Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump tough-cookie, jest and jest-puppeteer #1837

Merged
merged 2 commits into from
Jun 18, 2024
Merged

chore(deps): bump tough-cookie, jest and jest-puppeteer #1837

merged 2 commits into from
Jun 18, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 12, 2024
edited
Loading

Bumps tough-cookie to 4.1.4 and updates ancestor dependencies tough-cookie, jest, jest-puppeteer. These dependencies need to be updated together.

Updates tough-cookie from 2.5.0 to 4.1.4

Release notes

Sourced from tough-cookie's releases.

v4.1.4

https://www.npmjs.com/package/tough-cookie/v/4.1.4

What's Changed

New Contributors

Full Changelog: salesforce/tough-cookie@v4.1.3...v4.1.4

4.1.3

Security fix for Prototype Pollution discovery in #282. This is a minor release, although output from the inspect utility is affected by this change, we felt this change was important enough to be pushed into the next patch.

4.1.2 -- Patch and Bugfix Release

What's Changed

Full Changelog: salesforce/tough-cookie@v4.1.1...v4.1.2

4.1.1

Patch Release

What's Changed

Full Changelog: salesforce/tough-cookie@v4.1.0...v4.1.1

4.1.0

v4.1.0

Minor release, focused mainly on resolving reported issues and some minor feature work.

What's Changed

... (truncated)

Commits
  • cacbc37 Bump version to 4.1.4
  • a48fb3a Add tests for url validation
  • 50e69bf Merge pull request #261 from postmanlabs/fix/url-string-validation
  • 1253d58 Merge pull request #409 from corvidism/validators-to-string
  • 238367e Add local alias for toString
  • 4ff4d29 4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)
  • 12d4747 Prevent prototype pollution in cookie memstore (#283)
  • f06b72d Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...
  • cf6debd Fix incorrect string validation for URL
  • b1a8898 fix: allow set cookies with localhost (#253)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ccasey, a new releaser for tough-cookie since your current version.


Updates jest from 24.9.0 to 29.7.0

Release notes

Sourced from jest's releases.

v29.7.0

Features

  • [create-jest] Add npm init / yarn create initialiser for Jest projects (#14465)
  • [jest-validate] Allow deprecation warnings for unknown options (#14499)

Fixes

  • [jest-resolver] Replace unmatched capture groups in moduleNameMapper with empty string instead of undefined (#14507)
  • [jest-snapshot] Allow for strings as well as template literals in inline snapshots (#14465)
  • [@jest/test-sequencer] Calculate test runtime if perStats.duration is missing (#14473)

Performance

  • [@jest/create-cache-key-function] Cache access of NODE_ENV and BABEL_ENV (#14455)

Chore & Maintenance

  • [jest-cli] Move internal config initialisation logic to the create-jest package (#14465)

New Contributors

Full Changelog: jestjs/jest@v29.6.4...v29.7.0

v29.6.4

Fixes

  • [jest-core] Fix typo in scheduleAndRun performance marker (#14434)
  • [jest-environment-node] Make sure atob and btoa are writeable in Node 20 (#14446)
  • [jest-worker] Additional error wrapper for parentPort.postMessage to fix unhandled DataCloneError. (#14437)

New Contributors

Full Changelog: jestjs/jest@v29.6.3...v29.6.4

v29.6.3

Fixes

  • [expect, @jest/expect-utils] ObjectContaining support symbol as key (#14414)
  • [expect] Remove @types/node from dependencies (#14385)
  • [jest-core] Use workers in watch mode by default to avoid crashes (#14059 & #14085).
  • [jest-reporters] Update istanbul-lib-instrument dependency to v6. (#14401)
  • [jest-mock] Revert #13692 as it was a breaking change (#14429)
  • [jest-mock] Revert #13866 as it was a breaking change (#14429)

... (truncated)

Changelog

Sourced from jest's changelog.

29.7.0

Features

  • [create-jest] Add npm init / yarn create initialiser for Jest projects (#14465)
  • [jest-validate] Allow deprecation warnings for unknown options (#14499)

Fixes

  • [jest-resolver] Replace unmatched capture groups in moduleNameMapper with empty string instead of undefined (#14507)
  • [jest-snapshot] Allow for strings as well as template literals in inline snapshots (#14465)
  • [@jest/test-sequencer] Calculate test runtime if perStats.duration is missing (#14473)

Performance

  • [@jest/create-cache-key-function] Cache access of NODE_ENV and BABEL_ENV (#14455)

Chore & Maintenance

  • [jest-cli] Move internal config initialisation logic to the create-jest package (#14465)

29.6.4

Fixes

  • [jest-core] Fix typo in scheduleAndRun performance marker (#14434)
  • [jest-environment-node] Make sure atob and btoa are writeable in Node 20 (#14446)
  • [jest-worker] Additional error wrapper for parentPort.postMessage to fix unhandled DataCloneError. (#14437)

29.6.3

Fixes

  • [expect, @jest/expect-utils] ObjectContaining support sumbol as key (#14414)
  • [expect] Remove @types/node from dependencies (#14385)
  • [jest-core] Use workers in watch mode by default to avoid crashes (#14059 & #14085).
  • [jest-reporters] Update istanbul-lib-instrument dependency to v6. (#14401)
  • [jest-mock] Revert #13692 as it was a breaking change (#14429)
  • [jest-mock] Revert #13866 as it was a breaking change (#14429)
  • [jest-mock] Revert #13867 as it was a breaking change (#14429)
  • [@jest/reporters] Marks Reporter's hooks as optional (#14433)
  • [jest-runtime] Fix dynamic ESM import module bug when loaded module through jest.isolateModulesAsync (#14397)

Chore & Maintenance

  • [jest-changed-files, jest-circus, jest-console, @jest/core, @jest/runtime, @jest/transform] Use invariant and notEmpty from jest-util rather than own internal (#14366)

29.6.2

Fixes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by simenb, a new releaser for jest since your current version.


