable changes

• The default value of the allowSynchronousEvents option has been changed to true (#2221).

This is a breaking change in a patch release. The assumption is that the option is not widely used.

8.16.0

Features

• Added the autoPong option (01ba54ed).

8.15.1

Notable changes

• The allowMultipleEventsPerMicrotask option has been renamed to allowSynchronousEvents (4ed7fe58).

This is a breaking change in a patch release that could have been avoided with an alias, but the renamed option was added only 3 days ago, so hopefully it hasn't already been widely used.

8.15.0

Features

• Added the allowMultipleEventsPerMicrotask option (93e3552e).

8.14.2

Bug fixes

• Fixed an issue that allowed errors thrown by failed assertions to be swallowed when running tests (7f4e1a75).

8.14.1

Bug fixes

• Improved the reliability of two tests for CITGM (fd3c64cb).

8.14.0

Features

• The WebSocket constructor now accepts HTTP(S) URLs (#2162).

... (truncated)

• b73b118 [dist] 8.17.0
• 29694a5 [test] Use the highWaterMark variable
• 934c9d6 [ci] Test on node 22
• 1817bac [ci] Do not test on node 21
• 96c9b3d [major] Flip the default value of allowSynchronousEvents (#2221)
• e5f32c7 [fix] Emit at most one event per event loop iteration (#2218)
• 2aa0405 [minor] Fix nits
• 53a8888 [feature] Allow the createConnection option (#2219)
• b119b41 [pkg] Update eslint to version 9.0.0
• 2405c17 [doc] Add punctuation for readability (#2213)
• Additional commits viewable in compare view

• See full diff in compare view

Sourced from node-forge's changelog.

1.3.1 - 2022-03-29

Fixes

• RFC 3447 and RFC 8017 allow for optional DigestAlgorithm NULL parameters for sha* algorithms and require NULL paramters for md2 and md5 algorithms.

• a0a4a42 Release 1.3.1.
• a33830f Update changelog.
• 740954d Allow optional DigestAlgorithm parameters.
• 56f4316 Allow DigestInfo.DigestAlgorith.parameters to be optional
• cbf0bd5 Start 1.3.1-0.
• See full diff in compare view

• See full diff in compare view

• 7570078 6.5.5
• 206da2e lib: lint
• 0a78e03 [Fix] restore node < 4 compat
• 43ac7f2 6.5.4
• f4bc72b package: bump deps
• 441b742 ec: validate that a point before deriving keys
• e71b2d9 lib: relint using eslint
• 8421a01 build(deps): bump elliptic from 6.4.1 to 6.5.3 (#231)
• See full diff in compare view

Sourced from find-my-way's releases.

v2.2.5

Fixes:

• Enable versioning on demand - #172 This fix disables the automatic route versioning unless a user has configured at least once a route with the version option.

• b846810 Bumped v2.2.5
• 264a688 Bumped v2.2.4
• 771d019 Standard
• 0118ab6 Enable versioning on demand (#172)
• See full diff in compare view

Sourced from highlight.js's releases.

10.7.3

• fix(parser) Resolves issue with missing TypeScript property Jacob Swanner

No other changes.

Version 10.7.2

This is a patch release. The only change is that deprecation messages are throttled and shown only once.

• (chore) throttle deprecation messages (#3092) Mihkel Eidast

10.7.1 - Spring Edition

This .1 patch release fixes an issue with the TypeScript typing info in 10.7.0.

Release notes from 10.7.0

Parser:

• enh(api) add unregisterLanguage method (#3009) [Antoine du Hamel][]
• enh: Make alias registration case insensitive (#3026) [David Ostrovsky][]
• fix(parser) highlightAll() now works if the library is lazy loaded [Josh Goebel][]

New Languages:

• Added 3rd party RiScript grammar to SUPPORTED_LANGUAGES (#2988) [John C][]
• Added 3rd party HLSL grammar to SUPPORTED_LANGUAGES (#3002) [Stef Levesque][]
• Added 3rd party Q# grammar to SUPPORTED_LANGUAGES(#3006) [Vyron Vasileiadis][]

Language grammar improvements:

• fix(python) allow keywords immediately following numbers (#2985) [Josh Goebel][]
• fix(xml) char immediately following tag close mis-highlighted (#3044) [Josh Goebel][]
• fix(ruby) fix defined?() mis-highlighted as def (#3025) [Josh Goebel][]
• fix(c) comments after #include <str> blocks (#3041) [Josh Goebel][]
• fix(cpp) comments after #include <str> blocks (#3041) [Josh Goebel][]
• enh(cpp) Highlight all function dispatches (#3005) [Josh Goebel][]
• enh(python) support type hints and better type support (#2972) [Josh Goebel][]
• enh(gml) Add additional GML 2.3 keywords (#2984) [xDGameStudios][]
• fix(cpp) constructor support for initializers (#3001) [Josh Goebel][]
• enh(php) Add trait to class-like naming patterns (#2997) [Ayesh][]
• enh(php) Add Stringable, UnhandledMatchError, and WeakMap classes/interfaces (#2997) [Ayesh][]
• enh(php) Add mixed to list of keywords (#2997) [Ayesh][]
• enh(php) Add support binary, octal, hex and scientific numerals with underscore separator support (#2997) [Ayesh][]
• enh(php) Add support for Enums (#3004) [Ayesh][]
• enh(ecmascript) Add built-in types [Vaibhav Chanana][]
• enh(kotlin) Add kts as an alias for Kotlin (#3021) [Vaibhav Chanana][]

... (truncated)

Sourced from highlight.js's changelog.

Version 10.7.3

• fix(parser) Resolves issue with missing TypeScript property Jacob Swanner

Version 10.7.2

This is a patch release. The only change is that deprecation messages are throttled and shown only once.

• (chore) throttle deprecation messages (#3092) Mihkel Eidast

Version 10.7.1

• fix(parser) Resolves issues with TypeScript types [Josh Goebel][]

Version 10.7.0

Parser:

• enh(api) add unregisterLanguage method (#3009) [Antoine du Hamel][]
• enh: Make alias registration case insensitive (#3026) [David Ostrovsky][]
• fix(parser) highlightAll() now works if the library is lazy loaded [Josh Goebel][]

New Languages:

• Added 3rd party RiScript grammar to SUPPORTED_LANGUAGES (#2988) [John C][]
• Added 3rd party HLSL grammar to SUPPORTED_LANGUAGES (#3002) [Stef Levesque][]
• Added 3rd party Q# grammar to SUPPORTED_LANGUAGES(#3006) [Vyron Vasileiadis][]

Language grammar improvements:

• fix(python) allow keywords immediately following numbers (#2985) [Josh Goebel][]
• fix(xml) char immediately following tag close mis-highlighted (#3044) [Josh Goebel][]
• fix(ruby) fix defined?() mis-highlighted as def (#3025) [Josh Goebel][]
• fix(c) comments after #include <str> blocks (#3041) [Josh Goebel][]
• fix(cpp) comments after #include <str> blocks (#3041) [Josh Goebel][]
• enh(cpp) Highlight all function dispatches (#3005) [Josh Goebel][]
• enh(python) support type hints and better type support (#2972) [Josh Goebel][]
• enh(gml) Add additional GML 2.3 keywords (#2984) [xDGameStudios][]
• fix(cpp) constructor support for initializers (#3001) [Josh Goebel][]
• enh(php) Add trait to class-like naming patterns (#2997) [Ayesh][]
• enh(php) Add Stringable, UnhandledMatchError, and WeakMap classes/interfaces (#2997) [Ayesh][]
• enh(php) Add mixed to list of keywords (#2997) [Ayesh][]
• enh(php) Add support binary, octal, hex and scientific numerals with underscore separator support (#2997) [Ayesh][]

... (truncated)

• 0c4cc8a (chore) release 10.7.3
• d38b332 fix(parser) Resolve issue with missing TS property (#3225)
• 00233d6 (chore) release 10.7.2
• 4630cde (chore) throttle deprecation messages (#3092)
• 421b23b (chore) fix TS issue, bump 10.7.1
• 7ec45af (chore) bump version to 10.7.0
• bfb5a59 enh(parser) new highlight() API (#3053)
• 6f24850 (cleanup) better boolean naming
• 695ff64 (chore) add shebang for build script
• 23ae72c (chore) rename master branch to main
• Additional commits viewable in compare view

This version was pushed to npm by highlightjs_bot, a new releaser for highlight.js since your current version.

