This repository has been archived by the owner on Feb 8, 2024. It is now read-only.
fix(deps): update all non-major dependencies (minor) #452
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
SocialGroovyBot
added a commit
that referenced
this pull request
Feb 20, 2021
## [2.2.4](v2.2.3...v2.2.4) (2021-02-20) ### Bug Fixes * **deps:** update all non-major dependencies ([#452](#452)) ([57a6700](57a6700))
|
🎉 This PR is included in version 2.2.4 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
^5.29.2->^5.30.0^5.29.2->^5.30.0^5.29.2->^5.30.0^4.7.11->^4.8.2^7.15.0->^7.20.0^15.4.0->^15.5.0^3.3.0->^3.4.014.13.1-alpine3.12->14.15.5-alpine3.12^1.4.3->^1.5.0^3.2.4->^3.3.0Release Notes
getsentry/sentry-javascript
v5.30.0Compare Source
SocialGouv/kosko-charts
v4.8.2Compare Source
Bug Fixes
v4.8.1Compare Source
Bug Fixes
v4.8.0Compare Source
Features
4.7.11 (2021-02-14)
Bug Fixes
4.7.10 (2021-02-12)
Bug Fixes
4.7.9 (2021-02-12)
Bug Fixes
4.7.8 (2021-02-10)
Bug Fixes
4.7.7 (2021-02-09)
Bug Fixes
4.7.6 (2021-02-07)
Bug Fixes
4.7.5 (2021-02-05)
Bug Fixes
4.7.4 (2021-02-04)
Bug Fixes
4.7.3 (2021-02-04)
Bug Fixes
4.7.2 (2021-02-03)
Bug Fixes
4.7.1 (2021-01-31)
Bug Fixes
eslint/eslint
v7.20.0Compare Source
f4ac3b0Docs: fix sibling selector descriptions (#14099) (Milos Djermanovic)9d6063aFix: Crash with esquery when using JSX (fixes #13639) (#14072) (Yosuke Ota)a0871f1Docs: Triage process (#14014) (Nicholas C. Zakas)ad90761Update: add enforceForJSX option to no-unused-expressions rule (#14012) (Duncan Beevers)d6c84afFix:--initautoconfig shouldn't add deprecated rules (fixes #14017) (#14060) (Milos Djermanovic)9b277a1Fix: Support ENOTDIR error code in the folder existence checking utility (#13973) (Constantine Genchevsky)7aeb127Upgrade: pin @babel/code-frame@7.12.11 (#14067) (Milos Djermanovic)b4e2af5Docs: Add more fields to bug report template (#14039) (Nicholas C. Zakas)96f1d49Sponsors: Sync README with website (ESLint Jenkins)cb27b0aBuild: package.json update for eslint-config-eslint release (ESLint Jenkins)4cab165Sponsors: Sync README with website (ESLint Jenkins)v7.19.0Compare Source
ce7f061Update: add shadowed variable loc to message in no-shadow (fixes #13646) (#13841) (t-mangoe)c60e23fUpdate: fixletlogic in for-in and for-of loops in no-extra-parens (#14011) (Milos Djermanovic)d76e8f6Fix: no-useless-rename invalid autofix with parenthesized identifiers (#14032) (Milos Djermanovic)5800d92Docs: Clarify stylistic rule update policy (#14052) (Brandon Mills)0ccf6d2Docs: remove configuring.md (#14036) (Milos Djermanovic)65bb0abChore: Clean up new issue workflow (#14040) (Nicholas C. Zakas)e1da90fFix: nested indenting for offsetTernaryExpressions: true (fixes #13971) (#13972) (Chris Brody)1a078b9Update: check ternary:even if?was reported in space-infix-ops (#13963) (Milos Djermanovic)fb27422Fix: extend prefer-const fixer range to whole declaration (fixes #13899) (#14033) (Nitin Kumar)e0b05c7Docs: add a correct example to no-unsafe-optional-chaining (refs #14029) (#14050) (armin yahya)46e836dSponsors: Sync README with website (ESLint Jenkins)3fc4fa4Docs: update configuring links (#14038) (Milos Djermanovic)8561c21Docs: fix broken links in configuring/README.md (#14046) (Milos Djermanovic)1c309ebUpdate: fix no-invalid-regexp false negatives with no flags specified (#14018) (Milos Djermanovic)f6602d5Docs: Reorganize Configuration Documentation (#13837) (klkhan)c753b44Sponsors: Sync README with website (ESLint Jenkins)a4fdb70Docs: Fixed Typo (#14007) (Yash Singh)f7ca481Docs: Explain why we disable lock files (refs eslint/tsc-meetings#234) (#14006) (Brandon Mills)v7.18.0Compare Source
