[Snyk] Upgrade puppeteer from 2.1.1 to 13.4.0

[snyk-bot]

Snyk has created this PR to upgrade puppeteer from 2.1.1 to 13.4.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 48 versions ahead of your current version.
• The recommended version was released a month ago, on 2022-02-22.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-MINIMIST-559764	387/1000 Why? Proof of Concept exploit, CVSS 5.6	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	387/1000 Why? Proof of Concept exploit, CVSS 5.6	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: puppeteer

• 13.4.0 - 2022-02-22

  Features

  • add support for async waitForTarget (#7885) (dbf0639)
  • export Frame._client through getter (#8041) (e9278fc)
  • HTTPResponse: expose timing information (#8025) (30b3d49)

  Bug Fixes

  • change kill to signal the whole process group to terminate (#6859) (0eb9c78)
  • element screenshot issue in headful mode (#8018) (5346e70), closes #7999
  • ensure dom binding is not called after detach (#8024) (5c308b0), closes #7814
  • use both __dirname and require.resolve to support different bundlers (#8046) (e6a6295), closes #8044
• 13.3.2 - 2022-02-14

  Bug Fixes

  • always use ENV executable path when present (#7985) (6d6ea9b)
  • use require.resolve instead of __dirname (#8003) (bbb186d)
• 13.3.1 - 2022-02-10

  Bug Fixes

  • puppeteer: revert: esm modules (#7986) (179eded)
• 13.3.0 - 2022-02-09

  Features

  • puppeteer: export esm modules in package.json (#7964) (523b487)
• 13.2.0 - 2022-02-07

  Features

  • add more models to DeviceDescriptors (#7904) (6a655cb)
  • chromium: roll to Chromium 99.0.4844.16 (r961656) (#7960) (96c3f94)

  Bug Fixes

  • make projectRoot optional in Puppeteer and launchers (#7967) (9afdc63)
  • migrate more files to strict-mode TypeScript (#7950) (aaac8d9)
  • typos in documentation (#7968) (41ab4e9)
• 13.1.3 - 2022-01-31

  Bug Fixes

  • issue with reading versions.js in doclint (#7940) (06ba963)
  • make more files work in strict-mode TypeScript (#7936) (0636513)
  • page.pdf producing an invalid pdf (#7868) (afea509), closes #7757
• 13.1.2 - 2022-01-25

  Bug Fixes

  • package.json: update node-fetch package (#7924) (e4c48d3)
  • types in Browser.ts to be compatible with strict mode Typescript (#7918) (a8ec0aa), closes #6769
  • types in Connection.ts to be compatible with strict mode Typescript (#7919) (d80d602), closes #6769
• 13.1.1 - 2022-01-18

  Bug Fixes

  • use content box for OOPIF offset calculations (#7911) (344feb5)
• 13.1.0 - 2022-01-17

  Features

  • chromium: roll to Chromium 98.0.4758.0 (r950341) (#7907) (a55c86f)

  Bug Fixes

  • apply OOPIF offsets to bounding box and box model calls (#7906) (a566263)
  • correctly compute clickable points for elements inside OOPIFs (#7900) (486bbe0), closes #7849
  • error for pre-existing OOPIFs (#7899) (d7937b8), closes #7844 #7896
• 13.0.1 - 2021-12-22

  Bug Fixes

  • disable a test failing on Firefox (#7846) (36207c5)
  • make sure ElementHandle.waitForSelector is evaluated in the right context (#7843) (8d8e874)
  • predicate arguments for waitForFunction (#7845) (1c44551), closes #7836
• 13.0.0 - 2021-12-10
• 12.0.1 - 2021-11-29
• 12.0.0 - 2021-11-27
• 11.0.0 - 2021-11-03
• 10.4.0 - 2021-09-21
• 10.2.0 - 2021-08-04
• 10.1.0 - 2021-06-29
• 10.0.0 - 2021-05-31
• 9.1.1 - 2021-05-05
• 9.1.0 - 2021-05-03
• 9.0.0 - 2021-04-21
• 8.0.0 - 2021-02-26
• 7.1.0 - 2021-02-12
• 7.0.4 - 2021-02-09
• 7.0.3 - 2021-02-09
• 7.0.2 - 2021-02-09
• 7.0.1 - 2021-02-04
• 7.0.0 - 2021-02-03
• 6.0.0 - 2021-02-02
• 5.5.0 - 2020-11-16
• 5.4.1 - 2020-10-27
• 5.4.0 - 2020-10-23
• 5.3.1 - 2020-09-22
• 5.3.0 - 2020-09-11
• 5.2.1 - 2020-07-21
• 5.2.0 - 2020-07-17
• 5.1.0 - 2020-07-13
• 5.0.0 - 2020-07-02
• 4.0.1 - 2020-06-24
• 4.0.0 - 2020-06-15
• 3.3.0 - 2020-06-02