Sourced from hosted-git-info's changelog.

2.8.9 (2021-04-07)

Bug Fixes

• backport regex fix from #76 (29adfe5), closes #84

• 8d4b369 chore(release): 2.8.9
• 29adfe5 fix: backport regex fix from #76
• See full diff in compare view

This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.

• a2c5da8 1.3.8
• af5c6bb Do not use Object.create(null)
• 8b648a1 don't test where our devdeps don't even work
• c74c8af 1.3.7
• 024b8b5 update deps, add linting
• 032fbaf Use Object.create(null) to avoid default object property hazards
• 2da9039 1.3.6
• cfea636 better git push script, before publish instead of after
• 56d2805 do not allow invalid hazardous string as section name
• See full diff in compare view

This version was pushed to npm by isaacs, a new releaser for ini since your current version.

Sourced from postcss's releases.

8.4.38

• Fixed endIndex: 0 in errors and warnings (by @​romainmenke).

8.4.37

• Fixed original.column are not numbers error in another case.

8.4.36

• Fixed original.column are not numbers error on broken previous source map.

8.4.35

• Avoid ! in node.parent.nodes type.
• Allow to pass undefined to node adding method to simplify types.

8.4.34

• Fixed AtRule#nodes type (by @​tim-we).
• Cleaned up code (by @​DrKiraDmitry).

8.4.33

• Fixed NoWorkResult behavior difference with normal mode (by @​romainmenke).
• Fixed NoWorkResult usage conditions (by @​ahmdammarr).

8.4.32

• Fixed postcss().process() types (by @​ferreira-tb).

Sourced from postcss's changelog.

8.4.38

• Fixed endIndex: 0 in errors and warnings (by @​romainmenke).

8.4.37

• Fixed original.column are not numbers error in another case.

8.4.36

• Fixed original.column are not numbers error on broken previous source map.

8.4.35

• Avoid ! in node.parent.nodes type.
• Allow to pass undefined to node adding method to simplify types.

8.4.34

• Fixed AtRule#nodes type (by Tim Weißenfels).
• Cleaned up code (by Dmitry Kirillov).

8.4.33

• Fixed NoWorkResult behavior difference with normal mode (by Romain Menke).
• Fixed NoWorkResult usage conditions (by @​ahmdammarr).

8.4.32

• Fixed postcss().process() types (by Andrew Ferreira).

• a69d45e Release 8.4.38 version
• 64e35d9 Update dependencies
• c1ad8fb Merge pull request #1932 from romainmenke/fix-warning-end-index--inventive-nu...
• b45e7e9 fix endIndex
• 1bea246 failing test: for endIndex 0 in rangeBy
• 0fd1d86 Add changelog auto release on Github
• 49c906e Release 8.4.37 version
• b5bd92c Fix another broken prev source map issue
• 2882039 Update dependencies
• e5ad939 Release 8.4.36 version
• Additional commits viewable in compare view

Sourced from ssri's changelog.

6.0.2 (2021-04-07)

Bug Fixes

• backport regex change from 8.0.1 (b30dfdb), closes #19

• b7c8c7c chore(release): 6.0.2
• b30dfdb fix: backport regex change from 8.0.1
• See full diff in compare view

This version was pushed to npm by nlf, a new releaser for ssri since your current version.

