angular-pizza-creator
angular-pizza-creator copied to clipboard
Published
20 hours ago •
cypress-io
cypress-io
Update dependency karma to v6 [SECURITY]
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| karma (source) | 1.5.0 -> 6.3.16 |
GitHub Vulnerability Alerts
CVE-2022-0437
karma prior to version 6.3.14 contains a cross-site scripting vulnerability.
CVE-2021-23495
Karma before 6.3.16 is vulnerable to Open Redirect due to missing validation of the return_url query parameter.
Release Notes
karma-runner/karma
v6.3.16
Bug Fixes
- security: mitigate the "Open Redirect Vulnerability" (ff7edbb)
v6.3.15
Bug Fixes
- helper: make mkdirIfNotExists helper resilient to concurrent calls (d9dade2), closes /github.com/karma-runner/karma-coverage/issues/434#issuecomment-1017939333
v6.3.14
Bug Fixes
- remove string template from client code (91d5acd)
- warn when
singleRunandautoWatcharefalse(69cfc76) - security: remove XSS vulnerability in
returnUrlquery param (839578c)
v6.3.13
Bug Fixes
v6.3.12
Bug Fixes
- remove depreciation warning from log4js (41bed33)
v6.3.11
Bug Fixes
- deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)
v6.3.10
Bug Fixes
v6.3.9
Bug Fixes
v6.3.8
Bug Fixes
- reporter: warning if stack trace contains generated code invocation (4f23b14)
v6.3.7
Bug Fixes
v6.3.6
Bug Fixes
v6.3.5
Bug Fixes
v6.3.4
Bug Fixes
v6.3.3
Bug Fixes
- server: clean up vestigial code from proxy (#3640) (f4aeac3), closes /tools.ietf.org/html/std66#section-3
v6.3.2
Bug Fixes
v6.3.1
Bug Fixes
- client: error out when opening a new tab fails (099b85e)
v6.3.0
Features
v6.2.0
Features
6.1.2 (2021-03-09)
Bug Fixes
- commitlint: skip task on master (#3650) (3fc6fda)
- patch karma to allow loading virtual packages (#3663) (5bfcf5f)
6.1.1 (2021-02-12)
Bug Fixes
- config: check extension before ts-node register (#3651) (474f4e1), closes #3329
- report launcher process error when exit event is not emitted (#3647) (7ab86be)
v6.1.2
Bug Fixes
- commitlint: skip task on master (#3650) (3fc6fda)
- patch karma to allow loading virtual packages (#3663) (5bfcf5f)
v6.1.1
Bug Fixes
- config: check extension before ts-node register (#3651) (474f4e1), closes #3329
- report launcher process error when exit event is not emitted (#3647) (7ab86be)
v6.1.0
Features
6.0.4 (2021-02-01)
Bug Fixes
- cli: temporarily disable strict parameters validation (#3641) (9c755e0), closes #3625
- client: fix a false positive page reload error in Safari (#3643) (2a57b23)
- ensure that Karma supports running tests on IE 11 (#3642) (dbd1943)
6.0.3 (2021-01-27)
Bug Fixes
6.0.2 (2021-01-25)
Bug Fixes
6.0.1 (2021-01-20)
Bug Fixes
- server: set maxHttpBufferSize to the socket.io v2 default (#3626) (69baddc), closes #3621
- restore
customFileHandlersprovider (#3624) (25d9abb)
v6.0.4
Bug Fixes
- cli: temporarily disable strict parameters validation (#3641) (9c755e0), closes #3625
- client: fix a false positive page reload error in Safari (#3643) (2a57b23)
- ensure that Karma supports running tests on IE 11 (#3642) (dbd1943)
v6.0.3
Bug Fixes
v6.0.2
Bug Fixes
v6.0.1
Bug Fixes
- server: set maxHttpBufferSize to the socket.io v2 default (#3626) (69baddc), closes #3621
- restore
customFileHandlersprovider (#3624) (25d9abb)
v6.0.0
Bug Fixes
- ci: abandon browserstack tests for Safari and IE (#3615) (04a811d)
- client: do not reset karmaNavigating in unload handler (#3591) (4a8178f), closes #3482
- context: do not error when karma is navigating (#3565) (05dc288), closes #3560
- cve: update ua-parser-js to 0.7.23 to fix CVE-2020-7793 (#3584) (f819fa8)
- cve: update yargs to 16.1.1 to fix cve-2020-7774 in y18n (#3578) (3fed0bc), closes #3577
- deps: bump socket-io to v3 (#3586) (1b9e1de), closes #3569
- middleware: catch errors when loading a module (#3605) (fec972f), closes #3572
- server: clean up close-server logic (#3607) (3fca456)
- test: clear up clearContext (#3597) (8997b74)
- test: mark all second connections reconnects (#3598) (1c9c2de)
Features
- cli: error out on unexpected options or parameters (#3589) (603bbc0)
- client: update banner with connection, test status, ping times (#3611) (4bf90f7)
- server: print stack of unhandledrejections (#3593) (35a5842)
- server: remove deprecated static methods (#3595) (1a65bf1)
- remove support for running dart code in the browser (#3592) (7a3bd55)
BREAKING CHANGES
- server: Deprecated
require('karma').server.start()andrequire('karma').Server.start()variants were removed from the public API. Instead use canonical form:
const { Server } = require('karma');
const server = new Server();
server.start();
- cli: Karma is more strict and will error out if unknown option or argument is passed to CLI.
- Using Karma to run Dart code in the browser is no longer supported. Use your favorite Dart-to-JS compiler instead.
dart file type has been removed without a replacement.
customFileHandlers DI token has been removed. Use middleware to achieve similar functionality.
customScriptTypes DI token has been removed. It had no effect, so no replacement is provided.
- deps: Some projects have socket.io tests that are version sensitive.
5.2.3 (2020-09-25)
Bug Fixes
5.2.2 (2020-09-08)
Bug Fixes
5.2.1 (2020-09-02)
Bug Fixes
- remove broken link from docs - 06-angularjs.md (#3555) (da2f307)
- remove unused JSON utilities and flatted dependency (#3550) (beed255)
v5.2.3
Bug Fixes
v5.2.2
Bug Fixes
v5.2.1
Bug Fixes
- remove broken link from docs - 06-angularjs.md (#3555) (da2f307)
- remove unused JSON utilities and flatted dependency (#3550) (beed255)
v5.2.0
Bug Fixes
- client: avoid race between execute and clearContext (#3452) (8bc5b46), closes #3424
- client: check in bundled client code into version control (#3524) (6cd5a3b), closes /github.com/karma-runner/karma/commit/f5521df7df5cd1201b5dce28dc4e326b1ffc41fd#commitcomment-38967493
- dependencies: update dependencies (#3543) (5db46b7)
- docs: Update 03-how-it-works.md (#3539) (e7cf7b1)
- server: log error when file loading or preprocessing fails (#3540) (fc2fd61)
Features
5.1.1 (2020-07-28)
Bug Fixes
v5.1.1
Bug Fixes
v5.1.0
Features
5.0.9 (2020-05-19)
Bug Fixes
5.0.8 (2020-05-18)
Bug Fixes
- dependencies: update and unlock socket.io dependency (#3513) (b60391f)
- dependencies: update to latest log4js major (#3514) (47f1cb2)
5.0.7 (2020-05-16)
Bug Fixes
5.0.6 (2020-05-16)
Bug Fixes
5.0.5 (2020-05-07)
Bug Fixes
5.0.4 (2020-04-30)
Bug Fixes
5.0.3 (2020-04-29)
Bug Fixes
5.0.2 (2020-04-16)
Bug Fixes
5.0.1 (2020-04-10)
Bug Fixes
v5.0.9
Bug Fixes
v5.0.8
Bug Fixes
- dependencies: update and unlock socket.io dependency (#3513) (b60391f)
- dependencies: update to latest log4js major (#3514) (47f1cb2)
v5.0.7
Bug Fixes
v5.0.6
Bug Fixes
v5.0.5
Bug Fixes
v5.0.4
Bug Fixes
v5.0.3
Bug Fixes
v5.0.2
Bug Fixes
v5.0.1
Bug Fixes
v5.0.0
Bug Fixes
- install semantic-release as a regular dev dependency (#3455) (1eaf35e)
- ci: echo travis env that gates release after_success (#3446) (b8b2ed8)
- ci: poll every 10s to avoid rate limit. (#3388) (91e7e00)
- middleware/runner: handle file list rejections (#3400) (80febfb), closes #3396 #3396
- server: cleanup import of the removed method (#3439) (cb1bcbf)
- server: createPreprocessor was removed (#3435) (5c334f5)
- server: detection new MS Edge Chromium (#3440) (7166ce2)
- server: replace optimist on yargs lib (#3451) (ec1e69a), closes #2473
- server: Report original error message (#3415) (79ee331), closes #3414
Code Refactoring
- use native Promise instead of Bluebird (#3436) (33a069f), closes /github.com/karma-runner/karma/pull/3060#discussion_r284797390
Continuous Integration
Features
- docs: document
DEFAULT_LISTEN_ADDRconstant (#3443) (057d527), closes #2479 - karma-server: added log to the server.js for uncaught exception (#3399) (adc6a66)
- preprocessor: obey Pattern.isBinary when set (#3422) (708ae13), closes #3405
BREAKING CHANGES
- Karma plugins which rely on the fact that Karma uses Bluebird promises may break as Bluebird-specific API is no longer available on Promises returned by the Karma core
- server: Deprecated createPreprocessor removed, karma-browserify < 7 version doesn't work
- no more testing on node 8.
4.4.1 (2019-10-18)
Bug Fixes
- deps: back to karma-browserstack-launcher 1.4 (#3361) (1cd87ad)
- server: Add test coverage for config.singleRun true branch. (#3384) (259be0d)
- if preprocessor is async function and doesn't return a content then await donePromise (#3387) (f91be24)
v4.4.1
Bug Fixes
- deps: back to karma-browserstack-launcher 1.4 (#3361) (1cd87ad)
- server: Add test coverage for config.singleRun true branch. (#3384) (259be0d)
- if preprocessor is async function and doesn't return a content then await donePromise (#3387) (f91be24)
v4.4.0
Bug Fixes
Features
- client: Add trusted types support (#3360) (019bfd4)
- Preprocessor can return Promise (#3376) (3ffcd83)
- config: add failOnSkippedTests option. (#3374) (4ed3af0)
- config: clientDisplayNone sets client elements display none. (#3348) (6235e68)
- deps: Remove core-js dependency. (#3379) (0d70809)
v4.3.0
Bug Fixes
- build: switch from yarn to package-lock.json (#3351) (6c5add2)
- config: Simpilfy error proceesing. (#3345) (582a406), closes #3339
- deps: lodash update. (#3341) (5614c04)
- server: Simplify 'dom' inclusion. (#3356) (5f13e11)
- test:
test:clientsilently failing on Travis (#3343) (1489e9a), closes /travis-ci.org/karma-runner/karma/jobs/537027667#L1046 - travis: Pin to trusty (#3347) (1c6c690)
Features
- async: frameworks can be loaded asynchronously (#3297) (177e2ef), closes #851
- config: socket.io server pingTimeout config option. (#3355) (817fbbd)
- preprocessor: preprocessor_priority execution order. (#3303) (c5f3560)
- runner: feat(runner): (62d4c5a), closes #2121 #2799 #2121 #2799
v4.2.0
Bug Fixes
- logging: Util inspect for logging the config. (#3332) (70b72a9)
- reporter: format stack with 1-based column (#3325) (182c04d), closes #3324
- server: Add error handler for webserver socket. (#3300) (fe9a1dd)
v4.1.0
Bug Fixes
- client: Enable loading different file types when running in parent mode without iframe (#3289) (7968db6)
- client: Only create the funky object if message is not a string (#3298) (ce6825f), closes #3296
- launcher: Log state transitions in debug (#3294) (6556ab4), closes #3290
- middleware: log invalid filetype (#3292) (7eb48c5), closes #3291
4.0.1 (2019-02-28)
Bug Fixes
- browser: allow updating total specs count (#3264) (d5df723)
- remove vulnerable dependency combine-lists (#3273) (c43f584), closes #3265
- remove vulnerable dependency expand-braces (#3270) (4ec4f6f), closes #3268 #3269
- filelist: correct logger name. (#3262) (375bb5e)
- launcher: Debug Child Processes exit signal (#3259) (c277a6b)
v4.0.1
Bug Fixes
- browser: allow updating total specs count (#3264) (d5df723)
- remove vulnerable dependency combine-lists (#3273) (c43f584), closes #3265
- remove vulnerable dependency expand-braces (#3270) (4ec4f6f), closes #3268 #3269
- filelist: correct logger name. (#3262) (375bb5e)
- launcher: Debug Child Processes exit signal (#3259) (c277a6b)
v4.0.0
Bug Fixes
- client: fix issue with loaded on safari 10 (#3252) (571191c), closes #3198
- config: add test:unit npm script (#3242) (02f071d)
Chores
BREAKING CHANGES
- Drop Support for Node 6, to make it possible to use async/await in karma codebase.
3.1.4 (2018-12-17)
Bug Fixes
- file-list: revert "do not preprocess up-to-date files" (#3226) (#3230) (bb022a7)
- improve error msg when bin is a directory (#3231) (584dddc)
- restarted browsers not running tests (#3233) (cc2eff2)
3.1.3 (2018-12-01)
Bug Fixes
3.1.2 (2018-12-01)
Bug Fixes
- browser: report errors to console during singleRun=false (#3209) (30ff73b), closes #3131
- changelog: remove release which does not exist (#3214) (4e87902)
- dep: Bump useragent to fix HeadlessChrome version (#3201) (240209f), closes #2762
- deps: upgrade sinon-chai 2.x -> 3.x (#3207) (dc5f5de)
- file-list: do not preprocess up-to-date files (#3196) (5334d1a), closes #2829
- package: bump lodash version (#3203) (d38f344), closes #3177
- server: use flatted for json.stringify (#3220) (fb05fb1), closes #3215
Features
3.1.1 (2018-10-23)
Bug Fixes
v3.1.4
Bug Fixes
- file-list: revert "do not preprocess up-to-date files" (#3226) (#3230) (bb022a7)
- improve error msg when bin is a directory (#3231) (584dddc)
- restarted browsers not running tests (#3233) (cc2eff2)
v3.1.3
Bug Fixes
v3.1.2
Bug Fixes
- browser: report errors to console during singleRun=false ([#3209](https:/
Configuration
📅 Schedule: "" in timezone America/New_York.
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, click this checkbox.
This PR has been generated by Mend Renovate. View repository job log here.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}