Skip to content
This repository has been archived by the owner on Sep 20, 2023. It is now read-only.

Update dependency validator to v13 [SECURITY] #4632

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 14, 2021

WhiteSource Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
validator 12.2.0 -> 13.7.0 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2021-3765

validator.js prior to 13.7.0 is vulnerable to Inefficient Regular Expression Complexity


Release Notes

validatorjs/validator.js

v13.7.0

Compare Source

New Features
New Features
Fixes and Enhancements
New and Improved Locales
13.6.1
13.5.0 13.5.1

— this release is dedicated to @​dbnandaa 🧒

13.1.17
13.1.1
  • Hotfix for a regex incompatibility in some browsers
    (#​1355
13.1.0
13.0.0
12.2.0
12.1.0
12.0.0
11.1.0
11.0.0
10.11.0
  • Fix imports like import .. from "validator/lib/.."
    (#​961)
  • New locale
    (#​958)
10.10.0
10.9.0
10.8.0
10.7.1
  • Ignore case when checking URL protocol
    (#​887)
  • Locale fix
    (#​889)
10.7.0
10.6.0
  • Updated isMobilePhone() to match any locale's pattern by default
    (#​874)
  • Added an option to ignore whitespace in isEmpty()
    (#​880)
  • New and improved locales
    (#​878,
    #​879)
10.5.0
10.4.0
  • Added an isIPRange() validator
    (#​842)
  • Accept an array of locales in isMobilePhone()
    (#​742)
  • New locale
    (#​843)
10.3.0
10.2.0
  • Export the list of supported locales in isPostalCode()
    (#​830)
10.1.0
  • Added an isISO31661Alpha3() validator
    (#​809)
10.0.0
  • Allow floating points in isNumeric()
    (#​810)
  • Disallow GMail addresses with multiple consecutive dots, or leading/trailing dots
    (#​820)
  • Added an isRFC3339() validator
    (#​816)
  • Reject domain parts longer than 63 octets in isFQDN(), isURL() and isEmail()
    (bb3e542)
  • Added a new Amex prefix to isCreditCard()
    (#​805)
  • Fixed isFloat() min/max/gt/lt filters when a locale with a comma decimal is used
    (2b70821)
  • Normalize Yandex emails
    (#​807)
  • New locales
    (#​803)
9.4.1
  • Patched a REDOS vulnerability in isDataURI
  • New and improved locales
    (#​788)
9.4.0
  • Added an option to isMobilePhone to require a country code
    (#​769)
  • New and improved locales
    (#​785)
9.3.0
9.2.0
9.1.2
  • Fixed a bug with the isFloat validator
    (#​752)
9.1.1
9.1.0
9.0.0
  • normalizeEmail() no longer validates the email address
    (#​725)
  • Added locale-aware validation to isFloat() and isDecimal()
    (#​721)
  • Added an isPort() validator
    (#​733)
  • New locales
    (#​731)
8.2.0
8.1.0
  • Fix require('validator/lib/isIS8601') calls
    (#​688)
  • Added an isLatLong() and isPostalCode() validator
    (#​684)
  • Allow comma in email display names
    (#​692)
  • Add missing string to unescape()
    (#​690)
  • Fix isMobilePhone() with Node <= 6.x
    (#​681)
  • New locales
    (#​695)
8.0.0
  • isURL() now requires the require_tld: false option to validate localhost
    (#​675)
  • isURL() now rejects URLs that are protocol only
    (#​642)
  • Fixed a bug where isMobilePhone() would silently return false if the locale was invalid or unsupported
    (#​657)
7.2.0
  • Added an option to validate any phone locale
    (#​663)
  • Fixed a bug in credit card validation
    (#​672)
  • Disallow whitespace, including unicode whitespace, in TLDs
    (#​677)
  • New locales
    (#​673,
    #​676)
7.1.0
7.0.0
  • Remove isDate()
6.3.0
6.2.1
6.2.0
  • Added an option to require an email display name
    (#​607)
  • Added support for lt and gt to isInt()
    (#​588)
  • New locales
    (#​601)
6.1.0
  • Added support for greater or less than in isFloat()
    (#​544)
  • Added support for ISSN validation via isISSN()
    (#​593)
  • Fixed a bug in normalizeEmail()
    (#​594)
  • New locales
    (#​585)
6.0.0
  • Renamed isNull() to isEmpty()
    (#​574)
  • Backslash is now escaped in escape()
    (#​516)
  • Improved normalizeEmail()
    (#​583)
  • Allow leading zeroes by default in isInt()
