Sourced from loader-utils's releases.

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

• security problem (#220) (4504e34)

Sourced from loader-utils's changelog.

1.4.1 (2022-11-07)

Bug Fixes

• security problem (#220) (4504e34)

• 8f082b3 chore(release): 1.4.1
• 4504e34 fix: security problem (#220)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from jpeg-js's releases.

v0.4.4

v0.4.4 (2022-06-07)

• feat: add comment tag encoding (#87) (13e1ffa), closes #87
• fix: validate sampling factors (#106) (9ccd35f), closes #106
• fix(decoder): rethrow a more helpful error if Buffer is undefined (#93) (b58cc11), closes #93
• chore(ci): migrate to github actions (#86) (417e8e2), closes #86
• chore(deps): bump y18n from 4.0.0 to 4.0.3 (#98) (2c90858), closes #98
• chore(deps): bump ws from 7.2.3 to 7.4.6 (#91) (fd73289), closes #91
• chore(deps): bump hosted-git-info from 2.8.8 to 2.8.9 (#90) (9449a8b), closes #90
• chore(deps): bump lodash from 4.17.15 to 4.17.21 (#89) (ffdc4a4), closes #89

• 9ccd35f fix: validate sampling factors (#106)
• b58cc11 fix(decoder): rethrow a more helpful error if Buffer is undefined (#93)
• 2c90858 chore(deps): bump y18n from 4.0.0 to 4.0.3 (#98)
• fd73289 chore(deps): bump ws from 7.2.3 to 7.4.6 (#91)
• 9449a8b chore(deps): bump hosted-git-info from 2.8.8 to 2.8.9 (#90)
• ffdc4a4 chore(deps): bump lodash from 4.17.15 to 4.17.21 (#89)
• 13e1ffa feat: add comment tag encoding (#87)
• 417e8e2 chore(ci): migrate to github actions (#86)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from gatsby-plugin-mdx's releases.

v3.14 (September 2021 #1)

Welcome to [email protected] release (September 2021 #1)

This is the final minor release for gatsby v3. Gatsby v4 beta is already published behind the next npm tag and the next stable release will be [email protected]. See what's inside!

We will keep publishing patches for 3.14.x with hotfixes until 4.0.0 stable is published and at least several weeks after.

Key highlights of this release:

• Better UX for navigation in the middle of deployment
• New developer tools - createPages snippet in GraphiQL and new GraphQL capability
• Preparations for gatsby v4 - API deprecations; migration guide; docs
• Improvements for gatsby-source-drupal
• New home for gatsby-plugin-netlify

Also, check out notable bugfixes.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v3.13 (August 2021 #3)

Welcome to [email protected] release (August 2021 #3)

Key highlights of this release:

• Improved Changelogs - Better structured and easier to read
• sharp v0.29 - Reduced install size, improved encoding time, and improved AVIF image quality
• Faster Sourcing for gatsby-source-drupal - Speed up fetching data by around 4x
• webpack Caching in Development for Everyone - Activating it for all users

Also check out notable bugfixes.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v3.12 (August 2021 #2)

Welcome to [email protected] release (August 2021 #2)

Key highlights of this release:

• webpack dev server caching - opt-in 20% of users
• Improvements to gatsby-source-shopify - Add compat for breaking change in Shopify's API

... (truncated)

Sourced from gatsby-plugin-mdx's changelog.

3.15.2 (2022-06-02)

Bug Fixes

• don't allow JS frontmatter by default #35830 #35832 (e916cf8)

3.15.1 (2022-06-01)

Note: Version bump only for package gatsby-plugin-mdx

3.15.0 (2022-05-24)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-mdx

3.14.0 (2022-05-10)

🧾 Release notes

Bug Fixes

• update dependency fs-extra to ^10.1.0 #34976 (10752ed)
• update dependency core-js to ^3.22.3 #35541 (1a4d0ea)
• update dependency core-js to ^3.22.2 #33381 (f4a7ca5)

3.13.0 (2022-04-26)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-mdx

3.12.1 (2022-04-13)

