[Snyk] Upgrade ramda from 0.27.1 to 0.29.1

[jakefenley-mh]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade ramda from 0.27.1 to 0.29.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 4 versions ahead of your current version.
• The recommended version was released 6 months ago, on 2023-10-05.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	430/1000 Why? CVSS 8.6	No Known Exploit
	Prototype Poisoning SNYK-JS-QS-3153490	430/1000 Why? CVSS 8.6	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	430/1000 Why? CVSS 8.6	Proof of Concept
	Open Redirect SNYK-JS-EXPRESS-6474509	430/1000 Why? CVSS 8.6	No Known Exploit
	Prototype Pollution SNYK-JS-JSON5-3182856	430/1000 Why? CVSS 8.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-RAMDA-1582370	430/1000 Why? CVSS 8.6	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	430/1000 Why? CVSS 8.6	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: ramda

• 0.29.1 - 2023-10-05
  

  Upgrade guide: #3415

• 0.29.0 - 2023-04-02
  

  Added

  🆕 addIndexRight
  🆕 isNotNil
  🆕 swap
  🆕 dropRepeatsBy

  Removed

  Deprecated

  Changes

  ⚠️ propEq/pathEq parameter order

  • Documentation improvements
  • Transducer updates
  • Some support for types
  • Many more!

  Thank you to everyone who contributed to this release!

• 0.28.0 - 2022-01-16
  

  A long-overdue release with many updates, documented in #3218.

• 0.27.2 - 2022-01-11
  

  This release patches a security vulnerability in the implementation of trim (#3212).

• 0.27.1 - 2020-07-30
  

  Let's pretend v0.27.0 never happened. 😉

from ramda GitHub release notes

Commit messages

Package name: ramda

• acbf91a Version 0.29.1
• 677bff4 fix: _curryN receive enough args (#3410)
• 2df3b95 remove broken link to bitsrc in readme (#3402)
• e07a0d5 fix: modify curry doc (#3398)
• de77106 fix: add sideEffects flag for es package.json (#3399)
• 165d2ae fix: make swap work when swapped items are arrays (#3394)
• 6dd4ac9 add AsyncFunction example (#3391)
• 9c2310c version es dist folder (#3382)
• 241f811 ramda#3340: support empty path in modifyPath (#3376)
• de5803d update docs for propEq (#3373)
• 7ed79b4 Fix for #3367: Documentation errors in R.swap examples (#3368)
• d67552d update license year (#3366)
• afe98b0 Version 0.29.0
• cb73de9 Make traverse and sequence Fantasy-Land compliant (#3360)
• 171b34e Replace "the the" -> "the" (#3291)
• 50c6b57 extract Just related duplicated code (#3276)
• dec329d refactor: `of` now works with Applicatives (#3272)
• a4998cf change propEq/pathEq parameters order (#2938)
• a5aea90 add/modify tests which can act as a transducer (#3269)
• d009984 update package.json exports section to support node version 10 to 17 (#3270)
• 6d38d5a feat: using npm-run-all -p to run scripts parallel (#3100)
• e6b0047 revert(times): **replacing while loop with for loop**
• 3141d1a chore(times): using `push` method instead of direct assignment
• 82cc5d5 chore(times): using `var` instead of `let` for loop variable

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs