Skip to content

Update dependency class-validator to ^0.14.0 [SECURITY] #40

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update dependency class-validator to ^0.14.0 [SECURITY] #40

wants to merge 1 commit into from

Conversation

@renovate
Copy link

@renovate renovate bot commented Mar 16, 2023
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
class-validator ^0.9.1 -> ^0.14.0 age confidence

GitHub Vulnerability Alerts

CVE-2019-18413

In TypeStack class-validator, validate() input validation can be bypassed because certain internal attributes can be overwritten via a conflicting name. Even though there is an optional forbidUnknownValues parameter that can be used to reduce the risk of this bypass, this option is not documented and thus most developers configure input validation in the vulnerable default manner. With this vulnerability, attackers can launch SQL Injection or XSS attacks by injecting arbitrary malicious input.

The default settings for forbidUnknownValues has been changed to true in 0.14.0.

NOTE: a software maintainer agrees with the "is not documented" finding but suggests that much of the responsibility for the risk lies in a different product.

Release Notes

typestack/class-validator (class-validator)

v0.14.0

Compare Source

Fixed
  • Fixed an issue where forbidUnknownValues did not default to true when validatorOptions was undefined. (#​2196 by @​cduff)
  • Fixed the ValidationMetadata.name property to work correctly with the @IsOptional decorator. (#​2044 by @​Clashsoft)
  • Updated the Codecov configuration for continuous integration. (#​2556 by @​haiweilian)
  • Fixed an issue where options were not passed correctly to the @IsBase64 decorator. (#​2549 by @​aseyfpour)
  • Fixed argument handling for the isBase64 function. (#​2574 by @​braaar)
0.14.1 (2024-01-12)
Added
  • allow specifying options for @IsBase64 decorator (#​1845) , closes #​1013
  • use official type for version in @IsUUID decorator (#​1846) , closes #​1497
  • update @IsPhoneNumber decorator to use max dataset (#​1857)
Fixed
  • fail for non-array constraint in @IsIn decorator (#​1844) , closes #​1693
  • allow number and boolean values in validation message "$value" tokens (#​1467) , closes #​921, #​1046
  • read nullable option in @IsNotEmptyObject decorator correctly (#​1555) , closes #​1554
Changed
  • update libphonenumber-js to ^1.10.53 from ^1.10.14
  • update various dev-dependencies
0.14.0 (2022-12-09)
Added
  • add @IsTimeZone decorator to check if given string is valid IANA time zone
  • add @IsISO4217CurrencyCode decorator to check if the string is an ISO 4217 currency code
  • add @IsStrongPassword decorator to check if given password matches specific complexity criteria
  • add @IsBase58 decorator to check if a string is base58 encoded
  • add @IsTaxId decorator to check if a given string is a valid tax ID in a given locale
  • add support for passing function as date generator in @MinDate and @MaxDate decorators
  • add option to print constraint error message instead of constraint type in validation error
  • improve decorator metadata lookup performance
  • return possible values in error message for @IsEnum decorator
Fixed
  • re-added @types/validator as dependency
  • fix error generation when using @NestedValidation
  • pass validation options correctly to validator in @IsDateString decorator
  • support passing Symbol as parameter in error message generation
  • specify supported locales for @IsAlphanumeric decorator
  • correctly assign decorator name in metadata instead of loosing it
  • fix various spelling errors in documentation
  • fix various spelling errors and inconsistencies in JSDoc for decorators
Changed
  • enable forbidUnknownValues option by default
  • remove documentation about deprecated schema based validation and added warning
  • update warning message logged about missing decorator metadata
  • update libphonenumber-js to ^1.10.14 from ^1.9.43
  • update various dev-dependencies
BREAKING CHANGES

forbidUnknownValues option is enabled by default

From this release the forbidUnknownValues is enabled by default. This is the desired behavior for majority of
use-cases, but this change may break validation for some. The two scenarios that results in failed validation:

  • when attempting to validate a class instance without metadata for it
  • when using group validation and the specified validation group results in zero validation applied

The old behavior can be restored via specifying forbidUnknownValues: false option when calling the validate functions.

For more details see PR #​1798 and #​1422 (comment).

@NestedValidation decorator correctly assigns validation errors

Until now the errors from a nested validation in some cases were incorrectly assigned
to the parent instead of the child being validated. Now the validation errors are correctly assigned.

For more details see #​679.

0.13.2 (2021-11-20)

NOTE: This version fixes a security vulnerability allowing denial of service attacks with a specially crafted request payload.
Please update as soon as possible.

Fixed
  • switched to use Array.isArray in array checks from instanceof operator
Changed
  • libphonenumber-js package updated to 1.9.43 from 1.9.7
  • validator package updated to 13.5.2 from 13.5.2
  • various dev-dependencies updated
0.13.1 (2021-01-14)
Added
  • optional mather function has been added to the ArrayUnique decorator
Fixed
  • a typo was fixed in the error message generated by the IsUUID decorator
  • calling ValidationError.toString() doesn't result in an error when forbidNonWhitelisted parameter was used
  • fixed typo in error message generated by IsIn decorator
  • the @types/validator package is correctly installed
  • inlineSources option is enabled in tsconfig preventing various sourcemap errors when consuming the package
Changed
  • various dev dependencies has been updated
0.13.0 (2021-01-11)
Added
  • project is restructured to allow three-shaking
  • added option to fail on first validation error (#​620)
  • two new validator option is added:
    • always - allows setting global default for always option for decorators
    • strictGroups - ignore decorators with at least one group, when ValidatorOptions.groups is empty
Fixed
  • the 'any' locale is allowed in the isPostalCode decorator (#​634)
  • the IsDateString() decorator now aliases the IsISO8601() decorator (#​672)
Changed
  • project tooling has been updated significantly
  • google-libphonenumber has been replaced with libphonenumber-js (this should have no effect on validation)
  • build process generates include both ES/CommonJS and UMD variations
  • various dev dependencies has been updated
0.12.2 (2020-04-23)
Fixed
  • move tslib from peerDependencies to dependencies (827eff1), closes #​588
0.12.1 (2020-04-18)
Fixed
  • apply only nested validator for ValidateNested multi-dimensional array (c463be5)
0.12.0 (2020-04-18)
Fixed
Changed
Added
BREAKING CHANGES

  • Validatorjs releases contain some breaking changes e.g. IsMobileNumber or IsHexColor. Please check validatorjs CHANGELOG

  • Validation functions was removed from Validator class to enable tree shaking.

    BEFORE:

    import { Validator } from 'class-validator';

const validator = new Validator();
validator.isNotIn(value, possibleValues);
validator.isBoolean(value);

    AFTER:

    import { isNotIn, isBoolean } from 'class-validator';

isNotIn(value, possibleValues);
isBoolean(value);

  • IsNumberString decorator arguments changed to @IsNumberString(ValidatorJS.IsNumericOptions, ValidationOptions).

0.11.1 (2020-03-18)
Fixed
  • IsNumber validator now works when maxDecimalPlaces=0 (#​524) (b8aa922)
Added
0.11.0 (2019-11-01)
Fixed
Added
BREAKING CHANGES
0.10.2 (2019-10-14)
Fixed
Added
0.10.1 (2019-09-25)
Fixed
Added
0.10.0 (2019-08-10)
Fixed
  • add correct signature for custom error message handler (249c41d)
Added
  • add IsISO31661Alpha3 and IsISO31661Alpha2 validators (#​273) (55c57b3)
  • IsDecimal: implement IsDecimal from validatorjs (#​359) (b4c8e21)
  • add isPort decorator (#​282) (36684ec)
  • allow validate Map/Set (#​365) (f6fcdc5)
  • new ValidatePromise decorator - resolve promise before validate (#​369) (35ec04d)
  • replace instanceof Promise and support Promise/A+ (#​310) (59eac09)
  • isNumberString now accept validator.js IsNumericOptions as second parameter (#​262)
BREAKING CHANGES
  • update @​types/validator from 10.4.0 to version 10.11.2 - please check it's changelog (cb960dd)
  • isDateString now check to match only entire ISO Date (#​275) (5012464)
  • remove IsCurrencyOptions, IsURLOptions, IsEmailOptions, IsFQDNOptions interfaces and replace with interfaces from @types/validator
0.9.1
Added
  • added option to pass custom context for the decorators
Fixed
  • validating against a schema will validate against that one instead of every registered one
0.9.0 [BREAKING CHANGE]
Added
  • updated validator.js from 9.2.0 to 10.4.0 (Check it's changelog for what has changed.)
    • until now fractional numbers was not allowed in the IsNumberString decorator, now they are allowed
    • until now Gmail addresses could contain multiple dots or random text after a + symbol, this is not allowed anymore
  • IsPhoneNumber decorator has been added which uses the google-libphonenumber library to validate international phone numbers accurately
Fixed
  • update IsURLOptions to match underlying validator host list options
  • added a console warning when no metadata decorator is found as it's possibly not intended
  • the Min and Max decorator will corectly show an inclusive error message when failing
  • fixed a runtime error when validationArguments.value is not a string
0.8.5
Fixed
  • remove ansicolor package, because it's incompatible with IE
0.8.4
Added
  • ValidatorOptions now has a forbidUnknownValues key to prevent unknown objects to pass validation
    • it's highly advised to turn this option on
    • now this option defaults to false but will be default to true after the 1.0 release
0.8.3
Fixed
  • handle when target property is undefined when calling ValidationError.toString()
0.8.2
Added
  • added ValidationError.toString() method for easier debugging
  • added printError method to pretty-print errors in NodeJS or the browser
Fixed
  • fixed wrong type info in ValidatorOptions
  • fixed wrong type info in ValidationSchema (the options key now is optional)
  • corrected IsNumericString to IsNumberString in the README
  • fixed type of host_whitelist and host_backlist in IsURLOptions
0.8.1
Fixed
  • fixed wrong type info in ValidatorOptions
0.8.0 [BREAKING CHANGE]
Added

  • updated validator.js from 7.0.0 to 9.2.0 (Check it's changelog for what has changed.)

    This caused breaking change, if you used the IsUrl decorator to validate localhost as a valid url, from now you must use the require_tld: false option

    @​IsUrl({ require_tld: false})
url: string;

  • added @IsInstance decorator and validator.isInstance(value, target) method.

  • changed @IsNumber decorator has been changed to @IsNumber(options: IsNumberOptions)

  • added option to strip unknown properties (whitelist: true)

  • added option to throw error on unknown properties (forbidNonWhitelisted: true)

  • added @Allow decorator to prevent stripping properties without other constraint

Fixed
  • fixed issue with @IsDateString now it allow dates without fraction seconds to be set
  • fixed issue with @IsDateString now it allow dates without with timezones to be set
  • @ValidateNested correctly generates validation error on non object and non array values
0.6.7
Fixed
  • fixed issue with @ValidateNested when nested property is not defined and it throw an error (#​59)
0.6.5
Fixed
  • fixed bugs with @IsUrl, @IsEmail and several other decorators
0.6.4
Added
  • added @IsMilitaryTime decorator.
0.6.3
Added
  • added validateOrReject method which rejects promise instead of returning array of errors in resolved result
0.6.1
Added
  • added @IsArray decorator.
0.6.0 [BREAKING CHANGE]
Added
  • breaking change with @ValidateNested on arrays: Validator now groups the validation errors by sub-object, rather than them all being grouped together. See #​32 for a demonstration of the updated structure.
  • added @ValidateIf decorator, see conditional validation in docs.
0.5.0 [BREAKING CHANGE]
Added

  • async validations must be marked with { async: true } option now.

    This is optional, but it helps to determine which decorators are async to prevent their execution in validateSync method.

  • added validateSync method that performs non asynchronous validation and ignores validations that marked with async: true.

  • there is a breaking change in registerDecorator method. Now it accepts options object.

  • breaking change with @ValidatorConstraint decorator. Now it accepts option object instead of single name.

0.4.1
Fixed
  • fixed issue with wrong source maps packaged
0.4.0 [BREAKING CHANGE]
Added
  • everything should be imported from "class-validator" main entry point now
  • ValidatorInterface has been renamed to ValidatorConstraintInterface
  • contain can be set in the main entry point now
  • some decorator's names changed. Be aware of this
  • added few more non-string decorators
  • validator now returns array of ValidationError instead of ValidationErrorInterface. Removed old ValidationError
  • removed all other validation methods except validator.validate
  • finally validate method is async now, so custom async validations are supported now
  • added ability to validate inherited properties
  • added support of separate validation schemas
  • added support of default validation messages
  • added support of special tokens in validation messages
  • added support of message functions in validation options
  • added support of custom decorators
  • if no groups were specified, decorators with groups now are being ignored
  • changed signature of the ValidationError. Now if it has nested errors it does not return them in a flat array
Fixed
  • fixed all decorators that should not work only with strings
0.3.0
Added
  • package has changed its name from validator.ts to class-validator.
  • sanitation functionality has been removed from this library. Use class-sanitizer instead.

v0.13.2

Compare Source

Fixed
  • Fixed an issue where forbidUnknownValues did not default to true when validatorOptions was undefined. (#​2196 by @​cduff)
  • Fixed the ValidationMetadata.name property to work correctly with the @IsOptional decorator. (#​2044 by @​Clashsoft)
  • Updated the Codecov configuration for continuous integration. (#​2556 by @​haiweilian)
  • Fixed an issue where options were not passed correctly to the @IsBase64 decorator. (#​2549 by @​aseyfpour)
  • Fixed argument handling for the isBase64 function. (#​2574 by @​braaar)
0.14.1 (2024-01-12)
Added
  • allow specifying options for @IsBase64 decorator (#​1845) , closes #​1013
  • use official type for version in @IsUUID decorator (#​1846) , closes #​1497
  • update @IsPhoneNumber decorator to use max dataset (#​1857)
Fixed
  • fail for non-array constraint in @IsIn decorator (#​1844) , closes #​1693
  • allow number and boolean values in validation message "$value" tokens (#​1467) , closes #​921, #​1046
  • read nullable option in @IsNotEmptyObject decorator correctly (#​1555) , closes #​1554
Changed
  • update libphonenumber-js to ^1.10.53 from ^1.10.14
  • update various dev-dependencies
0.14.0 (2022-12-09)
Added
  • add @IsTimeZone decorator to check if given string is valid IANA time zone
  • add @IsISO4217CurrencyCode decorator to check if the string is an ISO 4217 currency code
  • add @IsStrongPassword decorator to check if given password matches specific complexity criteria
  • add @IsBase58 decorator to check if a string is base58 encoded
  • add @IsTaxId decorator to check if a given string is a valid tax ID in a given locale
  • add support for passing function as date generator in @MinDate and @MaxDate decorators
  • add option to print constraint error message instead of constraint type in validation error
  • improve decorator metadata lookup performance
  • return possible values in error message for @IsEnum decorator
Fixed
  • re-added @types/validator as dependency
  • fix error generation when using @NestedValidation
  • pass validation options correctly to validator in @IsDateString decorator
  • support passing Symbol as parameter in error message generation
  • specify supported locales for @IsAlphanumeric decorator
  • correctly assign decorator name in metadata instead of loosing it
  • fix various spelling errors in documentation
  • fix various spelling errors and inconsistencies in JSDoc for decorators
Changed
  • enable forbidUnknownValues option by default
  • remove documentation about deprecated schema based validation and added warning
  • update warning message logged about missing decorator metadata
  • update libphonenumber-js to ^1.10.14 from ^1.9.43
  • update various dev-dependencies
BREAKING CHANGES

forbidUnknownValues option is enabled by default

From this release the forbidUnknownValues is enabled by default. This is the desired behavior for majority of
use-cases, but this change may break validation for some. The two scenarios that results in failed validation:

  • when attempting to validate a class instance without metadata for it
  • when using group validation and the specified validation group results in zero validation applied

The old behavior can be restored via specifying forbidUnknownValues: false option when calling the validate functions.

For more details see PR #​1798 and #​1422 (comment).

@NestedValidation decorator correctly assigns validation errors

Until now the errors from a nested validation in some cases were incorrectly assigned
to the parent instead of the child being validated. Now the validation errors are correctly assigned.

For more details see #​679.

0.13.2 (2021-11-20)

NOTE: This version fixes a security vulnerability allowing denial of service attacks with a specially crafted request payload.
Please update as soon as possible.

Fixed
  • switched to use Array.isArray in array checks from instanceof operator
Changed
  • libphonenumber-js package updated to 1.9.43 from 1.9.7
  • validator package updated to 13.5.2 from 13.5.2
  • various dev-dependencies updated
0.13.1 (2021-01-14)
Added
  • optional mather function has been added to the ArrayUnique decorator
Fixed
  • a typo was fixed in the error message generated by the IsUUID decorator
  • calling ValidationError.toString() doesn't result in an error when forbidNonWhitelisted parameter was used
  • fixed typo in error message generated by IsIn decorator
  • the @types/validator package is correctly installed
  • inlineSources option is enabled in tsconfig preventing various sourcemap errors when consuming the package
Changed
  • various dev dependencies has been updated
0.13.0 (2021-01-11)
Added
  • project is restructured to allow three-shaking
  • added option to fail on first validation error (#​620)
  • two new validator option is added:
    • always - allows setting global default for always option for decorators
    • strictGroups - ignore decorators with at least one group, when ValidatorOptions.groups is empty
Fixed
  • the 'any' locale is allowed in the isPostalCode decorator (#​634)
  • the IsDateString() decorator now aliases the IsISO8601() decorator (#​672)
Changed
  • project tooling has been updated significantly
  • google-libphonenumber has been replaced with libphonenumber-js (this should have no effect on validation)
  • build process generates include both ES/CommonJS and UMD variations
  • various dev dependencies has been updated
0.12.2 (2020-04-23)
Fixed
  • move tslib from peerDependencies to dependencies (827eff1), closes #​588
0.12.1 (2020-04-18)
Fixed
  • apply only nested validator for ValidateNested multi-dimensional array (c463be5)
0.12.0 (2020-04-18)
Fixed
Changed
Added
BREAKING CHANGES

  • Validatorjs releases contain some breaking changes e.g. IsMobileNumber or IsHexColor. Please check validatorjs CHANGELOG

  • Validation functions was removed from Validator class to enable tree shaking.

    BEFORE:

    import { Validator } from 'class-validator';

const validator = new Validator();
validator.isNotIn(value, possibleValues);
validator.isBoolean(value);

    AFTER:

    import { isNotIn, isBoolean } from 'class-validator';

isNotIn(value, possibleValues);
isBoolean(value);

  • IsNumberString decorator arguments changed to @IsNumberString(ValidatorJS.IsNumericOptions, ValidationOptions).

0.11.1 (2020-03-18)
Fixed
  • IsNumber validator now works when maxDecimalPlaces=0 (#​524) (b8aa922)
Added
0.11.0 (2019-11-01)
Fixed
Added
BREAKING CHANGES
0.10.2 (2019-10-14)
Fixed
Added
0.10.1 (2019-09-25)
Fixed
Added
0.10.0 (2019-08-10)
Fixed
  • add correct signature for custom error message handler (249c41d)
Added
  • add IsISO31661Alpha3 and IsISO31661Alpha2 validators (#​273) (55c57b3)
  • IsDecimal: implement IsDecimal from validatorjs (#​359) (b4c8e21)
  • add isPort decorator (#​282) (36684ec)
  • allow validate Map/Set (#​365) (f6fcdc5)
  • new ValidatePromise decorator - resolve promise before validate (#​369) (35ec04d)
  • replace instanceof Promise and support Promise/A+ (#​310) (59eac09)
  • isNumberString now accept validator.js IsNumericOptions as second parameter (#​262)
BREAKING CHANGES
  • update @​types/validator from 10.4.0 to version 10.11.2 - please check it's changelog (cb960dd)
  • isDateString now check to match only entire ISO Date (#​275) (5012464)
  • remove IsCurrencyOptions, IsURLOptions, IsEmailOptions, IsFQDNOptions interfaces and replace with interfaces from @types/validator
0.9.1
Added
  • added option to pass custom context for the decorators
Fixed
  • validating against a schema will validate against that one instead of every registered one
0.9.0 [BREAKING CHANGE]
Added
  • updated validator.js from 9.2.0 to 10.4.0 (Check it's changelog for what has changed.)
    • until now fractional numbers was not allowed in the IsNumberString decorator, now they are allowed
    • until now Gmail addresses could contain multiple dots or random text after a + symbol, this is not allowed anymore
  • IsPhoneNumber decorator has been added which uses the google-libphonenumber library to validate international phone numbers accurately
Fixed
  • update IsURLOptions to match underlying validator host list options
  • added a console warning when no metadata decorator is found as it's possibly not intended
  • the Min and Max decorator will corectly show an inclusive error message when failing
  • fixed a runtime error when validationArguments.value is not a string
0.8.5
Fixed
  • remove ansicolor package, because it's incompatible with IE
0.8.4
Added
  • ValidatorOptions now has a forbidUnknownValues key to prevent unknown objects to pass validation
    • it's highly advised to turn this option on
    • now this option defaults to false but will be default to true after the 1.0 release
0.8.3
Fixed
  • handle when target property is undefined when calling ValidationError.toString()
0.8.2
Added
  • added ValidationError.toString() method for easier debugging
  • added printError method to pretty-print errors in NodeJS or the browser
Fixed
  • fixed wrong type info in ValidatorOptions
  • fixed wrong type info in ValidationSchema (the options key now is optional)
  • corrected IsNumericString to IsNumberString in the README
  • fixed type of host_whitelist and host_backlist in IsURLOptions
0.8.1
Fixed
  • fixed wrong type info in ValidatorOptions
0.8.0 [BREAKING CHANGE]
Added

  • updated validator.js from 7.0.0 to 9.2.0 (Check it's changelog for what has changed.)

    This caused breaking change, if you used the IsUrl decorator to validate localhost as a valid url, from now you must use the require_tld: false option

    @​IsUrl({ require_tld: false})
url: string;

  • added @IsInstance decorator and validator.isInstance(value, target) method.

  • changed @IsNumber decorator has been changed to @IsNumber(options: IsNumberOptions)

  • added option to strip unknown properties (whitelist: true)

  • added option to throw error on unknown properties (forbidNonWhitelisted: true)

  • added @Allow decorator to prevent stripping properties without other constraint

Fixed
  • fixed issue with @IsDateString now it allow dates without fraction seconds to be set
  • fixed issue with @IsDateString now it allow dates without with timezones to be set
  • @ValidateNested correctly generates validation error on non object and non array values
0.6.7
Fixed
  • fixed issue with @ValidateNested when nested property is not defined and it throw an error (#​59)
0.6.5
Fixed
  • fixed bugs with @IsUrl, @IsEmail and several other decorators
0.6.4
Added
  • added @IsMilitaryTime decorator.
0.6.3
Added
  • added validateOrReject method which rejects promise instead of returning array of errors in resolved result
0.6.1
Added
  • added @IsArray decorator.
0.6.0 [BREAKING CHANGE]
Added
  • breaking change with @ValidateNested on arrays: Validator now groups the validation errors by sub-object, rather than them all being grouped together. See #​32 for a demonstration of the updated structure.
  • added @ValidateIf decorator, see conditional validation in docs.
0.5.0 [BREAKING CHANGE]
Added

  • async validations must be marked with { async: true } option now.

    This is optional, but it helps to determine which decorators are async to prevent their execution in validateSync method.

  • added validateSync method that performs non asynchronous validation and ignores validations that marked with async: true.

  • there is a breaking change in registerDecorator method. Now it accepts options object.

  • breaking change with @ValidatorConstraint decorator. Now it accepts option object instead of single name.

0.4.1
Fixed
  • fixed issue with wrong source maps packaged
0.4.0 [BREAKING CHANGE]
Added
  • everything should be imported from "class-validator" main entry point now
  • ValidatorInterface has been renamed to ValidatorConstraintInterface
  • contain can be set in the main entry point now
  • some decorator's names changed. Be aware of this
  • added few more non-string decorators
  • validator now returns array of ValidationError instead of ValidationErrorInterface. Removed old ValidationError
  • removed all other validation methods except validator.validate
  • finally validate method is async now, so custom async validations are supported now
  • added ability to validate inherited properties
  • added support of separate validation schemas
  • added support of default validation messages
  • added support of special tokens in validation messages
  • added support of message functions in validation options
  • added support of custom decorators
  • if no groups were specified, decorators with groups now are being ignored
  • changed signature of the `ValidationE

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/npm-class-validator-vulnerability branch from d47c1cf to 1323ce2 Compare August 13, 2025 23:27
@renovate renovate bot force-pushed the renovate/npm-class-validator-vulnerability branch from 1323ce2 to 34623a6 Compare August 23, 2025 07:23
@renovate renovate bot force-pushed the renovate/npm-class-validator-vulnerability branch from 34623a6 to 52decbd Compare September 1, 2025 01:51
@renovate renovate bot force-pushed the renovate/npm-class-validator-vulnerability branch from 52decbd to 69fff05 Compare September 26, 2025 07:01
@renovate renovate bot force-pushed the renovate/npm-class-validator-vulnerability branch from 69fff05 to 6aea2e9 Compare October 23, 2025 20:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants