Sourced from ts-node's releases.

v9.0.0

*Breaking changes are labelled [BREAKING] below.

Added

• Throw ERR_REQUIRE_ESM when a file is require()d which should be loaded as ESM (#1031)
• Re-add "exports" declaration to package.json in backwards-compatible way, enabling node --loader ts-node/esm without file extension (#1028)
• Allow specifying "require" option via tsconfig (#925)
• REPL respects node's NODE_NO_READLINE environment variable (#1090)
• Add a transpile-only entrypoint for ESM loader: node --loader ts-node/esm/transpile-only (#1102) @concision

Changed

• [BREAKING] Drops support for node versions < 10 (#1036)

Fixed

• [BREAKING] Re-add realpath, which should fix workflows that use symlinks, such as pnpm, Lerna workspaces, or other mono-repo configurations (#970)
• Compile files within node_modules when --skip-ignore or --ignore options are configured to allow it (#970)
• Fix #884 by not adding all referenced files to getSourceFileNames/rootNames (#999)
• Fix #996: bump projectVersion every time getSourceFileNames changes, avoiding accidentally outdated typechecking (#998)
• Fix #1051: pass transformers object to ts.transpileModule (#1054) @thetutlage
• Fix #1060: use source maps for stack traces in ESM modules (#1087)
• Fix #1072: Respect --experimental-specifier-resolution coming from NODE_OPTIONS in ESM loader (#1085) @evg656e
• Fix #1098: ESM loader should skip .cjs, .mjs, and any unexpected file extensions (#1103) @concision

Docs

• Better explain how to compile imports, either CommonJS or using experimental ESM loader. Resolves #1075 (#1086)

Misc

• Fix, re-enable, and add various tests (#1044, #1088, #1108, #1110, #1109, #1115, #1043, #999)

https://github.com/TypeStrong/ts-node/compare/v8.10.2...v9.0.0

v8.10.2

Fixed

Fixes #1037: source maps broken on Windows. (#1038)

Misc

Fix failing tests on node 6 (#1035) Push coverage from Github Actions; remove TravisCI (#1034) Run tests e2e against an npm pack && npm installed ts-node (#1032) Run CI tests on Windows (#1041) Run CI only once per commit on pull requests and master (#1042)

Fix breaking change for require('ts-node/*')

• 41e7109 9.0.0
• c2a2048 Override isExternalLibraryImport as needed; re-add realpath (#970)
• 836d1f2 bump to typescript 4.0.2 (#1117)
• 89e42cc add test for REPL .type command (#1115)
• 66732d6 Fix coverage and testing badges (#1095)
• 7cb6d57 Add test coverage (#1109)
• e29ae04 Added a transpile-only ESM loader (#1101) (#1102)
• 08dc47d Fix #1098: ignored() bug: ESM loader will try to compile .cjs, .mjs… (#1103)
• 54963b8 remove duplicated test (#1110)
• 77f568d fix broken tests (#1108)
• Additional commits viewable in compare view

This version was pushed to npm by cspotcode, a new releaser for ts-node since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from tslib's releases.

tslib 1.13.0

This release reverts breaking changes in tslib that were not compatible with versions of TypeScript prior to 3.9. The behavior slightly diverges from that of TypeScript 3.9, but generally is compatible with previous versions of TypeScript-authored code.

The new behavior of TypeScript 3.9 will be available in tslib 2.0.0.

See this pull request for more details.

tslib 1.12.0

This release adds the __createBinding helper function which is used by non-ECMAScript module emit in TypeScript 3.9.

tslib 1.11.2

This release relicenses tslib to the 0BSD license which should allow projects that embed or bundle tslib to omit its license header.

tslib 1.11.1

This release updates tslib's declaration files so that users don't have to include declarations for WeakMap in their compilation.

• b7e9c51 Merge pull request #109 from microsoft/revert3.9Changes
• 7b69d91 Semicolon
• 0587b2a Add back 'p !== default'
• ce3462e Re-add '__createBinding'.
• e6dc41c Update version number.
• 12fca3b Revert changes to pre-3.9 behavior.
• 835bc74 Fix up version number in README.
• 3a21810 Update version to '1.12.0'.
• ae43189 Merge pull request #101 from alan-agius4/patch-1
• 21f15b1 fix: add missing semi colons after method names
• Additional commits viewable in compare view

This version was pushed to npm by typescript-bot, a new releaser for tslib since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from browserslist's changelog.

4.16.6

• Fixed npm-shrinkwrap.json support in --update-db (by Geoff Newman).

4.16.5

• Fixed unsafe RegExp (by Yeting Li).

4.16.4

• Fixed unsafe RegExp.
• Added artifactory support to --update-db (by Ittai Baratz).

4.16.3

• Fixed --update-db.

4.16.2

• Fixed --update-db (by @​ialarmedalien).

4.16.1

• Fixed Chrome 4 with mobileToDesktop (by Aron Woost).

4.16

• Add browserslist config query.

4.15

• Add TypeScript types (by Dmitry Semigradsky).

• 6fe3614 Release 4.16.6 version
• 33ebac9 Update dependencies
• 2128170 Add support for npm-shrinkwrap files alongside package-lock (#595)
• 7cc2aed Release 4.16.5 version
• 27e4afd Update dependencies
• 1013a18 Fix version RegExp
• b879a1a Use Node.js 16 on CI
• bd1e9e0 Fix ReDoS (#593)
• 209adf9 Release 4.16.4 version
• 3e2ae3b Fix types
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from http-proxy's changelog.

v1.18.1 - 2020-05-17

Merged

• Skip sending the proxyReq event when the expect header is present [#1447](https://github.com/http-party/node-http-proxy/issues/1447)
• Remove node6 support, add node12 to build [#1397](https://github.com/http-party/node-http-proxy/issues/1397)

• 9b96cd7 1.18.1
• 335aeeb Skip sending the proxyReq event when the expect header is present (#1447)
• dba3966 Remove node6 support, add node12 to build (#1397)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from @angular/cli's releases.

v9.1.9

Commits

@angular-devkit/build-angular (0.901.9)
Commit	Description	Notes
	update terser-webpack-plugin to 3.0.3	[Closes [#17912](https://github.com/angular/angular-cli/issues/17912)]

---

---

Special Thanks

Doug Parker, Charles Lyding, Alan Agius

v9.1.8

... (truncated)

• 9487958 release: v9.1.9
• 1b715a1 test: skip differential loading cache test on CI
• 955904c fix(@angular-devkit/build-angular): update terser-webpack-plugin to 3.0.3
• 0083b48 release: v9.1.8
• 23aad0a fix(@angular-devkit/build-angular): update less library to version 3.11.3
• 2169b51 build: use rimraf instead of custom rimraf
• a8ecbc8 fix(@angular-devkit/build-angular): update copy-webpack-plugin to version 6
• b908a07 test: make CoreSchemaRegistry test green again
• ebd5cbc release: v9.1.7
• 34bb57b fix(@schematics/angular): add tslib as a direct dependency for new libraries
• Additional commits viewable in compare view

This version was pushed to npm by google-wombot, a new releaser for @angular/cli since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

• See full diff in compare view

This version was pushed to npm by google-wombot, a new releaser for @angular-devkit/build-angular since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from @angular/language-service's changelog.

9.1.11 (2020-06-10)

Reverts

• elements: fire custom element output events during component initialization (dc9da17)

9.1.10 (2020-06-09)

Bug Fixes

• elements: fire custom element output events during component initialization (454e073), closes /github.com/angular/angular/blob/c0143cb2abdd172de1b95fd1d2c4cfc738640e28/packages/elements/src/create-custom-element.ts#L167-L170 /github.com/angular/angular/blob/c0143cb2abdd172de1b95fd1d2c4cfc738640e28/packages/elements/src/create-custom-element.ts#L164 /github.com/angular/angular/blob/c0143cb2abdd172de1b95fd1d2c4cfc738640e28/packages/elements/src/component-factory-strategy.ts#L158 #36141

Performance Improvements

• ngcc: cache parsed tsconfig between runs (1aae94a), closes #37417 #36882

10.0.0-rc.3 (2020-06-08)

Bug Fixes

• common: prevent duplicate URL change notifications (#37404) (fff424a)
• compiler-cli: use ModuleWithProviders type if static eval fails (#37126) (305b5a3)
• core: infinite loop if injectable using inheritance has a custom decorator (#37022) (bc54936), closes #35733
• elements: fire custom element output events during component initialization (#36161) (e9bff5f), closes /github.com/angular/angular/blob/c0143cb2abdd172de1b95fd1d2c4cfc738640e28/packages/elements/src/create-custom-element.ts#L167-L170 /github.com/angular/angular/blob/c0143cb2abdd172de1b95fd1d2c4cfc738640e28/packages/elements/src/create-custom-element.ts#L164 /github.com/angular/angular/blob/c0143cb2abdd172de1b95fd1d2c4cfc738640e28/packages/elements/src/component-factory-strategy.ts#L158 #36141
• language-service: Recover from error in analyzing Ng Modules (#37108) (2c1f35e)
• ngcc: capture dynamic import expressions as well as declarations (#37075) (5c0bdae)
• ngcc: do not inline source-maps for non-inline typings source-maps (#37363) (b4e26b5), closes #37324
• ngcc: ensure that more dependencies are found by EsmDependencyHost (#37075) (c6872c0)
• ngcc: find decorated constructor params on IIFE wrapped classes (#37436) (2cb3b66), closes #37330
• service-worker: Don't stay locked in EXISTING_CLIENTS_ONLY if corrupted data (#37453) (6f93847), closes #31109 #31865 /github.com/angular/angular/blob/3569fdf/packages/service-worker/worker/src/driver.ts#L559-L563 /github.com/angular/angular/blob/3569fdf/packages/service-worker/worker/src/driver.ts#L505-L519

Features

• ngcc: implement a program-based entry-point finder (#37075) (f3ccd29)

Performance Improvements

• ngcc: allow immediately reporting a stale lock file (#37250) (930d204)
• ngcc: cache parsed tsconfig between runs (#37417) (f9daa13), closes #36882

... (truncated)

• 24b9e12 refactor(language-service): move TS utils to separate file (#36984)
• ba1dfd0 feat(compiler): add name spans for property reads and method calls (#36826)
• 48ae3a0 test(language-service): Add method to override inline template (#36890)
• a034276 build(language-service): make test project a filegroup (#36865)
• 15e1bfc test(language-service): do not invalidate @angular/core (#36845)
• cc71116 revert: "feat(dev-infra): exposed new rule 'component_benchmark' via dev_infr...
• d3a77ea fix(language-service): disable update the @angular/core module (#36783)
• 695f835 feat(dev-infra): exposed new rule 'component_benchmark' via dev_infra (#36434)
• 5bab498 fix(language-service): properly evaluate types in comparable expressions (#36...
• 4b3f9ac refactor(language-service): clean up and exports and consolidate types (#36533)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from karma-jasmine's releases.

v3.3.1

3.3.1 (2020-05-28)

Bug Fixes

• filter: match any portion of a spec name (#270) (ded4c4b), closes #256

v3.3.0

3.3.0 (2020-05-28)

Features

• reporter: emit info events for suiteStarted/suiteDone (#269) (7b73ce0)

v3.2.0

3.2.0 (2020-05-26)

Features

• results: forward passedExpectations and properties (#268) (ad1d7dd)

v3.1.1

3.1.1 (2020-02-11)

Bug Fixes

• adapter: do not emit debug url unless in a browser (#263) (9bcce88), closes #262

v3.1.0

3.1.0 (2020-01-10)

Features

• adapter: support spec=name URL and sharding (#243) (39b1582)

v3.0.3

Bug Fixes

• npm: ignore integration-tests/ (#248) (f0083cb)

v3.0.2

No release notes provided.

v3.0.1

Bug Fixes

... (truncated)

Sourced from karma-jasmine's changelog.

3.3.1 (2020-05-28)

Bug Fixes

• filter: match any portion of a spec name (#270) (ded4c4b), closes #256

3.3.0 (2020-05-28)

Features

• reporter: emit info events for suiteStarted/suiteDone (#269) (7b73ce0)

3.2.0 (2020-05-26)

Features

• results: forward passedExpectations and properties (#268) (ad1d7dd)

3.1.1 (2020-02-11)

Bug Fixes

• adapter: do not emit debug url unless in a browser (#263) (9bcce88), closes #262

3.1.0 (2020-01-10)

Features

• adapter: support spec=name URL and sharding (#243) (39b1582)

3.0.3 (2020-01-08)

Bug Fixes

• npm: ignore integration-tests/ (#248) (f0083cb)

3.0.2 (2020-01-08)

... (truncated)

• 3883acf chore(release): 3.3.1 [skip ci]
• ded4c4b fix(filter): match any portion of a spec name (#270)
• 0ae10e1 chore(release): 3.3.0 [skip ci]
• 7b73ce0 feat(reporter): emit info events for suiteStarted/suiteDone (#269)
• 6ae15a9 chore(release): 3.2.0 [skip ci]
• ad1d7dd feat(results): forward passedExpectations and properties (#268)
• 27c9dcf chore(deps): bump acorn from 7.1.0 to 7.1.1 (#266)
• 4ad7dd2 chore(release): 3.1.1 [skip ci]
• 9bcce88 fix(adapter): do not emit debug url unless in a browser (#263)
• fb33d57 chore(readme): fix devDependencies link
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from core-js's changelog.

3.6.5 - 2020.04.09

• Updated Browserlist #755
• Fixed setImmediate in Safari #770, thanks @dtinth
• Fixed some regexp, thanks @dtinth
• Added Drone CI in postinstall CI detection #781

3.6.4 - 2020.01.14

• Prevented a possible almost infinite loop in non-standard implementations of some backward iteration array methods

3.6.3 - 2020.01.11

• Fixed replacement of substitutes of undefined capture groups in .replace in Safari 13.0-, #471, #745, thanks @mattclough1
• Improved compat data for old engines

3.6.2 - 2020.01.07

• Fixed early implementations of Array#{ every, forEach, includes, indexOf, lastIndexOf, reduce, reduceRight, slice, some, splice } for the usage of ToLength
• Added RegExp#exec dependency to methods which depends on the correctness of logic of this method (3.6.0-3.6.1 issue), #741
• Refactored some internals

3.6.1 - 2019.12.25

• Fixed a bug related Symbol with multiple copies of core-js (for 3.4.2-3.6.0), #736
• Refactored some tools

3.6.0 - 2019.12.19

• Added support of sticky (y) RegExp flag, #372, #732, #492, thanks @cvle and @nicolo-ribaudo
• Added RegExp#test delegation to RegExp#exec, #732, thanks @cvle
• Fixed some cases of Object.create(null) in IE8-, #727, #728, thanks @aleen42
• Allowed object of minimum environment versions as core-js-compat and core-js-builder targets argument
• Allowed corresponding to Babel targets.esmodules, targets.browsers, targets.node options in core-js-compat and core-js-builder
• Engines in compat data and results of targets parsing sorted alphabetically
• Fixed features/instance/match-all entry compat data
• Fixed Array.prototype[@@unscopables] descriptor (was writable)
• Added Samsung Internet 11 compat data mapping

3.5.0 - 2019.12.12

• Added object iteratoration stage 1 proposal:
  • Object.iterateKeys
  • Object.iterateValues
  • Object.iterateEntries

3.4.8 - 2019.12.09

• Added one more workaround for broken in previous versions inspectSource helper, #719
• Added Opera Mobile compat data
• Updated Samsung Internet, iOS, old Node and Android compat data mapping
• es.string.match-all marked as completely supported in FF73
• Generate core-js-compat/modules since often we need just the list of core-js modules

