chore(deps): bump the npm_and_yarn group across 1 directory with 19 updates

[dependabot]

Bumps the npm_and_yarn group with 6 updates in the / directory:

Package	From	To
web3	1.2.11	1.7.4
ethereum-waffle	3.0.2	4.0.10
browserify-sign	4.2.1	4.2.3
crypto-js	4.1.1	4.2.0
follow-redirects	1.15.2	1.15.6
undici	5.14.0	5.28.4

Updates web3 from 1.2.11 to 1.7.4

Release notes

Sourced from web3's releases.

web3-eth@4.0.0-alpha.0

Initial alpha release

Install with yarn add web3-eth@4.0.0-alpha.0

web3-core-requestmanager@4.0.0-alpha.0

Initial alpha release

Install with yarn add web3-core-requestmanager@4.0.0-alpha.0

web3-providers-http@4.0.0-alpha.0

Initial alpha release

Install with yarn add web3-providers-http@4.0.0-alpha.0

web3-providers-base@1.0.0-alpha.1

Changed

• Update version to 1.0.0-alpha.1 for web3-providers-base
• Update version to 4.0.0-alpha.0 for web3-utils in web3-providers-base

web3-utils@4.0.0-alpha.0

Initial alpha release

Install with yarn add web3-utils@4.0.0-alpha.0

web3-packagetemplate@1.0.0-alpha.0

Initial alpha release

Install with yarn add web3-packagetemplate@1.0.0-alpha.0

Changelog

Sourced from web3's changelog.

[1.2.11]

Fixed

• Fix Provider.request response (#3647)

Added

• Add unit tests for isHex and isHexStrict (#3622)

[1.3.0]

Added

• Support for typescript files (.ts) to be written alongside regular .js files (#3652)
• Add compareBlock function that allows for complex block comparisons (#3682)

Changed

• Improve RequestManager send method (#3649)
• npm run build now uses TSC to compile (.js allowed) and the build folder is now located under lib (#3652)
• Modernized web3-core to use newer es syntax (#3652)
• Bumped web3-providers-ipc oboe version to 2.1.5 (#3661)
• Bump lodash from 4.17.15 to 4.17.19 (#3641)
• Bump websocket version which removes node-gyp from web3.js (#3685)

Fixed

• Fix parsing of non-eth_subscription provider events (#3660)
• Fix parsedUrl problem of websocket provider (#3666)
• Fix return value for clearSubscriptions (#3689)

[1.3.1]

Added

• Add web3-eth2-core package (#3743) (renamed to web3-eth2-base)
• Add web3-eth2-beaconchain package (#3743) (renamed to web3-eth2-beacon)
• Add stripHexPrefix method to web3-utils package (#3776)

Changed

• bump utils 0.10.0^ -> 0.12.0 (#3733)

Removed

• Removed post-install script in packages/web3. Added documentation to root README (#3717)

Fixed

... (truncated)

Commits

• 77005c0 Build for 1.7.4
• 402044e v1.7.4
• 2113269 Manual build commit for 1.7.4-rc.2
• 6237ff3 v1.7.4-rc.2
• 6129d79 changelog update and npm i
• 9e40379 Merge branch '1.x' into release/1.7.4
• 739217c updating web3 utils BN (#5132)
• a286ab3 Manual build commit for 1.7.4-rc.1
• c79c3c9 v1.7.4-rc.1
• 4b718bd npm i
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jdevcs, a new releaser for web3 since your current version.

Updates ethereum-waffle from 3.0.2 to 4.0.10

Release notes

Sourced from ethereum-waffle's releases.

