Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump faye from 1.1.2 to 1.4.0 #51

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

chore(deps): bump faye from 1.1.2 to 1.4.0 #51

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Feb 22, 2023
edited
Loading

Bumps faye from 1.1.2 to 1.4.0.

Changelog

Sourced from faye's changelog.

1.4.0 / 2020-07-31

  • Implement TLS certificate verification and enable it by default in the Ruby client class Faye::Client
  • Add a :tls option to the Ruby client with sub-field :verify_peer for configuring TLS verification
  • Officially support the tls option in the Node.js client, whose contents are forward to the https and tls modules as appropriate

1.3.0 / 2020-06-08

  • Support user:pass@ authorization in URIs and send Authorization headers from the Node HTTP transport
  • Support IPv6 hostnames in URIs
  • Allow credentials (cookies and Authorization headers) in cross-origin requests, by:
    • setting Access-Control-Allow-Origin to the value of the Origin header (not *)
    • enabling Access-Control-Allow-Credentials
  • Enable credentials when sending cross-origin requests
  • Don't disconnect WebSocket on page unload if autodisconnect is turned off
  • Catch errors when creating a WebSocket, which happens when Content Security Policy blocks it, allowing other transports to be tried
  • Fix a bug in the client where it handles messages from other clients as though they're the server's response to its own messages, based on the id field; now we only treat messages as server responses if they contain successful: true
  • Stop sending an empty message list [] from the WebSocket client as a keep-alive mechanism since CometD does not accept this message
  • Fix deprecation warnings for using the new Buffer() constructor
  • Switch to the Apache 2.0 license

1.2.5 / 2020-04-28

1.2.4 / 2017-01-28

  • Fix RackAdapter#get_client that was failing due to a URI error
  • Define Promise#catch in a safe way for old browsers
  • Log errors in the Node HTTP transport

1.2.3 / 2016-10-11

  • Return an error if the data field is missing on published messages

... (truncated)

Commits
  • 60141e8 Bump version to 1.4.0
  • 755a1b1 Depend on imports-loader <1.0 as newer versions do not work
  • 2de94af Document the tls option for server-side clients
  • 66ce1a1 Enable SSL verification by default
  • 6d20cb7 Require em-http-request >= 1.1.6, which implements TLS verification
  • 64f8772 Include LICENSE.md in the npm build
  • b8ef123 Bump version to 1.3.0
  • 17bc911 Correct the file list for the Ruby gem
  • fe6dcd9 Port OPTIONS request tests to Ruby
  • dc268f8 Refactor HTTP-related functions in adapter specs
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
chore(deps): bump faye from 1.1.2 to 1.4.0
52b7dc5 
Bumps [faye](https://github.com/faye/faye) from 1.1.2 to 1.4.0.
- [Release notes](https://github.com/faye/faye/releases)
- [Changelog](https://github.com/faye/faye/blob/master/CHANGELOG.md)
- [Commits](faye/faye@1.1.2...1.4.0)

---
updated-dependencies:
- dependency-name: faye
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants