Sourced from guzzlehttp/guzzle's releases.

Release 6.5.7

See change log for changes.

Release 6.5.6

See change log for changes.

6.5.5

No release notes provided.

6.5.4

No release notes provided.

6.5.3

No release notes provided.

6.5.2

• idn_to_ascii() fix for old PHP versions #2489

6.5.1

• Better defaults for PHP installations with old ICU lib #2454
• IDN support for redirects #2424

6.5.0

No release notes provided.

6.4.1

No release notes provided.

Sourced from guzzlehttp/guzzle's changelog.

6.5.7 - 2022-06-09

• Fix failure to strip Authorization header on HTTP downgrade
• Fix failure to strip the Cookie header on change in host or HTTP downgrade

6.5.6 - 2022-05-25

• Fix cross-domain cookie leakage

6.5.5 - 2020-06-16

• Unpin version constraint for symfony/polyfill-intl-idn #2678

6.5.4 - 2020-05-25

• Fix various intl icu issues #2626

6.5.3 - 2020-04-18

• Use Symfony intl-idn polyfill #2550
• Remove use of internal functions #2548

6.5.2 - 2019-12-23

• idn_to_ascii() fix for old PHP versions #2489

6.5.1 - 2019-12-21

• Better defaults for PHP installations with old ICU lib #2454
• IDN support for redirects #2424

6.5.0 - 2019-12-07

• Improvement: Added support for reset internal queue in MockHandler. #2143
• Improvement: Added support to pass arbitrary options to curl_multi_init. #2287
• Fix: Gracefully handle passing null to the header option. #2132
• Fix: RetryMiddleware did not do exponential delay between retries due unit mismatch. #2132 Previously, RetryMiddleware would sleep for 1 millisecond, then 2 milliseconds, then 4 milliseconds. After this change, RetryMiddleware will sleep for 1 second, then 2 seconds, then 4 seconds. Middleware::retry() accepts a second callback parameter to override the default timeouts if needed.
• Fix: Prevent undefined offset when using array for ssl_key options. #2348
• Deprecated ClientInterface::VERSION

6.4.1 - 2019-10-23

• No guzzle.phar was created in 6.4.0 due expired API token. This release will fix that
• Added parent::__construct() to FileCookieJar and SessionCookieJar

6.4.0 - 2019-10-23

... (truncated)

• 724562f Release 6.5.7 (#3022)
• f092dd7 [6.x] Fix cross-domain cookie leakage (#3017)
• e8ed4db Fixed tests (#2720)
• 9d4290d Prepare 6.5.5 (#2692)
• ba7930f Updated static analysis tooling (#2694)
• 23730ab Unpin version for symfony/polyfill-intl-idn (#2678)
• a4a1b69 Adding changelog for 6.5.4 (#2651)
• 0d137e9 [6.5] Remove obsolete statement in handler option docs (#2567)
• d3f2c17 [6.5] Fix various intl icu issues (#2626)
• c8162be Fix use and phpDoc for @throws GuzzleException/InvalidArgumentException (#2...
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from guzzlehttp/guzzle's releases.

Release 6.5.6

See change log for changes.

6.5.5

No release notes provided.

6.5.4

No release notes provided.

6.5.3

No release notes provided.

6.5.2

• idn_to_ascii() fix for old PHP versions #2489

6.5.1

• Better defaults for PHP installations with old ICU lib #2454
• IDN support for redirects #2424

6.5.0

No release notes provided.

6.4.1

No release notes provided.

Sourced from guzzlehttp/guzzle's changelog.

6.5.6 - 2022-05-25

• Fix cross-domain cookie leakage

6.5.5 - 2020-06-16

• Unpin version constraint for symfony/polyfill-intl-idn #2678

6.5.4 - 2020-05-25

• Fix various intl icu issues #2626

6.5.3 - 2020-04-18

• Use Symfony intl-idn polyfill #2550
• Remove use of internal functions #2548

6.5.2 - 2019-12-23

• idn_to_ascii() fix for old PHP versions #2489

6.5.1 - 2019-12-21

• Better defaults for PHP installations with old ICU lib #2454
• IDN support for redirects #2424

6.5.0 - 2019-12-07

• Improvement: Added support for reset internal queue in MockHandler. #2143
• Improvement: Added support to pass arbitrary options to curl_multi_init. #2287
• Fix: Gracefully handle passing null to the header option. #2132
• Fix: RetryMiddleware did not do exponential delay between retries due unit mismatch. #2132 Previously, RetryMiddleware would sleep for 1 millisecond, then 2 milliseconds, then 4 milliseconds. After this change, RetryMiddleware will sleep for 1 second, then 2 seconds, then 4 seconds. Middleware::retry() accepts a second callback parameter to override the default timeouts if needed.
• Fix: Prevent undefined offset when using array for ssl_key options. #2348
• Deprecated ClientInterface::VERSION

6.4.1 - 2019-10-23

• No guzzle.phar was created in 6.4.0 due expired API token. This release will fix that
• Added parent::__construct() to FileCookieJar and SessionCookieJar

6.4.0 - 2019-10-23

• Improvement: Improved error messages when using curl < 7.21.2 #2108
• Fix: Test if response is readable before returning a summary in RequestException::getResponseBodySummary() #2081
• Fix: Add support for GUZZLE_CURL_SELECT_TIMEOUT environment variable #2161
• Improvement: Added GuzzleHttp\Exception\InvalidArgumentException #2163
• Improvement: Added GuzzleHttp\_current_time() to use hrtime() if that function exists. #2242

... (truncated)

• f092dd7 [6.x] Fix cross-domain cookie leakage (#3017)
• e8ed4db Fixed tests (#2720)
• 9d4290d Prepare 6.5.5 (#2692)
• ba7930f Updated static analysis tooling (#2694)
• 23730ab Unpin version for symfony/polyfill-intl-idn (#2678)
• a4a1b69 Adding changelog for 6.5.4 (#2651)
• 0d137e9 [6.5] Remove obsolete statement in handler option docs (#2567)
• d3f2c17 [6.5] Fix various intl icu issues (#2626)
• c8162be Fix use and phpDoc for @throws GuzzleException/InvalidArgumentException (#2...
• 5262ecf Document the impact of fixing time units for RetryMiddleware (#2570)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• 8647803 6.5.3
• 856fe4d signature: prevent malleability and overflows
• 6048941 6.5.2
• 9984964 package: bump dependencies
• ec735ed utils: leak less information in getNAF()
• 71e4e8e 6.5.1
• 7ec66ff short: add infinity check before multiplying
• ee7970b travis: really move on
• 637d021 travis: move on
• 5ed0bab package: update deps
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from lodash's releases.

4.17.16

• d7fbc52 Bump to v4.17.19
• 2e1c0f2 Add npm-package
• 1b6c282 Bump to v4.17.18
• a370ac8 Bump to v4.17.17
• 1144918 Rebuild lodash and docs
• 3a3b0fd Bump to v4.17.16
• c84fe82 fix(zipObjectDeep): prototype pollution (#4759)
• e7b28ea Sanitize sourceURL so it cannot affect evaled code (#4518)
• 0cec225 Fix lodash.isEqual for circular references (#4320) (#4515)
• 94c3a81 Document matches* shorthands for over* methods (#4510) (#4514)
• Additional commits viewable in compare view

This version was pushed to npm by mathias, a new releaser for lodash since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• e371828 Bump to v4.17.13.
• 357e899 Rebuild lodash and docs.
• fd9a062 Bump to v4.17.12.
• e77d681 Rebuild lodash and docs.
• 629d186 Update OpenJS references.
• 2406eac Fix minified build.
• 17a34bc Fix test bootstrap for core build.
• 53838a3 Fix tests in older browsers.
• 29e2584 Fix style:test lint nits.
• 8f4d3eb Update deps.
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• b7fc909 3.4.0
• 59ea765 Release: update AUTHORS.txt
• 7c1ef15 Release: update version to 3.4.0-pre
• d940bc0 Build: Update Sizzle from 2.3.3 to 2.3.4
• 9b9fca4 Update README.md
• a2a73db Tests: Make Android Browser 4.0-4.3 dimensions tests green
• 4455f8d Tests: Make Android Browser 4.0-4.3 AJAX tests green
• 0050403 Core: Preserve CSP nonce on scripts with src attribute in DOM manipulation
• fe5f04d Event: Prevent leverageNative from double-firing focusin
• 753d591 Core: Prevent Object.prototype pollution for $.extend( true, ... )
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from qs's changelog.

