Skip to content

⬆️ Bump nock from 13.0.0 to 13.0.3#10

Merged
wwilsman merged 1 commit into
masterfrom
dependabot/npm_and_yarn/nock-13.0.3
Aug 3, 2020
Merged

⬆️ Bump nock from 13.0.0 to 13.0.3#10
wwilsman merged 1 commit into
masterfrom
dependabot/npm_and_yarn/nock-13.0.3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Aug 3, 2020

Bumps nock from 13.0.0 to 13.0.3.

Release notes

Sourced from nock's releases.

v13.0.3

13.0.3 (2020-07-27)

Bug Fixes

  • data comparison with undefined object values (#2049) (ac6ebbb)

v13.0.2

13.0.2 (2020-07-01)

Bug Fixes

  • intercept: mark Interceptors consumed immediately (#2033) (3b24821)

v13.0.1

13.0.1 (2020-07-01)

Bug Fixes

  • allow Content-Type request introspection when header is an array (#2010) (e432ac5), closes #2009
Commits
  • ac6ebbb fix: data comparison with undefined object values (#2049)
  • a0a7fdf refactor(test): Mocha DSL for default reply headers (#2015)
  • bd1bd71 test(delay): ease assertions on delayed time. (#2047)
  • 76bcff8 chore(deps): bump lodash from 4.17.14 to 4.17.19 (#2044)
  • 749ec7f chore(deps): bump npm from 6.14.5 to 6.14.6 (#2040)
  • 3b24821 fix(intercept): mark Interceptors consumed immediately (#2033)
  • 9be36cf docs: fix wrong typing (#2036)
  • cf3f858 chore(deps-dev): bump eslint-plugin-mocha from 6.3.0 to 7.0.1 (#2034)
  • e432ac5 fix: allow Content-Type request introspection when header is an array (#2010)
  • 0a03796 chore(deps-dev): bump mocha from 7.2.0 to 8.0.1 (#2032)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump nock from 13.0.0 to 13.0.3
6550385 
Bumps [nock](https://github.com/nock/nock) from 13.0.0 to 13.0.3.
- [Release notes](https://github.com/nock/nock/releases)
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md)
- [Commits](nock/nock@v13.0.0...v13.0.3)

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the ⬆️⬇️ dependencies Pull requests that update a dependency file label Aug 3, 2020
@wwilsman wwilsman changed the title Bump nock from 13.0.0 to 13.0.3 ⬆️ Bump nock from 13.0.0 to 13.0.3 Aug 3, 2020
@wwilsman wwilsman merged commit 027ff1e into master Aug 3, 2020
@wwilsman wwilsman deleted the dependabot/npm_and_yarn/nock-13.0.3 branch August 3, 2020 17:24
Manoj-Katta added a commit that referenced this pull request May 13, 2026
@Manoj-Katta @claude
fix(core): harden v143 direct-fetch fallback + rename captureScriptDi…
f0d9c8e 
…rectly (PPLT-4214)

Bundle of ce:review + PR review fixes for the v143 PlzDedicatedWorker direct-fetch
fallback path in network.js. Closes the L755 coverage gap that's been blocking CI
since the unstable worker-based Test D was reverted in 2d48f20.

Renames:
- captureScriptDirectly → captureResourceDirectly. The function captures any
  allowlisted resource that fell through to direct fetch, not just worker scripts;
  the old name was misleading. Module-private; no external callers affected.

Must-fix (P1/P2 production-risk items):
- Cookies: read from network.page.session (full Network domain) instead of the
  triggering session, since worker sessions throw "Internal error" on
  Network.getCookies. Defensive try/catch retained.
- DIRECT_FETCH_TIMEOUT (5s) caps captureResourceDirectly via Promise.race;
  prevents idle() from hanging the full networkIdleWaitTimeout (~30s) when a
  worker host accepts TCP and stalls. (P1 #1)
- makeDirectRequest now returns { body, status }; captureResourceDirectly enforces
  the 25MB MAX_RESOURCE_SIZE guard before saveResource and records the real HTTP
  status instead of hardcoded 200. Font path call site updated to destructure. (P1 #2)
- Direct-fetch gate at _handleLoadingFinished mirrors saveResponseResource's
  disallowedHostnames-then-allowedHostnames precedence; emits a debug log when
  fallback is skipped due to hostname gating. (P2 #10 + C12)
- Authorization header in makeDirectRequest now requires target origin to match
  the page's snapshot origin; prevents Basic-auth credential leak to redirected
  third-party origins. (P2 #11)

Reviewer polish:
- _handleResponsePaused malformed/oversized branch: Fetch.failRequest runs BEFORE
  _forgetRequest so Chrome's Fetch state can't leak paused if failRequest throws.
  Unknown errors trigger a last-resort Fetch.continueResponse to un-pause. Known
  races (ABORTED_MESSAGE / Invalid InterceptionId) remain silent. (P2 #4)
- Unknown errors in _handleResponsePaused failRequest catch and _continueResponse
  catch now log at warn (was debug) for production observability. (P2 #5 + C8)
- _handleResponsePaused: inline comment explaining when the untracked-request
  branch fires (service-worker-fulfilled responses or cleanup races). (C2)
- _handleResponsePaused: url normalization consistent between tracked and
  untracked paths via normalizeURL on the untracked fallback. (C3)
- parseInt now uses explicit radix 10 at both call sites. (C7)
- RESPONSE_RECEIVED_TIMEOUT comment notes the cumulative N*2s worst case. (C9)

Test:
- New deterministic spec "logs gracefully when the direct-fetch fallback fails"
  exercises captureResourceDirectly's catch path by dropping Network.responseReceived
  for a CSS asset (no JS execution, no real worker). Closes the L755 coverage gap.
  (C1 / P1 #3)

Intentionally deferred (reviewer comments replied separately):
- P2 #15 — no-response branch flip-flop predates this PR (commit ae1d388,
  2022-09-21); out of scope.
- P2 #6 — sec-ch-ua hardcoded version is one of several stale literals in the
  makeDirectRequest header block; deferring full audit.
- C4 + S4 — DISABLED_FEATURES extraction; existing block-level comment adequate.
- C5 — percy.test.js timing fix; reviewer pre-approved deferring.
- S2 / S3 — example / reference already present in existing comments.
- Favicon Task A — pending separate investigation of snapshot.test.js timing.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

⬆️⬇️ dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@wwilsman