Sourced from guzzlehttp/guzzle's releases.

Release 7.4.4

See change log for changes.

Release 7.4.3

See change log for changes.

Release 7.4.2

See change log for changes.

Release 7.4.1

See change log for changes.

Release 7.4.0

See change log for changes.

Sourced from guzzlehttp/guzzle's changelog.

7.4.4 - 2022-06-09

• Fix failure to strip Authorization header on HTTP downgrade
• Fix failure to strip the Cookie header on change in host or HTTP downgrade

7.4.3 - 2022-05-25

• Fix cross-domain cookie leakage

7.4.2 - 2022-03-20

Fixed

• Remove curl auth on cross-domain redirects to align with the Authorization HTTP header
• Reject non-HTTP schemes in StreamHandler
• Set a default ssl.peer_name context in StreamHandler to allow force_ip_resolve

7.4.1 - 2021-12-06

Changed

• Replaced implicit URI to string coercion #2946
• Allow symfony/deprecation-contracts version 3 #2961

Fixed

• Only close curl handle if it's done #2950

7.4.0 - 2021-10-18

Added

• Support PHP 8.1 #2929, #2939
• Support psr/log version 2 and 3 #2943

Fixed

• Make sure we always call restore_error_handler() #2915
• Fix progress parameter type compatibility between the cURL and stream handlers #2936
• Throw InvalidArgumentException when an incorrect headers array is provided #2916, #2942

Changed

• Be more strict with types #2914, #2917, #2919, #2945

• e3ff079 Release 7.4.4 (#3023)
• 74a8602 [7.x] Fix cross-domain cookie leakage (#3018)
• b720a2d Update docs from default_handler to HandlerStack::create (#3000)
• 82ca75f Update links in readme (#2997)
• ac1ec1c Release 7.4.2 (#2996)
• 8e4a4cd Set a default ssl.peer_name context in StreamHandler (#2988)
• be834db Reject non-HTTP schemes in StreamHandler (#2989)
• cc80b00 Remove curl auth on cross-domain redirects (#2845)
• 802ecc6 Fix comparison in testParseCookie (#2977)
• d12ecb1 Configure convertDeprecationsToExceptions="true" in phpunit.xml.dist (#2992)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from guzzlehttp/guzzle's releases.

Release 7.4.3

See change log for changes.

Release 7.4.2

See change log for changes.

Release 7.4.1

See change log for changes.

Release 7.4.0

See change log for changes.

Sourced from guzzlehttp/guzzle's changelog.

7.4.3 - 2022-05-25

• Fix cross-domain cookie leakage

7.4.2 - 2022-03-20

Fixed

• Remove curl auth on cross-domain redirects to align with the Authorization HTTP header
• Reject non-HTTP schemes in StreamHandler
• Set a default ssl.peer_name context in StreamHandler to allow force_ip_resolve

7.4.1 - 2021-12-06

Changed

• Replaced implicit URI to string coercion #2946
• Allow symfony/deprecation-contracts version 3 #2961

Fixed

• Only close curl handle if it's done #2950

7.4.0 - 2021-10-18

Added

• Support PHP 8.1 #2929, #2939
• Support psr/log version 2 and 3 #2943

Fixed

• Make sure we always call restore_error_handler() #2915
• Fix progress parameter type compatibility between the cURL and stream handlers #2936
• Throw InvalidArgumentException when an incorrect headers array is provided #2916, #2942

Changed

• Be more strict with types #2914, #2917, #2919, #2945

• 74a8602 [7.x] Fix cross-domain cookie leakage (#3018)
• b720a2d Update docs from default_handler to HandlerStack::create (#3000)
• 82ca75f Update links in readme (#2997)
• ac1ec1c Release 7.4.2 (#2996)
• 8e4a4cd Set a default ssl.peer_name context in StreamHandler (#2988)
• be834db Reject non-HTTP schemes in StreamHandler (#2989)
• cc80b00 Remove curl auth on cross-domain redirects (#2845)
• 802ecc6 Fix comparison in testParseCookie (#2977)
• d12ecb1 Configure convertDeprecationsToExceptions="true" in phpunit.xml.dist (#2992)
• 74ca2cb Pass int to &$still_running of curl_multi_exec (#2991)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from moment's changelog.

2.29.2 See full changelog

• Release Apr 3 2022

Address https://github.com/advisories/GHSA-8hfj-j24r-96c4

• 75e2ac5 Build 2.29.2
• 5a29877 Bump version to 2.29.2
• 4fd847b Update changelog for 2.29.2
• 4211bfc [bugfix] Avoid loading path-looking locales from fs
• f2a813a [misc] Fix indentation (according to prettier)
• 7a10de8 [test] Avoid hours around DST
• e968092 [locale] ar-ly: fix locale name (#5828)
• 53d7ee6 [misc] fix builds (#5836)
• 52019f1 [misc] Specify length of toArray return type (#5766)
• 0dcaaa6 [locale] tr: update translation of Monday and Saturday (#5756)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• 8b3f5f2 1.5.7
• ef45a13 [fix] Readd the empty userinfo to url.href (#226)
• 88df234 [doc] Add soft deprecation notice
• 78e9f2f [security] Fix nits
• e6fa434 [security] Add credits for incorrect handling of userinfo vulnerability
• 4c9fa23 1.5.6
• 7b0b8a6 Merge pull request #223 from unshiftio/fix/at-sign-handling-in-userinfo
• e4a5807 1.5.5
• 193b44b [minor] Simplify whitespace regex
• 319851b [fix] Remove CR, HT, and LF
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• 2ede36d Release version 1.14.7 of the npm package.
• 8b347cb Drop Cookie header across domains.
• 6f5029a Release version 1.14.6 of the npm package.
• af706be Ignore null headers.
• d01ab7a Release version 1.14.5 of the npm package.
• 40052ea Make compatible with Node 17.
• 86f7572 Fix: clear internal timer on request abort to avoid leakage
• 2e1eaf0 Keep Authorization header on subdomain redirects.
• 2ad9e82 Carry over Host header on relative redirects (#172)
• 77e2a58 Release version 1.14.4 of the npm package.
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from laravel/framework's releases.

v8.39.0

Added

• Added Illuminate\Collections\Collection::sole() method (#37034)
• Support url for php artisan db command (#37064)
• Added Illuminate\Foundation\Bus\DispatchesJobs::dispatchSync() (#37063)
• Added Illuminate\Cookie\CookieJar::expire() (#37072, fa3a14f)
• Added Illuminate\Database\DatabaseManager::setApplication() (#37068)
• Added Illuminate\Support\Stringable::whenNotEmpty() (#37080)
• Added Illuminate\Auth\SessionGuard::attemptWhen() (#37090, e3fcd97)
• Added password validation rule (#36960)

Fixed

• Fixed JsonResponse::fromJasonString() double encoding string (#37076)
• Fallback to primary key if owner key doesnt exist on model at all in MorphTo relation (a011109)
• Fixes for PHP 8.1 (#37087, #37101)
• Do not execute beforeSending callbacks twice in HTTP client (#37116)
• Fixed nullable values for required_if (#37128, 86fd558)

Changed

• Schedule list timezone command (#37117)

v8.38.0

Added

• Added a wordCount() string helper (#36990)
• Allow anonymous and class based migration coexisting (#37006)
• Added Illuminate\Broadcasting\Broadcasters\PusherBroadcaster::setPusher() (#37033)

Fixed

• Fixed required_if boolean validation (#36969)
• Correctly merge object payload data in Illuminate\Queue\Queue::createObjectPayload() (#36998)
• Allow the use of temporary views for Blade testing on Windows machines (#37044)
• Fixed Http::withBody() not being sent (#37057)

v8.37.0

Added

• Allow to retry jobs by queue name (#36898, f2d9b59, c351a30)
• Added strings to the DetectsLostConnections.php (4210258)
• Allow testing of Blade components that return closures (#36919)
• Added anonymous migrations (#36906)
• Added Session\Store::missing() method (#36937)
• Handle concurrent asynchronous requests in the HTTP client (#36948, 245a712)
• Added tinyText data type to Blueprint and to available database grammars (#36949)
• Added a method to remove a resolved view engine (#36955)
• Added Illuminate\Database\Eloquent\Model::getAttributesForInsert() protected method (9a9f59f, 314bf87)

Fixed

• Fixed clone() on EloquentBuilder (#36924)

Changed

... (truncated)

Sourced from laravel/framework's changelog.