@​ethereum-waffle/chai@​4.0.10

Patch Changes

• 4d83cde: Emit matcher improvement

ethereum-waffle@4.0.10

Patch Changes

• Updated dependencies [4d83cde]
  • @​ethereum-waffle/mock-contract@​4.0.4
  • @​ethereum-waffle/chai@​4.0.10
  • @​ethereum-waffle/compiler@​4.0.3

@​ethereum-waffle/chai@​4.0.9

Patch Changes

• 216f1d8: Switch hardhat error priority

ethereum-waffle@4.0.9

Patch Changes

• Updated dependencies [216f1d8]
  • @​ethereum-waffle/chai@​4.0.9
  • @​ethereum-waffle/compiler@​4.0.3
  • @​ethereum-waffle/mock-contract@​4.0.3

@​ethereum-waffle/chai@​4.0.8

Patch Changes

• f93abe9: Move call history injection logic to hardhat plugin
• 9602243: 👔 revertedWith().withArgs no longer fails for uint values exceeding JavaScript's max int limit
• b54c6b9: Add delta to balance changing matchers
• 64707ae: Allow special characters in revertedWith regex
• 702c6ab: 🗾 Extend matching of Hardhat revert reasons
• a0f721a: Move ethers to peer deps
• f6d240e: 🛶 Updates for hardhat v2.11
• Updated dependencies [ee1d1b8]
• Updated dependencies [a0f721a]
  • @​ethereum-waffle/provider@​4.0.5

ethereum-waffle@4.0.8

Patch Changes

• f93abe9: Move call history injection logic to hardhat plugin
• a0f721a: Move ethers to peer deps
• Updated dependencies [da92375]
• Updated dependencies [f93abe9]
• Updated dependencies [46b954e]
• Updated dependencies [9602243]
• Updated dependencies [fb6863d]

... (truncated)

Commits

• 0915e72 🎉 Release new version (#823)
• 4d83cde ⭐️ Support events not defined in a contract (#822)
• a1d89d0 🎉 Release new version (#821)
• 216f1d8 🌏 Switch hardhat errors priority (#820)
• 13d1af0 🎉 Release new version (#796)
• 5637cc5 🦉 Optimism tests use latest commit (#819)
• 1fa1312 🥑 Add mock contract typing (#818)
• 702c6ab 🗾 Extend matching of Hardhat revert reasons (#802)
• 46b954e 🖼 Mock contract chaining behaviour (#816)
• fb6863d 🍶 Implement mocking receive function to revert (#807)
• Additional commits viewable in compare view

Updates braces from 2.3.2 to 3.0.2

Changelog

Sourced from braces's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

• Changelogs are for humans, not machines.
• There should be an entry for every single version.
• The same types of changes should be grouped.
• Versions and sections should be linkable.
• The latest version comes first.
• The release date of each versions is displayed.
• Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

• Added for new features.
• Changed for changes in existing functionality.
• Deprecated for soon-to-be removed features.
• Removed for now removed features.
• Fixed for any bug fixes.
• Security in case of vulnerabilities.

[3.0.0] - 2018-04-08

v3.0 is a complete refactor, resulting in a faster, smaller codebase, with fewer deps, and a more accurate parser and compiler.

Breaking Changes

• The undocumented .makeRe method was removed

Non-breaking changes

• Caching was removed

Commits

• See full diff in compare view

Updates browserify-sign from 4.2.1 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

• [patch] widen support to 0.12 9247adf
• [patch] drop minimum node support to v1 4d0ee49
• [Dev Deps] update aud, npmignore, tape 87f3a35
• [actions] remove redundant finisher 37a4758
• [Deps] pin hash-base to ~3.0, due to a breaking change 9e2bf12
• [Deps] update parse-asn1 [f427270`](browserify/browserify-sign@f427270)
• [Deps] update elliptic fb261ce
• [Deps] pin elliptic due to a breaking change 168e16f

v4.2.2 - 2023-10-25

Fixed

• [Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

• Only apps should have lockfiles 09a8995
• [eslint] switch to eslint 83fe463
• [meta] add npmignore and auto-changelog 4418183
• [meta] fix package.json indentation 9ac5a5e
• [Tests] migrate from travis to github actions d845d85
• [Fix] sign: throw on unsupported padding scheme 8767739
• [Fix] properly check the upper bound for DSA signatures 85994cd
• [Tests] handle openSSL not supporting a scheme f5f17c2
• [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
• [Dev Deps] update nyc, standard, tape cc5350b
• [Tests] always run coverage; downgrade nyc 75ce1d5
• [meta] add safe-publish-latest dcf49ce
• [Tests] add npm run posttest 75dd8fd
• [Dev Deps] update tape 3aec038
• [Tests] skip unsupported schemes 703c83e
• [Tests] node < 6 lacks array includes 3aa43cf
• [Dev Deps] fix eslint range 98d4e0d

Commits

• bf2c3ec v4.2.3
• 9247adf [patch] widen support to 0.12
• f427270 [Deps] update `parse-asn1
• 87f3a35 [Dev Deps] update aud, npmignore, tape
• fb261ce [Deps] update elliptic
• 4d0ee49 [patch] drop minimum node support to v1
• 9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
• 168e16f [Deps] pin elliptic due to a breaking change
• 37a4758 [actions] remove redundant finisher
• 4af5a90 v4.2.2
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.

Updates cross-fetch from 2.2.3 to 3.1.5

Release notes

Sourced from cross-fetch's releases.

v3.1.5

What's Changed

• chore: updated node-fetch version to 2.6.7 by @​dlafreniere in lquixada/cross-fetch#124

New Contributors

• @​dlafreniere made their first contribution in lquixada/cross-fetch#124

Full Changelog: lquixada/cross-fetch@v3.1.4...v3.1.5

v3.1.4

🐞 fixed typescript errors.

v3.1.3

🐞 fixed typescript compilation error causing #95, #101, #102.

v3.1.2

🐞 added missing Headers interface augmentation from lib.dom.iterable.d.ts (#97)

v3.1.1

🐞 fixed missing fetch api types from constructor signatures #96 (thanks @​jstewmon)

v3.1.0

⚡️ improved TypeScript support with own fetch API type definitions (thanks @​jstewmon) ⚡️ set fetch.ponyfill to true when custom ponyfill implementation is used. 💡 set the same fetch API test suite to run against node-fetch, whatwg-fetch and native fetch.

v3.0.6

⚡️ updated node-fetch to 2.6.1

v3.0.5

⚡️ whatwg-fetch is not a prod dependency anymore (#63) ⚡️ updated all dev dependencies.

v3.0.4

🐞 fixed bug that crashed Safari 9 (#49). ⚡️ added VaporJS code to the project.

v3.0.3

⚡️ upgraded node-fetch to 2.6.0.

v3.0.2

🐞 bugfix #35: fixed TypeScript failing on types when dom lib is not present.

v3.0.1

🐞 bugfix #38: fixed the browser ponyfill stomping the global fetch function on React Native (thanks @​msluther)

v3.0.0

• major upgrade of whatwg-fetch to 3.0.0 (see breaking changes)
• minor upgrade of node-fetch to 2.3.0 (see changelog)
• comprehensive test coverage (from 16 specs to 72)

... (truncated)

Commits

• c6089df chore(release): 3.1.5
• a3b3a94 chore: updated node-fetch version to 2.6.7 (#124)
• efed703 chore: updated node-fetch version to 2.6.5
• 694ff77 refactor: removed ora from dependencies
• efc5956 refactor: added .vscode to .gitignore
• da605d5 refactor: renamed test/fetch/ to test/fetch-api/ and test/module/ to test/mod...
• 0f0d51d chore: updated minor and patch versions of dev dependencies
• c6e34ea refactor: removed sinon.js
• f524a52 fix: yargs was incompatible with node 10
• 7906fcf chore: updated dev dependencies
• Additional commits viewable in compare view

Updates crypto-js from 4.1.1 to 4.2.0

Commits

• 808f499 Merge branch 'release/4.2.0'
• d5af3ae Update release notes.
• 9496e07 Bump version.
• 421dd53 Change default hash algorithm and iteration's for PBKDF2 to prevent weak secu...
• d1f4f4d Update grunt.
• c755289 Discontinued
• 1da3dab Discontinued
• 4dcaa7a Merge pull request #380 from Alanscut/dev
• 762feb2 chore: rename BF to Blowfish
• fb81418 feat: blowfish support
• Additional commits viewable in compare view

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

• Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

• Switch to GitHub workflows 76abc93
• Fix issue where decode throws - fixes #6 746ca5d
• Update license (#1) 486d7e2
• Tidelift tasks a650457
• Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

• a0eea46 0.2.2
• 980e0bf Prevent overwriting previously decoded tokens
• 3c8a373 0.2.1
• 76abc93 Switch to GitHub workflows
• 746ca5d Fix issue where decode throws - fixes #6
• 486d7e2 Update license (#1)
• a650457 Tidelift tasks
• 66e1c28 Meta tweaks
• See full diff in compare view

Updates elliptic from 6.5.3 to 6.5.4

Commits

• 43ac7f2 6.5.4
• f4bc72b package: bump deps
• 441b742 ec: validate that a point before deriving keys
• e71b2d9 lib: relint using eslint
• 8421a01 build(deps): bump elliptic from 6.4.1 to 6.5.3 (#231)
• See full diff in compare view

Updates express from 4.17.1 to 4.18.2

Release notes

Sourced from express's releases.

4.18.2

• Fix regression routing a large stack in a single route
• deps: body-parser@1.20.1
  • deps: qs@6.11.0
  • perf: remove unnecessary object clone
• deps: qs@6.11.0

4.18.1

• Fix hanging on large stack of sync routes

4.18.0

• Add "root" option to res.download
• Allow options without filename in res.download
• Deprecate string and non-integer arguments to res.status
• Fix behavior of null/undefined as maxAge in res.cookie
• Fix handling very large stacks of sync middleware
• Ignore Object.prototype values in settings through app.set/app.get
• Invoke default with same arguments as types in res.format
• Support proper 205 responses using res.send
• Use http-errors for res.format error
• deps: body-parser@1.20.0
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: depd@2.0.0
  • deps: http-errors@2.0.0
  • deps: on-finished@2.4.1
  • deps: qs@6.10.3
  • deps: raw-body@2.5.1
• deps: cookie@0.5.0
  • Add priority option
  • Fix expires option to reject invalid dates
• deps: depd@2.0.0
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: finalhandler@1.2.0
  • Remove set content headers that break response
  • deps: on-finished@2.4.1
  • deps: statuses@2.0.1
• deps: on-finished@2.4.1
  • Prevent loss of async hooks context
• deps: qs@6.10.3
• deps: send@0.18.0
  • Fix emitted 416 error missing headers property
  • Limit the headers removed for 304 response
  • deps: depd@2.0.0
  • deps: destroy@1.2.0
  • deps: http-errors@2.0.0
  • deps: on-finished@2.4.1

... (truncated)

Changelog

Sourced from express's changelog.

4.18.2 / 2022-10-08

• Fix regression routing a large stack in a single route
• deps: body-parser@1.20.1
  • deps: qs@6.11.0
  • perf: remove unnecessary object clone
• deps: qs@6.11.0

4.18.1 / 2022-04-29

• Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

• Add "root" option to res.download
• Allow options without filename in res.download
• Deprecate string and non-integer arguments to res.status
• Fix behavior of null/undefined as maxAge in res.cookie
• Fix handling very large stacks of sync middleware
• Ignore Object.prototype values in settings through app.set/app.get
• Invoke default with same arguments as types in res.format
• Support proper 205 responses using res.send
• Use http-errors for res.format error
• deps: body-parser@1.20.0
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: depd@2.0.0
  • deps: http-errors@2.0.0
  • deps: on-finished@2.4.1
  • deps: qs@6.10.3
  • deps: raw-body@2.5.1
• deps: cookie@0.5.0
  • Add priority option
  • Fix expires option to reject invalid dates
• deps: depd@2.0.0
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: finalhandler@1.2.0
  • Remove set content headers that break response
  • deps: on-finished@2.4.1
  • deps: statuses@2.0.1
• deps: on-finished@2.4.1
  • Prevent loss of async hooks context
• deps: qs@6.10.3
• deps: send@0.18.0

... (truncated)

Commits

• 8368dc1 4.18.2
• 61f4049 docs: replace Freenode with Libera Chat
• bb7907b build: Node.js@18.10
• f56ce73 build: supertest@6.3.0
• 24b3dc5 deps: qs@6.11.0
• 689d175 deps: body-parser@1.20.1
• 340be0f build: eslint@8.24.0
• 33e8dc3 docs: use Node.js name style
• 644f646 build: supertest@6.2.4
• ecd7572 build: Node.js@14.20
• Additional commits viewable in compare view

Updates follow-redirects from 1.15.2 to 1.15.6

Commits

• 35a517c Release version 1.15.6 of the npm package.
• c4f847f Drop Proxy-Authorization across hosts.
• 8526b4a Use GitHub for disclosure.
• b1677ce Release version 1.15.5 of the npm package.
• d8914f7 Preserve fragment in responseUrl.
• 6585820 Release version 1.15.4 of the npm package.
• 7a6567e Disallow bracketed hostnames.
• 05629af Prefer native URL instead of deprecated url.parse.
• 1cba8e8 Prefer native URL instead of legacy url.resolve.
• 72bc2a4 Simplify _processResponse error handling.
• Additional commits viewable in compare view

Updates qs from 6.5.2 to 6.5.3

Changelog

Sourced from qs's changelog.

6.5.3

• [Fix] parse: ignore __proto__ keys (#428)
• [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source
• [Fix] correctly parse nested arrays
• [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
• [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
• [Fix] when parseArrays is false, properly handle keys ending in []
• [Fix] fix for an impossible situation: when the formatter is called with a non-string value
• [Fix] utils.merge: avoid a crash with a null target and an array source
• [Refactor] utils: reduce observable [[Get]]s
• [Refactor] use cached Array.isArray
• [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
• [Refactor] parse: only need to reassign the var once
• [Robustness] stringify: avoid relying on a global undefined (#427)
• [readme] remove travis badge; add github actions/codecov badges; update URLs
• [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
• [Docs] Clarify the need for "arrayLimit" option
• [meta] fix README.md (#399)
• [meta] add FUNDING.yml
• [actions] backport actions from main
• [Tests] always use String(x) over x.toString()
• [Tests] remove nonexistent tape option
• [Dev Deps] backport from main

Commits

• 298bfa5 v6.5.3
• ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
• 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
• 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
• 12ac1c4 [meta] fix README.md (#399)
• 0338716 [actions] backport actions from main
• 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
• 51b8a0b add FUNDING.yml
• 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
• f814a7f [Dev Deps] backport from main
• Additional commits viewable in compare view

Updates node-fetch from 1.7.3 to 2.6.7

Release notes

Sourced from node-fetch's releases.

v2.6.7

Security patch release

Recommended to upgrade, to not leak sensitive cookie and authentication header information to 3th party host while a redirect occurred

What's Changed

• fix: don't forward secure headers to 3th party by @​jimmywarting in node-fetch/node-fetch#1453

Full Changelog: node-fetch/node-fetch@v2.6.6...v2.6.7

v2.6.6

What's Changed

• fix(URL): prefer built in URL version when available and fallback to whatwg by @​jimmywarting in node-fetch/node-fetch#1352

Full Changelog: node-fetch/node-fetch@v2.6.5...v2.6.6

v2.6.2

fixed main path in package.json

v2.6.1

This is an important security release. It is strongly recommended to update as soon as possible.

See CHANGELOG for details.

v2.6.0

See CHANGELOG.

v2.5.0

See CHANGELOG.

v2.4.1

See CHANGELOG.

v2.4.0

See CHANGELOG.

v2.3.0

See CHANGELOG.

v2.2.1

See CHANGELOG.

Version 2.1.2

• Fix: allow Body methods to work on ArrayBuffer-backed Body` objects
• Fix: reject promise returned by Body methods when the accumulated Buffer exceeds the maximum size
• Fix: support custom Host headers with any casing
• Fix: support importing fetch() from TypeScript in browser.js
• Fix: handle the redirect response body properly

... (truncated)

Commits

• 1ef4b56 backport of #1449 (#1453)
• 8fe5c4e 2.x: Specify encoding as an optional peer dependency in package.json (#1310)
• f56b0c6 fix(URL): prefer built in URL version when available and fallback to whatwg (...
• b5417ae fix: import whatwg-url in a way compatible with ESM Node (#1303)
• 18193c5 fix v2.6.3 that did not sending query params (#1301)
• ace7536 fix: properly encode url with unicode characters (#1291)
• 152214c Fix(package.json): Corrected main file path in package.json (#1274)
• b5e2e41 update version number
• 2358a6c Honor the size option after following a redirect and revert data uri support
• 8c197f8 docs: Fix typos and grammatical errors in README.md (#686)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by endless, a new releaser for node-fetch since your current version.

Updates got from 7.1.0 to 8.3.2

Release notes

Sourced from got's releases.

v8.3.2

Fix Got throwing an error in some cases when trying to pipe one got.stream into another one. sindresorhus/got@7ac705f

v8.3.1

• No longer overrides accept-encoding header if already provided. sindresorhus/got@81f2537
• Sets content-length header when using form-data if not already set. sindresorhus/got@de9514d
• Now clears the progress interval if the socket has been destroyed. sindresorhus/got@82763c8

sindresorhus/got@v8.3.0...v8.3.1

v8.3.0

• Fixed socket connect memory leak. sindresorhus/got@13d6b68
• Prevented uncaught exception in some cases. sindresorhus/got@43b51ba
• No longer continues the request after cancelation. sindresorhus/got@9a646a3

sindresorhus/got@v8.2.0...v8.3.0

v8.2.0

No longer sets the default accept-encoding: gzip,deflate header if the decompress option is false.

sindresorhus/got@v8.1.0...v8.2.0

v8.1.0

• Add throwHttpErrors option. sindresorhus/got@5a88943
• Allow calling of got.stream via options. sindresorhus/got@b26c51e

sindresorhus/got@v8.0.3...v8.1.0

v8.0.2

• Fix browser usage. sindresorhus/got@30c39bc
• Validate that url is UTF-8 encoded. sindresorhus/got@4f5e6bf

sindresorhus/got@v8.0.1...v8.0.2

v8.0.1

• Correctly forwards stream errors. sindresorhus/got@974473a
• Fix the request not aborting if the connection cannot be established and the timeout expires. sindresorhus/got@98d226c

sindresorhus/got@v8.0.0...v8.0.1

Commits

• ad7b361 8.3.2
• 7ac705f fix Buffer.byteLength(req._header) throwing error (#490)
• bd3315b 8.3.1
• de9514d Set content-length header when using form-data
• 82763c8 Clear the progress interval if the socket has been destroyed (#469)
• b465f21 GitHub now natively supports SVG
• 81f2537 Do not override Accept-Encoding header if already provided (#472)
• 7d1aa01 8.3.0
• 9a646a3 Don't continue the request after cancellation (#464)
• 871c3bd Bump p-cancelable
• Additional commits viewable in compare view

Updates json-schema from 0.2.3 to 0.4.0

Commits

• f6f6a3b Use a little more robust method of checking instances
• ef60987 Update version
• b62f1da Protect against constructor modification, #84
• fb427cd Link to json-schema-org repository in addition to site, fixes #54
• 22f1461 Don't allow proto property to be used for schema default/coerce, fixes #84
• c52a27c Get basic test to pass
• b3f42b3 Add security policy
• 3b0cec3 Update version
• c28470f Update readme to acknowledge the state of the package
• 7dff9cd Merge pull request #81 from hodovani/patch-1
• Additional commits viewable in compare view

Updates lodash from 4.17.20 to 4.17.21

Commits

• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• See full diff in compare view

Updates minimist from 1.2.5 to 1.2.7

Changelog

Sourced from minimist's changelog.

v1.2.7 - 2022-10-10

Commits

• [meta] add auto-changelog 0ebf4eb
• [actions] add reusable workflows e115b63
• [eslint] add eslint; rules to enable later are warnings f58745b
• [Dev Deps] switch from covert to nyc ab03356
• [readme] rename and add badges 236f4a0
• [meta] create FUNDING.yml; add funding in package.json 783a49b
• [meta] use npmignore to autogenerate an npmignore file f81ece6
• Only apps should have lockfiles 56cad44
• [Dev Deps] update covert, tape; remove unnecessary tap 49c5f9f
• [Tests] add aud in posttest 228ae93
• [meta] add safe-publish-latest 01fc23f
• [meta] update repo URLs 6b164c7

v1.2.6 - 2022-03-21

Commits

• test from prototype pollution PR bc8ecee
• isConstructorOrProto adapted ...

  Description has been truncated

[dependabot]

Superseded by #5.