engineering
engineering copied to clipboard
zoubin
技术总结
Bumps [minimist](https://github.com/minimistjs/minimist) to 1.2.8 and updates ancestor dependency [tap](https://github.com/tapjs/node-tap). These dependencies need to be updated together. Updates `minimist` from 0.0.8 to 1.2.8 Changelog Sourced from minimist's changelog. v1.2.8 - 2023-02-09...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [activesupport](https://github.com/rails/rails) from 6.0.3.6 to 6.0.6.1. Release notes Sourced from activesupport's releases. v6.0.6.1 Active Support No changes. Active Model No changes. Active Record Make sanitize_as_sql_comment more strict Though this method...
Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (#428) [Fix] utils.merge: avoid a crash with a null target and a truthy...
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2. Release notes Sourced from decode-uri-component's releases. v0.2.2 Prevent overwriting previously decoded tokens 980e0bf https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2 v0.2.1 Switch to GitHub workflows 76abc93 Fix issue where decode...
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.2 to 1.13.9. Release notes Sourced from nokogiri's releases. 1.13.9 / 2022-10-18 Security [CRuby] Vendored libxml2 is updated to address CVE-2022-2309, CVE-2022-40304, and CVE-2022-40303. See GHSA-2qc6-mcvw-92cw for...
Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.7.0 to 2.8.1. Changelog Sourced from addressable's changelog. Addressable 2.8.1 refactor Addressable::URI.normalize_path to address linter offenses (#430) remove redundant colon in Addressable::URI::CharacterClasses::AUTHORITY regex (#438) update gemspec to...
Bumps [tzinfo](https://github.com/tzinfo/tzinfo) from 1.2.9 to 1.2.10. Release notes Sourced from tzinfo's releases. v1.2.10 Fixed a relative path traversal bug that could cause arbitrary files to be loaded with require when...
