build(deps): bump socket.io-parser from 4.0.4 to 4.0.5 #1488
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.0.4 to 4.0.5. - [Release notes](https://github.com/socketio/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io-parser@4.0.4...4.0.5) --- updated-dependencies: - dependency-name: socket.io-parser dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
keithamus
approved these changes
Nov 10, 2022
keithamus
added a commit
that referenced
this pull request
Feb 7, 2023
* Fixed a regression that caused SyntaxErrors on IE 11 The changes made in #1334 incorrectly used an arrow function and as this isn't supported on IE 11 it causes a SyntaxError to be thrown when loading chai. * chai@4.3.2 * export chai.Assertion (#1378) * chai@4.3.3 * fix: support inspecting bigints (#1321) (#1383) * 4.3.4 * feat: use chaijs/loupe for inspection (#1401) (#1407) Fix #1228 * fix: package.json - deprecation warning on exports field (#1400) * fix package.json exports * build(deps-dev): bump codecov from 3.1.0 to 3.7.1 (#1446) Bumps [codecov](https://github.com/codecov/codecov-node) from 3.1.0 to 3.7.1. - [Release notes](https://github.com/codecov/codecov-node/releases) - [Changelog](https://github.com/codecov/codecov-node/blob/master/CHANGELOG.md) - [Commits](codecov/codecov-node@v3.1.0...v3.7.1) --- updated-dependencies: - dependency-name: codecov dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build chaijs * 4.3.5 * fix: use loupe@^2.3.1 * build chaijs * 4.3.6 * fix: deep-eql bump package to support symbols comparison (#1483) * 4.3.7 * build * chore: 4.x.x: Fix link to commit logs on GitHub (#1487) * 4.x.x: Fix link to commit logs on GitHub As there is no `master` branch, the link returned a 404. * Update History.md Co-authored-by: Andre Meyering <info@andremeyering.de> Co-authored-by: Keith Cirkel <keithamus@users.noreply.github.com> * build(deps): bump socket.io-parser from 4.0.4 to 4.0.5 (#1488) Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.0.4 to 4.0.5. - [Release notes](https://github.com/socketio/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io-parser@4.0.4...4.0.5) --- updated-dependencies: - dependency-name: socket.io-parser dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * test: fix typo in test.js (#1459) * docs: specify return type of objDisplay (#1490) previously it was incorrectly labeled as `objDisplay(obj: object): void` in `@types/chai`. * feat: rework into ES modules This moves all of the sources to be ES modules rather than CommonJS. In order to produce the entrypoints, we use esbuild as a bundler (and as a transpiler in a way). Due to the fact that some dependencies are written in CommonJS, we actually use esbuild to create _two_ bundles: a CommonJS bundle, and an ES module bundle. Otherwise, someone importing the raw source would inevitably end up trying to import a CommonJS module somewhere down the tree, which would not work in browsers natively. --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Lee Newson <lnewso@hotmail.com> Co-authored-by: Keith Cirkel <keithamus@users.noreply.github.com> Co-authored-by: rbruckheimer <rob@cosaic.io> Co-authored-by: Mike Frysinger <vapier@gmail.com> Co-authored-by: Pascal Corpet <pcorpet@users.noreply.github.com> Co-authored-by: Mimi <stevenjoezhang@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Scott Newcomer <snewcomer@users.noreply.github.com> Co-authored-by: Andre Meyering <info@andremeyering.de> Co-authored-by: Mavaddat Javid <5055400+mavaddat@users.noreply.github.com> Co-authored-by: scarf <greenscarf005@gmail.com> Co-authored-by: James Garbutt <james.garbutt@crispthinking.com>
renovate bot
added a commit
to trunk-io/trunk-action
that referenced
this pull request
Aug 24, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | minor | `v3.5.3` -> `v3.6.0` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [chai](http://chaijs.com) ([source](https://togithub.com/chaijs/chai)) | dependencies | patch | [`4.3.7` -> `4.3.8`](https://renovatebot.com/diffs/npm/chai/4.3.7/4.3.8) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v3.6.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v360) [Compare Source](https://togithub.com/actions/checkout/compare/v3.5.3...v3.6.0) - [Fix: Mark test scripts with Bash'isms to be run via Bash](https://togithub.com/actions/checkout/pull/1377) - [Add option to fetch tags even if fetch-depth > 0](https://togithub.com/actions/checkout/pull/579) </details> <details> <summary>chaijs/chai (chai)</summary> ### [`v4.3.8`](https://togithub.com/chaijs/chai/releases/tag/v4.3.8) [Compare Source](https://togithub.com/chaijs/chai/compare/v4.3.7...v4.3.8) #### What's Changed - 4.x.x: Fix link to commit logs on GitHub by [@​bugwelle](https://togithub.com/bugwelle) in [chaijs/chai#1487 - build(deps): bump socket.io-parser from 4.0.4 to 4.0.5 by [@​dependabot](https://togithub.com/dependabot) in [chaijs/chai#1488 - Small typo in test.js by [@​mavaddat](https://togithub.com/mavaddat) in [chaijs/chai#1459 - docs: specify return type of objDisplay by [@​scarf005](https://togithub.com/scarf005) in [chaijs/chai#1490 - Update CONTRIBUTING.md by [@​matheus-rodrigues00](https://togithub.com/matheus-rodrigues00) in [chaijs/chai#1521 - Fix: update exports.version to current version by [@​peanutenthusiast](https://togithub.com/peanutenthusiast) in [chaijs/chai#1534 #### New Contributors - [@​bugwelle](https://togithub.com/bugwelle) made their first contribution in [chaijs/chai#1487 - [@​mavaddat](https://togithub.com/mavaddat) made their first contribution in [chaijs/chai#1459 - [@​scarf005](https://togithub.com/scarf005) made their first contribution in [chaijs/chai#1490 - [@​matheus-rodrigues00](https://togithub.com/matheus-rodrigues00) made their first contribution in [chaijs/chai#1521 - [@​peanutenthusiast](https://togithub.com/peanutenthusiast) made their first contribution in [chaijs/chai#1534 **Full Changelog**: chaijs/chai@v4.3.7...v4.3.8 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/trunk-io/trunk-action). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi41Ni4wIiwidXBkYXRlZEluVmVyIjoiMzYuNTYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
kodiakhq bot
added a commit
to erezrokah/aws-testing-library
that referenced
this pull request
Aug 28, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [chai](http://chaijs.com) ([source](https://togithub.com/chaijs/chai)) | [`4.3.7` -> `4.3.8`](https://renovatebot.com/diffs/npm/chai/4.3.7/4.3.8) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>chaijs/chai (chai)</summary> ### [`v4.3.8`](https://togithub.com/chaijs/chai/releases/tag/v4.3.8) [Compare Source](https://togithub.com/chaijs/chai/compare/v4.3.7...v4.3.8) #### What's Changed - 4.x.x: Fix link to commit logs on GitHub by [@​bugwelle](https://togithub.com/bugwelle) in [chaijs/chai#1487 - build(deps): bump socket.io-parser from 4.0.4 to 4.0.5 by [@​dependabot](https://togithub.com/dependabot) in [chaijs/chai#1488 - Small typo in test.js by [@​mavaddat](https://togithub.com/mavaddat) in [chaijs/chai#1459 - docs: specify return type of objDisplay by [@​scarf005](https://togithub.com/scarf005) in [chaijs/chai#1490 - Update CONTRIBUTING.md by [@​matheus-rodrigues00](https://togithub.com/matheus-rodrigues00) in [chaijs/chai#1521 - Fix: update exports.version to current version by [@​peanutenthusiast](https://togithub.com/peanutenthusiast) in [chaijs/chai#1534 #### New Contributors - [@​bugwelle](https://togithub.com/bugwelle) made their first contribution in [chaijs/chai#1487 - [@​mavaddat](https://togithub.com/mavaddat) made their first contribution in [chaijs/chai#1459 - [@​scarf005](https://togithub.com/scarf005) made their first contribution in [chaijs/chai#1490 - [@​matheus-rodrigues00](https://togithub.com/matheus-rodrigues00) made their first contribution in [chaijs/chai#1521 - [@​peanutenthusiast](https://togithub.com/peanutenthusiast) made their first contribution in [chaijs/chai#1534 **Full Changelog**: chaijs/chai@v4.3.7...v4.3.8 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/erezrokah/aws-testing-library). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi42NC44IiwidXBkYXRlZEluVmVyIjoiMzYuNjQuOCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com>
mattgodbolt
pushed a commit
to compiler-explorer/compiler-explorer
that referenced
this pull request
Aug 29, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [chai](http://chaijs.com) ([source](https://togithub.com/chaijs/chai)) | [`^4.3.7` -> `^4.3.8`](https://renovatebot.com/diffs/npm/chai/4.3.7/4.3.8) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>chaijs/chai (chai)</summary> ### [`v4.3.8`](https://togithub.com/chaijs/chai/releases/tag/v4.3.8) [Compare Source](https://togithub.com/chaijs/chai/compare/v4.3.7...v4.3.8) #### What's Changed - 4.x.x: Fix link to commit logs on GitHub by [@​bugwelle](https://togithub.com/bugwelle) in [chaijs/chai#1487 - build(deps): bump socket.io-parser from 4.0.4 to 4.0.5 by [@​dependabot](https://togithub.com/dependabot) in [chaijs/chai#1488 - Small typo in test.js by [@​mavaddat](https://togithub.com/mavaddat) in [chaijs/chai#1459 - docs: specify return type of objDisplay by [@​scarf005](https://togithub.com/scarf005) in [chaijs/chai#1490 - Update CONTRIBUTING.md by [@​matheus-rodrigues00](https://togithub.com/matheus-rodrigues00) in [chaijs/chai#1521 - Fix: update exports.version to current version by [@​peanutenthusiast](https://togithub.com/peanutenthusiast) in [chaijs/chai#1534 #### New Contributors - [@​bugwelle](https://togithub.com/bugwelle) made their first contribution in [chaijs/chai#1487 - [@​mavaddat](https://togithub.com/mavaddat) made their first contribution in [chaijs/chai#1459 - [@​scarf005](https://togithub.com/scarf005) made their first contribution in [chaijs/chai#1490 - [@​matheus-rodrigues00](https://togithub.com/matheus-rodrigues00) made their first contribution in [chaijs/chai#1521 - [@​peanutenthusiast](https://togithub.com/peanutenthusiast) made their first contribution in [chaijs/chai#1534 **Full Changelog**: chaijs/chai@v4.3.7...v4.3.8 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 8pm on monday" in timezone America/Chicago, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/compiler-explorer/compiler-explorer). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi42NC44IiwidXBkYXRlZEluVmVyIjoiMzYuNjQuOCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
sammcj
added a commit
to sammcj/github-app-installation-token
that referenced
this pull request
Oct 27, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [@actions/core](https://togithub.com/actions/toolkit/tree/main/packages/core) ([source](https://togithub.com/actions/toolkit)) | [`1.10.0` -> `1.10.1`](https://renovatebot.com/diffs/npm/@actions%2fcore/1.10.0/1.10.1) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [chai](http://chaijs.com) ([source](https://togithub.com/chaijs/chai)) | [`4.3.7` -> `4.3.10`](https://renovatebot.com/diffs/npm/chai/4.3.7/4.3.10) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [jsonwebtoken](https://togithub.com/auth0/node-jsonwebtoken) | [`9.0.0` -> `9.0.2`](https://renovatebot.com/diffs/npm/jsonwebtoken/9.0.0/9.0.2) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | | [prettier](https://prettier.io) ([source](https://togithub.com/prettier/prettier)) | [`2.8.7` -> `2.8.8`](https://renovatebot.com/diffs/npm/prettier/2.8.7/2.8.8) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>actions/toolkit (@​actions/core)</summary> ### [`v1.10.1`](https://togithub.com/actions/toolkit/blob/HEAD/packages/core/RELEASES.md#1101) - Fix error message reference in oidc utils [#​1511](https://togithub.com/actions/toolkit/pull/1511) </details> <details> <summary>chaijs/chai (chai)</summary> ### [`v4.3.10`](https://togithub.com/chaijs/chai/releases/tag/v4.3.10) [Compare Source](https://togithub.com/chaijs/chai/compare/v4.3.9...v4.3.10) This release simply bumps all dependencies to their latest non-breaking versions. #### What's Changed - upgrade all dependencies by [@​keithamus](https://togithub.com/keithamus) in [chaijs/chai#1540 **Full Changelog**: chaijs/chai@v4.3.9...v4.3.10 ### [`v4.3.9`](https://togithub.com/chaijs/chai/releases/tag/v4.3.9) [Compare Source](https://togithub.com/chaijs/chai/compare/v4.3.8...v4.3.9) Upgrade dependencies. This release upgrades dependencies to address **[CVE-2023-43646](https://www.cve.org/CVERecord?id=CVE-2023-43646)** where a large function name can cause "catastrophic backtracking" (aka ReDOS attack) which can cause the test suite to hang. **Full Changelog**: chaijs/chai@v4.3.8...v4.3.9 ### [`v4.3.8`](https://togithub.com/chaijs/chai/releases/tag/v4.3.8) [Compare Source](https://togithub.com/chaijs/chai/compare/v4.3.7...v4.3.8) #### What's Changed - 4.x.x: Fix link to commit logs on GitHub by [@​bugwelle](https://togithub.com/bugwelle) in [chaijs/chai#1487 - build(deps): bump socket.io-parser from 4.0.4 to 4.0.5 by [@​dependabot](https://togithub.com/dependabot) in [chaijs/chai#1488 - Small typo in test.js by [@​mavaddat](https://togithub.com/mavaddat) in [chaijs/chai#1459 - docs: specify return type of objDisplay by [@​scarf005](https://togithub.com/scarf005) in [chaijs/chai#1490 - Update CONTRIBUTING.md by [@​matheus-rodrigues00](https://togithub.com/matheus-rodrigues00) in [chaijs/chai#1521 - Fix: update exports.version to current version by [@​peanutenthusiast](https://togithub.com/peanutenthusiast) in [chaijs/chai#1534 #### New Contributors - [@​bugwelle](https://togithub.com/bugwelle) made their first contribution in [chaijs/chai#1487 - [@​mavaddat](https://togithub.com/mavaddat) made their first contribution in [chaijs/chai#1459 - [@​scarf005](https://togithub.com/scarf005) made their first contribution in [chaijs/chai#1490 - [@​matheus-rodrigues00](https://togithub.com/matheus-rodrigues00) made their first contribution in [chaijs/chai#1521 - [@​peanutenthusiast](https://togithub.com/peanutenthusiast) made their first contribution in [chaijs/chai#1534 **Full Changelog**: chaijs/chai@v4.3.7...v4.3.8 </details> <details> <summary>auth0/node-jsonwebtoken (jsonwebtoken)</summary> ### [`v9.0.2`](https://togithub.com/auth0/node-jsonwebtoken/blob/HEAD/CHANGELOG.md#902---2023-08-30) [Compare Source](https://togithub.com/auth0/node-jsonwebtoken/compare/v9.0.1...v9.0.2) - security: updating semver to 7.5.4 to resolve CVE-2022-25883, closes [#​921](https://togithub.com/auth0/node-jsonwebtoken/issues/921). - refactor: reduce library size by using lodash specific dependencies, closes [#​878](https://togithub.com/auth0/node-jsonwebtoken/issues/878). ### [`v9.0.1`](https://togithub.com/auth0/node-jsonwebtoken/blob/HEAD/CHANGELOG.md#901---2023-07-05) [Compare Source](https://togithub.com/auth0/node-jsonwebtoken/compare/v9.0.0...v9.0.1) - fix(stubs): allow decode method to be stubbed </details> <details> <summary>prettier/prettier (prettier)</summary> ### [`v2.8.8`](https://togithub.com/prettier/prettier/blob/HEAD/CHANGELOG.md#288) [Compare Source](https://togithub.com/prettier/prettier/compare/2.8.7...2.8.8) This version is a republished version of v2.8.7. A bad version was accidentally published and [it can't be unpublished](https://togithub.com/npm/cli/issues/1686), apologies for the churn. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/sammcj/github-app-installation-token). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS42Mi4wIiwidXBkYXRlZEluVmVyIjoiMzcuMC4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
Woodpile37
added a commit
to Woodpile37/EIPs
that referenced
this pull request
Nov 4, 2023
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade chai from
4.3.6 to 4.3.10.</h3>
:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>
- The recommended version is **4 versions** ahead of your current
version.
- The recommended version was released **a month ago**, on 2023-09-28.
<details>
<summary><b>Release notes</b></summary>
<br/>
<details>
<summary>Package name: <b>chai</b></summary>
<ul>
<li>
<b>4.3.10</b> - <a
href="https://snyk.io/redirect/github/chaijs/chai/releases/tag/v4.3.10">2023-09-28</a></br><p>This
release simply bumps all dependencies to their latest non-breaking
versions.</p>
<h2>What's Changed</h2>
<ul>
<li>upgrade all dependencies by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/keithamus/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/keithamus">@ keithamus</a> in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1916961847" data-permission-text="Title is private"
data-url="chaijs/chai#1540"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1540/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1540">#1540</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link"
href="https://snyk.io/redirect/github/chaijs/chai/compare/v4.3.9...v4.3.10"><tt>v4.3.9...v4.3.10</tt></a></p>
</li>
<li>
<b>4.3.9</b> - <a
href="https://snyk.io/redirect/github/chaijs/chai/releases/tag/v4.3.9">2023-09-27</a></br><p>Upgrade
dependencies.</p>
<p>This release upgrades dependencies to address <strong><a
href="https://www.cve.org/CVERecord?id=CVE-2023-43646"
rel="nofollow">CVE-2023-43646</a></strong> where a large function name
can cause "catastrophic backtracking" (aka ReDOS attack) which can cause
the test suite to hang.</p>
<p><strong>Full Changelog</strong>: <a class="commit-link"
href="https://snyk.io/redirect/github/chaijs/chai/compare/v4.3.8...v4.3.9"><tt>v4.3.8...v4.3.9</tt></a></p>
</li>
<li>
<b>4.3.8</b> - <a
href="https://snyk.io/redirect/github/chaijs/chai/releases/tag/v4.3.8">2023-08-24</a></br><h2>What's
Changed</h2>
<ul>
<li>4.x.x: Fix link to commit logs on GitHub by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/bugwelle/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/bugwelle">@ bugwelle</a> in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1442318999" data-permission-text="Title is private"
data-url="chaijs/chai#1487"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1487/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1487">#1487</a></li>
<li>build(deps): bump socket.io-parser from 4.0.4 to 4.0.5 by <a
class="user-mention notranslate" data-hovercard-type="organization"
data-hovercard-url="/orgs/dependabot/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/dependabot">@ dependabot</a> in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1442803192" data-permission-text="Title is private"
data-url="chaijs/chai#1488"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1488/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1488">#1488</a></li>
<li>Small typo in test.js by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/mavaddat/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/mavaddat">@ mavaddat</a> in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1154733117" data-permission-text="Title is private"
data-url="chaijs/chai#1459"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1459/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1459">#1459</a></li>
<li>docs: specify return type of objDisplay by <a class="user-mention
notranslate" data-hovercard-type="user"
data-hovercard-url="/users/scarf005/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/scarf005">@ scarf005</a> in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1476032440" data-permission-text="Title is private"
data-url="chaijs/chai#1490"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1490/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1490">#1490</a></li>
<li>Update CONTRIBUTING.md by <a class="user-mention notranslate"
data-hovercard-type="user"
data-hovercard-url="/users/matheus-rodrigues00/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/matheus-rodrigues00">@
matheus-rodrigues00</a> in <a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1732701131"
data-permission-text="Title is private"
data-url="chaijs/chai#1521"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1521/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1521">#1521</a></li>
<li>Fix: update exports.version to current version by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/peanutenthusiast/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/peanutenthusiast">@
peanutenthusiast</a> in <a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1864098264"
data-permission-text="Title is private"
data-url="chaijs/chai#1534"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1534/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1534">#1534</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/bugwelle/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/bugwelle">@ bugwelle</a> made
their first contribution in <a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1442318999"
data-permission-text="Title is private"
data-url="chaijs/chai#1487"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1487/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1487">#1487</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/mavaddat/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/mavaddat">@ mavaddat</a> made
their first contribution in <a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1154733117"
data-permission-text="Title is private"
data-url="chaijs/chai#1459"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1459/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1459">#1459</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/scarf005/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/scarf005">@ scarf005</a> made
their first contribution in <a class="issue-link js-issue-link"
data-error-text="Failed to load title" data-id="1476032440"
data-permission-text="Title is private"
data-url="chaijs/chai#1490"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1490/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1490">#1490</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/matheus-rodrigues00/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/matheus-rodrigues00">@
matheus-rodrigues00</a> made their first contribution in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1732701131" data-permission-text="Title is private"
data-url="chaijs/chai#1521"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1521/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1521">#1521</a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/peanutenthusiast/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/peanutenthusiast">@
peanutenthusiast</a> made their first contribution in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1864098264" data-permission-text="Title is private"
data-url="chaijs/chai#1534"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1534/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1534">#1534</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link"
href="https://snyk.io/redirect/github/chaijs/chai/compare/v4.3.7...v4.3.8"><tt>v4.3.7...v4.3.8</tt></a></p>
</li>
<li>
<b>4.3.7</b> - <a
href="https://snyk.io/redirect/github/chaijs/chai/releases/tag/v4.3.7">2022-11-07</a></br><h2>What's
Changed</h2>
<ul>
<li>fix: deep-eql bump package to support symbols comparison by <a
class="user-mention notranslate" data-hovercard-type="user"
data-hovercard-url="/users/snewcomer/hovercard"
data-octo-click="hovercard-link-click"
data-octo-dimensions="link_type:self"
href="https://snyk.io/redirect/github/snewcomer">@ snewcomer</a> in <a
class="issue-link js-issue-link" data-error-text="Failed to load title"
data-id="1438632532" data-permission-text="Title is private"
data-url="chaijs/chai#1483"
data-hovercard-type="pull_request"
data-hovercard-url="/chaijs/chai/pull/1483/hovercard"
href="https://snyk.io/redirect/github/chaijs/chai/pull/1483">#1483</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link"
href="https://snyk.io/redirect/github/chaijs/chai/compare/v4.3.6...v4.3.7"><tt>v4.3.6...v4.3.7</tt></a></p>
</li>
<li>
<b>4.3.6</b> - <a
href="https://snyk.io/redirect/github/chaijs/chai/releases/tag/v4.3.6">2022-01-26</a></br><p>Update
loupe to 2.3.1</p>
</li>
</ul>
from <a href="https://snyk.io/redirect/github/chaijs/chai/releases">chai
GitHub release notes</a>
</details>
</details>
<details>
<summary><b>Commit messages</b></summary>
</br>
<details>
<summary>Package name: <b>chai</b></summary>
<ul>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/744a16e1cc4e8a9c6d4499e1e520a0bc4c80ec18">744a16e</a>
4.3.10</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/0ccd823cb3ee6a433156c4e23cc67de79d4f368d">0ccd823</a>
upgrade all dependencies (ethereum#1540)</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/923d0a48fc59a910ecee37c85535379520a3e1b6">923d0a4</a>
4.3.9</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/1a0f8872711f64b8353c30ebcfdf0ceeab404bab">1a0f887</a>
make</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/a141e5739ab32ae579cd2df2eb745dbf1375ac27">a141e57</a>
upgrade deps</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/d9ff2c6d3e3f306b8b76e081cc892f42bf551b26">d9ff2c6</a>
4.3.8</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/8d3205b27e706f188f1c4f548d23b989eb60a0db">8d3205b</a>
build</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/b351dc09440e87917f25daa8d49dfb8866efc704">b351dc0</a>
Fix: update exports.version to current version (ethereum#1534)</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/1a8247f30dbe0f54268a9748ae673caec75d6bfe">1a8247f</a>
Update CONTRIBUTING.md (ethereum#1521)</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/3a8c49a70733ac7f4570925415e9a8544e2ee1c3">3a8c49a</a>
docs: specify return type of objDisplay (ethereum#1490)</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/b45512409768514aac931a54da628adf2d27a934">b455124</a>
test: fix typo in test.js (ethereum#1459)</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/98f42337562429353e829ebc4f85a00622087fce">98f4233</a>
build(deps): bump socket.io-parser from 4.0.4 to 4.0.5 (ethereum#1488)</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/acd16e0033591d849b82f0700fd223072ebf420c">acd16e0</a>
chore: 4.x.x: Fix link to commit logs on GitHub (ethereum#1487)</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/3c947a7f33b021730ea68a52bd15712fe57134be">3c947a7</a>
build</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/775f50958422278933db6efefa1ec2526191e632">775f509</a>
4.3.7</li>
<li><a
href="https://snyk.io/redirect/github/chaijs/chai/commit/8e780b44f321056c960f00b94b4c2aefa3392c21">8e780b4</a>
fix: deep-eql bump package to support symbols comparison (ethereum#1483)</li>
</ul>
<a
href="https://snyk.io/redirect/github/chaijs/chai/compare/529b8b527ba99454471ac67d6aebca9d96cb5dd9...744a16e1cc4e8a9c6d4499e1e520a0bc4c80ec18">Compare</a>
</details>
</details>
<hr/>
**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*
For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJkMDQzOThiZC0wYzlmLTQyMmEtOGEyZi0yNTQ2NDNjMDY2MDMiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImQwNDM5OGJkLTBjOWYtNDIyYS04YTJmLTI1NDY0M2MwNjYwMyJ9fQ=="
width="0" height="0"/>
🧐 [View latest project
report](https://app.snyk.io/org/woodpile37/project/3a4e6031-90ad-4f6e-a8f2-e52f97555f14?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/woodpile37/project/3a4e6031-90ad-4f6e-a8f2-e52f97555f14/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/woodpile37/project/3a4e6031-90ad-4f6e-a8f2-e52f97555f14/settings/integration?pkg=chai&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
<!---
(snyk:metadata:{"prId":"d04398bd-0c9f-422a-8a2f-254643c06603","prPublicId":"d04398bd-0c9f-422a-8a2f-254643c06603","dependencies":[{"name":"chai","from":"4.3.6","to":"4.3.10"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/woodpile37/project/3a4e6031-90ad-4f6e-a8f2-e52f97555f14?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"3a4e6031-90ad-4f6e-a8f2-e52f97555f14","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2023-09-28T09:50:37.566Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]})
--->
](https://renovatebot.com){kind=link}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps socket.io-parser from 4.0.4 to 4.0.5.
Release notes
Sourced from socket.io-parser's releases.
Changelog
Sourced from socket.io-parser's changelog.
Commits
f3329ebchore(release): 4.0.5b559f05fix: check the format of the index of each attachmentDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and languageYou can disable automated security fix PRs for this repo from the Security Alerts page.