René's URL Explorer Experiment

Title: fix(deps): update dependency debug to v4.3.1 [security] by renovate[bot] · Pull Request #226 · 142vip/JavaScriptCollection · GitHub

Open Graph Title: fix(deps): update dependency debug to v4.3.1 [security] by renovate[bot] · Pull Request #226 · 142vip/JavaScriptCollection

X Title: fix(deps): update dependency debug to v4.3.1 [security] by renovate[bot] · Pull Request #226 · 142vip/JavaScriptCollection

Description: This PR contains the following updates: Package Change Age Adoption Passing Confidence debug 4.0.0 -> 4.3.1 WarningSome dependencies could not be looked up. Check the Dependency Dashboard for more information. GitHub Vulnerability Alerts CVE-2017-16137 Affected versions of debug are vulnerable to regular expression denial of service when untrusted user input is passed into the o formatter. As it takes 50,000 characters to block the event loop for 2 seconds, this issue is a low severity issue. This was later re-introduced in version v3.2.0, and then repatched in versions 3.2.7 and 4.3.1. Recommendation Version 2.x.x: Update to version 2.6.9 or later. Version 3.1.x: Update to version 3.1.0 or later. Version 3.2.x: Update to version 3.2.7 or later. Version 4.x.x: Update to version 4.3.1 or later. Release Notes debug-js/debug (debug) v4.3.1 Compare Source Patch release 4.3.1 Fixes a ReDOS regression (#​458) - see #​797 for details. v4.3.0 Compare Source Minor release Deprecated debugInstance.destroy(). Future major versions will not have this method; please remove it from your codebases as it currently does nothing. Fixed quoted percent sign Fixed memory leak within debug instances that are created dynamically v4.2.0 Compare Source Minor Release Replaced phantomJS with chrome backend for browser tests Deprecated and later removed Changelog.md in lieu of releases page Removed bower.json (#​602) Removed .eslintrc (since we've switched to XO) Removed .coveralls.yml Removed the build system that was in place for various alternate package managers Removed the examples folder (#​650) Switched to console.debug in the browser only when it is available (#​600) Copied custom logger to namespace extension (#​646) Added issue and pull request templates Added "engines" key to package.json Added ability to control selectColor (#​747) Updated dependencies Marked supports-color as an optional peer dependency v4.1.1 Compare Source This backport fixes a bug in coveralls configuration as well as the .extend() function. Patches test: only run coveralls on travis (#​663, #​664, d0e498f) copy custom logger to namespace extension (#​646, 57ef085) v4.1.0 Compare Source Minor Changes migrate Makefile to npm scripts (4236585) feat: Return namespaces string when invoking disable() (7ef8b41) Massive thank you to @​mblarsen and @​outsideris for knocking out two long-awaited changes. v4.0.1 Compare Source This patch restores browserify functionality as well as keeping the intended functionality with Unpkg.com. Patches fix browserify and supply alternative unpkg entry point (closes #​606): 99c95e3 Configuration 📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied. ♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. If you want to rebase/retry this PR, check this box This PR was generated by Mend Renovate. View the repository job log.

Open Graph Description: This PR contains the following updates: Package Change Age Adoption Passing Confidence debug 4.0.0 -> 4.3.1 WarningSome dependencies could not be looked up. Check the Dependency D...

X Description: This PR contains the following updates: Package Change Age Adoption Passing Confidence debug 4.0.0 -> 4.3.1 WarningSome dependencies could not be looked up. Check the Dependen...

Opengraph URL: https://github.com/142vip/JavaScriptCollection/pull/226

X: @github

direct link

Domain: github.com

Links:

Viewport: width=device-width