learn_eth

learn_eth copied to clipboard

Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.3.0 to 1.4.4. Release notes Sourced from rails-html-sanitizer's releases. 1.4.4 / 2022-12-13 Address inefficient regular expression complexity with certain configurations of Rails::Html::Sanitizer. Fixes CVE-2022-23517. See GHSA-5x79-w82f-gw8w for...

dependabot[bot]

Bumps [loofah](https://github.com/flavorjones/loofah) from 2.5.0 to 2.19.1. Release notes Sourced from loofah's releases. 2.19.1 / 2022-12-13 Security Address CVE-2022-23514, inefficient regular expression complexity. See GHSA-486f-hjj9-9vhh for more information. Address CVE-2022-23515, improper...

dependabot[bot]

Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.18.2. Release notes Sourced from express's releases. 4.18.2 Fix regression routing a large stack in a single route deps: [email protected] deps: [email protected] perf: remove unnecessary...

dependabot[bot]

Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.18.2. Release notes Sourced from express's releases. 4.18.2 Fix regression routing a large stack in a single route deps: [email protected] deps: [email protected] perf: remove unnecessary...

dependabot[bot]

Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (#428) [Fix] utils.merge: avoid a crash with a null target and a truthy...

dependabot[bot]

Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (#428) [Fix] utils.merge: avoid a crash with a null target and a truthy...

dependabot[bot]

Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode...

dependabot[bot]

Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode...

dependabot[bot]

Bumps [loader-utils](https://github.com/webpack/loader-utils) to 2.0.4 and updates ancestor dependency [react-scripts](https://github.com/facebook/create-react-app/tree/HEAD/packages/react-scripts). These dependencies need to be updated together. Updates `loader-utils` from 1.2.3 to 2.0.4 Release notes Sourced from loader-utils's releases. v2.0.4 2.0.4...

dependabot[bot]

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.9 to 1.13.9. Release notes Sourced from nokogiri's releases. 1.13.9 / 2022-10-18 Security [CRuby] Vendored libxml2 is updated to address CVE-2022-2309, CVE-2022-40304, and CVE-2022-40303. See GHSA-2qc6-mcvw-92cw for...

dependabot[bot]