Skip to content
This repository has been archived by the owner on Jun 26, 2023. It is now read-only.

[Snyk] Upgrade chai from 4.2.0 to 4.3.0 #12

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

zmaleki
Copy link
Contributor

@zmaleki zmaleki commented Feb 26, 2021

Snyk has created this PR to upgrade chai from 4.2.0 to 4.3.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released 22 days ago, on 2021-02-04.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Prototype Pollution
SNYK-JS-PATHVAL-596926
407/1000
Why? Proof of Concept exploit, CVSS 6
Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: chai
  • 4.3.0 - 2021-02-04

    This is a minor release.

    Not many changes have got in since the last release but this one contains a very important change (#1257) which will allow jest users to get better diffs. From this release onwards, jest users will be able to see which operator was used in their diffs. The operator is a property of the AssertionError thrown when assertions fail. This flag indicates what kind of comparison was made.

    This is also an important change for plugin maintainers. Plugin maintainers will now have access to the operator flag, which they can have access to through an utilmethod calledgetOperator`.

    Thanks to all the amazing people that contributed to this release.

    New Features

    • Allow contain.oneOf to take an array of possible values (@ voliva)
    • Adding operator attribute to assertion error (#1257) (@ rpgeeganage)
    • The closeTo error message will now inform the user when a delta is required (@ eouw0o83hf)

    Docs

    • Add contains flag to oneOf documentation (@ voliva)

    Tests

    • Make sure that useProxy config is checked in overwriteProperty (@ vieiralucas)
    • Add tests for contain.oneOf (@ voliva )

    Chores

    • Update mocha to version 6.1.4
    • Add node v10 and v12 to ci (@ vieiralucas)
    • Drop support for node v4, v6 and v9 (@ vieiralucas)
    • Fix sauce config for headless chrome (@ meeber)
    • Update dev dependencies (@ meeber)
    • Removed phantomjs dependency (#1204)
  • 4.2.0 - 2018-09-26
    Read more
from chai GitHub release notes
Commit messages
Package name: chai
  • 39dd113 [email protected]
  • 1044f68 chore: npm audit fix
  • 23764f3 Fix JSDoc name (#1354)
  • b91d0a8 fix: unbox BigInt primitives in shouldGetter (#1349)
  • e54d834 test: replaced arrow function for IE support (#1348)
  • 2637ca2 chore(funding): display sponsor button for open collective (#1346)
  • e08ca08 feat: add Node.js ESM entry point with named and default exports (#1340)
  • 2fb8983 docs: add missing apostrophes (#1344)
  • 41ff363 docs: add --save-dev to npm install command (#1289)
  • 8c2b25c docs: Node version >=8 in README (#1306)
  • 0e543bf test: The Buffer() and new Buffer() constructors are deprecated (#1305)
  • 7ff1273 feat: improve include error message (#1273)
  • 03913cb Merge pull request #1242 from voliva/contains-oneOf
  • 9d2f6dc docs(oneOf): Add contains flag to oneOf documentation
  • 7eaf684 feat(oneOf): expect(value).to.contain.oneOf([])
  • 8dc92d8 Adding operator attribute to assertion error (#1257)
  • 1958341 chore(package): update lockfile package-lock.json
  • 7bb36a4 chore(package): update mocha to version 6.1.4
  • 42509fa test: make sure that useProxy config is checked in overwriteProperty
  • 18d8494 chore: add node v10 and v12 to ci
  • 6740969 chore: drop support for node v4, v6 and v9
  • 6441f3d Merge pull request #1248 from eouw0o83hf/master
  • 6bfd2fd Include some missed some test files
  • 8d6330c Add delta message to closeTo() error

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants