Skip to content

Commit 4485373

Browse files
jordighjordigh
authored
Update CHANGELOG.md
1 parent a1aec3a commit 4485373

File tree

1 file changed

+5
-244
lines changed

1 file changed

+5
-244
lines changed

CHANGELOG.md

Lines changed: 5 additions & 244 deletions
Original file line numberDiff line numberDiff line change
@@ -1,251 +1,12 @@
11
### v9.0.1 (2023-06-21)
22

3-
--- NOTES NEEDS REVIEW ---
4-
Updated the slack invite link
5-
--------------------------
6-
7-
Updated semver to 7.5.2.
8-
3+
* Updated the slack invite link
4+
* Updated semver to 7.5.2.
95
* Updated README links to point to new forum link due to repolinter ruleset change
10-
11-
--- NOTES NEEDS REVIEW ---
12-
Bumps [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) from 0.4.19 to 0.5.0.
13-
<details>
14-
<summary>Commits</summary>
15-
<ul>
16-
<li><a href="https://github.com/Leonidas-from-XIV/node-xml2js/commit/9f730bb5001331b4398909db98c80220eb9577f7"><code>9f730bb</code></a> Update package.json with latest PR</li>
17-
<li><a href="https://github.com/Leonidas-from-XIV/node-xml2js/commit/50a492aef9729b8b9b291c5cb2746ec7dc1369db"><code>50a492a</code></a> Merge pull request <a href="https://redirect.github.com/Leonidas-from-XIV/node-xml2js/issues/603">#603</a> from autopulated/master</li>
18-
<li><a href="https://github.com/Leonidas-from-XIV/node-xml2js/commit/7bc3c5d74cf66429dfb804626f3099a17dea1691"><code>7bc3c5d</code></a> Merge pull request <a href="https://redirect.github.com/Leonidas-from-XIV/node-xml2js/issues/598">#598</a> from fnimick/master</li>
19-
<li><a href="https://github.com/Leonidas-from-XIV/node-xml2js/commit/f412a128b6d68c93d0cea44289484e5102b557f4"><code>f412a12</code></a> Merge pull request <a href="https://redirect.github.com/Leonidas-from-XIV/node-xml2js/issues/635">#635</a> from wisesimpson/patch-1</li>
20-
<li><a href="https://github.com/Leonidas-from-XIV/node-xml2js/commit/d318ce0ad8e44971d8334c21f91a68ebbdc80466"><code>d318ce0</code></a> Update README.md</li>
21-
<li><a href="https://github.com/Leonidas-from-XIV/node-xml2js/commit/581b19a62d88f8a3c068b5a45f4542c2d6a495a5"><code>581b19a</code></a> use Object.create(null) to create all parsed objects (prevent prototype repla...</li>
22-
<li><a href="https://github.com/Leonidas-from-XIV/node-xml2js/commit/a21295009e4cbc1f9847bdff0f9b933b5005e690"><code>a212950</code></a> Add documentation for <code>explicitCharkey</code> option</li>
23-
<li><a href="https://github.com/Leonidas-from-XIV/node-xml2js/commit/1832e0b6b2de30a5e326d1cf21708cd32305a538"><code>1832e0b</code></a> Merge pull request <a href="https://redirect.github.com/Leonidas-from-XIV/node-xml2js/issues/512">#512</a> from economia/master</li>
24-
<li><a href="https://github.com/Leonidas-from-XIV/node-xml2js/commit/198063c4d5e051e3c58349a05354b255ef8bd63c"><code>198063c</code></a> Merge pull request <a href="https://redirect.github.com/Leonidas-from-XIV/node-xml2js/issues/556">#556</a> from Omega-Ariston/fix-issue544</li>
25-
<li><a href="https://github.com/Leonidas-from-XIV/node-xml2js/commit/0d717852434131746d4efe147eecfcc1ebb7f4a8"><code>0d71785</code></a> Merge pull request <a href="https://redirect.github.com/Leonidas-from-XIV/node-xml2js/issues/562">#562</a> from Omega-Ariston/addDocExample</li>
26-
<li>Additional commits viewable in <a href="https://github.com/Leonidas-from-XIV/node-xml2js/compare/0.4.19...0.5.0">compare view</a></li>
27-
</ul>
28-
</details>
29-
<br />
30-
31-
32-
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=xml2js&package-manager=npm_and_yarn&previous-version=0.4.19&new-version=0.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
33-
34-
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
35-
36-
[//]: # (dependabot-automerge-start)
37-
[//]: # (dependabot-automerge-end)
38-
39-
---
40-
41-
<details>
42-
<summary>Dependabot commands and options</summary>
43-
<br />
44-
45-
You can trigger Dependabot actions by commenting on this PR:
46-
- `@dependabot rebase` will rebase this PR
47-
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
48-
- `@dependabot merge` will merge this PR after your CI passes on it
49-
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
50-
