[Security] Bump glob-parent and watchpack in /assets
Bumps glob-parent and watchpack. These dependencies needed to be updated together.
Updates glob-parent
from 3.1.0 to 5.1.2 This update includes a security fix.
Vulnerabilities fixed
glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.
Patched versions: 5.1.2 Affected versions: < 5.1.2
Release notes
Sourced from glob-parent's releases.
v5.1.2
Bug Fixes
v5.1.1
Bug Fixes
v5.1.0
Features
v5.0.0
⚠ BREAKING CHANGES
- Drop support for node <6 & bump dependencies
Miscellaneous Chores
- Drop support for node <6 & bump dependencies (896c0c0)
v4.0.0
⚠ BREAKING CHANGES
- question marks are valid path characters on Windows so avoid flagging as a glob when alone
- Update is-glob dependency
Features
Changelog
Sourced from glob-parent's changelog.
5.1.2 (2021-03-06)
Bug Fixes
6.0.2 (2021-09-29)
Bug Fixes
6.0.1 (2021-07-20)
Bug Fixes
6.0.0 (2021-05-03)
⚠ BREAKING CHANGES
- Correct mishandled escaped path separators (#34)
- upgrade scaffold, dropping node <10 support
Bug Fixes
Miscellaneous Chores
- upgrade scaffold, dropping node <10 support (e83d0c5)
5.1.1 (2021-01-27)
Bug Fixes
5.1.0 (2021-01-27)
Features
5.0.0 (2021-01-27)
⚠ BREAKING CHANGES
- Drop support for node <6 & bump dependencies
... (truncated)
Commits
-
eb2c439
chore: update changelog -
12bcb6c
chore: release 5.1.2 -
f923116
fix: eliminate ReDoS (#36) -
0b014a7
chore: add JSDoc returns information (#33) -
2b24ebd
chore: generate initial changelog -
9b6e874
chore: release 5.1.1 -
749c35e
ci: try wrapping the JOB_ID in a string -
5d39def
ci: attempt to switch to published coveralls -
0b5b37f
ci: put the npm step back in for only Windows -
473f5d8
ci: update azure build images - Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by phated, a new releaser for glob-parent since your current version.
Updates watchpack
from 1.7.5 to 1.7.5
Commits
- See full diff in compare view