Release Notes for 8.x

Unreleased

v8.39.0 (2021-04-27)

Added

• Added Illuminate\Collections\Collection::sole() method (#37034)
• Support url for php artisan db command (#37064)
• Added Illuminate\Foundation\Bus\DispatchesJobs::dispatchSync() (#37063)
• Added Illuminate\Cookie\CookieJar::expire() (#37072, fa3a14f)
• Added Illuminate\Database\DatabaseManager::setApplication() (#37068)
• Added Illuminate\Support\Stringable::whenNotEmpty() (#37080)
• Added Illuminate\Auth\SessionGuard::attemptWhen() (#37090, e3fcd97)
• Added password validation rule (#36960)

Fixed

• Fixed JsonResponse::fromJasonString() double encoding string (#37076)
• Fallback to primary key if owner key doesnt exist on model at all in MorphTo relation (a011109)
• Fixes for PHP 8.1 (#37087, #37101)
• Do not execute beforeSending callbacks twice in HTTP client (#37116)
• Fixed nullable values for required_if (#37128, 86fd558)

Changed

• Schedule list timezone command (#37117)

v8.38.0 (2021-04-20)

Added

• Added a wordCount() string helper (#36990)
• Allow anonymous and class based migration coexisting (#37006)
• Added Illuminate\Broadcasting\Broadcasters\PusherBroadcaster::setPusher() (#37033)

Fixed

• Fixed required_if boolean validation (#36969)
• Correctly merge object payload data in Illuminate\Queue\Queue::createObjectPayload() (#36998)
• Allow the use of temporary views for Blade testing on Windows machines (#37044)
• Fixed Http::withBody() not being sent (#37057)

v8.37.0 (2021-04-13)

Added

• Allow to retry jobs by queue name (#36898, f2d9b59, c351a30)
• Added strings to the DetectsLostConnections.php (4210258)
• Allow testing of Blade components that return closures (#36919)
• Added anonymous migrations (#36906)
• Added Session\Store::missing() method (#36937)

... (truncated)

• a654897 version
• 4f58620 add test
• 2c4fc81 Merge branch '6.x' into 8.x
• 09bf145 cast to int
• 3c2a0b8 Missing abort method added (#37150)
• 81330cf [8.x] Allow adding more jobs to a pending batch (#37151)
• 34aa326 Merge branch '6.x' into 8.x
• c9cb36a Merge remote-tracking branch 'upstream/8.x' into 8.x
• add0e98 [8.x] update changelog
• 74a79b2 [6.x] Fix Cache store with a name other than 'dynamodb' (#37145)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from laravel/framework's releases.

v8.24.0

Added

• Added JobQueued event (8eaec03, 5d572e7)

Fixed

• Fixed type error in Illuminate\Http\Concerns\InteractsWithContentTypes::isJson() (#35956)
• Fixed Illuminate\Collections\Collection::sortByMany() (#35950)
• Fixed Limit expected bindings (#35972, 006873d)
• Fixed serialization of rate limited with redis middleware (#35971)

v8.23.1

v8.23.1 (2021-01-19)

Fixed

• Fixed empty html mail (#35941)

v8.23.0

v8.23.0 (2021-01-19)

Added

• Added Illuminate\Database\Concerns\BuildsQueries::sole() (#35869, 29c7dae, #35908, #35902, #35912)
• Added default parameter to throw_if / throw_unless (#35890)
• Added validation support for TeamSpeak3 URI scheme (#35933)

Fixed

• Fixed extra space on blade class components that are inline (#35874)
• Fixed serialization of rate limited middleware (f3d4dcb, #35916)

Changed

• Allow a specific seeder to be used in tests in Illuminate\Foundation\Testing\RefreshDatabase::migrateFreshUsing() (#35864)
• Pass $key to closure in Collection and LazyCollection's reduce method as well (#35878)

v8.22.1

v8.22.1 (2021-01-13)

Fixed

• Limit expected bindings (#35865)

v8.22.0

v8.22.0 (2021-01-12)

Added

• Added new lines to DetectsLostConnections (#35752, #35790)
• Added Illuminate\Support\Testing\Fakes\EventFake::assertNothingDispatched() (#35835)
• Added reduce with keys to collections and lazy collections (#35839)

... (truncated)

Sourced from laravel/framework's changelog.

v8.24.0 (2021-01-21)

Added

• Added JobQueued event (8eaec03, 5d572e7)

Fixed

• Fixed type error in Illuminate\Http\Concerns\InteractsWithContentTypes::isJson() (#35956)
• Fixed Illuminate\Collections\Collection::sortByMany() (#35950)
• Fixed Limit expected bindings (#35972, 006873d)
• Fixed serialization of rate limited with redis middleware (#35971)

v8.23.1 (2021-01-19)

Fixed

• Fixed empty html mail (#35941)

v8.23.0 (2021-01-19)

Added

• Added Illuminate\Database\Concerns\BuildsQueries::sole() (#35869, 29c7dae, #35908, #35902, #35912)
• Added default parameter to throw_if / throw_unless (#35890)
• Added validation support for TeamSpeak3 URI scheme (#35933)

Fixed

• Fixed extra space on blade class components that are inline (#35874)
• Fixed serialization of rate limited middleware (f3d4dcb, #35916)

Changed

• Allow a specific seeder to be used in tests in Illuminate\Foundation\Testing\RefreshDatabase::migrateFreshUsing() (#35864)
• Pass $key to closure in Collection and LazyCollection's reduce method as well (#35878)

v8.22.1 (2021-01-13)

Fixed

• Limit expected bindings (#35865)

v8.22.0 (2021-01-12)

Added

• Added new lines to DetectsLostConnections (#35752, #35790)
• Added Illuminate\Support\Testing\Fakes\EventFake::assertNothingDispatched() (#35835)
• Added reduce with keys to collections and lazy collections (#35839)

Fixed

• Fixed error from missing null check on PHP 8 in Illuminate\Validation\Concerns\ValidatesAttributes::validateJson() (#35797)
• Fix bug with RetryCommand (4415b94, #35828)

... (truncated)

• d16e9f8 version
• 7689b36 fix serialization of rate limited with redis middleware (#35971)
• d627ce2 version
• 2d9b970 fix conflicts
• c05390b fix conflicts
• 006873d formatting
• c6b8168 Add limit bindings for having between + tests.
• dbbb1c1 Update whereDay and whereYear to clean value.
• 9d3752c Limit expected bindingx v2.
• 5d572e7 formatting
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from laravel/framework's releases.

v8.22.1

v8.22.1 (2021-01-13)

Fixed

• Limit expected bindings (#35865)

v8.22.0

v8.22.0 (2021-01-12)

Added

• Added new lines to DetectsLostConnections (#35752, #35790)
• Added Illuminate\Support\Testing\Fakes\EventFake::assertNothingDispatched() (#35835)
• Added reduce with keys to collections and lazy collections (#35839)

Fixed

• Fixed error from missing null check on PHP 8 in Illuminate\Validation\Concerns\ValidatesAttributes::validateJson() (#35797)
• Fix bug with RetryCommand (4415b94, #35828)
• Fixed Illuminate\Testing\PendingCommand::expectsTable() (#35820)
• Fixed morphTo() attempting to map an empty string morph type to an instance (#35824)

Changes

• Update Illuminate\Http\Resources\CollectsResources::collects() (1fa20dd)
• "null" constraint prevents aliasing SQLite ROWID (#35792)
• Allow strings to be passed to the report function (#35803)

v8.21.0

v8.21.0 (2021-01-05)

Added

• Added command to clean batches table (#35694, 33f5ac6)
• Added item to list of causedByLostConnection errors (#35744)
• Make it possible to set Postmark Message Stream ID (#35755)

Fixed

• Fixed php artisan db command for the Postgres CLI (#35725)
• Fixed OPTIONS method bug with use same path and diff domain when cache route (#35714)

Changed

• Ensure DBAL custom type doesn't exists in Illuminate\Database\DatabaseServiceProvider::registerDoctrineTypes() (#35704)
• Added missing dispatchAfterCommit to DatabaseQueue (#35715)
• Set chain queue when inside a batch (#35746)
• Give a more meaningul message when route parameters are missing (#35706)
• Added table prefix to Illuminate\Database\Console\DumpCommand::schemaState() (4ffe40f)
• Refresh the retryUntil time on job retry (#35780, 45eb7a7)

v8.20.1

v8.20.1 (2020-12-22)

Revert

... (truncated)

Sourced from laravel/framework's changelog.

v8.22.1 (2021-01-13)

Fixed

• Limit expected bindings (#35865)

v8.22.0 (2021-01-12)

Added

• Added new lines to DetectsLostConnections (#35752, #35790)
• Added Illuminate\Support\Testing\Fakes\EventFake::assertNothingDispatched() (#35835)
• Added reduce with keys to collections and lazy collections (#35839)

Fixed

• Fixed error from missing null check on PHP 8 in Illuminate\Validation\Concerns\ValidatesAttributes::validateJson() (#35797)
• Fix bug with RetryCommand (4415b94, #35828)
• Fixed Illuminate\Testing\PendingCommand::expectsTable() (#35820)
• Fixed morphTo() attempting to map an empty string morph type to an instance (#35824)

Changes

• Update Illuminate\Http\Resources\CollectsResources::collects() (1fa20dd)
• "null" constraint prevents aliasing SQLite ROWID (#35792)
• Allow strings to be passed to the report function (#35803)

v8.21.0 (2021-01-05)

Added

• Added command to clean batches table (#35694, 33f5ac6)
• Added item to list of causedByLostConnection errors (#35744)
• Make it possible to set Postmark Message Stream ID (#35755)

Fixed

• Fixed php artisan db command for the Postgres CLI (#35725)
• Fixed OPTIONS method bug with use same path and diff domain when cache route (#35714)

Changed

• Ensure DBAL custom type doesn't exists in Illuminate\Database\DatabaseServiceProvider::registerDoctrineTypes() (#35704)
• Added missing dispatchAfterCommit to DatabaseQueue (#35715)
• Set chain queue when inside a batch (#35746)
• Give a more meaningul message when route parameters are missing (#35706)
• Added table prefix to Illuminate\Database\Console\DumpCommand::schemaState() (4ffe40f)
• Refresh the retryUntil time on job retry (#35780, 45eb7a7)

v8.20.1 (2020-12-22)

Revert

• Revert Clear a cached user in RequestGuard if a request is changed (ca8ccd6)

... (truncated)

• 5c70991 version
• 405ca2b version
• 29c831d version
• d0954f4 [6.x] Limit expected bindings (#35865)
• cd26138 [8.x] update changelog
• 490a9ee Merge pull request #35862 from laravel/6.x
• 594c08a [6.x] update changelog
• dcc4b0d Merge branch '8.x' of github.com:laravel/framework into 8.x
• cec579e version
• 88dced8 version
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from symfony/http-kernel's releases.

v5.1.5

Changelog (https://github.com/symfony/http-kernel/compare/v5.1.4...v5.1.5)

• no changes

v5.1.4

Changelog (https://github.com/symfony/http-kernel/compare/v5.1.3...v5.1.4)

• bug #37841 Backport handler lock when using VAR_DUMPER_FORMAT (ogizanagi)

v5.1.3

Changelog (https://github.com/symfony/http-kernel/compare/v5.1.2...v5.1.3)

• bug #37341 Fix support for PHP8 union types (nicolas-grekas)

v5.1.2

Changelog (https://github.com/symfony/http-kernel/compare/v5.1.1...v5.1.2)

• no changes

v5.1.1

Changelog (https://github.com/symfony/http-kernel/compare/v5.1.0...v5.1.1)

• bug #37182 Fix regression where Store does not return response body correctly (mpdude)

v5.1.0

Changelog (https://github.com/symfony/http-kernel/compare/v5.1.0-RC2...v5.1.0)

• no changes

v5.1.0-RC2

Changelog (https://github.com/symfony/http-kernel/compare/v5.1.0-RC1...v5.1.0-RC2)

• bug #36891 Address deprecation of ReflectionType::getClass() (derrabus)
• bug #36833 Fix that the Store would not save responses with the X-Content-Digest header present (mpdude)
• bug #36855 Fix error logger when stderr is redirected to /dev/null (fabpot)
• bug #36838 Bring back the debug toolbar (derrabus)

v5.1.0-RC1

Changelog (https://github.com/symfony/http-kernel/compare/v5.1.0-BETA1...v5.1.0-RC1)

• bug #36789 Change priority of KernelEvents::RESPONSE subscriber (marcw)

v5.0.11

Changelog (https://github.com/symfony/http-kernel/compare/v5.0.10...v5.0.11)

• bug #37341 Fix support for PHP8 union types (nicolas-grekas)

v5.0.10

Changelog (https://github.com/symfony/http-kernel/compare/v5.0.9...v5.0.10)

Sourced from symfony/http-kernel's changelog.

CHANGELOG

5.2.0

• added session usage
• made the public http_cache service handle requests when available
• allowed enabling trusted hosts and proxies using new kernel.trusted_hosts, kernel.trusted_proxies and kernel.trusted_headers parameters
• content of request parameter _password is now also hidden in the request profiler raw content section

5.1.0

• allowed to use a specific logger channel for deprecations
• made WarmableInterface::warmUp() return a list of classes or files to preload on PHP 7.4+; not returning an array is deprecated
• made kernels implementing WarmableInterface be part of the cache warmup stage
• deprecated support for service:action syntax to reference controllers, use serviceOrFqcn::method instead
• allowed using public aliases to reference controllers
• added session usage reporting when the _stateless attribute of the request is set to true
• added AbstractSessionListener::onSessionUsage() to report when the session is used while a request is stateless

5.0.0

• removed support for getting the container from a non-booted kernel
• removed the first and second constructor argument of ConfigDataCollector
• removed ConfigDataCollector::getApplicationName()
• removed ConfigDataCollector::getApplicationVersion()
• removed support for Symfony\Component\Templating\EngineInterface in HIncludeFragmentRenderer, use a Twig\Environment only
• removed TranslatorListener in favor of LocaleAwareListener
• removed getRootDir() and getName() from Kernel and KernelInterface
• removed FilterControllerArgumentsEvent, use ControllerArgumentsEvent instead
• removed FilterControllerEvent, use ControllerEvent instead
• removed FilterResponseEvent, use ResponseEvent instead
• removed GetResponseEvent, use RequestEvent instead
• removed GetResponseForControllerResultEvent, use ViewEvent instead
• removed GetResponseForExceptionEvent, use ExceptionEvent instead
• removed PostResponseEvent, use TerminateEvent instead
• removed SaveSessionListener in favor of AbstractSessionListener
• removed Client, use HttpKernelBrowser instead
• added method getProjectDir() to KernelInterface
• removed methods serialize and unserialize from DataCollector, store the serialized state in the data property instead
• made ProfilerStorageInterface internal
• removed the second and third argument of KernelInterface::locateResource
• removed the second and third argument of FileLocator::__construct
• removed loading resources from %kernel.root_dir%/Resources and %kernel.root_dir% as

• 3e32676 Update VERSION for 5.1.5
• f855601 Merge branch '4.4' into 5.1
• cdf1e9b security #cve-2020-15094 Remove headers with internal meaning from HttpClient...
• 8e8d0ed Remove headers with internal meaning from HttpClient responses
• 05293dd Bump Symfony version to 5.1.5
• f829c24 Update VERSION for 5.1.4
• a5ed890 Bump Symfony version to 4.4.13
• f93f6b3 Update VERSION for 4.4.12
• 794f3d4 Merge branch '4.4' into 5.1
• 98fb210 minor #37831 stop using deprecated PHPUnit APIs (xabbuh)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from symfony/mime's changelog.

CHANGELOG

4.4.0

• [BC BREAK] Removed NamedAddress (Address now supports a name)
• Added PHPUnit constraints
• Added AbstractPart::asDebugString()
• Added Address::fromString()

4.3.3

• [BC BREAK] Renamed method Headers::getAll() to Headers::all().

4.3.0

• Introduced the component as experimental

• 010cc48 bug #34032 [Mime] Fixing multidimensional array structure with FormDataPart (...
• 89da7b6 Merge branch '4.3' into 4.4
• 22aecf6 [Mime] fix guessing mime-types of files with leading dash
• bf6913d Merge branch '4.3' into 4.4
• 3c0e197 [4.3] Remove unused local variables
• 86fe792 minor #33963 Add .gitignore to .gitattributes (reedy)
• 51d5b0e Changing the multipart form-data behavior to use the form name as an array, w...
• ae5a66b Merge branch '4.3' into 4.4
• a6b152c Merge branch '3.4' into 4.3
• 592a01c Add Message-Id to SentMessage when sending an email
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from ws's releases.

6.2.2

Bug fixes

• Backported 00c425ec to the 6.x release line (78c676d2).

• 9bdb580 [dist] 6.2.2
• 78c676d [security] Fix ReDoS vulnerability
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from express's releases.

