Change class-validator peer dependency to include version ^0.14.0 tha…

…t fixes a critical security issue

README.md

@@ -49,7 +49,9 @@ A lightweight library for dynamically validate Angular reactive forms using [cla
     "@angular/common": ">= 2.0.0 <= ^18.0.0",
     "@angular/core": ">= 2.0.0 <= ^18.0.0",
     "@angular/forms": ">= 2.0.0 <= ^18.0.0",
-    "class-validator": "^0.12.2"
+    "class-validator": ">= 0.12.0 <= ^0.14.0"
+
+###### _While this library will function with any version of class-validator within this range, we strongly recommend using class-validator ^0.14.0 or later due to a critical [security vulnerability](https://github.com/typestack/class-validator/blob/develop/CHANGELOG.md#:~:text=forbidUnknownValues%20option%20is%20enabled%20by%20default) addressed in versions 0.14.0 and beyond. This ensures the highest level of security for your application._
 
 ## Usage
 ### Defining classes with validators and deserializers

libs/ngx-reactive-form-class-validator/package.json

@@ -2,7 +2,7 @@
   "name": "ngx-reactive-form-class-validator",
   "description": "A lightweight library for dynamically validate Angular reactive forms using class-validator library.",
   "license": "MIT",
-  "version": "1.8.1",
+  "version": "1.8.2",
   "keywords": [
     "ng",
     "angular",
@@ -27,6 +27,6 @@
     "@angular/common": ">= 2.0.0 <= ^18.0.0",
     "@angular/core": ">= 2.0.0 <= ^18.0.0",
     "@angular/forms": ">= 2.0.0 <= ^18.0.0",
-    "class-validator": "^0.12.2"
+    "class-validator": ">= 0.12.0 <= ^0.14.0"
   }
 }

package.json

@@ -57,7 +57,7 @@
     "bump-version:patch": "cd libs/ngx-reactive-form-class-validator && npm version patch --force",
     "pre-publish:minor": "run-s bump-version:minor build:lib-pack",
     "pre-publish:major": "run-s bump-version:major build:lib-pack",
-    "pre-publish:patch": "run-s bump-version:patch build:lib-pack commit-git"
+    "pre-publish:patch": "run-s bump-version:patch build:lib-pack"
   },
   "private": true,
   "dependencies": {