[Snyk] Upgrade pikaday from 1.5.1 to 1.8.2

[willem-delbare]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade pikaday from 1.5.1 to 1.8.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.
• The recommended version was released 2 years ago, on 2020-10-22.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOMENT-2944238	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Directory Traversal SNYK-JS-MOMENT-2440688	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: pikaday

• 1.8.2 - 2020-10-22
  

  Fixes:

  • Properly parse date string, fixes #735 #755 #688
  • Cleaner packages, see #542 #580
  • Add space for XHTML, fixes #526
  • CSS fixes, see #431 #430 #809 #883 #237 #869 #869 #730
  • Add clear functionality, see #720
  • Use unique IDs, fixes #650
  • Bubble event on left arrow, fixes #710
  • Show week numbers based on ISO 8601 by default, fixes #388 #825
• 1.8.1 - 2020-10-22
• 1.8.0 - 2018-10-17
  
  • Move to github organisation Pikaday/Pikaday
  • Add CSS-classes indicating position
  • Remove the Moment.js optional dependency
  • Add aria label text configuration
• 1.7.0 - 2017-12-12
  
  • Add keyboard input option, see #610
• 1.6.1 - 2017-06-14
  

  Fixes:

  • Fix memory leak, see #630
• 1.6.0 - 2017-05-31
  

  Adds:

  • Custom parsers, see #613
  • Pick a whole week, see #516
  • Events option: dates that you would like to differentiate from regular days, see #152
  • Configure if field is blurred when date is selected, see #631

  Fixes:

  • Re-introduce correct null behavor, fixes #654
  • The (re)position issue, see #643, #642
  • Prevent error when no field is bound, fixes #611
• 1.5.1 - 2016-10-28
  

  Adds:

  • Make Pikaday accessibile, see #522
  • Add possibility to reset the max and min date to the date picker
  • Show days in next and previous months

  Fixes:

  • Make Pikaday XHTML compatible, see #492
  • Remove unnecessary setTimeout call, fixes #496
  • Make disabled buttons not clickable in IE 10 and below, fixes #288

from pikaday GitHub release notes

Commit messages

Package name: pikaday

• 4524a48 1.8.2
• f32e8f6 1.8.1
• ead3410 Merge pull request #869 from jboeijenga/master
• dd9541a Merge branch 'master' into master
• 28bd449 Merge branch 'master' into scss-z-index
• 546f589 Merge pull request #819 from josephting/calendar-button-css
• 425d156 Merge remote-tracking branch 'origin/master' into josundt/master
• 6c5a7a1 Update momentjs, fixes #858
• 28c5924 Merge pull request #872 from echavezNS/master
• d07773e Fix jshint warnings.
• d9886a0 Update deps.
• 6a999f8 Merge pull request #883 from phegman/master
• f014d45 Merge pull request #889 from Pikaday/dependabot/npm_and_yarn/lodash-4.17.19
• b5f1e07 Merge pull request #893 from timgates42/bugfix_typo_text
• aedf084 docs: Fix simple typo, tekst -> text
• d7b7487 Bump lodash from 4.17.11 to 4.17.19
• 6a407dd Prevent setting inline position when `container` is passed
• 4233242 Make a variable for custom border-radius
• c4fdf86 Added has-event styling
• fe81236 New option "firstWeekOfYearMinDays" for culture relative week numbers
• 5234bd1 Fix #237
• 5c1a755 Merge pull request #473 from actano/bugfix-iso8601-week-number
• dd857b8 Merge pull request #710 from knor-el-snor/master
• f52cf70 Update pikaday.js

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs