restful-react
restful-react copied to clipboard
contiamo
A consistent, declarative way of interacting with RESTful backends, featuring code-generation from Swagger and OpenAPI specs 🔥
Bumps [terser](https://github.com/terser/terser) from 4.6.3 to 4.8.1. Changelog Sourced from terser's changelog. v4.8.1 (backport) Security fix for RegExps that should not be evaluated (regexp DDOS) v4.8.0 Support for numeric separators (million...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [shell-quote](https://github.com/substack/node-shell-quote) from 1.7.2 to 1.7.3. Changelog Sourced from shell-quote's changelog. 1.7.3 Fix a security issue where the regex for windows drive letters allowed some shell meta-characters to escape the...
Bumps [ws](https://github.com/websockets/ws) from 5.2.2 to 5.2.3. Release notes Sourced from ws's releases. 5.2.3 Bug fixes Backported 00c425ec to the 5.x release line (76d47c14). Commits 6dd88e7 [dist] 5.2.3 76d47c1 [security] Fix...
# Why Addresses issues https://github.com/contiamo/restful-react/issues/385 and https://github.com/contiamo/restful-react/issues/393
The version of ibm-openapi-validator that restful-react is using has a dependency to yaml-js, which is unsecured.
Bumps [urijs](https://github.com/medialize/URI.js) from 1.19.7 to 1.19.11. Release notes Sourced from urijs's releases. 1.19.11 (April 3rd 2022) SECURITY fixing URI.parse() handle excessive slashes in scheme-relative URLs - disclosed by zeyu2001 via...
**Is your feature request related to a problem? Please describe.** Sometimes, the response from an API we wish to use is some media type that can't easily be parsed into...
Bumps [lodash-es](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...
Bumps [shelljs](https://github.com/shelljs/shelljs) from 0.8.3 to 0.8.5. Release notes Sourced from shelljs's releases. v0.8.5 This was a small security fix for #1058. v0.8.4 Small patch release to fix a circular dependency...
**Describe the bug** The library uses "ibm-openapi-validator" and "swagger2openapi" as dependencies which give security vulnerabilities in transitive dependencies **To Reproduce** Steps to reproduce the behavior: 1. Go to '...' 2....
