Closed dependabot[bot] closed 3 months ago
✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.
⚠️: No snapshots were found for the head SHA 0e0d297df50a20f8738bb66fbda21969463f74ad.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.
Package | Version | Score | Details |
---|
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
Bumps the npm_and_yarn group in /web-widgets with 3 updates: ws, engine.io and socket.io-adapter.
Updates
ws
from 8.11.0 to 8.17.1Release notes
Sourced from ws's releases.
... (truncated)
Commits
3c56601
[dist] 8.17.1e55e510
[security] Fix crash when the Upgrade header cannot be read (#2231)6a00029
[test] Increase code coverageddfe4a8
[perf] Reduce the amount ofcrypto.randomFillSync()
callsb73b118
[dist] 8.17.029694a5
[test] Use thehighWaterMark
variable934c9d6
[ci] Test on node 221817bac
[ci] Do not test on node 2196c9b3d
[major] Flip the default value ofallowSynchronousEvents
(#2221)e5f32c7
[fix] Emit at most one event per event loop iteration (#2218)Updates
engine.io
from 6.5.4 to 6.5.5Release notes
Sourced from engine.io's releases.
Changelog
Sourced from engine.io's changelog.
Commits
0cb977a
chore(release): 6.5.5adaa207
chore(deps): bump ws from 8.11.0 to 8.17.1 (#702)0efa04b
fix(types): make socket.request writable (#697)Updates
socket.io-adapter
from 2.5.4 to 2.5.5Changelog
Sourced from socket.io-adapter's changelog.
Commits
05a190a
chore(release): 6.5.593fe190
chore(deps): bump ws from 8.11.0 to 8.17.1 (#93)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show