[Snyk] Upgrade: chai, express, mocha, supertest #49
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade:
- chai from 5.0.3 to 5.1.1.
See this package in npm: https://www.npmjs.com/package/chai
- express from 4.18.3 to 4.19.2.
See this package in npm: https://www.npmjs.com/package/express
- mocha from 10.2.0 to 10.7.3.
See this package in npm: https://www.npmjs.com/package/mocha
- supertest from 6.3.4 to 7.0.0.
See this package in npm: https://www.npmjs.com/package/supertest
See this project in Snyk:
https://app.snyk.io/org/cachiman/project/4d1044f9-3fc1-4812-b3b4-f000c5bd7ea7?utm_source=github&utm_medium=referral&page=upgrade-pr
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯 The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
chai
⚠️ This is a major version upgrade, and may be a breaking change | 5 months ago
from 5.0.3 to 5.1.1 | 2 versions ahead of your current version | 4 months ago
on 2024-05-09
express
from 4.18.3 to 4.19.2 | 3 versions ahead of your current version | 6 months ago
on 2024-03-25
mocha
from 10.2.0 to 10.7.3 | 10 versions ahead of your current version | a month ago
on 2024-08-09
supertest
from 6.3.4 to 7.0.0 | 1 version ahead of your current version
on 2024-04-24
Issues fixed by the recommended upgrade:
SNYK-JS-BODYPARSER-7926860
SNYK-JS-BRACES-6838727
SNYK-JS-EXPRESS-6474509
SNYK-JS-EXPRESS-7926867
SNYK-JS-PATHTOREGEXP-7925106
SNYK-JS-SERIALIZEJAVASCRIPT-6147607
SNYK-JS-SEND-7926862
SNYK-JS-SERVESTATIC-7926865
Release notes
Package name: chai
-
5.1.1 - 2024-05-09
- Set up ESLint for JSDoc comments by @ koddsson in #1605
- build(deps-dev): bump ip from 1.1.8 to 1.1.9 by @ dependabot in #1608
- Correct Mocha import instructions by @ MattiSG in #1611
- fix: support some virtual contexts in
- @ MattiSG made their first contribution in #1611
-
5.1.0 - 2024-02-12
- Remove useless guards and add parentheses to constuctors by @ koddsson in #1593
- Cleanup jsdoc comments by @ koddsson in #1596
- Convert comments in "legal comments" format to jsdoc or normal comments by @ koddsson in #1598
- Implement
- Assert interface fix by @ developer-bandi in #1601
- Set support in same members by @ koddsson in #1583
- Fix publish script by @ koddsson in #1602
- @ developer-bandi made their first contribution in #1601
-
5.0.3 - 2024-01-25
from chai GitHub release notesWhat's Changed
toThrowby @ 43081j in #1609New Contributors
Full Changelog: v5.1.0...v5.1.1
What's Changed
iterableassertion by @ koddsson in #1592New Contributors
Full Changelog: v5.0.3...v5.1.0
Fix bad v5.0.2 publish.
Full Changelog: v5.0.2...v5.0.3
Package name: express
-
4.19.2 - 2024-03-25
-
4.19.1 - 2024-03-20
- Fix ci after location patch by @ wesleytodd in #5552
- fixed un-edited version in history.md for 4.19.0 by @ wesleytodd in #5556
-
4.19.0 - 2024-03-20
- fix typo in release date by @ UlisesGascon in #5527
- docs: nominating @ wesleytodd to be project captian by @ wesleytodd in #5511
- docs: loosen TC activity rules by @ wesleytodd in #5510
- Add note on how to update docs for new release by @ crandmck in #5541
- Prevent open redirect allow list bypass due to encodeurl
- Release 4.19.0 by @ wesleytodd in #5551
- @ crandmck made their first contribution in #5541
-
4.18.3 - 2024-02-29
- Fix routing requests without method
- deps: [email protected]
- Fix strict json error message on Node.js 19+
- deps: content-type@~1.0.5
- deps: [email protected]
- Use https: protocol instead of deprecated git: protocol by @ vcsjones in #5032
- build: [email protected] and [email protected] by @ abenhamdine in #5034
- ci: update actions/checkout to v3 by @ armujahid in #5027
- test: remove unused function arguments in params by @ raksbisht in #5124
- Remove unused originalIndex from acceptParams by @ raksbisht in #5119
- Fixed typos by @ raksbisht in #5117
- examples: remove unused params by @ raksbisht in #5113
- fix: parameter str is not described in JSDoc by @ raksbisht in #5130
- fix: typos in History.md by @ raksbisht in #5131
- build : add [email protected] by @ abenhamdine in #5028
- test: remove unused function arguments in params by @ raksbisht in #5137
- use random port in test so it won't fail on already listening by @ rluvaton in #5162
- tests: use cb() instead of done() by @ kristof-low in #5233
- examples: remove multipart example by @ riddlew in #5195
- Update support Node.js@18 in the CI by @ UlisesGascon in #5490
- Fix favicon-related bug in cookie-sessions example by @ DmytroKondrashov in #5414
- Release 4.18.3 by @ UlisesGascon in #5505
- @ vcsjones made their first contribution in #5032
- @ abenhamdine made their first contribution in #5034
- @ armujahid made their first contribution in #5027
- @ raksbisht made their first contribution in #5124
- @ rluvaton made their first contribution in #5162
- @ kristof-low made their first contribution in #5233
- @ riddlew made their first contribution in #5195
- @ DmytroKondrashov made their first contribution in #5414
from express GitHub release notesWhat's Changed
Full Changelog: 4.19.0...4.19.1
What's Changed
New Contributors
Full Changelog: 4.18.3...4.19.0
Main Changes
Other Changes
New Contributors
Full Changelog: 4.18.2...4.18.3
Package name: mocha
-
10.7.3 - 2024-08-09
- make release-please build work (#5194) (afd66ef)
-
10.7.0 - 2024-07-20
- feat: add option to not fail on failing test suite by @ ilgonmic in #4771
- @ ilgonmic made their first contribution in #4771
-
10.6.1 - 2024-07-20
- fix: do not exit when only unref'd timer is present in test code by @ boneskull in #3825
- fix: support canonical module by @ JacobLey in #5040
-
10.6.0 - 2024-07-02
- feat: allow ^ versions for character encoding packages by @ JoshuaKGoldberg in #5150
- feat: allow ^ versions for yargs packages by @ JoshuaKGoldberg in #5152
- feat: allow ^ versions for file matching packages by @ JoshuaKGoldberg in #5151
- feat: allow ^ versions for data serialization packages by @ JoshuaKGoldberg in #5153
- feat: allow ^ versions for miscellaneous packages by @ JoshuaKGoldberg in #5154
-
10.5.2 - 2024-06-26
- fix: better tracking of seen objects in error serialization by @ sam-super in #5032
- @ sam-super made their first contribution in #5032
-
10.5.1 - 2024-06-25
- fix: Add error handling for nonexistent file case with --file option by @ khoaHyh in #5086
- @ khoaHyh made their first contribution in #5086
-
10.5.0 - 2024-06-24
- #5015 feat: use <progress> and <svg> for browser progress indicator instead of <canvas> (@ yourWaifu)
- #5143 feat: allow using any 3.x chokidar dependencies (@ simhnna)
- #4835 feat: add MOCHA_OPTIONS env variable (@ icholy)
- #5107 fix: include stack in browser uncaught error reporting (@ JoshuaKGoldberg)
- #5110 chore: switch two-column list styles to be opt-in (@ marjys)
- #5135 chore: fix some typos in comments (@ StevenMia)
- #5130 chore: rename 'master' to 'main' in docs and tooling (@ JoshuaKGoldberg)
-
10.4.0 - 2024-03-26
- #4829 feat: include
- #4985 feat: add file path to xunit reporter (@ bmish)
- #5074 fix: harden error handling in
- #5077 chore: add mtfoley/pr-compliance-action (@ JoshuaKGoldberg)
- #5060 chore: migrate ESLint config to flat config (@ JoshuaKGoldberg)
- #5095 chore: revert #5069 to restore Netlify builds (@ voxpelli)
- #5097 docs: add sponsored to sponsorship link rels (@ JoshuaKGoldberg)
- #5093 chore: add 'status: in triage' label to issue templates and docs (@ JoshuaKGoldberg)
- #5083 docs: fix CHANGELOG.md headings to start with a root-level h1 (@ JoshuaKGoldberg)
- #5100 chore: fix header generation and production build crashes (@ JoshuaKGoldberg)
- #5104 chore: bump ESLint ecmaVersion to 2020 (@ JoshuaKGoldberg)
- #5116 fix: eleventy template builds crash with 'unexpected token at ": string, msg..."' (@ LcsK)
- #4869 docs: fix documentation concerning glob expansion on UNIX (@ binki)
- #5122 test: fix xunit integration test (@ voxpelli)
- #5123 chore: activate dependabot for workflows (@ voxpelli)
- #5125 build(deps): bump the github-actions group with 2 updates (@ dependabot)
-
10.3.0 - 2024-02-08
-
10.3.0-preminor.0 - 2024-01-30
-
10.2.0 - 2022-12-11
from mocha GitHub release notes10.7.3 (2024-08-09)
🩹 Fixes
What's Changed
New Contributors
Full Changelog: v10.6.1...v10.7.0
What's Changed
Full Changelog: v10.6.0...v10.6.1
What's Changed
Full Changelog: v10.5.2...v10.6.0
What's Changed
New Contributors
Full Changelog: v10.5.1...v10.5.2
What's Changed
New Contributors
Full Changelog: v10.5.0...v10.5.1
🎉 Enhancements
🐛 Fixes
🔩 Other
10.4.0 / 2024-03-26
🎉 Enhancements
.causestacks in the error stack traces (@ voxpelli)🐛 Fixes
lib/cli/run.js(@ stalet)🔩 Other
Package name: supertest
-
7.0.0 - 2024-04-24
- Merge pull request #834 from Bruception/master 225118c
- Fix TestAgent not inheriting Agent properties f290431
- fix: bump deps, drop Node.js v<14.16.0 1e18c20
-
6.3.4 - 2024-01-14
- chore: bump deps, remove yarn.lock bc4398a
- chore: bump deps c823515
- Merge pull request #811 from ladjs/dependabot/npm_and_yarn/cookiejar-2.1.4 37017b3
- Merge pull request #814 from siddtheone/patch-1 6b41374
- Merge pull request #828 from 9renpoto/9renpoto-patch-1 0ff9c02
- si/visionmedia/ladjs/ 2cba6d4
- Update package.json 79a69b6
- Merge pull request #821 from yunnysunny/feature/ci-fix c1b8f9d
- ci: fix broken github action cache saving 5d48749
- Merge pull request #818 from lamweili/patch-1 25920e7
- docs: fixed links (for #621) 3767f9e
- Update README.md b81d3a4
- Removing unused import 4b372eb
- chore(deps): bump cookiejar from 2.1.3 to 2.1.4 ac9327f
- Merge pull request #646 from dtom90/patch-1 44d5d72
- Merge pull request #621 from RichieRunner/patch-1 d91ff37
- Update index.js function definition 9ee6a1b
- Update README.md 13a2b44
from supertest GitHub release notesv6.3.4...v7.0.0
v6.3.3...v6.3.4
Important