create-elm-app icon indicating copy to clipboard operation
create-elm-app copied to clipboard

Published 20 hours ago verified publisher icon halfzebra

feat(package.json): Update dependency sockjs-client to v1.6.1

Open renovate[bot] opened this issue 5 years ago • 0 comments

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
sockjs-client (source) 1.4.0 -> 1.6.1 age adoption passing confidence

Release Notes

sockjs/sockjs-client

v1.6.1

Compare Source

== Fixes

  • Update eventsource to 2.0.2 due to CVE-2022-1650. Fixes #​590
  • Update minimist to 1.2.6. Fixes #​585

v1.6.0

Compare Source

== Fixes

  • Remove agent: false to allow usage of globalAgent. Fixes #​421

dependencies

  • Update url-parse due to CVE-2022-0686, CVE-2022-0639, and CVE-2022-0512. Fixes #​576
  • Remove json3 dependency. Fixes #​476
  • Update eventsource to 1.1.0
  • Update faye-websocket to 0.11.4
  • Update debug to 3.2.7

devDependencies

  • Update follow-redirects (devDep) due to CVE-2022-0536 and CVE-2022-0155
  • Update karma (devDep) due to CVE-2022-0437
  • Update cached-path-relative (devDep) due to CVE-2021-23518
  • Update fsevents (devDep) to fix:
    • ini CVE-2020-7788
    • minimist CVE-2020-7598
    • tar CVE-2021-37713, CVE-2021-37701, CVE-2021-32804, CVE-2021-32803
  • Update copy-props (devDep) due to CVE-2020-28503
  • Update eslint, mocha, gulp-replace, karma-browserify, gulp-sourcemaps, and browserify

Other Changes

  • Remove bower
  • Remove Travis CI
  • Require Node.js 12

v1.5.2

Compare Source

==

  • Update url-parse due to CVE-2021-3664.

v1.5.1

Compare Source

==

  • Update url-parse due to CVE-2021-27515.

v1.5.0

Compare Source

==

  • Update url-parse, kind-of, minimist, websocket-extensions due to security vulnerabilies.
  • Update dev dependencies.
  • Allow loopback address hostnames on a secure page. Fixes #​486
  • Enable eventsource transport for node.js clients.

Configuration

📅 Schedule: Branch creation - "after 10pm every weekday,before 5am every weekday,every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled due to failing status checks.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • [ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.

renovate[bot] avatar Sep 29 '20 00:09 renovate[bot]