v3.10.1

What's Changed

• fix: Promise callback sanitization bypass vulnerability by @patriksimek in #547

Full Changelog: v3.10.0...v3.10.1

v3.10.0

What's Changed

• Upstream security fixes @netroy in #540
• Modernization, added support for TypeScript compiler @patriksimek in #542

New Contributors

• @netroy made their first contribution in #540

Full Changelog: 3.9.19...v3.10.0

3.9.19

Fixes

cfa3fc6: Fix resolver issue.

3.9.18

New Features

dd81ff6: Add resolver API to create a shared resolver for multiple NodeVM instances allowing to cache scripts and increase sandbox startup times.
4d662e3: Allow to pass a function to require.context which is called with the filename allowing to specify the context pre file. (Thanks to @blakebyrnes)

Fixes

d88105f: Fix issue leaking host array through Proxy. (Thanks to @arkark (Takeshi Kaneko) of GMO Cybersecurity by Ierae, Inc.)
5206ba2: Fix issue with inspect being writeable. (Thanks to @arkark (Takeshi Kaneko) of GMO Cybersecurity by Ierae, Inc.)

3.9.17

Fixes

4b22e87: Fix issue in catch block protection. (Thanks to Xion (SeungHyun Lee) of KAIST Hacking Lab.)
f3db4de: Fix issue with host exceptions thrown in async functions leaking though the Promise.

3.9.16

Fixes

24c724d: Fix issue in transformer issue by reworking replacement logic. (Thanky to Xion (SeungHyun Lee) of KAIST Hacking Lab.)

3.9.15

Fixes

d534e57: Ensure no host objects are passed through to Error.prepareStackTrace. (Thanky to Seongil Wi from KAIST WSP Lab)

3.9.14

Fixes

fe3ab68: Support conditional export resolution with custom resolver (thanks to nick-klaviyo).

3.9.13

Fixes

1c365f7: Fix typescript error in index.d.ts.

3.9.12

New Features

81f625d: Add file system API.

Fixes

442feea: Fix parsing error with object pattern in catch clause.