Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump tough-cookie, jest and ts-jest #1029

Closed
wants to merge 1 commit into from
Closed

Bump tough-cookie, jest and ts-jest #1029

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 2, 2024
edited
Loading

Bumps tough-cookie to 4.1.4 and updates ancestor dependencies tough-cookie, jest and ts-jest. These dependencies need to be updated together.

Updates tough-cookie from 4.1.2 to 4.1.4

Release notes

Sourced from tough-cookie's releases.

v4.1.4

https://www.npmjs.com/package/tough-cookie/v/4.1.4

What's Changed

New Contributors

Full Changelog: salesforce/tough-cookie@v4.1.3...v4.1.4

4.1.3

Security fix for Prototype Pollution discovery in #282. This is a minor release, although output from the inspect utility is affected by this change, we felt this change was important enough to be pushed into the next patch.

Commits
  • cacbc37 Bump version to 4.1.4
  • a48fb3a Add tests for url validation
  • 50e69bf Merge pull request #261 from postmanlabs/fix/url-string-validation
  • 1253d58 Merge pull request #409 from corvidism/validators-to-string
  • 238367e Add local alias for toString
  • 4ff4d29 4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)
  • 12d4747 Prevent prototype pollution in cookie memstore (#283)
  • f06b72d Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...
  • cf6debd Fix incorrect string validation for URL
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by ccasey, a new releaser for tough-cookie since your current version.


Updates jest from 23.6.0 to 29.7.0

Release notes

Sourced from jest's releases.

v29.7.0

Features

  • [create-jest] Add npm init / yarn create initialiser for Jest projects (#14465)
  • [jest-validate] Allow deprecation warnings for unknown options (#14499)

Fixes

  • [jest-resolver] Replace unmatched capture groups in moduleNameMapper with empty string instead of undefined (#14507)
  • [jest-snapshot] Allow for strings as well as template literals in inline snapshots (#14465)
  • [@jest/test-sequencer] Calculate test runtime if perStats.duration is missing (#14473)

Performance

  • [@jest/create-cache-key-function] Cache access of NODE_ENV and BABEL_ENV (#14455)

Chore & Maintenance

  • [jest-cli] Move internal config initialisation logic to the create-jest package (#14465)

New Contributors

Full Changelog: jestjs/jest@v29.6.4...v29.7.0

v29.6.4

Fixes

  • [jest-core] Fix typo in scheduleAndRun performance marker (#14434)
  • [jest-environment-node] Make sure atob and btoa are writeable in Node 20 (#14446)
  • [jest-worker] Additional error wrapper for parentPort.postMessage to fix unhandled DataCloneError. (#14437)

New Contributors

Full Changelog: jestjs/jest@v29.6.3...v29.6.4

v29.6.3

Fixes

  • [expect, @jest/expect-utils] ObjectContaining support symbol as key (#14414)
  • [expect] Remove @types/node from dependencies (#14385)
  • [jest-core] Use workers in watch mode by default to avoid crashes (#14059 & #14085).
  • [jest-reporters] Update istanbul-lib-instrument dependency to v6. (#14401)
  • [jest-mock] Revert #13692 as it was a breaking change (#14429)
  • [jest-mock] Revert #13866 as it was a breaking change (#14429)

... (truncated)

Changelog

Sourced from jest's changelog.

29.7.0

Features

  • [create-jest] Add npm init / yarn create initialiser for Jest projects (#14465)
  • [jest-validate] Allow deprecation warnings for unknown options (#14499)

Fixes

  • [jest-resolver] Replace unmatched capture groups in moduleNameMapper with empty string instead of undefined (#14507)
  • [jest-snapshot] Allow for strings as well as template literals in inline snapshots (#14465)
  • [@jest/test-sequencer] Calculate test runtime if perStats.duration is missing (#14473)

Performance

  • [@jest/create-cache-key-function] Cache access of NODE_ENV and BABEL_ENV (#14455)

Chore & Maintenance

  • [jest-cli] Move internal config initialisation logic to the create-jest package (#14465)

29.6.4

Fixes

  • [jest-core] Fix typo in scheduleAndRun performance marker (#14434)
  • [jest-environment-node] Make sure atob and btoa are writeable in Node 20 (#14446)
  • [jest-worker] Additional error wrapper for parentPort.postMessage to fix unhandled DataCloneError. (#14437)

29.6.3

Fixes

  • [expect, @jest/expect-utils] ObjectContaining support sumbol as key (#14414)
  • [expect] Remove @types/node from dependencies (#14385)
  • [jest-core] Use workers in watch mode by default to avoid crashes (#14059 & #14085).
  • [jest-reporters] Update istanbul-lib-instrument dependency to v6. (#14401)
  • [jest-mock] Revert #13692 as it was a breaking change (#14429)
  • [jest-mock] Revert #13866 as it was a breaking change (#14429)
  • [jest-mock] Revert #13867 as it was a breaking change (#14429)
  • [@jest/reporters] Marks Reporter's hooks as optional (#14433)
  • [jest-runtime] Fix dynamic ESM import module bug when loaded module through jest.isolateModulesAsync (#14397)

Chore & Maintenance

  • [jest-changed-files, jest-circus, jest-console, @jest/core, @jest/runtime, @jest/transform] Use invariant and notEmpty from jest-util rather than own internal (#14366)

29.6.2

Fixes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by simenb, a new releaser for jest since your current version.


Updates ts-jest from 22.4.2 to 29.1.2

Release notes

Sourced from ts-jest's releases.

v29.1.2

Please refer to CHANGELOG.md for details.

v29.1.1

Please refer to CHANGELOG.md for details.

v29.1.0

Please refer to CHANGELOG.md for details.

v29.0.5

Please refer to CHANGELOG.md for details.

v29.0.4

Please refer to CHANGELOG.md for details.

v29.0.3

Please refer to CHANGELOG.md for details.

v29.0.2

Please refer to CHANGELOG.md for details.

v29.0.1

Please refer to CHANGELOG.md for details.

v29.0.0

Please refer to CHANGELOG.md for details.

v29.0.0-next.1

Please refer to CHANGELOG.md for details.

v29.0.0-next.0

Please refer to CHANGELOG.md for details.

v28.0.8

Please refer to CHANGELOG.md for details.

v28.0.7

No release notes provided.

v28.0.6

No release notes provided.

v28.0.5

No release notes provided.

v28.0.4

No release notes provided.

v28.0.3

No release notes provided.

... (truncated)

Changelog

Sourced from ts-jest's changelog.

29.1.2 (2024-01-22)

Bug Fixes

  • calculated cache key based on supportsStaticESM (a5d6f2d)
  • correct error handling in processAsync (e7be4bf), closes #4207
  • use Config.ProjectConfig (918312b), closes #4028

29.1.1 (2023-06-23)

Security Fixes

  • bump semver to 7.5.3

29.1.0 (2023-03-26)

Features

29.0.5 (2023-01-13)

Reverts

  • Revert "fix(transformer): don't use cache when tsJestConfig is different (#3966)" (185eb18), closes #3966

29.0.4 (2023-01-10)

Bug Fixes

29.0.3 (2022-09-28)

... (truncated)

Commits
  • 70d48be chore(release): 29.1.2
  • 19778bd build: reference transform options via jest TransformOptions type
  • a5d6f2d fix: calculated cache key based on supportsStaticESM
  • 2d16f4a test(e2e): remove onNodeVersions function
  • 0861a66 build(deps): Update dependency node-fetch to ^3.3.2
  • f41cc3e build(deps): Update babel monorepo
  • 41b8460 build(deps): Update dependency docusaurus-remark-plugin-tab-blocks to ^1.3.1
  • e7be4bf fix: correct error handling in processAsync
  • e31d953 build(deps): Update actions/setup-node digest to 1a4442c
  • 622539d build(deps): Update dependency @​formatjs/ts-transformer to ^3.13.9
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 2, 2024
@vercel Vercel
Copy link

vercel bot commented May 2, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
universalviewer ✅ Ready (Inspect) Visit Preview 💬 1 unresolved May 2, 2024 3:44pm

@codesandbox CodeSandbox
Copy link

codesandbox bot commented May 2, 2024

Review or Edit in CodeSandbox

Open the branch in Web EditorVS CodeInsiders

Open Preview

@codesandbox-ci CodeSandbox CI
Copy link

codesandbox-ci bot commented May 2, 2024
edited
Loading

This pull request is automatically built and testable in CodeSandbox.

To see build info of the built libraries, click here or the icon next to each commit SHA.

@Saira-A Saira-A changed the base branch from main to dev May 2, 2024 11:49
@demiankatz
Copy link
Contributor

This is another one that we should not merge until we resolve #984.

@dependabot dependabot bot changed the base branch from dev to main May 2, 2024 15:19
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-7042236f2e branch from 8d9b417 to 2a499d9 Compare May 2, 2024 15:19
@edsilv
Copy link
Member

edsilv commented May 2, 2024

@dependabot recreate

@dependabot
Bump tough-cookie, jest and ts-jest
f30ee01 
Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) to 4.1.4 and updates ancestor dependencies [tough-cookie](https://github.com/salesforce/tough-cookie), [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) and [ts-jest](https://github.com/kulshekhar/ts-jest). These dependencies need to be updated together.


Updates `tough-cookie` from 4.1.2 to 4.1.4
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v4.1.2...v4.1.4)

Updates `jest` from 23.6.0 to 29.7.0
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v29.7.0/packages/jest)

Updates `ts-jest` from 22.4.2 to 29.1.2
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](kulshekhar/ts-jest@v22.4.2...v29.1.2)

---
updated-dependencies:
- dependency-name: tough-cookie
  dependency-type: indirect
- dependency-name: jest
  dependency-type: direct:development
- dependency-name: ts-jest
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-7042236f2e branch from 2a499d9 to f30ee01 Compare May 2, 2024 15:30
@edsilv edsilv closed this May 2, 2024
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github May 2, 2024

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/npm_and_yarn/multi-7042236f2e branch May 2, 2024 15:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@demiankatz @edsilv