[Snyk] Upgrade ember-source from 3.12.0 to 3.16.3

[snyk-bot]

Snyk has created this PR to upgrade ember-source from 3.12.0 to 3.16.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 33 versions ahead of your current version.
• The recommended version was released a month ago, on 2020-02-18.

The recommended version fixes:

Severity	Issue	Exploit Maturity
	Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-536840	No Known Exploit
	Prototype Pollution SNYK-JS-HANDLEBARS-534988	No Known Exploit
	Arbitrary Code Execution SNYK-JS-HANDLEBARS-534478	No Known Exploit
	Denial of Service (DoS) SNYK-JS-HANDLEBARS-480388	No Known Exploit
	Prototype Pollution SNYK-JS-HANDLEBARS-469063	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ACORN-559469	No Known Exploit
	Timing Attack SNYK-JS-ELLIPTIC-511941	No Known Exploit
	Information Exposure SNYK-JS-KINDOF-537849	Proof of Concept

Release notes

Package name: ember-source

• 3.16.3 - 2020-02-18
  

  CHANGELOG

  • #18730 Workaround for the Glimmer VM bug which encodes/decodes integer literals correctly.
• 3.16.2 - 2020-02-10
  

  CHANGELOG

  • #18721 [BUGFIX] Backport autotracking bugfixes
  • #18729 [BUGFIX] Remove deprecation for instantiation of new singleton instances (e.g. a service) during teardown (originally added in 3.16.1 by #18717).
• 3.16.1 - 2020-02-03
  

  CHANGELOG

  • #18691 [BUGFIX] Updated component and helper blueprints to use import { hbs } from 'ember-cli-htmlbars'.
  • #18698 [BUGFIX] Ensure tag updates are buffered
  • #18713 [BUGFIX] Update @glimmer/syntax to ensure that using <Title />, <Script />, and <Style /> does not error.
  • #18717 [BUGFIX] Ensure instantiation cannot happen after destruction.
  • #18720 [BUGFIX] Ensure correct @ember/edition-utils is used (1.2.0).
• 3.16.0 - 2020-01-20
  

  CHANGELOG

  • #18436 [DEPRECATION] Deprecate globals resolver per RFC #331.
  • #18668 [BUGFIX] Fix some scenarios where the "backtracking assertion" would be thrown by consuming tags after fully getting values
  • #18651 [BUGFIX] Async functions were incorrectly treated as falsey in template conditionals
• 3.16.0-beta.1 - 2019-12-10
  

  CHANGELOG

  • #18436 [DEPRECATION] Deprecate globals resolver per RFC #331.
• 3.15.0 - 2019-12-10
• 3.15.0-beta.5 - 2019-12-05
• 3.15.0-beta.4 - 2019-12-05
• 3.15.0-beta.3 - 2019-11-19
• 3.15.0-beta.2 - 2019-11-12
• 3.15.0-beta.1 - 2019-11-01
• 3.14.3 - 2019-12-03
• 3.14.2 - 2019-11-20
• 3.14.1 - 2019-10-30
• 3.14.0 - 2019-10-29
• 3.14.0-beta.5 - 2019-10-14
• 3.14.0-beta.4 - 2019-10-07
• 3.14.0-beta.3 - 2019-10-01
• 3.14.0-beta.2 - 2019-09-24
• 3.14.0-beta.1 - 2019-09-22
• 3.13.4 - 2019-10-29
• 3.13.3 - 2019-10-08
• 3.13.2 - 2019-09-25
• 3.13.1 - 2019-09-24
• 3.13.0 - 2019-09-19
• 3.13.0-beta.5 - 2019-09-04
• 3.13.0-beta.4 - 2019-08-27
• 3.13.0-beta.3 - 2019-08-20
• 3.13.0-beta.2 - 2019-08-13
• 3.13.0-beta.1 - 2019-08-07
• 3.12.3 - 2020-03-13
• 3.12.2 - 2019-12-04
• 3.12.1 - 2019-11-21
• 3.12.0 - 2019-08-06

from ember-source GitHub release notes

Commit messages

Package name: ember-source

• 7a78633 v3.16.3
• 2cfb760 Add v3.16.3 to CHANGELOG
• 5ca7772 [DOC release] Update documentation for tracked with classic classes
• 1b53ac0 [BUGFIX lts] Add test ensuring singletons instantiated during destruction are destroyed.
• 97c3993 [BUGFIX lts] Workaround for integer literals
• 55ffe41 Revert "[BUGFIX lts] Workaround for integer literals"
• 9ec1702 [BUGFIX lts] Workaround for integer literals
• e295527 3.16.2
• 83410de Add v3.16.2 to CHANGELOG.md.
• 055fab0 [BUGFIX lts] Revert container deprecation
• 4f10138 Merge pull request #18721 from emberjs/backport/autotracking-bugfixes
• 23d3ff0 3.16.1
• a9e9042 Add v3.16.1 to CHANGELOG.md.
• a33a246 Fix prettier issues.
• 63f9f45 [BUGFIX release] Correctly links ArrayProxy tags to `arrangedContent`
• 0aa4e5f [BUGFIX release] Fixes tag chaining on Proxy mixins
• dceadb9 [BUGFIX release] Ensures the arg proxy works with `get`
• 7ffd647 Update minimum @ember/edition-utils to 1.2.0.
• 645dab5 [BUGFIX lts] Ensure instantiation cannot happen after destruction.
• 2ef87f8 Merge pull request #18713 from rwjblue/backport-sht-update
• f050531 Backport updates to @glimmer/syntax for simple-html-tokenizer.
• deefc2e [BUGFIX release] Ensure tag updates are buffered (#18698)
• 2a54362 bump glimmer
• 2f24f89 [BUGFIX release] Ensure tag updates are buffered

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs