Sourced from prismjs's releases.

v1.25.0

Release 1.25.0

v1.24.1

Release 1.24.1

v1.24.0

Release 1.24.0

Sourced from prismjs's changelog.

1.25.0 (2021-09-16)

New components

• AviSynth (#3071) 746a4b1a
• Avro IDL (#3051) 87e5a376
• Bicep (#3027) c1dce998
• GAP (CAS) (#3054) 23cd9b65
• GN (#3062) 4f97b82b
• Hoon (#2978) ea776756
• Kusto (#3068) e008ea05
• Magma (CAS) (#3055) a1b67ce3
• MAXScript (#3060) 4fbdd2f8
• Mermaid (#3050) 148c1eca
• Razor C# (#3064) 4433ccfc
• Systemd configuration file (#3053) 8df825e0
• Wren (#3063) 6a356d25

Updated components

• Bicep
  • Added support for multiline and interpolated strings and other improvements (#3028) 748bb9ac
• C#
  • Added with keyword & improved record support (#2993) fdd291c0
  • Added record, init, and nullable keyword (#2991) 9b561565
  • Added context check for from keyword (#2970) 158f25d4
• C++
  • Fixed generic function false positive (#3043) 5de8947f
• Clojure
  • Improved tokenization (#3056) 8d0b74b5
• Hoon
  • Fixed mixed-case aura tokenization (#3002) 9c8911bd
• Liquid
  • Added all objects from Shopify reference (#2998) 693b7433
  • Added empty keyword (#2997) fe3bc526
• Log file
  • Added support for Java stack traces (#3003) b0365e70
• Markup
  • Made most patterns greedy (#3065) 52e8cee9
  • Fixed ReDoS (#3078) 0ff371bb
• PureScript
  • Made ∀ a keyword (alias for forall) (#3005) b38fc89a
  • Improved Haskell and PureScript (#3020) 679539ec
• Python
  • Support for underscores in numbers (#3039) 6f5d68f7
• Sass
  • Fixed issues with CSS Extras (#2994) 14fdfe32
• Shell session
  • Fixed command false positives (#3048) 35b88fcf
  • Added support for the percent sign as shell symbol (#3010) 4492b62b

... (truncated)

• 99d94fa 1.25.0
• 6d8e547 Updated changelog (#3083)
• e008ea0 Added support for Kusto (#3068)
• 4433ccf Added support for ASP.NET Razor (#3064)
• 6a356d2 Added support for Wren (#3063)
• 4fbdd2f Added support for MAXScript (#3060)
• 746a4b1 Added AviSynth language definition (#3071)
• ffb2043 Twilight theme: Increase selector specificities of plugin overrides (#3081)
• 52e8cee Markup: Made most patterns greedy (#3065)
• c7b6a7f Previewers: Ensure popup is visible across themes (#3080)
• Additional commits viewable in compare view

This version was pushed to npm by rundevelopment, a new releaser for prismjs since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from prismjs's releases.

v1.24.0

Release 1.24.0

Sourced from prismjs's changelog.

1.24.0 (2021-06-27)

New components

• CFScript (#2771) b0a6ec85
• ChaiScript (#2706) 3f7d7453
• COBOL (#2800) 7e5f78ff
• Coq (#2803) 41e25d3c
• CSV (#2794) f9b69528
• DOT (Graphviz) (#2690) 1f91868e
• False (#2802) 99a21dc5
• ICU Message Format (#2745) bf4e7ba9
• Idris (#2755) e9314415
• Jexl (#2764) 7e51b99c
• KuMir (КуМир) (#2760) 3419fb77
• Log file (#2796) 2bc6475b
• Nevod (#2798) f84c49c5
• OpenQasm (#2797) 1a2347a3
• PATROL Scripting Language (#2739) 18c67b49
• Q# (#2804) 1b63cd01
• Rego (#2624) e38986f9
• Squirrel (#2721) fd1081d2
• URI (#2708) bbc77d19
• V (#2687) 72962701
• Wolfram language & Mathematica & Mathematica Notebook (#2921) c4f6b2cc

Updated components

• Fixed problems reported by regexp/no-dupe-disjunctions (#2952) f471d2d7
• Fixed some cases of quadratic worst-case runtime (#2922) 79d22182
• Fixed 2 cases of exponential backtracking (#2774) d85e30da
• AQL
  • Update for ArangoDB 3.8 (#2842) ea82478d
• AutoHotkey
  • Improved tag pattern (#2920) fc2a3334
• Bash
  • Accept hyphens in function names (#2832) e4ad22ad
  • Fixed single-quoted strings (#2792) e5cfdb4a
• C++
  • Added support for generic functions and made :: punctuation (#2814) 3df62fd0
  • Added missing keywords and modules (#2763) 88fa72cf
• Dart
  • Improved support for classes & generics (#2810) d0bcd074
• Docker
  • Improvements (#2720) 93dd83c2
• Elixir
  • Added missing keywords (#2958) 114e4626
  • Added missing keyword and other improvements (#2773) e6c0d298
  • Added defdelagate keyword and highlighting for function/module names (#2709) 59f725d7
• F#

... (truncated)

• 3432b4b 1.24.0
• 46d0720 Updated .npmignore (#2971)
• aef7f08 Changelog for v1.24.0 (#2965)
• e9477d8 Markdown: Improved code snippets (#2967)
• 4b55bd6 Made Match Braces and Custom Class compatible (#2947)
• e8d3b50 ESLint: Added regexp/strict rule (#2944)
• bfd7fde GraphQL: Fixed definition-query and definition-mutation tokens (#2964)
• 14e3868 Fixed reST test
• a7656de reST: Fixed inline pattern (#2946)
• b4ac061 ESLint: Use cache (#2959)
• Additional commits viewable in compare view

This version was pushed to npm by rundevelopment, a new releaser for prismjs since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from browserslist's changelog.

4.16.6

• Fixed npm-shrinkwrap.json support in --update-db (by Geoff Newman).

4.16.5

• Fixed unsafe RegExp (by Yeting Li).

4.16.4

• Fixed unsafe RegExp.
• Added artifactory support to --update-db (by Ittai Baratz).

• 6fe3614 Release 4.16.6 version
• 33ebac9 Update dependencies
• 2128170 Add support for npm-shrinkwrap files alongside package-lock (#595)
• 7cc2aed Release 4.16.5 version
• 27e4afd Update dependencies
• 1013a18 Fix version RegExp
• b879a1a Use Node.js 16 on CI
• bd1e9e0 Fix ReDoS (#593)
• 209adf9 Release 4.16.4 version
• 3e2ae3b Fix types
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from dot-prop's releases.

v4.2.1

• Backport https://github.com/sindresorhus/dot-prop/commit/3039c8c07f6fdaa8b595ec869ae0895686a7a0f2 to the v4.x release line.

• c914124 feat: patch 4.2.0 with fixes for CVE-2020-8116
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from prismjs's releases.

v1.23.0

New components

• Apex (#2622) f0e2b70e
• DataWeave (#2659) 0803525b
• PromQL (#2628) 8831c706

Updated components

• Fixed multiple vulnerable regexes (#2584) c2f6a644
• Apache Configuration
  • Update directive-flag to match = (#2612) 00bf00e3
• C-like
  • Made all comments greedy (#2680) 0a3932fe
• C
  • Better class name and macro name detection (#2585) 129faf5c
• Content-Security-Policy
  • Added missing directives and keywords (#2664) f1541342
  • Do not highlight directive names with adjacent hyphens (#2662) a7ccc16d
• CSS
  • Better HTML style attribute tokenization (#2569) b04cbafe
• Java
  • Improved package and class name detection (#2599) 0889bc7c
  • Added Java 15 keywords (#2567) 73f81c89
• Java stack trace
  • Added support stack frame element class loaders and modules (#2658) 0bb4f096
• Julia
  • Removed constants that are not exported by default (#2601) 093c8175
• Kotlin
  • Added support for backticks in function names (#2489) a5107d5c
• Latte
  • Fixed exponential backtracking (#2682) 89f1e182
• Markdown
  • Improved URL tokenization (#2678) 2af3e2c2
  • Added support for YAML front matter (#2634) 5cf9cfbc
• PHP
  • Added support for PHP 7.4 + other major improvements (#2566) 38808e64
  • Added support for PHP 8.0 features (#2591) df922d90
  • Removed C-like dependency (#2619) 89ebb0b7
  • Fixed exponential backtracking (#2684) 37b9c9a1
• Sass (Scss)
  • Added support for Sass modules (#2643) deb238a6
• Scheme
  • Fixed number pattern (#2648) e01ecd00
  • Fixed function and function-like false positives (#2611) 7951ca24
• Shell session
  • Fixed false positives because of links in command output (#2649) 8e76a978
• TSX
  • Temporary fix for the collisions of JSX tags and TS generics (#2596) 25bdb494

... (truncated)

Sourced from prismjs's changelog.

1.23.0 (2020-12-31)

New components

• Apex (#2622) f0e2b70e
• DataWeave (#2659) 0803525b
• PromQL (#2628) 8831c706

Updated components

• Fixed multiple vulnerable regexes (#2584) c2f6a644
• Apache Configuration
  • Update directive-flag to match = (#2612) 00bf00e3
• C-like
  • Made all comments greedy (#2680) 0a3932fe
• C
  • Better class name and macro name detection (#2585) 129faf5c
• Content-Security-Policy
  • Added missing directives and keywords (#2664) f1541342
  • Do not highlight directive names with adjacent hyphens (#2662) a7ccc16d
• CSS
  • Better HTML style attribute tokenization (#2569) b04cbafe
• Java
  • Improved package and class name detection (#2599) 0889bc7c
  • Added Java 15 keywords (#2567) 73f81c89
• Java stack trace
  • Added support stack frame element class loaders and modules (#2658) 0bb4f096
• Julia
  • Removed constants that are not exported by default (#2601) 093c8175
• Kotlin
  • Added support for backticks in function names (#2489) a5107d5c
• Latte
  • Fixed exponential backtracking (#2682) 89f1e182
• Markdown
  • Improved URL tokenization (#2678) 2af3e2c2
  • Added support for YAML front matter (#2634) 5cf9cfbc
• PHP
  • Added support for PHP 7.4 + other major improvements (#2566) 38808e64
  • Added support for PHP 8.0 features (#2591) df922d90
  • Removed C-like dependency (#2619) 89ebb0b7
  • Fixed exponential backtracking (#2684) 37b9c9a1
• Sass (Scss)
  • Added support for Sass modules (#2643) deb238a6
• Scheme
  • Fixed number pattern (#2648) e01ecd00
  • Fixed function and function-like false positives (#2611) 7951ca24
• Shell session
  • Fixed false positives because of links in command output (#2649) 8e76a978
• TSX
  • Temporary fix for the collisions of JSX tags and TS generics (#2596) 25bdb494

... (truncated)

• 88a17b4 1.23.0
• 5dc7b42 Changelog v1.23.0 (#2681)
• 37b9c9a PHP: Fixed exponential backtracking (#2684)
• 89f1e18 Latte: Fixed exponential backtracking (#2682)
• 0a3932f C-like: Made all comments greedy (#2680)
• cdb24ab Line Highlight: Fixed print background color (#2668)
• e644178 Added test for polynomial backtracking (#2597)
• b40f8f4 Line highlight: Fixed top offset in combination with Line numbers (#2237)
• 2af3e2c Markdown: Improved URL tokenization (#2678)
• df0738e Test page: Don't trigger ad-blockers with class (#2677)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• c74c8af 1.3.7
• 024b8b5 update deps, add linting
• 032fbaf Use Object.create(null) to avoid default object property hazards
• 2da9039 1.3.6
• cfea636 better git push script, before publish instead of after
• 56d2805 do not allow invalid hazardous string as section name
• See full diff in compare view

This version was pushed to npm by isaacs, a new releaser for ini since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from prismjs's releases.

v1.21.0

Release 1.21.0

v1.20.0

Release 1.20.0

Sourced from prismjs's changelog.

