chore(deps): bump the npm_and_yarn group across 1 directory with 19 updates

[dependabot]

Bumps the npm_and_yarn group with 18 updates in the /ui directory:

Package	From	To
@babel/traverse	7.20.12	7.25.3
browserify-sign	4.0.4	4.2.3
decode-uri-component	0.2.0	0.2.2
elliptic	6.4.0	6.5.7
express	4.18.1	4.19.2
fast-json-patch	3.0.0-1	3.1.1
follow-redirects	1.5.1	1.15.6
fsevents	1.2.9	1.2.13
handlebars	4.0.11	4.7.8
hosted-git-info	2.8.8	2.8.9
path-parse	1.0.6	1.0.7
ssri	6.0.1	6.0.2
terser	4.8.0	4.8.1
tmpl	1.0.4	1.0.5
underscore	1.9.1	1.13.7
webpack-dev-middleware	5.3.3	5.3.4
websocket-extensions	0.1.3	0.1.4
word-wrap	1.2.3	1.2.5

Updates @babel/traverse from 7.20.12 to 7.25.3

Release notes

Sourced from @​babel/traverse's releases.

v7.25.3 (2024-07-31)

🐛 Bug Fix

• babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-traverse
  • #16699 Avoid validating visitors produced by traverse.visitors.merge (@​nicolo-ribaudo)

🏠 Internal

• babel-parser
  • #16688 Add @babel/types as a dependency of @babel/parser (@​nicolo-ribaudo)

Committers: 2

• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)

v7.25.2 (2024-07-30)

🐛 Bug Fix

• babel-core, babel-traverse
  • #16695 Ensure that requeueComputedKeyAndDecorators is available (@​nicolo-ribaudo)

Committers: 2

• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)

v7.25.1 (2024-07-28)

🐛 Bug Fix

• babel-plugin-transform-function-name
  • #16683 fix: ensureFunctionName may be undefined (@​liuxingbaoyu)
• babel-plugin-transform-react-constant-elements
  • #16582 fix plugin-transform-react-constant-elements transform JSXFrament but not add JSXExpressionContainer (@​keiseiTi)
• babel-traverse
  • #16587 fix: fixed issue16583 + test (@​nerodesu017)

🏠 Internal

• #16663 Test eslint plugin against eslint 9 (@​JLHwung)

Committers: 4

• Adrian (@​nerodesu017)
• Huáng Jùnliàng (@​JLHwung)
• @​keiseiTi
• @​liuxingbaoyu

v7.25.0 (2024-07-26)

Thanks @​davidtaylorhq and @​slatereax for your first PR!

You can find the release blog post with some highlights at https://babeljs.io/blog/2024/07/26/7.25.0.

👓 Spec Compliance

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.25.3 (2024-07-31)

🐛 Bug Fix

• babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-traverse
  • #16699 Avoid validating visitors produced by traverse.visitors.merge (@​nicolo-ribaudo)

🏠 Internal

• babel-parser
  • #16688 Add @babel/types as a dependency of @babel/parser (@​nicolo-ribaudo)

v7.25.2 (2024-07-30)

🐛 Bug Fix

• babel-core, babel-traverse
  • #16695 Ensure that requeueComputedKeyAndDecorators is available (@​nicolo-ribaudo)

v7.25.1 (2024-07-28)

🐛 Bug Fix

• babel-plugin-transform-function-name
  • #16683 fix: ensureFunctionName may be undefined (@​liuxingbaoyu)
• babel-plugin-transform-react-constant-elements
  • #16582 fix plugin-transform-react-constant-elements transform JSXFrament but not add JSXExpressionContainer (@​keiseiTi)
• babel-traverse
  • #16587 fix: fixed issue16583 + test (@​nerodesu017)

🏠 Internal

• #16663 Test eslint plugin against eslint 9 (@​JLHwung)

v7.25.0 (2024-07-26)

👓 Spec Compliance

• babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3
  • #16537 await using normative updates (@​JLHwung)
• babel-plugin-transform-typescript
  • #16602 Ensure enum members syntactically determinable to be strings do not get reverse mappings (@​liuxingbaoyu)

🚀 New Feature

• babel-helper-create-class-features-plugin, babel-helper-function-name, babel-helper-plugin-utils, babel-helper-wrap-function, babel-plugin-bugfix-safari-class-field-initializer-scope, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-preset-env, babel-traverse, babel-types
  • #16658 Move ensureFunctionName to NodePath.prototype (@​nicolo-ribaudo)
• babel-helper-hoist-variables, babel-helper-plugin-utils, babel-plugin-proposal-async-do-expressions, babel-plugin-transform-modules-systemjs, babel-traverse
  • #16644 Move hoistVariables to Scope.prototype (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-helper-module-transforms, babel-helper-plugin-utils, babel-helper-split-export-declaration, babel-plugin-transform-classes, babel-traverse, babel-types
  • #16645 Move splitExportDeclaration to NodePath.prototype (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-helper-environment-visitor, babel-helper-module-transforms, babel-helper-plugin-utils, babel-helper-remap-async-to-generator, babel-helper-replace-supers, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-transform-async-generator-functions, babel-plugin-transform-classes, babel-traverse
  • #16649 Move environment-visitor helper into @babel/traverse (@​nicolo-ribaudo)
• babel-core, babel-parser
  • #16480 Expose wether a module has TLA or not as .extra.async (@​nicolo-ribaudo)
• babel-compat-data, babel-plugin-bugfix-safari-class-field-initializer-scope, babel-preset-env
  • #16569 Introduce bugfix-safari-class-field-initializer-scope (@​davidtaylorhq)
• babel-plugin-transform-block-scoping, babel-traverse, babel-types
  • #16551 Add NodePath#getAssignmentIdentifiers (@​JLHwung)
• babel-helper-import-to-platform-api, babel-plugin-proposal-json-modules

... (truncated)

Commits

• 787c7cd v7.25.3
• 992c6e0 Avoid validating visitors produced by traverse.visitors.merge (#16699)
• 44efb5f print @​babel/traverse version on unknown AST types (#16701)
• 0f8f408 v7.25.2
• 6a15d7a Ensure that requeueComputedKeyAndDecorators is available (#16695)
• 2413d1a Add eslint-plugin-regexp (#16680)
• 6bfc823 v7.25.1
• 801d3cb fix: improve variable declarator removal (#16587)
• d2e3ee2 v7.25.0
• d364545 Move ensureFunctionName to NodePath.prototype (#16658)
• Additional commits viewable in compare view

Updates browserify-sign from 4.0.4 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

• [patch] widen support to 0.12 9247adf
• [patch] drop minimum node support to v1 4d0ee49
• [Dev Deps] update aud, npmignore, tape 87f3a35
• [actions] remove redundant finisher 37a4758
• [Deps] pin hash-base to ~3.0, due to a breaking change 9e2bf12
• [Deps] update parse-asn1 [f427270`](browserify/browserify-sign@f427270)
• [Deps] update elliptic fb261ce
• [Deps] pin elliptic due to a breaking change 168e16f

v4.2.2 - 2023-10-25

Fixed

• [Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

• Only apps should have lockfiles 09a8995
• [eslint] switch to eslint 83fe463
• [meta] add npmignore and auto-changelog 4418183
• [meta] fix package.json indentation 9ac5a5e
• [Tests] migrate from travis to github actions d845d85
• [Fix] sign: throw on unsupported padding scheme 8767739
• [Fix] properly check the upper bound for DSA signatures 85994cd
• [Tests] handle openSSL not supporting a scheme f5f17c2
• [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
• [Dev Deps] update nyc, standard, tape cc5350b
• [Tests] always run coverage; downgrade nyc 75ce1d5
• [meta] add safe-publish-latest dcf49ce
• [Tests] add npm run posttest 75dd8fd
• [Dev Deps] update tape 3aec038
• [Tests] skip unsupported schemes 703c83e
• [Tests] node < 6 lacks array includes 3aa43cf
• [Dev Deps] fix eslint range 98d4e0d

v4.2.1 - 2020-08-04

Merged

• bump elliptic [#58](https://github.com/crypto-browserify/browserify-sign/issues/58)

v4.2.0 - 2020-05-18

Merged

• switch to safe buffer [#53](https://github.com/crypto-browserify/browserify-sign/issues/53)

... (truncated)

Commits

• bf2c3ec v4.2.3
• 9247adf [patch] widen support to 0.12
• f427270 [Deps] update `parse-asn1
• 87f3a35 [Dev Deps] update aud, npmignore, tape
• fb261ce [Deps] update elliptic
• 4d0ee49 [patch] drop minimum node support to v1
• 9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
• 168e16f [Deps] pin elliptic due to a breaking change
• 37a4758 [actions] remove redundant finisher
• 4af5a90 v4.2.2
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

• Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

• Switch to GitHub workflows 76abc93
• Fix issue where decode throws - fixes #6 746ca5d
• Update license (#1) 486d7e2
• Tidelift tasks a650457
• Meta tweaks 66e1c28

SamVerschueren/decode-uri-component@v0.2.0...v0.2.1

Commits

• a0eea46 0.2.2
• 980e0bf Prevent overwriting previously decoded tokens
• 3c8a373 0.2.1
• 76abc93 Switch to GitHub workflows
• 746ca5d Fix issue where decode throws - fixes #6
• 486d7e2 Update license (#1)
• a650457 Tidelift tasks
• 66e1c28 Meta tweaks
• See full diff in compare view

Updates elliptic from 6.4.0 to 6.5.7

Commits

• 3e46a48 6.5.7
• accb61e lib: DER signature decoding correction
• 03e06e1 6.5.6
• 7ac5360 Merge commit from fork
• 7570078 6.5.5
• 206da2e lib: lint
• 0a78e03 [Fix] restore node < 4 compat
• 43ac7f2 6.5.4
• f4bc72b package: bump deps
• 441b742 ec: validate that a point before deriving keys
• Additional commits viewable in compare view

Updates express from 4.18.1 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

• Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

• Fix ci after location patch by @​wesleytodd in expressjs/express#5552
• fixed un-edited version in history.md for 4.19.0 by @​wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

• fix typo in release date by @​UlisesGascon in expressjs/express#5527
• docs: nominating @​wesleytodd to be project captian by @​wesleytodd in expressjs/express#5511
• docs: loosen TC activity rules by @​wesleytodd in expressjs/express#5510
• Add note on how to update docs for new release by @​crandmck in expressjs/express#5541
• Prevent open redirect allow list bypass due to encodeurl
• Release 4.19.0 by @​wesleytodd in expressjs/express#5551

New Contributors

• @​crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

• Fix routing requests without method
• deps: [email protected]
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: [email protected]

Other Changes

• Use https: protocol instead of deprecated git: protocol by @​vcsjones in expressjs/express#5032
• build: [email protected] and [email protected] by @​abenhamdine in expressjs/express#5034
• ci: update actions/checkout to v3 by @​armujahid in expressjs/express#5027
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5124
• Remove unused originalIndex from acceptParams by @​raksbisht in expressjs/express#5119
• Fixed typos by @​raksbisht in expressjs/express#5117
• examples: remove unused params by @​raksbisht in expressjs/express#5113
• fix: parameter str is not described in JSDoc by @​raksbisht in expressjs/express#5130
• fix: typos in History.md by @​raksbisht in expressjs/express#5131
• build : add [email protected] by @​abenhamdine in expressjs/express#5028
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

• Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

• Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

• Prevent open redirect allow list bypass due to encodeurl
• deps: [email protected]

4.18.3 / 2024-02-29

• Fix routing requests without method
• deps: [email protected]
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: [email protected]
• deps: [email protected]
  • Add partitioned option

4.18.2 / 2022-10-08

• Fix regression routing a large stack in a single route
• deps: [email protected]
  • deps: [email protected]
  • perf: remove unnecessary object clone
• deps: [email protected]

Commits

• 04bc627 4.19.2
• da4d763 Improved fix for open redirect allow list bypass
• 4f0f6cc 4.19.1
• a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
• a1fa90f fixed un-edited version in history.md for 4.19.0
• 11f2b1d build: fix build due to inconsistent supertest behavior in older versions
• 084e365 4.19.0
• 0867302 Prevent open redirect allow list bypass due to encodeurl
• 567c9c6 Add note on how to update docs for new release (#5541)
• 69a4cf2 deps: [email protected]
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates fast-json-patch from 3.0.0-1 to 3.1.1

Release notes

Sourced from fast-json-patch's releases.

3.1.1

Security Fix for Prototype Pollution - huntr.dev #262

Bug fixes and ES6 modules

Use ES6 Modules

• package now exports non-bundled ES module Starcounter-Jack/JSON-Patch#232
• main still points to CommonJS module for backward compatibility
• README recommends use of named ES imports

List of changes Starcounter-Jack/JSON-Patch@v2.2.1...3.0.0-0

Commits

• 9d313ac fix(tests): Updated tests to reflect new error message
• e4f4eb3 3.1.1
• d7903fb fix: typescript codegen changes
• 5f04488 Bumping version number
• 7e9fe13 Typescript provided
• 097864a Documentation updated
• 51964ed feat: Cleaned up vars vs consts
• 8a6a360 New build
• adeb422 Update .gitignore
• 59336fe Merge pull request #292 from Starcounter-Jack/dependabot/npm_and_yarn/ajv-6.12.6
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by mountain-jack, a new releaser for fast-json-patch since your current version.

Updates follow-redirects from 1.5.1 to 1.15.6

Commits

• 35a517c Release version 1.15.6 of the npm package.
• c4f847f Drop Proxy-Authorization across hosts.
• 8526b4a Use GitHub for disclosure.
• b1677ce Release version 1.15.5 of the npm package.
• d8914f7 Preserve fragment in responseUrl.
• 6585820 Release version 1.15.4 of the npm package.
• 7a6567e Disallow bracketed hostnames.
• 05629af Prefer native URL instead of deprecated url.parse.
• 1cba8e8 Prefer native URL instead of legacy url.resolve.
• 72bc2a4 Simplify _processResponse error handling.
• Additional commits viewable in compare view

Updates fsevents from 1.2.9 to 1.2.13

Release notes

Sourced from fsevents's releases.

Release v1.2.13

Only build on Mac-OSX

Release v1.2.11

Removing node-pre-gyp so that building fsevents becomes easier and enabled without the download of binaries.

The credentials to the AWS store have been lost. Releasing to AWS is both insecure and no longer possible due to the lost credentials.

Intermediate Release

No release notes provided.

Commits

• 844a05d Version Bump
• f393f2a Only build fsevents on macOS (#322)
• 6a281a7 [publish binary]
• acc2bce [publish binary]
• f532b6e [publish binary]
• 4c6a1c0 Add node 13 to travis matrix.
• 92e40aa Release 1.2.12.
• 909af26 Release v1.2.11
• 7074adb Release v1.2.10
• See full diff in compare view

Updates handlebars from 4.0.11 to 4.7.8

Release notes

Sourced from handlebars's releases.

v4.7.8

• Make library compatible with workers (#1894) - 3d3796c
• Don't rely on Node.js global object (#1776) - 2954e7e
• Fix compiling of each block params in strict mode (#1855) - 30dbf04
• Fix rollup warning when importing Handlebars as ESM - 03d387b
• Fix bundler issue with webpack 5 (#1862) - c6c6bbb
• Use https instead of git for mustache submodule - 88ac068

Commits

Changelog

Sourced from handlebars's changelog.

v4.7.8 - July 27th, 2023

• Make library compatible with workers (#1894) - 3d3796c
• Don't rely on Node.js global object (#1776) - 2954e7e
• Fix compiling of each block params in strict mode (#1855) - 30dbf04
• Fix rollup warning when importing Handlebars as ESM - 03d387b
• Fix bundler issue with webpack 5 (#1862) - c6c6bbb
• Use https instead of git for mustache submodule - 88ac068

Commits

v4.7.7 - February 15th, 2021

• fix weird error in integration tests - eb860c0
• fix: check prototype property access in strict-mode (#1736) - b6d3de7
• fix: escape property names in compat mode (#1736) - f058970
• refactor: In spec tests, use expectTemplate over equals and shouldThrow (#1683) - 77825f8
• chore: start testing on Node.js 12 and 13 - 3789a30

(POSSIBLY) BREAKING CHANGES:

• the changes from version 4.6.0 now also apply in when using the compile-option "strict: true". Access to prototype properties is forbidden completely by default, specific properties or methods can be allowed via runtime-options. See #1633 for details. If you are using Handlebars as documented, you should not be accessing prototype properties from your template anyway, so the changes should not be a problem for you. Only the use of undocumented features can break your build.

That is why we only bump the patch version despite mentioning breaking changes.

Commits

v4.7.6 - April 3rd, 2020

Chore/Housekeeping:

• #1672 - Switch cmd parser to latest minimist (@​dougwilson

Compatibility notes:

• Restored Node.js compatibility

Commits

v4.7.5 - April 2nd, 2020

Chore/Housekeeping:

• Node.js version support has been changed to v6+ Reverted in 4.7.6

Compatibility notes:

... (truncated)

Commits

• 8dc3d25 v4.7.8
• 668c4fb Fix browser tests in CI pipeline
• c65c6cc Test on Node 18
• 3d3796c Make library compatible with workers
• 075b354 Fix sync issue with npm lock-file
• 30dbf04 Fix compiling of each block params in strict mode
• e3a5448 Fix bundler issue with webpack 5
• 8e23642 Fix integration-tests issue with npm >= 7
• 88ac068 use https instead of git for mustache submodule
• c68bc08 Fix typo
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jaylinski, a new releaser for handlebars since your current version.

Updates hosted-git-info from 2.8.8 to 2.8.9

Changelog

Sourced from hosted-git-info's changelog.

2.8.9 (2021-04-07)

Bug Fixes

• backport regex fix from #76 (29adfe5), closes #84

Commits

• 8d4b369 chore(release): 2.8.9
• 29adfe5 fix: backport regex fix from #76
• See full diff in compare view

Maintainer changes

This version was pushed to npm by nlf, a new releaser for hosted-git-info since your current version.

Updates minimist from 0.0.10 to 1.2.5

Changelog

Sourced from minimist's changelog.

v1.2.5 - 2020-03-12

v1.2.4 - 2020-03-11

Commits

• security notice 4cf1354
• additional test for constructor prototype pollution 1043d21

v1.2.3 - 2020-03-10

Commits

• more failing proto pollution tests 13c01a5
• even more aggressive checks for protocol pollution 38a4d1c

v1.2.2 - 2020-03-10

Commits

• failing test for protocol pollution 0efed03
• cleanup 67d3722
• console.dir -> console.log 47acf72
• don't assign onto proto 63e7ed0

v1.2.1 - 2020-03-10

Merged

• move the opts['--'] example back where it belongs [#63](https://github.com/minimistjs/minimist/issues/63)

Commits

• add test 6be5dae
• fix bad boolean regexp ac3fc79

v1.2.0 - 2015-08-24

Commits

• failing -k=v short test 63416b8
• kv short fix 6bbe145
• failing kv short test f72ab7f
• fixed kv test f5a48c3
• enforce space between arg key and value 86b321a

v1.1.3 - 2015-08-06

Commits

... (truncated)

Commits

• aeb3e27 1.2.5
• 278677b 1.2.4
• 4cf1354 security notice
• 1043d21 additional test for constructor prototype pollution
• 6457d74 1.2.3
• 38a4d1c even more aggressive checks for protocol pollution
• 13c01a5 more failing proto pollution tests
• f34df07 1.2.2
• 67d3722 cleanup
• 63e7ed0 don't assign onto proto
• Additional commits viewable in compare view

Updates path-parse from 1.0.6 to 1.0.7

Commits

• See full diff in compare view

Updates ssri from 6.0.1 to 6.0.2

Changelog

Sourced from ssri's changelog.

6.0.2 (2021-04-07)

Bug Fixes

• backport regex change from 8.0.1 (b30dfdb), closes #19

Commits

• b7c8c7c chore(release): 6.0.2
• b30dfdb fix: backport regex change from 8.0.1
• See full diff in compare view

Maintainer changes

This version was pushed to npm by nlf, a new releaser for ssri since your current version.

Updates terser from 4.8.0 to 4.8.1

Changelog

Sourced from terser's changelog.

v4.8.1 (backport)

• Security fix for RegExps that should not be evaluated (regexp DDOS)

Commits

• 40674a4 update changelog, version
• d8cc569 backport fix to potential regexp DDOS
• See full diff in compare view

Updates tmpl from 1.0.4 to 1.0.5

Commits

• See full diff in compare view

Updates underscore from 1.9.1 to 1.13.7

Commits

• d2e7e61 Update autogenerated files for 1.13.7
• b1d4f23 Add a change log entry for 1.13.7
• 473970a Bump the copyright years
• a1cbb48 Bump the version to 1.13.7
• 1205eb5 Merge pull request #2996 from elkcityhazard/feature/theme-toggle
• bd3468b even more css formatting
• dd23fd0 formatting, filter, darker darkmode
• 184aae5 unncessary prefers-color-scheme: light removal
• 55720c0 minimal dark mode implementation
• de20b6f incorporated stylesheet that was already available
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jgonggrijp, a new releaser for underscore since your current version.

Updates webpack-dev-middleware from 5.3.3 to 5.3.4

Release notes

Sourced from webpack-dev-middleware's releases.

v5.3.4

5.3.4 (2024-03-20)

Bug Fixes

• security: do not allow to read files above (#1779) (189c4ac)

Changelog

Sourced from webpack-dev-middleware's changelog.

5.3.4 (2024-03-20)

Bug Fixes

• security: do not allow to read files above (#1779) (189c4ac)

Commits

• 86071ea chore(release): 5.3.4
• 189c4ac fix(security): do not allow to read files above (#1779)
• See full diff in compare view

Updates websocket-extensions from 0.1.3 to 0.1.4

Changelog

Sourced from websocket-extensions's changelog.

0.1.4 / 2020-06-02

• Remove a ReDoS vulnerability in the header parser (CVE-2020-7662, reported by Robert McLaughlin)
• Change license from MIT to Apache 2.0

Commits