4.18.2

• Fix regression routing a large stack in a single route
• deps: [email protected]
  • deps: [email protected]
  • perf: remove unnecessary object clone
• deps: [email protected]

4.18.1

• Fix hanging on large stack of sync routes

4.18.0

• Add "root" option to res.download
• Allow options without filename in res.download
• Deprecate string and non-integer arguments to res.status
• Fix behavior of null/undefined as maxAge in res.cookie
• Fix handling very large stacks of sync middleware
• Ignore Object.prototype values in settings through app.set/app.get
• Invoke default with same arguments as types in res.format
• Support proper 205 responses using res.send
• Use http-errors for res.format error
• deps: [email protected]
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
• deps: [email protected]
  • Add priority option
  • Fix expires option to reject invalid dates
• deps: [email protected]
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: [email protected]
  • Remove set content headers that break response
  • deps: [email protected]
  • deps: [email protected]
• deps: [email protected]
  • Prevent loss of async hooks context
• deps: [email protected]
• deps: [email protected]
  • Fix emitted 416 error missing headers property
  • Limit the headers removed for 304 response
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]

... (truncated)

Sourced from express's changelog.

4.18.2 / 2022-10-08

• Fix regression routing a large stack in a single route
• deps: [email protected]
  • deps: [email protected]
  • perf: remove unnecessary object clone
• deps: [email protected]

4.18.1 / 2022-04-29

• Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

• Add "root" option to res.download
• Allow options without filename in res.download
• Deprecate string and non-integer arguments to res.status
• Fix behavior of null/undefined as maxAge in res.cookie
• Fix handling very large stacks of sync middleware
• Ignore Object.prototype values in settings through app.set/app.get
• Invoke default with same arguments as types in res.format
• Support proper 205 responses using res.send
• Use http-errors for res.format error
• deps: [email protected]
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
  • deps: [email protected]
• deps: [email protected]
  • Add priority option
  • Fix expires option to reject invalid dates
• deps: [email protected]
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: [email protected]
  • Remove set content headers that break response
  • deps: [email protected]
  • deps: [email protected]
• deps: [email protected]
  • Prevent loss of async hooks context
• deps: [email protected]
• deps: [email protected]

... (truncated)

• 8368dc1 4.18.2
• 61f4049 docs: replace Freenode with Libera Chat
• bb7907b build: [email protected]
• f56ce73 build: [email protected]
• 24b3dc5 deps: [email protected]
• 689d175 deps: [email protected]
• 340be0f build: [email protected]
• 33e8dc3 docs: use Node.js name style
• 644f646 build: [email protected]
• ecd7572 build: [email protected]
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from qs's changelog.

6.5.3

• [Fix] parse: ignore __proto__ keys (#428)
• [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source
• [Fix] correctly parse nested arrays
• [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
• [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
• [Fix] when parseArrays is false, properly handle keys ending in []
• [Fix] fix for an impossible situation: when the formatter is called with a non-string value
• [Fix] utils.merge: avoid a crash with a null target and an array source
• [Refactor] utils: reduce observable [[Get]]s
• [Refactor] use cached Array.isArray
• [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
• [Refactor] parse: only need to reassign the var once
• [Robustness] stringify: avoid relying on a global undefined (#427)
• [readme] remove travis badge; add github actions/codecov badges; update URLs
• [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
• [Docs] Clarify the need for "arrayLimit" option
• [meta] fix README.md (#399)
• [meta] add FUNDING.yml
• [actions] backport actions from main
• [Tests] always use String(x) over x.toString()
• [Tests] remove nonexistent tape option
• [Dev Deps] backport from main

• 298bfa5 v6.5.3
• ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
• 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
• 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
• 12ac1c4 [meta] fix README.md (#399)
• 0338716 [actions] backport actions from main
• 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
• 51b8a0b add FUNDING.yml
• 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
• f814a7f [Dev Deps] backport from main
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from decode-uri-component's releases.

v0.2.2

• Prevent overwriting previously decoded tokens 980e0bf

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

v0.2.1

• Switch to GitHub workflows 76abc93
• Fix issue where decode throws - fixes #6 746ca5d
• Update license (#1) 486d7e2
• Tidelift tasks a650457
• Meta tweaks 66e1c28

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

• a0eea46 0.2.2
• 980e0bf Prevent overwriting previously decoded tokens
• 3c8a373 0.2.1
• 76abc93 Switch to GitHub workflows
• 746ca5d Fix issue where decode throws - fixes #6
• 486d7e2 Update license (#1)
• a650457 Tidelift tasks
• 66e1c28 Meta tweaks
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from loader-utils's releases.

v1.4.2

1.4.2 (2022-11-11)

Bug Fixes

• ReDoS problem (#226) (17cbf8f)

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

• security problem (#220) (4504e34)

Sourced from loader-utils's changelog.