• 78f64eb Merge pull request #802 from slowcheetah/v3.6.5
• d73658c 3.6.5
• d986c21 Merge pull request #795 from slowcheetah/postinstall
• 5a5cdde Postinstall refactoring
• afbc45c Merge pull request #794 from slowcheetah/dron
• f8dcaa3 Disable ads on Drone CI
• 57dc2fe Merge pull request #791 from slowcheetah/browserlist
• d0ecbe3 Browserlist update
• 1ffee4f Merge pull request #788 from scottarc/patch-3
• 2ac6382 Merge pull request #787 from scottarc/patch-2
• Additional commits viewable in compare view

This version was pushed to npm by slowcheetah, a new releaser for core-js since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Sourced from json5's releases.

v2.2.3

• Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

Sourced from json5's changelog.

v2.2.3 [code, diff]

• Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

• New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

• c3a7524 2.2.3
• 94fd06d docs: update CHANGELOG for v2.2.3
• 3b8cebf docs(security): use GitHub security advisories
• f0fd9e1 docs: publish a security policy
• 6a91a05 docs(template): bug -> bug report
• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• Additional commits viewable in compare view

Sourced from @​angular-devkit/build-angular's releases.

v15.0.4

15.0.4 (2022-12-14)

@​angular-devkit/build-angular

Commit	Description
	display actionable error when a style does not exist in Karma builder
	downlevel class private methods when targeting Safari <=v15
	include sources in generated Sass source maps
	only set ngDevMode when script optimizations are enabled
	update css-loader to 6.7.3
	update locale setting snippet to use globalThis.

Special Thanks

Alan Agius and Charles Lyding

v15.0.3

15.0.3 (2022-12-07)

@​angular-devkit/build-angular

Commit	Description
	default preserve symlinks to Node.js value for esbuild
	downlevel class fields with Safari <= v15 for esbuild
	downlevel class properties when targeting Safari <=v15
	prevent optimization adding unsupported ECMASCript features

Special Thanks

Charles Lyding, Dominic Elm and Paul Gschwendtner

v15.0.2

15.0.2 (2022-11-30)

@​angular-devkit/build-angular

Commit	Description
	correctly set Sass quietDeps and verbose options

@​ngtools/webpack

Commit	Description
	elide unused type references

Special Thanks

Alan Agius and Juuso Valkeejärvi

v15.0.1

15.0.1 (2022-11-23)

@​schematics/angular

Commit	Description
	show warning when a TS Config is not found during migrations

@​angular/cli

... (truncated)

Sourced from @​angular-devkit/build-angular's changelog.

15.0.4 (2022-12-14)

@​angular-devkit/build-angular

Commit	Type	Description
ccc8e0350	fix	display actionable error when a style does not exist in Karma builder
507f756c3	fix	downlevel class private methods when targeting Safari <=v15
a0da91dba	fix	include sources in generated
9fd356234	fix	only set ngDevMode when script optimizations are enabled
8e85f4728	fix	update css-loader to 6.7.3
b2d4415ca	fix	update locale setting snippet to use globalThis.

Special Thanks

Alan Agius and Charles Lyding

15.1.0-next.2 (2022-12-08)

@​schematics/angular

Commit	Type	Description
5b18ce154	feat	add guardType as an alias of implements in guard schematic
49b313f27	fix	add missing import for functional interceptor spec
2f92fe7e5	fix	add missing semicolon in functional guard/resolver/interceptor

@​angular-devkit/build-angular

Commit	Type	Description
97716969c	fix	default preserve symlinks to Node.js value for esbuild
cf2f30afc	fix	downlevel class fields with Safari <= v15 for esbuild
25eaaa24b	fix	downlevel class properties when targeting Safari <=v15
7a063238b	fix	explicitly send options to JS transformer workers
ef99a68b4	fix	prevent optimization adding unsupported ECMASCript features

Special Thanks

Alan Agius, Charles Lyding, Cédric Exbrayat, Dominic Elm, Doug Parker and Paul Gschwendtner

15.0.3 (2022-12-07)

... (truncated)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from @​angular/cli's releases.

v15.0.4

15.0.4 (2022-12-14)

@​angular-devkit/build-angular

Commit	Description
	display actionable error when a style does not exist in Karma builder
	downlevel class private methods when targeting Safari <=v15
	include sources in generated
	only set ngDevMode when script optimizations are enabled
	update css-loader to 6.7.3
	update locale setting snippet to use globalThis.

