Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

breaking: Upgrade @cypress/request to 3.0.0 #27495

Merged
merged 5 commits into from
Aug 23, 2023
Merged

breaking: Upgrade @cypress/request to 3.0.0 #27495

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
4cdba9f
dependency: Upgrade @cypress/request to 3.0.0 and @cypress/request-pr…
chrisbreiding Aug 8, 2023
6af6094
add changelog entry
chrisbreiding Aug 8, 2023
f265dbc
Merge branch 'release/13.0.0' into update-cypress-request-version
chrisbreiding Aug 22, 2023
80a4cdc
fix test
chrisbreiding Aug 23, 2023
d94e7d3
update changelog
chrisbreiding Aug 23, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions cli/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@ _Released 08/15/2023 (PENDING)_

- Fixed an issue where having `cypress.config` in a nested directory would cause problems with locating the `component-index.html` file when using component testing. Fixes [#26400](https://github.com/cypress-io/cypress/issues/26400).

**Dependency Updates:**

- Upgraded [`@cypress/request`](https://www.npmjs.com/package/@cypress/request) from `^2.8.11` to `^3.0.0` and [`@cypress/request-promise`](https://www.npmjs.com/package/@cypress/request-promise) from `4.2.6` to `4.2.7`. Addressed in [#27495](https://github.com/cypress-io/cypress/pull/27495).
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apologies - it's the little person in me who gives me an itch when I spot the tiniest of typos :). Stumbled across this when searching for a better solution to update our cypress 9.5.3 to cover CVE-2023-26136. Dependabot is helpfully offering to patch package-lock.json but that gives me the heebie-jeebies, as until this PR is merged, and we've upgraded to the latest Cypress, any changes will regress the alert.

Suggested change
- Upgraded [`@cypress/request`](https://www.npmjs.com/package/@cypress/request) from `^2.8.11` to `^3.0.0` and [`@cypress/request-promise`](https://www.npmjs.com/package/@cypress/request-promise) from `4.2.6` to `4.2.7`. Addressed in [#27495](https://github.com/cypress-io/cypress/pull/27495).
- Upgraded [`@cypress/request`](https://www.npmjs.com/package/@cypress/request) from `^2.88.11` to `^3.0.0` and [`@cypress/request-promise`](https://www.npmjs.com/package/@cypress/request-promise) from `4.2.6` to `4.2.7`. Addressed in [#27495](https://github.com/cypress-io/cypress/pull/27495).

## 12.17.3

_Released 08/01/2023_
Expand Down
2 changes: 1 addition & 1 deletion cli/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
"unit": "cross-env BLUEBIRD_DEBUG=1 NODE_ENV=test mocha --reporter mocha-multi-reporters --reporter-options configFile=../mocha-reporter-config.json"
},
"dependencies": {
"@cypress/request": "^2.88.11",
"@cypress/request": "^3.0.0",
"@cypress/xvfb": "^1.2.4",
"@types/node": "^16.18.39",
"@types/sinonjs__fake-timers": "8.1.1",
Expand Down
4 changes: 2 additions & 2 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,8 +72,8 @@
"devDependencies": {
"@aws-sdk/credential-providers": "3.53.0",
"@cypress/questions-remain": "1.0.1",
"@cypress/request": "^2.88.11",
"@cypress/request-promise": "4.2.6",
"@cypress/request": "^3.0.0",
"@cypress/request-promise": "4.2.7",
"@electron/fuses": "1.6.1",
"@electron/notarize": "^2.1.0",
"@fellow/eslint-plugin-coffee": "0.4.13",
Expand Down
4 changes: 2 additions & 2 deletions packages/https-proxy/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,8 @@
},
"devDependencies": {
"@cypress/debugging-proxy": "2.0.1",
"@cypress/request": "^2.88.11",
"@cypress/request-promise": "4.2.6",
"@cypress/request": "^3.0.0",
"@cypress/request-promise": "4.2.7",
"@packages/network": "0.0.0-development",
"@packages/ts": "0.0.0-development",
"chai": "3.5.0",
Expand Down
4 changes: 2 additions & 2 deletions packages/network/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,8 @@
},
"devDependencies": {
"@cypress/debugging-proxy": "2.0.1",
"@cypress/request": "^2.88.11",
"@cypress/request-promise": "4.2.6",
"@cypress/request": "^3.0.0",
"@cypress/request-promise": "4.2.7",
"@packages/https-proxy": "0.0.0-development",
"@packages/socket": "0.0.0-development",
"@packages/ts": "0.0.0-development",
Expand Down
4 changes: 2 additions & 2 deletions packages/proxy/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,8 @@
"utf8-stream": "0.0.0"
},
"devDependencies": {
"@cypress/request": "^2.88.11",
"@cypress/request-promise": "4.2.6",
"@cypress/request": "^3.0.0",
"@cypress/request-promise": "4.2.7",
"@cypress/sinon-chai": "2.9.1",
"@packages/resolve-dist": "0.0.0-development",
"@packages/rewriter": "0.0.0-development",
Expand Down
2 changes: 1 addition & 1 deletion packages/rewriter/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
"recast": "0.20.4"
},
"devDependencies": {
"@cypress/request-promise": "4.2.6",
"@cypress/request-promise": "4.2.7",
"@types/parse5-html-rewriting-stream": "5.1.1",
"fs-extra": "9.1.0",
"nock": "13.2.9",
Expand Down
6 changes: 3 additions & 3 deletions packages/server/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,8 @@
"@benmalka/foxdriver": "0.4.1",
"@cypress/commit-info": "2.2.0",
"@cypress/get-windows-proxy": "1.6.2",
"@cypress/request": "^2.88.11",
"@cypress/request-promise": "4.2.6",
"@cypress/request": "^3.0.0",
"@cypress/request-promise": "4.2.7",
"@cypress/vite-dev-server": "0.0.0-development",
"@cypress/webpack-batteries-included-preprocessor": "0.0.0-development",
"@cypress/webpack-dev-server": "0.0.0-development",
Expand Down Expand Up @@ -217,4 +217,4 @@
"fsevents": "^2",
"registry-js": "1.15.0"
}
}
}
4 changes: 2 additions & 2 deletions system-tests/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,8 @@
"@cypress/commit-info": "2.2.0",
"@cypress/debugging-proxy": "2.0.1",
"@cypress/json-schemas": "5.39.0",
"@cypress/request": "^2.88.11",
"@cypress/request-promise": "4.2.6",
"@cypress/request": "^3.0.0",
"@cypress/request-promise": "4.2.7",
"@cypress/sinon-chai": "2.9.1",
"@cypress/webpack-preprocessor": "0.0.0-development",
"@ffprobe-installer/ffprobe": "1.1.0",
Expand Down
45 changes: 34 additions & 11 deletions yarn.lock
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2350,20 +2350,20 @@
dependencies:
popper.js "^1.15.0"

"@cypress/request-promise@4.2.6":
version "4.2.6"
resolved "https://registry.yarnpkg.com/@cypress/request-promise/-/request-promise-4.2.6.tgz#e1d2a6c69bddc1f68fe70855f5c2d3d5fe800819"
integrity sha512-mdjZxp4V5x6I8kTZS2yX6IlmsFpfhvPPJqvrU3QI+hTEHP/HqECu048YOY/1aSudc9BCfb0jIN/8vdno+a5E6g==
"@cypress/request-promise@4.2.7":
version "4.2.7"
resolved "https://registry.yarnpkg.com/@cypress/request-promise/-/request-promise-4.2.7.tgz#5c3655e2be8a716513ecef74a61421e5e23d57ce"
integrity sha512-OyRX90Hj+3/Vbn3F2GgoIX+r+ePQ7KhZPcHdhIEEnGwxIpSUWWJRP0q5eKma+ssEO9OGpgfEVQ17dcT5FEstxQ==
dependencies:
bluebird "^3.5.0"
request-promise-core "1.1.3"
stealthy-require "^1.1.1"
tough-cookie "^2.3.3"
tough-cookie "^4.1.3"

"@cypress/request@^2.88.11":
version "2.88.11"
resolved "https://registry.yarnpkg.com/@cypress/request/-/request-2.88.11.tgz#5a4c7399bc2d7e7ed56e92ce5acb620c8b187047"
integrity sha512-M83/wfQ1EkspjkE2lNWNV5ui2Cv7UCv1swW1DqljahbzLVWltcsexQh8jYtuS/vzFXP+HySntGM83ZXA9fn17w==
"@cypress/request@^3.0.0":
version "3.0.0"
resolved "https://registry.yarnpkg.com/@cypress/request/-/request-3.0.0.tgz#7f58dfda087615ed4e6aab1b25fffe7630d6dd85"
integrity sha512-GKFCqwZwMYmL3IBoNeR2MM1SnxRIGERsQOTWeQKoYBt2JLqcqiy7JXqO894FLrpjZYqGxW92MNwRH2BN56obdQ==
dependencies:
aws-sign2 "~0.7.0"
aws4 "^1.8.0"
Expand All @@ -2380,7 +2380,7 @@
performance-now "^2.1.0"
qs "~6.10.3"
safe-buffer "^5.1.2"
tough-cookie "~2.5.0"
tough-cookie "^4.1.3"
tunnel-agent "^0.6.0"
uuid "^8.3.2"

Expand Down Expand Up @@ -28634,6 +28634,16 @@ tough-cookie@^2.3.3, tough-cookie@^2.5.0, tough-cookie@~2.5.0:
psl "^1.1.28"
punycode "^2.1.1"

tough-cookie@^4.1.3:
version "4.1.3"
resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-4.1.3.tgz#97b9adb0728b42280aa3d814b6b999b2ff0318bf"
integrity sha512-aX/y5pVRkfRnfmuX+OdbSdXvPe6ieKX/G2s7e98f4poJHnqH3281gDPm/metm6E/WRamfx7WC4HUqkWHfQHprw==
dependencies:
psl "^1.1.33"
punycode "^2.1.1"
universalify "^0.2.0"
url-parse "^1.5.3"

tr46@^1.0.1:
version "1.0.1"
resolved "https://registry.yarnpkg.com/tr46/-/tr46-1.0.1.tgz#a8b13fd6bfd2489519674ccde55ba3693b706d09"
Expand Down Expand Up @@ -29250,6 +29260,11 @@ universalify@^0.1.0, universalify@^0.1.2:
resolved "https://registry.yarnpkg.com/universalify/-/universalify-0.1.2.tgz#b646f69be3942dabcecc9d6639c80dc105efaa66"
integrity sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg==

universalify@^0.2.0:
version "0.2.0"
resolved "https://registry.yarnpkg.com/universalify/-/universalify-0.2.0.tgz#6451760566fa857534745ab1dde952d1b1761be0"
integrity sha512-CJ1QgKmNg3CwvAv/kOFmtnEN05f0D/cn9QntgNOQlQF9dgvVTHj3t+8JPdjqawCHk7V/KA+fbUqzZ9XWhcqPUg==

universalify@^1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/universalify/-/universalify-1.0.0.tgz#b61a1da173e8435b2fe3c67d29b9adf8594bd16d"
Expand Down Expand Up @@ -29460,14 +29475,22 @@ url-parse-lax@^3.0.0:
dependencies:
prepend-http "^2.0.0"

url-parse@1.5.9, url-parse@^1.4.3, url-parse@^1.4.7:
url-parse@1.5.9:
version "1.5.9"
resolved "https://registry.yarnpkg.com/url-parse/-/url-parse-1.5.9.tgz#05ff26484a0b5e4040ac64dcee4177223d74675e"
integrity sha512-HpOvhKBvre8wYez+QhHcYiVvVmeF6DVnuSOOPhe3cTum3BnqHhvKaZm8FU5yTiOu/Jut2ZpB2rA/SbBA1JIGlQ==
dependencies:
querystringify "^2.1.1"
requires-port "^1.0.0"

url-parse@^1.4.3, url-parse@^1.4.7, url-parse@^1.5.3:
version "1.5.10"
resolved "https://registry.yarnpkg.com/url-parse/-/url-parse-1.5.10.tgz#9d3c2f736c1d75dd3bd2be507dcc111f1e2ea9c1"
integrity sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ==
dependencies:
querystringify "^2.1.1"
requires-port "^1.0.0"

url-regex@^3.0.0:
version "3.2.0"
resolved "https://registry.yarnpkg.com/url-regex/-/url-regex-3.2.0.tgz#dbad1e0c9e29e105dd0b1f09f6862f7fdb482724"
Expand Down
Loading