[Snyk(Unlimited)] Upgrade dustjs-linkedin from 2.5.0 to 2.7.5

[snyk-bot]

Snyk has created this PR to upgrade dustjs-linkedin from 2.5.0 to 2.7.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 11 versions ahead of your current version.
• The recommended version was released 3 years ago, on 2016-12-09.

The recommended version fixes:

Severity	Title	Issue ID
	Code Injection	npm:dustjs-linkedin:20160819
	Arbitrary Code Injection	SNYK-JS-MORGAN-72579

Release notes

• Package name: dustjs-linkedin
  • 2.7.5 - 2016-12-09

    Version 2.7.5

  • 2.7.4 - 2016-09-13 No content.
  • 2.7.3 - 2016-07-27 No content.
  • 2.7.2 - 2015-06-08

    Notable Changes

    Filters

    Dust filter functions previously took one argument, the string to filter. They now accept a second argument, which is the current context.

    Helpers

    Dust helpers can now return primitives.

    Helpers act like references or sections depending on if they have a body. When they have no body, they act like a reference and look in params.filters for filters to use. When they have a body, they act like a section. You can return thenables and streams normally.

    {@return value="" filters="|s" /} 
    {@return value=""}{.} World{/return}
    

  • 2.7.1 - 2015-04-30

    Notable Changes

    dust.config.cache

    In previous versions, setting dust.config.cache to false would blow away the entire cache on every render. Now, setting it to false just prevents new templates from being added and cached templates from being used. Setting it back to true means that previously-cached templates will be ready to use.

    dust.onLoad

    We have added a callback(null, compiledTemplate) signature to dust.onLoad.

    Calling the onLoad callback with a compiled template function will use this template to satisfy the load request. The template is not automatically registered under any name when passed to the callback, so the onLoad function should handle registration as it needs.

    You can still call the callback with uncompiled template source and Dust will compile and store it, while respecting your dust.config.cache setting.

    dust.makeBase

    dust.makeBase is now aliased to dust.context.

    Errata

    Dust 2.7.0 broke backwards compatibility with older Dust compilers. This regression has been fixed so templates compiled with older versions of Dust will continue to work with Dust 2.7.1; you can use an older compiler if needed.

  • 2.7.0 - 2015-04-17

    Supported Runtimes

    With this release we are dropping official support for:

    • Internet Explorer 7
    • Node.js 0.8

    No explicit changes have been made to break Dust in these environments, but we will no longer run tests and may break them going forward.

    Notable Changes

    More flexible rendering

    You can pass Dust body functions directly to dust.render and dust.stream, instead of the template name.

    require(['lib/dust-core', 'views/index'], function(dust, index) {
      dust.render(index, context, function(err, out) { ... });
    });
    

    This means that you can also compile templates without having to name them-- just pass the compiled function directly to dust.render. You can decide if a function is eligible to be passed as a renderable by calling dust.isTemplateFn().

    CommonJS templates

    Dust can now compile templates into CommonJS modules. Set dust.config.cjs to true, or use the --cjs flag with dustc.

    var dust = require('dustjs-linkedin'),
        index = require('views/index.js')(dust);
    index.template; // contains the compiled template
    
    index({ name: "Dust" }, function(err, out) { ... }); // use index to render or stream
    
    

    Streams in context

    You can include a ReadableStream directly in your Dust context and Dust will iterate over it like an array.

    var resultStream = db.query("SELECT * FROM people").stream();
    dust.renderSource("{#people}{firstName} {lastName}{/people}", { people: resultStream })
    
    .pipe(res);
    
    

    As long as you stream the results instead of rendering, Dust will flush data from the Stream as it is output.

    Caching

    You can disable caching of templates (useful for development) by setting dust.config.cache = false. If caching is disabled, you must write a dust.onLoad function to tell Dust how to load partials, since it wouldn't be possible to load them in advance and cache them.

    Errata

    The exposed compiler options such as dust.optimizers are deprecated. They are now exposed under, e.g. dust.compiler.optimizers. In Dust 2.8.0 the old options will be removed.

    dust.load, an undocumented but public function, has been made private. Consider using dust.onLoad to define special behavior to load a template.

    Templates compiled with earlier Dust versions should be recompiled before using 2.7.0.

  • 2.6.3 - 2016-07-27 No content.
  • 2.6.2 - 2015-03-27

    Notable Changes

    • Dust contexts can now contain Promises. The Promise will be evaluated once it resolves or rejects.
      • More info: http://www.dustjs.com/guides/contexts/#promises
    • dustc --watch now reruns the compilation when a watched template changes
    • Added new methods to the Context public API: Context#clone, Context#pop, and Context#resolve.
      • More info: http://www.dustjs.com/docs/helper-api/
  • 2.6.1 - 2015-03-11

    This release fixes two small issues:

    • Compiling templates with empty blocks such as {<foo}{/foo} leaked compiler data into the template.
    • Negative numbers can be passed as parameters, e.g. {#foo a=-1 b=-2.3 /}
  • 2.6.0 - 2015-03-05
  • 2.5.1 - 2014-11-20
  • 2.5.0 - 2014-11-04
from dustjs-linkedin GitHub release notes

---

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs