631d739 Fix low-hanging 'npm audit' fruits (Carl-Erik Kopseng)
a3cdefa Bump elliptic from 6.5.4 to 6.5.7 (#248) (dependabot[bot])

Signed-off-by: dependabot[bot] support@github.com

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
47e4b73 Bump browserify-sign from 4.2.1 to 4.2.3 (#249) (dependabot[bot])

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Released by Carl-Erik Kopseng on 2024-09-12.

8.0.1

Diff

fatso83

published 8.0.1 • 2 months ago

Changelog

Source

8.0.1

ca41112 Update all dependencies (#247) (Carl-Erik Kopseng)
153c0a7 Fix matcher cyclic object infinite recursion issue (#245) (Phil Spitzer)

Released by Carl-Erik Kopseng on 2024-09-12.

8.0.0

Diff

fatso83

published 8.0.0 • 2 years ago

Changelog

Source

8.0.0

5f88086 fix: ensure nothing can mutate the exported 'message' (Carl-Erik Kopseng)

Released by Carl-Erik Kopseng on 2023-03-26.

7.0.1

Diff

mrgnrdrck

published 7.0.1 • 2 years ago

Changelog

Source

7.0.1

fb6573a Prefer @sinonjs/commons@2 (Morgan Roderick)

That makes ES2017 support explicit

Released by Morgan Roderick on 2022-11-07.

7.0.0

Diff

mrgnrdrck

published 7.0.0 • 2 years ago

Changelog

Source

7.0.0

85a9acb Stop testing in Node 12, start testing in Node 18, 19 (Morgan Roderick)

Released by Morgan Roderick on 2022-11-02.

6.1.3

Diff

mrgnrdrck

published 6.1.3 • 2 years ago

Changelog

Source

6.1.3

15295d9 Fix #237: Use jQuery#is() for jQuery equality (Morgan Roderick)

In f1a1f306018166ad76ab1a1a71d400fc9373f7d0 we added support for Javascript iteraction protocols.

jQuery objects happen to have iteration protocols, so they would trigger the new codepath. However, that code path uses Array.from on the input, which doesn't play nice with jQuery's serializer.

Luckily, jQuery has the is() method for comparing its objects.

Released by Morgan Roderick on 2022-11-02.

6.1.2

Diff

mrgnrdrck

published 6.1.2 • 2 years ago

Changelog

Source

6.1.2

aa3badb Fix to compare input for iteratables. (#229) (Shuhei Aoyama)
58480cc npm audit fix (Morgan Roderick)
1b9c378 Upgrade benchmark and microtime to latest (Morgan Roderick)
3d6e322 Remove unused mkdirp dependency (Morgan Roderick)
4388ea7 Upgrade typescript to latest (Morgan Roderick)
4e29ee0 Upgrade prettier to latest (Morgan Roderick)
f2c548e Upgrade nyc to latest (Morgan Roderick)
3bda5a3 Upgrade mochify to latest (Morgan Roderick)
30ac30b Upgrade mocha to latest (Morgan Roderick)
fd9aa60 Upgrade jsdoc to latest (Morgan Roderick)
501fef7 Upgrade husky to latest (Morgan Roderick)
See:
- https://typicode.github.io/husky/#/?id=migrate-from-v4-to-v8
- https://github.com/typicode/husky-4-to-8
10857c2 Upgrade @studio/changes to latest (Morgan Roderick)
c31f564 Upgrade @sinonjs/eslint-config to latest (Morgan Roderick)
08ed814 Upgrade @sinonjs/referee to latest (Morgan Roderick)
a16c58b Bump jsdom from 16.2.2 to 16.5.0 (dependabot[bot])
Bumps jsdom from 16.2.2 to 16.5.0.
updated-dependencies:
- dependency-name: jsdom dependency-type: direct:development ...
Signed-off-by: dependabot[bot] support@github.com
8b7d7de Bump shell-quote from 1.6.1 to 1.7.3 (dependabot[bot])
Bumps shell-quote from 1.6.1 to 1.7.3.
updated-dependencies:
- dependency-name: shell-quote dependency-type: indirect ...
Signed-off-by: dependabot[bot] support@github.com
409866f chore: Set permissions for GitHub actions (Morgan Roderick)

Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests

See sinonjs/sinon#2461
5a7317f Update README (Morgan Roderick)

The default branch was renamed
4354403 Verify lockfileVersion (Morgan Roderick)
be7df9e Merge prettier, lint into static-analysis (Morgan Roderick)
2e1bf94 Upgrade mocha to latest (Morgan Roderick)
3bab205 Bump hosted-git-info from 3.0.4 to 3.0.8 (dependabot[bot])
Bumps hosted-git-info from 3.0.4 to 3.0.8.
updated-dependencies:
- dependency-name: hosted-git-info dependency-type: indirect ...
Signed-off-by: dependabot[bot] support@github.com
14d3637 Bump ajv from 6.10.2 to 6.12.6 (dependabot[bot])
Bumps ajv from 6.10.2 to 6.12.6.
- Release notes
- Commits
updated-dependencies:
- dependency-name: ajv dependency-type: indirect ...
Signed-off-by: dependabot[bot] support@github.com

Released by Morgan Roderick on 2022-10-31.

6.1.1

Diff

fatso83

published 6.1.1 • 3 years ago

Changelog

Source

6.1.1

0a89fbd Bump cached-path-relative from 1.0.2 to 1.1.0 (#227) (dependabot[bot])

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
88a3fca Install missing dependency mkdocs and update lock file version (Carl-Erik Kopseng)

Released on 2022-01-28.