Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump validator and class-validator #78

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Sep 27, 2022

Bumps validator to 13.7.0 and updates ancestor dependency class-validator. These dependencies need to be updated together.

Updates validator from 13.0.0 to 13.7.0

Release notes

Sourced from validator's releases.

13.7.0

13.7.0

New Features

Fixes and Enhancements

New and Improved Locales

... (truncated)

Changelog

Sourced from validator's changelog.

13.7.0

New Features

New Features

Fixes and Enhancements

New and Improved Locales

... (truncated)

Commits
  • 47ee5ad 13.7.0
  • 496fc8b fix(rtrim): remove regex to prevent ReDOS attack (#1738)
  • 45901ec Merge pull request #1851 from validatorjs/chore/fix-merge-conflicts
  • 83cb7f8 chore: merge conflict clean-up
  • f17e220 feat(isMobilePhone): add El Salvador es-SV locale
  • 5b06703 feat(isMobilePhone): add Palestine ar-PS locale
  • a3faa83 feat(isMobilePhone): add Botswana en-BW locale
  • 26605f9 feat(isMobilePhone): add Turkmenistan tk-TM
  • 0e5d5d4 feat(isMobilePhone): add Guyana en-GY locale
  • f7ff349 feat(isMobilePhone): add Frech Polynesia fr-PF locale
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by profnandaa, a new releaser for validator since your current version.


Updates class-validator from 0.12.2 to 0.13.2

Changelog

Sourced from class-validator's changelog.

0.13.2 (2021-11-20)

NOTE: This version fixes a security vulnerability allowing denial of service attacks with a specially crafted request payload. Please update as soon as possible.

Fixed

  • switched to use Array.isArray in array checks from instanceof operator

Changed

  • libphonenumber-js package updated to 1.9.43 from 1.9.7
  • validator package updated to 13.5.2 from 13.5.2
  • various dev-dependencies updated

0.13.1 (2021-01-14)

Added

  • optional mather function has been added to the ArrayUnique decorator

Fixed

  • a typo was fixed in the error message generated by the IsUUID decorator
  • calling ValidationError.toString() doesn't result in an error when forbidNonWhitelisted parameter was used
  • fixed typo in error message generated by IsIn decorator
  • the @types/validator package is correctly installed
  • inlineSources option is enabled in tsconfig preventing various sourcemap errors when consuming the package

Changed

  • various dev dependencies has been updated

0.13.0 (2021-01-11)

Added

  • project is restructured to allow three-shaking
  • added option to fail on first validation error (#620)
  • two new validator option is added:
    • always - allows setting global default for always option for decorators
    • strictGroups - ignore decorators with at least one group, when ValidatorOptions.groups is empty

Fixed

  • the 'any' locale is allowed in the isPostalCode decorator (#634)
  • the IsDateString() decorator now aliases the IsISO8601() decorator (#672)

Changed

... (truncated)

Commits
  • 5f91937 merge: release 0.13.2 (#1409)
  • 8e841ef refactor: ignore linter error
  • 6a57621 refactor: format code with latest Prettier
  • 6c50113 build: bump version to 0.13.2
  • 495a275 docs: add changelog for 0.13.2
  • 70278ab build: move @​types/validator to dev dependencies
  • bdcf15c fix: use Array.isArray instead of instanceof checks
  • c6984bb build: squash dependabot commits into one since last release
  • d0cb39f build: update GH action for Dependabot auto-merge
  • 945f154 build(deps-dev): bump eslint-plugin-jest from 24.1.9 to 24.3.2 (#973)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by typestack-release-bot, a new releaser for class-validator since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [validator](https://github.com/validatorjs/validator.js) to 13.7.0 and updates ancestor dependency [class-validator](https://github.com/typestack/class-validator). These dependencies need to be updated together.


Updates `validator` from 13.0.0 to 13.7.0
- [Release notes](https://github.com/validatorjs/validator.js/releases)
- [Changelog](https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md)
- [Commits](validatorjs/validator.js@13.0.0...13.7.0)

Updates `class-validator` from 0.12.2 to 0.13.2
- [Release notes](https://github.com/typestack/class-validator/releases)
- [Changelog](https://github.com/typestack/class-validator/blob/develop/CHANGELOG.md)
- [Commits](typestack/class-validator@v0.12.2...v0.13.2)

---
updated-dependencies:
- dependency-name: validator
  dependency-type: indirect
- dependency-name: class-validator
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Sep 27, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants