Releases: yahoo/serialize-javascript
Releases · yahoo/serialize-javascript
Release list
v7.0.7
v7.0.6
What's Changed
- build(deps-dev): bump lodash from 4.17.23 to 4.18.1 by @dependabot[bot] in #215
- fix: reject spoofed URL objects with non-string toString() result by @redonkulus in #217
- release: v7.0.6 by @okuryu in #221
Full Changelog: v7.0.5...v7.0.6
v7.0.5
Fixes
- Improve robustness and validation for array-like object serialization.
- Fix an issue where certain object structures could lead to excessive CPU usage.
For more details, please see GHSA-qj8w-gfj5-8c6v.
v7.0.4
v7.0.3
- fix(CVE-2020-7660): fix for RegExp.flags and Date.prototype.toISOString (#207) 2e609d0
- build(deps-dev): bump lodash from 4.17.21 to 4.17.23 (#206) 42b7cdb
v7.0.2
v7.0.1
What's Changed
- Add warning about using this package to send arbitrary data to worker threads by @valadaptive in #200
- security: sanitize function bodies by @redonkulus in #199
- docs: tweak README by @okuryu in #201
- release: v7.0.1 by @okuryu in #202
New Contributors
- @redonkulus made their first contribution in #199
Full Changelog: v7.0.0...v7.0.1
v7.0.0
Breaking Changes
- requires Node.js v20+
What's Changed
- Bump mocha from 10.2.0 to 10.4.0 by @dependabot[bot] in #178
- Bump mocha from 10.4.0 to 10.5.2 by @dependabot[bot] in #183
- Bump nyc from 15.1.0 to 17.0.0 by @dependabot[bot] in #184
- Bump braces from 3.0.2 to 3.0.3 by @dependabot[bot] in #181
- Bump mocha from 10.5.2 to 10.7.0 by @dependabot[bot] in #185
- Bump mocha from 10.7.0 to 10.7.3 by @dependabot[bot] in #186
- Bump nyc from 17.0.0 to 17.1.0 by @dependabot[bot] in #187
- Bump mocha from 10.7.3 to 10.8.2 by @dependabot[bot] in #188
- feat: test on Node.js 22 and built-in test runner by @okuryu in #192
- Generate UID without randombytes dependency by @valadaptive in #196
- release: v7.0.0 by @okuryu in #197
New Contributors
- @valadaptive made their first contribution in #196
Full Changelog: v6.0.2...v7.0.0
v6.0.2
v6.0.1
What's Changed
- Bump mocha from 9.0.1 to 9.0.2 by @dependabot in #126
- Bump mocha from 9.0.2 to 9.0.3 by @dependabot in #127
- Bump path-parse from 1.0.6 to 1.0.7 by @dependabot in #129
- Bump mocha from 9.0.3 to 9.1.0 by @dependabot in #130
- Bump mocha from 9.1.0 to 9.1.1 by @dependabot in #131
- Bump mocha from 9.1.1 to 9.1.2 by @dependabot in #132
- Bump mocha from 9.1.2 to 9.1.3 by @dependabot in #133
- Bump mocha from 9.1.3 to 9.1.4 by @dependabot in #137
- Bump mocha from 9.1.4 to 9.2.0 by @dependabot in #138
- Bump chai from 4.3.4 to 4.3.6 by @dependabot in #140
- Bump ansi-regex from 5.0.0 to 5.0.1 by @dependabot in #141
- Bump mocha from 9.2.0 to 9.2.2 by @dependabot in #143
- Bump minimist from 1.2.5 to 1.2.6 by @dependabot in #144
- Bump mocha from 9.2.2 to 10.0.0 by @dependabot in #145
- Bump mocha from 10.0.0 to 10.1.0 by @dependabot in #149
- Bump chai from 4.3.6 to 4.3.7 by @dependabot in #150
- ci: test.yml - actions bump by @piwysocki in #151
- Bump minimatch from 3.0.4 to 3.1.2 by @dependabot in #152
- Bump mocha from 10.1.0 to 10.2.0 by @dependabot in #153
- Bump json5 from 2.1.3 to 2.2.3 by @dependabot in #155
- Fix serialization issue for 0n. by @momocow in #156
- Release v6.0.1 by @okuryu in #157
New Contributors
- @piwysocki made their first contribution in #151
- @momocow made their first contribution in #156
Full Changelog: v6.0.0...v6.0.1