mirror of
https://github.com/facebook/sapling.git
synced 2024-10-07 15:27:13 +03:00
12768908eb
Summary: Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/json5/json5/releases">json5's releases</a>.</em></p> <blockquote> <h2>v1.0.2</h2> <ul> <li>Fix: Properties with the name <code>__proto__</code> are added to objects and arrays. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/199">https://github.com/facebook/sapling/issues/199</a>) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (<a href="https://github-redirect.dependabot.com/json5/json5/issues/295">https://github.com/facebook/sapling/issues/295</a>). This has been backported to v1. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/298">https://github.com/facebook/sapling/issues/298</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/json5/json5/blob/main/CHANGELOG.md">json5's changelog</a>.</em></p> <blockquote> <h3>Unreleased [<a href="https://github.com/json5/json5/tree/main">code</a>, <a href="https://github.com/json5/json5/compare/v2.2.3...HEAD">diff</a>]</h3> <h3>v2.2.3 [<a href="https://github.com/json5/json5/tree/v2.2.3">code</a>, <a href="https://github.com/json5/json5/compare/v2.2.2...v2.2.3">diff</a>]</h3> <ul> <li>Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/299">https://github.com/facebook/sapling/issues/299</a>)</li> </ul> <h3>v2.2.2 [<a href="https://github.com/json5/json5/tree/v2.2.2">code</a>, <a href="https://github.com/json5/json5/compare/v2.2.1...v2.2.2">diff</a>]</h3> <ul> <li>Fix: Properties with the name <code>__proto__</code> are added to objects and arrays. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/199">https://github.com/facebook/sapling/issues/199</a>) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (<a href="https://github-redirect.dependabot.com/json5/json5/issues/295">https://github.com/facebook/sapling/issues/295</a>).</li> </ul> <h3>v2.2.1 [<a href="https://github.com/json5/json5/tree/v2.2.1">code</a>, <a href="https://github.com/json5/json5/compare/v2.2.0...v2.2.1">diff</a>]</h3> <ul> <li>Fix: Removed dependence on minimist to patch CVE-2021-44906. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/266">https://github.com/facebook/sapling/issues/266</a>)</li> </ul> <h3>v2.2.0 [<a href="https://github.com/json5/json5/tree/v2.2.0">code</a>, <a href="https://github.com/json5/json5/compare/v2.1.3...v2.2.0">diff</a>]</h3> <ul> <li>New: Accurate and documented TypeScript declarations are now included. There is no need to install <code>types/json5</code>. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/236">https://github.com/facebook/sapling/issues/236</a>, <a href="https://github-redirect.dependabot.com/json5/json5/issues/244">https://github.com/facebook/sapling/issues/244</a>)</li> </ul> <h3>v2.1.3 [<a href="https://github.com/json5/json5/tree/v2.1.3">code</a>, <a href="https://github.com/json5/json5/compare/v2.1.2...v2.1.3">diff</a>]</h3> <ul> <li>Fix: An out of memory bug when parsing numbers has been fixed. (<a href="https://github-redirect.dependabot.com/json5/json5/issues/228">https://github.com/facebook/sapling/issues/228</a>, <a href="https://github-redirect.dependabot.com/json5/json5/issues/229">https://github.com/facebook/sapling/issues/229</a>)</li> </ul> <h3>v2.1.2 [<a href="https://github.com/json5/json5/tree/v2.1.2">code</a>, <a href="https://github.com/json5/json5/compare/v2.1.1...v2.1.2">diff</a>]</h3> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
---|---|---|
.. | ||
.vscode | ||
eslint-rules | ||
isl | ||
isl-server | ||
reviewstack | ||
reviewstack.dev | ||
shared | ||
textmate | ||
vscode | ||
.eslintrc.js | ||
.gitignore | ||
.prettierignore | ||
.prettierrc | ||
LICENSE | ||
package.json | ||
verify-addons-folder.py | ||
yarn.lock |