e3264b2Upgrade: @eslint/eslintrc to improve error message for invalid extends (#14009) (Milos Djermanovic)f17c3c3Update: check logical assignment operators in the complexity rule (#13979) (Milos Djermanovic)672deb0Docs: fix no-invalid-regexp docs regarding ecmaVersion (#13991) (Milos Djermanovic)179a910Fix: --init crash on question to upgrade/downgrade ESLint (fixes #13978) (#13995) (Milos Djermanovic)292b1c0Fix: no-extra-parens false positive withletidentifier in for-loop (#13981) (Milos Djermanovic)de61f94Sponsors: Sync README with website (ESLint Jenkins)9250d16Upgrade: Bump lodash to fix security issue (#13993) (Frederik Prijck)75fea9bSponsors: Sync README with website (ESLint Jenkins)f2687e7Docs: update space-in-parens related rules (#13985) (Chris Brody)4a38bbeDocs: space-in-parens examples with no arguments etc. (#13987) (Chris Brody)3e49169Sponsors: Sync README with website (ESLint Jenkins)c5bf1f2Sponsors: Sync README with website (ESLint Jenkins)98a729cSponsors: Sync README with website (ESLint Jenkins)e83a696Sponsors: Sync README with website (ESLint Jenkins)78cb483Chore: testfoo( )with space-in-parens option "always" (#13986) (Chris Brody)f6948f6Docs: Update semantic versioning policy (#13970) (Nicholas C. Zakas)0688212Sponsors: Sync README with website (ESLint Jenkins)aeba5e5Chore: fix typo (#13975) (Nitin Kumar)4ee1134Sponsors: Sync README with website (ESLint Jenkins)v7.17.0Compare Source
e128e77Update: check logical assignment in no-constant-condition (#13946) (Milos Djermanovic)cc48713Chore: refactor calculating range and loc in no-useless-escape (#13964) (Milos Djermanovic)535fe47Update: use regexpp's default ecmaVersion in no-control-regex (#13969) (Milos Djermanovic)83e98cdFix: use regexpp's default ecmaVersion in no-invalid-regexp (#13968) (Milos Djermanovic)7297363Docs: fix examples for no-multi-str (#13966) (Milos Djermanovic)0649871Update: add autofix to rule multiline-ternary (#13958) (薛定谔的猫)f6e7e32Fix: no-useless-escape wrong loc and fix with CRLF in template elements (#13953) (Milos Djermanovic)19c69c0Fix: one-var shouldn't split declaration if it isn't in a statement list (#13959) (Milos Djermanovic)e451b96Docs: update build tool for webpack (#13962) (Sam Chen)c3e9accChore: fix typos (#13960) (YeonJuan)7289ecfSponsors: Sync README with website (ESLint Jenkins)v7.16.0Compare Source
a62ad6fUpdate: fix false negative of no-extra-parens with NewExpression (#13930) (Milos Djermanovic)f85b4c7Fix: require-atomic-updates false positive across await (fixes #11954) (#13915) (buhi)301d0c0Fix: no-constant-condition false positives with unary expressions (#13927) (Milos Djermanovic)555c128Fix: false positive with await and ** in no-extra-parens (fixes #12739) (#13923) (Milos Djermanovic)d93c935Docs: update JSON Schema links (#13936) (Milos Djermanovic)8d0c93aUpgrade: [email protected] (#13920) (Rouven Weßling)9247683Docs: Remove for deleted npm run profile script (#13931) (Brandon Mills)ab240d4Fix: prefer-exponentiation-operator invalid autofix with await (#13924) (Milos Djermanovic)dc76911Chore: Add .pre-commit-hooks.yaml file (#13628) (Álvaro Mondéjar)2124e1bDocs: Fix wrong rule name (#13913) (noisyboy25)06b5809Sponsors: Sync README with website (ESLint Jenkins)26fc12fDocs: Update README team and sponsors (ESLint Jenkins)graphql/graphql-js
v15.5.0Compare Source
v15.5.0 (2021-01-26)
Bug Fix 🐞
Docs 📝
Polish 💅
7 PRs were merged
Internal 🏠
7 PRs were merged
Dependency 📦
5 PRs were merged
Committers: 3
prisma/graphql-request
v3.4.0Compare Source
Features
952e972Support per-request headers (#33) (#228)Chores
e4b3932fix typo in README.md (#231)nodejs/node
v14.15.5Compare Source
Notable Changes
dfcf1e8(Michaël Zasso) #37245Commits
20b1e6c802] - deps: V8: backportdfcf1e8(Michaël Zasso) #37245408c7a65f3] - deps: upgrade npm to 6.14.11 (Ruy Adorno) #37173017eed665b] - http: do not loop over prototype in Agent (Michaël Zasso) #3641025a3204fe2] - http: don't cork .end when not needed (Dimitris Halatsis) #366332a1e4e9244] - stream: accept iterable as a valid first argument (ZiJian Liu) #364799ff73fcdbe] - stream,zlib: do not use _stream_* anymore (Matteo Collina) #36618c03cddb46f] - test: http complete response after socket double end (Dimitris Halatsis) #36633f206505e9d] - util: fix instanceof checks with null prototypes during inspection (Ruben Bridgewater) #361782f7944b18b] - util: fix module prefixes during inspection (Ruben Bridgewater) #36178v14.15.4Compare Source
This is a security release.
Notable Changes
Vulnerabilities fixed:
CVE-2020-1971: OpenSSL - EDIPARTYNAME NULL pointer de-reference (High)
Node.js. You can read more about it in
https://www.openssl.org/news/secadv/20201208.txt
CVE-2020-8265: use-after-free in TLSWrap (High)
its TLS implementation. When writing to a TLS enabled socket,
node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly
allocated WriteWrap object as first argument. If the DoWrite method
does not return an error, this object is passed back to the caller as
part of a StreamWriteResult structure. This may be exploited to
corrupt memory leading to a Denial of Service or potentially other
exploits.
CVE-2020-8287: HTTP Request Smuggling in nodejs (Low)
a http request. For example, two Transfer-Encoding header fields. In
this case Node.js identifies the first header field and ignores the
second. This can lead to HTTP Request Smuggling
(https://cwe.mitre.org/data/definitions/444.html).
Commits
305c0f4977] - deps: upgrade npm to 6.14.10 (Ruy Adorno) #36571d62c650f75] - deps: update archs files for OpenSSL-1.1.1i (Myles Borins) #365212de2672eb5] - deps: upgrade openssl sources to 1.1.1i (Myles Borins) #365217ecac8143f] - http: add test for http transfer encoding smuggling (Matteo Collina) nodejs-private/node-private#228641f786bb1] - http: unsetF_CHUNKEDon newTransfer-Encoding(Matteo Collina) nodejs-private/node-private#2284f8772f9b7] - src: retain pointers to WriteWrap/ShutdownWrap (James M Snell) nodejs-private/node-private#23v14.15.3Compare Source
Notable Changes
Node.js v14.15.2 included a commit that has caused reported breakages when cloning request objects. This release reverts the commit that introduced the behaviour change. See #36550 for more details.
Commits
4264d9aa67] - Revert "http: lazy create IncomingMessage.headers" (Beth Griggs) #36553v14.15.2Compare Source
Notable Changes
Commits
c508bfc66b] - assert: refactor to use more primordials (Antoine du Hamel) #35998a9d3a0df29] - assert,repl: enable ecmaVersion 2021 in acorn parser (Michaël Zasso) #358276d43c8dd69] - async_hooks: refactor to use more primordials (Antoine du Hamel) #36168029ea16a24] - async_hooks: fix leak in AsyncLocalStorage exit (Stephen Belanger) #35779d49e0ca73a] - benchmark: fix build warnings (Gabriel Schulhof) #36157d027be0551] - benchmark: ignore build artifacts for napi addons (Richard Lau) #35970fdb1c0d31c] - benchmark: remove modules that require intl (Richard Lau) #35968f6487960b5] - benchmark: make the benchmark tool work with Node 10 (Joyee Cheung) #3581721d3ccf5df] - benchmark: add startup benchmark for loading public modules (Joyee Cheung) #358160477e000bf] - bootstrap: refactor to use more primordials (Antoine du Hamel) #35999699bb348d9] - build: replace which with command -v (raisinten) #36118304e269001] - build: try “python3” as a last resort for 3.x (Ole André Vadla Ravnås) #359836bafe04911] - build: conditionally clear vcinstalldir (Brian Ingenito) #36009f498127c41] - build: fix zlib inlining for IA-32 (raisinten) #35679f33fa264cc] - build: fix lint-js-fix target (Antoine du Hamel) #3592767d31827ac] - build: add vcbuilt test-doc target (Antoine du Hamel) #357082a8c2ddcb1] - build: add license-builder GitHub Action (Tierney Cyren) #357126c61b9372b] - build: use make functions instead of echo (Antoine du Hamel) #357074813d913e3] - build: use GITHUB_ENV file to set env variables (Michaël Zasso) #3563871e0f33751] - build: do not install jq in workflows (Michaël Zasso) #356388ab7f258d4] - build, tools: look for local installation of NASM (Richard Lau) #3601450552facb7] - build,tools: gitHub Actions: use Node.js Fermium (Antoine du Hamel) #3584077b7c985f6] - build,tools: add lint-js-doc target (Antoine du Hamel) #35708929e1272ee] - cluster: refactor to use more primordials (Antoine du Hamel) #36011568e6177c9] - console: use more primordials (Antoine du Hamel) #357346cea3152fe] - deps: upgrade npm to 6.14.9 (Myles Borins) #36450d2ee676eb9] - deps: cherry-pick9a49b22from V8 upstream (Daniel Bevenius) #359397367e6c6be] - deps: update acorn to v8.0.4 (Michaël Zasso) #357914937a34be6] - deps: fix typo in zlib.gyp that break arm-fpu-neon build (lucasg) #356591e8dfb9d2c] - deps: upgrade to [email protected] (Guy Bedford) #359280356963f0e] - deps: update to [email protected] (Guy Bedford) #35901172be4ffe0] - deps: upgrade to [email protected] (Guy Bedford) #358711f7740691d] - deps: update to [email protected] (Guy Bedford) #3574547bd445e56] - doc: remove stray comma in url.md (Rich Trott) #361752f76a75fc6] - doc: revise agent.destroy() text (Rich Trott) #3616372fb6f88ab] - doc: add compatibility/interop technical value (Geoffrey Booth) #35323f5efd54727] - doc: de-emphasize wrapping in napi_define_class (Gabriel Schulhof) #361598a7c2b951d] - doc: clarify text about process not responding (Rich Trott) #36117800e1db83d] - doc: esm docs consolidation and reordering (Guy Bedford) #360464fad888fe1] - doc: move shigeki to emeritus (Rich Trott) #36093c088434b4d] - doc: document the error when cwd not exists in child_process.spawn (FeelyChau) #345054dbbbaa2e9] - doc: fix typo in debugger.md (Rich Trott) #36066d796bc7348] - doc: update list styles for remark-parse@9 rendering (Rich Trott) #360496daf204f32] - doc: escape asterisk in cctest gtest-filter (raisinten) #360349470bf5872] - doc: move v8.getHeapCodeStatistics() (Rich Trott) #3602730cd797c15] - doc: add note regarding file structure in src/README.md (Denys Otrishko) #35000cddcfcde9f] - doc: advise users to import the full set of trusted release keys (Reşat SABIQ) #326551ca1f262a5] - doc: fix crypto doc linter errors (Antoine du Hamel) #36035b11725eb9e] - doc: revise v8.getHeapSnapshot() (Rich Trott) #35849990facbc3e] - doc: update core-validate-commit link in guide (Daijiro Wachi) #35938773685c2a4] - doc: update benchmark CI test indicator in README (Rich Trott) #35945c90571ff2a] - doc: add new wordings to the API description (Pooja D.P) #355886259c2d231] - doc: option --prof documentation help added (krank2me) #3499198e4b77b89] - doc: fix release-schedule link in backport guide (Daijiro Wachi) #3592051ce1a2fa8] - doc: update tables in README files for linting changes (Rich Trott) #35905513bed2776] - doc: temporarily disable list-item-bullet-indent (Nick Schonning) #35647733c9da1e9] - doc: disable no-undefined-references workarounds (Nick Schonning) #356476e1612fa15] - doc: adjust table alignment for remark v13 (Nick Schonning) #35647a15dede26d] - doc: move bnoordhuis to emeritus (Ben Noordhuis) #3586526e42939f2] - doc: add on statement in the APIs docs (Pooja D.P) #356109486f5fc37] - doc: move ronkorving to emeritus (Rich Trott) #358283f3d2d781b] - doc: recommend test-doc instead of lint-md (Antoine du Hamel) #357088131d954d9] - doc: fix reference to googletest test fixture (Tobias Nießen) #3581334d6ca3bef] - doc: add conditional example for setBreakpoint() (Chris Opperwall) #3582329849743b8] - doc: make small improvements to REPL doc (Rich Trott) #3580802f9a2a77a] - doc: update MessagePort documentation for EventTarget inheritance (Anna Henningsen) #358399c7d4bd0f3] - doc: use case-sensitive in the example (Pooja D.P) #35624600cffae3c] - doc: consolidate and clarify breakOnSigInt text (Rich Trott) #357870de3f564b2] - doc: add a subsystems header in pull-requests.md (Pooja D.P) #3571847b4b2be29] - doc: add require statement in the example (Pooja D.P) #3555477cfcba7c8] - doc: modified memory set statement set size (Pooja D.P) #3551741937f76f0] - doc: use kbd element in readline doc prose (Rich Trott) #35737eee62b05f6] - doc: fix header level in fs.md (ax1) #3577163533d7d56] - doc: remove stability warning in v8 module doc (Rich Trott) #3577462bf1a63d6](https://togithub.com/nodejs/node/commit/62bf1aRenovate configuration
📅 Schedule: "before 3am on the first day of the month" in timezone Europe/Paris.
🚦 Automerge: Enabled.
♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by WhiteSource Renovate. View repository job log here.