1.1.11

Changes

• #85 [BUG] v1.1.10 packaging is incorrect
  • The v1.1.10 packaging was incorrect, this release fixes the packaging issue.
  • The v1.1.10 release was missing the tools/rollup folder, which is required for the rollup packaging process.

What's Changed

• [BUG] v1.1.10 packaging is incorrect #85 by @MSNev in #86
• [Master] [Release] Increase version to 1.1.11 by @MSNev in #87

Full Changelog: 1.1.10...1.1.11

2.0.3

Blocks a medium level prototype pollution vulnerability.

Changes

• #81 [Main] Task 26377610: [DynamicProto] Investigate possible security issue with prototype pollution
  • This removes the identified methods for polluting the prototype chain by
    • adding additional checks to the _isDynamicCandidate() and _populateProtype() functions.
    • Using Object.create(null) for internal objects to avoid prototype pollution.

What's Changed

• [Main] Task 26377610: [DynamicProto] Investigate possible security issue with prototype pollution by @MSNev in #81
• [Main] [Release] Increase version to 2.0.3 by @MSNev in #83

Full Changelog: 2.0.2...2.0.3

1.1.10

Blocks a medium level prototype pollution vulnerability.

Changes

• #82 [Main] Task 26377610: [DynamicProto] Investigate possible security issue with prototype pollution
  • This removes the identified methods for polluting the prototype chain by
    • adding additional checks to the _isDynamicCandidate() and _populateProtype() functions.
    • Using Object.create(null) for internal objects to avoid prototype pollution.

What's Changed

• [Master] Task 26377610: [DynamicProto] Investigate possible security issue with prototype pollution by @MSNev in #82
• [Master] [Release] Increase version to 1.1.10 by @MSNev in #84

Full Changelog: 1.1.9...1.1.10

2.0.2

Changes

• #78 [Packaging] 2.0.1 does not include the removeDynamic.ts script

What's Changed

• [Release] Increase version to 2.0.2 by @MSNev in #79

Full Changelog: 2.0.1...2.0.2

2.0.1

Changes

• #73 [Main] Fix npm pack and publish issues

What's Changed

• [Main] Fix npm pack and publish issues by @MSNev in #73
• [Release] Increase version to 2.0.1 by @MSNev in #76

Full Changelog: 2.0.0...2.0.1

1.1.9

Changelog

• #75 [Master] Fix npm pack and publish issues
  • Additional fixes for #61 Exclude files from published package

What's Changed

• [Master] Fix npm pack and publish issues by @MSNev in #75
• [Master] [Release] Increase version to 1.1.9 by @MSNev in #77

Full Changelog: 1.1.8...1.1.9

2.0.0

Breaking Changes from Version 1.x

• Removed ES3 / IE8 support
• ES5 Object.defineProperty() is required during runtime.

Changes

• Version 2.x development moved to main branch which is now the default branch, Version 1.x is still maintained from the master branch
• Removed private internal getGlobal() and hasOwnProperty() functions to provide better minification when bundled with other packages that also implement these functions by using @nevware21/ts-utils as the dependency.

What's Changed

• Prepare main branch for release by @MSNev in #69
• Prepare updates for dynamicProto to es5 / v2.x by @MSNev in #70
• [Release] Increase version to 2.0.0 by @MSNev in #71

Full Changelog: 1.1.8...2.0.0

1.1.8

1.1.8 (Feb 27th, 2023)

• #61 Exclude files from published package
• #65 Bump external library Sinon.JS to newer version which does not use eval
• #64 Internal Task 17133116: Add Policheck exclusion file
• #62 Add --no-sandbox to test runs

What's Changed

• Add --no-sandbox to test runs by @MSNev in #62
• Internal Task 17133116: Add Policheck exclusion file by @MSNev in #64
• Exclude files from published package #61 by @MSNev in #66
• Bump external library Sinon.JS to newer version which does not use eval #65 by @MSNev in #67
• [Release] Increase to version 1.1.8 by @MSNev in #68

Full Changelog: 1.1.7...1.1.8

1.1.7

Changelog

• #55 Update and add legal compliance notices and license terms
• #56 Semmle warning help
• #57 [Bug] Corner case issue when extending the same "Class" name from different components

What's Changed

• Task 14447552: Fix Component Governance vulnerabilities by @MSNev in #53
• Task 14983577: Open Source Security Review by @MSNev in #54
• Update and add legal compliance notices and license terms by @MSNev in #55
• [Bug] Corner case issue when extending the same "Class" name from different components #57 by @MSNev in #59
• Semmle warning help #56 by @MSNev in #58
• [Release] Increase to version 1.1.7 by @MSNev in #60

Full Changelog: 1.1.6...1.1.7

1.1.6

Changelog

• #50 [IE8] Fix in 1.1.5 only handles 2 levels of dynamically nested classes

Provides an additional more comprehensive fix for IE8 (ES3) compatibility, So that nested dynamicProto() classes will now work.

Note: When running in IE8 ALL of the base classes MUST also use dynamicProto() or be defined so that the prototypes of the base classes can be looked up.

What's Changed

• [IE8] Fix in 1.1.5 only handles 2 levels of dynamically nested classes #50 by @MSNev in #51
• [Release] Increase version to 1.1.6 by @MSNev in #52

Full Changelog: 1.1.5...1.1.6