Bump the npm_and_yarn group across 2 directories with 11 updates

[dependabot]

Bumps the npm_and_yarn group with 7 updates in the /asset-transfer-basic/rest-api-typescript directory:

Package	From	To
express	4.18.2	4.20.0
@babel/traverse	7.22.20	7.25.6
@grpc/grpc-js	1.9.3	1.9.15
axios	0.21.4	1.7.7
fabric-network	2.2.19	2.2.20
braces	3.0.2	3.0.3
msgpackr	1.9.9	1.11.0

Bumps the npm_and_yarn group with 1 update in the /full-stack-asset-transfer-guide/applications/conga-cards directory: axios.

Updates express from 4.18.2 to 4.20.0

Release notes

Sourced from express's releases.

4.20.0

What's Changed

Important

• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect

Other Changes

• 4.19.2 Staging by @​wesleytodd in expressjs/express#5561
• remove duplicate location test for data uri by @​wesleytodd in expressjs/express#5562
• feat: document beta releases expectations by @​marco-ippolito in expressjs/express#5565
• Cut down on duplicated CI runs by @​jonchurch in expressjs/express#5564
• Add a Threat Model by @​UlisesGascon in expressjs/express#5526
• Assign captain of encodeurl by @​blakeembrey in expressjs/express#5579
• Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @​jonchurch in expressjs/express#5587
• docs: update Security.md by @​inigomarquinez in expressjs/express#5590
• docs: update triage nomination policy by @​UlisesGascon in expressjs/express#5600
• Add CodeQL (SAST) by @​UlisesGascon in expressjs/express#5433
• docs: add UlisesGascon as triage initiative captain by @​UlisesGascon in expressjs/express#5605
• deps: encodeurl@~2.0.0 by @​blakeembrey in expressjs/express#5569
• skip QUERY method test by @​jonchurch in expressjs/express#5628
• ignore ETAG query test on 21 and 22, reuse skip util by @​jonchurch in expressjs/express#5639
• add support Node.js@22 in the CI by @​mertcanaltin in expressjs/express#5627
• doc: add table of contents, tc/triager lists to readme by @​mertcanaltin in expressjs/express#5619
• List and sort all projects, add captains by @​blakeembrey in expressjs/express#5653
• docs: add @​UlisesGascon as captain for cookie-parser by @​UlisesGascon in expressjs/express#5666
• ✨ bring back query tests for node 21 by @​ctcpip in expressjs/express#5690
• [v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by @​jonchurch in expressjs/express#5672
• skip QUERY tests for Node 21 only, still not supported by @​jonchurch in expressjs/express#5695
• 📝 update people, add ctcpip to TC by @​ctcpip in expressjs/express#5683
• remove minor version pinning from ci by @​jonchurch in expressjs/express#5722
• Fix link variable use in attribution section of CODE OF CONDUCT by @​IamLizu in expressjs/express#5762
• Replace Appveyor windows testing with GHA by @​jonchurch in expressjs/express#5599
• Add OSSF Scorecard badge by @​UlisesGascon in expressjs/express#5436
• update scorecard link by @​bjohansebas in expressjs/express#5814
• Nominate @​IamLizu to the triage team by @​UlisesGascon in expressjs/express#5836
• deps: path-to-regexp@0.1.8 by @​blakeembrey in expressjs/express#5603
• docs: specify new instructions for question and discuss by @​IamLizu in expressjs/express#5835
• 4.x: Upgrade merge-descriptors dependency by @​RobinTail in expressjs/express#5781
• path-to-regexp@0.1.10 by @​blakeembrey in expressjs/express#5902

New Contributors

• @​marco-ippolito made their first contribution in expressjs/express#5565
• @​inigomarquinez made their first contribution in expressjs/express#5590
• @​mertcanaltin made their first contribution in expressjs/express#5627
• @​ctcpip made their first contribution in expressjs/express#5690
• @​bjohansebas made their first contribution in expressjs/express#5814

Full Changelog: expressjs/express@4.19.1...4.20.0

... (truncated)

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

• deps: serve-static@0.16.0
  • Remove link renderization in html while redirecting
• deps: send@0.19.0
  • Remove link renderization in html while redirecting
• deps: body-parser@0.6.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect
• deps: path-to-regexp@0.1.10
  • Adds support for named matching groups in the routes using a regex
  • Adds backtracking protection to parameters without regexes defined
• deps: encodeurl@~2.0.0
  • Removes encoding of \, |, and ^ to align better with URL spec
• Deprecate passing options.maxAge and options.expires to res.clearCookie
  • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

• Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

• Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

• Prevent open redirect allow list bypass due to encodeurl
• deps: cookie@0.6.0

4.18.3 / 2024-02-29

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2
• deps: cookie@0.6.0
  • Add partitioned option

Commits

• 21df421 4.20.0
• 4c9ddc1 feat: upgrade to serve-static@0.16.0
• 9ebe5d5 feat: upgrade to send@0.19.0 (#5928)
• ec4a01b feat: upgrade to body-parser@1.20.3 (#5926)
• 54271f6 fix: don't render redirect values in anchor href
• 125bb74 path-to-regexp@0.1.10 (#5902)
• 2a980ad merge-descriptors@1.0.3 (#5781)
• a3e7e05 docs: specify new instructions for question and discuss
• c5addb9 deps: path-to-regexp@0.1.8 (#5603)
• e35380a docs: add @​IamLizu to the triage team (#5836)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.

Updates @babel/traverse from 7.22.20 to 7.25.6

Release notes

Sourced from @​babel/traverse's releases.

v7.25.6 (2024-08-29)

Thanks @​j4k0xb for your first PR!

🐛 Bug Fix

• babel-generator
  • #16783 Properly print inner comments in TS array types (@​nicolo-ribaudo)
  • #16775 fix: jsx whitespace is not properly preserved when retainLines (@​liuxingbaoyu)
• babel-traverse
  • #16727 fix: path.getAssignmentIdentifiers may be undefined (@​liuxingbaoyu)
• babel-parser
  • #16761 fix: improve static canFollowModifier checks (@​JLHwung)
• babel-helpers, babel-plugin-transform-optional-chaining, babel-runtime-corejs3
  • #16769 Only wrap functions in superPropertyGet helper (@​nicolo-ribaudo)

💅 Polish

• babel-generator, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-plugin-transform-named-capturing-groups-regex, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env
  • #16780 Do not enforce printing space between ( and comments (@​nicolo-ribaudo)
• babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes
  • #16781 Don't throw when enabling both syntax-import-{assertions,attributes} (@​nicolo-ribaudo)
• babel-generator
  • #16782 TS union/intersection nested in union does not need parens (@​nicolo-ribaudo)

🏠 Internal

• babel-generator
  • #16777 Remove unused parent params in the generator (@​nicolo-ribaudo)

Committers: 5

• Babel Bot (@​babel-bot)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​j4k0xb
• @​liuxingbaoyu

v7.25.5 (2024-08-23)

🐛 Bug Fix

• babel-generator, babel-traverse
  • #16764 fix: Generate sequence expression parentheses correctly (@​liuxingbaoyu)

💅 Polish

• babel-generator
  • #16738 Only force-parenthesize satisfies's LHS if it has newlines (@​nicolo-ribaudo)

Committers: 2

• Nicolò Ribaudo (@​nicolo-ribaudo)
• @​liuxingbaoyu

v7.25.4 (2024-08-22)

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.25.6 (2024-08-29)

🐛 Bug Fix

• babel-generator
  • #16783 Properly print inner comments in TS array types (@​nicolo-ribaudo)
  • #16775 fix: jsx whitespace is not properly preserved when retainLines (@​liuxingbaoyu)
• babel-traverse
  • #16727 fix: path.getAssignmentIdentifiers may be undefined (@​liuxingbaoyu)
• babel-parser
  • #16761 fix: improve static canFollowModifier checks (@​JLHwung)
• babel-helpers, babel-plugin-transform-optional-chaining, babel-runtime-corejs3
  • #16769 Only wrap functions in superPropertyGet helper (@​nicolo-ribaudo)

💅 Polish

• babel-generator, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-duplicate-named-capturing-groups-regex, babel-plugin-transform-named-capturing-groups-regex, babel-plugin-transform-react-jsx-development, babel-plugin-transform-react-jsx, babel-plugin-transform-react-pure-annotations, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env
  • #16780 Do not enforce printing space between ( and comments (@​nicolo-ribaudo)
• babel-plugin-syntax-import-assertions, babel-plugin-syntax-import-attributes
  • #16781 Don't throw when enabling both syntax-import-{assertions,attributes} (@​nicolo-ribaudo)
• babel-generator
  • #16782 TS union/intersection nested in union does not need parens (@​nicolo-ribaudo)

