Bump the npm_and_yarn group across 22 directories with 20 updates

[dependabot]

Bumps the npm_and_yarn group with 12 updates in the / directory:

Package	From	To
@babel/traverse	7.11.0	7.23.2
minimist	1.2.3	1.2.6
semver	6.3.0	6.3.1
electron	23.1.2	24.8.5
ip	1.1.5	2.0.1
ws	7.2.1	7.5.10
json5	2.1.3	2.2.2
express	4.18.2	4.19.2
follow-redirects	1.7.0	1.15.6
ua-parser-js	0.7.20	0.7.38
webpack-dev-middleware	5.3.3	5.3.4
word-wrap	1.2.3	1.2.5

Bumps the npm_and_yarn group with 4 updates in the /fixtures/art directory: @babel/traverse, semver, debug and lodash.
Bumps the npm_and_yarn group with 4 updates in the /fixtures/attribute-behavior directory: semver, express, lodash and ua-parser-js.
Bumps the npm_and_yarn group with 6 updates in the /fixtures/concurrent/time-slicing directory:

Package	From	To
minimist	1.2.5	1.2.8
semver	5.7.1	5.7.2
express	4.17.1	4.19.2
follow-redirects	1.14.0	1.15.6
ua-parser-js	0.7.28	0.7.38
word-wrap	1.2.3	1.2.5

Bumps the npm_and_yarn group with 6 updates in the /fixtures/dom directory:

Package	From	To
minimist	1.2.5	1.2.8
semver	5.7.1	5.7.2
express	4.17.1	4.19.2
follow-redirects	1.13.0	1.15.6
ua-parser-js	0.7.23	0.7.38
word-wrap	1.2.3	1.2.5

Bumps the npm_and_yarn group with 4 updates in the /fixtures/expiration directory: semver, express, lodash and ua-parser-js.
Bumps the npm_and_yarn group with 2 updates in the /fixtures/fiber-debugger directory: express and ua-parser-js.
Bumps the npm_and_yarn group with 6 updates in the /fixtures/fizz directory:

Package	From	To
@babel/traverse	7.17.9	7.24.7
minimist	1.2.6	1.2.8
semver	5.7.1	5.7.2
json5	1.0.1	1.0.2
express	4.17.3	4.19.2
http-cache-semantics	4.1.0	4.1.1

Bumps the npm_and_yarn group with 10 updates in the /fixtures/flight directory:

Package	From	To
@babel/traverse	7.7.2	7.24.7
semver	7.3.7	7.5.2
ws	7.5.9	7.5.10
json5	2.2.1	2.2.3
braces	3.0.2	3.0.3
lodash	4.17.11	4.17.21
postcss	8.4.16	8.4.31
tough-cookie	4.0.0	4.1.4
webpack-dev-middleware	5.3.3	5.3.4
undici	5.20.0	5.28.4

Bumps the npm_and_yarn group with 3 updates in the /fixtures/flight-esm directory: semver, braces and undici.
Bumps the npm_and_yarn group with 2 updates in the /fixtures/packaging/brunch/dev directory: semver and express.
Bumps the npm_and_yarn group with 2 updates in the /fixtures/packaging/brunch/prod directory: semver and express.
Bumps the npm_and_yarn group with 1 update in the /fixtures/packaging/systemjs-builder/dev directory: lodash.
Bumps the npm_and_yarn group with 1 update in the /fixtures/packaging/systemjs-builder/prod directory: lodash.
Bumps the npm_and_yarn group with 1 update in the /fixtures/packaging/webpack-alias/dev directory: semver.
Bumps the npm_and_yarn group with 1 update in the /fixtures/packaging/webpack-alias/prod directory: semver.
Bumps the npm_and_yarn group with 1 update in the /fixtures/packaging/webpack/dev directory: semver.
Bumps the npm_and_yarn group with 1 update in the /fixtures/packaging/webpack/prod directory: semver.
Bumps the npm_and_yarn group with 4 updates in the /fixtures/ssr directory: semver, express, follow-redirects and word-wrap.
Bumps the npm_and_yarn group with 8 updates in the /fixtures/ssr2 directory:

Package	From	To
@babel/traverse	7.14.2	7.24.7
minimist	1.2.5	1.2.8
semver	5.7.1	5.7.2
json5	1.0.1	1.0.2
braces	3.0.2	3.0.3
webpack	4.44.2	5.92.0
express	4.17.1	4.19.2
http-cache-semantics	4.1.0	4.1.1

Bumps the npm_and_yarn group with 2 updates in the /packages/react-devtools directory: electron and ip.
Bumps the npm_and_yarn group with 3 updates in the /scripts/bench directory: minimist, debug and lodash.

Updates @babel/traverse from 7.11.0 to 7.23.2

Release notes

Sourced from @​babel/traverse's releases.

v7.23.2 (2023-10-11)

NOTE: This release also re-publishes @babel/core, even if it does not appear in the linked release commit.

Thanks @​jimmydief for your first PR!

🐛 Bug Fix

• babel-traverse
  • #16033 Only evaluate own String/Number/Math methods (@​nicolo-ribaudo)
• babel-preset-typescript
  • #16022 Rewrite .tsx extension when using rewriteImportExtensions (@​jimmydief)
• babel-helpers
  • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
• babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16025 Avoid override mistake in namespace imports (@​nicolo-ribaudo)

Committers: 5

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• James Diefenderfer (@​jimmydief)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu

v7.23.1 (2023-09-25)

Re-publishing @babel/helpers due to a publishing error in 7.23.0.

v7.23.0 (2023-09-25)

Thanks @​lorenzoferre and @​RajShukla1 for your first PRs!

🚀 New Feature

• babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import
  • #15870 Support transforming import source for wasm (@​nicolo-ribaudo)
• babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone
  • #15878 Implement import defer proposal transform support (@​nicolo-ribaudo)
• babel-generator, babel-parser, babel-types
  • #15845 Implement import defer parsing support (@​nicolo-ribaudo)
  • #15829 Add parsing support for the "source phase imports" proposal (@​nicolo-ribaudo)
• babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types
  • #15682 Add createImportExpressions parser option (@​JLHwung)
• babel-standalone
  • #15671 Pass through nonce to the transformed script element (@​JLHwung)
• babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types
  • #15751 Add support for optional chain in assignments (@​nicolo-ribaudo)
• babel-helpers, babel-plugin-proposal-decorators
  • #15895 Implement the "decorator metadata" proposal (@​nicolo-ribaudo)
• babel-traverse, babel-types
  • #15893 Add t.buildUndefinedNode (@​liuxingbaoyu)
• babel-preset-typescript

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.23.2 (2023-10-11)

🐛 Bug Fix

• babel-traverse
  • #16033 Only evaluate own String/Number/Math methods (@​nicolo-ribaudo)
• babel-preset-typescript
  • #16022 Rewrite .tsx extension when using rewriteImportExtensions (@​jimmydief)
• babel-helpers
  • #16017 Fix: fallback to typeof when toString is applied to incompatible object (@​JLHwung)
• babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16025 Avoid override mistake in namespace imports (@​nicolo-ribaudo)

v7.23.0 (2023-09-25)

🚀 New Feature

• babel-plugin-proposal-import-wasm-source, babel-plugin-syntax-import-source, babel-plugin-transform-dynamic-import
  • #15870 Support transforming import source for wasm (@​nicolo-ribaudo)
• babel-helper-module-transforms, babel-helpers, babel-plugin-proposal-import-defer, babel-plugin-syntax-import-defer, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone
  • #15878 Implement import defer proposal transform support (@​nicolo-ribaudo)
• babel-generator, babel-parser, babel-types
  • #15845 Implement import defer parsing support (@​nicolo-ribaudo)
  • #15829 Add parsing support for the "source phase imports" proposal (@​nicolo-ribaudo)
• babel-generator, babel-helper-module-transforms, babel-parser, babel-plugin-transform-dynamic-import, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-traverse, babel-types
  • #15682 Add createImportExpressions parser option (@​JLHwung)
• babel-standalone
  • #15671 Pass through nonce to the transformed script element (@​JLHwung)
• babel-helper-function-name, babel-helper-member-expression-to-functions, babel-helpers, babel-parser, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-optional-chaining-assign, babel-plugin-syntax-optional-chaining-assign, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone, babel-types
  • #15751 Add support for optional chain in assignments (@​nicolo-ribaudo)
• babel-helpers, babel-plugin-proposal-decorators
  • #15895 Implement the "decorator metadata" proposal (@​nicolo-ribaudo)
• babel-traverse, babel-types
  • #15893 Add t.buildUndefinedNode (@​liuxingbaoyu)
• babel-preset-typescript
  • #15913 Add rewriteImportExtensions option to TS preset (@​nicolo-ribaudo)
• babel-parser
  • #15896 Allow TS tuples to have both labeled and unlabeled elements (@​yukukotani)

🐛 Bug Fix

• babel-plugin-transform-block-scoping
  • #15962 fix: transform-block-scoping captures the variables of the method in the loop (@​liuxingbaoyu)

💅 Polish

• babel-traverse
  • #15797 Expand evaluation of global built-ins in @babel/traverse (@​lorenzoferre)
• babel-plugin-proposal-explicit-resource-management
  • #15985 Improve source maps for blocks with using declarations (@​nicolo-ribaudo)

🔬 Output optimization

• babel-core, babel-helper-module-transforms, babel-plugin-transform-async-to-generator, babel-plugin-transform-classes, babel-plugin-transform-dynamic-import, babel-plugin-transform-function-name, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-react-inline-elements, babel-plugin-transform-runtime, babel-plugin-transform-typescript, babel-preset-env
  • #15984 Inline exports.XXX = update in simple variable declarations (@​nicolo-ribaudo)

v7.22.20 (2023-09-16)

... (truncated)

Commits

• b4b9942 v7.23.2
• b13376b Only evaluate own String/Number/Math methods (#16033)
• ca58ec1 v7.23.0
• 0f333da Add createImportExpressions parser option (#15682)
• 3744545 Fix linting
• c7e6806 Add t.buildUndefinedNode (#15893)
• 38ee8b4 Expand evaluation of global built-ins in @babel/traverse (#15797)
• 9f3dfd9 v7.22.20
• 3ed28b2 Fully support || and && in pluginToggleBooleanFlag (#15961)
• 77b0d73 v7.22.19
• Additional commits viewable in compare view

Updates minimist from 1.2.3 to 1.2.6

Changelog

Sourced from minimist's changelog.

v1.2.6 - 2022-03-21

Commits

• test from prototype pollution PR bc8ecee
• isConstructorOrProto adapted from PR c2b9819
• security notice for additional prototype pollution issue ef88b93

v1.2.5 - 2020-03-12

v1.2.4 - 2020-03-11

Commits

• security notice 4cf1354
• additional test for constructor prototype pollution 1043d21

Commits

• 7efb22a 1.2.6
• ef88b93 security notice for additional prototype pollution issue
• c2b9819 isConstructorOrProto adapted from PR
• bc8ecee test from prototype pollution PR
• aeb3e27 1.2.5
• 278677b 1.2.4
• 4cf1354 security notice
• 1043d21 additional test for constructor prototype pollution
• See full diff in compare view

Updates semver from 6.3.0 to 6.3.1

Release notes

Sourced from semver's releases.

v6.3.1

6.3.1 (2023-07-10)

Bug Fixes

• 928e56d #591 better handling of whitespace (#591) (@​lukekarrys, @​joaomoreno, @​nicolo-ribaudo)

Changelog

Sourced from semver's changelog.

6.3.1 (2023-07-10)

Bug Fixes

• 928e56d #591 better handling of whitespace (#591) (@​lukekarrys, @​joaomoreno, @​nicolo-ribaudo)

6.2.0

• Coerce numbers to strings when passed to semver.coerce()
• Add rtl option to coerce from right to left

6.1.3

• Handle X-ranges properly in includePrerelease mode

6.1.2

• Do not throw when testing invalid version strings

6.1.1

• Add options support for semver.coerce()
• Handle undefined version passed to Range.test

6.1.0

• Add semver.compareBuild function
• Support * in semver.intersects

6.0

• Fix intersects logic.

  This is technically a bug fix, but since it is also a change to behavior that may require users updating their code, it is marked as a major version increment.

5.7

• Add minVersion method

5.6

• Move boolean loose param to an options object, with backwards-compatibility protection.
• Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

... (truncated)

Commits

• 44d27bc chore: release 6.3.1
• 928e56d fix: better handling of whitespace (#591)
• 39f6326 chore: @​npmcli/template-oss@​4.16.0
• See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates electron from 23.1.2 to 24.8.5

Commits

• 543f7c3 chore: cherry-pick 3fbd1dca6a4d from libvpx (#40025)
• e51dee4 fix: use generic capturer to list both screens and windows when possible (#39...
• 384f44d ci: fix linux builds of forks (#39942)
• edb117a build: use afs on aks instead of circle cache (#39913)
• 3f864b2 build: fixup autoninja (#39901)
• 97bf8c8 build: run on circle hosts for forks (#39864)
• 4a9b367 build: use aks backed runners for linux builds (#39837)
• 0508e25 chore: cherry-pick b2eab7500a18 from chromium (#39826)
• 0641412 fix: ensure app load is limited to real asar files when appropriate (#39810)
• c574fed chore: cherry-pick 3 changes from Release-3-M116 (#39757)
• Additional commits viewable in compare view

Updates ip from 1.1.5 to 2.0.1

Commits

• 3b0994a 2.0.1
• 32f468f lib: fixed CVE-2023-42282 and added unit test
• 4b2f4e7 2.0.0
• 369d56d lib: use Buffer.alloc
• af82ef4 1.1.6
• dba19f6 package: exclude test folder from publishing
• 7cd7f30 ci: use github workflows
• 4de50ae lib: node 18 support
• See full diff in compare view

Updates ws from 7.2.1 to 7.5.10

Release notes

Sourced from ws's releases.

7.5.10

Bug fixes

• Backported e55e5106 to the 7.x release line (22c28763).

7.5.9

Bug fixes

• Backported bc8bd34e to the 7.x release line (0435e6e1).

7.5.8

Bug fixes

• Backported 0fdcc0af to the 7.x release line (2758ed35).
• Backported d68ba9e1 to the 7.x release line (dc1781bc).

7.5.7

Bug fixes

• Backported 6946f5fe to the 7.x release line (1f72e2e1).

7.5.6

Bug fixes

• Backported b8186dd1 to the 7.x release line (73dec34b).
• Backported ed2b8039 to the 7.x release line (22a26afb).

7.5.5

Bug fixes

• Backported ec9377ca to the 7.x release line (0e274acd).

7.5.4

Bug fixes

• Backported 6a72da3e to the 7.x release line (76087fbf).
• Backported 869c9892 to the 7.x release line (27997933).

7.5.3

Bug fixes

• The WebSocketServer constructor now throws an error if more than one of the noServer, server, and port options are specefied (66e58d27).
• Fixed a bug where a 'close' event was emitted by a WebSocketServer before the internal HTTP/S server was actually closed (5a587304).
• Fixed a bug that allowed WebSocket connections to be established after WebSocketServer.prototype.close() was called (772236a1).

7.5.2

Bug fixes

... (truncated)

Commits

• d962d70 [dist] 7.5.10
• 22c2876 [security] Fix crash when the Upgrade header cannot be read (#2231)
• 8a78f87 [dist] 7.5.9
• 0435e6e [security] Fix same host check for ws+unix: redirects
• 4271f07 [dist] 7.5.8
• dc1781b [security] Drop sensitive headers when following insecure redirects
• 2758ed3 [fix] Abort the handshake if the Upgrade header is invalid
• a370613 [dist] 7.5.7
• 1f72e2e [security] Drop sensitive headers when following redirects (#2013)
• 8ecd890 [dist] 7.5.6
• Additional commits viewable in compare view

Updates json5 from 2.1.3 to 2.2.2

Release notes

Sourced from json5's releases.

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

Changelog

Sourced from json5's changelog.

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

Commits

• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• d720b4f Improve readme (e.g. explain JSON5 better!) (#291)
• 910ce25 docs: fix spelling of Aseem
• 2aab4dd test: require tap as t in cli tests
• 6d42686 test: remove mocha syntax from tests
• 4798b9d docs: update installation and usage for modules
• Additional commits viewable in compare view

Updates express from 4.18.2 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

• Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

• Fix ci after location patch by @​wesleytodd in expressjs/express#5552
• fixed un-edited version in history.md for 4.19.0 by @​wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

• fix typo in release date by @​UlisesGascon in expressjs/express#5527
• docs: nominating @​wesleytodd to be project captian by @​wesleytodd in expressjs/express#5511
• docs: loosen TC activity rules by @​wesleytodd in expressjs/express#5510
• Add note on how to update docs for new release by @​crandmck in expressjs/express#5541
• Prevent open redirect allow list bypass due to encodeurl
• Release 4.19.0 by @​wesleytodd in expressjs/express#5551

New Contributors

• @​crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2

Other Changes

• Use https: protocol instead of deprecated git: protocol by @​vcsjones in expressjs/express#5032
• build: Node.js@16.18 and Node.js@18.12 by @​abenhamdine in expressjs/express#5034
• ci: update actions/checkout to v3 by @​armujahid in expressjs/express#5027
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5124
• Remove unused originalIndex from acceptParams by @​raksbisht in expressjs/express#5119
• Fixed typos by @​raksbisht in expressjs/express#5117
• examples: remove unused params by @​raksbisht in expressjs/express#5113
• fix: parameter str is not described in JSDoc by @​raksbisht in expressjs/express#5130
• fix: typos in History.md by @​raksbisht in expressjs/express#5131
• build : add Node.js@19.7 by @​abenhamdine in expressjs/express#5028
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

• Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

• Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

• Prevent open redirect allow list bypass due to encodeurl
• deps: cookie@0.6.0

4.18.3 / 2024-02-29

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2
• deps: cookie@0.6.0
  • Add partitioned option

Commits

• 04bc627 4.19.2
• da4d763 Improved fix for open redirect allow list bypass
• 4f0f6cc 4.19.1
• a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
• a1fa90f fixed un-edited version in history.md for 4.19.0
• 11f2b1d build: fix build due to inconsistent supertest behavior in older versions
• 084e365 4.19.0
• 0867302 Prevent open redirect allow list bypass due to encodeurl
• 567c9c6 Add note on how to update docs for new release (#5541)
• 69a4cf2 deps: cookie@0.6.0
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates follow-redirects from 1.7.0 to 1.15.6

Commits

• 35a517c Release version 1.15.6 of the npm package.
• c4f847f Drop Proxy-Authorization across hosts.
• 8526b4a Use GitHub for disclosure.
• b1677ce Release version 1.15.5 of the npm package.
• d8914f7 Preserve fragment in responseUrl.
• 6585820 Release version 1.15.4 of the npm package.
• 7a6567e Disallow bracketed hostnames.
• 05629af Prefer native URL instead of deprecated url.parse.
• 1cba8e8 Prefer native URL instead of legacy url.resolve.
• 72bc2a4 Simplify _processResponse error handling.
• Additional commits viewable in compare view

Updates lodash from 4.17.15 to 4.17.21

Commits

• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• ded9bc6 Bump to v4.17.20.
• 63150ef Documentation fixes.
• 00f0f62 test.js: Remove trailing comma.
• 846e434 Temporarily use a custom fork of lodash-cli.
• 5d046f3 Re-enable Travis tests on 4.17 branch.
• aa816b3 Remove /npm-package.
• d7fbc52 Bump to v4.17.19
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Updates ua-parser-js from 0.7.20 to 0.7.38

Release notes

Sourced from ua-parser-js's releases.

v0.7.38

Version 0.7.38

• Fix error on getOS() when userAgentData.platform is undefined
• Add new browser: Opera GX, Twitter
• Improve browser detection: DuckDuckGo
• Improve device detection: OPPO Pad, Oculus Quest

v0.7.37

Version 0.7.37

• Fix misidentified WebView token as device model
• Increase UA_MAX_LENGTH to 500
• Add new browser: Alipay, Klarna, Smart Lenovo Browser, Vivo Browser
• Add new device: Ulefone
• Improve device detection: Realme, Xiaomi Redmi
• Rename browser: Avant, Baidu, Samsung Internet, Sogou Explorer, Sogou Mobile, WeChat

Changelog

Sourced from ua-parser-js's changelog.

Version 0.7.38 / 1.0.38

• Fix error on getOS() when userAgentData.platform is undefined
• Add new browser: Opera GX, Twitter
• Improve browser detection: DuckDuckGo
• Improve device detection: OPPO Pad, Oculus Quest

Version 0.7.37 / 1.0.37

• Fix misidentified WebView token as device model
• Increase UA_MAX_LENGTH to 500
• Add new browser: Alipay, Klarna, Smart Lenovo Browser, Vivo Browser
• Add new device: Ulefone
• Improve device detection: Realme, Xiaomi Redmi
• Rename browser: Avant, Baidu, Samsung Internet, Sogou Explorer, Sogou Mobile, WeChat

Version 0.7.36 / 1.0.36

• Add new browser: Snapchat
• Add new devices: Infinix, Tecno
• Improve device detection: Amazon Fire TV, Xiaomi POCO
• Improve OS detection: iOS

Version 0.7.35 / 1.0.35

• Fix result from user-supplied user-agent being altered
• Add new browser: Heytap, TikTok
• Add new engine: LibWeb
• Add new OS: SerenityOS
• Improve browser detection: Yandex
• Improve device detection: iPhone, Amazon Echo
• Improve OS detection: iOS

Version 0.7.34 / 1.0.34

• Fix Sharp Mobile detected as Huawei Tablet
• Fix IE8 bug
• Add new devices : Kobo e-Reader, Apple Watch, and some new SmartTV devices
• Add new OS : watchOS
• Improve browser detection : Kakao, Naver, Brave
• Improve device detection : Oculus, iPad
• Improve OS detection : Chrome OS
• Using navigator.userAgentData as fallback for device.type & os.name

Version 0.7.33 / 1.0.33

• Add new browser : Cobalt
• Identify Macintosh as an Apple device
• Fix ReDoS vulnerability

Version 0.7.32 / 1.0.32

• Add new browser : DuckDuckGo, Huawei Browser, LinkedIn
• Add new OS : HarmonyOS
• Add some Huawei models

... (truncated)

Commits

• cede701 Bump version 0.7.38
• 3bfd164 Fix #700 - Error on getOS() when userAgentData.platform is undefined
• e7bfc4e Backport - Fix #730 - Improve browser detection: DuckDuckGo
• 775de4e Backport - Fix #722 - Add new browser name: Twitter
• fecff02 Backport - Fix #721 - Improve detection: recognize OPPO Pad as tablet
• d3d83fa Backport - Fix #708 - Improve detection for Quest 3
• 5790c0e Backport - Fix #697 - Add new browser: Opera GX - https://www.opera.com/gx
• d30ad46 Bump version 0.7.37
• 5302e2d Update changelog
• f3de7b7 Backport - Improve browser detection: WeChat (cherry picked from commit 17f0c...
• Additional commits viewable in compare view

Updates webpack-dev-middleware from 5.3.3 to 5.3.4

Release notes

Sourced from webpack-dev-middleware's releases.

v5.3.4

5.3.4 (2024-03-20)

Bug Fixes

• security: do not allow to read files above (#1779) (189c4ac)

Changelog

Sourced from webpack-dev-middleware's changelog.

5.3.4 (2024-03-20)

Bug Fixes

• security: do not allow to read files above (#1779) (189c4ac)

Commits

• 86071ea chore(release): 5.3.4
• 189c4ac fix(security): do not allow to read files above (#1779)
• See full diff in compare view

Updates word-wrap from 1.2.3 to 1.2.5

Release notes

Sourced from word-wrap's releases.

1.2.5

Changes:

Reverts default value for options.indent to two spaces ' '.

Full Changelog: jonschlinkert/word-wrap@1.2.4...1.2.5

1.2.4

What's Changed

• Remove default indent by @​mohd-akram in jonschlinkert/word-wrap#24
• 🔒fix: CVE 2023 26115 (2) by Description has been truncated