1.21.0 (2020-08-06)

New components

• .ignore & .gitignore & .hgignore & .npmignore (#2481) 3fcce6fe
• Agda (#2430) 3a127c7d
• AL (#2300) de21eb64
• Cypher (#2459) 398e2943
• Dhall (#2473) 649e51e5
• EditorConfig (#2471) ed8fff91
• HLSL (#2318) 87a5c7ae
• JS stack trace (#2418) ae0327b3
• PeopleCode (#2302) bd4d8165
• PureBasic (#2369) d0c1c70d
• Racket (#2315) 053016ef
• Smali (#2419) 22eb5cad
• Structured Text (IEC 61131-3) (#2311) 8704cdfb
• UnrealScript (#2305) 1093ceb3
• WarpScript (#2307) cde5b0fa
• XML doc (.net) (#2340) caec5e30
• YANG (#2467) ed1df1e1

Updated components

• Markup & JSON: Added new aliases (#2390) 9782cfe6
• Fixed several cases of exponential backtracking (#2268) 7a554b5f
• APL
  • Added ⍥ (#2409) 0255cb6a
• AutoHotkey
  • Added missing format built-in (#2450) 7c66cfc4
  • Improved comments and other improvements (#2412) ddf3cc62
  • Added missing definitions (#2400) 4fe03676
• Bash
  • Added composer command (#2298) 044dd271
• Batch
  • Fix escaped double quote (#2485) f0f8210c
• C
  • Improved macros and expressions (#2440) 8a72fa6f
  • Improved macros (#2320) fdcf7ed2
• C#
  • Improved pattern matching (#2411) 7f341fc1
  • Fixed adjacent string interpolations (#2402) 2a2e79ed
• C++
  • Added support for default comparison operator (#2426) 8e9d161c
  • Improved class name detection (#2348) e3fe9040
  • Fixed enum class class names (#2342) 30b4e254
• Content-Security-Policy
  • Fixed directives (#2461) 537a9e80
• CSS
  • Improved url and added keywords (#2432) 964de5a1

• 187c8a6 1.21.0
• bf4f323 Changelog for v1.21.0 (#2507)
• 8bba488 Previewers: Fixed XSS (#2506)
• 158caf5 JSON: Greedy comments (#2479)
• f0f8210 Batch: Fix escaped double quote (#2485)
• 649e51e Added support for Dhall (#2473)
• 453079b Line Numbers: Fixed class name on website
• a0efa40 Fixed Treeview page (#2484)
• 78161d6 VB: Added VBA alias (#2469)
• ed1df1e Added support for YANG (#2467)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from mime's releases.

v1.4.1

• Fix RegEx DoS issue

v1.4.0

• [closed] support for ac3 voc files #159
• [closed] Help understanding change from application/xml to text/xml #158
• [closed] no longer able to override mimetype #157
• [closed] application/vnd.adobe.photoshop #147
• [closed] Directories should appear as something other than application/octet-stream #135
• [closed] requested features #131
• [closed] Make types.json loading optional? #129
• [closed] Cannot find module './types.json' #120
• [V2] .wav files show up as "audio/x-wav" instead of "audio/x-wave" #118
• [closed] Don't be a pain in the ass for node community #108
• [closed] don't make default_type global #78
• [closed] mime.extension() fails if the content-type is parameterized #74

Sourced from mime's changelog.

v1.6.0 (24/11/2017)

No changelog for this release.

---

v2.0.4 (24/11/2017)

• [closed] Switch to mime-score module for resolving extension contention issues. #182
• [closed] Update mime-db to 1.31.0 in v1.x branch #181

---

v1.5.0 (22/11/2017)

• [closed] need ES5 version ready in npm package #179
• [closed] mime-db no trace of iWork - pages / numbers / etc. #178
• [closed] How it works in brownser ? #176
• [closed] Missing ./Mime #175
• [closed] Vulnerable Regular Expression #167

---

v2.0.3 (25/09/2017)

No changelog for this release.

---

v1.4.1 (25/09/2017)

• [closed] Issue when bundling with webpack #172

---

v2.0.2 (15/09/2017)

• [V2] fs.readFileSync is not a function #165
• [closed] The extension for video/quicktime should map to .mov, not .qt #164
• [V2] [v2 Feedback request] Mime class API #163
• [V2] [v2 Feedback request] Resolving conflicts over extensions #162
• [V2] Allow callers to load module with official, full, or no defined types. #161
• [V2] Use "facets" to resolve extension conflicts #160
• [V2] Remove fs and path dependencies #152
• [V2] Default content-type should not be application/octet-stream #139
• [V2] reset mime-types #124
• [V2] Extensionless paths should return null or false #113

---

v2.0.1 (14/09/2017)

• [closed] Changelog for v2.0 does not mention breaking changes #171
• [closed] MIME breaking with 'class' declaration as it is without 'use strict mode' #170

---

... (truncated)

• 87b396e 1.6.0
• 4db5125 changelog
• 3668c6b Use mime-score module to resolve extension conflicts. Fixes #183
• 949b451 1.5.0
• 85672d3 application/font-woff -> font/woff
• 1f6281d chmod cli.js
• c0853d2 update to [email protected]
• 3004636 Generate CHANGELOG.md via github-release-notes
• eb24bae 1.4.1
• 855d0c4 Fix #167
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from json5's releases.

v2.2.3

• Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Sourced from json5's changelog.

v2.2.3 [code, diff]

• Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

• Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

• Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

• c3a7524 2.2.3
• 94fd06d docs: update CHANGELOG for v2.2.3
• 3b8cebf docs(security): use GitHub security advisories
• f0fd9e1 docs: publish a security policy
• 6a91a05 docs(template): bug -> bug report
• 14f8cb1 2.2.2
• 10cc7ca docs: update CHANGELOG for v2.2.2
• 7774c10 fix: add proto to objects and arrays
• edde30a Readme: slight tweak to intro
• 97286f8 Improve example in readme
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from qs's changelog.

6.2.4

• [Fix] parse: ignore __proto__ keys (#428)
• [Fix] utils.merge: avoid a crash with a null target and an array source
• [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source
• [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
• [Fix] when parseArrays is false, properly handle keys ending in []
• [Robustness] stringify: avoid relying on a global undefined (#427)
• [Refactor] use cached Array.isArray
• [Docs] Clarify the need for "arrayLimit" option
• [meta] fix README.md (#399)
• [meta] Clean up license text so it’s properly detected as BSD-3-Clause
• [meta] add FUNDING.yml
• [actions] backport actions from main
• [Tests] use safer-buffer instead of Buffer constructor
• [Tests] remove nonexistent tape option
• [Dev Deps] backport from main

• 90d9f2b v6.2.4
• ba24e74 [Fix] parse: ignore __proto__ keys (#428)
• f047c9d [Dev Deps] backport from main
• 5f8e28b [actions] backport actions from main
• 2c38654 [Robustness] stringify: avoid relying on a global undefined (#427)
• 37e176d [meta] fix README.md (#399)
• 081a3ab [Tests] use safer-buffer instead of Buffer constructor
• 943e411 [meta] Clean up license text so it’s properly detected as BSD-3-Clause
• 0d82916 [Fix] utils.merge: avoid a crash with a null target and an array source
• c103b90 [Fix] utils.merge`: avoid a crash with a null target and a truthy non-array...
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from decode-uri-component's releases.

v0.2.2

• Prevent overwriting previously decoded tokens 980e0bf

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

v0.2.1

• Switch to GitHub workflows 76abc93
• Fix issue where decode throws - fixes #6 746ca5d
• Update license (#1) 486d7e2
• Tidelift tasks a650457
• Meta tweaks 66e1c28

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

• a0eea46 0.2.2
• 980e0bf Prevent overwriting previously decoded tokens
• 3c8a373 0.2.1
• 76abc93 Switch to GitHub workflows
• 746ca5d Fix issue where decode throws - fixes #6
• 486d7e2 Update license (#1)
• a650457 Tidelift tasks
• 66e1c28 Meta tweaks
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from async's changelog.

v2.6.4

• Fix potential prototype pollution exploit (#1828)

• c6bdaca Version 2.6.4
• 8870da9 Update built files
• 4df6754 update changelog
• 8f7f903 Fix prototype pollution vulnerability (#1828)
• See full diff in compare view

This version was pushed to npm by hargasinski, a new releaser for async since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from prismjs's releases.

v1.27.0

Release 1.27.0

v1.26.0

Release 1.26.0

v1.25.0

Release 1.25.0

v1.24.1

Release 1.24.1

v1.24.0

Release 1.24.0

Sourced from prismjs's changelog.

1.27.0 (2022-02-17)

New components

• UO Razor Script (#3309) 3f8cc5a0

Updated components

• AutoIt
  • Allow hyphen in directive (#3308) bcb2e2c8
• EditorConfig
  • Change alias of section from keyword to selector (#3305) e46501b9
• Ini
  • Swap out header for section (#3304) deb3a97f
• MongoDB
  • Added v5 support (#3297) 8458c41f
• PureBasic
  • Added missing keyword and fixed constants ending with $ (#3320) d6c53726
• Scala
  • Added support for interpolated strings (#3293) 441a1422
• Systemd configuration file
  • Swap out operator for punctuation (#3306) 2eb89e15

Updated plugins

• Command Line
  • Escape markup in command line output (#3341) e002e78c
  • Add support for line continuation and improved colors (#3326) 1784b175
  • Added span around command and output (#3312) 82d0ca15

Other

• Core
  • Added better error message for missing grammars (#3311) 2cc4660b

1.26.0 (2022-01-06)

New components

• Atmel AVR Assembly (#2078) b5a70e4c
• Go module (#3209) 8476a9ab
• Keepalived Configure (#2417) d908e457
• Tremor & Trickle & Troy (#3087) ec25ba65
• Web IDL (#3107) ef53f021

Updated components

• Use \d for [0-9] (#3097) 9fe2f93e
• 6502 Assembly
  • Use standard tokens and minor improvements (#3184) 929c33e0

... (truncated)

• 703881e 1.27.0
• 7ac1373 Updated changelog for v1.27.0 (#3342)
• e002e78 Command Line: Escape markup in command line output (#3341)
• 13b56a9 Bump follow-redirects from 1.14.7 to 1.14.8 (#3338)
• f094c4a Bump yargs-parser from 5.0.0 to 5.0.1 (#3334)
• 9fd4c74 Bump ajv from 6.10.0 to 6.12.6 (#3333)
• 3fcca6b Bump pathval from 1.1.0 to 1.1.1 (#3331)
• 1784b17 Command Line: Add support for line continuation and improved colors (#3326)
• f545843 ESLint: Allow Map and Set in ES5 code (#3328)
• d6c5372 PureBasic: Added missing keyword and fixed constants ending with $ (#3320)
• Additional commits viewable in compare view

This version was pushed to npm by rundevelopment, a new releaser for prismjs since your current version.

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.