[Snyk] Upgrade string-kit from 0.8.16 to 0.12.8

[snyk-bot]

Snyk has created this PR to upgrade string-kit from 0.8.16 to 0.12.8.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 39 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2021-08-17.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-STRINGKIT-1567201	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: string-kit

• 0.12.8 - 2021-08-17
• 0.12.7 - 2021-08-17
• 0.12.6 - 2021-08-17
• 0.12.5 - 2021-04-05
• 0.12.4 - 2021-04-05
• 0.12.3 - 2021-04-04
• 0.12.2 - 2021-04-04
• 0.12.1 - 2021-03-29
• 0.12.0 - 2021-02-05
• 0.11.10 - 2021-01-13
• 0.11.9 - 2021-01-13
• 0.11.8 - 2020-07-20
• 0.11.7 - 2020-04-04
• 0.11.6 - 2019-12-31
• 0.11.5 - 2019-12-31
• 0.11.3 - 2019-12-23
• 0.11.2 - 2019-12-13
• 0.11.1 - 2019-12-04
• 0.11.0 - 2019-12-04
• 0.10.6 - 2019-12-03
• 0.10.5 - 2019-12-03
• 0.10.4 - 2019-12-03
• 0.10.3 - 2019-11-11
• 0.10.2 - 2019-11-10
• 0.10.1 - 2019-09-27
• 0.10.0 - 2019-09-24
• 0.9.12 - 2019-09-10
• 0.9.11 - 2019-09-09
• 0.9.10 - 2019-07-30
• 0.9.9 - 2019-07-12
• 0.9.8 - 2019-07-05
• 0.9.7 - 2019-06-30
• 0.9.6 - 2019-06-23
• 0.9.5 - 2019-05-18
• 0.9.4 - 2019-04-25
• 0.9.3 - 2019-04-12
• 0.9.2 - 2019-04-10
• 0.9.1 - 2019-01-30
• 0.9.0 - 2019-01-07
• 0.8.16 - 2019-01-07

from string-kit GitHub release notes

Commit messages

Package name: string-kit

• 9cac4c2 Brand new .naturalSort() code, it was previously borrowed code that was slow and vulnerable to RegExp DoS, the new code is made by myself, has no RegExp, only matching forward, is more flexible and easiest to maintain ([Snyk] Upgrade seventh from 0.7.40 to 0.8.0 #3)
• 694f697 .format() and Babel-Tower interop, exposing stringKit.format.modes
• 8bbd129 Merge branch 'master' of github:cronvel/string-kit
• adac8c9 .format() and Babel-Tower interop, exposing stringKit.format.modes
• 558d687 .format() and Babel-Tower interop'
• 3fb8132 SECURITY.md
• b20dc9f SECURITY.md
• 5dac1b6 SECURITY.md
• 826ad5f bench
• 324385a .eslintrc.js and fix shadow
• 36df8fb Documentation
• 8f6e8b0 .format(): %n/%N improvements
• 0732ff9 .format(): new Scientific Notation (e.g. 1.23 × 10²)
• 251dd0f .format()'s new float mode: 'g' for group separator (thousands)
• 2289173 wip
• a70582d .format(): new %P/%p format for absolute/relative percent
• 1d05d11 .inspect() new option: 'minimalPlusConstructor' and 'noTypeButConstructor' (for displaying non-trivial constructor)
• 70ca1bd merge
• bfeb863 comment
• 4a99316 [Maybe breaking] .format() now use the new StringNumber class, used for number formatting
• 07332ff Wip: metric system format
• 570bc32 .format() now use StringNumber for %f
• 1865807 New StringNumber class
• 79ad56b copyright year update

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs