Bump debug, needle, @angular-devkit/build-ng-packagr, @angular-devkit/build-angular, @angular/cli, karma and karma-coverage-istanbul-reporter

[dependabot]

Bumps debug to 4.3.4 and updates ancestor dependencies debug, needle, @angular-devkit/build-ng-packagr, @angular-devkit/build-angular, @angular/cli, karma and karma-coverage-istanbul-reporter. These dependencies need to be updated together.

Updates debug from 2.6.9 to 4.3.4

Release notes

Sourced from debug's releases.

4.3.4

What's Changed

• Add section about configuring JS console to show debug messages by @​gitname in debug-js/debug#866
• Replace deprecated String.prototype.substr() by @​CommanderRoot in debug-js/debug#876

New Contributors

• @​gitname made their first contribution in debug-js/debug#866
• @​CommanderRoot made their first contribution in debug-js/debug#876

Full Changelog: debug-js/debug@4.3.3...4.3.4

4.3.3

Patch Release 4.3.3

This is a documentation-only release. Further, the repository was transferred. Please see notes below.

• Migrates repository from https://github.com/visionmedia/debug to https://github.com/debug-js/debug. Please see notes below as to why this change was made.
• Updates repository maintainership information
• Updates the copyright (no license terms change has been made)
• Removes accidental epizeuxis (#828)
• Adds README section regarding usage in child procs (#850)

Thank you to @​taylor1791 and @​kristofkalocsai for their contributions.

---

Repository Migration Information

I've formatted this as a FAQ, please feel free to open an issue for any additional question and I'll add the response here.

Q: What impact will this have on me?

In most cases, you shouldn't notice any change.

The only exception I can think of is if you pull code directly from https://github.com/visionmedia/debug, e.g. via a "debug": "visionmedia/debug"-type version entry in your package.json - in which case, you should still be fine due to the automatic redirection Github sets up, but you should also update any references as soon as possible.

Q: What are the security implications of this change?

If you pull code directly from the old URL, you should update the URL to https://github.com/debug-js/debug as soon as possible. The old organization has many approved owners and thus a new repository could (in theory) be created at the old URL, circumventing Github's automatic redirect that is in place now and serving malicious code. I (@​qix-) also wouldn't have access to that repository, so while I don't think it would happen, it's still something to consider.

Even in such a case, however, the officially released package on npm (debug) would not be affected. That package is still very much under control (even more than it used to be).

Q: What should I do if I encounter an issue related to the migration?

Search the issues first to see if someone has already reported it, and then open a new issue if someone has not.

Q: Why was this done as a 'patch' release? Isn't this breaking?

No, it shouldn't be breaking. The package on npm shouldn't be affected (aside from this patch release) and any references to the old repository should automatically redirect.

Thus, according to all of the "APIs" (loosely put) involved, nothing should have broken.

... (truncated)

Commits

• da66c86 4.3.4
• 9b33412 replace deprecated String.prototype.substr() (#876)
• c0805cc add section about configuring JS console to show debug messages (#866)
• 043d3cd 4.3.3
• 4079aae update license and more maintainership information
• 19b36c0 update repository location + maintainership information
• f851b00 adds README section regarding usage in child procs (#850)
• d177f2b Remove accidental epizeuxis
• e47f96d 4.3.2
• 1e9d38c cache enabled status per-logger (#799)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by qix, a new releaser for debug since your current version.

Updates needle from 2.2.0 to 3.2.0

Release notes

Sourced from needle's releases.

v3.2.0

What's Changed

• Remove on_socket_end callback by @​tomas in tomas/needle#401
• ci: add node18 test by @​iChenLei in tomas/needle#402
• Add utils module and refactor should_proxy_to() based on PR #411. Fixes #383 by @​tomas in tomas/needle#416

New Contributors

• @​iChenLei made their first contribution in tomas/needle#402

Full Changelog: tomas/needle@v3.1.0...v3.2.0

v3.1.0

What's Changed

• Docs: clarify connection keep alive behaviour by @​Al-Kostryukov in tomas/needle#378
• Update iconv-lite dependency by @​fttx in tomas/needle#377
• fix: Silence ECONNRESET errors after connection close by @​joeyparrish in tomas/needle#392
• Use HTTP_PROXY and HTTPS_PROXY from env, if set by @​tomas in tomas/needle#382
• Set cookie on redirect only if domain matches by @​tomas in tomas/needle#387
• Allow setting/using a default agent for all requests via defaults() by @​tomas in tomas/needle#379
• fix: Fix test failures in node v4-v12 by @​joeyparrish in tomas/needle#398
• fix: Fix macOS + node v17 test failures by @​joeyparrish in tomas/needle#394
• fix: Fix test failures in node v14-v16 by @​joeyparrish in tomas/needle#396
• ci: Run on pull requests, and up to node v17 by @​joeyparrish in tomas/needle#399
• Use iconv.decodeStream instead of iconv.decode; Fixes #374 by @​yetzt in tomas/needle#375

New Contributors

• @​Al-Kostryukov made their first contribution in tomas/needle#378
• @​fttx made their first contribution in tomas/needle#377
• @​joeyparrish made their first contribution in tomas/needle#392

Full Changelog: tomas/needle@v3.0.0...v3.1.0

v3.0.0

What's Changed

• Add support for application/vnd.api+json content types by @​kfitzgerald in tomas/needle#362
• underscore in nonce breaks the digest request by @​ManjunathaN in tomas/needle#356
• Removed usage of deprecated API by @​adityapatadia in tomas/needle#348
• treat xml and json mime types as text by @​yetzt in tomas/needle#351
• Replace all .pipe calls with stream module pipeline method by @​alolis in tomas/needle#370
• Fix dangling parenthesis by @​cf12 in tomas/needle#319
• misleading event in documentation by @​JiPaix in tomas/needle#315
• chore: README typo by @​hyunjun529 in tomas/needle#345
• Alternative stream error handling for older Nodes, without stream.pipeline by @​tomas in tomas/needle#372
• Emit 'done' event on writable streams Needle's response is being piped to by @​tomas in tomas/needle#373

New Contributors

• @​ManjunathaN made their first contribution in tomas/needle#356
• @​adityapatadia made their first contribution in tomas/needle#348
• @​alolis made their first contribution in tomas/needle#370
• @​cf12 made their first contribution in tomas/needle#319

... (truncated)

Commits

• 3f8a7e3 3.2.0
• aa49d75 Handle colons in Digest auth header. Fixes #415
• 8ad861a Merge pull request #416 from tomas/fix-no-proxy
• c566dc2 Add utils module and refactor should_proxy_to() based on PR #411. Fixes #383
• e5dee92 Merge pull request #402 from iChenLei/patch-1
• e173397 Merge pull request #401 from tomas/remove-on-socket-end
• a839e65 ci: add node18 test
• 8353cdb 3.1.0
• f92aee8 Remove on_socket_end callback, looks like we don't need it anymore
• e963098 Fix header tests for newer node versions
• Additional commits viewable in compare view

Updates @angular-devkit/build-ng-packagr from 0.6.8 to 0.1002.0

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by google-wombot, a new releaser for @​angular-devkit/build-ng-packagr since your current version.

Updates @angular-devkit/build-angular from 0.6.8 to 15.0.5

Release notes

Sourced from @​angular-devkit/build-angular's releases.

v15.0.5

15.0.5 (2023-01-06)

@​angular-devkit/build-angular

Commit	Description
	format esbuild error messages to include more information

Special Thanks

Alan Agius, Kristiyan Kostadinov, Paul Gschwendtner and aanchal

v15.0.4

15.0.4 (2022-12-14)

@​angular-devkit/build-angular

Commit	Description
	display actionable error when a style does not exist in Karma builder
	downlevel class private methods when targeting Safari <=v15
	include sources in generated Sass source maps
	only set ngDevMode when script optimizations are enabled
	update css-loader to 6.7.3
	update locale setting snippet to use globalThis.

Special Thanks

Alan Agius and Charles Lyding

v15.0.3

15.0.3 (2022-12-07)

@​angular-devkit/build-angular

Commit	Description
	default preserve symlinks to Node.js value for esbuild
	downlevel class fields with Safari <= v15 for esbuild
	downlevel class properties when targeting Safari <=v15
	prevent optimization adding unsupported ECMASCript features

Special Thanks

Charles Lyding, Dominic Elm and Paul Gschwendtner

v15.0.2

15.0.2 (2022-11-30)

@​angular-devkit/build-angular

Commit	Description
	correctly set Sass quietDeps and verbose options

@​ngtools/webpack

Commit	Description
	elide unused type references

Special Thanks

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

15.0.5 (2023-01-06)

@​angular-devkit/build-angular

Commit	Type	Description
c2030dec7	fix	format esbuild error messages to include more information

Special Thanks

Alan Agius, Kristiyan Kostadinov, Paul Gschwendtner and aanchal

15.1.0-next.3 (2022-12-14)

Deprecations

@​angular-devkit/schematics

• The Observable based SchematicTestRunner.runSchematicAsync and SchematicTestRunner.runExternalSchematicAsync methods have been deprecated in favor of the Promise based SchematicTestRunner.runSchematic and SchematicTestRunner.runExternalSchematic.

@​schematics/angular

Commit	Type	Description
8d000d156	feat	add environments generation schematic

@​angular-devkit/build-angular

Commit	Type	Description
216991b9d	feat	support inline component Sass styles with esbuild builder
8fd08491a	fix	display actionable error when a style does not exist in Karma builder
97373016c	fix	downlevel class private methods when targeting Safari <=v15
27b22b02d	fix	include sources in generated
310144d32	fix	only set ngDevMode when script optimizations are enabled
20376649c	fix	transform async generator class methods for Zone.js support
afe9feaa4	fix	update locale setting snippet to use globalThis.

@​angular-devkit/schematics

Commit	Type	Description
207358afb	feat	add runSchematic and runExternalSchematic methods

Special Thanks

... (truncated)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by google-wombot, a new releaser for @​angular-devkit/build-angular since your current version.

Updates @angular/cli from 6.0.8 to 6.2.9

Commits

• See full diff in compare view

Updates karma from 1.7.1 to 6.4.1

Release notes

Sourced from karma's releases.

v6.4.1

6.4.1 (2022-09-19)

Bug Fixes

• pass integrity value (63d86be)

v6.4.0

6.4.0 (2022-06-14)

Features

• support SRI verification of link tags (dc51a2e)
• support SRI verification of script tags (6a54b1c)

v6.3.20

6.3.20 (2022-05-13)

Bug Fixes

• prefer IPv4 addresses when resolving domains (e17698f), closes #3730

v6.3.19

6.3.19 (2022-04-19)

Bug Fixes

• client: error out when opening a new tab fails (099b85e)

v6.3.18

6.3.18 (2022-04-13)

Bug Fixes

• deps: upgrade socket.io to v4.4.1 (52a30bb)

v6.3.17

6.3.17 (2022-02-28)

Bug Fixes

• deps: update colors to maintained version (#3763) (fca1884)

v6.3.16

... (truncated)

Changelog

Sourced from karma's changelog.

6.4.1 (2022-09-19)

Bug Fixes

• pass integrity value (63d86be)

6.4.0 (2022-06-14)

Features

• support SRI verification of link tags (dc51a2e)
• support SRI verification of script tags (6a54b1c)

6.3.20 (2022-05-13)

Bug Fixes

• prefer IPv4 addresses when resolving domains (e17698f), closes #3730

6.3.19 (2022-04-19)

Bug Fixes

• client: error out when opening a new tab fails (099b85e)

6.3.18 (2022-04-13)

Bug Fixes

• deps: upgrade socket.io to v4.4.1 (52a30bb)

6.3.17 (2022-02-28)

Bug Fixes

• deps: update colors to maintained version (#3763) (fca1884)

6.3.16 (2022-02-10)

Bug Fixes

• security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

... (truncated)

Commits

• 0013121 chore(release): 6.4.1 [skip ci]
• 63d86be fix: pass integrity value
• 84f7cc3 chore(release): 6.4.0 [skip ci]
• f2d0663 docs: add integrity parameter
• dc51a2e feat: support SRI verification of link tags
• 6a54b1c feat: support SRI verification of script tags
• 5e71cf5 chore(release): 6.3.20 [skip ci]
• e17698f fix: prefer IPv4 addresses when resolving domains
• 60f4f79 build: add Node 16 and 18 to the CI matrix
• 6ff5aaf chore(release): 6.3.19 [skip ci]
• Additional commits viewable in compare view

Updates karma-coverage-istanbul-reporter from 1.4.3 to 3.0.3

Changelog

Sourced from karma-coverage-istanbul-reporter's changelog.

3.0.3 (2020-05-28)

Bug Fixes

• duplicated files when "skipFilesWithNoCoverage=false" on windows (052f6ab)

3.0.2 (2020-05-05)

Bug Fixes

• return correct exit code when thresholds are not met (that works with the karma api) (a0cbdd8), closes #80

3.0.1 (2020-05-04)

Bug Fixes

• set correct process exit code when thresholds are not met (9ba3fe0), closes #80

3.0.0 (2020-05-01)

⚠ BREAKING CHANGES

• node 6 and node 8 are no longer supported. To use this package you must upgrade to node 10 or higher.

Features

• upgrade to latest istanbul api (28cbbfb)

2.1.1 (2019-11-21)

Bug Fixes

• add npm funding link (ee9fb51)

2.1.0 (2019-07-24)

Features

• config: support istanbul-api instrumentation configuration (c4f7a9c), closes #73

... (truncated)

Commits

• b61dd30 chore(release): 3.0.3
• 052f6ab fix: duplicated files when "skipFilesWithNoCoverage=false" on windows
• 5f3f030 docs: update changelog
• 5f5ca05 chore(release): 3.0.2
• a0cbdd8 fix: return correct exit code when thresholds are not met
• e8d4f4a style: fix lint issue
• 0d37f42 fix: wait for reports to finish writing before exiting karma
• a50d4e5 chore(release): 3.0.1
• e756c12 test: fix test exit code
• 9ba3fe0 fix: set correct process exit code when thresholds are not met
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.