This repository has been archived by the owner on Sep 20, 2023. It is now read-only.
Update dependency validator to v13 [SECURITY] #4632
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
12.2.0
->13.7.0
GitHub Vulnerability Alerts
CVE-2021-3765
validator.js prior to 13.7.0 is vulnerable to Inefficient Regular Expression Complexity
Release Notes
validatorjs/validator.js
v13.7.0
Compare Source
New Features
isISO4217
, currency code validator @jpaya17New Features
isISO4217
, currency code validator @jpaya17Fixes and Enhancements
isFQDN
: addallow_wildcard
option @fasenderosisRFC3339
: Disallow prepended and appended strings to RFC 3339 date-time @jmacmahonIBAN
export list of country codes that implement IBAN @dror-heller @fedeciisBoolean
: addloose
option @brybrophyisISO31661Alpha3
: perf @jpaya17isDate
: allow users to strictly validate dates with.
as delimiter @flymansisCreditCard
: fix for Union Pay cards @shreyassai123isEmail
: replace all dots in GMail length validation @DasDingGehtNichtisURL
: addallow_fragments
andallow_query_components
@cowboy-bebugisISO31661Alpha2
: perf @jpaya17isMagnetURI
@tux-tnrtrim
: remove regex to prevent ReDOS attack @tux-tnisURL
: higher priority towhitelist
@deepanshu2506isURL
: allow url with colon and no port @MatteoPierroisUUID
: fix fornull
version argument @theteladrasisFQDN
: check more special chars @MatteoPierroisURL
: allow URL with an empty user @MiguelSavignanounescape
: fixed bug where intermediate string contains escaped @Marcholiocontains
: can check that string contains seed multiple times @MarcholioisUUID
: add support for validation ofv1
andv2
@theteladrasisEmail
: addhost_blacklist
option @fedeciNew and Improved Locales
isAlpha
,isAlphanumeric
:hi-IN
@MiKr13fi-FI
@MarcholioisPassportNumber
:ID
@rubiinCN
@anirudhgiriPL
@RonqnRU
@Theta-DevisPostalCode
:LK
@nimanthadilzisIdentityCard
:TH
@tithanayutPL
@wiktorwojcik112 @fedeci @tux-tnLK
@nimanthadilz @tux-tnFI
@MarcholioisMobilePhone
:de-DE
@AnnaMariaJansenvi-VN
@luisrivaszh-CN
@laulujan @yisibles-VE
@islasjuanpnl-BE
@divikshrivastavaes-CU
@pasagedeves-SV
, @herejear-PS
, @brendan-cen-BM
@HackProAITdz-BT
@lakshayr003en-BW
, @mgndolanfr-CM
@beckettnormingtonen-PK
@ammad20120 @tux-tntk-TM
, @Husan-Eshonquloven-GY
, @mfkrausesi-LK
@Madhavi96fr-PF
, @herejeen-KI
, @c-tannerhu-HU
@danielTiringerfr-BF
,en-NA
@lakshayr003tg-TJ
@mgnssisLicensePlate
:cs-CZ
@filiptronicekfi-FI
@MarcholioisVAT
:NL
@zeno4ever13.6.1
New features:
isLicensePlate
@firlusFixes and Enhancements:
isHSL
andisEmail
@tux-tnisURL
: Allow URLs to have only a username in the userinfo subcomponent @jbuchmann-coostoisISIN
: optimization @bmacnaughtonisIP
: improved pattern for IPv4 and IPv6 @ognjenjevremovic[A-z]
regex range on some validators @bmacnaughtonisMacAddress
: improve regexes and options @fedeciisSlug
andrtrim
@fedeciisIPRange
: add support for IPv6 @neilimeisEAN
: add support for EAN-14 @varsubham @tux-tnisStrongPassword
: add@
as a valid symbol @stingallemanisBtcAddress
: add base58 @ezkemboiisFQDN
: numeric domain names @tux-tnNew and Improved locales:
isIdentityCard
,isPassportNumber
:IR
@mhf-ir @fedeciar-LY
@asghaier76 @tux-tnMY
@stranger26 @tux-tnisMobilePhone
:zh-CN
@Akira0705lv-LV
@AntonLukicheven-GH
@ankorGHmz-MZ
@salmento @tux-tnvi-VN
@kyled7en-SG
@liliwei25de-CH
,fr-CH
,it-CH
@dinfektedes-CO
@ezkemboi @tux-tnar-OM
@dev-snapt-AO
@AdilsonFuxeisPostalCode
:KR
@greatSuminiisTaxID
:pt-BR
@mschunkeel-GR
@dspinellisisVAT
:IT
@fedeci13.5.013.5.1New features:
isVAT
#1463 @ CodingNaggerisTaxID
#1446 @tplessasisBase58
#1445 @ezkemboiisStrongPassword
#1348 @door-bellFixes and Enhancements:
isISO8601
: addstrictSeparator
@brostone51isFQDN
: make more strict @CristhianMotocheisFQDN
:allow_underscore
option @gibson042isEmail
: character blacklisting @rubiinisURL
: addedrequire_port
option @yshanliisEmail
: respectignore_max_length
option @evantahlerisDate
: add strictMode and prevent mixed delimiters @tux-tnisAlpha
: supportignore
option @mum-never-proudNew and Improved locales:
isAlpha
,isAlphanumeric
:id-ID
and docs update @bekicotth-TH
@ipiranhaafa-IR
@fakhripaz-AZ
@saidfaganisMobilePhone
:ar-MA
@artpumpkinde-LU
,it-SM
,sq-AL
andga-IE
@firlusen-HN
@jehielmartinezar-LB
,es-PE
,ka-GE
@rubiines-DO
@devraseces-BO
@rubiines-AR
@csrgtpt-BR
@viniciushvsilvaisPostalCode
:CN
@httpsbaoIR
@masoudDaliriyanSG
,MY
@stranger26TH
@ipiranhaaBY
@rubiinDO
andHT
@yomedisPassportNumber
:BY
@zenbyRU
@dkochetkov— this release is dedicated to @dbnandaa 🧒
13.1.17
New features:
Fixes and chores:
isURL
@heanzyzabalaisBase32
andisBase64
to validate empty strings properly @AberDerBartisTaxId
@dspinellisvalidate_length
option forisURL
@tomgrossmanNew and Improved locales:
isMobilePhone
:az-AZ
@saidfaganuz-Uz
@icyice0217de-DE
@heanzyzabalaen-PH
@stinkymonkeyphes-ES
@rubiinbs-BA
@MladenZeljiczh-CN
@heathcliff-huisPostalCode
:AZ
@saidfaganES
@rubiinIL
@rubiinisAlpha
,isAlphanumeric
:fa-AF
,fa-IR
@stinkymonkeyphvi-VN
@rubiinisBAN
:EG
,SV
@heanzyzabalaisIdentityCard
:IT
@lorenzodb113.1.1
(#1355
13.1.0
isIMEI()
validator(#1346)
isDate()
validator(#1270)
isTaxID()
validator(#1336)
isLatLong()
(#1340)
(#1277)
isJSON()
(#1328)
contains()
(#1334)
isCreditCard()
(#1177)
isCurrency()
(#1306)
isFQDN()
handling of certain special chars(#1091)
isSlug()
(#1338)
(#1112,
#1167,
#1198,
#1199,
#1273,
#1279,
#1281,
#1293,
#1294,
#1311,
#1312,
#1313,
#1314,
#1315,
#1317,
#1322,
#1324,
#1330,
#1337)
13.0.0
isEthereumAddress()
validatorto validate Ethereum addresses
(#1117)
isBtcAddress()
validatorto validate Bitcoin addresses
(#1163)
isIBAN()
validatorto validate International Bank Account Numbers
(#1243)
isEAN()
validatorto validate International Article Numbers
(#1244)
isSemVer()
validatorto validate Semantic Version Numbers
(#1246)
isPassportNumber()
validator(#1250)
isRgbColor()
validator(#1141)
isHSL()
validator(#1159)
isLocale()
validator(#1072)
isIP()
validator(#1211)
isMACAddress()
validator(#1267)
(#1238,
#1265)
12.2.0
(#1233)
toFloat()
sanitizer(#1227)
(#1200,
#1207,
#1213,
#1217,
#1234)
12.1.0
(#1015)
isIP()
to accept scoped IPv6 addresses(#1160)
(#1162,
#1183,
#1187,
#1191)
12.0.0
isOctal()
validator(#1153)
isSlug()
validator(#1096)
isBIC()
validator for bank identification codes(#1071)
isHash()
(#1062)
isHexadecimal()
(#1147)
isMACAddress()
(#1065)
isLength()
(#1070)
(#1074)
(#1059,
#1060,
#1069,
#1073,
#1082,
#1092,
#1121,
#1125,
#1132,
#1152,
#1165,
#1166,
#1174)
11.1.0
(#1024)
(#1035,
#1040,
#1041,
#1048,
#1049,
#1052,
#1054,
#1055,
#1056,
#1057)
11.0.0
isBase32()
validator(#1023)
isEmail()
to validate display names according to RFC2822(#1004)
isEmail()
to check total email length(#1007)
toString()
util is no longer exported(0277eb)
(#999,
#1010,
#1017,
#1022,
#1031,
#1032)
10.11.0
import .. from "validator/lib/.."
(#961)
(#958)
10.10.0
isISO8601()
strict mode now works in the browser(#932)
(#931,
#933,
#947,
#950)
10.9.0
isURL()
to reject email-like URLs(#901)
strict
option toisISO8601()
(#910)
isJWT()
signature requirements(#906)
(#899,
#904,
#913,
#916,
#925,
#928)
10.8.0
isIdentityCard()
(#846)
(#895)
(#890,
#892)
(#896)
10.7.1
(#887)
(#889)
10.7.0
isMagnetURI()
to validate magnet URIs(#884)
isJWT()
to validate JSON web tokens(#885)
10.6.0
isMobilePhone()
to match any locale's pattern by default(#874)
isEmpty()
(#880)
(#878,
#879)
10.5.0
(#873)
isEmail()
(#845)
no_symbols
option toisNumeric()
(#848)
no_colons
option toisMACAddress()
(#849)
isURL()
to reject protocol relative URLs unless a flag is set(#860)
(#801,
#856,
#859,
#861,
#862,
#863,
#864,
#870,
#872)
10.4.0
isIPRange()
validator(#842)
isMobilePhone()
(#742)
(#843)
10.3.0
isEmail()
(#832)
(#831,
#835,
#836)
10.2.0
isPostalCode()
(#830)
10.1.0
isISO31661Alpha3()
validator(#809)
10.0.0
isNumeric()
(#810)
(#820)
isRFC3339()
validator(#816)
isFQDN()
,isURL()
andisEmail()
(bb3e542)
isCreditCard()
(#805)
isFloat()
min/max/gt/lt filters when a locale with a comma decimal is used(2b70821)
(#807)
(#803)
9.4.1
isDataURI
(#788)
9.4.0
isMobilePhone
to require a country code(#769)
(#785)
9.3.0
(#763,
#768,
#774,
#777,
#779)
9.2.0
isMimeType()
validator(#760)
(#753,
#755,
#764)
9.1.2
isFloat
validator(#752)
9.1.1
(#738,
#739)
9.1.0
isISO31661Alpha2()
validator(#734)
(#735,
#737)
9.0.0
normalizeEmail()
no longer validates the email address(#725)
isFloat()
andisDecimal()
(#721)
isPort()
validator(#733)
(#731)
8.2.0
isHash()
validator(#711)