🏠 Internal

• babel-generator
  • #16777 Remove unused parent params in the generator (@​nicolo-ribaudo)

v7.25.5 (2024-08-23)

🐛 Bug Fix

• babel-generator, babel-traverse
  • #16764 fix: Generate parentheses correctly (@​liuxingbaoyu)

💅 Polish

• babel-generator
  • #16738 Only force-parenthesize satisfies's LHS if it has newlines (@​nicolo-ribaudo)

v7.25.4 (2024-08-22)

🐛 Bug Fix

• babel-traverse
  • #16756 fix: Skip computed key when renaming (@​liuxingbaoyu)
• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • #16755 fix: Decorator 2018-09 may throw an exception (@​liuxingbaoyu)
• babel-types
  • #16710 Visit AST fields nodes according to their syntactical order (@​nicolo-ribaudo)
• babel-generator
  • #16709 Print semicolon after TS export namespace as A (@​nicolo-ribaudo)

💅 Polish

• babel-generator, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-destructuring, babel-plugin-transform-optional-chaining, babel-plugin-transform-private-methods, babel-plugin-transform-private-property-in-object, babel-plugin-transform-typescript, babel-runtime-corejs2, babel-runtime, babel-traverse
  • #16722 Avoid unnecessary parens around sequence expressions (@​nicolo-ribaudo)
• babel-generator, babel-plugin-transform-class-properties
  • #16714 Avoid unnecessary parens around exported arrow functions (@​nicolo-ribaudo)

... (truncated)

Commits

• 2f72b97 v7.25.6
• faceae9 fix: path.getAssignmentIdentifiers may be undefined (#16727)
• 46ee612 Remove some NodePath methods (#16655)
• 2fdc8b5 fix: Generate sequence expression parentheses correctly (#16764)
• cbf124c v7.25.4
• 2b289fb fix: skip computed key when renaming (#16756)
• 575863c Avoid unnecessary parens around sequence expressions (#16722)
• 5174ad1 Clean all always enabled parser plugins (#16572)
• 52718ab Discontinue babel-eslint-config-internal (#16718)
• dba45d3 Ignore devDependencies when generating tsconfig.json (#16659)
• Additional commits viewable in compare view

Updates @grpc/grpc-js from 1.9.3 to 1.9.15

Release notes

Sourced from @​grpc/grpc-js's releases.

@​grpc/grpc-js 1.9.15

• Avoid buffering significantly more than grpc.max_receive_message_size per received message.

@​grpc/grpc-js 1.9.14

• Fix a bug that could rarely cause connection leaks (#2644)
• Fix a bug that could cause clients to go IDLE incorrectly some time after calling waitForReady (#2643)

@​grpc/grpc-js 1.9.13

• Fix a bug that could cause the Node process to close early when establishing a connection while a request is pending (#2626)

@​grpc/grpc-js 1.9.12

• Fix a bug that could cause connectivity state information to become stale in some circumstances (#2623)

@​grpc/grpc-js 1.9.11

• Fix a busy loop when recovering from a failure to establish a connection to a unix domain socket address target (#2618)
• Fix a bug that caused clients to stop trying to connect to a fixed IP address target after a working connection drops (#2619)

@​grpc/grpc-js 1.9.10

• Provide the correct port to the proxy when connecting to a target without an explicitly specified port (#2608 contributed by @​segevfiner)
• Properly handle goaway events with no additional data attached (#2611)

@​grpc/grpc-js 1.9.9

• Fix a busy loop when recovering from a failure to establish a connection to a fixed IP address target (#2609)

@​grpc/grpc-js 1.9.8

• Fix a memory leak caused by creating and closing multiple clients (#2606)

@​grpc/grpc-js 1.9.7

• Fix a bug that could cause a client to not update name resolution after multiple failed connection attempts (#2602)

@​grpc/grpc-js 1.9.6

• Include more information in most "No connection established" errors (#2598)
• Remove the index tracer, and add more information to other trace logs (#2599)

@​grpc/grpc-js 1.9.5

• Fix a type inconsistency in server-call.ts (#2589 contributed by @​rsnullptr)
• Close ports if the server is shut down while the bind operation is ongoing (#2590)

@​grpc/grpc-js 1.9.4

• Fix a bug that could cause a client to sometimes incorrectly hold the process open when no longer in use (#2586)

Commits

• 08b0422 Merge pull request from GHSA-7v5v-9h63-cj86
• c75e048 grpc-js: Bump to 1.9.15
• d5d62b4 grpc-js: Avoid buffering significantly more than max_receive_message_size per...
• 02d0344 Merge pull request #2741 from sergiitk/backport-1.9-psm-interop-common-prod-t...
• cf14020 Merge pull request #2729 from sergiitk/psm-interop-common-prod-tests
• da44229 Merge pull request #2738 from murgatroid99/backport-1.9-grpc-js_linkify-it_fix
• 5ae7c8c Merge pull request #2735 from murgatroid99/grpc-js_linkify-it_fix
• eed21ba Merge pull request #2714 from sergiitk/backport-1.9-psm-interop-pkg-dev
• 63763a4 Merge pull request #2712 from sergiitk/psm-interop-pkg-dev
• 5be83dd Merge pull request #2643 from murgatroid99/grpc-js_idle_timer_fix
• Additional commits viewable in compare view

Updates axios from 0.21.4 to 1.7.7

Release notes

Sourced from axios's releases.

Release v1.7.7

Release notes:

Bug Fixes

• fetch: fix stream handling in Safari by fallback to using a stream reader instead of an async iterator; (#6584) (d198085)
• http: fixed support for IPv6 literal strings in url (#5731) (364993f)

Contributors to this release

• Rishi556
• Dmitriy Mozgovoy

Release v1.7.6

Release notes:

Bug Fixes

• fetch: fix content length calculation for FormData payload; (#6524) (085f568)
• fetch: optimize signals composing logic; (#6582) (df9889b)

Contributors to this release

• Dmitriy Mozgovoy
• Jacques Germishuys
• kuroino721

Release v1.7.5

Release notes:

Bug Fixes

• adapter: fix undefined reference to hasBrowserEnv (#6572) (7004707)
• core: add the missed implementation of AxiosError#status property; (#6573) (6700a8a)
• core: fix ReferenceError: navigator is not defined for custom environments; (#6567) (fed1a4b)
• fetch: fix credentials handling in Cloudflare workers (#6533) (550d885)

Contributors to this release

• Dmitriy Mozgovoy
• Antonin Bas
• Hans Otto Wirtz

Release v1.7.4

Release notes:

Bug Fixes

• sec: CVE-2024-39338 (#6539) (#6543) (6b6b605)
• sec: disregard protocol-relative URL to remediate SSRF (#6539) (07a661a)

Contributors to this release

• Lev Pachmanov

... (truncated)

Changelog

Sourced from axios's changelog.

1.7.7 (2024-08-31)

Bug Fixes

• fetch: fix stream handling in Safari by fallback to using a stream reader instead of an async iterator; (#6584) (d198085)
• http: fixed support for IPv6 literal strings in url (#5731) (364993f)

Contributors to this release

• Rishi556
• Dmitriy Mozgovoy

1.7.6 (2024-08-30)

Bug Fixes

• fetch: fix content length calculation for FormData payload; (#6524) (085f568)
• fetch: optimize signals composing logic; (#6582) (df9889b)

Contributors to this release

• Dmitriy Mozgovoy
• Jacques Germishuys
• kuroino721

1.7.5 (2024-08-23)

Bug Fixes

• adapter: fix undefined reference to hasBrowserEnv (#6572) (7004707)
• core: add the missed implementation of AxiosError#status property; (#6573) (6700a8a)
• core: fix ReferenceError: navigator is not defined for custom environments; (#6567) (fed1a4b)
• fetch: fix credentials handling in Cloudflare workers (#6533) (550d885)

Contributors to this release

• Dmitriy Mozgovoy
• Antonin Bas
• Hans Otto Wirtz

1.7.4 (2024-08-13)

Bug Fixes

• sec: CVE-2024-39338 (#6539) (#6543) (6b6b605)
• sec: disregard protocol-relative URL to remediate SSRF (#6539) (07a661a)

... (truncated)

Commits

• 5b8a826 chore(release): v1.7.7 (#6585)
• 364993f fix(http): fixed support for IPv6 literal strings in url (#5731)
• d198085 fix(fetch): fix stream handling in Safari by fallback to using a stream reade...
• d584fcf chore(release): v1.7.6 (#6583)
• bc03c6c chore(examples): fix module import (#6575)
• df9889b fix(fetch): optimize signals composing logic; (#6582)
• ee208cf chore(sponsor): update sponsor block (#6576)
• 085f568 fix(fetch): fix content length calculation for FormData payload; (#6524)
• 59cd6b0 chore(release): v1.7.5 (#6574)
• 6700a8a fix(core): add the missed implementation of AxiosError#status property; (#6573)
• Additional commits viewable in compare view

Updates fabric-network from 2.2.19 to 2.2.20

Release notes

Sourced from fabric-network's releases.

v2.2.20

What's Changed

• Update dependencies to address CVE-2023-45857 by @​bestbeforetoday in hyperledger/fabric-sdk-node#689

Supported Node versions

The updated dependency to address CVE-2023-45857 is used only by the CouchDB wallet implementation, and requires Node 14 or later. Therefore Node 10 and 12 are no longer supported by the fabric-network package. If you need to continue running on one of these unsupported Node versions, you should continue to use fabric-network@2.2.19.

Full Changelog: hyperledger/fabric-sdk-node@v2.2.19...v2.2.20

Commits

• ea65b92 Release v2.2.20 (#690)
• cd20a84 Update dependencies to address CVE-2023-45857 (#689)
• 53b41ae Update version following v2.2.19 release (#686)
• See full diff in compare view

Updates braces from 3.0.2 to 3.0.3

Commits

• 74b2db2 3.0.3
• 88f1429 update eslint. lint, fix unit tests.
• 415d660 Snyk js braces 6838727 (#40)
• 190510f fix tests, skip 1 test in test/braces.expand
• 716eb9f readme bump
• a5851e5 Merge pull request #37 from coderaiser/fix/vulnerability
• 2092bd1 feature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...
• 9f5b4cf fix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)
• 98414f9 remove funding file
• 665ab5d update keepEscaping doc (#27)
• Additional commits viewable in compare view

Updates elliptic from 6.5.4 to 6.5.7

Commits

• 3e46a48 6.5.7
• accb61e lib: DER signature decoding correction
• 03e06e1 6.5.6
• 7ac5360 Merge commit from fork
• 7570078 6.5.5
• 206da2e lib: lint
• 0a78e03 [Fix] restore node < 4 compat
• See full diff in compare view

Updates follow-redirects from 1.15.2 to 1.15.9

Commits

• e4e55c7 Release version 1.15.9 of the npm package.
• 31a1abf Attempt much more gentle detection.
• d2aaa97 Fix url field.
• 62558f0 Release version 1.15.8 of the npm package.
• a8d1cee Return subtlety.
• 458ca8e Fix native URL test for Node 20.
• ca49e44 Handle KeepAlive connections in tests.
• f3711d7 Test on Node 20 and 22.
• fda0faf Fix typo.
• 760757f Release version 1.15.7 of the npm package.
• Additional commits viewable in compare view

Updates jsrsasign from 10.8.6 to 10.9.0

Release notes

Sourced from jsrsasign's releases.

enhanced support for encrypted PKCS8

• Changes from 10.8.6 to 10.9.0 (2023-Nov-27)
  • KEYUTIL.getPEM is updated not to use weak ciphers (#599)
    • default encryptionScheme is changed from des-EDE3-CBC to aes256-CBC
    • default prf is changed from hmacWithSHA1 to hmacWithSHA256
  • src/keyutil.js
    • more encrypted PKCS#8 private key support
      • KEYUTIL.getKey now supports encrypted PKCS#8 private key with aes128-CBC, aes256-CBC encrypted and using hmacWithSHA224/256/384/512 as psudorandom function.
      • KEYUTIL.getPEM now supports such as above encrypted PKCS#8 PEM priavte key.
  • src/crypto.js
    • Cipher.decrypt/encrypt now supports symmetric ciphers (des-EDE3-CBC,aes128-CBC,aes256-CBC)
  • src/base64x.js
    • function inttohex and twoscompl are added
  • src/asn1.js
    • ASN1Util.bigIntToMinTwosComplementsHex is now DEPRECATED. use twoscompl.
  • src/asn1x509.js
    • aes*-CBC and hmacWithSHA* OIDs are added
  • test/qunit-do-{base64x,crypto-cipher,keyutil-eprv,keyutil,keyutil-p8egen}.html
    • update and add some test cases for above
  • stop bower support (bower.json removed)

Changelog

Sourced from jsrsasign's changelog.

ChangeLog for jsrsasign

restore KJUR.crypto.Cipher class without RSA/RSAOAEP support

• Changes from 11.0.0 to 11.1.0 (2024-Feb-01)
  • src/crypto.js
    • restore KJUR.crypto.Cipher class without RSA and RSAOAEP encryption/decryption support

remove RSA and RSAOAEP encryption for Marvin attack

• Changes from 10.9.0 to 11.0.0 (2024-Jan-16)
  • remove RSA PKCS#1.5 end OAEP encryption/decryption for Marvin attack (#598)
  • src/crypto.js
    • remove KJUR.crypto.Cipher class for RSA and RSAOAEP encryption/decryption
  • ext/{rsa,rsa2}.js remove encrypt/decrypt/encryptOAEP/decryptOAEP for RSAKey class

enhanced support for encrypted PKCS8

• Changes from 10.8.6 to 10.9.0 (2023-Nov-27)
  • KEYUTIL.getPEM is updated not to use weak ciphers (#599)
    • default encryptionScheme is changed from des-EDE3-CBC to aes256-CBC
    • default prf is changed from hmacWithSHA1 to hmacWithSHA256
  • src/keyutil.js
    • more encrypted PKCS#8 private key support
      • KEYUTIL.getKey now supports encrypted PKCS#8 private key with aes128-CBC, aes256-CBC encrypted and using hmacWithSHA224/256/384/512 as psudorandom function.
      • KEYUTIL.getPEM now supports such as above encrypted PKCS#8 PEM priavte key.
  • src/crypto.js
    • Cipher.decrypt/encrypt now supports symmetric ciphers (des-EDE3-CBC,aes128-CBC,aes256-CBC)
  • src/base64x.js
    • function inttohex and twoscompl are added
  • src/asn1.js
    • ASN1Util.bigIntToMinTwosComplementsHex is now DEPRECATED. use twoscompl.
  • src/asn1x509.js
    • aes*-CBC and hmacWithSHA* OIDs are added
  • test/qunit-do-{base64x,crypto-cipher,keyutil-eprv,keyutil,keyutil-p8egen}.html
    • update and add some test cases for above
  • stop bower support (bower.json removed)

X509.getExtSubjectDirectoryAttributes another bugfix

• Changes from 10.8.5 to 10.8.6 (2023-Apr-26)
  • src/x509.js
    • another bugfix X509.getExtSubjectDirectoryAttributes method

X509.getExtSubjectDirectoryAttributes bugfix

• Changes from 10.8.4 to 10.8.5 (2023-Apr-26)
  • src/x509.js
    • bugfix X509.getExtSubjectDirectoryAttributes method

... (truncated)

Commits

• df54d0b enhanced support for encrypted PKCS8
• See full diff in compare view

Updates msgpackr from 1.9.9 to 1.11.0

Commits

• See full diff in compare view

Updates path-to-regexp from 0.1.7 to 0.1.10

Release notes

Sourced from path-to-regexp's releases.

Backtrack protection

Fixed

• Add backtrack protection to parameters 29b96b4
  • This will break some edge cases but should improve performance

pillarjs/path-to-regexp@v0.1.9...v0.1.10

Support non-lookahead regex output

Added

• Allow a non-lookahead regex (#312) c4272e4

component/path-to-regexp@v0.1.8...v0.1.9

Support named matching groups in RegExp

Added

• Add support for named matching groups (#301) 114f62d

pillarjs/path-to-regexp@v0.1.7...v0.1.8

Commits

• c827fce 0.1.10
• 29b96b4 Add backtrack protection to parameters
• ac4c234 Update repo url (#314)
• bdb6635 0.1.9
• c4272e4 Allow a non-lookahead regex (#312)
• 51a1955 0.1.8
• 114f62d Add support for named matching groups (#301)
• See full diff in compare view

Updates axios from 0.27.2 to 1.7.7

Release notes

Sourced from axios's releases.

Release v1.7.7

Release notes:

Bug Fixes

• fetch: fix stream handling in Safari by fallback to using a stream reader instead of an async iterator; (#6584) (d198085)
• http: fixed support for IPv6 literal strings in url (#5731) (364993f)

...

Description has been truncated