Sourced from axios's releases.

Release v0.30.0

Release notes:

Bug Fixes

• fix: modify log while request is aborted by @​mori5321 in axios/axios#4917
• fix: update CHANGELOG.md for v0.x by @​TehZarathustra in axios/axios#6271
• fix: modify upgrade guide for 0.28.1's breaking change by @​nafeger in axios/axios#6787
• fix: backport allowAbsoluteUrls vulnerability fix to v0.x by @​thatguyinabeanie in axios/axios#6829
• fix: add allowAbsoluteUrls type by @​thatguyinabeanie in axios/axios#6849

Contributors to this release

• @​mori5321 made their first contribution in axios/axios#4917
• @​TehZarathustra made their first contribution in axios/axios#6271
• @​nafeger made their first contribution in axios/axios#6787
• @​thatguyinabeanie made their first contribution in axios/axios#6829

Full Changelog: axios/axios@v0.29.0...v0.30.0

v0.29.0

Release notes:

Bug Fixes

• fix(backport): backport security fixes in commits #6167 and #6163 to v0.x by @​Sean-Powell in axios/axios#6402
• fix: omit nulls in params by @​Willshaw in axios/axios#6394
• fix(backport): fix paramsSerializer function validation by @​solonzhu in axios/axios#6361
• fix: Regular Expression Denial of Service (ReDoS) by @​qiongshusheng in axios/axios#6708

Contributors to this release

• @​Sean-Powell made their first contribution in axios/axios#6402
• @​Willshaw made their first contribution in axios/axios#6394
• @​solonzhu made their first contribution in axios/axios#6361
• @​qiongshusheng made their first contribution in axios/axios#6708

Release v0.28.1

Release notes:

Release notes:

Bug Fixes

• fix(backport): custom params serializer support (#6263)
• fix(backport): uncaught ReferenceError req is not defined (#6307)

Release v0.28.0

Release notes:

Bug Fixes

• fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

• Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
• Fixing content-type header repeated #4745

... (truncated)

Sourced from axios's changelog.

0.30.0 (2025-03-26)

Release notes:

Bug Fixes

• fix: modify log while request is aborted (#4917)
• fix: update CHANGELOG.md for v0.x (#6271)
• fix: modify upgrade guide for 0.28.1's breaking change (#6787)
• fix: backport allowAbsoluteUrls vulnerability fix to v0.x (#6829)
• fix: add allowAbsoluteUrls type (#6849)

0.29.0 (2024-11-21)

Release notes:

Bug Fixes

• fix(backport): backport security fixes in commits #6167 and #6163 (#6402)
• fix: omit nulls in params (#6394)
• fix(backport): fix paramsSerializer function validation (#6361)
• fix: regular expression denial of service (ReDoS) (#6708)

0.28.1 (2024-03-24)

Release notes:

Bug Fixes

• fix(backport): custom params serializer support (#6263)
• fix(backport): uncaught ReferenceError req is not defined (#6307)

0.28.0 (2024-02-12)

Release notes:

Bug Fixes

• fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

• Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
• Fixing content-type header repeated (#4745)
• Fixed timeout error message for HTTP (#4738)
• Added axios.formToJSON method (#4735)
• URL params serializer (#4734)
• Fixed toFormData Blob issue on node>v17 (#4728)
• Adding types for progress event callbacks (#4675)
• Fixed max body length defaults (#4731)

... (truncated)

• 6e922e4 chore: added build artifacts
• a06ed1e chore: added pre-release artifacts
• c010622 feat: add type for allowAbsoluteUrls (#6849)
• 02c3c69 fix: backport allowAbsoluteUrls vuln fix to v0.x (#6829)
• 8603e67 docs: modify upgrade guide for 0.28.1's breaking change (#6787)
• f0642ee fix(docs): update CHANGELOG.md for v0.x (#6271)
• 0630c32 fix: modify log while request is aborted (#4917)
• 7750b8c chore(release): prep release v0.29.0
• 4840cb2 fix: regular expression denial of service issues (#6708)
• 2e36cdb fix(backport): fix paramsSerializer function validation (#6361)
• Additional commits viewable in compare view

This version was pushed to npm by jasonsaayman, a new releaser for axios since your current version.