Sourced from y18n's releases.

y18n y18n-v4.0.3

Bug Fixes

• release: 4.x.x should not enforce Node 10 (#126) (1e21a53)

y18n y18n-v4.0.2

Bug Fixes

• security: ensure entry exists for backport (#120) (b22c0df)

• See full diff in compare view

This version was pushed to npm by oss-bot, a new releaser for y18n since your current version.

Sourced from ws's releases.

8.17.0

Features

• The WebSocket constructor now accepts the createConnection option (#2219).

Other notable changes

• The default value of the allowSynchronousEvents option has been changed to true (#2221).

This is a breaking change in a patch release. The assumption is that the option is not widely used.

8.16.0

Features

• Added the autoPong option (01ba54ed).

8.15.1

Notable changes

• The allowMultipleEventsPerMicrotask option has been renamed to allowSynchronousEvents (4ed7fe58).

This is a breaking change in a patch release that could have been avoided with an alias, but the renamed option was added only 3 days ago, so hopefully it hasn't already been widely used.

8.15.0

Features

• Added the allowMultipleEventsPerMicrotask option (93e3552e).

8.14.2

Bug fixes

• Fixed an issue that allowed errors thrown by failed assertions to be swallowed when running tests (7f4e1a75).

8.14.1

Bug fixes

• Improved the reliability of two tests for CITGM (fd3c64cb).

8.14.0

Features

• The WebSocket constructor now accepts HTTP(S) URLs (#2162).

... (truncated)

• b73b118 [dist] 8.17.0
• 29694a5 [test] Use the highWaterMark variable
• 934c9d6 [ci] Test on node 22
• 1817bac [ci] Do not test on node 21
• 96c9b3d [major] Flip the default value of allowSynchronousEvents (#2221)
• e5f32c7 [fix] Emit at most one event per event loop iteration (#2218)
• 2aa0405 [minor] Fix nits
• 53a8888 [feature] Allow the createConnection option (#2219)
• b119b41 [pkg] Update eslint to version 9.0.0
• 2405c17 [doc] Add punctuation for readability (#2213)
• Additional commits viewable in compare view

• 7570078 6.5.5
• 206da2e lib: lint
• 0a78e03 [Fix] restore node < 4 compat
• 43ac7f2 6.5.4
• f4bc72b package: bump deps
• 441b742 ec: validate that a point before deriving keys
• e71b2d9 lib: relint using eslint
• 8421a01 build(deps): bump elliptic from 6.4.1 to 6.5.3 (#231)
• See full diff in compare view

• a2c5da8 1.3.8
• af5c6bb Do not use Object.create(null)
• 8b648a1 don't test where our devdeps don't even work
• c74c8af 1.3.7
• 024b8b5 update deps, add linting
• 032fbaf Use Object.create(null) to avoid default object property hazards
• 2da9039 1.3.6
• cfea636 better git push script, before publish instead of after
• 56d2805 do not allow invalid hazardous string as section name
• See full diff in compare view

This version was pushed to npm by isaacs, a new releaser for ini since your current version.

• See full diff in compare view

Sourced from ssri's changelog.

6.0.2 (2021-04-07)

Bug Fixes

• backport regex change from 8.0.1 (b30dfdb), closes #19

• b7c8c7c chore(release): 6.0.2
• b30dfdb fix: backport regex change from 8.0.1
• See full diff in compare view

This version was pushed to npm by nlf, a new releaser for ssri since your current version.

Sourced from y18n's releases.

y18n y18n-v4.0.3

Bug Fixes

• release: 4.x.x should not enforce Node 10 (#126) (1e21a53)

y18n y18n-v4.0.2

Bug Fixes

• security: ensure entry exists for backport (#120) (b22c0df)

• See full diff in compare view

This version was pushed to npm by oss-bot, a new releaser for y18n since your current version.

• ebdf849 1.3.4
• ac57872 move all allocUnsafes to allocs for easier maintenance
• c64c950 1.3.3
• 0598ba1 fix .. in encodingLength
• 010aedb 1.3.2
• 0d0d593 backport encodingLength fix to v1
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.