libra-core

libra-core copied to clipboard

Bumps [moment](https://github.com/moment/moment) from 2.24.0 to 2.29.4. Changelog Sourced from moment's changelog. 2.29.4 Release Jul 6, 2022 #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex 2.29.3 Full changelog Release Apr 17, 2022...

dependabot[bot]

Bumps [protobufjs](https://github.com/protobufjs/protobuf.js) from 6.8.8 to 6.11.3. Release notes Sourced from protobufjs's releases. v6.11.3 6.11.3 (2022-05-20) Bug Fixes deps: use eslint 8.x (#1728) (a8681ce) do not let setProperty change the prototype...

dependabot[bot]

Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.10.0 to 6.12.6. Release notes Sourced from ajv's releases. v6.12.6 Fix performance issue of "url" format. v6.12.5 Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords...

dependabot[bot]

Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [set-getter](https://github.com/doowb/set-getter) from 0.1.0 to 0.1.1. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

Bumps [striptags](https://github.com/ericnorris/striptags) from 3.1.1 to 3.2.0. Release notes Sourced from striptags's releases. v3.2.0 This release fixes a potential type confusion vulnerability when passing in a non-string argument to the function....

dependabot[bot]

Bumps [grpc](https://github.com/grpc/grpc-node) from 1.21.1 to 1.24.9. Release notes Sourced from grpc's releases. Node gRPC v1.24.7 Log just serialization and deserialization errors on the server, instead of logging all errors with...

dependabot[bot]

Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.7.1 to 2.8.9. Changelog Sourced from hosted-git-info's changelog. 2.8.9 (2021-04-07) Bug Fixes backport regex fix from #76 (29adfe5), closes #84 2.8.8 (2020-02-29) Bug Fixes #61 & #65...

dependabot[bot]

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.21. Commits f299b52 Bump to v4.17.21 c4847eb Improve performance of toNumber, trim and trimEnd on large input strings 3469357 Prevent command injection through _.template's variable...

dependabot[bot]