Sourced from micromatch's\r\nreleases.
\r\n\r\n\r\n4.0.8
\r\nUltimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We\r\nconsider the issues low-priority, so even if you see automated scanners\r\nsaying otherwise, don't be scared.
\r\n
Sourced from micromatch's\r\nchangelog.
\r\n\r\n\r\n[4.0.8] - 2024-08-22
\r\n\r\n
\r\n- backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch
\r\n[4.0.7] - 2024-05-22
\r\n\r\n
\r\n- this is basically v4.0.5, with some README updates
\r\n- it is vulnerable to CVE-2024-4067
\r\n- Updated braces to v3.0.3 to avoid CVE-2024-4068
\r\n- does NOT break API compatibility
\r\n[4.0.6] - 2024-05-21
\r\n\r\n
\r\n- Added
\r\nhasBraces
to check if a pattern contains\r\nbraces.- Fixes CVE-2024-4067
\r\n- BREAKS API COMPATIBILITY
\r\n- Should be labeled as a major release, but it's not.
\r\n
8bd704e
\r\n4.0.8a0e6841
\r\nrun verb to generate README documentation4ec2884
\r\nMerge branch 'v4' into hauserkristof-feature/v4.0.803aa805
\r\nMerge pull request #266\r\nfrom hauserkristof/feature/v4.0.8814f5f7
\r\nlint67fcce6
\r\nfix: CHANGELOG about braces & CVE-2024-4068, v4.0.5113f2e3
\r\nfix: CVE numbers in CHANGELOGd9dbd9a
\r\nfeat: updated CHANGELOG2ab1315
\r\nfix: use actions/setup-node@v41406ea3
\r\nfeat: rework test to work on macos with node 10,12 and 14Sourced from axios's\r\nreleases.
\r\n\r\n\r\nRelease v1.7.4
\r\nRelease notes:
\r\nBug Fixes
\r\n\r\n
\r\n- sec: CVE-2024-39338 (#6539)\r\n(#6543)\r\n(6b6b605)
\r\n- sec: disregard protocol-relative URL to remediate\r\nSSRF (#6539)\r\n(07a661a)
\r\nContributors to this release
\r\n\r\n
\r\n- Lev Pachmanov
\r\n- Đỗ\r\nTrọng Hải
\r\nRelease v1.7.3
\r\nRelease notes:
\r\nBug Fixes
\r\n\r\n
\r\n- adapter: fix progress event emitting; (#6518)\r\n(e3c76fc)
\r\n- fetch: fix withCredentials request config (#6505)\r\n(85d4d0e)
\r\n- xhr: return original config on errors from XHR\r\nadapter (#6515)\r\n(8966ee7)
\r\nContributors to this release
\r\n\r\n
\r\n- Dmitriy\r\nMozgovoy
\r\n- Valerii Sidorenko
\r\n- prianYu
\r\nRelease v1.7.2
\r\nRelease notes:
\r\nBug Fixes
\r\n\r\nContributors to this release
\r\n\r\n
\r\n- Dmitriy\r\nMozgovoy
\r\nRelease v1.7.1
\r\nRelease notes:
\r\nBug Fixes
\r\n\r\n
\r\n- fetch: fixed ReferenceError issue when TextEncoder\r\nis not available in the environment; (#6410)\r\n(733f15f)
\r\nContributors to this release
\r\n\r\n
\r\n- Dmitriy\r\nMozgovoy
\r\nRelease v1.7.0
\r\nRelease notes:
\r\nFeatures
\r\n\r\n
... (truncated)
\r\nSourced from axios's\r\nchangelog.
\r\n\r\n\r\n1.7.4\r\n(2024-08-13)
\r\nBug Fixes
\r\n\r\n
\r\n- sec: CVE-2024-39338 (#6539)\r\n(#6543)\r\n(6b6b605)
\r\n- sec: disregard protocol-relative URL to remediate\r\nSSRF (#6539)\r\n(07a661a)
\r\nContributors to this release
\r\n\r\n
\r\n- Lev Pachmanov
\r\n- Đỗ\r\nTrọng Hải
\r\n1.7.3\r\n(2024-08-01)
\r\nBug Fixes
\r\n\r\n
\r\n- adapter: fix progress event emitting; (#6518)\r\n(e3c76fc)
\r\n- fetch: fix withCredentials request config (#6505)\r\n(85d4d0e)
\r\n- xhr: return original config on errors from XHR\r\nadapter (#6515)\r\n(8966ee7)
\r\nContributors to this release
\r\n\r\n
\r\n- Dmitriy\r\nMozgovoy
\r\n- Valerii Sidorenko
\r\n- prianYu
\r\n1.7.2\r\n(2024-05-21)
\r\nBug Fixes
\r\n\r\nContributors to this release
\r\n\r\n
\r\n- Dmitriy\r\nMozgovoy
\r\n1.7.1\r\n(2024-05-20)
\r\nBug Fixes
\r\n\r\n
\r\n- fetch: fixed ReferenceError issue when TextEncoder\r\nis not available in the environment; (#6410)\r\n(733f15f)
\r\nContributors to this release
\r\n\r\n
\r\n\r\n- Dmitriy\r\nMozgovoy
\r\n
... (truncated)
\r\nabd24a7
\r\nchore(release): v1.7.4 (#6544)6b6b605
\r\nfix(sec): CVE-2024-39338 (#6539)\r\n(#6543)07a661a
\r\nfix(sec): disregard protocol-relative URL to remediate SSRF (#6539)c6cce43
\r\nchore(release): v1.7.3 (#6521)e3c76fc
\r\nfix(adapter): fix progress event emitting; (#6518)85d4d0e
\r\nfix(fetch): fix withCredentials request config (#6505)92cd8ed
\r\nchore(github): update ISSUE_TEMPLATE.md (#6519)8966ee7
\r\nfix(xhr): return original config on errors from XHR adapter (#6515)0e4f9fa
\r\nchore(release): v1.7.2 (#6414)4f79aef
\r\nfix(fetch): enhance fetch API detection; (#6413)74b2db2
\r\n3.0.388f1429
\r\nupdate eslint. lint, fix unit tests.415d660
\r\nSnyk js braces 6838727 (#40)190510f
\r\nfix tests, skip 1 test in test/braces.expand716eb9f
\r\nreadme bumpa5851e5
\r\nMerge pull request #37\r\nfrom coderaiser/fix/vulnerability2092bd1
\r\nfeature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
\r\nfix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
\r\nremove funding file665ab5d
\r\nupdate keepEscaping doc (#27)