[Snyk] Upgrade jest from 26.6.3 to 28.1.3

[snyk-bot]

Snyk has created this PR to upgrade jest from 26.6.3 to 28.1.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 59 versions ahead of your current version.
• The recommended version was released a month ago, on 2022-07-13.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-2407770	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-UNSETVALUE-2400660	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Arbitrary File Write SNYK-JS-TAR-1579155	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Improper Privilege Management SNYK-JS-SHELLJS-2332187	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1585624	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1584358	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-LODASHSET-1320032	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-INI-1048974	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-HANDLEBARS-1056767	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090602	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090601	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090600	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090599	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Authorization Bypass SNYK-JS-URLPARSE-2407759	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Open Redirect SNYK-JS-URLPARSE-1533425	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-1078283	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIMOFFNEWLINES-1296850	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-2824151	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1047770	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-NWSAPI-2841516	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Command Injection SNYK-JS-NODENOTIFIER-1035794	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Information Exposure SNYK-JS-NODEFETCH-2342118	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Reverse Tabnabbing SNYK-JS-ISTANBULREPORTS-2328088	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-IOREDIS-1567196	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-HANDLEBARS-1279029	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Information Exposure SNYK-JS-EVENTSOURCE-2823375	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CONVENTIONALCOMMITSPARSER-1766960	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: jest

• 28.1.3 - 2022-07-13
  

  Features

  • [jest-leak-detector] Use native FinalizationRegistry when it exists to get rid of external C dependency (#12973)

  Fixes

  • [jest-changed-files] Fix a lock-up after repeated invocations (#12757)
  • [@ jest/expect-utils] Fix deep equality of ImmutableJS OrderedSets (#12977)
  • [jest-mock] Add index signature support for spyOn types (#13013, #13020)
  • [jest-snapshot] Fix indentation of awaited inline snapshots (#12986)

  Chore & Maintenance

  • [*] Replace internal usage of pretty-format/ConvertAnsi with jest-serializer-ansi-escapes (#12935, #13004)
  • [docs] Update spyOn docs (#13000)

  New Contributors

  • @ joshkel made their first contribution in #12960
  • @ enrilzhou made their first contribution in #12973
  • @ milahu made their first contribution in #12983
  • @ MiguelYax made their first contribution in #13000
  • @ kaffarell made their first contribution in #13015
  • @ TheKhanj made their first contribution in #12988
  • @ Fdawgs made their first contribution in #13019

  Full Changelog: v28.1.2...v28.1.3

• 28.1.2 - 2022-06-29
  

  Fixes

  • [jest-runtime] Avoid star type import from @ jest/globals (#12949)

  Chore & Maintenance

  • [docs] Mention that jest-codemods now supports Sinon (#12898)

  New Contributors

  • @ danbeam made their first contribution in #12898
  • @ DanRowe made their first contribution in #12915

  Full Changelog: v28.1.1...v28.1.2

• 28.1.1 - 2022-06-07
  

  Features

  • [jest] Expose Config type (#12848)
  • [@ jest/reporters] Improve GitHubActionsReporters annotation format (#12826)
  • [@ jest/types] Infer argument types passed to test and describe callback functions from each tables (#12885, #12905)

  Fixes

  • [@ jest/expect-utils] Fix deep equality of ImmutableJS OrderedMaps (#12763)
  • [jest-docblock] Handle multiline comments in parseWithComments (#12845)
  • [jest-mock] Improve spyOn error messages (#12901)
  • [jest-runtime] Correctly report V8 coverage with resetModules: true (#12912)
  • [jest-worker] Make JestWorkerFarm helper type to include methods of worker module that take more than one argument (#12839)

  Chore & Maintenance

  • [docs] Updated docs to indicate that jest-environment-jsdom is a separate package #12828

  • [docs] Document the comments used by coverage providers #12835

  • [docs] Use docusaurus-remark-plugin-tab-blocks to format tabs with code examples (#12859)

  • [jest-haste-map] Bump walker version (#12324)

  • [expect] Adjust typings of lastCalledWith, nthCalledWith, toBeCalledWith matchers to allow a case there a mock was called with no arguments (#12807)

  • [@ jest/expect-utils] Fix deep equality of ImmutableJS Lists (#12763)

  • [jest-core] Do not collect SIGNREQUEST as open handles (#12789)

  New Contributors

  • @ owjsub made their first contribution in #12324
  • @ Aveline-art made their first contribution in #12831
  • @ spenserblack made their first contribution in #12836
  • @ dimitropoulos made their first contribution in #12817
  • @ ullumullu made their first contribution in #12845
  • @ limonte made their first contribution in #12851
  • @ Dennis273 made their first contribution in #12870
  • @ shreykinshu made their first contribution in #12886
  • @ pbomb made their first contribution in #12899
  • @ ChrisCoastal made their first contribution in #12887
  • @ HyunseungLee-Travis made their first contribution in #12810

  Full Changelog: v28.1.0...v28.1.1

• 28.1.0 - 2022-05-06
  Read more
• 28.0.3 - 2022-04-29
  

  Fixes

  • [jest-config] Normalize reporters option defined in presets (#12769)
  • [@ jest/reporters] Fix trailing slash in matching coverageThreshold key (#12714)
  • [jest-resolve] Fix (experimental) ESM module mocking for re-exports (#12766)
  • [@ jest/transform] Throw better error if an invalid return value if encountered (#12764)

  Chore & Maintenance

  • [docs] Fix typo in --shard CLI docs (#12761)

  New Contributors

  • @ wespickett made their first contribution in #12714
  • @ helloitsjoe made their first contribution in #12761
  • @ maxdavidson made their first contribution in #12766

  Full Changelog: v28.0.2...v28.0.3

• 28.0.2 - 2022-04-27
  

  Features

  • [jest-worker] Add JestWorkerFarm helper type (#12753)

  Fixes

  • [*] Lower Node 16 requirement to 16.10 from 16.13 due to a Node bug that causes memory and performance issues (#12754)

  Full Changelog: v28.0.1...v28.0.2

• 28.0.1 - 2022-04-26
  Read more
• 28.0.0 - 2022-04-25
  Read more
• 28.0.0-alpha.11 - 2022-04-20
  Read more
• 28.0.0-alpha.10 - 2022-04-20
  Read more
• 28.0.0-alpha.9 - 2022-04-19
• 28.0.0-alpha.8 - 2022-04-05
• 28.0.0-alpha.7 - 2022-03-06
• 28.0.0-alpha.6 - 2022-03-01
• 28.0.0-alpha.5 - 2022-02-24
• 28.0.0-alpha.4 - 2022-02-22
• 28.0.0-alpha.3 - 2022-02-17
• 28.0.0-alpha.2 - 2022-02-16
• 28.0.0-alpha.1 - 2022-02-15
• 28.0.0-alpha.0 - 2022-02-10
• 27.5.1 - 2022-02-08
• 27.5.0 - 2022-02-05
• 27.4.7 - 2022-01-05
• 27.4.6 - 2022-01-04
• 27.4.5 - 2021-12-13
• 27.4.4 - 2021-12-10
• 27.4.3 - 2021-12-01
• 27.4.2 - 2021-11-30
• 27.4.1 - 2021-11-30
• 27.4.0 - 2021-11-29
• 27.3.1 - 2021-10-19
• 27.3.0 - 2021-10-17
• 27.2.5 - 2021-10-08
• 27.2.4 - 2021-09-29
• 27.2.3 - 2021-09-28
• 27.2.2 - 2021-09-25
• 27.2.1 - 2021-09-20
• 27.2.0 - 2021-09-13
• 27.1.1 - 2021-09-08
• 27.1.0 - 2021-08-27
• 27.0.6 - 2021-06-28
• 27.0.5 - 2021-06-22
• 27.0.4 - 2021-06-03
• 27.0.3 - 2021-05-29
• 27.0.2 - 2021-05-29
• 27.0.1 - 2021-05-25
• 27.0.0 - 2021-05-25
• 27.0.0-next.11 - 2021-05-20
• 27.0.0-next.10 - 2021-05-20
• 27.0.0-next.9 - 2021-05-04
• 27.0.0-next.8 - 2021-04-12
• 27.0.0-next.7 - 2021-04-02
• 27.0.0-next.6 - 2021-03-25
• 27.0.0-next.5 - 2021-03-15
• 27.0.0-next.4 - 2021-03-08
• 27.0.0-next.3 - 2021-02-18
• 27.0.0-next.2 - 2020-12-07
• 27.0.0-next.1 - 2020-12-07
• 27.0.0-next.0 - 2020-12-05
• 26.6.3 - 2020-11-04

from jest GitHub release notes

Commit messages

Package name: jest

• 2cce069 v28.1.3
• 2f788ae chore: update changelog for release
• 94163e2 chore: update docusaurus (#13021)
• b3d4a1d refactor(jest-mock): simplify `PropertyLikeKeys` utility type (#13020)
• 3d94b58 fix: missing spaces in string concats (#13019)
• 0425de0 chore: bump `typescript` and related dependencies (#13017)
• 33a8a59 Update JestCommunity.md (#12988)
• c2cd09f chore: update react-native example (#13016)
• ca61556 chore: fixed changelog.md typo (#13015)
• 073a798 chore: update babel
• b0c210e chore: update lint dependencies (#13014)
• c98fc56 Update spyOn docs (#13000)
• ba443a5 Refine babel-plugin-jest-hoist typings (#13011)
• f87e4c3 fix(jest-mock): add index signature support for `spyOn` types (#13013)
• c44de55 fix(scripts): also check for package.json (#12983)
• 12b12b8 chore: bump `jest-serialiser-ansi-escapes` (#13004)
• fd4bfbd chore: replace `pretty-format/ConvertAnsi` with `jest-serializer-ansi-escapes` (#12935)
• 312d3a9 docs: minor grammar correction from "as document" to "as documented" (#12995)
• fe33f3d Correct `await`-ed inline snapshot indentation (#12986)
• 51fa619 feat(jest-leak-detector): use FinalizationRegistry when it exists to get rid of external dependency (#12973)
• 43368be chore: bump `jest-runner-tsd` (#12981)
• 30f70cb fix: Switch from throat to p-limit (#12960)
• 9931a58 feat: upgrade TypeBox (#12979)
• 0c37619 fix(expect-utils): Fix equalityof ImmutableJS OrderedSets (#12977)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs