Title: Bump tough-cookie and @azure/ms-rest-js by dependabot[bot] · Pull Request #4 · fevrin/setup-python · GitHub
Open Graph Title: Bump tough-cookie and @azure/ms-rest-js by dependabot[bot] · Pull Request #4 · fevrin/setup-python
X Title: Bump tough-cookie and @azure/ms-rest-js by dependabot[bot] · Pull Request #4 · fevrin/setup-python
Description: Bumps tough-cookie and @azure/ms-rest-js. These dependencies needed to be updated together.
Updates tough-cookie from 4.0.0 to 4.1.3
Release notes
Sourced from tough-cookie's releases.
4.1.3
Security fix for Prototype Pollution discovery in #282. This is a minor release, although output from the inspect utility is affected by this change, we felt this change was important enough to be pushed into the next patch.
4.1.2 -- Patch and Bugfix Release
What's Changed
fix: allow set cookies with localhost by @colincasey in salesforce/tough-cookie#253
Full Changelog: salesforce/tough-cookie@v4.1.1...v4.1.2
4.1.1
Patch Release
What's Changed
fix: allow special use domains by default by @colincasey in salesforce/tough-cookie#249
4.1.1 Patch -- allow special use domains by default by @awaterma in salesforce/tough-cookie#250
Full Changelog: salesforce/tough-cookie@v4.1.0...v4.1.1
4.1.0
v4.1.0
Minor release, focused mainly on resolving reported issues and some minor feature work.
What's Changed
Create CHANGELOG.md by @ShivanKaul in salesforce/tough-cookie#189
Missing param validation issue145 by @medelibero-sfdc in salesforce/tough-cookie#193
Create SECURITY.md by @ShivanKaul in salesforce/tough-cookie#201
Create CODE_OF_CONDUCT.md by @ShivanKaul in salesforce/tough-cookie#200
Fix for issue #195 by @medelibero-sfdc in salesforce/tough-cookie#202
Add explanation and more special-use domains by @ShivanKaul in salesforce/tough-cookie#203
Sync of constructor options for serialization by @medelibero-sfdc in salesforce/tough-cookie#204
Returned null in case of empty cookie value by @vsin12 in salesforce/tough-cookie#196
132 str trim not a function by @awaterma in salesforce/tough-cookie#209
Fix for issue #153 by @medelibero-sfdc in salesforce/tough-cookie#210
Fix permuteDomain with trailing dot by @ruoho-sfdc in salesforce/tough-cookie#216
Issue #213 -- added gh-actions flow for building and testing tough-co… by @awaterma in salesforce/tough-cookie#218
Issue #210 -- Updated workflow to use npm install. by @awaterma in salesforce/tough-cookie#220
@GH-215 -- Tests that document localhost behavior when set as domain. by @awaterma in salesforce/tough-cookie#221
fix: MemoryCookieStore methods should exist on the prototype, not on the class. by @wjhsf in salesforce/tough-cookie#226
Unit test cases for allowSpecialUseDomain option by @colincasey in salesforce/tough-cookie#225
[Snyk] Upgrade universalify from 0.1.2 to 0.2.0 by @snyk-bot in salesforce/tough-cookie#228
React Native Support by @colincasey in salesforce/tough-cookie#227
Adding Updating CODEOWNERS with ECCN as per Export Control Compliance by @svc-scm in salesforce/tough-cookie#223
fix: domain match routine by @colincasey in salesforce/tough-cookie#236
Stop using the internal NodeJS punycode module by @gboer in salesforce/tough-cookie#238
Initial documentation review by @mcarey86 in salesforce/tough-cookie#234
fix: distinguish between no samesite and samesite=none by @colincasey in salesforce/tough-cookie#240
Prepare tough-cookie 4.1 for publishing (updated GitHub actions, move… by @awaterma in salesforce/tough-cookie#242
4.1.0 release to NPM by @awaterma in salesforce/tough-cookie#245
... (truncated)
Commits
4ff4d29 4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)
12d4747 Prevent prototype pollution in cookie memstore (#283)
f06b72d Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...
b1a8898 fix: allow set cookies with localhost (#253)
ec70796 4.1.1 Patch -- allow special use domains by default (#250)
d4ac580 fix: allow special use domains by default (#249)
79c2f7d 4.1.0 release to NPM (#245)
4fafc17 Prepare tough-cookie 4.1 for publishing (updated GitHub actions, move Dockerf...
aa4396d fix: distinguish between no samesite and samesite=none (#240)
b8d7511 Modernize README (#234)
Additional commits viewable in compare view
Updates @azure/ms-rest-js from 2.6.0 to 2.7.0
Changelog
Sourced from @azure/ms-rest-js's changelog.
2.7.0 - (2023-07-06)
Remove cookie support from nodeFetchHttpClient to address a security issue with the tough-cookie package.
2.6.6 - (2023-04-10)
Update dependency xml2js version to ^0.5.0.
2.6.5 - (2023-02-09)
Add Microsoft SECURITY.md
2.6.4 - (2022-11-15)
Wrap Trusted Types policy-creation in a try/catch.
2.6.2 - (2022-07-28)
Address Trusted Types compliance issue.
2.6.1 - (2022-01-25)
Fix a security issue with CVE-2022-0235 by upgrade node-fetch (PR 459)
Commits
See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show
Open Graph Description: Bumps tough-cookie and @azure/ms-rest-js. These dependencies needed to be updated together. Updates tough-cookie from 4.0.0 to 4.1.3 Release notes Sourced from tough-cookie's releases. 4.1.3 ...
X Description: Bumps tough-cookie and @azure/ms-rest-js. These dependencies needed to be updated together. Updates tough-cookie from 4.0.0 to 4.1.3 Release notes Sourced from tough-cookie's releases. 4....
Opengraph URL: https://github.com/fevrin/setup-python/pull/4
X: @github
Domain: github.com
| route-pattern | /:user_id/:repository/pull/:id/files(.:format) |
| route-controller | pull_requests |
| route-action | files |
| fetch-nonce | v2:6fab77ee-83ed-b79c-3463-21695c317c2a |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | AAE0:11D220:CC37A:10DA6E:6A5181A6 |
| html-safe-nonce | 6a4d14abac08516f93dddff31336b95a9c3674573baccb6a921caeadf3f60d28 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJBQUUwOjExRDIyMDpDQzM3QToxMERBNkU6NkE1MTgxQTYiLCJ2aXNpdG9yX2lkIjoiNzExMDAxODU0MTUyOTY5NDYzMCIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9 |
| visitor-hmac | c9293bc002d1cace46b91d35136936ce8b53ef1ed30109ac2d9f05e4c9693e50 |
| hovercard-subject-tag | pull_request:1821317146 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/fevrin/setup-python/pull/4/files |
| twitter:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| twitter:card | summary_large_image |
| og:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| og:image:alt | Bumps tough-cookie and @azure/ms-rest-js. These dependencies needed to be updated together. Updates tough-cookie from 4.0.0 to 4.1.3 Release notes Sourced from tough-cookie's releases. 4.1.3 ... |
| og:site_name | GitHub |
| og:type | object |
| hostname | github.com |
| expected-hostname | github.com |
| None | b9a586c06a05a7a86fc7e3f4dbd03e42f6869085879aa184aa6369456dbd50fb |
| turbo-cache-control | no-preview |
| diff-view | unified |
| go-import | github.com/fevrin/setup-python git https://github.com/fevrin/setup-python.git |
| octolytics-dimension-user_id | 5051062 |
| octolytics-dimension-user_login | fevrin |
| octolytics-dimension-repository_id | 599257532 |
| octolytics-dimension-repository_nwo | fevrin/setup-python |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | true |
| octolytics-dimension-repository_parent_id | 192625525 |
| octolytics-dimension-repository_parent_nwo | actions/setup-python |
| octolytics-dimension-repository_network_root_id | 192625525 |
| octolytics-dimension-repository_network_root_nwo | actions/setup-python |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | true |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | d01c62704ef24df49056c63892a149b775e1353d |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width