Skip to content

v1.3.2
Compare
Choose a tag to compare
@cyyynthia cyyynthia released this 16 Apr 17:44
· 16 commits to mistress since this release
v1.3.2
This tag was signed with the committer’s verified signature.
cyyynthia Cynthia
GPG key ID: CB561F74DCEAE23B
Verified
Learn about vigilant mode.
35c77ea
This commit was signed with the committer’s verified signature.
cyyynthia Cynthia
GPG key ID: CB561F74DCEAE23B
Verified
Learn about vigilant mode.

Fixes the issue reported in #37 -- the library would fail to parse a document containing a one-line string, with an escaped double-quote, preceded by an escaped backslash, such as key = "value \\\" value".

Apologies for the lack of proper v1.3.1 tag; this release addressed GHSA-pqhp-25j4-6hq9 by adding a maximum depth while parsing.

Additionally, releases are now published to NPM with provenance attestations

What's Changed

  • fix: improve string end detection when preceded by an escaped backslash by @cyyynthia
  • fix: enforce maximum depth when parsing/stringifying by @cyyynthia

Full Changelog: v1.3.0...v1.3.2

Contributors

cyyynthia
Assets 2
Loading