Updates jest-puppeteer from 4.4.0 to 10.0.1

Release notes

Sourced from jest-puppeteer's releases.

v10.0.1

Bug Fixes

v10.0.0

Features

BREAKING CHANGES

  • Drop Node.js v16 support.

v9.0.2

Bug Fixes

v9.0.1

Bug Fixes

  • fix compatibility with Puppeteer v21 (#566) (5cfee1f)

v9.0.0

Bug Fixes

  • expect-puppeteer: fix addSnapshotSerializer usage (826fd31), closes #552
  • jest-dev-server: no default host (c35e403)
  • jest-dev-server: properly detect if port is used, using both config.port and config.host options. (351720a), closes #555
  • types: fix environment global types (fb691f7)
  • types: fix missing jestPuppeteer global before setup (37e2294)

Features

  • drop Node.js v14 support (d7d9833)

... (truncated)

Changelog

Sourced from jest-puppeteer's changelog.

10.0.1 (2024-02-15)

Note: Version bump only for package jest-puppeteer

10.0.0 (2024-02-10)

Note: Version bump only for package jest-puppeteer

9.0.2 (2023-12-06)

Note: Version bump only for package jest-puppeteer

9.0.1 (2023-10-01)

Bug Fixes

  • fix compatibility with Puppeteer v21 (#566) (5cfee1f)

9.0.0 (2023-05-24)

Features

  • drop Node.js v14 support (d7d9833)

BREAKING CHANGES

  • drop Node.js v14 support

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jun 12, 2024
@jisted-scottlogic jisted-scottlogic force-pushed the dependabot/npm_and_yarn/multi-d2978de447 branch from ec082aa to b8728b2 Compare June 13, 2024 11:16
@jisted-scottlogic jisted-scottlogic changed the title chore(deps): bump tough-cookie, jest, jest-puppeteer and jsdom chore(deps): bump tough-cookie, jest and jest-puppeteer Jun 13, 2024
@jisted-scottlogic
Copy link
Contributor

jisted-scottlogic commented Jun 13, 2024
edited
Loading

This was just an automatically generated dependabot one but because it was a big version bump there were some breaking changes that I had to intervene with:

  • "jest-environment-jsdom" is no longer provided automatically and needed to be added in manually.
  • the test environment now seems to need setting explicitly (testEnvironment: 'jsdom')

JSDOM also will need updating (dependabot will probably create a PR for it) but wasn't done here as it introduced more problems. The version we currently have seems to be compatible for now with these other updates.

bethpritchard
bethpritchard reviewed Jun 13, 2024
View reviewed changes
.github/workflows/development.yml Outdated
@@ -23,7 +23,7 @@ jobs:
node-version: 21.7.3

- name: "Install dependencies"
run: npm ci
run: npm ci --include=optional
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this needed?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we need something like this in order to run the github actions now (to include the "nx-linux-x64-gnu" here and not locally) but I'm just going to double check it's necessary.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay apparently I'm full of it it, might have been something else that needed this. Removed now!

@bethpritchard
Copy link
Contributor

@dependabot rebase

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Jun 17, 2024

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@bethpritchard
Copy link
Contributor

@dependabot recreate

@dependabot
chore(deps): bump tough-cookie, jest, jest-puppeteer and jsdom
abf3ad3 
Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) to 4.1.4 and updates ancestor dependencies [tough-cookie](https://github.com/salesforce/tough-cookie), [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest), [jest-puppeteer](https://github.com/argos-ci/jest-puppeteer/tree/HEAD/packages/jest-puppeteer) and [jsdom](https://github.com/jsdom/jsdom). These dependencies need to be updated together.


Updates `tough-cookie` from 2.5.0 to 4.1.4
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v2.5.0...v4.1.4)

Updates `jest` from 24.9.0 to 29.7.0
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v29.7.0/packages/jest)

Updates `jest-puppeteer` from 4.4.0 to 10.0.1
- [Release notes](https://github.com/argos-ci/jest-puppeteer/releases)
- [Changelog](https://github.com/argos-ci/jest-puppeteer/blob/main/packages/jest-puppeteer/CHANGELOG.md)
- [Commits](https://github.com/argos-ci/jest-puppeteer/commits/v10.0.1/packages/jest-puppeteer)

Updates `jsdom` from 9.12.0 to 24.1.0
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/main/Changelog.md)
- [Commits](jsdom/jsdom@9.12.0...24.1.0)

---
updated-dependencies:
- dependency-name: tough-cookie
  dependency-type: indirect
- dependency-name: jest
  dependency-type: direct:development
- dependency-name: jest-puppeteer
  dependency-type: direct:development
- dependency-name: jsdom
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-d2978de447 branch from f8b00cf to abf3ad3 Compare June 18, 2024 09:27
@jisted-scottlogic jisted-scottlogic merged commit b437829 into master Jun 18, 2024
2 checks passed
@jisted-scottlogic jisted-scottlogic deleted the dependabot/npm_and_yarn/multi-d2978de447 branch June 18, 2024 10:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jisted-scottlogic jisted-scottlogic jisted-scottlogic left review comments

@bethpritchard bethpritchard bethpritchard approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@jisted-scottlogic @bethpritchard