Sourced from next's releases.

v12.1.0

Core Changes

• Relay Support in Rust Compiler: #33702
• fix eslint link-passhref rule: #33857
• update webpack: #33831
• Flush buffered vitals metrics on page mount: #33867
• fix problem with HMR when middleware and page reference the same node_module: #33873
• Refactor page component getter in web server: #33759
• update NextResponse default redirect status to 307 to match docs: #33505
• Bug fix: dynamic page should not be interpreted as predefined page: #33808
• Group streaming experimental apis: #33878
• Encapsulate routing and initial hydration: #33875
• Optimize offline condition judgment: #33238
• Ensure external beforeFiles rewrites are handled with next/link: #33888
• Fix parsing params for i18n optional route in minimal mode: #33896
• Ensure browserslist extends works properly: #33890
• Fix image cache race condition: #33883
• Add support for Relay projects without artifactDirectory: #33918
• fix: handle jsxspreadattribute in inline-script-id eslint rule: #32421
• feat(next-swc): Update swc: #33724
• Update to latest version of amphtml-validator: #33967
• Warn in dev mode when script tags are added with next/head: #33968
• Ensure optional chaining in swc matches babel: #33995
• Use react-dom/server.browser in Node.js: #33950
• Ensure external middleware rewrite is handled correctly: #33962
• Update Terser to v5.10.0, fix minification issues: #33045
• Warn in dev mode when stylesheets are added using next/head: #34004
• Use ReadableStream in RenderResult: #34005
• Fix suffix ordering while streaming: #34011
• Don't use yarn if a package-lock.json file is found: #31926
• Do not warn when application/ld+json scripts are used with next/head: #34021
• Babel & next-swc: Fix exporting page config with AsExpression: #32702
• Detect per page runtime config for functions manifest: #33945
• Add JSDoc to config options: #32915
• Update font-stylesheet-gathering-plugin.ts: #30709
• Add decoratorMetadata flag if enabled by tsconfig: #32914
• fix: data url handling in css-loader: #34034
• Place 'charset' element at the top of : #28119
• Fix detection of anchor click events inside svg: #23272
• Allow passing nothing as custom jest config: #32328
• Fixes #31240: Adding a recursive addPackagePath function in webpack-config: #31264
• Require component rendered as child of Link to pass event to onClick handler: #27723
• Allow scroll prevention on hash change: #31921
• Add support for async fn / promise in next.config.js/.mjs: #33662
• Fix lazyRoot functionality for next/image: #33933
• Change SWC minify from beta to release candidate: #34056
• Make Router state immutable: #33925
• Stop exposing internal render and renderError methods from next/client: #34069
• Add api-utils helper for testing: #34078

... (truncated)

• 8545fd1 v12.1.0
• 1605f30 v12.0.11-canary.21
• 69aedbd Fix typo (#34480)
• f0f322c Remove deprecation for relative URL usage in middlewares (#34461)
• d4d79b2 Fix chunk buffering for server components (#34474)
• 74fa4d4 update webpack (#34477)
• b70397e Revert "Allow reading request bodies in middlewares (#34294)" (#34479)
• 4202011 Update font-optimization test snapshot (#34478)
• 1edd851 Allow reading request bodies in middlewares (#34294)
• ba78437 fix: don't wrap profile in firebase example (#34457)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• 7efb22a 1.2.6
• ef88b93 security notice for additional prototype pollution issue
• c2b9819 isConstructorOrProto adapted from PR
• bc8ecee test from prototype pollution PR
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from nanoid's changelog.

3.3.2

• Fixed enhanced-resolve support.

3.3.1

• Reduced package size.

3.3

• Added size argument to function from customAlphabet (by Stefan Sundin).

3.2

• Added --size and --alphabet arguments to binary (by Vitaly Baev).

3.1.32

• Reduced async exports size (by Artyom Arutyunyan).
• Moved from Jest to uvu (by Vitaly Baev).

3.1.31

• Fixed collision vulnerability on object in size (by Artyom Arutyunyan).

• 7f0df47 Release 3.3.2 version
• 56f3f5c Update dependencies
• 41cc4e2 Update CI
• ec6f809 Release 3.3.1 version
• c7d8578 Update dependencies
• 05b2596 Remove old tests
• 368a6e7 Remove process.env.NODE_ENV
• ee7dee3 Remove @​napi-rs/uuid to fix CI
• defe20f Try to fix CI
• ee85121 Try to fix CI
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• 0a1ad5d 4.0.1
• e4af095 Merge pull request #73 from ranjit-git/master
• 6e21f5e code style
• 489f743 Bug fix: Thirdparty cookie leak
• 6e4468a Bug fix: thirdparty site cookie leak
• 81eaf56 readme: document basic auth usage
• a0fe9a3 standard
• e69456b package metadata
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• 699c459 3.1.2
• 2f2b5ff fix: trim pattern
• 25d7c0d 3.1.1
• 55dda29 fix: treat nocase:true as always having magic
• 5e1fb8d 3.1.0
• f8145c5 Add 'allowWindowsEscape' option
• 570e8b1 add publishConfig for v3 publishes
• 5b7cd33 3.0.6
• 20b4b56 [fix] revert all breaking syntax changes
• 2ff0388 document, expose, and test 'partial:true' option
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from jpeg-js's releases.

v0.4.4

v0.4.4 (2022-06-07)

• feat: add comment tag encoding (#87) (13e1ffa), closes #87
• fix: validate sampling factors (#106) (9ccd35f), closes #106
• fix(decoder): rethrow a more helpful error if Buffer is undefined (#93) (b58cc11), closes #93
• chore(ci): migrate to github actions (#86) (417e8e2), closes #86
• chore(deps): bump y18n from 4.0.0 to 4.0.3 (#98) (2c90858), closes #98
• chore(deps): bump ws from 7.2.3 to 7.4.6 (#91) (fd73289), closes #91
• chore(deps): bump hosted-git-info from 2.8.8 to 2.8.9 (#90) (9449a8b), closes #90
• chore(deps): bump lodash from 4.17.15 to 4.17.21 (#89) (ffdc4a4), closes #89

• 9ccd35f fix: validate sampling factors (#106)
• b58cc11 fix(decoder): rethrow a more helpful error if Buffer is undefined (#93)
• 2c90858 chore(deps): bump y18n from 4.0.0 to 4.0.3 (#98)
• fd73289 chore(deps): bump ws from 7.2.3 to 7.4.6 (#91)
• 9449a8b chore(deps): bump hosted-git-info from 2.8.8 to 2.8.9 (#90)
• ffdc4a4 chore(deps): bump lodash from 4.17.15 to 4.17.21 (#89)
• 13e1ffa feat: add comment tag encoding (#87)
• 417e8e2 chore(ci): migrate to github actions (#86)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from sharp's changelog.

v0.30.5 - 23rd May 2022

• Install: pass PKG_CONFIG_PATH via env rather than substitution. @​dwisiswant0

• Add support for --libc flag to improve cross-platform installation. #3160 @​joonamo

• Allow installation of prebuilt libvips binaries from filesystem. #3196 @​ankurparihar

• Fix rotate-then-extract for EXIF orientation 2. #3218 @​jakob0fischl

v0.30.4 - 18th April 2022

• Increase control over sensitivity to invalid images via failOn, deprecate failOnError (equivalent to failOn: 'warning').

• Ensure create input image has correct bit depth and colour space. #3139

• Add support for TypedArray input with byteOffset and length. #3146 @​codepage949

• Improve error message when attempting to render SVG input greater than 32767x32767. #3167

• Add missing file name to 'Input file is missing' error message. #3178 @​Brodan

v0.30.3 - 14th March 2022

• Allow sharpen options to be provided more consistently as an Object. #2561

• Expose x1, y2 and y3 parameters of sharpen operation. #2935

• Prevent double unpremultiply with some composite blend modes (regression in 0.30.2). #3118

v0.30.2 - 2nd March 2022

• Improve performance and accuracy when compositing multiple images. #2286

... (truncated)

• db654de Release v0.30.5
• a6aeef6 Install: pass PKG_CONFIG_PATH via env rather than substitution
• 7bf6cbd Docs: correct links to libvips documentation
• 04c31b3 Install: warn about filesystem owner running npm v8+ as root
• ee9cdb6 Bump deps
• 8960eb8 Docs: changelog entry for #3218
• 54d9dc4 Fix rotate-then-extract for EXIF orientation 2 (#3218)
• 51b4a7c Add support for --libc flag to improve cross-platform install (#3160)
• 5b03579 Docs: more details about concurrency, parallelism, threads
• 58c2af3 Docs: improve output format info for toBuffer
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from cross-fetch's releases.

v3.1.5

What's Changed

• chore: updated node-fetch version to 2.6.7 by @​dlafreniere in lquixada/cross-fetch#124

New Contributors

• @​dlafreniere made their first contribution in lquixada/cross-fetch#124

Full Changelog: https://github.com/lquixada/cross-fetch/compare/v3.1.4...v3.1.5

• c6089df chore(release): 3.1.5
• a3b3a94 chore: updated node-fetch version to 2.6.7 (#124)
• efed703 chore: updated node-fetch version to 2.6.5
• 694ff77 refactor: removed ora from dependencies
• efc5956 refactor: added .vscode to .gitignore
• da605d5 refactor: renamed test/fetch/ to test/fetch-api/ and test/module/ to test/mod...
• 0f0d51d chore: updated minor and patch versions of dev dependencies
• c6e34ea refactor: removed sinon.js
• f524a52 fix: yargs was incompatible with node 10
• 7906fcf chore: updated dev dependencies
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.