Bump the npm_and_yarn group across 2 directories with 23 updates

[dependabot]

Bumps the npm_and_yarn group with 13 updates in the / directory:

Package	From	To
react-native	0.62.2	0.69.12
decode-uri-component	0.2.0	0.2.2
hosted-git-info	2.8.8	2.8.9
lodash	4.17.20	4.17.21
minimatch	3.0.4	3.1.2
minimist	1.2.5	1.2.8
node-notifier	8.0.0	8.0.2
path-parse	1.0.6	1.0.7
qs	6.5.2	6.5.3
serve-static	1.14.1	1.16.2
tmpl	1.0.4	1.0.5
word-wrap	1.2.3	1.2.5
y18n	4.0.0	4.0.3

Bumps the npm_and_yarn group with 14 updates in the /SampleApp directory:

Package	From	To
react-native	0.62.2	0.69.12
decode-uri-component	0.2.0	0.2.2
glob-parent	5.1.0	5.1.2
lodash	4.17.20	4.17.21
minimatch	3.0.4	3.1.2
minimist	1.2.5	1.2.8
path-parse	1.0.6	1.0.7
qs	6.5.2	6.5.3
serve-static	1.14.1	1.16.2
tmpl	1.0.4	1.0.5
word-wrap	1.2.3	1.2.5
y18n	4.0.0	4.0.3
moment	2.24.0	2.30.1
path-to-regexp	1.8.0	1.9.0

Updates react-native from 0.62.2 to 0.69.12

Release notes

Sourced from react-native's releases.

0.69.12

Changed

• [0.69] Bump CLI to ^8.0.7, Metro to 0.70.4 (56807fadfa by @​robhogan)

iOS specific

• [0.69] Use Content-Location header in bundle response as JS source URL (#37501) (367fc7ad52 by @​robhogan)

Fixed

Android specific

• Prevent crash in runAnimationStep on OnePlus and Oppo devices (#37487) (4db7a10e25 by @​hsource)

---

0.69.12 is the latest patch the Release Crew will prepare for version 0.69. You can have a look at the latest discussion.

---

To help you upgrade to this version, you can use the upgrade helper ⚛️

---

You can find the whole changelog history in the changelog.md file.

0.69.11

Fixed

iOS specific

• Make 0.69 compatible with Xcode 15 (thanks to @​AlexanderEggers for the commit in main) (37e8df1cdc)

---

You can participate in the conversation on the status of this release in this discussion.

---

To help you upgrade to this version, you can use the upgrade helper ⚛️

---

You can find the whole changelog history in the changelog.md file.

0.69.10

This release is primarily aimed at addressing issues with ANRs using multiline TextInput on Samsung devices (facebook/react-native#35936, facebook/react-native#35590).

Fixed

Android specific

... (truncated)

Changelog

Sourced from react-native's changelog.

v0.69.12

Changed

• [0.69] Bump CLI to ^8.0.7, Metro to 0.70.4 (56807fadfa by @​robhogan)

iOS specific

• [0.69] Use Content-Location header in bundle response as JS source URL (#37501) (367fc7ad52 by @​robhogan)

Fixed

Android specific

• Prevent crash in runAnimationStep on OnePlus and Oppo devices (#37487) (4db7a10e25 by @​hsource)

v0.69.11

Fixed

iOS specific

• Make 0.69 compatible with Xcode 15 (thanks to @​AlexanderEggers for the commit in main) (37e8df1cdc)

v0.69.10

Fixed

Android specific

• Minimize EditText Spans 8/N: CustomStyleSpan (b384bb613b by @​NickGerleman)
• Minimize EditText Spans 6/N: letterSpacing (5791cf1f7b by @​NickGerleman)
• Minimize Spans 5/N: Strikethrough and Underline (0869ea29db by @​NickGerleman)
• Minimize Spans 4/N: ReactForegroundColorSpan (8c9c8ba5ad by @​NickGerleman)
• Minimize Spans 3/N: ReactBackgroundColorSpan (cc0ba57ea4 by @​NickGerleman)
• Minimize Spans 1/N: Fix precedence (1743dd7ab4 by @​NickGerleman)
• Fix measurement of uncontrolled TextInput after edit (8a0fe30591 by @​NickGerleman)

v0.69.9

Changed

iOS specific

• Relax Ruby requirements (4e015c69d6 by @​cipolleschi)

Fixed

iOS specific

• Fix React Codegen podspec to build on Xcode 14.3 (74ba411b55 by @​cipolleschi)
• Blob data is no longer prematurely deallocated when using blob.slice (36cc71ab36 by @​awinograd)

... (truncated)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by react-native-bot, a new releaser for react-native since your current version.

Updates ansi-regex from 3.0.0 to 4.1.0

Release notes

Sourced from ansi-regex's releases.

v4.1.0

• Support more escape code like links (#29) 96200bb

chalk/ansi-regex@v4.0.0...v4.1.0

Commits

• a079ab2 4.1.0
• 96200bb Support more escape types like links (#29)
• e076cd1 Add Tidelift mention in the readme
• a1d9246 4.0.0
• ced7421 Require Node.js 6
• eac826a Add option to only match the first occurrence (#24)
• 385eca9 Add scroll escapes (#20)
• 14839a4 Add failing test for #21 (#22)
• See full diff in compare view

Updates async from 2.6.3 to 3.2.6

Changelog

Sourced from async's changelog.

v3.2.5

• Ensure Error objects such as AggregateError are propagated without modification (#1920)

v3.2.4

• Fix a bug in priorityQueue where it didn't wait for the result. (#1725)
• Fix a bug where unshiftAsync was included in priorityQueue. (#1790)

v3.2.3

• Fix bugs in comment parsing in autoInject. (#1767, #1780)

v3.2.2

• Fix potential prototype pollution exploit

v3.2.1

• Use queueMicrotask if available to the environment (#1761)
• Minor perf improvement in priorityQueue (#1727)
• More examples in documentation (#1726)
• Various doc fixes (#1708, #1712, #1717, #1740, #1739, #1749, #1756)
• Improved test coverage (#1754)

v3.2.0

• Fix a bug in Safari related to overwriting func.name
• Remove built-in browserify configuration (#1653)
• Varios doc fixes (#1688, #1703, #1704)

v3.1.1

• Allow redefining name property on wrapped functions.

v3.1.0

• Added q.pushAsync and q.unshiftAsync, analagous to q.push and q.unshift, except they always do not accept a callback, and reject if processing the task errors. (#1659)
• Promises returned from q.push and q.unshift when a callback is not passed now resolve even if an error ocurred. (#1659)
• Fixed a parsing bug in autoInject with complicated function bodies (#1663)
• Added ES6+ configuration for Browserify bundlers (#1653)
• Various doc fixes (#1664, #1658, #1665, #1652)

v3.0.1

Bug fixes

• Fixed a regression where arrays passed to queue and cargo would be completely flattened. (#1645)
• Clarified Async's browser support (#1643)

v3.0.0

The async/await release!

There are a lot of new features and subtle breaking changes in this major version, but the biggest feature is that most Async methods return a Promise if you omit the callback, meaning you can await them from within an async function.

</tr></table> 

... (truncated)

Commits

• 85fb18f Version 3.2.6
• 8c0c941 Update built files
• 5f756b4 Fix ReDoS (#1980)
• 39cdc9b build(deps-dev): bump karma from 6.4.3 to 6.4.4 (#1985)
• 7b8ddeb build(deps-dev): bump @​babel/core from 7.24.7 to 7.25.2 (#1981)
• 4634a9d build(deps-dev): bump rollup from 4.18.0 to 4.19.2 (#1982)
• afb176c build(deps-dev): bump chai from 4.4.1 to 4.5.0 (#1983)
• 3568a74 build(deps-dev): bump @​babel/eslint-parser from 7.24.7 to 7.25.1 (#1984)
• 9e885fd build(deps-dev): bump babel-plugin-istanbul from 6.1.1 to 7.0.0 (#1986)
• f9c7f2a build(deps-dev): bump semver from 7.6.2 to 7.6.3 (#1987)
• Additional commits viewable in compare view

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

• Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

• Switch to GitHub workflows 76abc93
• Fix issue where decode throws - fixes #6 746ca5d
• Update license (#1) 486d7e2
• Tidelift tasks a650457
• Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

• a0eea46 0.2.2
• 980e0bf Prevent overwriting previously decoded tokens
• 3c8a373 0.2.1
• 76abc93 Switch to GitHub workflows
• 746ca5d Fix issue where decode throws - fixes #6
• 486d7e2 Update license (#1)
• a650457 Tidelift tasks
• 66e1c28 Meta tweaks
• See full diff in compare view

Updates hermes-engine from 0.4.3 to 0.11.0

Commits

• 2040453 Bump versions for 0.11.0 cut
• 6c53047 Run Hermes CMake from cargo
• 67fe974 Bump nanoid from 3.1.22 to 3.2.0 in /website (#666)
• 10d4945 Handle type params in methods
• bd64b09 Avoid parens around spread arguments
• deabbfd Use proper quotes in string literal type annotation
• ae61d74 Fix extra parens in property assignment
• 1ba8ef6 Store raw values for string literals as JSX attributes
• 46faa15 Enable some syscalls to resume after SIGPROF
• 8bebc9b fix handling of imports
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by lunaleaps, a new releaser for hermes-engine since your current version.

Updates hosted-git-info from 2.8.8 to 2.8.9

Changelog

Sourced from hosted-git-info's changelog.

2.8.9 (2021-04-07)

Bug Fixes

• backport regex fix from #76 (29adfe5), closes #84

Commits

• 8d4b369 chore(release): 2.8.9
• 29adfe5 fix: backport regex fix from #76
• See full diff in compare view

Maintainer changes

This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.

Updates lodash from 4.17.20 to 4.17.21

Commits

• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• See full diff in compare view

Updates minimatch from 3.0.4 to 3.1.2

Commits

• 699c459 3.1.2
• 2f2b5ff fix: trim pattern
• 25d7c0d 3.1.1
• 55dda29 fix: treat nocase:true as always having magic
• 5e1fb8d 3.1.0
• f8145c5 Add 'allowWindowsEscape' option
• 570e8b1 add publishConfig for v3 publishes
• 5b7cd33 3.0.6
• 20b4b56 [fix] revert all breaking syntax changes
• 2ff0388 document, expose, and test 'partial:true' option
• Additional commits viewable in compare view

Updates minimist from 1.2.5 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

• [Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)
• [Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)
• [Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

• [Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)
• [Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] Fix long option followed by single dash [#15](https://github.com/minimistjs/minimist/issues/15)
• [Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)
• [Fix] Fix handling of short option with non-trivial equals [#5](https://github.com/minimistjs/minimist/issues/5)
• [Tests] Remove duplicate test [#8](https://github.com/minimistjs/minimist/issues/8)
• [Fix] opt.string works with multiple aliases [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

• Merge tag 'v0.2.3' a026794
• [eslint] fix indentation and whitespace 5368ca4
• [eslint] fix indentation and whitespace e5f5067
• [eslint] more cleanup 62fde7d
• [eslint] more cleanup 36ac5d0
• [meta] add auto-changelog 73923d2
• [actions] add reusable workflows d80727d
• [eslint] add eslint; rules to enable later are warnings 48bc06a
• [eslint] fix indentation 34b0f1c
• [readme] rename and add badges 5df0fe4
• [Dev Deps] switch from covert to nyc a48b128
• [Dev Deps] update covert, tape; remove unnecessary tap f0fb958
• [meta] create FUNDING.yml; add funding in package.json 3639e0c
• [meta] use npmignore to autogenerate an npmignore file be2e038
• Only apps should have lockfiles 282b570
• isConstructorOrProto adapted from PR ef9153f
• [Dev Deps] update @ljharb/eslint-config, aud 098873c
• [Dev Deps] update @ljharb/eslint-config, aud 3124ed3
• [meta] add safe-publish-latest 4b927de
• [Tests] add aud in posttest b32d9bd
• [meta] update repo URLs f9fdfc0
• [actions] Avoid 0.6 tests due to build failures ba92fe6
• [Dev Deps] update tape 950eaa7
• [Dev Deps] add missing npmignore dev dep 3226afa
• Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits

• 6901ee2 v1.2.8
• a026794 Merge tag 'v0.2.3'
• c0b2661 v0.2.3
• 63b8fee [Fix] Fix long option followed by single dash (#17)
• 72239e6 [Tests] Remove duplicate test (#12)
• 34b0f1c [eslint] fix indentation
• 3226afa [Dev Deps] add missing npmignore dev dep
• 098873c [Dev Deps] update @ljharb/eslint-config, aud
• 9ec4d27 [Fix] Fix long option followed by single dash
• ba92fe6 [actions] Avoid 0.6 tests due to build failures
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.

Updates node-fetch from 1.7.3 to 2.6.0

Release notes

Sourced from node-fetch's releases.

v2.6.0

See CHANGELOG.

v2.5.0

See CHANGELOG.

v2.4.1

See CHANGELOG.

v2.4.0

See CHANGELOG.

v2.3.0

See CHANGELOG.

v2.2.1

See CHANGELOG.

Version 2.1.2

• Fix: allow Body methods to work on ArrayBuffer-backed Body` objects
• Fix: reject promise returned by Body methods when the accumulated Buffer exceeds the maximum size
• Fix: support custom Host headers with any casing
• Fix: support importing fetch() from TypeScript in browser.js
• Fix: handle the redirect response body properly

See CHANGELOG.

Version 2.1.1

See CHANGELOG.

Fix packaging errors in version 2.1.0.

Version 2.1.0

See CHANGELOG:

• Enhance: allow using ArrayBuffer as the body of a fetch() or Request
• Fix: store HTTP headers of a Headers object internally with the given case, for compatibility with older servers that incorrectly treated header names in a case-sensitive manner
• Fix: silently ignore invalid HTTP headers
• Fix: handle HTTP redirect responses without a Location header just like non-redirect responses
• Fix: include bodies when following a redirection when appropriate

Version 2.0.0

This is a major release. See upgrade guide on how to upgrade from v1.x, and the changelog for all changes.

v2.0.0-alpha.9

see changelog for details

v2.0.0-alpha.8

see changelog for details

... (truncated)

Changelog

Sourced from node-fetch's changelog.

v2.6.0

• Enhance: options.agent, it now accepts a function that returns custom http(s).Agent instance based on current URL, see readme for more information.
• Fix: incorrect Content-Length was returned for stream body in 2.5.0 release; note that node-fetch doesn't calculate content length for stream body.
• Fix: Response.url should return empty string instead of null by default.

v2.5.0

• Enhance: Response object now includes redirected property.
• Enhance: fetch() now accepts third-party Blob implementation as body.
• Other: disable package-lock.json generation as we never commit them.
• Other: dev dependency update.
• Other: readme update.

v2.4.1

• Fix: Blob import rule for node < 10, as Readable isn't a named export.

v2.4.0

• Enhance: added Brotli compression support (using node's zlib).
• Enhance: updated Blob implementation per spec.
• Fix: set content type automatically for URLSearchParams.
• Fix: Headers now reject empty header names.
• Fix: test cases, as node 12+ no longer accepts invalid header response.

v2.3.0

• Enhance: added AbortSignal support, with README example.
• Enhance: handle invalid Location header during redirect by rejecting them explicitly with FetchError.
• Fix: update browser.js to support react-native environment, where self isn't available globally.

v2.2.1

• Fix: compress flag shouldn't overwrite existing Accept-Encoding header.
• Fix: multiple import rules, where PassThrough etc. doesn't have a named export when using node <10 and --exerimental-modules flag.
• Other: Better README.

v2.2.0

• Enhance: Support all ArrayBuffer view types
• Enhance: Support Web Workers
• Enhance: Support Node.js' --experimental-modules mode; deprecate .es.js file
• Fix: Add __esModule property to the exports object
• Other: Better example in README for writing response to a file
• Other: More tests for Agent

v2.1.2

• Fix: allow Body methods to work on ArrayBuffer-backed Body objects

... (truncated)

Commits

• 95286f5 v2.6.0 (#638)
• bf8b4e8 Allow agent option to be a function (#632)
• 0c2294e 2.5.0 release (#630)
• 0fc414c Allow third party blob implementation (#629)
• d8f5ba0 build: disable generation of package-lock since it is not used (#623)
• 1fe1358 test: enable --throw-deprecation for tests (#625)
• a35dcd1 chore(deps): address deprecated url-search-params package (#622)
• b3ecba5 2.4.1 release (#619)
• 1a88481 Fix Blob for older node versions and webpack. (#618)
• c9805a2 2.4.0 release (#616)
• Additional commits viewable in compare view

Updates node-notifier from 8.0.0 to 8.0.2

Changelog

Sourced from node-notifier's changelog.

v8.0.2

• Fixes potential security issue with non-escaping input parameters for notify-send.

Commits

• 3420977 v8.0.2
• a141580 patch: fixes security issue with non-escaping inputs [GHSL-2020-373]
• 5d62799 v8.0.1
• 0c4a80d chore: adds changelog
• f5a7bc6 fix: test cases
• b9d148d patch: fixes possible injection issue for notify-send
• See full diff in compare view

Updates path-parse from 1.0.6 to 1.0.7

Commits

• See full diff in compare view

Updates plist from 3.0.1 to 3.1.0

Changelog

Sourced from plist's changelog.

3.1.0 / 2023-07-06

• replace inlined xmldom with @​xmldom/xmldom

3.0.5 / 2022-03-23

• [96e2303d05] Prototype Pollution using .parse() #114 (mario-canva)
• update browserify from 16 to 17

3.0.4 / 2021-08-27

• inline [email protected] to eliminate security warning false positive (Mike Reinstein)

3.0.3 / 2021-08-04

• update xmldom to 0.6.0 to patch critical vulnerability (Mike Reinstein)
• remove flaky saucelabs teseting badge (Mike Reinstein)

3.0.2 / 2021-03-25

• update xmldom to 0.5.0 to patch critical vulnerability (Mike Reinstein)
• update saucelab credentials to point at mreinstein's saucelabs account (Mike Reinstein)
• remove a bunch of test versions from the matrix because they weren't working in zuul + sauce (Mike Reinstein)

Commits

• See full diff in compare view

Updates qs from 6.5.2 to 6.5.3

Changelog

Sourced from qs's changelog.

6.5.3

• [Fix] parse: ignore __proto__ keys (#428)
• [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source
• [Fix] correctly parse nested arrays
• [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
• [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
• [Fix] when parseArrays is false, properly handle keys ending in []
• [Fix] fix for an impossible situation: when the formatter is called with a non-string value
• [Fix] utils.merge: avoid a crash with a null target and an array source
• [Refactor] utils: reduce observable [[Get]]s
• [Refactor] use cached Array.isArray
• [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
• [Refactor] parse: only need to reassign the var once
• [Robustness] stringify: avoid relying on a global undefined (#427)
• [readme] remove travis badge; add github actions/codecov badges; update URLs
• [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
• [Docs] Clarify the need for "arrayLimit" option
• [meta] fix README.md (#399)
• [meta] add FUNDING.yml
• [actions] backport actions from main
• [Tests] always use String(x) over x.toString()
• [Tests] remove nonexistent tape option
• [Dev Deps] backport from main

Commits

• 298bfa5 v6.5.3
• ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
• 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
• 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
• 12ac1c4 [meta] fix README.md (#399)
• 0338716 [actions] backport actions from main
• 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
• 51b8a0b add FUNDING.yml
• 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
• f814a7f [Dev Deps] backport from main
• Additional commits viewable in compare view

Updates react-devtools-core from 4.8.2 to 4.24.0

Commits

• See full diff in compare view

Updates serve-static from 1.14.1 to 1.16.2

Release notes

Sourced from serve-static's releases.

1.16.0

What's Changed

• Remove link renderization in html while redirecting (expressjs/serve-static#173)

New Contributors

• @​UlisesGascon made their first contribution in expressjs/serve-static#173

Full Changelog: expressjs/serve-static@v1.15.0...1.16.0

1.15.0

• deps: [email protected]
  • Fix emitted 416 error missing headers property
  • Limit the headers removed for 304 response
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]

1.14.2

• deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • pref: ignore empty http tokens

Changelog

Sourced from serve-static's changelog.

1.16.2 / 2024-09-11

• deps: encodeurl@~2.0.0

1.16.1 / 2024-09-11

• deps: [email protected]

1.16.0 / 2024-09-10

• Remove link renderization in html while redirecting

1.15.0 / 2022-03-24

• deps: [email protected]
  • Fix emitted 416 error missing headers property
  • Limit the headers removed for 304 response
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]

1.14.2 / 2021-12-15

• deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • pref: ignore empty http tokens

Commits

• ec9c5ec 1.16.2
• f454d37 fix(deps): encodeurl@~2.0.0
• 77a8255 1.16.1
• 4263f49 fix(deps): [email protected]
• 48c7397 1.16.0
• 0c11fad Merge commit from fork
• 9b5a12a 1.15.0
• a39a0df docs: update CI link
• d702ea2 build: [email protected]
• ff1510a deps: [email protected]
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for serve-static since your current version.

Updates tmpl from 1.0.4 to 1.0.5

Commits

• See full diff in compare view

Updates word-wrap from 1.2.3 to 1.2.5

Release notes

Sourced from word-wrap's releases.

1.2.5

Changes:

Reverts default value for options.indent to two spaces ' '.

Full Changelog: jonschlinkert/word-wrap@1.2.4...1.2.5

1.2.4

What's Changed

• Remove default indent by @​mohd-akram in jonschlinkert/word-wrap#24
• 🔒fix: CVE 2023 26115 (2) by @​OlafConijn in jonschlinkert/word-wrap#41
• 🔒 fix: CVE-2023-26115 by @​aashutoshrathi in jonschlinkert/word-wrap#33
• chore: publish workflow by @​OlafConijn in jonschlinkert/word-wrap#42

New Contributors

• @​mohd-akram made their first contribution in jonschlinkert/word-wrap#24
• @​OlafConijn made their first contribution in jonschlinkert/word-wrap#41
• @​aashutoshrathi made their first contribution in jonschlinkert/word-wrap#33

Full Changelog: jonschlinkert/word-wrap@1.2.3...1.2.4

Commits

• 207044e 1.2.5
• 9894315 revert default indent
• f64b188 run verb to generate README
• 03ea082 Merge pull request #42 from jonschlinkert/chore/publish-workflow
• 420dce9 Merge pull request #41 from jonschlinkert/fix/CVE-2023-26115-2
• bfa694e Update .github/workflows/publish.yml
• ace0b3c chore: bump version to 1.2.4
• 6fd7275 chore: add publish workflow
• 30d6daf chore: fix test
• 655929c chore: remove package-lock
• Additional commits viewable in compare view

Updates ws from 1.1.5 to 6.2.3

Release notes

Sourced from ws's releases.

6.2.3

Bug fixes

• Backported e55e5106 to the 6.x release line (eeb76d31).

6.2.2

Bug fixes

• Backported 00c425ec to the 6.x release line (78c676d2).

6.2.1

Bug fixes

• Fixed a bug that, under certain circumstances, prevented the close timer from being set (aa1dcd5).

6.2.0

Features

• Added ability to follow redirects (#1490).

Bug fixes

• The opening handshake is now aborted if the Sec-WebSocket-Key header field value is invalid (160af45b).

6.1.4

Bug fixes

• Fixed an issue that caused the Host header to always include a port (#1510).

6.1.3

Bug fixes

• Fixed a bug that, under certain circumstances, prevented the close frame from being parsed (#1494).

6.1.2

Bug fixes

• Restored compatibility with Node.js < 6.13.0 (26436e0).

6.1.1

Bug fixes

• Queued messages to send are now discarded if the permessage-deflate is enabled and the socket closes prematurely (#1464,