1.4.2 (2022-11-11)

Bug Fixes

• ReDoS problem (#226) (17cbf8f)

1.4.1 (2022-11-07)

Bug Fixes

• security problem (#220) (4504e34)

• 331ad50 chore(release): 1.4.2
• 17cbf8f fix: ReDoS problem (#226)
• 8f082b3 chore(release): 1.4.1
• 4504e34 fix: security problem (#220)
• See full diff in compare view

Sourced from loader-utils's releases.

v1.4.2

1.4.2 (2022-11-11)

Bug Fixes

• ReDoS problem (#226) (17cbf8f)

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

• security problem (#220) (4504e34)

Sourced from loader-utils's changelog.

1.4.2 (2022-11-11)

Bug Fixes

• ReDoS problem (#226) (17cbf8f)

1.4.1 (2022-11-07)

Bug Fixes

• security problem (#220) (4504e34)

• 331ad50 chore(release): 1.4.2
• 17cbf8f fix: ReDoS problem (#226)
• 8f082b3 chore(release): 1.4.1
• 4504e34 fix: security problem (#220)
• See full diff in compare view

Sourced from error-overlay-webpack-plugin's releases.

v1.1.1

Bug Fixes

• compatibility with webpack-dev-server (f3eaa7b)

v1.1.0

Bug Fixes

• options has an unknown property 'before' (#88) (28de3ed)

Features

• upgrade & various fixes (bb87e5f), closes #91 #90 #82

v1.0.0

• Support webpack 5

v0.4.2

Bug Fixes

• pass in compiler to devServer before() (#66) (c0feceb)

v0.4.1

Features

• upgrade dependencies (effea01)

v0.4.0

Features

• support single string entry (#43) (494e689)

v0.3.0

Features

• close overlay on 'ok' event (#39) (1471e29)
• use webpack options sockPath, sockHost, and sockPort to get socket URL (#42) (b763f76)

... (truncated)

Sourced from error-overlay-webpack-plugin's changelog.

1.1.1 (2022-11-14)

Bug Fixes

• compatibility with webpack-dev-server (f3eaa7b)

1.1.0 (2022-02-12)

Features

• upgrade & various fixes (bb87e5f), closes #91 #90 #82

Bug Fixes

• options has an unknown property 'before' (#88) (28de3ed)

1.0.0 (2021-08-30)

0.4.2 (2021-02-02)

Bug Fixes

• pass in compiler to devServer before() (#66) (c0feceb)

0.4.1 (2019-08-28)

Features

• upgrade dependencies (effea01)

0.4.0 (2019-06-17)

Features

• support single string entry (#43) (494e689)

0.3.0 (2019-05-23)

Features

... (truncated)

• 009655e chore: fix formatting
• f3eaa7b fix: compatibility with webpack-dev-server
• eee7dfd Fix an error that being logged in the console when Webpack is using WebSocket...
• 8aa4edf chore(release): 1.1.0
• d38166a chore: simplify repo in package.json
• bb87e5f feat: upgrade & various fixes
• 28de3ed fix: options has an unknown property 'before' (#88)
• fe2cd08 chore(release): 1.0.0
• 6e62765 chore: fix entries
• 4b19d35 chore: remove travis
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from terser's changelog.

v4.8.1 (backport)

• Security fix for RegExps that should not be evaluated (regexp DDOS)

• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from moment's changelog.

2.29.4

• Release Jul 6, 2022
  • #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex

2.29.3 Full changelog

• Release Apr 17, 2022
  • #5995 [bugfix] Remove const usage
  • #5990 misc: fix advisory link

2.29.2 See full changelog

• Release Apr 3 2022

Address https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4

• 000ac18 Build 2.24.4
• f2006b6 Bump version to 2.24.4
• 536ad0c Update changelog for 2.29.4
• 9a3b589 [bugfix] Fix redos in preprocessRFC2822 regex (#6015)
• 6374fd8 Merge branch 'master' into develop
• b4e6153 Revert "[bugfix] Fix redos in preprocessRFC2822 regex (#6015)"
• 7aebb16 [bugfix] Fix redos in preprocessRFC2822 regex (#6015)
• 57c9062 Build 2.29.3
• aaf50b6 Fixup release complaints
• 26f4aef Bump version to 2.29.3
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.