[Snyk] Upgrade chai from 4.2.0 to 4.3.7 #3
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade chai from 4.2.0 to 4.3.7. See this package in npm: https://www.npmjs.com/package/chai See this project in Snyk: https://app.snyk.io/org/debuggineffect/project/f3a04bba-4023-47b0-af5d-def49e70c2f6?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade chai from 4.2.0 to 4.3.7.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-SEMVER-3247795
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-SHELLQUOTE-1766506
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-Y18N-1021887
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-Y18N-1021887
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-LODASH-1040724
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-HANDLEBARS-1056767
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-INI-1048974
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-JSONSCHEMA-1920922
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-TAR-1579155
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-USERAGENT-174737
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-XMLHTTPREQUESTSSL-1082936
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-XMLHTTPREQUESTSSL-1255647
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-QS-3153490
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-QS-3153490
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-ASYNC-2441827
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-CACHEDPATHRELATIVE-2342653
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-COPYPROPS-1082870
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-DECODEURICOMPONENT-3149970
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-ENGINEIO-1056749
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-ENGINEIO-3136336
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-SOCKETIOPARSER-1056752
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-TAR-1536528
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-TAR-1536531
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-TAR-1579147
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-TAR-1579152
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-SOCKETIO-1024859
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-YARGSPARSER-560381
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-LODASH-1018905
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-HANDLEBARS-1279029
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-HOSTEDGITINFO-1088355
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-KARMA-2395349
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-KARMA-2396325
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-LOG4JS-2348757
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-TERSER-2806366
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-UGLIFYJS-1727251
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-WS-1296835
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-PATHPARSE-1077067
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-PATHVAL-596926
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-ELLIPTIC-1064899
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-FOLLOWREDIRECTS-2332181
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-FOLLOWREDIRECTS-2396346
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-SOCKETIOPARSER-3091012
Why? Proof of Concept exploit, CVSS 7.5
SNYK-JS-TAR-1536758
Why? Proof of Concept exploit, CVSS 7.5
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: chai
-
4.3.7 - 2022-11-07
- fix: deep-eql bump package to support symbols comparison by @ snewcomer in #1483
-
4.3.6 - 2022-01-26
-
4.3.5 - 2022-01-25
- build chaijs fca5bb1
- build(deps-dev): bump codecov from 3.1.0 to 3.7.1 (#1446) 747eb4e
- fix package.json exports 022c2fa
- fix: package.json - deprecation warning on exports field (#1400) 5276af6
- feat: use chaijs/loupe for inspection (#1401) (#1407) c8a4e00
-
4.3.4 - 2021-03-12
-
4.3.3 - 2021-03-03
-
4.3.2 - 2021-03-03
-
4.3.1 - 2021-03-02
-
4.3.0 - 2021-02-04
- Allow
- Adding operator attribute to assertion error (#1257) (@ rpgeeganage)
- The
- Add contains flag to oneOf documentation (@ voliva)
- Make sure that
- Add tests for
- Update mocha to version 6.1.4
- Add node v10 and v12 to ci (@ vieiralucas)
- Drop support for node v4, v6 and v9 (@ vieiralucas)
- Fix sauce config for headless chrome (@ meeber)
- Update dev dependencies (@ meeber)
- Removed phantomjs dependency (#1204)
-
4.2.0 - 2018-09-26
from chai GitHub release notesWhat's Changed
Full Changelog: v4.3.6...v4.3.7
Update loupe to 2.3.1
v4.3.4...v4.3.5
This fixes broken inspect behavior with bigints (#1321) (#1383) thanks @ vapier
This reintroduces
Assertionas an export in the mjs file. See #1378 & #1375This fixes a regression in IE11. See #1380 & #1379
This releases fixed an engine incompatibility with 4.3.0
The 4.x.x series of releases will be compatible with Node 4.0. Please report any errors found in Node 4 as bugs, and they will be fixed.
The 5.x.x series, when released, will drop support for Node 4.0
This fix also ensures
pathvalis updated to1.1.1to fix CVE-2020-7751This is a minor release.
Not many changes have got in since the last release but this one contains a very important change (#1257) which will allow
jestusers to get better diffs. From this release onwards,jestusers will be able to see which operator was used in their diffs. Theoperatoris a property of theAssertionErrorthrown when assertions fail. This flag indicates what kind of comparison was made.This is also an important change for plugin maintainers. Plugin maintainers will now have access to the
operatorflag, which they can have access to through anutilmethod calledgetOperator`.Thanks to all the amazing people that contributed to this release.
New Features
contain.oneOfto take an array of possible values (@ voliva)closeToerror message will now inform the user when adeltais required (@ eouw0o83hf)Docs
Tests
useProxyconfig is checked inoverwriteProperty(@ vieiralucas)contain.oneOf(@ voliva )Chores
Read more
Commit messages
Package name: chai
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs