Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade jsdom from 16.7.0 to 24.1.0 #45

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-io[bot]
Copy link

@snyk-io snyk-io bot commented Jul 17, 2024

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade jsdom from 16.7.0 to 24.1.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

  • The recommended version is 22 versions ahead of your current version.

  • The recommended version was released on 2 months ago.

Release notes
Package name: jsdom
  • 24.1.0 - 2024-05-26
    • Added the getSetCookie() method to the Headers class. (ushiboy)
    • Fixed the creation and parsing of elements with names from Object.prototype, like "constructor" or "toString".
    • Updated rweb-cssom, which can now parse additional CSS constructs.
  • 24.0.0 - 2024-01-21

    This release reverts our selector engine back to nwsapi. As discussed in #3659, the performance regressions from @ asamuzakjp/dom-selector turned out to be higher than anticipated. In the future, we can revisit @ asamuzakjp/dom-selector after it reaches nwsapi's performance on the two real-world benchmarks provided by the community.

    Since reverting to nwsapi causes several functionality regressions, e.g. removing :has() support, we've decided to make this a major version.

    Additionally:

    • Small fixes to edge-case behavior of the following properties: input.maxLength, input.minLength, input.size, progress.max, tableCell.colSpan, tableCell.rowSpan, tableCol.span, textArea.cols, textArea.maxLength, textArea.minLength, textArea.rows.
  • 23.2.0 - 2024-01-07

    This release switches our CSS selector engine from nwsapi to @ asamuzakjp/dom-selector. The new engine is more actively maintained, and supports many new selectors: see the package's documentation for the full list. It also works better with shadow trees.

    There is a potential of a performance regression due to this change. In our stress test benchmark, which runs most of these 273 selectors against this 128 KiB document, the new engine completes the benchmark only 0.25x as fast. However, we're hopeful that in more moderate usage this will not be a significant issue. Any help speeding up @ asamuzakjp/dom-selector is appreciated, and feel free to open an issue if this has had a significant impact on your project.

  • 23.1.0 - 2024-01-05
    • Added an initial implementation of ElementInternals, including the shadowRoot getter and the string-valued ARIA properties. (zjffun)
    • Added the string-valued ARIA attribute-reflecting properties to Element.
    • Fixed history.pushState() and history.replaceState() to follow the latest specification, notably with regards to how they handle empty string inputs and what new URLs are possible.
    • Fixed the input.valueAsANumber setter to handle NaN correctly. (alexandertrefz)
    • Updated various dependencies, including cssstyle which contains several bug fixes.
  • 23.0.1 - 2023-11-30
    • Fixed the incorrect canvas peer dependency introduced in v23.0.0.
  • 23.0.0 - 2023-11-26
    • Node.js v18 is now the minimum supported version.
    • Updated various dependencies, including whatwg-url which integrates various additions to the URL and URLSearchParams objects.
  • 22.1.0 - 2023-05-27
    • Added crypto.randomUUID(). (jamesbvaughan)
    • Added DOMRect and DOMRectReadOnly.
    • Added AbortSignal.timeout().
    • Added abortSignal.throwIfAborted().
    • Added support for the submitter argument to the FormData constructor. (jenseng)
    • Improved getComputedStyle()'s results for color-based properties, to resolve named colors and attempt to provide initial inheritance support. (hoekz-wwt)
    • Updated Window's event handler properties (e.g. oncopy, ontouchstart, etc.) to reflect the latest list from the standard.
    • Fixed DOMParser-created documents to inherit their URL from the creating document.
  • 22.0.0 - 2023-05-02
  • 21.1.2 - 2023-05-01
    • Fixed setRangeText() used on <input> and <textarea> elements to calculate the new end index correctly. (pmstss)
    • Fixed pageX, pageY, offsetX, and offsetY on MouseEvents during dispatch. (jenseng)
    • Upgraded nwsapi to v2.2.4, bringing along various fixes to our selector engine.
  • 21.1.1 - 2023-03-12
    • Fixed jsdom.reconfigure() to also adjust the URL as seen by the history API, so that e.g. history.replaceState(null, "") would not mess up the URL. (jdufresne)
    • Fixed location.hash = "" to leave any # in location.href.
    • Fixes a few bugs with CSS parsing by replacing cssom with rweb-cssom, since the latter is maintained. (seanparmelee)
  • 21.1.0 - 2023-01-22
  • 21.0.0 - 2023-01-07
  • 20.0.3 - 2022-11-20
  • 20.0.2 - 2022-10-30
  • 20.0.1 - 2022-10-02
  • 20.0.0 - 2022-06-19
  • 19.0.0 - 2021-12-02
  • 18.1.1 - 2021-11-21
  • 18.1.0 - 2021-11-12
  • 18.0.1 - 2021-11-01
  • 18.0.0 - 2021-10-08
  • 17.0.0 - 2021-08-13
  • 16.7.0 - 2021-08-01
from jsdom GitHub release notes

Important

  • Warning: This PR contains a major version upgrade, and may be a breaking change.
  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Snyk has created this PR to upgrade jsdom from 16.7.0 to 24.1.0.

See this package in npm:
jsdom

See this project in Snyk:
https://app.snyk.io/org/cachiman/project/c921c350-1338-4d09-9bc5-20cc4d88e669?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr
Copy link

google-cla bot commented Jul 17, 2024

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants