Skip to content

v2.1.31

Choose a tag to compare

View all tags
@flowzone-app flowzone-app released this 09 Jun 10:52
· 10 commits to master since this release
v2.1.31
bcab92c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Update dependency sinon to v22

Notable changes

sinonjs/sinon (sinon)

v22.0.0

Compare Source

  • ed911df5
    Update Ruby gems (Carl-Erik Kopseng)
  • 75a1e5b8
    Update to Node 26 (Carl-Erik Kopseng)
  • 197d6608
    Update documentation on faking timers to reflect the current state of fake-timers (Carl-Erik Kopseng)
  • c5ddf80b
    Update fake-timers@​15.4: includes new Temporal API (Carl-Erik Kopseng)
  • f4ab02f6
    Update updatable packages (Carl-Erik Kopseng)
  • 0536afc8
    Quality: Global mutable call id can grow unbounded across long-lived processes (#​2691) (tuanaiseo)
    • refactor: global mutable call id can grow unbounded across l

    callId is module-scoped and incremented on every invocation. In long-running test runners or embedded usage, this can grow indefinitely and eventually lose integer precision semantics for strict ordering comparisons.

    Affected files: proxy-invoke.js

    Signed-off-by: tuanaiseo 221258316+tuanaiseo@users.noreply.github.com

    • Wrap around for all values that are too high

    Signed-off-by: tuanaiseo 221258316+tuanaiseo@users.noreply.github.com
    Co-authored-by: Carl-Erik Kopseng carlerik@gmail.com

  • f4f7d93b
    Perform additional cleanup when calling callThrough() (#​2670) (Cyrille)
  • 6199e9e4
    improve GitHubworkflows by introducing zizmor for monitoring (#​2686) (Till!)

    • fix(workflows): fetch-depth is for actions/checkout

    • chore(workflows): update

    • pin all actions to precise commits
    • avoid credential leakage from actions/checkout
    • group action updates going forward
    • add zimor config to ignore "secrets outside env"
    • add job to keep validating workflows
  • f7476b59
    Use path.normalize() for path normalization (Carl-Erik Kopseng)
  • 2c975393
    fix: make build and node test scripts cross-platform (laplace young)
  • a7692917
    fix: isolate walk state from Object prototype (laplace young)
  • 66df977a
    Fix sinon.restore() cascade-restoring sub-sandboxes (#​2704) (Charlie Leitheiser)

    The ESM port of createApi (#​2683, shipped in 21.1.0) replaced createSandbox: createSandbox with a wrapper that pushes every newly-created sandbox into the root sandbox's fake collection:

    createSandbox: function createSandbox(config) {
    const s = createConfiguredSandbox(config);
    sandbox.getFakes().push(s);
    return s;
}

    Sandbox#restore then walks that collection and calls .restore() on each entry. Because a sub-sandbox is itself an entry, every top-level sinon.restore() cascades into every sub-sandbox and undoes its stubs/timers/etc. — defeating the whole point of having an isolated sub-sandbox. The same cascade hits resetHistory and
    verifyAndRestore. This is the regression reported in #​2701.

    Restore the pre-21.1 behaviour: hand the root API a direct reference to createConfiguredSandbox. Sub-sandboxes are now isolated; only subSandbox.restore() (or verifyAndRestore) clears their fakes.

    Also flip the four sandbox tests that were locking in the buggy cascade: they now assert the parent's restore/resetHistory leaves the child untouched, with an explicit child-side cleanup at the
    end.

    Closes #​2701

  • f0bd6e1b
    fix: exclude proto from walk() (#​2699) (Kevin Locke)

    __proto__ is a special property to access an object's prototype. It
    has many pitfalls:

    • Setting it to an object value changes an object's prototype, which is
      generally discouraged and may be unexpected by the iterator callback.
    • Setting it to a non-object value does nothing (meaning seen[k] = true has no effect).
    • When Node.js is run with the --disable-proto=throw option, getting
      or setting __proto__ causes an exception with code
      ERR_PROTO_ACCESS to be thrown.

    Additionally, since this property (and all properties of
    Object.prototype) are currently unused in this project by consumers of
    walk(), it is both safe and preferable to exclude.

    Fixes: #​2695

    Signed-off-by: Kevin Locke kevin@kevinlocke.name

  • 1f8afd50
    chore: add context7.json for ownership confirmation (Morgan Roderick)

Released by Carl-Erik Kopseng on 2026-05-05.

List of commits

61d6692 (Update dependency sinon to v22, 2026-06-09)

Assets 3
Loading