Bump the npm_and_yarn group with 12 updates #78

dependabot · 2024-10-10T01:28:41Z

Bumps the npm_and_yarn group with 12 updates:

Package	From	To
karma	`6.3.4`	`6.4.4`
body-parser	`1.19.0`	`1.20.3`
cookie	`0.4.1`	`0.7.2`
json5	`2.2.0`	`2.2.3`
log4js	`6.3.0`	`6.9.1`
minimist	`1.2.5`	`1.2.8`
nanoid	`3.1.23`	`3.3.1`
mocha	`9.0.3`	`9.2.2`
qs	`6.7.0`	`6.13.0`
socket.io	`3.1.2`	`4.8.0`
socket.io-parser	`4.0.4`	`4.2.4`
ws	`7.4.6`	`8.17.1`

Updates karma from 6.3.4 to 6.4.4

Release notes

Sourced from karma's releases.

v6.4.4

6.4.4 (2024-07-29)

v6.4.3

6.4.3 (2024-02-24)

Bug Fixes

add build commits for patch release (d7f2d69)

v6.4.2

6.4.2 (2023-04-21)

Bug Fixes

few typos (c6a4271)

v6.4.1

6.4.1 (2022-09-19)

Bug Fixes

pass integrity value (63d86be)

v6.4.0

6.4.0 (2022-06-14)

Features

support SRI verification of link tags (dc51a2e)

support SRI verification of script tags (6a54b1c)

v6.3.20

6.3.20 (2022-05-13)

Bug Fixes

prefer IPv4 addresses when resolving domains (e17698f), closes #3730

v6.3.19

6.3.19 (2022-04-19)

Bug Fixes

... (truncated)

Changelog

Sourced from karma's changelog.

6.4.4 (2024-07-29)

6.4.3 (2024-02-24)

Bug Fixes

add build commits for patch release (d7f2d69)

6.4.2 (2023-04-21)

Bug Fixes

few typos (c6a4271)

6.4.1 (2022-09-19)

Bug Fixes

pass integrity value (63d86be)

6.4.0 (2022-06-14)

Features

support SRI verification of link tags (dc51a2e)

support SRI verification of script tags (6a54b1c)

6.3.20 (2022-05-13)

Bug Fixes

prefer IPv4 addresses when resolving domains (e17698f), closes #3730

6.3.19 (2022-04-19)

Bug Fixes

client: error out when opening a new tab fails (099b85e)

6.3.18 (2022-04-13)

Bug Fixes

... (truncated)

Commits

84f85e7 chore(release): 6.4.4 [skip ci]
a4d1284 build(deps-dev): bump ws from 6.2.1 to 6.2.3
d8cf806 chore(release): 6.4.3 [skip ci]
d7f2d69 fix: add build commits for patch release
85a2eeb build(deps-dev): bump decode-uri-component from 0.2.0 to 0.2.2
0bffce2 build(deps): updated socket.io version to fix security issues with socket.io-...
86667ab build(deps): bump follow-redirects from 1.11.0 to 1.15.4
450fdfd docs: Add deprecation notice to Karma README
9de3c00 chore(release): 6.4.2 [skip ci]
c6a4271 fix: few typos
Additional commits viewable in compare view

Updates body-parser from 1.19.0 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/body-parser#522

ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/body-parser#523

fix: pin to [email protected] by @wesleytodd in expressjs/body-parser#527

deps: [email protected] by @melikhov-dev in expressjs/body-parser#521

Add OSSF Scorecard badge by @bjohansebas in expressjs/body-parser#531

Linter by @UlisesGascon in expressjs/body-parser#534

Release: 1.20.3 by @UlisesGascon in expressjs/body-parser#535

New Contributors

@inigomarquinez made their first contribution in expressjs/body-parser#522

@melikhov-dev made their first contribution in expressjs/body-parser#521

@bjohansebas made their first contribution in expressjs/body-parser#531

@UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: [email protected]

1.20.1

deps: [email protected]

perf: remove unnecessary object clone

1.20.0

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

... (truncated)

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

deps: [email protected]

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: [email protected]

1.20.1 / 2022-10-06

deps: [email protected]

perf: remove unnecessary object clone

1.20.0 / 2022-04-02

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

1.19.2 / 2022-02-15

deps: [email protected]

deps: [email protected]

Fix handling of __proto__ keys

deps: [email protected]

deps: [email protected]

1.19.1 / 2021-12-10

... (truncated)

Commits

1752951 1.20.3
39744cf chore: linter (#534)
b2695c4 Merge commit from fork
ade0f3f add scorecard to readme (#531)
99a1bd6 deps: [email protected] (#521)
9478591 fix: pin to [email protected]
83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
9d4e212 chore: add support for OSSF scorecard reporting (#522)
ee91374 1.20.2
368a93a Fix strict json error message on Node.js 19+
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates cookie from 0.4.1 to 0.7.2

Release notes

Sourced from cookie's releases.

v0.7.2

Fixed

Fix object assignment of hasOwnProperty (#177) bc38ffd

jshttp/cookie@v0.7.1...v0.7.2

0.7.1

Fixed

Allow leading dot for domain (#174)

Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec

Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

jshttp/cookie@v0.7.0...v0.7.1

0.7.0

perf: parse cookies ~10% faster (#144 by @kurtextrem and #170)

fix: narrow the validation of cookies to match RFC6265 (#167 by @bewinsnw)

fix: add main to package.json for rspack (#166 by @proudparrot2)

jshttp/cookie@v0.6.0...v0.7.0

0.6.0

Add partitioned option

0.5.0

Add priority option

Fix expires option to reject invalid dates

pref: improve default decode speed

pref: remove slow string split in parse

0.4.2

pref: read value only when assigning in parse

pref: remove unnecessary regexp in parse

Commits

d19eaa1 0.7.2
bc38ffd Fix object assignment of hasOwnProperty (#177)
cf4658f 0.7.1
6a8b8f5 Allow leading dot for domain (#174)
58015c0 Remove more code and perf wins (#172)
ab057d6 0.7.0
5f02ca8 Migrate history to GitHub releases
a5d591c Migrate history to GitHub releases
51968f9 Skip isNaN
9e7ca51 perf(parse): cache length, return early (#144)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.

Updates json5 from 2.2.0 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Commits

c3a7524 2.2.3
94fd06d docs: update CHANGELOG for v2.2.3
3b8cebf docs(security): use GitHub security advisories
f0fd9e1 docs: publish a security policy
6a91a05 docs(template): bug -> bug report
14f8cb1 2.2.2
10cc7ca docs: update CHANGELOG for v2.2.2
7774c10 fix: add proto to objects and arrays
edde30a Readme: slight tweak to intro
97286f8 Improve example in readme
Additional commits viewable in compare view

Updates log4js from 6.3.0 to 6.9.1

Changelog

Sourced from log4js's changelog.

6.9.1

fix(7922e82): regex for stacktrace - thanks @lamweili

addresses #1377 which has a regression since 6.8.0 from #1363 at commit 7922e82

6.9.0

feat: support for idempotent logging on browser - thanks @aellerton

addresses #968, #1270, #1288, #1372

docs: added that log4js.getLogger() may call log4js.configure() - thanks @lamweili

6.8.0

feat: added log4js.isConfigured() API - thanks @lamweili

docs: added log4js.isConfigured() - thanks @lamweili

feat(layout): support a specifier on %m - thanks @lamweili

fix: tilde expansion for windows - thanks @lamweili

docs: updated typescript usage - thanks @lamweili

test: improved test for fileAppender - thanks @lamweili

ci: generate coverage report in both text and html - thanks @lamweili

ci: replaced deprecated github set-output - thanks @lamweili

chore(deps): updated dependencies - thanks @lamweili

chore(deps): bump streamroller from 3.1.3 to 3.1.5

chore(deps): updated package-lock.json

chore(deps-dev): updated dependencies - thanks @lamweili

chore(deps-dev): bump @commitlint/cli from 17.3.0 to 17.4.4

chore(deps-dev): bump @commitlint/config-conventional from 17.3.0 to 17.4.4

chore(deps-dev): bump eslint from 8.28.0 to 8.34.0

chore(deps-dev): bump eslint-config-prettier from 8.5.0 to 8.6.0

chore(deps-dev): bump eslint-import-resolver-node from 0.3.6 to 0.3.7

chore(deps-dev): bump eslint-plugin-import from 2.26.0 to 2.27.5

chore(deps-dev): bump fs-extra from 10.1.0 to 11.1.0

chore(deps-dev): bump husky from 8.0.2 to 8.0.3

chore(deps-dev): bump prettier from 2.8.0 to 2.8.4

chore(deps-dev): bump tap from 16.3.2 to 16.3.4

chore(deps-dev): bump typescript from 4.9.3 to 4.9.5

chore(deps-dev): updated package-lock.json

chore(deps-dev): bump json5 from 1.0.1 to 1.0.2 - thanks @Dependabot

6.7.1

type: updated Configuration.levels type to allow for custom log levels - thanks @lamweili

docs: fixed typo in layouts.md - thanks @dtslvr

chore(deps-dev): updated dependencies - thanks @lamweili

chore(deps-dev): bump @commitlint/cli from 17.1.2 to 17.3.0

chore(deps-dev): bump @commitlint/config-conventional from 17.1.0 to 17.3.0

chore(deps-dev): bump eslint from 8.24.0 to 8.28.0

chore(deps-dev): bump husky from 8.0.1 to 8.0.2

chore(deps-dev): bump prettier from 2.7.1 to 2.8.0

chore(deps-dev): bump tap from 16.3.0 to 16.3.2

... (truncated)

Commits

26dcec6 6.9.1
63ae5b9 Merge pull request #1379 from log4js-node/update-docs
185fa66 docs: updated changelog for 6.9.1
ed54dc2 Merge pull request #1378 from log4js-node/1377-defaultparsecallstack-cant-par...
2628688 fix(7922e82): regex for stacktrace
b3919d8 6.9.0
7cfe8a4 Merge pull request #1376 from log4js-node/update-docs
f89e7b6 docs: updated changelog for 6.9.0
0082928 Merge pull request #1375 from log4js-node/update-docs
c0db6a4 docs: added that log4js.getLogger() may call log4js.configure()
Additional commits viewable in compare view

Updates minimist from 1.2.5 to 1.2.8

Changelog

Sourced from minimist's changelog.

v1.2.8 - 2023-02-09

Merged

[Fix] Fix long option followed by single dash [#17](https://github.com/minimistjs/minimist/issues/17)

[Tests] Remove duplicate test [#12](https://github.com/minimistjs/minimist/issues/12)

[Fix] opt.string works with multiple aliases [#10](https://github.com/minimistjs/minimist/issues/10)

Fixed

[Fix] Fix long option followed by single dash (#17) [#15](https://github.com/minimistjs/minimist/issues/15)

[Tests] Remove duplicate test (#12) [#8](https://github.com/minimistjs/minimist/issues/8)

[Fix] Fix long option followed by single dash [#15](https://github.com/minimistjs/minimist/issues/15)

[Fix] opt.string works with multiple aliases (#10) [#9](https://github.com/minimistjs/minimist/issues/9)

[Fix] Fix handling of short option with non-trivial equals [#5](https://github.com/minimistjs/minimist/issues/5)

[Tests] Remove duplicate test [#8](https://github.com/minimistjs/minimist/issues/8)

[Fix] opt.string works with multiple aliases [#9](https://github.com/minimistjs/minimist/issues/9)

Commits

Merge tag 'v0.2.3' a026794

[eslint] fix indentation and whitespace 5368ca4

[eslint] fix indentation and whitespace e5f5067

[eslint] more cleanup 62fde7d

[eslint] more cleanup 36ac5d0

[meta] add auto-changelog 73923d2

[actions] add reusable workflows d80727d

[eslint] add eslint; rules to enable later are warnings 48bc06a

[eslint] fix indentation 34b0f1c

[readme] rename and add badges 5df0fe4

[Dev Deps] switch from covert to nyc a48b128

[Dev Deps] update covert, tape; remove unnecessary tap f0fb958

[meta] create FUNDING.yml; add funding in package.json 3639e0c

[meta] use npmignore to autogenerate an npmignore file be2e038

Only apps should have lockfiles 282b570

isConstructorOrProto adapted from PR ef9153f

[Dev Deps] update @ljharb/eslint-config, aud 098873c

[Dev Deps] update @ljharb/eslint-config, aud 3124ed3

[meta] add safe-publish-latest 4b927de

[Tests] add aud in posttest b32d9bd

[meta] update repo URLs f9fdfc0

[actions] Avoid 0.6 tests due to build failures ba92fe6

[Dev Deps] update tape 950eaa7

[Dev Deps] add missing npmignore dev dep 3226afa

Merge tag 'v0.2.2' 980d7ac

v1.2.7 - 2022-10-10

Commits

... (truncated)