Note: Version bump only for package gatsby-plugin-mdx

3.12.0 (2022-04-12)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-mdx

3.11.1 (2022-03-31)

Note: Version bump only for package gatsby-plugin-mdx

3.11.0 (2022-03-29)

🧾 Release notes

... (truncated)

• cda0777 chore(release): Publish
• e916cf8 fix(gatsby-plugin-mdx): don't allow JS frontmatter by default (#35830) (#35832)
• 2652fa8 chore(release): Publish
• 56fb124 chore(release): Publish
• 54bd223 chore(release): Publish next
• 3a87ea1 chore(changelogs): update changelogs (#35627)
• 1535682 chore(release): Publish next
• 4e415cc chore(release): Publish next pre-minor
• e51c3a3 chore(release): Publish next
• 10752ed fix(deps): update dependency fs-extra to ^10.1.0 (#34976)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from moment's changelog.

2.29.2 See full changelog

• Release Apr 3 2022

Address https://github.com/advisories/GHSA-8hfj-j24r-96c4

• 75e2ac5 Build 2.29.2
• 5a29877 Bump version to 2.29.2
• 4fd847b Update changelog for 2.29.2
• 4211bfc [bugfix] Avoid loading path-looking locales from fs
• f2a813a [misc] Fix indentation (according to prettier)
• 7a10de8 [test] Avoid hours around DST
• e968092 [locale] ar-ly: fix locale name (#5828)
• 53d7ee6 [misc] fix builds (#5836)
• 52019f1 [misc] Specify length of toArray return type (#5766)
• 0dcaaa6 [locale] tr: update translation of Monday and Saturday (#5756)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

| File | Before | After | Percent reduction | |:--|:--|:--|:--| | /content/assets/avatar.png | 302.87kb | 239.39kb | 20.96% | | /static/android-chrome-512x512.png | 236.12kb | 227.35kb | 3.71% | | /static/apple-touch-icon-precomposed.png | 36.89kb | 35.84kb | 2.86% | | /static/android-chrome-192x192.png | 36.34kb | 35.39kb | 2.63% | | /static/apple-touch-icon.png | 32.42kb | 31.68kb | 2.30% | | /static/favicon-32x32.png | 2.10kb | 2.09kb | 0.19% | | | | | | | Total : | 646.74kb | 571.74kb | 11.60% |

Sourced from terser's changelog.

v5.14.2

• Security fix for RegExps that should not be evaluated (regexp DDOS)
• Source maps improvements (#1211)
• Performance improvements in long property access evaluation (#1213)

v5.14.1

• keep_numbers option added to TypeScript defs (#1208)
• Fixed parsing of nested template strings (#1204)

v5.14.0

• Switched to @​jridgewell/source-map for sourcemap generation (#1190, #1181)
• Fixed source maps with non-terminated segments (#1106)
• Enabled typescript types to be imported from the package (#1194)
• Extra DOM props have been added (#1191)
• Delete the AST while generating code, as a means to save RAM

v5.13.1

• Removed self-assignments (varname=varname) (closes #1081)
• Separated inlining code (for inlining things into references, or removing IIFEs)
• Allow multiple identifiers with the same name in var destructuring (eg var { a, a } = x) (#1176)

v5.13.0

• All calls to eval() were removed (#1171, #1184)
• source-map was updated to 0.8.0-beta.0 (#1164)
• NavigatorUAData was added to domprops to avoid property mangling (#1166)

v5.12.1

• Fixed an issue with function definitions inside blocks (#1155)
• Fixed parens of new in some situations (closes #1159)

v5.12.0

• TERSER_DEBUG_DIR environment variable
• @​copyright comments are now preserved with the comments="some" option (#1153)

v5.11.0

• Unicode code point escapes (\u{abcde}) are not emitted inside RegExp literals anymore (#1147)
• acorn is now a regular dependency

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

v4.11.1

Compare Source

v4.11.0

Compare Source

Welcome to [email protected] release (March 2022 #3)

Key highlights of this release:

• gatsby-source-shopify v7
• React 18

Also check out notable bugfixes.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.10.3

Compare Source

v4.10.2

Compare Source

v4.10.1

Compare Source

v4.10.0

Compare Source

Welcome to [email protected] release (March 2022 #2)

Key highlights of this release:

• Image CDN

Also check out notable bugfixes.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v4.9.3

Compare Source

v4.11.1

Compare Source

Note: Version bump only for package gatsby-plugin-gatsby-cloud

v4.11.0

Compare Source

🧾 Release notes

Features

• Lowered INTERACTIONS_BEFORE_FEEDBACK value to 3 #​35159 (d65307c)

Chores

• replace all uses of gatsbyjs.org with gatsbyjs.com #​35101 (16cff41)

4.10.1 (2022-03-23)

Note: Version bump only for package gatsby-plugin-gatsby-cloud

v4.10.1

Compare Source

Note: Version bump only for package gatsby-plugin-gatsby-cloud

v4.10.0

Compare Source

🧾 Release notes

Other Changes

• Added more build status messages #​35103 #​1 #​2 #​3 #​4 #​4 #​5 (79d5463)

4.9.1 (2022-03-09)

Note: Version bump only for package gatsby-plugin-gatsby-cloud

v4.9.1

Compare Source

Note: Version bump only for package gatsby-plugin-gatsby-cloud

v4.11.1

Compare Source

Note: Version bump only for package gatsby-plugin-manifest

v4.11.0

Compare Source

🧾 Release notes

Note: Version bump only for package gatsby-plugin-manifest

4.10.2 (2022-03-23)

Note: Version bump only for package gatsby-plugin-manifest

4.10.1 (2022-03-18)

Note: Version bump only for package gatsby-plugin-manifest

v4.10.2

Compare Source

Note: Version bump only for package gatsby-plugin-manifest

v4.10.1

Compare Source

Note: Version bump only for package gatsby-plugin-manifest

v4.10.0

Compare Source

🧾 Release notes

Features

• add support for image-cdn #​34825 (29b236b)

4.9.1 (2022-03-09)

Note: Version bump only for package gatsby-plugin-manifest

v4.9.1

Compare Source

Note: Version bump only for package gatsby-plugin-manifest

v5.11.1

Compare Source

Note: Version bump only for package gatsby-plugin-sitemap

v5.11.0

Compare Source

🧾 Release notes

Bug Fixes

• compatibility with react rc 2 #​35108 (0c61265)

5.10.2 (2022-03-23)

Note: Version bump only for package gatsby-plugin-sitemap

5.10.1 (2022-03-18)

Note: Version bump only for package gatsby-plugin-sitemap

v5.10.2

Compare Source

Note: Version bump only for package gatsby-plugin-sitemap

v5.10.1

Compare Source

Note: Version bump only for package gatsby-plugin-sitemap

v5.10.0

Compare Source

🧾 Release notes

Note: Version bump only for package gatsby-plugin-sitemap

v4.9.2

Compare Source

v4.9.1

Compare Source

v3.0.6

Compare Source

Patch Changes

• #​842 db31e11 Thanks @​renovate! - fix(deps): update minor and patch dependencies for gatsby-theme-emilia-core

• #​841 c0048a1 Thanks @​renovate! - fix(deps): update minor and patch dependencies for gatsby-theme-emilia

• Updated dependencies [db31e11]:

  • @​lekoarts/gatsby-theme-emilia-core@​3.0.6

v3

Compare Source

Sourced from express's releases.

4.18.2

• Fix regression routing a large stack in a single route
• deps: [email protected]
  • deps: [email protected]
  • perf: remove unnecessary object clone
• deps: [email protected]

4.18.1

• Fix hanging on large stack of sync routes

4.18.0

• Add "root" option to res.download
• Allow options without filename in res.download
• Deprecate string and non-integer arguments to res.status
• Fix behavior of null/undefined as maxAge in res.cookie
• Fix handling very large stacks of sync middleware
• Ignore Object.prototype values in settings through app.set/app.get
• Invoke default with same arguments as types in res.format
• Support proper 205 responses using res.send
• Use http-errors for res.format error
• deps: [email protected]
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
• deps: [email protected]
  • Add priority option
  • Fix expires option to reject invalid dates
• deps: [email protected]
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: [email protected]
  • Remove set content headers that break response
  • deps: [email protected]
  • deps: [email protected]
• deps: [email protected]
  • Prevent loss of async hooks context
• deps: [email protected]
• deps: [email protected]
  • Fix emitted 416 error missing headers property
  • Limit the headers removed for 304 response
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]

... (truncated)

Sourced from express's changelog.

4.18.2 / 2022-10-08

• Fix regression routing a large stack in a single route
• deps: [email protected]
  • deps: [email protected]
  • perf: remove unnecessary object clone
• deps: [email protected]

4.18.1 / 2022-04-29

• Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

• Add "root" option to res.download
• Allow options without filename in res.download
• Deprecate string and non-integer arguments to res.status
• Fix behavior of null/undefined as maxAge in res.cookie
• Fix handling very large stacks of sync middleware
• Ignore Object.prototype values in settings through app.set/app.get
• Invoke default with same arguments as types in res.format
• Support proper 205 responses using res.send
• Use http-errors for res.format error
• deps: [email protected]
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
• deps: [email protected]
  • Add priority option
  • Fix expires option to reject invalid dates
• deps: [email protected]
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: [email protected]
  • Remove set content headers that break response
  • deps: [email protected]
  • deps: [email protected]
• deps: [email protected]
  • Prevent loss of async hooks context
• deps: [email protected]
• deps: [email protected]

... (truncated)

• 8368dc1 4.18.2
• 61f4049 docs: replace Freenode with Libera Chat
• bb7907b build: [email protected]
• f56ce73 build: [email protected]
• 24b3dc5 deps: [email protected]
• 689d175 deps: [email protected]
• 340be0f build: [email protected]
• 33e8dc3 docs: use Node.js name style
• 644f646 build: [email protected]
• ecd7572 build: [email protected]
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from decode-uri-component's releases.

v0.2.2

• Prevent overwriting previously decoded tokens 980e0bf

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

v0.2.1

• Switch to GitHub workflows 76abc93
• Fix issue where decode throws - fixes #6 746ca5d
• Update license (#1) 486d7e2
• Tidelift tasks a650457
• Meta tweaks 66e1c28

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

• a0eea46 0.2.2
• 980e0bf Prevent overwriting previously decoded tokens
• 3c8a373 0.2.1
• 76abc93 Switch to GitHub workflows
• 746ca5d Fix issue where decode throws - fixes #6
• 486d7e2 Update license (#1)
• a650457 Tidelift tasks
• 66e1c28 Meta tweaks
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from loader-utils's releases.

v1.4.2

1.4.2 (2022-11-11)

Bug Fixes

• ReDoS problem (#226) (17cbf8f)

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

• security problem (#220) (4504e34)

Sourced from loader-utils's changelog.

1.4.2 (2022-11-11)

Bug Fixes

• ReDoS problem (#226) (17cbf8f)

1.4.1 (2022-11-07)

Bug Fixes

• security problem (#220) (4504e34)

• 331ad50 chore(release): 1.4.2
• 17cbf8f fix: ReDoS problem (#226)
• 8f082b3 chore(release): 1.4.1
• 4504e34 fix: security problem (#220)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from socket.io-parser's releases.

4.0.5

Bug Fixes

• check the format of the index of each attachment (b559f05)

Links

• Diff: https://github.com/socketio/socket.io-parser/compare/4.0.4...4.0.5

Sourced from socket.io-parser's changelog.

4.0.5 (2022-06-27)

Bug Fixes

• check the format of the index of each attachment (b559f05)

4.2.0 (2022-04-17)

Features

• allow the usage of custom replacer and reviver (#112) (b08bc1a)

4.1.2 (2022-02-17)

Bug Fixes

• allow objects with a null prototype in binary packets (#114) (7f6b262)

4.1.1 (2021-10-14)

4.1.0 (2021-10-11)

Features

• provide an ESM build with and without debug (388c616)

• f3329eb chore(release): 4.0.5
• b559f05 fix: check the format of the index of each attachment
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from gatsby-plugin-mdx's releases.

v3.14 (September 2021 #1)

Welcome to [email protected] release (September 2021 #1)

This is the final minor release for gatsby v3. Gatsby v4 beta is already published behind the next npm tag and the next stable release will be [email protected]. See what's inside!

We will keep publishing patches for 3.14.x with hotfixes until 4.0.0 stable is published and at least several weeks after.

Key highlights of this release:

• Better UX for navigation in the middle of deployment
• New developer tools - createPages snippet in GraphiQL and new GraphQL capability
• Preparations for gatsby v4 - API deprecations; migration guide; docs
• Improvements for gatsby-source-drupal
• New home for gatsby-plugin-netlify

Also, check out notable bugfixes.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v3.13 (August 2021 #3)

Welcome to [email protected] release (August 2021 #3)

Key highlights of this release:

• Improved Changelogs - Better structured and easier to read
• sharp v0.29 - Reduced install size, improved encoding time, and improved AVIF image quality
• Faster Sourcing for gatsby-source-drupal - Speed up fetching data by around 4x
• webpack Caching in Development for Everyone - Activating it for all users

Also check out notable bugfixes.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v3.12 (August 2021 #2)

Welcome to [email protected] release (August 2021 #2)

Key highlights of this release:

• webpack dev server caching - opt-in 20% of users
• Improvements to gatsby-source-shopify - Add compat for breaking change in Shopify's API

... (truncated)

Sourced from gatsby-plugin-mdx's changelog.

3.19.0 (2022-07-19)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-mdx

3.18.1 (2022-07-12)

Note: Version bump only for package gatsby-plugin-mdx

3.18.0 (2022-07-05)

🧾 Release notes

Note: Version bump only for package gatsby-plugin-mdx

3.17.0 (2022-06-21)

🧾 Release notes

Bug Fixes

• Do not leak frontmatter into page #35859 (5c7e2a6)
• don't allow JS frontmatter by default #35830 (b3690fb)

3.16.1 (2022-06-10)

Bug Fixes

• Do not leak frontmatter into page #35859 #35912 (36af10e)

3.16.0 (2022-06-07)

🧾 Release notes

Bug Fixes

• don't allow JS frontmatter by default #35830 #35833 (b982eb7)

3.15.2 (2022-06-02)

Bug Fixes

• don't allow JS frontmatter by default #35830 #35832 (e916cf8)

3.15.1 (2022-06-01)

Note: Version bump only for package gatsby-plugin-mdx

3.15.0 (2022-05-24)

... (truncated)

• 53bedf1 chore(release): Publish
• bcfa33a chore(release): Publish next
• b535098 chore(release): Publish next pre-minor
• d510137 chore(release): Publish next
• e713690 chore(release): Publish next pre-minor
• 2dbdd68 chore(release): Publish next
• 5c7e2a6 fix(gatsby-plugin-mdx): Do not leak frontmatter into page (#35859)
• 8497887 chore(changelogs): update changelogs (#35876)
• e7afa54 chore(changelogs): update changelogs (#35835)
• b3690fb fix(gatsby-plugin-mdx): don't allow JS frontmatter by default (#35830)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from moment's changelog.

2.29.4

• Release Jul 6, 2022
  • #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex

2.29.3 Full changelog

• Release Apr 17, 2022
  • #5995 [bugfix] Remove const usage
  • #5990 misc: fix advisory link

2.29.2 See full changelog

• Release Apr 3 2022

Address https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4

• 000ac18 Build 2.24.4
• f2006b6 Bump version to 2.24.4
• 536ad0c Update changelog for 2.29.4
• 9a3b589 [bugfix] Fix redos in preprocessRFC2822 regex (#6015)
• 6374fd8 Merge branch 'master' into develop
• b4e6153 Revert "[bugfix] Fix redos in preprocessRFC2822 regex (#6015)"
• 7aebb16 [bugfix] Fix redos in preprocessRFC2822 regex (#6015)
• 57c9062 Build 2.29.3
• aaf50b6 Fixup release complaints
• 26f4aef Bump version to 2.29.3
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.