6.3.3

• [Fix] parse: ignore __proto__ keys (#428)
• [Fix] fix for an impossible situation: when the formatter is called with a non-string value
• [Fix] utils.merge: avoid a crash with a null target and an array source
• [Fix] utils.merge`: avoid a crash with a null target and a truthy non-array source
• [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
• [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
• [Fix] when parseArrays is false, properly handle keys ending in []
• [Robustness] stringify: avoid relying on a global undefined (#427)
• [Refactor] use cached Array.isArray
• [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
• [Docs] Clarify the need for "arrayLimit" option
• [meta] fix README.md (#399)
• [meta] Clean up license text so it’s properly detected as BSD-3-Clause
• [meta] add FUNDING.yml
• [actions] backport actions from main
• [Tests] use safer-buffer instead of Buffer constructor
• [Tests] remove nonexistent tape option
• [Dev Deps] backport from main

6.3.2

• [Fix] follow allowPrototypes option during merge (#201, #200)
• [Dev Deps] update eslint
• [Fix] chmod a-x
• [Fix] support keys starting with brackets (#202, #200)
• [Tests] up to node v7.7, v6.10, v4.8; disable osx builds since they block linux builds

6.3.1

• [Fix] ensure that allowPrototypes: false does not ever shadow Object.prototype properties (thanks, @​snyk!)
• [Dev Deps] update eslint, @ljharb/eslint-config, browserify, iconv-lite, qs-iconv, tape
• [Tests] on all node minors; improve test matrix
• [Docs] document stringify option allowDots (#195)
• [Docs] add empty object and array values example (#195)
• [Docs] Fix minor inconsistency/typo (#192)
• [Docs] document stringify option sort (#191)
• [Refactor] stringify: throw faster with an invalid encoder
• [Refactor] remove unnecessary escapes (#184)
• Remove contributing.md, since qs is no longer part of hapi (#183)

• ff235b4 v6.3.3
• 4310742 [Fix] parse: ignore __proto__ keys (#428)
• da1eee0 [Dev Deps] backport from main
• 2c103b6 [actions] backport actions from main
• aa4580e [Robustness] stringify: avoid relying on a global undefined (#427)
• f8510a1 [meta] fix README.md (#399)
• 4c036ce [Fix] fix for an impossible situation: when the formatter is called with a no...
• 180bfa5 [meta] Clean up license text so it’s properly detected as BSD-3-Clause
• e0b2c4b [Tests] use safer-buffer instead of Buffer constructor
• f7139bf [Fix] utils.merge: avoid a crash with a null target and an array source
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from guzzlehttp/guzzle's releases.

Release 6.5.8

See change log for changes.

Release 6.5.7

See change log for changes.

Release 6.5.6

See change log for changes.

6.5.5

No release notes provided.

6.5.4

No release notes provided.

6.5.3

No release notes provided.

6.5.2

• idn_to_ascii() fix for old PHP versions #2489

6.5.1

• Better defaults for PHP installations with old ICU lib #2454
• IDN support for redirects #2424

6.5.0

No release notes provided.

6.4.1

No release notes provided.

Sourced from guzzlehttp/guzzle's changelog.

6.5.8 - 2022-06-20

• Fix change in port should be considered a change in origin
• Fix CURLOPT_HTTPAUTH option not cleared on change of origin

6.5.7 - 2022-06-09

• Fix failure to strip Authorization header on HTTP downgrade
• Fix failure to strip the Cookie header on change in host or HTTP downgrade

6.5.6 - 2022-05-25

• Fix cross-domain cookie leakage

6.5.5 - 2020-06-16

• Unpin version constraint for symfony/polyfill-intl-idn #2678

6.5.4 - 2020-05-25

• Fix various intl icu issues #2626

6.5.3 - 2020-04-18

• Use Symfony intl-idn polyfill #2550
• Remove use of internal functions #2548

6.5.2 - 2019-12-23

• idn_to_ascii() fix for old PHP versions #2489

6.5.1 - 2019-12-21

• Better defaults for PHP installations with old ICU lib #2454
• IDN support for redirects #2424

6.5.0 - 2019-12-07

• Improvement: Added support for reset internal queue in MockHandler. #2143
• Improvement: Added support to pass arbitrary options to curl_multi_init. #2287
• Fix: Gracefully handle passing null to the header option. #2132
• Fix: RetryMiddleware did not do exponential delay between retries due unit mismatch. #2132 Previously, RetryMiddleware would sleep for 1 millisecond, then 2 milliseconds, then 4 milliseconds. After this change, RetryMiddleware will sleep for 1 second, then 2 seconds, then 4 seconds. Middleware::retry() accepts a second callback parameter to override the default timeouts if needed.
• Fix: Prevent undefined offset when using array for ssl_key options. #2348
• Deprecated ClientInterface::VERSION

6.4.1 - 2019-10-23

... (truncated)

• a52f044 Release 6.5.8 (#3042)
• 724562f Release 6.5.7 (#3022)
• f092dd7 [6.x] Fix cross-domain cookie leakage (#3017)
• e8ed4db Fixed tests (#2720)
• 9d4290d Prepare 6.5.5 (#2692)
• ba7930f Updated static analysis tooling (#2694)
• 23730ab Unpin version for symfony/polyfill-intl-idn (#2678)
• a4a1b69 Adding changelog for 6.5.4 (#2651)
• 0d137e9 [6.5] Remove obsolete statement in handler option docs (#2567)
• d3f2c17 [6.5] Fix various intl icu issues (#2626)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from guzzlehttp/psr7's releases.

1.8.5

See change log for changes.

1.8.4

See change log for changes.

1.8.3

See change log for changes.

1.8.2

See change log for changes.

1.8.1

See change log for changes.

1.8.0

See change log for changes.

1.7.0

See change log for changes.

Sourced from guzzlehttp/psr7's changelog.

1.8.5 - 2022-03-20

Fixed

• Correct header value validation

1.8.4 - 2022-03-20

Fixed

• Validate header values properly

1.8.3 - 2021-10-05

Fixed

• Return null in caching stream size if remote size is null

1.8.2 - 2021-04-26

Fixed

• Handle possibly unset url in stream_get_meta_data

1.8.1 - 2021-03-21

Fixed

• Issue parsing IPv6 URLs
• Issue modifying ServerRequest lost all its attributes

1.8.0 - 2021-03-21

Added

• Locale independent URL parsing
• Most classes got a @final annotation to prepare for 2.0

Fixed

• Issue when creating stream from php://input and curl-ext is not installed
• Broken Utils::tryFopen() on PHP 8

1.7.0 - 2020-09-30

Added

• Replaced functions by static methods

Fixed

... (truncated)

• 337e3ad Release 1.8.5 (#491)
• 902db15 Release 1.8.4 (#486)
• 1afdd86 Release 1.8.3 (#446)
• a0c4a5f Return null in caching stream size if remote is null (#438)
• 9d00674 Support PHP 8.1 (#435)
• 93c36e7 Updated docs (#434)
• dc960a9 Release 1.8.2 (#416)
• b66d38d Avoid no-url index in stream_get_meta_data (#413)
• 359b1f4 Run php-cs-fixer on 1.x (#407)
• 32a92b3 Merge pull request #408 from Nyholm/links
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from hosted-git-info's changelog.

2.8.9 (2021-04-07)

Bug Fixes

• backport regex fix from #76 (29adfe5), closes #84

2.8.8 (2020-02-29)

Bug Fixes

• #61 & #65 addressing issues w/ url.URL implmentation which regressed node 6 support (5038b18), closes #66

2.8.7 (2020-02-26)

Bug Fixes

• Do not attempt to use url.URL when unavailable (2d0bb66), closes #61 #62
• Do not pass scp-style URLs to the WhatWG url.URL (f2cdfcf), closes #60

2.8.6 (2020-02-25)

2.8.5 (2019-10-07)

Bug Fixes

• updated pathmatch for gitlab (e8325b5), closes #51
• updated pathmatch for gitlab (ffe056f)

2.8.4 (2019-08-12)

... (truncated)

• 8d4b369 chore(release): 2.8.9
• 29adfe5 fix: backport regex fix from #76
• afeaefd chore(release): 2.8.8
• 5038b18 fix: #61 & #65 addressing issues w/ url.URL implmentation which regressed nod...
• 7440afa chore(release): 2.8.7
• 2d0bb66 fix: Do not attempt to use url.URL when unavailable
• f2cdfcf fix: Do not pass scp-style URLs to the WhatWG url.URL
• e1b83df chore(release): 2.8.6
• ff259a6 Ensure passwords in hosted Git URLs are correctly escaped
• 624fd6f chore(release): 2.8.5
• Additional commits viewable in compare view

This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• ded9bc6 Bump to v4.17.20.
• 63150ef Documentation fixes.
• 00f0f62 test.js: Remove trailing comma.
• 846e434 Temporarily use a custom fork of lodash-cli.
• 5d046f3 Re-enable Travis tests on 4.17 branch.
• aa816b3 Remove /npm-package.
• d7fbc52 Bump to v4.17.19
• Additional commits viewable in compare view

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• 943977e Merge branch 'umd-alias', tag 1.13.1 release
• 5630f88 Add version 1.13.1 to the change log
• 5aa5b52 Update the bundle sizes
• 76c8d8a Bump the version to 1.13.1
• 9cda0b0 Add some build clarifications to the documentation (#2923)
• 8b5928c Revert .gitignore underscore.js from 57a4a0e (fix #2923)
• 7054a54 Update generated sources and tag 1.13.0 release
• 37dc52a Merge pull request #2921 from jgonggrijp/prepare-1.13.0
• 5511d12 Add version 1.13.0 to the change log
• efe5fbf Bump the version to 1.13.0
• Additional commits viewable in compare view

This version was pushed to npm by jgonggrijp, a new releaser for underscore since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.