Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency pusher to v4 #68

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update dependency pusher to v4 #68

wants to merge 1 commit into from

Conversation

mend-for-github-com[bot]
Copy link

This PR contains the following updates:

Package Type Update Change
pusher dependencies major ^2.2.0 -> ^4.0.0

By merging this PR, the issue #31 will be automatically resolved and closed:

Severity CVSS Score CVE
Critical Critical 9.8 CVE-2021-3918
Critical Critical 9.8 CVE-2023-26136
High High 7.5 CVE-2022-24999

Release Notes

pusher/pusher-http-node (pusher)

v4.0.0

Compare Source

[BREAKING CHANGE] Methods that previously took callbacks now return promises.

  • trigger, triggerBatch, get, and post return a promise which resolves
    to a Response (as provided by node-fetch),
    or rejects to a RequestError. Of particular note:
    • Response has a status where is used to have a statusCode.
    • RequestError has a status where is used to have a statusCode to
      mirror the above.
    • Response has
      json,
      text, etc to
      access the body where before it exposed body as a string.

[BREAKING CHANGE] The Pusher constructor no longer accepts proxy or keepAlive, but instead accepts agent.

const pusher = new Pusher.forURL(process.env.PUSHER_URL, {
  agent: new HttpsProxyAgent("http://localhost:8321"),
})
  • To configure keep alive:
const pusher = new Pusher.forURL(process.env.PUSHER_URL, {
  agent: new https.Agent({ keepAlive: true }),
})

[REMOVED] Specific Parse Cloud build. I don't believe it is required any more, but please open an issue if there are any problems using this release on Parse Cloud!

v3.0.1

Compare Source

[UPGRADED] development dependencies

[ADDED] encryptionMasterKeyBase64 constructor parameter to make it easier to use the full range of 32 byte binary values in encryption key

[DEPRECATED] encryptionMasterKey constructor parameter - use encryptionMasterKeyBase64

v3.0.0

Compare Source

[REMOVED] Support for Node versions < 8

[UPGRADED] Upgraded versions of nock, and mocha

v2.2.2

Compare Source

[FIXED] an issue where a function that generated signatures behaved differently in different versions of node. Improved the underlying compare function to unify behaviour between versions.

[ADDED] Supported platforms to the Readme and TravisCI config.

v2.2.1

Compare Source

no-op release to fix the description on https://www.npmjs.com/package/pusher

  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by Mend label Dec 5, 2023
@mend-for-github-com Mend for GitHub.com
Copy link
Author

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
security fix Security fix generated by Mend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants