• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• ded9bc6 Bump to v4.17.20.
• 63150ef Documentation fixes.
• 00f0f62 test.js: Remove trailing comma.
• 846e434 Temporarily use a custom fork of lodash-cli.
• 5d046f3 Re-enable Travis tests on 4.17 branch.
• aa816b3 Remove /npm-package.
• d7fbc52 Bump to v4.17.19
• Additional commits viewable in compare view

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Sourced from request's changelog.

Change Log

v2.88.0 (2018/08/10)

• #2996 fix(uuid): import versioned uuid (@​kwonoj)
• #2994 Update to oauth-sign 0.9.0 (@​dlecocq)
• #2993 Fix header tests (@​simov)
• #2904 #515, #2894 Strip port suffix from Host header if the protocol is known. (#2904) (@​paambaati)
• #2791 Improve AWS SigV4 support. (#2791) (@​vikhyat)
• #2977 Update test certificates (@​simov)

• See full diff in compare view

• See full diff in compare view

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

• 2f8fd41 #585 better handling of whitespace (#585) (@​joaomoreno, @​lukekarrys)

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

• 2f8fd41 #585 better handling of whitespace (#585) (@​joaomoreno, @​lukekarrys)

5.7

• Add minVersion method

5.6

• Move boolean loose param to an options object, with backwards-compatibility protection.
• Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

• Add version coercion capabilities

5.4

• Add intersection checking

5.3

• Add minSatisfying method

5.2

• Add prerelease(v) that returns prerelease components

5.1

• Add Backus-Naur for ranges
• Remove excessively cute inspection methods

5.0

• Remove AMD/Browserified build artifacts
• Fix ltr and gtr when using the * range
• Fix for range * with a prerelease identifier

• f8cc313 chore: release 5.7.2
• 2f8fd41 fix: better handling of whitespace (#585)
• deb5ad5 chore: @​npmcli/template-oss@​4.16.0
• c83c18c 5.7.1
• 956e228 Correct typo in README
• 8055dda 5.7.0
• 604e73d auto-publishing scripts
• bed01e2 remove the nomin comments, since we don't minify any more anyway
• 9cb68f1 document parse method
• 38d42ca 5.7 changelog
• Additional commits viewable in compare view

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Sourced from tree-kill's releases.

v1.2.1

Changelog:

• add missing LICENSE file
• fix TypeScript definitions

• cb47838 1.2.2
• deee138 fix: handle sanitising better, add tests
• ff73dbf fix: sanitise pid parameter (#31)
• 3b5b8fe update Changelog
• d408f04 1.2.1
• 32624c1 Merge pull request #24 from LinusU/patch-1
• c784c3d Add callback-as-second-argument support to typings
• 6d6843c Merge pull request #21 from orodley/patch-1
• d515c80 Add LICENSE file
• See full diff in compare view

Sourced from ws's releases.

5.2.4

Bug fixes

• Backported e55e5106 to the 5.x release line (4abd8f6d).

5.2.3

Bug fixes

• Backported 00c425ec to the 5.x release line (76d47c14).

5.2.2

Bug fixes

• Fixed a use after invalidation bug introduced in 6046a28 (8aba871).

5.2.1

Bug fixes

• Fixed a bug that could prevent buffered data from being processed under certain circumstances (6046a28).

5.2.0

Features

• Added ability to specify custom headers when rejecting the handshake (#1379).

5.1.1

Bug fixes

• Fixed a regression introduced in 9e152f9 (#1347).

5.1.0

Features

• The address argument of the WebSocket constructor can now be a URL instance (#1329).
• The options argument of the WebSocket constructor now accepts any TLS option that is also accepted by https.request() (#1332).

5.0.0

Breaking changes

• Dropped support for Node.js < 4.5.0 (#1313).
• The connection is no longer closed if the server does not agree to any of the client's requested subprotocols (#1312).
• net.Socket errors are no longer re-emitted (a4050db).

... (truncated)

• aa8fe0a [dist] 5.2.4
• 4abd8f6 [security] Fix crash when the Upgrade header cannot be read (#2231)
• 36a3f4d [lint] Add space before function parentheses
• 6dd88e7 [dist] 5.2.3
• 76d47c1 [security] Fix ReDoS vulnerability
• 5d55e52 [dist] 5.2.2
• 8aba871 [fix] Fix use after invalidation bug
• 175ce46 [dist] 5.2.1
• 307be7a [fix] Remove the 'data' listener when the receiver emits an error
• 6046a28 [fix] Do not prematurely remove the listener of the 'data' event
• Additional commits viewable in compare view

• 9f730bb Update package.json with latest PR
• 50a492a Merge pull request #603 from autopulated/master
• 7bc3c5d Merge pull request #598 from fnimick/master
• f412a12 Merge pull request #635 from wisesimpson/patch-1
• d318ce0 Update README.md
• 581b19a use Object.create(null) to create all parsed objects (prevent prototype repla...
• a212950 Add documentation for explicitCharkey option
• 1832e0b Merge pull request #512 from economia/master
• 198063c Merge pull request #556 from Omega-Ariston/fix-issue544
• 0d71785 Merge pull request #562 from Omega-Ariston/addDocExample
• Additional commits viewable in compare view

Sourced from codecov's releases.

v3.6.4

Fix for Cirrus CI

v3.6.3

AWS Codebuild fixes + package updates

v3.6.2

command line args sanitised

v3.6.1

Fix for Semaphore

v3.6.0

AWS CodeBuild Semaphore v2

v3.3.0

Added pipe --pipe, -l

v3.1.0

Custom Yaml file Token from .codecov.yml

v3.0.4

Security fixes

v3.0.3

Fix for not git repos

Sourced from codecov's changelog.

3.7.1

• Move to execFileSync and security fixes

3.7.0

• Remove the X-Amz-Acl: public-read header

3.6.4

• Fix Cirrus CI

3.6.3

• Fix for AWS Codebuild & package updates

3.6.2

• Command line args sanitized fix

3.6.1

• Fix for Semaphore

3.6.0

• Added AWS CodeBuild and Semaphore2

3.5.0

• Added TeamCity support

3.4.0

• Added Heroku CI support

3.3.0

• Added pipe with --pipe, -l

3.2.0

• Added azure pipelines .

3.1.0

• Custom yaml file. Allow codecov token from yml file.

3.0.4

... (truncated)

• 29dd5b6 3.7.1
• c0711c6 Switch from execSync to execFileSync (#180)
• 5f6cc62 Bump lodash from 4.17.15 to 4.17.19 (#183)
• 0c4d7f3 Merge pull request #182 from codecov/update-readme-badges
• cc5e121 Update depstat image and urls
• b44b44e Update readme with 400 error info (#181)
• bb79335 V3.7.0 (#179)
• 0d7b9b0 Remove 'x-amz-acl': 'public-read' header (#178)
• eeff4e1 Bump acorn from 5.7.3 to 5.7.4 (#174)
• eb8a527 Merge pull request #172 from RoboCafaz/bugfix/codebuild-pr-parser
• Additional commits viewable in compare view

This version was pushed to npm by drazisil, a new releaser for codecov since your current version.

• f25d3a1 Release 5.0.1
• 54cc7ad use standard formatting
• 779816e drop dependencies
• 2eea6d3 Bump lodash from 4.17.15 to 4.17.19
• a61a554 Bump acorn from 7.1.0 to 7.4.0
• 20ef0ef Fix prototype pollution on unflatten
• e8fb281 Test prototype pollution on unflatten
• 6e95c43 Add node 10 & 12 to travis config.
• 38239cc Release 5.0.0
• beaea9d Add tests around cli. Only show usage if on TTY & no argument, allow eaccess ...
• Additional commits viewable in compare view

This version was pushed to npm by timoxley, a new releaser for flat since your current version.

Sourced from jsdom's releases.

Version 16.5.0

• Added window.queueMicrotask().
• Added window.event.
• Added inputEvent.inputType. (diegohaz)
• Removed ondragexit from Window and friends, per a spec update.
• Fixed the URL of about:blank iframes. Previously it was getting set to the parent's URL. (SimonMueller)
• Fixed the loading of subresources from the filesystem when they had non-ASCII filenames.
• Fixed the hidden="" attribute to cause display: none per the user-agent stylesheet. (ph-fritsche)
• Fixed the new File() constructor to no longer convert / to :, per a pending spec update.
• Fixed mutation observer callbacks to be called with the MutationObserver instance as their this value.
• Fixed <input type=checkbox> and <input type=radio> to be mutable even when disabled, per a spec update.
• Fixed XMLHttpRequest to not fire a redundant final progress event if a progress event was previously fired with the same loaded value. This would usually occur with small files.
• Fixed XMLHttpRequest to expose the Content-Length header on cross-origin responses.
• Fixed xhr.response to return null for failures that occur during the middle of the download.
• Fixed edge cases around passing callback functions or event handlers. (ExE-Boss)
• Fixed edge cases around the properties of proxy-like objects such as localStorage or dataset. (ExE-Boss)
• Fixed a potential memory leak with custom elements (although we could not figure out how to trigger it). (soncodi)

Version 16.4.0

• Added a not-implemented warning if you try to use the second pseudo-element argument to getComputedStyle(), unless you pass a ::part or ::slotted pseudo-element, in which case we throw an error per the spec. (ExE-Boss)
• Improved the performance of repeated access to el.tagName, which also indirectly improves performance of selector matching and style computation. (eps1lon)
• Fixed form.elements to respect the form="" attribute, so that it can contain non-descendant form controls. (ccwebdesign)
• Fixed el.focus() to do nothing on disconnected elements. (eps1lon)
• Fixed el.focus() to work on SVG elements. (zjffun)
• Fixed removing the currently-focused element to move focus to the <body> element. (eps1lon)
• Fixed imgEl.complete to return true for <img> elements with empty or unset src="" attributes. (strager)
• Fixed imgEl.complete to return true if an error occurs loading the <img>, when canvas is enabled. (strager)
• Fixed imgEl.complete to return false if the <img> element's src="" attribute is reset. (strager)
• Fixed the valueMissing validation check for <input type="radio">. (zjffun)
• Fixed translate="" and draggable="" attribute processing to use ASCII case-insensitivity, instead of Unicode case-insensitivity. (zjffun)

Version 16.3.0

• Added firing of focusin and focusout when using el.focus() and el.blur(). (trueadm)
• Fixed elements with the contenteditable="" attribute to be considered as focusable. (jamieliu386)
• Fixed window.NodeFilter to be per-Window, instead of shared across all Windows. (ExE-Boss)
• Fixed edge-case behavior involving use of objects with handleEvent properties as event listeners. (ExE-Boss)
• Fixed a second failing image load sometimes firing a load event instead of an error event, when the canvas package is installed. (strager)
• Fixed drawing an empty canvas into another canvas. (zjffun)

Version 16.2.2

• Updated StyleSheetList for better spec compliance; notably it no longer inherits from Array.prototype. (ExE-Boss)
• Fixed requestAnimationFrame() from preventing process exit. This likely regressed in v16.1.0.
• Fixed setTimeout() to no longer leak the closures passed in to it. This likely regressed in v16.1.0. (AviVahl)
• Fixed infinite recursion that could occur when calling click() on a <label> element, or one of its descendants.
• Fixed getComputedStyle() to consider inline style="" attributes. (eps1lon)
• Fixed several issues with <input type="number">'s stepUp() and stepDown() functions to be properly decimal-based, instead of floating point-based.
• Fixed various issues where updating selectEl.value would not invalidate properties such as selectEl.selectedOptions. (ExE-Boss)
• Fixed <input>'s src property, and <ins>/<del>'s cite property, to properly reflect as URLs.
• Fixed window.addEventLister, window.removeEventListener, and window.dispatchEvent to properly be inherited from EventTarget, instead of being distinct functions. (ExE-Boss)
• Fixed errors that would occur if attempting to use a DOM object, such as a custom element, as an argument to addEventListener.

... (truncated)

Sourced from jsdom's changelog.

16.5.0

• Added window.queueMicrotask().
• Added window.event.
• Added inputEvent.inputType. (diegohaz)
• Removed ondragexit from Window and friends, per a spec update.
• Fixed the URL of about:blank iframes. Previously it was getting set to the parent's URL. (SimonMueller)
• Fixed the loading of subresources from the filesystem when they had non-ASCII filenames.
• Fixed the hidden="" attribute to cause display: none per the user-agent stylesheet. (ph-fritsche)
• Fixed the new File() constructor to no longer convert / to :, per a pending spec update.
• Fixed mutation observer callbacks to be called with the MutationObserver instance as their this value.
• Fixed <input type=checkbox> and <input type=radio> to be mutable even when disabled, per a spec update.
• Fixed XMLHttpRequest to not fire a redundant final progress event if a progress event was previously fired with the same loaded value. This would usually occur with small files.
• Fixed XMLHttpRequest to expose the Content-Length header on cross-origin responses.
• Fixed xhr.response to return null for failures that occur during the middle of the download.
• Fixed edge cases around passing callback functions or event handlers. (ExE-Boss)
• Fixed edge cases around the properties of proxy-like objects such as localStorage or dataset. (ExE-Boss)
• Fixed a potential memory leak with custom elements (although we could not figure out how to trigger it). (soncodi)

16.4.0

• Added a not-implemented warning if you try to use the second pseudo-element argument to getComputedStyle(), unless you pass a ::part or ::slotted pseudo-element, in which case we throw an error per the spec. (ExE-Boss)
• Improved the performance of repeated access to el.tagName, which also indirectly improves performance of selector matching and style computation. (eps1lon)
• Fixed form.elements to respect the form="" attribute, so that it can contain non-descendant form controls. (ccwebdesign)
• Fixed el.focus() to do nothing on disconnected elements. (eps1lon)
• Fixed el.focus() to work on SVG elements. (zjffun)
• Fixed removing the currently-focused element to move focus to the <body> element. (eps1lon)
• Fixed imgEl.complete to return true for <img> elements with empty or unset src="" attributes. (strager)
• Fixed imgEl.complete to return true if an error occurs loading the <img>, when canvas is enabled. (strager)
• Fixed imgEl.complete to return false if the <img> element's src="" attribute is reset. (strager)
• Fixed the valueMissing validation check for <input type="radio">. (zjffun)
• Fixed translate="" and draggable="" attribute processing to use ASCII case-insensitivity, instead of Unicode case-insensitivity. (zjffun)

16.3.0

• Added firing of focusin and focusout when using el.focus() and el.blur(). (trueadm)
• Fixed elements with the contenteditable="" attribute to be considered as focusable. (jamieliu386)
• Fixed window.NodeFilter to be per-Window, instead of shared across all Windows. (ExE-Boss)
• Fixed edge-case behavior involving use of objects with handleEvent properties as event listeners. (ExE-Boss)
• Fixed a second failing image load sometimes firing a load event instead of an error event, when the canvas package is installed. (strager)
• Fixed drawing an empty canvas into another canvas. (zjffun)

16.2.2

• Updated StyleSheetList for better spec compliance; notably it no longer inherits from Array.prototype. (ExE-Boss)
• Fixed requestAnimationFrame() from preventing process exit. This likely regressed in v16.1.0.
• Fixed setTimeout() to no longer leak the closures passed in to it. This likely regressed in v16.1.0. (AviVahl)
• Fixed infinite recursion that could occur when calling click() on a <label> element, or one of its descendants.
• Fixed getComputedStyle() to consider inline style="" attributes. (eps1lon)
• Fixed several issues with <input type="number">'s stepUp() and stepDown() functions to be properly decimal-based, instead of floating point-based.

... (truncated)

• 2d82763 Version 16.5.0
• 9741311 Fix loading of subresources with Unicode filenames
• 5e46553 Use domenic's ESLint config as the base
• 19b35da Fix the URL of about:blank iframes
• 017568e Support inputType on InputEvent
• 29f4fdf Upgrade dependencies
• e2f7639 Refactor create‑event‑accessor.js to remove code duplication
• ff69a75 Convert JSDOM to use callback functions
• 19df6bc Update links in contributing guidelines
• 1e34ff5 Test triage
• Additional commits viewable in compare view

Sourced from loader-utils's releases.

v1.4.2

1.4.2 (2022-11-11)

Bug Fixes

• ReDoS problem (#226) (17cbf8f)

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

• security problem (#220) (4504e34)

v1.4.0

1.4.0 (2020-02-19)

Features

• the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

v1.3.0

1.3.0 (2020-02-19)

Features

• support the [query] template for the interpolatedName method (#162) (469eeba)

v1.2.3

1.2.3 (2018-12-27)

Bug Fixes

• interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

v1.2.2

1.2.2 (2018-12-27)

Bug Fixes

... (truncated)

Sourced from loader-utils's changelog.

1.4.2 (2022-11-11)

Bug Fixes

• ReDoS problem (#226) (17cbf8f)

1.4.1 (2022-11-07)

Bug Fixes

• security problem (#220) (4504e34)

1.4.0 (2020-02-19)

Features

• the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

1.3.0 (2020-02-19)

Features

• support the [query] template for the interpolatedName method (#162) (469eeba)

1.2.3 (2018-12-27)

Bug Fixes

• interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

1.2.2 (2018-12-27)

Bug Fixes

... (truncated)

• 331ad50 chore(release): 1.4.2
• 17cbf8f fix: ReDoS problem (#226)
• 8f082b3 chore(release): 1.4.1
• 4504e34 fix: security problem (#220)
• d95b8b5 chore(release): 1.4.0
• cd0e428 feat: the resourceQuery is passed to the interpolateName method (#163)
• 06d36cf chore(release): 1.3.0
• 469eeba feat: support the [query] template for the interpolatedName method (#162)
• 909c99d chore: funding.yml config and CI fix (#159)
• b5b74f0 Set up CI with Azure Pipelines
• Additional commits viewable in compare view

This version was pushed to npm by evilebottnawi, a new releaser for loader-utils since your current version.

Sourced from react-dev-utils's changelog.

2.0.3 and Newer Versions

Please refer to CHANGELOG-2.x.md for the 2.x range, and https://github.com/facebook/create-react-app/blob/main/CHANGELOG.md for the newer versions.

1.1.5 (August 24, 2018)

• react-scripts

  • Update the webpack-dev-server dependency

• react-dev-utils

  • #4866 Fix a Windows-only vulnerability (CVE-2018-6342) in the development server (@​acdlite)
  • Update the sockjs-client dependency

Committers: 1

• Andrew Clark (acdlite)

Migrating from 1.1.4 to 1.1.5

Inside any created project that has not been ejected, run:

npm install --save --save-exact [email protected]

or

yarn add --exact [email protected]

1.1.4 (April 3, 2018)

🐛 Bug Fix

• react-dev-utils

  • #4250 Upgrade detect-port-alt to fix #4189. (@​Timer)

Committers: 1

• Joe Haddad (Timer)

Migrating from 1.1.3 to 1.1.4

Inside any created project that has not been ejected, run:

</tr></table> 

... (truncated)

• See full diff in compare view

Sourced from webpack-bundle-analyzer's changelog.

3.3.2

• Bug Fix
  • Fix regression with escaping internal assets (#264, fixes #263)

3.3.1

• Improvements

  • Use relative links for serving internal assets (#261, fixes #254)
  • Properly escape embedded JS/JSON (#262)

• Bug Fix

  • Fix showing help message on -h flag (#260, fixes #239)

3.3.0

• New Feature

  • Show/hide chunks using context menu (#246, @​bregenspan)

• Internal

  • Updated dev dependencies

3.2.0

• Improvements
  • Add support for .mjs output files (#252, @​jlopezxs)

3.1.0

• Bug Fix
  • Properly determine the size of the modules containing special characters (#223, @​hulkish)
  • Update acorn to v6 (#248, @​realityking)

3.0.4

• Bug Fix
  • Make webpack's done hook wait until analyzer writes report or stat file (#247, @​mareolan)

• 345c3f5 v3.3.2
• a615815 Merge pull request #264 from webpack-contrib/fix-escape-regression
• 20f2b4c Fix regression with escaping internal assets
• 9836649 v3.3.1
• d1db526 Remove outdated item from troubleshooting section
• ca34279 Merge pull request #261 from webpack-contrib/relative-links-to-assets
• 99818f9 Fix changelog
• 21722d2 Add changelog entry
• ed99c32 Use relative links for serving internal assets
• 3ce1b8c Merge pull request #262 from webpack-contrib/proper-js-escape
• Additional commits viewable in compare view

Sourced from @​babel/traverse's releases.

v7.24.7 (2024-06-05)

🐛 Bug Fix

• babel-node
  • #16554 Allow extra flags in babel-node (@​nicolo-ribaudo)
• babel-traverse
  • #16522 fix: incorrect constantViolations with destructuring (@​liuxingbaoyu)
• babel-helper-transform-fixture-test-runner, babel-plugin-proposal-explicit-resource-management
  • #16524 fix: Transform using in switch correctly (@​liuxingbaoyu)

🏠 Internal

• babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16525 Delete unused array helpers (@​blakewilson)

Committers: 7

• Amjad Yahia Robeen Hassan (@​amjed-98)
• Babel Bot (@​babel-bot)
• Blake Wilson (@​blakewilson)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• Sukka (@​SukkaW)
• @​liuxingbaoyu

v7.24.6 (2024-05-24)

Thanks @​amjed-98, @​blakewilson, @​coelhucas, and @​SukkaW for your first PRs!

🐛 Bug Fix

• babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • #16514 Fix source maps for private member expressions (@​nicolo-ribaudo)
• babel-core, babel-generator, babel-plugin-transform-modules-commonjs
  • #16515 Fix source maps for template literals (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • #16485 Support undecorated static accessor in anonymous classes (@​JLHwung)
  • #16484 Fix decorator bare yield await (@​JLHwung)
• babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
  • #16483 Fix: throw TypeError if addInitializer is called after finished (@​JLHwung)
• babel-parser, babel-plugin-transform-typescript
  • #16476 fix: Correctly parse cls.fn<C> = x (@​liuxingbaoyu)

🏠 Internal

• babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16501 Generate helper metadata at build time (@​nicolo-ribaudo)
• babel-helpers
  • #16499 Add tsconfig.json for @babel/helpers/src/helpers (@​nicolo-ribaudo)
• babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16495 Move all runtime helpers to individual files (@​nicolo-ribaudo)
• babel-parser, babel-traverse
  • #16482 Statically generate boilerplate for bitfield accessors (@​nicolo-ribaudo)
• Other

... (truncated)

Sourced from @​babel/traverse's changelog.

v7.24.7 (2024-06-05)

🐛 Bug Fix

• babel-node
  • #16554 Allow extra flags in babel-node (@​nicolo-ribaudo)
• babel-traverse
  • #16522 fix: incorrect constantViolations with destructuring (@​liuxingbaoyu)
  ...

  Description has been truncated