Commits

6901ee2 v1.2.8
a026794 Merge tag 'v0.2.3'
c0b2661 v0.2.3
63b8fee [Fix] Fix long option followed by single dash (#17)
72239e6 [Tests] Remove duplicate test (#12)
34b0f1c [eslint] fix indentation
3226afa [Dev Deps] add missing npmignore dev dep
098873c [Dev Deps] update @ljharb/eslint-config, aud
9ec4d27 [Fix] Fix long option followed by single dash
ba92fe6 [actions] Avoid 0.6 tests due to build failures
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for minimist since your current version.

Updates nanoid from 3.1.23 to 3.3.1

Changelog

Sourced from nanoid's changelog.

3.3.1

Reduced package size.

3.3

Added size argument to function from customAlphabet (by Stefan Sundin).

3.2

Added --size and --alphabet arguments to binary (by Vitaly Baev).

3.1.32

Reduced async exports size (by Artyom Arutyunyan).

Moved from Jest to uvu (by Vitaly Baev).

3.1.31

Fixed collision vulnerability on object in size (by Artyom Arutyunyan).

3.1.30

Reduced size for project with brotli compression (by Anton Khlynovskiy).

3.1.29

Reduced npm package size.

3.1.28

Reduced npm package size.

3.1.27

Cleaned dependencies from development tools.

3.1.26

Improved performance (by Eitan Har-Shoshanim).

Reduced npm package size.

3.1.25

Fixed browserify support.

3.1.24

Fixed browserify support (by Artur Paikin).

Commits

ec6f809 Release 3.3.1 version
c7d8578 Update dependencies
05b2596 Remove old tests
368a6e7 Remove process.env.NODE_ENV
ee7dee3 Remove @napi-rs/uuid to fix CI
defe20f Try to fix CI
ee85121 Try to fix CI
c7f4219 Sync English and Russian docs
f74a41d Release 3.3 version
9c09cdc Fix coverage config
Additional commits viewable in compare view

Updates mocha from 9.0.3 to 9.2.2

Release notes

Sourced from mocha's releases.

v9.2.2

9.2.2 / 2022-03-11

Please also note our announcements.

🐛 Fixes

#4842: Loading of reporter throws wrong error (@juergba)

#4839: dry-run: prevent potential call-stack crash (@juergba)

🔩 Other

#4843: Update production dependencies (@juergba)

v9.2.1

9.2.1 / 2022-02-19

Please also note our announcements.

🐛 Fixes

#4832: Loading of config files throws wrong error (@juergba)

#4799: Reporter: configurable maxDiffSize reporter-option (@norla)

v9.2.0

9.2.0 / 2022-01-24

Please also note our announcements.

🎉 Enhancements

#4813: Parallel: assign each worker a worker-id (@forty)

🔩 Other

#4818: Update production dependencies (@juergba)

v9.1.4

9.1.4 / 2022-01-14

Please also note our announcements.

🐛 Fixes

#4807: import throws wrong error if loader is used (@giltayar)

🔩 Other

... (truncated)

Changelog

Sourced from mocha's changelog.

9.2.2 / 2022-03-11

🐛 Fixes

#4842: Loading of reporter throws wrong error (@juergba)

#4839: dry-run: prevent potential call-stack crash (@juergba)

🔩 Other

#4843: Update production dependencies (@juergba)

9.2.1 / 2022-02-19

🐛 Fixes

#4832: Loading of config files throws wrong error (@juergba)

#4799: Reporter: configurable maxDiffSize reporter-option (@norla)

9.2.0 / 2022-01-24

🎉 Enhancements

#4813: Parallel: assign each worker a worker-id (@forty)

🔩 Other

#4818: Update production dependencies (@juergba)

9.1.4 / 2022-01-14

🐛 Fixes

#4807: import throws wrong error if loader is used (@giltayar)

🔩 Other

#4777: Add Node v17 to CI test matrix (@outsideris)

9.1.3 / 2021-10-15

🐛 Fixes

#4769: Browser: re-enable bdd ES6 style import (@juergba)

🔩 Other

#4764: Revert deprecation of EVENT_SUITE_ADD_* events (@beatfactor)

... (truncated)

Commits

24b5243 build(v9.2.2): release
22a1560 build(v9.2.2): update CHANGELOG [ci skip]
632e602 chore: update dependencies (#4843)
241964b fix: wrong error thrown while loading reporter (#4842)
22f9306 fix(dry-run): potential call-stack crash with 'dry-run' option (#4839)
547ffd7 build(v9.2.1): release
ca7432a build(v9.2.1): update CHANGELOG [ci skip]
86305cf fix: wrong error thrown while loading config files (#4832)
11c4560 fix: configurable max diff size (#4799)
509938d doc: fix to show sponsors in narrow view (#4793)
Additional commits viewable in compare view

Updates qs from 6.7.0 to 6.13.0

Changelog

Sourced from qs's changelog.

6.13.0

[New] parse: add strictDepth option (#511)

[Tests] use npm audit instead of aud

6.12.3

[Fix] parse: properly account for strictNullHandling when allowEmptyArrays

[meta] fix changelog indentation

6.12.2

[Fix] parse: parse encoded square brackets (#506)

[readme] add CII best practices badge

6.12.1

[Fix] parse: Disable decodeDotInKeys by default to restore previous behavior (#501)

[Performance] utils: Optimize performance under large data volumes, reduce memory usage, and speed up processing (#502)

[Refactor] utils: use +=

[Tests] increase coverage

6.12.0

[New] parse/stringify: add decodeDotInKeys/encodeDotKeys options (#488)

[New] parse: add duplicates option

[New] parse/stringify: add allowEmptyArrays option to allow [] in object values (#487)

[Refactor] parse/stringify: move allowDots config logic to its own variable

[Refactor] stringify: move option-handling code into normalizeStringifyOptions

[readme] update readme, add logos (#484)

[readme] stringify: clarify default arrayFormat behavior

[readme] fix line wrapping

[readme] remove dead badges

[Deps] update side-channel

[meta] make the dist build 50% smaller

[meta] add sideEffects flag

[meta] run build in prepack, not prepublish

[Tests] parse: remove useless tests; add coverage

[Tests] stringify: increase coverage

[Tests] use mock-property

[Tests] stringify: improve coverage

[Dev Deps] update @ljharb/eslint-config , aud, has-override-mistake, has-property-descriptors, mock-property, npmignore, object-inspect, tape

[Dev Deps] pin glob, since v10.3.8+ requires a broken jackspeak

[Dev Deps] pin jackspeak since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6

6.11.2

[Fix] parse: Fix parsing when the global Object prototype is frozen (#473)

[Tests] add passing test cases with empty keys (#473)

6.11.1

[Fix] stringify: encode comma values more consistently (#463)

[readme] add usage of filter option for injecting custom serialization, i.e. of custom types (#447)

[meta] remove extraneous code backticks (#457)

[meta] fix changelog markdown

... (truncated)

Commits

5cf516c v6.13.0
8d56df2 [New] parse: add strictDepth option
c9a6694 [Tests] use npm audit instead of aud
f90cc35 v6.12.3
1bf9f7a [Fix] parse: properly account for strictNullHandling when allowEmptyArrays
7ebf48b [meta] fix changelog indentation
d0dff11 v6.12.2
f0b8d03 [Dev Deps] update @ljharb/eslint-config, object-inspect, tape
81835ff [Fix]: parse: parse encoded square brackets
db47dcc [readme] add CII best practices badge
Additional commits viewable in compare view

Updates socket.io from 3.1.2 to 4.8.0

Release notes

Sourced from socket.io's releases.

[email protected]

Features

Custom transport implementations

The transports option now accepts an array of transport implementations:
import { io } from "socket.io-client";
import { XHR, WebSocket } from "engine.io-client";
const socket = io({
transports: [XHR, WebSocket]
});
Here is the list of provided implementations:

Transport Description

Fetch HTTP long-polling based on the built-in fetch() method.

NodeXHR HTTP long-polling based on the XMLHttpRequest object provided by the xmlhttprequest-ssl package.

XHR HTTP long-polling based on the built-in XMLHttpRequest object.

NodeWebSocket WebSocket transport based on the WebSocket object provided by the ws package.

WebSocket WebSocket transport based on the built-in WebSocket object.

WebTransport WebTransport transport based on the built-in WebTransport object.

Usage:

Transport browser Node.js Deno Bun

Fetch ✅ ✅ (1) ✅ ✅

NodeXHR ✅ ✅ ✅

XHR ✅

NodeWebSocket ✅ ✅ ✅

WebSocket ✅ ✅ (2) ✅ ✅

WebTransport ✅ ✅

(1) since v18.0.0 (2) since v21.0.0

Added in f4d898e and b11763b.

Test each low-level transports

When setting the tryAllTransports option to true, if the first transport (usually, HTTP long-polling) fails, then the other transports will be tested too:
import { io } from "socket.io-client";
</tr></table> 

... (truncated)

Commits

d0fc720 chore(release): [email protected]
4a0555c chore(release): [email protected]
2b60df1 chore(release): [email protected]
d4cb375 ci: ignore tests when publishing to npm
c251ae7 chore(release): [email protected]
8a2f5a3 fix(eio-client): move 'offline' event listener at the top
b04fa64 fix(sio): allow to join a room in a middleware (uws)
7085f0e refactor(sio-client): mangle private attributes
4f66708 chore(sio-client): use babel loose mode when transpiling classes

Bumps the npm_and_yarn group with 12 updates: | Package | From | To | | --- | --- | --- | | [karma](https://github.com/karma-runner/karma) | `6.3.4` | `6.4.4` | | [body-parser](https://github.com/expressjs/body-parser) | `1.19.0` | `1.20.3` | | [cookie](https://github.com/jshttp/cookie) | `0.4.1` | `0.7.2` | | [json5](https://github.com/json5/json5) | `2.2.0` | `2.2.3` | | [log4js](https://github.com/log4js-node/log4js-node) | `6.3.0` | `6.9.1` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.5` | `1.2.8` | | [nanoid](https://github.com/ai/nanoid) | `3.1.23` | `3.3.1` | | [mocha](https://github.com/mochajs/mocha) | `9.0.3` | `9.2.2` | | [qs](https://github.com/ljharb/qs) | `6.7.0` | `6.13.0` | | [socket.io](https://github.com/socketio/socket.io) | `3.1.2` | `4.8.0` | | [socket.io-parser](https://github.com/Automattic/socket.io-parser) | `4.0.4` | `4.2.4` | | [ws](https://github.com/websockets/ws) | `7.4.6` | `8.17.1` | Updates `karma` from 6.3.4 to 6.4.4 - [Release notes](https://github.com/karma-runner/karma/releases) - [Changelog](https://github.com/karma-runner/karma/blob/master/CHANGELOG.md) - [Commits](karma-runner/karma@v6.3.4...v6.4.4) Updates `body-parser` from 1.19.0 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.19.0...1.20.3) Updates `cookie` from 0.4.1 to 0.7.2 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](jshttp/cookie@v0.4.1...v0.7.2) Updates `json5` from 2.2.0 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.0...v2.2.3) Updates `log4js` from 6.3.0 to 6.9.1 - [Changelog](https://github.com/log4js-node/log4js-node/blob/master/CHANGELOG.md) - [Commits](log4js-node/log4js-node@v6.3.0...v6.9.1) Updates `minimist` from 1.2.5 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.8) Updates `nanoid` from 3.1.23 to 3.3.1 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.23...3.3.1) Updates `mocha` from 9.0.3 to 9.2.2 - [Release notes](https://github.com/mochajs/mocha/releases) - [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md) - [Commits](mochajs/mocha@v9.0.3...v9.2.2) Updates `qs` from 6.7.0 to 6.13.0 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.7.0...v6.13.0) Updates `socket.io` from 3.1.2 to 4.8.0 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md) - [Commits](https://github.com/socketio/socket.io/compare/[email protected]) Updates `socket.io-parser` from 4.0.4 to 4.2.4 - [Release notes](https://github.com/Automattic/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/4.2.4/CHANGELOG.md) - [Commits](socketio/socket.io-parser@4.0.4...4.2.4) Updates `ws` from 7.4.6 to 8.17.1 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@7.4.6...8.17.1) --- updated-dependencies: - dependency-name: karma dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: body-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookie dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: log4js dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: nanoid dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: mocha dependency-type: direct:development dependency-group: npm_and_yarn - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: ws dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-10-11T05:54:01Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot requested a review from a team as a code owner October 10, 2024 01:28

dependabot bot added the dependencies Pull requests that update a dependency file label Oct 10, 2024

dependabot bot closed this Oct 11, 2024

dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-ae2a9bb460 branch October 11, 2024 05:54

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group with 12 updates #78

Bump the npm_and_yarn group with 12 updates #78

dependabot bot commented on behalf of github Oct 10, 2024 •

edited

Loading

dependabot bot commented on behalf of github Oct 11, 2024

Transport	Description
`Fetch`	HTTP long-polling based on the built-in `fetch()` method.
`NodeXHR`	HTTP long-polling based on the `XMLHttpRequest` object provided by the `xmlhttprequest-ssl` package.
`XHR`	HTTP long-polling based on the built-in `XMLHttpRequest` object.
`NodeWebSocket`	WebSocket transport based on the `WebSocket` object provided by the `ws` package.
`WebSocket`	WebSocket transport based on the built-in `WebSocket` object.
`WebTransport`	WebTransport transport based on the built-in `WebTransport` object.

Transport	browser	Node.js	Deno	Bun
`Fetch`	✅	✅ (1)	✅	✅
`NodeXHR`		✅	✅	✅
`XHR`	✅
`NodeWebSocket`		✅	✅	✅
`WebSocket`	✅	✅ (2)	✅	✅
`WebTransport`	✅	✅

Bump the npm_and_yarn group with 12 updates #78

Bump the npm_and_yarn group with 12 updates #78

Conversation

dependabot bot commented on behalf of github Oct 10, 2024 • edited Loading

v6.4.4

6.4.4 (2024-07-29)

v6.4.3

6.4.3 (2024-02-24)

Bug Fixes

v6.4.2

6.4.2 (2023-04-21)

Bug Fixes

v6.4.1

6.4.1 (2022-09-19)

Bug Fixes

v6.4.0

6.4.0 (2022-06-14)

Features

v6.3.20

6.3.20 (2022-05-13)

Bug Fixes

v6.3.19

6.3.19 (2022-04-19)

Bug Fixes

6.4.4 (2024-07-29)

6.4.3 (2024-02-24)

Bug Fixes

6.4.2 (2023-04-21)

Bug Fixes

6.4.1 (2022-09-19)

Bug Fixes

6.4.0 (2022-06-14)

Features

6.3.20 (2022-05-13)

Bug Fixes

6.3.19 (2022-04-19)

Bug Fixes

6.3.18 (2022-04-13)

Bug Fixes

1.20.3

What's Changed

Important

Other changes

New Contributors

1.20.2

1.20.1

1.20.0

1.20.3 / 2024-09-10

1.20.2 / 2023-02-21

1.20.1 / 2022-10-06

1.20.0 / 2022-04-02

1.19.2 / 2022-02-15

1.19.1 / 2021-12-10

v0.7.2

0.7.1

0.7.0

0.6.0

0.5.0

0.4.2

v2.2.3

v2.2.2

v2.2.1

v2.2.3 [code, diff]

v2.2.2 [code, diff]

v2.2.1 [code, diff]

6.9.1

6.9.0

6.8.0

6.7.1

v1.2.8 - 2023-02-09

Merged

Fixed

Commits

v1.2.7 - 2022-10-10

Commits

3.3.1

3.3

3.2

3.1.32

3.1.31

dependabot bot commented on behalf of github Oct 10, 2024 •

edited

Loading