jinx icon indicating copy to clipboard operation
jinx copied to clipboard
verified publisher icon juxt

Bump uri from 1.1.0 to 1.14.120

Open dependabot[bot] opened this issue 2 years ago • 0 comments

Bumps uri from 1.1.0 to 1.14.120.

Release notes

Sourced from uri's releases.

v1.14.120

Fixed

  • Treat a backslash in the authority section as a delimiter which starts the path section (CVE-2023-28628, with thanks to @​luigigubello for the report)

v1.13.95

Fixed

  • Fix a stack overflow in normalize/char-seq for really large query parameter values
Changelog

Sourced from uri's changelog.

1.14.120 (2023-03-27 / a1da1b7)

Fixed

  • Treat a backslash in the authority section as a delimiter which starts the path section (CVE-2023-28628, with thanks to @​luigigubello for the report)

1.13.95 (2022-01-28 / a9cbeff)

Fixed

  • Fix a stack overflow in normalize/char-seq for really large query parameter values

1.12.89 (2021-11-29 / 2118a75)

Changed

  • Support toString on Babashka (requires recent bb)

1.11.86 (2021-10-28 / 22c27af)

Fixed

  • Fixed an issue in lambdaisland.uri.normalize/normalize-query which did not take into account utf-16 encoding.

1.10.79 (2021-10-12 / d90c6a8)

Changed

  • lambdaisland.uri.normalize/normalize now also normalizes the fragment.

1.4.74 (2021-09-06 / e07f9fd)

Added

  • uri-str as an explicit lambdaisland.uri.URI to string conversion

Fixed

  • Fixed compatibility with Babashka/SCI. Note that on babashka we can't implement IFn or toString, so converting a URI back to a string needs to be done explicitly with uri-str, and it is not possible to use a URI as a function. ((:path uri) is ok, (uri :path) is not).

1.4.70 (2021-05-31 / 76999dc)

Added

... (truncated)

Commits
  • 416ba61 # 1.14.120 (2023-03-27 / a1da1b7)
  • a1da1b7 Bump tooling and test dependencies
  • 75351af More repl sessions
  • f46db3e Merge pull request from GHSA-cp4w-6x4w-v2h5
  • 67063ed Treat a backslash in the authority section as part of the path
  • d3355fc Poke more
  • a316751 Merge pull request #39 from lambdaisland/laurence/fix-README-bug-on-using-domain
  • d9ec7ff fix README
  • 173b91e Merge pull request #38 from lambdaisland/alysbrooks-bump-ci
  • 278540e Pin Babashka for tests for now
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

dependabot[bot] avatar Mar 27 '23 22:03 dependabot[bot]