Special Thanks

Alan Agius and Charles Lyding

v15.0.3

15.0.3 (2022-12-07)

@​angular-devkit/build-angular

Commit	Description
	default preserve symlinks to Node.js value for esbuild
	downlevel class fields with Safari <= v15 for esbuild
	downlevel class properties when targeting Safari <=v15
	prevent optimization adding unsupported ECMASCript features

Special Thanks

Charles Lyding, Dominic Elm and Paul Gschwendtner

v15.0.2

15.0.2 (2022-11-30)

@​angular-devkit/build-angular

Commit	Description
	correctly set Sass quietDeps and verbose options

@​ngtools/webpack

Commit	Description
	elide unused type references

Special Thanks

Alan Agius and Juuso Valkeejärvi

v15.0.1

15.0.1 (2022-11-23)

@​schematics/angular

Commit	Description
	show warning when a TS Config is not found during migrations

@​angular/cli

... (truncated)

Sourced from @​angular/cli's changelog.

15.0.4 (2022-12-14)

@​angular-devkit/build-angular

Commit	Type	Description
ccc8e0350	fix	display actionable error when a style does not exist in Karma builder
507f756c3	fix	downlevel class private methods when targeting Safari <=v15
a0da91dba	fix	include sources in generated Sass source maps
9fd356234	fix	only set ngDevMode when script optimizations are enabled
8e85f4728	fix	update css-loader to 6.7.3
b2d4415ca	fix	update locale setting snippet to use globalThis.

Special Thanks

Alan Agius and Charles Lyding

15.0.3 (2022-12-07)

@​angular-devkit/build-angular

Commit	Type	Description
3d9971edb	fix	default preserve symlinks to Node.js value for esbuild
24f4b51d2	fix	downlevel class fields with Safari <= v15 for esbuild
45afc42db	fix	downlevel class properties when targeting Safari <=v15
e6461badf	fix	prevent optimization adding unsupported ECMASCript features

Special Thanks

Charles Lyding, Dominic Elm and Paul Gschwendtner

15.0.2 (2022-11-30)

@​angular-devkit/build-angular

Commit	Type	Description
2891d5bc9	fix	correctly set Sass quietDeps and verbose options

@​ngtools/webpack

... (truncated)

• 8771258 release: cut the v15.0.4 release
• 8e85f47 fix(@​angular-devkit/build-angular): update css-loader to 6.7.3
• 9fd3562 fix(@​angular-devkit/build-angular): only set ngDevMode when script optimizati...
• ccc8e03 fix(@​angular-devkit/build-angular): display actionable error when a style doe...
• 507f756 fix(@​angular-devkit/build-angular): downlevel class private methods when targ...
• b2d4415 fix(@​angular-devkit/build-angular): update locale setting snippet to use `glo...
• a0da91d fix(@​angular-devkit/build-angular): include sources in generated
• eb2a73a release: cut the v15.0.3 release
• 3d9971e fix(@​angular-devkit/build-angular): default preserve symlinks to Node.js valu...
• 24f4b51 fix(@​angular-devkit/build-angular): downlevel class fields with Safari <= v15...
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from @​angular/language-service's releases.

v15.0.4

15.0.4 (2022-12-14)

animations

Commit	Description
	fix incorrect handling of camel-case css properties (#48436)

common

Commit	Description
	Fix TestBed.overrideProvider type to include multi (#48424)
	Update Location to get a normalized URL valid in case a represented URL starts with the substring equals APP_BASE_HREF (#48394)

compiler-cli

Commit	Description
	evaluate const tuple types statically (#48091)

Special Thanks

Alan Agius, Andrew Kushnir, Andrew Scott, Aristeidis Bampakos, Bob Watson, BrowserPerson, Jens, Jessica Janiuk, Joey Perrott, JoostK, Konstantin Kharitonov, Lukas Matta, Piotr Kowalski, Virginia Dooley, Yannick Baron, dario-piotrowicz, lsst25, piyush132000 and why520crazy

v15.0.3

15.0.3 (2022-12-07)

common

Commit	Description
	Don't generate srcsets with very large sources (#47997)
	Update Location to support base href containing origin (#48327)

compiler

Commit	Description
	make sure selectors inside container queries are correctly scoped (#48353)

compiler-cli

Commit	Description
	Produce diagnostic rather than crash when using invalid hostDirective (#48314)

core

Commit	Description
	unable to inject ChangeDetectorRef inside host directives (#48355)

Special Thanks

Alan Agius, Alex Castle, Andrew Kushnir, Andrew Scott, Bob Watson, Derek Cormier, Joey Perrott, Konstantin Kharitonov, Kristiyan Kostadinov, Paul Gschwendtner, Pawel Kozlowski, dario-piotrowicz and piyush132000

v15.0.2

15.0.2 (2022-11-30)

compiler-cli

Commit	Description
	accept inheriting the constructor from a class in a library (#48156)

Special Thanks

... (truncated)

Sourced from @​angular/language-service's changelog.

15.0.4 (2022-12-14)

animations

Commit	Type	Description
6c1064c72f	fix	fix incorrect handling of camel-case css properties (#48436)

common

Commit	Type	Description
f30d18a942	fix	Fix TestBed.overrideProvider type to include multi (#48424)

compiler-cli

Commit	Type	Description
b55d2dab5d	fix	evaluate const tuple types statically (#48091)

Special Thanks

Alan Agius, Andrew Kushnir, Andrew Scott, Aristeidis Bampakos, Bob Watson, BrowserPerson, Jens, Jessica Janiuk, Joey Perrott, JoostK, Konstantin Kharitonov, Lukas Matta, Piotr Kowalski, Virginia Dooley, Yannick Baron, dario-piotrowicz, lsst25, piyush132000 and why520crazy

15.1.0-next.2 (2022-12-07)

common

Commit	Type	Description
8e52ca2714	fix	Don't generate srcsets with very large sources (#47997)
f8ecc194e9	fix	Update Location to support base href containing origin (#48327)

compiler

Commit	Type	Description
4c023956d8	fix	make sure selectors inside container queries are correctly scoped (#48353)

compiler-cli

Commit	Type	Description
27eaded62d	fix	Produce diagnostic rather than crash when using invalid hostDirective (#48314)

core

Commit	Type	Description
38421578a2	feat	Make the isStandalone() function available in public API (#48114)
dd42974b07	feat	support TypeScript 4.9 (#48005)
5f9c7ceb90	fix	unable to inject ChangeDetectorRef inside host directives (#48355)

Special Thanks

Alan Agius, Alex Castle, Andrew Kushnir, Andrew Scott, Bob Watson, Charles Lyding, Derek Cormier, Joey Perrott, Konstantin Kharitonov, Kristiyan Kostadinov, Matthieu Riegler, Paul Gschwendtner, Pawel Kozlowski, dario-piotrowicz, piyush132000 and sr5434

15.0.3 (2022-12-07)

common

Commit	Type	Description
50b1c2bf52	fix	Don't generate srcsets with very large sources (#47997)

... (truncated)

• 665d465 refactor(language-service): make selector nullable (#48193)
• 500acfc build(bazel): create AIO example playgrounds for manual testing
• 8d24a91 build(bazel): refactor aio example e2es to fix windows performance
• a36034a build(bazel): stamp targets to build, test, and serve aio against
• 12855f3 build(bazel): incrementally run aio example e2e tests
• cc8b76e fix(language-service): correctly handle host directive inputs/outputs (#48147)
• a8c33bf fix(language-service): update packages/language-service/build.sh script to wo...
• 1b9fd46 feat(core): add support for Node.js version 18 (#47730)
• bebef5f feat(language-service): Quick fix to import a component when its selector is ...
• 3783ee0 refactor(compiler): Rename DirectiveInScope -> PotentialDirective (#47561)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from express's releases.

4.18.2

• Fix regression routing a large stack in a single route
• deps: [email protected]
  • deps: [email protected]
  • perf: remove unnecessary object clone
• deps: [email protected]

4.18.1

• Fix hanging on large stack of sync routes

4.18.0

• Add "root" option to res.download
• Allow options without filename in res.download
• Deprecate string and non-integer arguments to res.status
• Fix behavior of null/undefined as maxAge in res.cookie
• Fix handling very large stacks of sync middleware
• Ignore Object.prototype values in settings through app.set/app.get
• Invoke default with same arguments as types in res.format
• Support proper 205 responses using res.send
• Use http-errors for res.format error
• deps: [email protected]
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
• deps: [email protected]
  • Add priority option
  • Fix expires option to reject invalid dates
• deps: [email protected]
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: [email protected]
  • Remove set content headers that break response
  • deps: [email protected]
  • deps: [email protected]
• deps: [email protected]
  • Prevent loss of async hooks context
• deps: [email protected]
• deps: [email protected]
  • Fix emitted 416 error missing headers property
  • Limit the headers removed for 304 response
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]

... (truncated)

Sourced from express's changelog.

4.18.2 / 2022-10-08

• Fix regression routing a large stack in a single route
• deps: [email protected]
  • deps: [email protected]
  • perf: remove unnecessary object clone
• deps: [email protected]

4.18.1 / 2022-04-29

• Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

• Add "root" option to res.download
• Allow options without filename in res.download
• Deprecate string and non-integer arguments to res.status
• Fix behavior of null/undefined as maxAge in res.cookie
• Fix handling very large stacks of sync middleware
• Ignore Object.prototype values in settings through app.set/app.get
• Invoke default with same arguments as types in res.format
• Support proper 205 responses using res.send
• Use http-errors for res.format error
• deps: [email protected]
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
• deps: [email protected]
  • Add priority option
  • Fix expires option to reject invalid dates
• deps: [email protected]
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: [email protected]
  • Remove set content headers that break response
  • deps: [email protected]
  • deps: [email protected]
• deps: [email protected]
  • Prevent loss of async hooks context
• deps: [email protected]
• deps: [email protected]

... (truncated)

• 8368dc1 4.18.2
• 61f4049 docs: replace Freenode with Libera Chat
• bb7907b build: [email protected]
• f56ce73 build: [email protected]
• 24b3dc5 deps: [email protected]
• 689d175 deps: [email protected]
• 340be0f build: [email protected]
• 33e8dc3 docs: use Node.js name style
• 644f646 build: [email protected]
• ecd7572 build: [email protected]
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from qs's changelog.

6.5.3

• [Fix] parse: ignore __proto__ keys (#428)
• [Fix] utils.merge`: avoid a crash with a null target and a truthy non-array source
• [Fix] correctly parse nested arrays
• [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
• [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
• [Fix] when parseArrays is false, properly handle keys ending in []
• [Fix] fix for an impossible situation: when the formatter is called with a non-string value
• [Fix] utils.merge: avoid a crash with a null target and an array source
• [Refactor] utils: reduce observable [[Get]]s
• [Refactor] use cached Array.isArray
• [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
• [Refactor] parse: only need to reassign the var once
• [Robustness] stringify: avoid relying on a global undefined (#427)
• [readme] remove travis badge; add github actions/codecov badges; update URLs
• [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
• [Docs] Clarify the need for "arrayLimit" option
• [meta] fix README.md (#399)
• [meta] add FUNDING.yml
• [actions] backport actions from main
• [Tests] always use String(x) over x.toString()
• [Tests] remove nonexistent tape option
• [Dev Deps] backport from main

• 298bfa5 v6.5.3
• ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
• 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
• 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
• 12ac1c4 [meta] fix README.md (#399)
• 0338716 [actions] backport actions from main
• 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
• 51b8a0b add FUNDING.yml
• 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
• f814a7f [Dev Deps] backport from main
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.