• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• ded9bc6 Bump to v4.17.20.
• 63150ef Documentation fixes.
• 00f0f62 test.js: Remove trailing comma.
• 846e434 Temporarily use a custom fork of lodash-cli.
• 5d046f3 Re-enable Travis tests on 4.17 branch.
• aa816b3 Remove /npm-package.
• d7fbc52 Bump to v4.17.19
• Additional commits viewable in compare view

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Sourced from request's changelog.

Change Log

• See full diff in compare view

Sourced from @​babel/traverse's releases.

v7.26.4 (2024-12-05)

↩️ Revert

• babel-traverse
  • #17005 Revert "perf: Improve scope information collection performance" (@​JLHwung)

Committers: 2

• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)

v7.26.3 (2024-12-04)

🐛 Bug Fix

• babel-generator
  • #16958 [preserveFormat] force semicolons when invalidating ASI (@​nicolo-ribaudo)

🏠 Internal

• babel-helper-builder-binary-assignment-operator-visitor, babel-plugin-transform-exponentiation-operator
  • #16895 Remove helper-builder-binary-assignment-operator-visitor (@​nicolo-ribaudo)

🏃‍♀️ Performance

• babel-generator
  • #16959 perf: Reduce the use of temporary objects (@​liuxingbaoyu)
• babel-traverse
  • #16923 perf: Improve scope information collection performance (@​liuxingbaoyu)
  • #16964 perf: Avoid repeated traversal when creating scope (@​liuxingbaoyu)
• babel-plugin-transform-modules-commonjs
  • #16954 perf: Remove use of simplifyAccess (@​liuxingbaoyu)

Committers: 4

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu

v7.26.2 (2024-10-30)

🐛 Bug Fix

• babel-parser
  • #16903 fix: Parse placeholder for TS namespace (@​liuxingbaoyu)
  • #16937 fix: Account for offsets when creating new Position instances (@​DylanPiercey)
• babel-generator
  • #16948 Fix mapping of tokens with generated nodes in between (@​nicolo-ribaudo)

Committers: 6

• Babel Bot (@​babel-bot)
• Dylan Piercey (@​DylanPiercey)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu

... (truncated)

Sourced from @​babel/traverse's changelog.

v7.26.4 (2024-12-05)

↩️ Revert

• babel-traverse
  • #17005 Revert "perf: Improve scope information collection performance" (@​JLHwung)

v7.26.3 (2024-12-04)

🐛 Bug Fix

• babel-generator
  • #16958 [preserveFormat] force semicolons when invalidating ASI (@​nicolo-ribaudo)

🏠 Internal

• babel-helper-builder-binary-assignment-operator-visitor, babel-plugin-transform-exponentiation-operator
  • #16895 Remove helper-builder-binary-assignment-operator-visitor (@​nicolo-ribaudo)

🏃‍♀️ Performance

• babel-generator
  • #16959 perf: Reduce the use of temporary objects (@​liuxingbaoyu)
• babel-traverse
  • #16923 perf: Improve scope information collection performance (@​liuxingbaoyu)
  • #16964 perf: Avoid repeated traversal when creating scope (@​liuxingbaoyu)
• babel-plugin-transform-modules-commonjs
  • #16954 perf: Remove use of simplifyAccess (@​liuxingbaoyu)

v7.26.2 (2024-10-30)

🐛 Bug Fix

• babel-parser
  • #16903 fix: Parse placeholder for TS namespace (@​liuxingbaoyu)
  • #16937 fix: Account for offsets when creating new Position instances (@​DylanPiercey)
• babel-generator
  • #16948 Fix mapping of tokens with generated nodes in between (@​nicolo-ribaudo)

v7.26.1 (2024-10-25)

🐛 Bug Fix

• babel-parser
  • #16936 fix(parser): offset internal index locations by startIndex (@​DylanPiercey)

v7.26.0 (2024-10-25)

🚀 New Feature

• babel-core, babel-generator, babel-parser, babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes, babel-preset-env, babel-standalone, babel-types
  • #16850 Enable import attributes parsing by default (@​nicolo-ribaudo)
• babel-core
  • #16862 feat: support async plugin's pre/post (@​timofei-iatsenko)
• babel-compat-data, babel-plugin-proposal-regexp-modifiers, babel-plugin-transform-regexp-modifiers, babel-preset-env, babel-standalone
  • #16692 Add transform-regexp-modifiers to preset-env (@​JLHwung)
• babel-parser
  • #16849 feat: add startIndex parser option (@​DylanPiercey)
• babel-generator, babel-parser, babel-plugin-syntax-flow
  • #16841 Always enable parsing of Flow enums (@​nicolo-ribaudo)
• babel-helpers, babel-preset-typescript, babel-runtime-corejs3