    (#​532)
5.7.0
  • Added support for IPv6 in isURL()
    (#​564)
  • Added support for urls without a host (e.g. file:///foo.txt) in isURL()
    (#​563)
  • Added support for regular expressions in the isURL() host whitelist and blacklist
    (#​562)
  • Added support for MasterCard 2-Series BIN
    (#​576)
  • New locales
    (#​575,
    #​552)
5.6.0
5.5.0
  • Fixed a regex denial of service in trim() and rtrim()
    (#​556)
  • Added an Algerian locale to isMobilePhone()
    (#​540)
  • Fixed the Hungarian locale in isAlpha() and isAlphanumeric()
    (#​541)
  • Added a Polish locale to isMobilePhone()
    (#​545)
5.4.0
  • Accept Union Pay credit cards in isCreditCard()
    (#​539)
  • Added Danish locale to isMobilePhone()
    (#​538)
  • Added Hungarian locales to isAlpha(), isAlphanumeric() and isMobilePhone()
    (#​537)
5.3.0
  • Added an allow_leading_zeroes option to isInt()
    (#​532)
  • Adjust Chinese mobile phone validation
    (#​523)
  • Added a Canadian locale to isMobilePhone()
    (#​524)
5.2.0
  • Added a isDataURI() validator
    (#​521)
  • Added Czech locales
    (#​522)
  • Fixed a bug with isURL() when protocol was missing and "://" appeared in the query
    (#​518)
5.1.0
  • Added a unescape() HTML function
    (#​509)
  • Added a Malaysian locale to isMobilePhone()
    (#​507)
  • Added Polish locales to isAlpha() and isAlphanumeric()
    (#​506)
  • Added Turkish locales to isAlpha(), isAlphanumeric() and isMobilePhone()
    (#​512)
  • Allow >1 underscore in hostnames when using allow_underscores
    (#​510)
5.0.0
  • Migrate to ES6
    (#​496)
  • Break the library up so that individual functions can be imported
    (#​496)
  • Remove auto-coercion of input to a string
    (#​496)
  • Remove the extend() function
    (#​496)
  • Added Arabic locales to isAlpha() and isAlphanumeric()
    (#​496)
  • Fix validation of very large base64 strings
    (#​503)
4.9.0
  • Added a Russian locale to isAlpha() and isAlphanumeric()
    (#​499)
  • Remove the restriction on adjacent hyphens in hostnames
    (#​500)
4.8.0
  • Added Spanish, French, Portuguese and Dutch support for isAlpha() and isAlphanumeric()
    (#​492)
  • Added a Brazilian locale to isMobilePhone()
    (#​489)
  • Reject IPv4 addresses with invalid zero padding
    (#​490)
  • Fix the client-side version when used with RequireJS
    (#​494)
4.7.1
4.7.0
  • Print a deprecation warning if validator input is not a string
    (1f67e1e).
    Note that this will be an error in v5.
  • Added a German locale to isMobilePhone(), isAlpha() and isAlphanumeric()
    (#​477)
  • Added a Finnish locale to isMobilePhone()
    (#​455)
4.6.1
  • Fix coercion of objects: Object.toString() is [object Object] not ""
    (a57f3c8)
4.6.0
  • Added a Spanish locale to isMobilePhone()
    (#​481)
  • Fix string coercion of objects created with Object.create(null)
    (#​484)
4.5.2
  • Fix a timezone issue with short-form ISO 8601 dates, e.g.
    validator.isDate('2011-12-21')
    (#​480)
4.5.1
  • Make isLength() / isByteLength() accept {min, max} as options object.
    (#​474)
4.5.0
  • Add validation for Indian mobile phone numbers
    (#​471)
  • Tweak Greek and Chinese mobile phone validation
    (#​467,
    #​468)
  • Fixed a bug in isDate() when validating ISO 8601 dates without a timezone
    (#​472)
4.4.1
  • Allow triple hyphens in IDNA hostnames
    (#​466)
4.4.0
  • Added isMACAddress() validator
    (#​458)
  • Added isWhitelisted() validator
    (#​462)
  • Added a New Zealand locale to isMobilePhone()
    (#​452)
  • Added options to control GMail address normalization
    (#​460)
4.3.0
  • Support Ember CLI module definitions
    (#​448)
  • Added a Vietnam locale to isMobilePhone()
    (#​451)
4.2.1
  • Fix isDate() handling of RFC2822 timezones
    (#​447)
4.2.0

Configuration

📅 Schedule: "" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by WhiteSource Renovate. View repository job log here.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant