Title: Bump jsonpath-plus from 10.0.1 to 10.2.0 in the npm-security-updates group across 1 directory by dependabot[bot] · Pull Request #2762 · secureCodeBox/secureCodeBox · GitHub
Open Graph Title: Bump jsonpath-plus from 10.0.1 to 10.2.0 in the npm-security-updates group across 1 directory by dependabot[bot] · Pull Request #2762 · secureCodeBox/secureCodeBox
X Title: Bump jsonpath-plus from 10.0.1 to 10.2.0 in the npm-security-updates group across 1 directory by dependabot[bot] · Pull Request #2762 · secureCodeBox/secureCodeBox
Description: Bumps the npm-security-updates group with 1 update in the / directory: jsonpath-plus.
Updates jsonpath-plus from 10.0.1 to 10.2.0
Changelog
Sourced from jsonpath-plus's changelog.
10.2.0
fix(eval): improve security of safe-eval (#233)
chore: update deps. and devDeps.
10.1.0
feat: add typeof operator to safe script
10.0.7
fix(security): prevent constructor access
docs: add security policy file
10.0.6
fix(security): prevent call/apply invocation of Function
10.0.5
fix: remove overly aggressive disabling of native functions but
disallow __proto__
10.0.4
fix(security): further prevent binding of Function calls which may evade detection
10.0.3
fix(security): prevent binding of Function calls which may evade detection
10.0.2
fix(security): prevent Function calls outside of member expressions
Commits
8e4acf8 chore: bump version
f0708a4 chore: update deps. and devDeps.
0bfda55 build(deps): bump @eslint/plugin-kit from 0.2.0 to 0.2.3 (#234)
73ad72e fix(eval): improve security of safe-eval (#233)
93612a3 chore: bump version
4a16cbd feat: add undefined, null literals to safe script
f119fe3 feat: add typeof operator to safe script
b70aa71 fix(security): prevent constructor access in safe vm
763ada0 fix(security): prevent call/apply invocation of Function
98a6b22 fix: remove overly aggressive disabling of native functions but disallow `__p...
Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show
Open Graph Description: Bumps the npm-security-updates group with 1 update in the / directory: jsonpath-plus. Updates jsonpath-plus from 10.0.1 to 10.2.0 Changelog Sourced from jsonpath-plus's changelog. 10.2.0 fix...
X Description: Bumps the npm-security-updates group with 1 update in the / directory: jsonpath-plus. Updates jsonpath-plus from 10.0.1 to 10.2.0 Changelog Sourced from jsonpath-plus's changelog. 10.2.0 ...
Opengraph URL: https://github.com/secureCodeBox/secureCodeBox/pull/2762
X: @github
Domain: github.com
| route-pattern | /:user_id/:repository/pull/:id/checks(.:format) |
| route-controller | pull_requests |
| route-action | checks |
| fetch-nonce | v2:52809eb3-86df-3950-6739-9de1c88a7ac8 |
| current-catalog-service-hash | 87dc3bc62d9b466312751bfd5f889726f4f1337bdff4e8be7da7c93d6c00a25a |
| request-id | 80B8:1F7AEB:19A6393:2074EB4:69917E74 |
| html-safe-nonce | 6baa9a0f6c85b5338cf13528d5b13e3729f405960699f6771ed6a8862d21233f |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiI4MEI4OjFGN0FFQjoxOUE2MzkzOjIwNzRFQjQ6Njk5MTdFNzQiLCJ2aXNpdG9yX2lkIjoiNDAxMzMxOTcyMzUwNDcyOTcxNiIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9 |
| visitor-hmac | 5cab9c966861ac6324d80e0a9ea7d43da46383aa8ff94c3957c199d152b884c2 |
| hovercard-subject-tag | pull_request:2184689630 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,checks,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/secureCodeBox/secureCodeBox/pull/2762/checks |
| twitter:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| twitter:card | summary_large_image |
| og:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| og:image:alt | Bumps the npm-security-updates group with 1 update in the / directory: jsonpath-plus. Updates jsonpath-plus from 10.0.1 to 10.2.0 Changelog Sourced from jsonpath-plus's changelog. 10.2.0 fix... |
| og:site_name | GitHub |
| og:type | object |
| hostname | github.com |
| expected-hostname | github.com |
| None | 42c603b9d642c4a9065a51770f75e5e27132fef0e858607f5c9cb7e422831a7b |
| turbo-cache-control | no-preview |
| go-import | github.com/secureCodeBox/secureCodeBox git https://github.com/secureCodeBox/secureCodeBox.git |
| octolytics-dimension-user_id | 34573705 |
| octolytics-dimension-user_login | secureCodeBox |
| octolytics-dimension-repository_id | 80711933 |
| octolytics-dimension-repository_nwo | secureCodeBox/secureCodeBox |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 80711933 |
| octolytics-dimension-repository_network_root_nwo | secureCodeBox/secureCodeBox |
| turbo-body-classes | logged-out env-production page-responsive full-width full-width-p-0 |
| disable-turbo | false |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 848bc6032dcc93a9a7301dcc3f379a72ba13b96e |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width