vue-graphViz
vue-graphViz copied to clipboard
AndrewJakubowicz
Bump engine.io and karma
Bumps engine.io to 6.4.1 and updates ancestor dependency karma. These dependencies need to be updated together.
Updates engine.io from 1.8.3 to 6.4.1
Release notes
Sourced from engine.io's releases.
6.4.1
This release contains 6e78489, which exports the
BaseServerclass in order to restore the compatibility with thenodenextmodule resolution strategy of TypeScript.Reference: https://www.typescriptlang.org/tsconfig/#moduleResolution
Related: socketio/socket.io#4621
Links
- Diff: https://github.com/socketio/engine.io/compare/6.4.0...6.4.1
- Client release: -
- ws version: ~8.11.0 (no change)
6.4.0
Features
- add support for Express middlewares (24786e7)
This commit implements middlewares at the Engine.IO level, because Socket.IO middlewares are meant for namespace authorization and are not executed during a classic HTTP request/response cycle.
A workaround was possible by using the allowRequest option and the "headers" event, but this feels way cleaner and works with upgrade requests too.
Syntax:
engine.use((req, res, next) => { // do somethingnext(); });
// with express-session import session from "express-session";
engine.use(session({ secret: "keyboard cat", resave: false, saveUninitialized: true, cookie: { secure: true } }));
// with helmet import helmet from "helmet";
engine.use(helmet());
Links
... (truncated)
Changelog
Sourced from engine.io's changelog.
6.4.1 (2023-02-20)
This release contains 6e78489, which exports the
BaseServerclass in order to restore the compatibility with thenodenextmodule resolution strategy of TypeScript.Reference: https://www.typescriptlang.org/tsconfig/#moduleResolution
Related: socketio/socket.io#4621
Dependencies
ws@~8.11.0(no change)6.4.0 (2023-02-06)
Features
- add support for Express middlewares (24786e7)
This commit implements middlewares at the Engine.IO level, because Socket.IO middlewares are meant for namespace authorization and are not executed during a classic HTTP request/response cycle.
A workaround was possible by using the allowRequest option and the "headers" event, but this feels way cleaner and works with upgrade requests too.
Syntax:
engine.use((req, res, next) => { // do somethingnext(); });
// with express-session import session from "express-session";
engine.use(session({ secret: "keyboard cat", resave: false, saveUninitialized: true, cookie: { secure: true } }));
// with helmet import helmet from "helmet";
engine.use(helmet());
... (truncated)
Commits
7033c0echore(release): 6.4.16e78489refactor: export BaseServer class (#669)535b068docs: add upgrade event in the documentation898bd1cchore(release): 6.4.06220d14chore(deps): bump cookiejar from 2.1.2 to 2.1.4 (#667)24786e7feat: add support for Express middlewares4d6f454chore(release): 6.3.169603b9refactor: make the compress option optionalae1ea77chore(release): 6.3.0a65a047fix: wait for all packets to be sent before closing the WebSocket connection- Additional commits viewable in compare view
Updates karma from 1.7.1 to 6.4.1
Release notes
Sourced from karma's releases.
v6.4.1
6.4.1 (2022-09-19)
Bug Fixes
- pass integrity value (63d86be)
v6.4.0
6.4.0 (2022-06-14)
Features
v6.3.20
6.3.20 (2022-05-13)
Bug Fixes
v6.3.19
6.3.19 (2022-04-19)
Bug Fixes
- client: error out when opening a new tab fails (099b85e)
v6.3.18
6.3.18 (2022-04-13)
Bug Fixes
- deps: upgrade socket.io to v4.4.1 (52a30bb)
v6.3.17
6.3.17 (2022-02-28)
Bug Fixes
v6.3.16
... (truncated)
Changelog
Sourced from karma's changelog.
6.4.1 (2022-09-19)
Bug Fixes
- pass integrity value (63d86be)
6.4.0 (2022-06-14)
Features
6.3.20 (2022-05-13)
Bug Fixes
6.3.19 (2022-04-19)
Bug Fixes
- client: error out when opening a new tab fails (099b85e)
6.3.18 (2022-04-13)
Bug Fixes
- deps: upgrade socket.io to v4.4.1 (52a30bb)
6.3.17 (2022-02-28)
Bug Fixes
6.3.16 (2022-02-10)
Bug Fixes
- security: mitigate the "Open Redirect Vulnerability" (ff7edbb)
... (truncated)
Commits
0013121chore(release): 6.4.1 [skip ci]63d86befix: pass integrity value84f7cc3chore(release): 6.4.0 [skip ci]f2d0663docs: add integrity parameterdc51a2efeat: support SRI verification of link tags6a54b1cfeat: support SRI verification of script tags5e71cf5chore(release): 6.3.20 [skip ci]e17698ffix: prefer IPv4 addresses when resolving domains60f4f79build: add Node 16 and 18 to the CI matrix6ff5aafchore(release): 6.3.19 [skip ci]- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}