isCurrency()
(#713)
(#700,
#701,
#714,
#715,
#718)
8.1.0
require('validator/lib/isIS8601')
calls(#688)
isLatLong()
andisPostalCode()
validator(#684)
(#692)
unescape()
(#690)
isMobilePhone()
with Node <= 6.x(#681)
(#695)
8.0.0
isURL()
now requires therequire_tld: false
option to validatelocalhost
(#675)
isURL()
now rejects URLs that are protocol only(#642)
isMobilePhone()
would silently return false if the locale was invalid or unsupported(#657)
7.2.0
(#663)
(#672)
(#677)
(#673,
#676)
7.1.0
isISRC()
validator for ISRC(#660)
(#670)
isEmail()
based onRFC3696 errata
(#655)
(#647,
#667,
#667,
#671)
7.0.0
isDate()
6.3.0
-.01
inisFloat()
(#618)
(#616,
#622,
#627,
#630)
6.2.1
<
and>
in URLs(#613)
(#610)
6.2.0
(#607)
lt
andgt
toisInt()
(#588)
(#601)
6.1.0
isFloat()
(#544)
isISSN()
(#593)
normalizeEmail()
(#594)
(#585)
6.0.0
isNull()
toisEmpty()
(#574)
escape()
(#516)
normalizeEmail()
(#583)
isInt()
(#532)
5.7.0
isURL()
(#564)
file:///foo.txt
) inisURL()
(#563)
isURL()
host whitelist and blacklist(#562)
(#576)
(#575,
#552)
5.6.0
isMD5()
validator(#557)
isDate()
(#566)
(#559,
#568,
#571,
#573)
5.5.0
trim()
andrtrim()
(#556)
isMobilePhone()
(#540)
isAlpha()
andisAlphanumeric()
(#541)
isMobilePhone()
(#545)
5.4.0
isCreditCard()
(#539)
isMobilePhone()
(#538)
isAlpha()
,isAlphanumeric()
andisMobilePhone()
(#537)
5.3.0
allow_leading_zeroes
option toisInt()
(#532)
(#523)
isMobilePhone()
(#524)
5.2.0
isDataURI()
validator(#521)
(#522)
isURL()
when protocol was missing and "://" appeared in the query(#518)
5.1.0
unescape()
HTML function(#509)
isMobilePhone()
(#507)
isAlpha()
andisAlphanumeric()
(#506)
isAlpha()
,isAlphanumeric()
andisMobilePhone()
(#512)
allow_underscores
(#510)
5.0.0
(#496)
(#496)
(#496)
extend()
function(#496)
isAlpha()
andisAlphanumeric()
(#496)
(#503)
4.9.0
isAlpha()
andisAlphanumeric()
(#499)
(#500)
4.8.0
isAlpha()
andisAlphanumeric()
(#492)
isMobilePhone()
(#489)
(#490)
(#494)
4.7.1
(#487)
4.7.0
(1f67e1e).
Note that this will be an error in v5.
isMobilePhone()
,isAlpha()
andisAlphanumeric()
(#477)
isMobilePhone()
(#455)
4.6.1
Object.toString()
is[object Object]
not""
(a57f3c8)
4.6.0
isMobilePhone()
(#481)
Object.create(null)
(#484)
4.5.2
validator.isDate('2011-12-21')
(#480)
4.5.1
isLength()
/isByteLength()
accept{min, max}
as options object.(#474)
4.5.0
(#471)
(#467,
#468)
isDate()
when validating ISO 8601 dates without a timezone(#472)
4.4.1
(#466)
4.4.0
isMACAddress()
validator(#458)
isWhitelisted()
validator(#462)
isMobilePhone()
(#452)
(#460)
4.3.0
(#448)
isMobilePhone()
(#451)
4.2.1
isDate()
handling of RFC2822 timezones(#447)
4.2.0
isDate()
handling of ISO8601 timezones(#444)
isFloat('.') === true
([#443](https://togithub.com/validatorjs/validat
Configuration
📅 Schedule: "" (UTC).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.