From c40609b2c8c1a2ab254c5324941751a38b418758 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 5 Oct 2023 07:36:06 -0500 Subject: [PATCH] chore(deps): update dependency chai to ^4.3.10 (#5544) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [chai](http://chaijs.com) ([source](https://togithub.com/chaijs/chai)) | [`^4.3.8` -> `^4.3.10`](https://renovatebot.com/diffs/npm/chai/4.3.8/4.3.10) | [![age](https://developer.mend.io/api/mc/badges/age/npm/chai/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/chai/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/chai/4.3.8/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/chai/4.3.8/4.3.10?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes
chaijs/chai (chai) ### [`v4.3.10`](https://togithub.com/chaijs/chai/releases/tag/v4.3.10) [Compare Source](https://togithub.com/chaijs/chai/compare/v4.3.9...v4.3.10) This release simply bumps all dependencies to their latest non-breaking versions. #### What's Changed - upgrade all dependencies by [@​keithamus](https://togithub.com/keithamus) in [https://github.com/chaijs/chai/pull/1540](https://togithub.com/chaijs/chai/pull/1540) **Full Changelog**: https://github.com/chaijs/chai/compare/v4.3.9...v4.3.10 ### [`v4.3.9`](https://togithub.com/chaijs/chai/releases/tag/v4.3.9) [Compare Source](https://togithub.com/chaijs/chai/compare/v4.3.8...v4.3.9) Upgrade dependencies. This release upgrades dependencies to address **[CVE-2023-43646](https://www.cve.org/CVERecord?id=CVE-2023-43646)** where a large function name can cause "catastrophic backtracking" (aka ReDOS attack) which can cause the test suite to hang. **Full Changelog**: https://github.com/chaijs/chai/compare/v4.3.8...v4.3.9
--- ### Configuration 📅 **Schedule**: Branch creation - "before 8pm on monday" in timezone America/Chicago, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/compiler-explorer/compiler-explorer). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- package-lock.json | 33 ++++++++++++++++++--------------- package.json | 2 +- 2 files changed, 19 insertions(+), 16 deletions(-) diff --git a/package-lock.json b/package-lock.json index 23d9b66a070..a69fc0bd8cf 100644 --- a/package-lock.json +++ b/package-lock.json @@ -110,7 +110,7 @@ "approvals": "^6.2.2", "aws-sdk-client-mock": "^3.0.0", "c8": "^8.0.1", - "chai": "^4.3.8", + "chai": "^4.3.10", "chai-as-promised": "^7.1.1", "chai-http": "^4.4.0", "cheerio": "^1.0.0-rc.12", @@ -6401,18 +6401,18 @@ "integrity": "sha512-4tYFyifaFfGacoiObjJegolkwSU4xQNGbVgUiNYVUxbQ2x2lUsFvY4hVgVzGiIe6WLOPqycWXA40l+PWsxthUw==" }, "node_modules/chai": { - "version": "4.3.8", - "resolved": "https://registry.npmjs.org/chai/-/chai-4.3.8.tgz", - "integrity": "sha512-vX4YvVVtxlfSZ2VecZgFUTU5qPCYsobVI2O9FmwEXBhDigYGQA6jRXCycIs1yJnnWbZ6/+a2zNIF5DfVCcJBFQ==", + "version": "4.3.10", + "resolved": "https://registry.npmjs.org/chai/-/chai-4.3.10.tgz", + "integrity": "sha512-0UXG04VuVbruMUYbJ6JctvH0YnC/4q3/AkT18q4NaITo91CUm0liMS9VqzT9vZhVQ/1eqPanMWjBM+Juhfb/9g==", "dev": true, "dependencies": { "assertion-error": "^1.1.0", - "check-error": "^1.0.2", - "deep-eql": "^4.1.2", - "get-func-name": "^2.0.0", - "loupe": "^2.3.1", + "check-error": "^1.0.3", + "deep-eql": "^4.1.3", + "get-func-name": "^2.0.2", + "loupe": "^2.3.6", "pathval": "^1.1.1", - "type-detect": "^4.0.5" + "type-detect": "^4.0.8" }, "engines": { "node": ">=4" @@ -6501,10 +6501,13 @@ } }, "node_modules/check-error": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/check-error/-/check-error-1.0.2.tgz", - "integrity": "sha512-BrgHpW9NURQgzoNyjfq0Wu6VFO6D7IZEmJNdtgNqpzGG8RuNFHt2jQxWlAs4HMe119chBnv+34syEZtc6IhLtA==", + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/check-error/-/check-error-1.0.3.tgz", + "integrity": "sha512-iKEoDYaRmd1mxM90a2OEfWhjsjPpYPuQ+lMYsoxB126+t8fw7ySEO48nmDg5COTjxDI65/Y2OWpeEHk3ZOe8zg==", "dev": true, + "dependencies": { + "get-func-name": "^2.0.2" + }, "engines": { "node": "*" } @@ -10164,9 +10167,9 @@ } }, "node_modules/get-func-name": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/get-func-name/-/get-func-name-2.0.0.tgz", - "integrity": "sha512-Hm0ixYtaSZ/V7C8FJrtZIuBBI+iSgL+1Aq82zSu8VQNB4S3Gk8e7Qs3VwBDJAhmRZcFqkl3tQu36g/Foh5I5ig==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/get-func-name/-/get-func-name-2.0.2.tgz", + "integrity": "sha512-8vXOvuE167CtIc3OyItco7N/dpRtBbYOsPsXCz7X/PMnlGjYjSGuZJgM1Y7mmew7BKf9BqvLX2tnOVy1BBUsxQ==", "dev": true, "engines": { "node": "*" diff --git a/package.json b/package.json index 4520cad7c05..ff9ea1e89ee 100644 --- a/package.json +++ b/package.json @@ -119,7 +119,7 @@ "approvals": "^6.2.2", "aws-sdk-client-mock": "^3.0.0", "c8": "^8.0.1", - "chai": "^4.3.8", + "chai": "^4.3.10", "chai-as-promised": "^7.1.1", "chai-http": "^4.4.0", "cheerio": "^1.0.0-rc.12",