chore(release): publish

 - [email protected]
 - [email protected]
 - [email protected]
 - [email protected]
 - [email protected]
 - [email protected]
 - [email protected]
 - [email protected]
 - [email protected]
 - [email protected]
 - [email protected]
 - [email protected]

Author: wdavidw

demo/browser/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.1.10](https://github.com/adaltas/node-csv/compare/[email protected]@0.1.10) (2023-05-09)
+
+**Note:** Version bump only for package csv-demo-browser
+
+
+
+
+
 ## [0.1.9](https://github.com/adaltas/node-csv/compare/[email protected]@0.1.9) (2023-05-04)
 
 **Note:** Version bump only for package csv-demo-browser

demo/browser/package.json

@@ -1,6 +1,6 @@
 {
   "name": "csv-demo-browser",
-  "version": "0.1.9",
+  "version": "0.1.10",
   "main": "index.js",
   "license": "MIT",
   "type": "module",
@@ -20,10 +20,10 @@
     "start": "node server.js"
   },
   "dependencies": {
-    "csv": "^6.2.12",
+    "csv": "^6.3.0",
     "csv-generate": "^4.2.6",
     "csv-parse": "^5.3.10",
-    "csv-stringify": "^6.3.4",
+    "csv-stringify": "^6.4.0",
     "express": "^4.18.2",
     "stream-transform": "^3.2.6"
   }

demo/cjs/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.2.8](https://github.com/adaltas/node-csv/compare/[email protected]@0.2.8) (2023-05-09)
+
+**Note:** Version bump only for package csv-demo-cjs
+
+
+
+
+
 ## [0.2.7](https://github.com/adaltas/node-csv/compare/[email protected]@0.2.7) (2023-05-04)
 
 **Note:** Version bump only for package csv-demo-cjs

demo/cjs/package.json

@@ -1,14 +1,14 @@
 {
   "name": "csv-demo-cjs",
-  "version": "0.2.7",
+  "version": "0.2.8",
   "main": "index.js",
   "license": "MIT",
   "type": "commonjs",
   "private": true,
   "dependencies": {
-    "csv": "^6.2.12",
+    "csv": "^6.3.0",
     "csv-parse": "^5.3.10",
-    "csv-stringify": "^6.3.4"
+    "csv-stringify": "^6.4.0"
   },
   "devDependencies": {
     "@types/node": "^18.15.3",

demo/eslint/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.1.14](https://github.com/adaltas/node-csv/compare/[email protected]@0.1.14) (2023-05-09)
+
+**Note:** Version bump only for package csv-demo-eslint
+
+
+
+
+
 ## [0.1.13](https://github.com/adaltas/node-csv/compare/[email protected]@0.1.13) (2023-05-04)
 
 **Note:** Version bump only for package csv-demo-eslint

demo/eslint/package.json

@@ -1,6 +1,6 @@
 {
   "name": "csv-demo-eslint",
-  "version": "0.1.13",
+  "version": "0.1.14",
   "description": "",
   "main": "index.js",
   "private": true,
@@ -10,7 +10,7 @@
   },
   "license": "MIT",
   "dependencies": {
-    "csv-stringify": "^6.3.4"
+    "csv-stringify": "^6.4.0"
   },
   "devDependencies": {
     "eslint": "^8.36.0",

demo/esm/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.0.22](https://github.com/adaltas/node-csv/compare/[email protected]@0.0.22) (2023-05-09)
+
+**Note:** Version bump only for package csv-demo-esm
+
+
+
+
+
 ## [0.0.21](https://github.com/adaltas/node-csv/compare/[email protected]@0.0.21) (2023-05-04)
 
 **Note:** Version bump only for package csv-demo-esm

demo/esm/package.json

@@ -1,12 +1,12 @@
 {
   "name": "csv-demo-esm",
-  "version": "0.0.21",
+  "version": "0.0.22",
   "main": "index.js",
   "license": "MIT",
   "type": "module",
   "private": true,
   "dependencies": {
-    "csv": "^6.2.12",
+    "csv": "^6.3.0",
     "csv-parse": "^5.3.10"
   },
   "devDependencies": {

demo/issues-cjs/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.1.9](https://github.com/adaltas/node-csv/compare/[email protected]@0.1.9) (2023-05-09)
+
+**Note:** Version bump only for package csv-issues-cjs
+
+
+
+
+
 ## [0.1.8](https://github.com/adaltas/node-csv/compare/[email protected]@0.1.8) (2023-05-04)
 
 **Note:** Version bump only for package csv-issues-cjs

demo/issues-cjs/package.json

@@ -1,12 +1,12 @@
 {
   "name": "csv-issues-cjs",
-  "version": "0.1.8",
+  "version": "0.1.9",
   "main": "index.js",
   "license": "MIT",
   "private": true,
   "dependencies": {
     "csv-parse": "^5.3.10",
-    "csv-stringify": "^6.3.4"
+    "csv-stringify": "^6.4.0"
   },
   "devDependencies": {
     "coffeescript": "^2.7.0",

demo/issues-esm/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.0.13](https://github.com/adaltas/node-csv/compare/[email protected]@0.0.13) (2023-05-09)
+
+**Note:** Version bump only for package csv-issues-esm
+
+
+
+
+
 ## [0.0.12](https://github.com/adaltas/node-csv/compare/[email protected]@0.0.12) (2023-05-04)
 
 **Note:** Version bump only for package csv-issues-esm

demo/issues-esm/package.json

@@ -1,6 +1,6 @@
 {
   "name": "csv-issues-esm",
-  "version": "0.0.12",
+  "version": "0.0.13",
   "main": "index.js",
   "license": "MIT",
   "type": "module",
@@ -28,7 +28,7 @@
   "dependencies": {
     "csv-generate": "^4.2.6",
     "csv-parse": "^5.3.10",
-    "csv-stringify": "^6.3.4",
+    "csv-stringify": "^6.4.0",
     "desm": "^1.3.0"
   }
 }

demo/ts-cjs-node16/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.2.8](https://github.com/adaltas/node-csv/compare/csv-demo-ts-moduleresolution-node16-cjs@[email protected]) (2023-05-09)
+
+**Note:** Version bump only for package csv-demo-ts-moduleresolution-node16-cjs
+
+
+
+
+
 ## [0.2.7](https://github.com/adaltas/node-csv/compare/csv-demo-ts-moduleresolution-node16-cjs@[email protected]) (2023-05-04)
 
 **Note:** Version bump only for package csv-demo-ts-moduleresolution-node16-cjs

demo/ts-cjs-node16/package.json

@@ -1,10 +1,10 @@
 {
   "name": "csv-demo-ts-moduleresolution-node16-cjs",
-  "version": "0.2.7",
+  "version": "0.2.8",
   "dependencies": {
     "csv-generate": "^4.2.6",
     "csv-parse": "^5.3.10",
-    "csv-stringify": "^6.3.4",
+    "csv-stringify": "^6.4.0",
     "stream-transform": "^3.2.6"
   },
   "main": "index.js",

demo/ts-esm-node16/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.2.8](https://github.com/adaltas/node-csv/compare/[email protected]@0.2.8) (2023-05-09)
+
+**Note:** Version bump only for package csv-demo-ts-module-node16
+
+
+
+
+
 ## [0.2.7](https://github.com/adaltas/node-csv/compare/[email protected]@0.2.7) (2023-05-04)
 
 **Note:** Version bump only for package csv-demo-ts-module-node16

demo/ts-esm-node16/package.json

@@ -1,14 +1,14 @@
 {
   "name": "csv-demo-ts-module-node16",
-  "version": "0.2.7",
+  "version": "0.2.8",
   "main": "index.js",
   "license": "MIT",
   "type": "module",
   "private": true,
   "dependencies": {
     "csv-generate": "^4.2.6",
     "csv-parse": "^5.3.10",
-    "csv-stringify": "^6.3.4",
+    "csv-stringify": "^6.4.0",
     "stream-transform": "^3.2.6"
   },
   "devDependencies": {

demo/webpack-ts/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.1.10](https://github.com/adaltas/node-csv/compare/[email protected]@0.1.10) (2023-05-09)
+
+**Note:** Version bump only for package csv-demo-webpack-ts
+
+
+
+
+
 ## [0.1.9](https://github.com/adaltas/node-csv/compare/[email protected]@0.1.9) (2023-05-04)
 
 **Note:** Version bump only for package csv-demo-webpack-ts

demo/webpack-ts/package.json

@@ -1,6 +1,6 @@
 {
   "name": "csv-demo-webpack-ts",
-  "version": "0.1.9",
+  "version": "0.1.10",
   "description": "",
   "private": true,
   "keywords": [],
@@ -9,7 +9,7 @@
   "dependencies": {
     "csv-generate": "^4.2.6",
     "csv-parse": "^5.3.10",
-    "csv-stringify": "^6.3.4",
+    "csv-stringify": "^6.4.0",
     "http-server": "^14.1.1",
     "stream-transform": "^3.2.6"
   },

demo/webpack/CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [0.1.12](https://github.com/adaltas/node-csv/compare/[email protected]@0.1.12) (2023-05-09)
+
+**Note:** Version bump only for package csv-demo-webpack
+
+
+
+
+
 ## [0.1.11](https://github.com/adaltas/node-csv/compare/[email protected]@0.1.11) (2023-05-04)
 
 **Note:** Version bump only for package csv-demo-webpack

demo/webpack/package.json

@@ -1,6 +1,6 @@
 {
   "name": "csv-demo-webpack",
-  "version": "0.1.11",
+  "version": "0.1.12",
   "description": "",
   "private": true,
   "scripts": {
@@ -16,10 +16,10 @@
     "webpack-cli": "^5.0.1"
   },
   "dependencies": {
-    "csv": "^6.2.12",
+    "csv": "^6.3.0",
     "csv-generate": "^4.2.6",
     "csv-parse": "^5.3.10",
-    "csv-stringify": "^6.3.4",
+    "csv-stringify": "^6.4.0",
     "http-server": "^14.1.1",
     "stream-browserify": "^3.0.0",
     "stream-transform": "^3.2.6"

packages/csv-stringify/CHANGELOG.md

@@ -3,6 +3,15 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [6.4.0](https://github.com/adaltas/node-csv/compare/[email protected]@6.4.0) (2023-05-09)
+
+
+### Features
+
+* add unicode chars to formula escape ([#387](https://github.com/adaltas/node-csv/issues/387)) ([1fc177c](https://github.com/adaltas/node-csv/commit/1fc177c605e8a88e403539806890695a6ba72dec))
+
+
+
 ## [6.3.4](https://github.com/adaltas/node-csv/compare/[email protected]@6.3.4) (2023-05-04)
 
 **Note:** Version bump only for package csv-stringify

packages/csv-stringify/dist/cjs/index.cjs

@@ -475,6 +475,12 @@ const stringifier = function(options, state, info){
             }
           });
           quotedMatch = quotedMatch && quotedMatch.length > 0;
+          // See https://github.com/adaltas/node-csv/pull/387
+          // More about CSV injection or formula injection, when websites embed
+          // untrusted input inside CSV files:
+          // https://owasp.org/www-community/attacks/CSV_Injection
+          // http://georgemauer.net/2017/10/07/csv-injection.html
+          // Apple Numbers unicode normalization is empirical from testing
           if (escape_formulas) {
             switch (value[0]) {
             case '=':

packages/csv-stringify/dist/cjs/sync.cjs

@@ -473,6 +473,12 @@ const stringifier = function(options, state, info){
             }
           });
           quotedMatch = quotedMatch && quotedMatch.length > 0;
+          // See https://github.com/adaltas/node-csv/pull/387
+          // More about CSV injection or formula injection, when websites embed
+          // untrusted input inside CSV files:
+          // https://owasp.org/www-community/attacks/CSV_Injection
+          // http://georgemauer.net/2017/10/07/csv-injection.html
+          // Apple Numbers unicode normalization is empirical from testing
           if (escape_formulas) {
             switch (value[0]) {
             case '=':

packages/csv-stringify/dist/esm/index.js

@@ -5533,6 +5533,12 @@ const stringifier = function(options, state, info){
             }
           });
           quotedMatch = quotedMatch && quotedMatch.length > 0;
+          // See https://github.com/adaltas/node-csv/pull/387
+          // More about CSV injection or formula injection, when websites embed
+          // untrusted input inside CSV files:
+          // https://owasp.org/www-community/attacks/CSV_Injection
+          // http://georgemauer.net/2017/10/07/csv-injection.html
+          // Apple Numbers unicode normalization is empirical from testing
           if (escape_formulas) {
             switch (value[0]) {
             case '=':

packages/csv-stringify/dist/esm/sync.js

@@ -2443,6 +2443,12 @@ const stringifier = function(options, state, info){
             }
           });
           quotedMatch = quotedMatch && quotedMatch.length > 0;
+          // See https://github.com/adaltas/node-csv/pull/387
+          // More about CSV injection or formula injection, when websites embed
+          // untrusted input inside CSV files:
+          // https://owasp.org/www-community/attacks/CSV_Injection
+          // http://georgemauer.net/2017/10/07/csv-injection.html
+          // Apple Numbers unicode normalization is empirical from testing
           if (escape_formulas) {
             switch (value[0]) {
             case '=':