Sourced from chart.js's releases.

v2.9.4

This is the last release of v2 and focused on fixing bugs identified in the v2.9.3 release.

Bugs Fixed

• #7404 - Preserve prototypes when cloning. Thanks @​iddings
• #7587 - Fix docs for external moment.js. Thanks @​mojoaxel
• #7853 - Fix box recursion when dimensions are NaN. Thanks @​alessandroasm
• #7883 - Fix call stack exception when computing label sizes. Thanks @​silentmatt
• #7918 - Prevent global prototype pollution via the merge helper
• #7920 - Use Object.create(null) as merge target, to prevent prototype pollution

v2.9.3

Bug Fixes

• #6698 Fix undefined variable
• #6719 Don't make legend empty when fill is false

Thanks to the maintainers and collaborators for their help to improve and test Chart.js (@​kurkle, @​benmccann, and @​etimberg).

v2.9.2

Bug Fixes

• #6641 IE11 & Edge compatible style injection
• #6655 Backwards compatible default fill for radar charts
• #6660 Improve clipping of line charts when border widths are large
• #6661 When a legend item is clicked, make sure the correct item is hidden
• #6663 Refresh package-lock file to pick up new dependency

Performance

• #6671 Stop unnecessary line calculations

Documentation

• #6643 Combine performance documentation sections

Thanks to the maintainers and collaborators for their help to improve and test Chart.js (@​nagix, @​kurkle, @​benmccann, @​etimberg and @​simonbrunel).

v2.9.1

Bug Fixes

• #6603 Fix deprecation warnings for horizontal bar charts
• #6608 Fix zoom plugin by no longer clipping scale.getDecimalForPixel to the chart area
• #6617 Non numeric Y axes did not work

Documentation

• #6613 Add link to performance documentation

... (truncated)

• 9bd4cf8 Release v2.9.4
• 1d92605 Use Object.create(null) as merge target (#7920)
• dff7140 When objects are merged together, the target prototype can be polluted. (#7918)
• d919188 Bump verison number to v2.9.4
• 42ed589 Fix Maximum call stack size exception in computeLabelSizes (#7883)
• 063b7dc [2.9] FitBoxes recursion when dimensions are NaN (#7853)
• 2493cb5 Use node v12.18.2 on Travis CI (#7864)
• 679ec4a docs: fix rollup external moment (#7587)
• 484f0d1 Preserve object prototypes when cloning (#7404)
• 2df6986 Look for any branch starting with release (#7087) (#7089)
• Additional commits viewable in compare view

• 5bd73f6 8.5.1
• 4d0804b Backport #352. Closes #353
• 4ae5f53 8.5.0
• 83019b8 Add isPromise(). Closes #346
• b9aa286 Add declaration
• 5dcbb9c 8.4.0
• d898b06 Add TS utils. Closes #345
• ea1741d 8.3.2
• f6eb28d Improve clone() performance. Closes #344
• 8fa5664 8.3.1
• Additional commits viewable in compare view

• b604775 15.1.1
• da4774f Replace v16 compatibility interface. Closes #2047
• e14321f 15.1.0
• 5d4c0c9 Legacy api. Closes #1926
• See full diff in compare view

• 6370e90 Mark version 5.7.4
• fbc15b1 More rigorously check surrogate pairs in regexp validator
• See full diff in compare view

Sourced from ajv's releases.

v6.12.6

Fix performance issue of "url" format.

v6.12.5

Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords option (#1270)

v6.12.4

Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

v6.12.3

Pass schema object to processCode function Option for strictNumbers (@​issacgerges, #1128) Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

v6.12.2

Removed post-install script

v6.12.1

Docs and dependency updates

v6.12.0

Improved hostname validation (@​sambauers, #1143) Option keywords to add custom keywords (@​franciscomorais, #1137) Types fixes (@​boenrobot, @​MattiAstedrone) Docs:

• error logging example (@​RadiationSickness)
• TypeScript usage notes (@​thetric)

v6.11.0

Time formats support two digit and colon-less variants of timezone offset (#1061 , @​cjpillsbury) Docs: RegExp related security considerations Tests: Disabled failing typescript test

v6.10.2

Fix: the unknown keywords were ignored with the option strictKeywords: true (instead of failing compilation) in some sub-schemas (e.g. anyOf), when the sub-schema didn't have known keywords.

v6.10.1

Fix types Fix addSchema (#1001) Update dependencies

• fe59143 6.12.6
• d580d3e Merge pull request #1298 from ajv-validator/fix-url
• fd36389 fix: regular expression for "url" format
• 490e34c docs: link to v7-beta branch
• 9cd93a1 docs: note about v7 in readme
• 877d286 Merge pull request #1262 from b4h0-c4t/refactor-opt-object-type
• f1c8e45 6.12.5
• 764035e Merge branch 'ChALkeR-chalker/fix-comma'
• 3798160 Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...
• a3c7eba Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...
• Additional commits viewable in compare view

• See full diff in compare view

Sourced from react-scripts's changelog.

3.4.4 (2020-10-20)

v3.4.4 release bumps resolve-url-loader to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.3 to 3.4.4

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@3.4.4

or

yarn add --exact react-scripts@3.4.4

3.4.3 (2020-08-12)

v3.4.3 release bumps terser-webpack-plugin to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.2 to 3.4.3

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@3.4.3

or

yarn add --exact react-scripts@3.4.3

3.4.2 (2020-08-11)

v3.4.2 release bumps webpack-dev-server to a version for which npm audit does not report a vulnerability. Note that this vulnerability did not affect Create React App projects, so this change is only necessary to satisfy auditing tools.

Migrating from 3.4.1 to 3.4.2

Inside any created project that has not been ejected, run:

npm install --save --save-exact react-scripts@3.4.2

or

... (truncated)

• 19fa58d Publish
• 9802941 fix: webpack noise printed only if error or warning (#12245)
• 2eef1d0 Update templates to use React 18 createRoot (#12220)
• 221e511 Publish
• 5614c87 Add support for Tailwind (#11717)
• 20edab4 fix(webpackDevServer): disable overlay for warnings (#11413)
• 3afbbc0 Update all dependencies (#11624)
• f5467d5 feat(eslint-config-react-app): support ESLint 8.x (#11375)
• c7627ce Update webpack and dev server (#11646)
• 544befe Update package.json (#11597)
• Additional commits viewable in compare view

• e4e55c7 Release version 1.15.9 of the npm package.
• 31a1abf Attempt much more gentle detection.
• d2aaa97 Fix url field.
• 62558f0 Release version 1.15.8 of the npm package.
• a8d1cee Return subtlety.
• 458ca8e Fix native URL test for Node 20.
• ca49e44 Handle KeepAlive connections in tests.
• f3711d7 Test on Node 20 and 22.
• fda0faf Fix typo.
• 760757f Release version 1.15.7 of the npm package.
• Additional commits viewable in compare view

Sourced from kind-of's changelog.

[3.2.2] - 2017-05-16

• fix version

[3.2.1] - 2017-05-16

• add browserify

[3.2.0] - 2017-04-25

• Merge pull request #10 from ksheedlo/unrequire-buffer
• add promise support and tests
• Remove unnecessary Buffer check

[3.1.0] - 2016-12-07

• Merge pull request #7 from laggingreflex/err
• add support for error and tests
• run update

[3.0.4] - 2016-07-29

• move tests
• run update

[3.0.3] - 2016-05-03

• fix prepublish script
• remove unused dep

[3.0.0] - 2015-11-17

• add typed array support
• Merge pull request #5 from miguelmota/typed-arrays
• adds new tests

• 0ffe67c 3.2.2
• 19fa8ab fix version
• 2ccb4ed 3.2.1
• deba378 3.2.1
• 5bfd67b add browserify
• 9c94237 3.2.0
• c9c3f09 run verb
• ddeacd6 run update
• 10265f9 Merge pull request #10 from ksheedlo/unrequire-buffer
• 0cfb70e Remove unnecessary typeof Buffer check
• Additional commits viewable in compare view

Sourced from qs's changelog.

6.5.3

• [Fix] parse: ignore __proto__ keys (#428)
• [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source
• [Fix] correctly parse nested arrays
• [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
• [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
• [Fix] when parseArrays is false, properly handle keys ending in []
• [Fix] fix for an impossible situation: when the formatter is called with a non-string value
• [Fix] utils.merge: avoid a crash with a null target and an array source
• [Refactor] utils: reduce observable [[Get]]s
• [Refactor] use cached Array.isArray
• [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
• [Refactor] parse: only need to reassign the var once
• [Robustness] stringify: avoid relying on a global undefined (#427)
• [readme] remove travis badge; add github actions/codecov badges; update URLs
• [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
• [Docs] Clarify the need for "arrayLimit" option
• [meta] fix README.md (#399)
• [meta] add FUNDING.yml
• [actions] backport actions from main
• [Tests] always use String(x) over x.toString()
• [Tests] remove nonexistent tape option
• [Dev Deps] backport from main

• 298bfa5 v6.5.3
• ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
• 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
• 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
• 12ac1c4 [meta] fix README.md (#399)
• 0338716 [actions] backport actions from main
• 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
• 51b8a0b add FUNDING.yml
• 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
• f814a7f [Dev Deps] backport from main
• Additional commits viewable in compare view

Sourced from browserslist's releases.

4.25.0

• Added cover 95% in browserslist-config-mycompany stats query support.

4.24.5

• Fixed support ESM shared config.
• Fixed docs (by Alexander Pushkov & マルコメ).

4.24.4

• Improved performance by using caching better (by @​thoughtspile).

4.24.3

• Updated Firefox ESR (by @​fpapado).

4.24.2

• Clarify outdated caniuse-lite warning text.

4.24.1

• Added months since last caniuse-lite update to the warning (by @​mezhnin).

4.24.0

• Added browserslist.findConfigFile() helper (by @​JLHwung).

4.23.3

• Fixed >= query for ios (by @​syi0808).

4.23.2

• Updated Firefox ESR.

4.23.1

• Fixed feature query with mobile to desktop when caniuse lags (by @​steverep).

4.23.0

• Added BROWSERSLIST_ROOT_PATH (by @​teleclimber).

Sourced from browserslist's changelog.

4.25.0

• Added cover 95% in browserslist-config-mycompany stats query support.

4.24.5

• Fixed support ESM shared config.
• Fixed docs (by Alexander Pushkov & マルコメ).

4.24.4

• Improved performance by using caching better (by @​thoughtspile).

4.24.3

• Updated Firefox ESR (by @​fpapado).

4.24.2

• Clarify outdated caniuse-lite warning text.

4.24.1

• Added months since last caniuse-lite update to the warning (by @​mezhnin).

4.24.0

• Added browserslist.findConfigFile() helper (by @​JLHwung).

4.23.3

• Fixed >= query for ios (by @​syi0808).

4.23.2

• Updated Firefox ESR.

4.23.1

• Fixed feature query with mobile to desktop when caniuse lags (by @​steverep).

4.23.0

• Added BROWSERSLIST_ROOT_PATH (by @​teleclimber).

4.22.3

• Fixed white spaces support in supports query (@​g-plane).
• Fixed shared config like @company/package/browserslist-config (@​boucodes).

4.22.2

• Fixed idempotency in time queries with mobileToDesktop (by Aliaksei Sapach).

4.22.1

• Updated Firefox ESR (by @​lerkor).

4.22

• Added fully supports query (by Ben Scott).
• Added partially supports alias for supports query (by Ben Scott).

4.21.11

• Added warning to --update-db to move to new CLI (by Ivan Vasilev).

... (truncated)

• See full diff in compare view

• 782c264 3.0.8
• 6ade2da fix: trim pattern
• a6f52b0 3.0.7
• e4cd434 fix: treat nocase:true as always having magic
• e6bbe1c publishConfig for 3.0
• 5b7cd33 3.0.6
• 20b4b56 [fix] revert all breaking syntax changes
• 2ff0388 document, expose, and test 'partial:true' option
• 5dbd6a7 ci: tests and makework
• dbda065 full test coverage, adding tests, deleting dead code
• Additional commits viewable in compare view

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

• [Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)
• [Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)
• [Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

• [Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)
• [Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] Fix long option followed by single dash [#15](https://github.com/minimistjs/minimist/issues/15)
• [Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)
• [Fix] Fix handling of short option with non-trivial equals [#5](https://github.com/minimistjs/minimist/issues/5)
• [Tests] Remove duplicate test [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] opt.string works with multiple aliases [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

• Merge tag 'v0.2.3' a026794
• [eslint] fix indentation and whitespace 5368ca4
• [eslint] fix indentation and whitespace e5f5067
• [eslint] more cleanup 62fde7d
• [eslint] more cleanup 36ac5d0
• [meta] add auto-changelog 73923d2
• [actions] add reusable workflows d80727d
• [eslint] add eslint; rules to enable later are warnings 48bc06a
• [eslint] fix indentation 34b0f1c
• [readme] rename and add badges 5df0fe4
• [Dev Deps] switch from covert to nyc a48b128
• [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
• [meta] create FUNDING.yml; add funding in package.json 3639e0c
• [meta] use npmignore to autogenerate an npmignore file be2e038
• Only apps should have lockfiles 282b570
• isConstructorOrProto adapted from PR ef9153f
• [Dev Deps] update @ljharb/eslint-config, aud 098873c
• [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
• [meta] add safe-publish-latest 4b927de
• [Tests] add aud in posttest b32d9bd
• [meta] update repo URLs f9fdfc0
• [actions] Avoid 0.6 tests due to build failures ba92fe6
• [Dev Deps] update tape 950eaa7
• [Dev Deps] add missing npmignore dev dep 3226afa
• Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

• 6901ee2 v1.2.8
• a026794 Merge tag 'v0.2.3'
• c0b2661 v0.2.3
• 63b8fee [Fix] Fix long option followed by single dash (#17)
• 72239e6 [Tests] Remove duplicate test (#12)
• 34b0f1c [eslint] fix indentation
• 3226afa [Dev Deps] add missing npmignore dev dep
• 098873c [Dev Deps] update @ljharb/eslint-config, aud
• 9ec4d27 [Fix] Fix long option followed by single dash
• ba92fe6 [actions] Avoid 0.6 tests due to build failures
• Additional commits viewable in compare view

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.

• 92f086d 0.5.6
• 2a28125 clean up tests
• c905d65 update minimist
• 049cf18 0.5.5
• bea6382 Remove unnecessary umask calls
• 42a012c 0.5.4
• 2867920 fix infinite loop on windows machines
• d784e70 0.5.3
• d612c5d add files list so this package isn't a monster
• b2e7ba0 0.5.2
• Additional commits viewable in compare view

This version was pushed to npm by isaacs, a new releaser for mkdirp since your current version.

Sourced from tar's releases.

v6.1.13

6.1.13 (2022-12-07)

Dependencies

• cc4e0dd #343 bump minipass from 3.3.6 to 4.0.0

v6.1.12

6.1.12 (2022-10-31)

Bug Fixes

• 57493ee #332 ensuring close event is emited after stream has ended (@​webark)
• b003c64 #314 replace deprecated String.prototype.substr() (#314) (@​CommanderRoot, @​lukekarrys)

Documentation

• f129929 #313 remove dead link to benchmarks (#313) (@​yetzt)
• c1faa9f add examples/explanation of using tar.t (@​isaacs)

Sourced from tar's changelog.

Changelog

7.4

• Deprecate onentry in favor of onReadEntry for clarity.

7.3

• Add onWriteEntry option

7.2

• DRY the command definitions into a single makeCommand method, and update the type signatures to more appropriately infer the return type from the options and arguments provided.

7.1

• Update minipass to v7.1.0
• Update the type definitions of write() and end() methods on Unpack and Parser classes to be compatible with the NodeJS.WritableStream type in the latest versions of @types/node.

7.0

• Rewrite in TypeScript, provide ESM and CommonJS hybrid interface
• Add tree-shake friendly exports, like import('tar/create') and import('tar/read-entry') to get individual functions or classes.
• Add chmod option that defaults to false, and deprecate noChmod. That is, reverse the default option regarding explicitly setting file system modes to match tar entry settings.
• Add processUmask option to avoid having to call process.umask() when chmod: true (or noChmod: false) is set.

6.2

• Add support for brotli compression
• Add maxDepth option to prevent extraction into excessively deep folders.

6.1

• remove dead link to benchmarks (#313) (@​yetzt)
• add examples/explanation of using tar.t (@​isaacs)
• ensure close event is emited after stream has ended (@​webark)

... (truncated)

• bef7b1e 6.2.1