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
51-
- `@dependabot reopen` will reopen this PR if it is closed
52-
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
53-
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
54-
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
55-
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
56-
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/newrelic/node-native-metrics/network/alerts).
57-
58-
</details>
59-
--------------------------
60-
61-
* Update README header image to latest OSS office required images
62-
63-
--- NOTES NEEDS REVIEW ---
64-
# Proposed release notes
65-
66-
* update nan to version 2.17.0
67-
68-
# Snyk has created this PR to upgrade nan from 2.16.0 to 2.17.0.
69-
70-
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
71-
--------------------------
72-
73-
--- NOTES NEEDS REVIEW ---
74-
# Proposed release notes
75-
76-
* Update https-proxy-agent to 5.0.1
77-
78-
# Snyk has created this PR to upgrade https-proxy-agent from 5.0.0 to 5.0.1.
79-
80-
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
81-
--------------------------
82-
83-
--- NOTES NEEDS REVIEW ---
84-
Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.2.
85-
<details>
86-
<summary>Release notes</summary>
87-
<p><em>Sourced from <a href="https://github.com/json5/json5/releases">json5's releases</a>.</em></p>
88-
<blockquote>
89-
<h2>v2.2.2</h2>
90-
<ul>
91-
<li>Fix: Properties with the name <code>__proto__</code> are added to objects and arrays.
92-
(<a href="https://github-redirect.dependabot.com/json5/json5/issues/199">#199</a>) This also fixes a prototype pollution vulnerability reported by
93-
Jonathan Gregson! (<a href="https://github-redirect.dependabot.com/json5/json5/issues/295">#295</a>).</li>
94-
</ul>
95-
</blockquote>
96-
</details>
97-
<details>
98-
<summary>Changelog</summary>
99-
<p><em>Sourced from <a href="https://github.com/json5/json5/blob/main/CHANGELOG.md">json5's changelog</a>.</em></p>
100-
<blockquote>
101-
<h3>v2.2.2 [<a href="https://github.com/json5/json5/tree/v2.2.2">code</a>, <a href="https://github.com/json5/json5/compare/v2.2.1...v2.2.2">diff</a>]</h3>
102-
<ul>
103-
<li>Fix: Properties with the name <code>__proto__</code> are added to objects and arrays.
104-
(<a href="https://github-redirect.dependabot.com/json5/json5/issues/199">#199</a>) This also fixes a prototype pollution vulnerability reported by
105-
Jonathan Gregson! (<a href="https://github-redirect.dependabot.com/json5/json5/issues/295">#295</a>).</li>
106-
</ul>
107-
</blockquote>
108-
</details>
109-
<details>
110-
<summary>Commits</summary>
111-
<ul>
112-
<li><a href="https://github.com/json5/json5/commit/14f8cb186e8abdfaccf6527171da7b1224374650"><code>14f8cb1</code></a> 2.2.2</li>
113-
<li><a href="https://github.com/json5/json5/commit/10cc7ca9169b59c5e0f5afc03dbd870cd06bcc46"><code>10cc7ca</code></a> docs: update CHANGELOG for v2.2.2</li>
114-
<li><a href="https://github.com/json5/json5/commit/7774c1097993bc3ce9f0ac4b722a32bf7d6871c8"><code>7774c10</code></a> fix: add <strong>proto</strong> to objects and arrays</li>
115-
<li><a href="https://github.com/json5/json5/commit/edde30abd8b22facf2c06c72586b9f6edf12700d"><code>edde30a</code></a> Readme: slight tweak to intro</li>
116-
<li><a href="https://github.com/json5/json5/commit/97286f8bd542c89dcee096bc05dd28ed2dfc1e16"><code>97286f8</code></a> Improve example in readme</li>
117-
<li><a href="https://github.com/json5/json5/commit/d720b4fe4ad800b726da6b0f43c8454c4310fe8d"><code>d720b4f</code></a> Improve readme (e.g. explain JSON5 better!) (<a href="https://github-redirect.dependabot.com/json5/json5/issues/291">#291</a>)</li>
118-
<li><a href="https://github.com/json5/json5/commit/910ce25914ed366a39a610b17bcd581b5da02d32"><code>910ce25</code></a> docs: fix spelling of Aseem</li>
119-
<li><a href="https://github.com/json5/json5/commit/2aab4dd2a7c212dd4af7b91f29aa315c20251b92"><code>2aab4dd</code></a> test: require tap as t in cli tests</li>
120-
<li><a href="https://github.com/json5/json5/commit/6d426865cec0ba7e20d4a98341e61cf26176b8fb"><code>6d42686</code></a> test: remove mocha syntax from tests</li>
121-
<li><a href="https://github.com/json5/json5/commit/4798b9dbde850c8e84e59ac58ba2894ef184434d"><code>4798b9d</code></a> docs: update installation and usage for modules</li>
122-
<li>Additional commits viewable in <a href="https://github.com/json5/json5/compare/v2.2.1...v2.2.2">compare view</a></li>
123-
</ul>
124-
</details>
125-
<br />
126-
127-
128-
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json5&package-manager=npm_and_yarn&previous-version=2.2.1&new-version=2.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
129-
130-
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
131-
132-
[//]: # (dependabot-automerge-start)
133-
[//]: # (dependabot-automerge-end)
134-
135-
---
136-
137-
<details>
138-
<summary>Dependabot commands and options</summary>
139-
<br />
140-
141-
You can trigger Dependabot actions by commenting on this PR:
142-
- `@dependabot rebase` will rebase this PR
143-
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
144-
- `@dependabot merge` will merge this PR after your CI passes on it
145-
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
146-
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
147-
- `@dependabot reopen` will reopen this PR if it is closed
148-
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
149-
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
150-
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
151-
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
152-
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
153-
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
154-
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
155-
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
156-
157-
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/newrelic/node-native-metrics/network/alerts).
158-
159-
</details>
160-
--------------------------
161-
6+
* Updated [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) to 0.5.0.
7+
* Updated [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.2.
1628
* Added lockfile checks to CI workflow to prevent malicious changes
163-
164-
--- NOTES NEEDS REVIEW ---
165-
Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3.
166-
<details>
167-
<summary>Changelog</summary>
168-
<p><em>Sourced from <a href="https://github.com/ljharb/qs/blob/main/CHANGELOG.md">qs's changelog</a>.</em></p>
169-
<blockquote>
170-
<h2><strong>6.5.3</strong></h2>
171-
<ul>
172-
<li>[Fix] <code>parse</code>: ignore <code>__proto__</code> keys (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/428">#428</a>)</li>
173-
<li>[Fix]<code> </code>utils.merge`: avoid a crash with a null target and a truthy non-array source</li>
174-
<li>[Fix] correctly parse nested arrays</li>
175-
<li>[Fix] <code>stringify</code>: fix a crash with <code>strictNullHandling</code> and a custom <code>filter</code>/<code>serializeDate</code> (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/279">#279</a>)</li>
176-
<li>[Fix] <code>utils</code>: <code>merge</code>: fix crash when <code>source</code> is a truthy primitive &amp; no options are provided</li>
177-
<li>[Fix] when <code>parseArrays</code> is false, properly handle keys ending in <code>[]</code></li>
178-
<li>[Fix] fix for an impossible situation: when the formatter is called with a non-string value</li>
179-
<li>[Fix] <code>utils.merge</code>: avoid a crash with a null target and an array source</li>
180-
<li>[Refactor] <code>utils</code>: reduce observable [[Get]]s</li>
181-
<li>[Refactor] use cached <code>Array.isArray</code></li>
182-
<li>[Refactor] <code>stringify</code>: Avoid arr = arr.concat(...), push to the existing instance (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/269">#269</a>)</li>
183-
<li>[Refactor] <code>parse</code>: only need to reassign the var once</li>
184-
<li>[Robustness] <code>stringify</code>: avoid relying on a global <code>undefined</code> (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/427">#427</a>)</li>
185-
<li>[readme] remove travis badge; add github actions/codecov badges; update URLs</li>
186-
<li>[Docs] Clean up license text so it’s properly detected as BSD-3-Clause</li>
187-
<li>[Docs] Clarify the need for &quot;arrayLimit&quot; option</li>
188-
<li>[meta] fix README.md (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/399">#399</a>)</li>
189-
<li>[meta] add FUNDING.yml</li>
190-
<li>[actions] backport actions from main</li>
191-
<li>[Tests] always use <code>String(x)</code> over <code>x.toString()</code></li>
192-
<li>[Tests] remove nonexistent tape option</li>
193-
<li>[Dev Deps] backport from main</li>
194-
</ul>
195-
</blockquote>
196-
</details>
197-
<details>
198-
<summary>Commits</summary>
199-
<ul>
200-
<li><a href="https://github.com/ljharb/qs/commit/298bfa55d6db00ddea78dd0333509aadf9bb3077"><code>298bfa5</code></a> v6.5.3</li>
201-
<li><a href="https://github.com/ljharb/qs/commit/ed0f5dcbef4b168a8ae299d78b1e4a2e9b1baf1f"><code>ed0f5dc</code></a> [Fix] <code>parse</code>: ignore <code>__proto__</code> keys (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/428">#428</a>)</li>
202-
<li><a href="https://github.com/ljharb/qs/commit/691e739cfa40cd42604dc05a54e6154371a429ab"><code>691e739</code></a> [Robustness] <code>stringify</code>: avoid relying on a global <code>undefined</code> (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/427">#427</a>)</li>
203-
<li><a href="https://github.com/ljharb/qs/commit/1072d57d38a690e1ad7616dced44390bffedcbb2"><code>1072d57</code></a> [readme] remove travis badge; add github actions/codecov badges; update URLs</li>
204-
<li><a href="https://github.com/ljharb/qs/commit/12ac1c403aaa04d1a34844f514ed9f9abfb76e64"><code>12ac1c4</code></a> [meta] fix README.md (<a href="https://github-redirect.dependabot.com/ljharb/qs/issues/399">#399</a>)</li>
205-
<li><a href="https://github.com/ljharb/qs/commit/0338716b09fdbd4711823eeb0a14e556a2498e7a"><code>0338716</code></a> [actions] backport actions from main</li>
206-
<li><a href="https://github.com/ljharb/qs/commit/5639c20ce0a7c1332200a3181339331483e5a3a1"><code>5639c20</code></a> Clean up license text so it’s properly detected as BSD-3-Clause</li>
207-
<li><a href="https://github.com/ljharb/qs/commit/51b8a0b1b213596dd1702b837f5e7dec2229793d"><code>51b8a0b</code></a> add FUNDING.yml</li>
208-
<li><a href="https://github.com/ljharb/qs/commit/45f675936e742d92fac8d4dae5cfc385c576a977"><code>45f6759</code></a> [Fix] fix for an impossible situation: when the formatter is called with a no...</li>
209-
<li><a href="https://github.com/ljharb/qs/commit/f814a7f8f2af059f8158f7e4b2bf8b46aeb62cd3"><code>f814a7f</code></a> [Dev Deps] backport from main</li>
210-
<li>Additional commits viewable in <a href="https://github.com/ljharb/qs/compare/v6.5.2...v6.5.3">compare view</a></li>
211-
</ul>
212-
</details>
213-
<br />
214-
215-
216-
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=qs&package-manager=npm_and_yarn&previous-version=6.5.2&new-version=6.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
217-
218-
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
219-
220-
[//]: # (dependabot-automerge-start)
221-
[//]: # (dependabot-automerge-end)
222-
223-
---
224-
225-
<details>
226-
<summary>Dependabot commands and options</summary>
227-
<br />
228-
229-
You can trigger Dependabot actions by commenting on this PR:
230-
- `@dependabot rebase` will rebase this PR
231-
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
232-
- `@dependabot merge` will merge this PR after your CI passes on it
233-
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
234-
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
235-
- `@dependabot reopen` will reopen this PR if it is closed
236-
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
237-
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
238-
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
239-
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
240-
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
241-
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
242-
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
243-
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
244-
245-
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/newrelic/node-native-metrics/network/alerts).
246-
247-
</details>
248-
--------------------------
9+
* Updated [qs](https://github.com/ljharb/qs) to 6.5.3.
24910

25011
### v9.0.0 (2022-08-01)
25112

0 commit comments

Comments
 (0)