Skip to content

Bump happy-dom from 20.0.0 to 20.0.2 #35677

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 15, 2025
Merged

Bump happy-dom from 20.0.0 to 20.0.2 #35677

merged 1 commit into from
Oct 15, 2025
+12 −12

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 15, 2025

Bumps happy-dom from 20.0.0 to 20.0.2.

Release notes

Sourced from happy-dom's releases.

v20.0.2

👷‍♂️ Patch fixes

  • Adds frozen intrinsics flag to workers in @happy-dom/server-renderer - By @​capricorn86 in task #1934

v20.0.1

👷‍♂️ Patch fixes

  • Adds warning for environment with unfrozen intrinsics (builtins) when JavaScript evaluation is enabled- By @​capricorn86 in task #1932
    • A security advisory has been reported showing that the recommended preventive measure of running Node.js with --disallow-code-generation-from-strings wasn't enough to protect against attackers escaping the VM context and accessing process-level functions. Big thanks to @​cristianstaicu for reporting this!
    • The documentation for how to run Happy DOM with JavaScript evaluation enabled in a safer way has been updated. Read more about it in the Wiki
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump happy-dom from 20.0.0 to 20.0.2
a40f8a9 
Bumps [happy-dom](https://github.com/capricorn86/happy-dom) from 20.0.0 to 20.0.2.
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](capricorn86/happy-dom@v20.0.0...v20.0.2)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-version: 20.0.2
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Oct 15, 2025
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Oct 15, 2025
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Oct 15, 2025
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Oct 15, 2025
@techknowlogick techknowlogick merged commit 990201d into main Oct 15, 2025
27 checks passed
@GiteaBot GiteaBot added this to the 1.26.0 milestone Oct 15, 2025
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/happy-dom-20.0.2 branch October 15, 2025 23:07
zjjhot added a commit to zjjhot/gitea that referenced this pull request Oct 16, 2025
@zjjhot
Merge remote-tracking branch 'giteaofficial/main'
c2a80d6 
* giteaofficial/main:
  Bump happy-dom from 20.0.0 to 20.0.2 (go-gitea#35677)
  Fix missing Close when error occurs and abused connection pool (go-gitea#35658)
  Upgrade to go 1.25.3 (go-gitea#35656)
  Always create Actions logs stepsContainer (go-gitea#35654)
  Fix a bug missed return (go-gitea#35655)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lunny lunny lunny approved these changes

@techknowlogick techknowlogick techknowlogick approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/dependencies

Projects

None yet

Milestone

1.26.0

Development

Successfully merging this pull request may close these issues.

3 participants

@lunny @techknowlogick @GiteaBot