... (truncated)

• cf7b9cd v7.26.4
• f33704a Revert "perf: Improve scope information collection performance" (#17005)
• 36ca8fa v7.26.3
• ded1571 perf: Improve scope information collection performance (#16923)
• 943bdfe perf: Avoid repeated traversal when creating scope (#16964)
• b07957e v7.25.9
• af91759 fix: Accidentally publishing useless files (#16917)
• 2533cfb v7.25.7
• 611d958 [babel 8] Create TSClassImplements|TSInterfaceHeritage nodes (#16731)
• 506bf91 Remove BABEL_TYPES_8_BREAKING flag and enable it by default (#16817)
• Additional commits viewable in compare view

Sourced from browserslist's releases.

4.24.3

• Updated Firefox ESR (by @​fpapado).

4.24.2

• Clarify outdated caniuse-lite warning text.

4.24.1

• Added months since last caniuse-lite update to the warning (by @​mezhnin).

4.24.0

• Added browserslist.findConfigFile() helper (by @​JLHwung).

4.23.3

• Fixed >= query for ios (by @​syi0808).

4.23.2

• Updated Firefox ESR.

4.23.1

• Fixed feature query with mobile to desktop when caniuse lags (by @​steverep).

4.23.0

• Added BROWSERSLIST_ROOT_PATH (by @​teleclimber).

Sourced from browserslist's changelog.

4.24.3

• Updated Firefox ESR (by @​fpapado).

4.24.2

• Clarify outdated caniuse-lite warning text.

4.24.1

• Added months since last caniuse-lite update to the warning (by @​mezhnin).

4.24.0

• Added browserslist.findConfigFile() helper (by @​JLHwung).

4.23.3

• Fixed >= query for ios (by @​syi0808).

4.23.2

• Updated Firefox ESR.

4.23.1

• Fixed feature query with mobile to desktop when caniuse lags (by @​steverep).

4.23.0

• Added BROWSERSLIST_ROOT_PATH (by @​teleclimber).

4.22.3

• Fixed white spaces support in supports query (@​g-plane).
• Fixed shared config like @company/package/browserslist-config (@​boucodes).

4.22.2

• Fixed idempotency in time queries with mobileToDesktop (by Aliaksei Sapach).

4.22.1

• Updated Firefox ESR (by @​lerkor).

4.22

• Added fully supports query (by Ben Scott).
• Added partially supports alias for supports query (by Ben Scott).

4.21.11

• Added warning to --update-db to move to new CLI (by Ivan Vasilev).
• Fixed docs (by Tatsunori Uchino).

4.21.10

• Updated Firefox ESR.

4.21.9

• Fixed Opera Mobile edge cases (by Steve Repsher).

4.21.8

• Fixed supports query and mobileToDesktop (by Steve Repsher).

... (truncated)

• 958d62e Release 4.24.3 version
• 4e1bfff Update dependencies
• 6f5a4fc Update Firefox ESR versions (#858)
• df1d063 Bump nanoid from 5.0.7 to 5.0.9 (#856)
• d80b676 Bump cross-spawn from 7.0.3 to 7.0.5 (#854)
• 119cc9f Fix typo in README (#853)
• aeb283c Bump @​eslint/plugin-kit from 0.2.1 to 0.2.3 (#852)
• 065c69b Release 4.24.2 version
• c30a4b5 More clear warning text
• 8fbb304 Release 4.24.1 version
• Additional commits viewable in compare view

• See full diff in compare view

Sourced from decode-uri-component's releases.

v0.2.2

• Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

• Switch to GitHub workflows 76abc93
• Fix issue where decode throws - fixes #6 746ca5d
• Update license (#1) 486d7e2
• Tidelift tasks a650457
• Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

• a0eea46 0.2.2
• 980e0bf Prevent overwriting previously decoded tokens
• 3c8a373 0.2.1
• 76abc93 Switch to GitHub workflows
• 746ca5d Fix issue where decode throws - fixes #6
• 486d7e2 Update license (#1)
• a650457 Tidelift tasks
• 66e1c28 Meta tweaks
• See full diff in compare view

Sourced from es5-ext's releases.

0.10.64 (2024-02-27)

Bug Fixes

• Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

---

Comparison since last release

0.10.63 (2024-02-23)

Bug Fixes

• Do not rely on problematic regex (3551cdd), addresses #201
• Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021
• Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

• Simplify the manifest message (7855319)

---

Comparison since last release

0.10.62 (2022-08-02)

Maintenance Improvements

• Manifest improvements:
  • (#190) (b8dc53f)
  • (c51d552)

---

Comparison since last release

0.10.61 (2022-04-20)

Bug Fixes

• Ensure postinstall script does not error (a0be4fd)

Maintenance Improvements

• Bump dependencies (d7e0a61)

---

Comparison since last release

0.10.60 (2022-04-07)

Maintenance Improvements

• Improve postinstall script configuration (ab6b121)

---

... (truncated)

Sourced from es5-ext's changelog.

0.10.64 (2024-02-27)

Bug Fixes

• Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (c2e2bb9)

0.10.63 (2024-02-23)

Bug Fixes

• Do not rely on problematic regex (3551cdd), addresses #201
• Support ES2015+ function definitions in function#toStringTokens() (a52e957), addresses #021
• Ensure postinstall script does not crash on Windows, fixes #181 (bf8ed79)

Maintenance Improvements

• Simplify the manifest message (7855319)

0.10.62 (2022-08-02)

Maintenance Improvements

• Manifest improvements:
  • (#190) (b8dc53f)
  • (c51d552)

0.10.61 (2022-04-20)

Bug Fixes

• Ensure postinstall script does not error (a0be4fd)

Maintenance Improvements

• Bump dependencies (d7e0a61)

0.10.60 (2022-04-07)

Maintenance Improvements

• Improve postinstall script configuration (ab6b121)

0.10.59 (2022-03-17)

Maintenance Improvements

• Improve manifest wording (#122) (eb7ae59)
• Update data in manifest (3d2935a)

0.10.58 (2022-03-11)

... (truncated)

• f76b03d chore: Release v0.10.64
• 2881acd chore: Bump dependencies
• c2e2bb9 fix: Revert update meant to fix Powershell issue, as it's a regression
• 16f2b72 docs: Fix date in the changelog
• de4e03c chore: Release v0.10.63
• 3fd53b7 chore: Upgrade lint-staged to v13
• bf8ed79 chore: Ensure postinstall script does not crash on Windows
• 2cbbb07 chore: Bump dependencies
• 22d0416 chore: Bump LICENSE year
• a52e957 fix: Support ES2015+ function definitions in function#toStringTokens()
• Additional commits viewable in compare view

Sourced from eslint-utils's releases.

v1.4.3

🐛 Bug fixes

• 8f9e481ecc1204c7a1331b697f97903f90c75154 fixed false positive of ReferenceTracker.

v1.4.2

🐛 Bug fixes

• e4cb01498df6096b66edb0c78965ee6f47d3ac77 fixed a regression of the previous release.

v1.4.1

🐛 Bug fixes

• c119e832952c8c653bd4f21e39eb9f7ce48e5947 fixed getStaticValue() function to handle null literal correctly even if runtimes don't support BigInt natively.
• 587cca2f82c245f5fc4a8b9fb2cf6b35c0d02552 fixed getStringIfConstant() function to handle regular expression literals and BigInt literals even if runtimes don't support those.
• 08158db1c98fd71cf0f32ddefbc147e2620e724c fixed GHSA-3gx7-xhv7-5mx3.

v1.4.0

✨ Enhancements

• 66456c5356310fc4309b4fe2756995f27b907747 (and ebf5a8378d3f0a20a74adb158a7112cb616bce44, aac472e815551688d23cc8fd88f9044dbf276804) added isParenthesized() function that checks if a given node is parenthesized or not.
• 4f8407dd6cd52274ba115b3a8558153ec6d799a7 (and cb518c70ee037722f802d808bbbe93da83f07fb3) added hasSideEffect() function that checks if a given node may have side-effects or not.

• 23f4ddc 🔖 1.4.3
• 8f9e481 🐛 fix reference tracker false positive
• 6633278 ⚒ fix test scripts
• 7c8e67c ⚒ fix build scripts
• 41ff95e ⚒ update dependencies
• 4942012 ⚒ fix build scripts
• f1c8d02 ⚒ update build scripts
• a88598a Create FUNDING.yml
• 4e1bc07 1.4.2
• e4cb014 🐛 add null test
• Additional commits viewable in compare view

Sourced from fsevents's releases.

Release v1.2.13

Only build on Mac-OSX

Release v1.2.11

Removing node-pre-gyp so that building fsevents becomes easier and enabled without the download of binaries.

The credentials to the AWS store have been lost. Releasing to AWS is both insecure and no longer possible due to the lost credentials.

Intermediate Release

No release notes provided.

• 844a05d Version Bump
• f393f2a Only build fsevents on macOS (#322)
• 6a281a7 [publish binary]
• acc2bce [publish binary]
• f532b6e [publish binary]
• 4c6a1c0 Add node 13 to travis matrix.
• 92e40aa Release 1.2.12.
• 909af26 Release v1.2.11
• 7074adb Release v1.2.10
• See full diff in compare view

Sourced from handlebars's releases.

v4.7.8

• Make library compatible with workers (#1894) - 3d3796c
• Don't rely on Node.js global object (#1776) - 2954e7e
• Fix compiling of each block params in strict mode (#1855) - 30dbf04
• Fix rollup warning when importing Handlebars as ESM - 03d387b
• Fix bundler issue with webpack 5 (#1862) - c6c6bbb
• Use https instead of git for mustache submodule - 88ac068

Commits

Sourced from handlebars's changelog.

v4.7.8 - July 27th, 2023

• Make library compatible with workers (#1894) - 3d3796c
• Don't rely on Node.js global object (#1776) - 2954e7e
• Fix compiling of each block params in strict mode (#1855) - 30dbf04
• Fix rollup warning when importing Handlebars as ESM - 03d387b
• Fix bundler issue with webpack 5 (#1862) - c6c6bbb
• Use https instead of git for mustache submodule - 88ac068

Commits

v4.7.7 - February 15th, 2021

• fix weird error in integration tests - eb860c0
• fix: check prototype property access in strict-mode (#1736) - b6d3de7
• fix: escape property names in compat mode (#1736) - f058970
• refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
• chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

• the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

v4.7.6 - April 3rd, 2020

Chore/Housekeeping:

• #1672 - Switch cmd parser to latest minimist (@​dougwilson

Compatibility notes:

• Restored Node.js compatibility

Commits

v4.7.5 - April 2nd, 2020

Chore/Housekeeping:

• Node.js version support has been changed to v6+ Reverted in 4.7.6

Compatibility notes:

... (truncated)

• 8dc3d25 v4.7.8
• 668c4fb Fix browser tests in CI pipeline
• c65c6cc Test on Node 18
• 3d3796c Make library compatible with workers
• 075b354 Fix sync issue with npm lock-file
• 30dbf04 Fix compiling of each block params in strict mode
• e3a5448 Fix bundler issue with webpack 5
• 8e23642 Fix integration-tests issue with npm >= 7
• 88ac068 use https instead of git for mustache submodule
• c68bc08 Fix typo
• Additional commits viewable in compare view

This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.

Sourced from hosted-git-info's changelog.

2.8.9 (2021-04-07)

Bug Fixes

• backport regex fix from #76 (29adfe5), closes #84

2.8.8 (2020-02-29)

Bug Fixes

• #61 & #65 addressing issues w/ url.URL implmentation which regressed node 6 support (5038b18), closes #66

2.8.7 (2020-02-26)

Bug Fixes

• Do not attempt to use url.URL when unavailable (2d0bb66), closes #61 #62
• Do not pass scp-style URLs to the WhatWG url.URL (f2cdfcf), closes #60

2.8.6 (2020-02-25)

2.8.5 (2019-10-07)

Bug Fixes

• updated pathmatch for gitlab (e8325b5), closes #51
• updated pathmatch for gitlab (ffe056f)

2.8.4 (2019-08-12)

... (truncated)

• 8d4b369 chore(release): 2.8.9
• 29adfe5 fix: backport regex fix from #76
• afeaefd chore(release): 2.8.8
• 5038b18 fix: #61 & #65 addressing issues w/ url.URL implmentation which regressed nod...
• 7440afa chore(release): 2.8.7
• 2d0bb66 fix: Do not attempt to use url.URL when unavailable
• f2cdfcf fix: Do not pass scp-style URLs to the WhatWG url.URL
• e1b83df chore(release): 2.8.6
• ff259a6 Ensure passwords in hosted Git URLs are correctly escaped
• 624fd6f chore(release): 2.8.5
• Additional commits viewable in compare view

This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.

• a2c5da8 1.3.8
• af5c6bb Do not use Object.create(null)
• 8b648a1 don't test where our devdeps don't even work
• c74c8af 1.3.7
• 024b8b5 update deps, add linting
• 032fbaf Use Object.create(null) to avoid default object property hazards
• 2da9039 1.3.6
• cfea636 better git push script, before publish instead of after
• 56d2805 do not allow invalid hazardous string as section name
• See full diff in compare view

This version was pushed to npm by isaacs, a new releaser for ini since your current version.

Sourced from json5's releases.

v2.2.3

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2

• Fix: Bump minimist to v1.2.5. (#222)

v2.1.1

• New: package.json and package.json5 include a module property so bundlers like webpack, rollup and parcel can take advantage of the ES Module build. (#208)
• Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)
• Fix: Spelling mistakes have been fixed. (#196)

Sourced from json5's changelog.

v2.2.3 [code, diff]

• Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

• Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

• Fix: Bump minimist to v1.2.5. (#222)

v2.1.1 [code, [diff][d2.1.1]]

... (truncated)

• c3a7524 2.2.3
• 94fd06d docs: update CHANGELOG for v2.2.3
• 3b8cebf docs(security): use GitHub security advisories
• f0fd9e1 docs: publish a security policy
• 6a91a05 docs(template): bug -> bug report
• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• Additional commits viewable in compare view

• 754f0c2 1.3.2
• 90ee1fa ensure keys are valid when mixing in values
• See full diff in compare view

This version was pushed to npm by doowb, a new releaser for mixin-deep since your current version.

• See full diff in compare view

Sourced from path-to-regexp's releases.

Fix backtracking in 1.x

Fixed

• Add backtrack protection to 1.x release (#320) 925ac8e
• Fix re.exec(&[#39](https://github.com/pillarjs/path-to-regexp/issues/39);/test/route&[#39](https://github.com/pillarjs/path-to-regexp/issues/39);) result (#267) 32a14b0

pillarjs/path-to-regexp@v1.8.0...v1.9.0

Backport token to function options

Added

• Backport TokensToFunctionOptions

Sourced from path-to-regexp's changelog.

Moved to GitHub Releases

3.0.0 / 2019-01-13

• Always use prefix character as delimiter token, allowing any character to be a delimiter (e.g. /:att1-:att2-:att3-:att4-:att5)
• Remove partial support, prefer escaping the prefix delimiter explicitly (e.g. \\/(apple-)?icon-:res(\\d+).png)

2.4.0 / 2018-08-26

• Support start option to disable anchoring from beginning of the string

2.3.0 / 2018-08-20

• Use delimiter when processing repeated matching groups (e.g. foo/bar has no prefix, but has a delimiter)

2.2.1 / 2018-04-24

• Allow empty string with end: false to match both relative and absolute paths

2.2.0 / 2018-03-06

• Pass token as second argument to encode option (e.g. encode(value, token))

2.1.0 / 2017-10-20

• Handle non-ending paths where the final character is a delimiter
  • E.g. /foo/ before required either /foo/ or /foo// to match in non-ending mode

2.0.0 / 2017-08-23

• New option! Ability to set endsWith to match paths like /test?query=string up to the query string
• New option! Set delimiters for specific characters to be treated as parameter prefixes (e.g. /:test)
• Remove isarray dependency
• Explicitly handle trailing delimiters instead of trimming them (e.g. /test/ is now treated as /test/ instead of /test when matching)
• Remove overloaded keys argument that accepted options
• Remove keys list attached to the RegExp output
• Remove asterisk functionality (it's a real pain to properly encode)
• Change tokensToFunction (e.g. compile) to accept an encode function for pretty encoding (e.g. pass your own implementation)

• c75eb10 1.9.0
• 925ac8e Add backtrack protection to 1.x release (#320)
• 32a14b0 Fix re.exec('/test/route') result (#267)
• 79a5dcf 1.8.0
• 1a474...

  Description has been truncated