Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade: jest-cli, jest, , , , , , , , , , concurrently, css-loader, rimraf, postcss-loader, sass-loader, ts-jest, typescript, webpack-cli #269

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade: jest-cli, jest, , , , , , , , , , concurrently, css-loader, rimraf, postcss-loader, sass-loader, ts-jest, typescript, webpack-cli #269

wants to merge 1 commit into from

Conversation

WontonSam
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

Name Versions Released on

jest-cli
from 27.5.1 to 29.7.0 | 49 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-09-12
jest
from 27.5.1 to 29.7.0 | 49 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-09-12
@testing-library/react
from 12.1.5 to 16.0.0 | 35 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 3 months ago
on 2024-06-03
@types/wordpress__components
from 9.8.6 to 23.0.12 | 33 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 6 months ago
on 2024-03-23
@wordpress/browserslist-config
from 4.1.3 to 6.6.0 | 77 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 22 days ago
on 2024-08-21
@wordpress/i18n
from 4.58.0 to 5.6.0 | 8 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 22 days ago
on 2024-08-21
@wordpress/element
from 4.20.0 to 6.6.0 | 67 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 22 days ago
on 2024-08-21
@wordpress/compose
from 5.20.0 to 7.6.0 | 69 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 22 days ago
on 2024-08-21
@wordpress/components
from 19.17.0 to 28.6.0 | 108 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 22 days ago
on 2024-08-21
@wordpress/data
from 6.15.0 to 10.6.0 | 87 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 22 days ago
on 2024-08-21
@wordpress/notices
from 3.31.0 to 5.6.0 | 61 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 22 days ago
on 2024-08-21
concurrently
from 7.6.0 to 8.2.2 | 6 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-10-19
css-loader
from 3.6.0 to 7.1.2 | 46 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 4 months ago
on 2024-05-22
rimraf
from 3.0.2 to 6.0.1 | 31 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
on 2024-07-10
postcss-loader
from 3.0.0 to 8.1.1 | 34 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 6 months ago
on 2024-02-28
sass-loader
from 10.5.2 to 16.0.1 | 30 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 24 days ago
on 2024-08-19
ts-jest
from 27.1.5 to 29.2.4 | 32 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a month ago
on 2024-08-01
typescript
from 4.9.5 to 5.5.4 | 595 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
on 2024-07-22
webpack-cli
from 3.3.12 to 5.1.4 | 40 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-06-07

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Uncontrolled resource consumption
SNYK-JS-BRACES-6838727		 169 Proof of Concept
high severity Inefficient Regular Expression Complexity
SNYK-JS-MICROMATCH-6838728		 169 No Known Exploit
high severity Prototype Pollution
SNYK-JS-UNSETVALUE-2400660		 169 No Known Exploit
medium severity Improper Input Validation
SNYK-JS-POSTCSS-5926692		 169 No Known Exploit
Release notes
Package name: jest-cli
  • 29.7.0 - 2023-09-12

    Features

    • [create-jest] Add npm init / yarn create initialiser for Jest projects (#14465)
    • [jest-validate] Allow deprecation warnings for unknown options (#14499)

    Fixes

    • [jest-resolver] Replace unmatched capture groups in moduleNameMapper with empty string instead of undefined (#14507)
    • [jest-snapshot] Allow for strings as well as template literals in inline snapshots (#14465)
    • [@ jest/test-sequencer] Calculate test runtime if perStats.duration is missing (#14473)

    Performance

    • [@ jest/create-cache-key-function] Cache access of NODE_ENV and BABEL_ENV (#14455)

    Chore & Maintenance

    • [jest-cli] Move internal config initialisation logic to the create-jest package (#14465)

    New Contributors

    Full Changelog: v29.6.4...v29.7.0

  • 29.6.4 - 2023-08-24

    Fixes

    • [jest-core] Fix typo in scheduleAndRun performance marker (#14434)
    • [jest-environment-node] Make sure atob and btoa are writeable in Node 20 (#14446)
    • [jest-worker] Additional error wrapper for parentPort.postMessage to fix unhandled DataCloneError. (#14437)

    New Contributors

    Full Changelog: v29.6.3...v29.6.4

  • 29.6.3 - 2023-08-21

    Fixes

    • [expect, @ jest/expect-utils] ObjectContaining support symbol as key (#14414)
    • [expect] Remove @ types/node from dependencies (#14385)
    • [jest-core] Use workers in watch mode by default to avoid crashes (#14059 & #14085).
    • [jest-reporters] Update istanbul-lib-instrument dependency to v6. (#14401)
    • [jest-mock] Revert #13692 as it was a breaking change (#14429)
    • [jest-mock] Revert #13866 as it was a breaking change (#14429)
    • [jest-mock] Revert #13867 as it was a breaking change (#14429)
    • [@ jest/reporters] Marks Reporter's hooks as optional (#14433)
    • [jest-runtime] Fix dynamic ESM import module bug when loaded module through jest.isolateModulesAsync (#14397)

    Chore & Maintenance

    • [jest-changed-files, jest-circus, jest-console, @ jest/core, @ jest/runtime, @ jest/transform] Use invariant and notEmpty from jest-util rather than own internal (#14366)

    New Contributors

    Full Changelog: v29.6.2...v29.6.3

  • 29.6.2 - 2023-07-27

    Fixes

    • [jest-circus] Fix snapshot matchers in concurrent tests when nr of tests exceeds maxConcurrency (#14335)
    • [@ jest/core] When running global setup and teardown, do not try to change the message property of the thrown error object when the message property is unwritable (#14113)
    • [jest-snapshot] Move @ types/prettier from dependencies to devDependencies (#14328)
    • [jest-snapshot] Throw an explicit error if Prettier v3 is used (#14367)
    • [jest-reporters] Add "skipped" and "todo" symbols to Github Actions Reporter (#14309)

    Chore & Maintenance

    • [@ jest/core] Use pluralize from jest-util rather than own internal (#14322)

    New Contributors

    Full Changelog: v29.6.1...v29.6.2

  • 29.6.1 - 2023-07-06

    Fixes

    • [jest-circus] Revert #14110 as it was a breaking change (#14304)

    Full Changelog: v29.6.0...v29.6.1

  • 29.6.0 - 2023-07-04

    Features

    • [jest-circus, jest-snapshot] Add support for snapshot matchers in concurrent tests (#14139)
    • [jest-cli] Include type definitions to generated config files (#14078)
    • [jest-snapshot] Support arrays as property matchers (#14025)
    • [jest-core, jest-circus, jest-reporter, jest-runner] Added support for reporting about start individual test cases using jest-circus (#14174)

    Fixes

    • [jest-circus] Prevent false test failures caused by promise rejections handled asynchronously (#14110)
    • [jest-config] Handle frozen config object (#14054)
    • [jest-config] Allow coverageDirectory and collectCoverageFrom in project config (#14180)
    • [jest-core] Always use workers in watch mode to avoid crashes (#14059).
    • [jest-environment-jsdom, jest-environment-node] Fix assignment of customExportConditions via testEnvironmentOptions when custom env subclass defines a default value (#13989)
    • [jest-matcher-utils] Fix copying value of inherited getters (#14007)
    • [jest-mock] Tweak typings to allow jest.replaceProperty() replace methods (#14008)
    • [jest-mock] Improve user input validation and error messages of spyOn and replaceProperty methods (#14087)
    • [jest-runtime] Bind jest.isolateModulesAsync to this (#14083)
    • [jest-runtime] Forward wrapperLength to the Script constructor as columnOffset for accurate debugging (#14148)
    • [jest-runtime] Guard _isMockFunction access with in (#14188)
    • [jest-snapshot] Fix a potential bug when not using prettier and improve performance (#14036)
    • [@ jest/transform] Do not instrument .json modules (#14048)
    • [jest-worker] Restart a shut down worker before sending it a task (#14015)

    Chore & Maintenance

    • [*] Update semver dependency to get vulnerability fix (#14262)
    • [docs] Updated documentation for the --runTestsByPath CLI command (#14004)
    • [docs] Updated documentation regarding the synchronous fallback when asynchronous code transforms are unavailable (#14056)
    • [docs] Update jest statistics of use and downloads in website Index.

    New Contributors

    Full Changelog: v29.5.0...v29.6.0

  • 29.5.0 - 2023-03-06

    Features

    • [jest-changed-files] Support Sapling (#13941)
    • [jest-circus, @ jest/cli, jest-config] Add feature to randomize order of tests via CLI flag or through the config file(#12922)
    • [jest-cli, jest-config, @ jest/core, jest-haste-map, @ jest/reporters, jest-runner, jest-runtime, @ jest/types] Add workerThreads configuration option to allow using worker threads for parallelization (#13939)
    • [jest-cli] Export yargsOptions (#13970)
    • [jest-config] Add openHandlesTimeout option to configure possible open handles warning. (#13875)
    • [@ jest/create-cache-key-function] Allow passing length argument to createCacheKey() function and set its default value to 16 on Windows (#13827)
    • [jest-message-util] Add support for AggregateError (#13946 & #13947)
    • [jest-message-util] Add support for Error causes in test and it (#13935 & #13966)
    • [jest-reporters] Add summaryThreshold option to summary reporter to allow overriding the internal threshold that is used to print the summary of all failed tests when the number of test suites surpasses it (#13895)
    • [jest-runtime] Expose @ sinonjs/fake-timers async APIs functions advanceTimersByTimeAsync(msToRun) (tickAsync(msToRun)), advanceTimersToNextTimerAsync(steps) (nextAsync), runAllTimersAsync (runAllAsync), and runOnlyPendingTimersAsync (runToLastAsync) (#13981)
    • [jest-runtime, @ jest/transform] Allow V8 coverage provider to collect coverage from files which were not loaded explicitly (#13974)
    • [jest-snapshot] Add support to cts and mts TypeScript files to inline snapshots (#13975)
    • [jest-worker] Add start method to worker farms (#13937)
    • [jest-worker] Support passing a URL as path to worker (#13982)

    Fixes

    • [babel-plugin-jest-hoist] Fix unwanted hoisting of nested jest usages (#13952)
    • [jest-circus] Send test case results for todo tests (#13915)
    • [jest-circus] Update message printed on test timeout (#13830)
    • [jest-circus] Avoid creating the word "testfalse" when takesDoneCallback is false in the message printed on test timeout AND updated timeouts test (#13954)
    • [jest-environment-jsdom] Stop setting document to null on teardown (#13972)
    • [@ jest/expect-utils] Update toStrictEqual() to be able to check jest.fn().mock.calls (#13960)
    • [@ jest/test-result] Allow TestResultsProcessor type to return a Promise (#13950)

    Chore & Maintenance

    • [jest-snapshot] Remove dependency on jest-haste-map (#13977)

    New Contributors

    Full Changelog: v29.4.3...v29.5.0

  • 29.4.3 - 2023-02-15

    Features

    • [expect] Update toThrow() to be able to use error causes (#13606)
    • [jest-core] allow to use workerIdleMemoryLimit with only 1 worker or runInBand option (#13846)
    • [jest-message-util] Add support for error causes (#13868 & #13912)
    • [jest-runtime] Revert import assertions for JSON modules as it's been relegated to Stage 2 (#13911)

    Fixes

    • [@ jest/expect-utils] subsetEquality should consider also an object's inherited string keys (#13824)
    • [jest-mock] Clear mock state when jest.restoreAllMocks() is called (#13867)
    • [jest-mock] Prevent mockImplementationOnce and mockReturnValueOnce bleeding into withImplementation (#13888)
    • [jest-mock] Do not restore mocks when jest.resetAllMocks() is called (#13866)

    New Contributors

    Full Changelog: v29.4.2...v29.4.3

  • 29.4.2 - 2023-02-07

    Features

    Fixes

    • [expect, @ jest/expect] Provide type of actual as a generic argument to Matchers to allow better-typed extensions (#13848)
    • [jest-circus] Added explicit mention of test failing because done() is not being called in error message (#13847)
    • [jest-runtime] Handle CJS re-exports of node core modules from ESM (#13856)
    • [jest-transform] Downgrade write-file-atomic to v4 (#13853)
    • [jest-worker] Ignore IPC messages not intended for Jest (#13543)

    Chore & Maintenance

    • [*] make sure to exclude .eslintcache from published module (#13832)
    • [docs] Cleanup incorrect links in CHANGELOG.md (#13857)

    New Contributors

    Full Changelog: v29.4.1...v29.4.2

  • 29.4.1 - 2023-01-26

    Features

    • [expect, jest-circus, @ jest/types] Implement numPassingAsserts of testResults to track the number of passing asserts in a test (

@snyk-bot
feat: upgrade multiple dependencies with Snyk
6047fc7 
Snyk has created this PR to upgrade:
  - jest-cli from 27.5.1 to 29.7.0.
    See this package in npm: https://www.npmjs.com/package/jest-cli
  - jest from 27.5.1 to 29.7.0.
    See this package in npm: https://www.npmjs.com/package/jest
  - @testing-library/react from 12.1.5 to 16.0.0.
    See this package in npm: https://www.npmjs.com/package/@testing-library/react
  - @types/wordpress__components from 9.8.6 to 23.0.12.
    See this package in npm: https://www.npmjs.com/package/@types/wordpress__components
  - @wordpress/browserslist-config from 4.1.3 to 6.6.0.
    See this package in npm: https://www.npmjs.com/package/@wordpress/browserslist-config
  - @wordpress/i18n from 4.58.0 to 5.6.0.
    See this package in npm: https://www.npmjs.com/package/@wordpress/i18n
  - @wordpress/element from 4.20.0 to 6.6.0.
    See this package in npm: https://www.npmjs.com/package/@wordpress/element
  - @wordpress/compose from 5.20.0 to 7.6.0.
    See this package in npm: https://www.npmjs.com/package/@wordpress/compose
  - @wordpress/components from 19.17.0 to 28.6.0.
    See this package in npm: https://www.npmjs.com/package/@wordpress/components
  - @wordpress/data from 6.15.0 to 10.6.0.
    See this package in npm: https://www.npmjs.com/package/@wordpress/data
  - @wordpress/notices from 3.31.0 to 5.6.0.
    See this package in npm: https://www.npmjs.com/package/@wordpress/notices
  - concurrently from 7.6.0 to 8.2.2.
    See this package in npm: https://www.npmjs.com/package/concurrently
  - css-loader from 3.6.0 to 7.1.2.
    See this package in npm: https://www.npmjs.com/package/css-loader
  - rimraf from 3.0.2 to 6.0.1.
    See this package in npm: https://www.npmjs.com/package/rimraf
  - postcss-loader from 3.0.0 to 8.1.1.
    See this package in npm: https://www.npmjs.com/package/postcss-loader
  - sass-loader from 10.5.2 to 16.0.1.
    See this package in npm: https://www.npmjs.com/package/sass-loader
  - ts-jest from 27.1.5 to 29.2.4.
    See this package in npm: https://www.npmjs.com/package/ts-jest
  - typescript from 4.9.5 to 5.5.4.
    See this package in npm: https://www.npmjs.com/package/typescript
  - webpack-cli from 3.3.12 to 5.1.4.
    See this package in npm: https://www.npmjs.com/package/webpack-cli

See this project in Snyk:
https://app.snyk.io/org/cachiman/project/fed55da8-2ff3-4b4e-b625-8f52acd3f0aa?utm_source=github&utm_medium=referral&page=upgrade-pr
@google-cla Google CLA
Copy link

google-cla bot commented Sep 12, 2024

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@WontonSam @snyk-bot