  Features

  • puppeteer: export esm modules in package.json (#7964) (523b487)
• 3.2.0 - 2020-05-29

  Features

  • add more models to DeviceDescriptors (#7904) (6a655cb)
  • chromium: roll to Chromium 99.0.4844.16 (r961656) (#7960) (96c3f94)

  Bug Fixes

  • make projectRoot optional in Puppeteer and launchers (#7967) (9afdc63)
  • migrate more files to strict-mode TypeScript (#7950) (aaac8d9)
  • typos in documentation (#7968) (41ab4e9)
• 3.1.0 - 2020-05-18

  Features

  • chromium: roll to Chromium 98.0.4758.0 (r950341) (#7907) (a55c86f)

  Bug Fixes

  • apply OOPIF offsets to bounding box and box model calls (#7906) (a566263)
  • correctly compute clickable points for elements inside OOPIFs (#7900) (486bbe0), closes #7849
  • error for pre-existing OOPIFs (#7899) (d7937b8), closes #7844 #7896
• 3.0.4 - 2020-05-07
• 3.0.3 - 2020-05-06
• 3.0.2 - 2020-04-28
• 3.0.1 - 2020-04-22

  Bug Fixes

  • disable a test failing on Firefox (#7846) (36207c5)
  • make sure ElementHandle.waitForSelector is evaluated in the right context (#7843) (8d8e874)
  • predicate arguments for waitForFunction (#7845) (1c44551), closes #7836
• 3.0.0 - 2020-04-16
• 2.1.1 - 2020-02-05

from puppeteer GitHub release notes

Commit messages

Package name: puppeteer

• 7f47c81 chore(release): mark v13.4.0 (#8052)
• e6a6295 fix: use both __dirname and require.resolve to support different bundlers (#8046)
• 5ad3434 chore(deps-dev): bump @ typescript-eslint/eslint-plugin (#8048)
• 283ff05 chore(deps-dev): bump @ typescript-eslint/parser from 5.12.0 to 5.12.1 (#8049)
• 66139ed chore(deps-dev): bump @ types/node from 17.0.18 to 17.0.19 (#8047)
• e9278fc feat: export `Frame._client` through getter (#8041)
• c5e01ef chore: update typescript to v4.5.5 (#8042)
• f0a2b51 chore(deps-dev): bump eslint-config-prettier from 8.3.0 to 8.4.0 (#8038)
• 936bcc9 chore(deps-dev): bump @ types/ws from 8.2.2 to 8.2.3 (#8039)
• 131924f chore(deps-dev): bump mocha from 9.2.0 to 9.2.1 (#8037)
• dbf0639 feat: add support for async waitForTarget (#7885)
• 543a4d4 chore: remove console.error (#7883)
• 05f9009 chore(deps): bump github/codeql-action from 1.1.0 to 1.1.2 (#8034)
• 05e5dfa chore(deps): bump ossf/scorecard-action from 1.0.3 to 1.0.4 (#8035)
• 5c308b0 fix: ensure dom binding is not called after detach (#8024)
• 0eb9c78 fix: change kill to signal the whole process group to terminate (#6859)
• 6970a97 chore(deps-dev): bump eslint-plugin-unicorn from 40.1.0 to 41.0.0 (#8032)
• f7c5922 docs: update example to align with the website (#7788)
• 5cf6f5f chore: declare workflow permissions as read-only (#8029)
• 23d8dbb ci: use setup-node v2 (#7854)
• e5aa4f2 docs: update firefox flags link (#7779)
• 921e4e6 chore(deps-dev): bump @ types/node from 17.0.17 to 17.0.18 (#8027)
• 30b3d49 feat(HTTPResponse): expose timing information (#8025)
• 5346e70 fix: element screenshot issue in headful mode (#8018)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs