Sourced from node-sass's releases.

v7.0.0

Breaking changes

• Drop support for Node 15 (@​nschonni)
• Set rejectUnauthorized to true by default (@​scott-ut, #3149)

Features

• Add support for Node 17 (@​nschonni)

Dependencies

• Bump eslint from 7.32.0 to 8.0.0 (@​nschonni, #3191)
• Bump fs-extra from 0.30.0 to 10.0.0 (@​nschonni, #3102)
• Bump npmlog from 4.1.2 to 5.0.0 (@​nschonni, #3156)
• Bump chalk from 1.1.3 to 4.1.2 (@​nschonni, #3161)

Community

• Remove double word "support" from documentation (@​pzrq, #3159)

Misc

• Bump various GitHub Actions dependencies (@​nschonni)

Supported Environments

OS	Architecture	Node
Windows	x86 & x64	12, 14, 16, 17
OSX	x64	12, 14, 16, 17
Linux*	x64	12, 14, 16, 17
Alpine Linux	x64	12, 14, 16, 17
FreeBSD	i386 amd64	12, 14

*Linux support refers to major distributions like Ubuntu, and Debian

v6.0.1

Dependencies

• Remove mkdirp (@​jimmywarting, #3108)
• Bump meow to 9.0.0 (@​ykolbin, #3125)
• Bump mocha to 9.0.1 (@​xzyfer, #3134)

Misc

• Use default Apline version from docker-node (@​nschonni, #3121)

Supported Environments

... (truncated)

• 918dcb3 Lint fix
• 0a21792 Set rejectUnauthorized to true by default (#3149)
• e80d4af chore: Drop EOL Node 15 (#3122)
• d753397 feat: Add Node 17 support (#3195)
• dcf2e75 build(deps-dev): bump eslint from 7.32.0 to 8.0.0
• bfa1a3c build(deps): bump actions/setup-node from 2.4.0 to 2.4.1
• 80d6c00 chore: Windows x86 on GitHub Actions (#3041)
• 566dc27 build(deps-dev): bump fs-extra from 0.30.0 to 10.0.0 (#3102)
• 7bb5157 build(deps): bump npmlog from 4.1.2 to 5.0.0 (#3156)
• 2efb38f build(deps): bump chalk from 1.1.3 to 4.1.2 (#3161)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

• 7efb22a 1.2.6
• ef88b93 security notice for additional prototype pollution issue
• c2b9819 isConstructorOrProto adapted from PR
• bc8ecee test from prototype pollution PR
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from gunicorn's releases.

19.5.0

== 19.5.0 ==

=== Core ===

• fix: Ensure response to HEAD request won't have message body
• fix: lock domain socket and remove on last arbiter exit (#1220)
• improvement: use EnvironmentError instead of socket.error (#939)
• add: new $FORWARDDED_ALLOW_IPS environment variable (#1205)
• fix: infinite recursion when destroying sockets (#1219)
• fix: close sockets on shutdown (#922)
• fix: clean up sys.exc_info calls to drop circular refs (#1228)
• fix: do post_worker_init after load_wsgi (#1248)

=== Workers ===

• fix access logging in gaiohttp worker (#1193)
• eventlet: handle QUIT in a new coroutine (#1217)
• gevent: remove obsolete exception clauses in run (#1218)
• tornado: fix extra "Server" response header (#1246)
• fix: unblock the wait loop under python 3.5 in sync worker (#1256)

=== Logging ===

• fix: log message for listener reloading (#1181)
• Let logging module handle traceback printing (#1201)
• improvement: Allow configuring logger_class with statsd_host (#1188)
• fix: traceback formatting (#1235)
• fix: print error logs on stderr and access logs on stdout (#1184)

=== Documentation ===

• Simplify installation instructions in gunicorn.org (#1072)
• Fix URL and default worker type in example_config (#1209)
• update django doc url to 1.8 lts (#1213)
• fix: miscellaneous wording corrections (#1216)
• Add PSF License Agreement of selectors.py to NOTICE (:issue: #1226)
• document LOGGING overriding (#1051)
• put a note that error logs are only errors from Gunicorn (#1124)
• add a note about the requirements of the threads workers under python 2.x (#1200)
• add access_log_format to config example (#1251)

=== Tests ===

• Use more pytest.raises() in test_http.py

• 7d61a60 add changelog
• 58f190d Merge pull request #1257 from benoitc/fix/1256
• b0c0333 unblock the wait loop under python 3.5
• 9d158be Add access_log_format to config example (#1251)
• ded610e add a note about the requirements of the threads workers under python 2.x
• 6f9ae5e put a note that error logs are only errors from Gunicorn.
• 65db610 print error logs on stderr and access logs on stdout
• 5fa32a6 document LOGGING overriding
• e005c9d reverse change in example_config.py
• 66546d6 fix #1246
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Sourced from pillow's releases.

6.2.0

https://pillow.readthedocs.io/en/stable/releasenotes/6.2.0.html

Sourced from pillow's changelog.

6.2.0 (2019-10-01)

• Catch buffer overruns #4104 [radarhere]

• Initialize rows_per_strip when RowsPerStrip tag is missing #4034 [cgohlke, radarhere]

• Raise error if TIFF dimension is a string #4103 [radarhere]

• Added decompression bomb checks #4102 [radarhere]

• Fix ImageGrab.grab DPI scaling on Windows 10 version 1607+ #4000 [nulano, radarhere]

• Corrected negative seeks #4101 [radarhere]

• Added argument to capture all screens on Windows #3950 [nulano, radarhere]

• Updated warning to specify when Image.frombuffer defaults will change #4086 [radarhere]

• Changed WindowsViewer format to PNG #4080 [radarhere]

• Use TIFF orientation #4063 [radarhere]

• Raise the same error if a truncated image is loaded a second time #3965 [radarhere]

• Lazily use ImageFileDirectory_v1 values from Exif #4031 [radarhere]

• Improved HSV conversion #4004 [radarhere]

• Added text stroking #3978 [radarhere, hugovk]

• No more deprecated bdist_wininst .exe installers #4029 [hugovk]

• Do not allow floodfill to extend into negative coordinates #4017 [radarhere]

... (truncated)

• 8a30d13 Updated CHANGES.rst [ci skip]
• 75602d1 6.2.0 version bump
• 4756af9 Updated CHANGES.rst [ci skip]
• cc16025 Merge pull request #4104 from radarhere/overrun
• fb84701 Merge pull request #4034 from cgohlke/patch-1
• b9693a5 Merge pull request #4103 from radarhere/dimension
• f228d0c Merge pull request #4102 from radarhere/decompression
• aaf2c42 Merge pull request #4000 from nulano/dpi_fix
• b36c1bc Merge pull request #4101 from radarhere/negative_seek
• 9a977b9 Raise error if dimension is a string
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.