search

SAP / openui5-website

The OpenUI5 website.
https://openui5.org
Apache License 2.0
30 stars 30 forks source link

Bump socket.io-parser and gatsby #524

Closed dependabot[bot] closed 10 months ago

dependabot[bot] commented 1 year ago

Bumps socket.io-parser to 4.2.3 and updates ancestor dependency gatsby. These dependencies need to be updated together.

Updates socket.io-parser from 4.0.5 to 4.2.3

Release notes

Sourced from socket.io-parser's releases.

4.2.3

:warning: This release contains an important security fix :warning:

A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:

TypeError: Cannot convert object to primitive value
       at Socket.emit (node:events:507:25)
       at .../node_modules/socket.io/lib/socket.js:531:14

Please upgrade as soon as possible.

Bug Fixes

  • check the format of the event name (3b78117)

Links

4.2.2

Bug Fixes

  • calling destroy() should clear all internal state (22c42e3)
  • do not modify the input packet upon encoding (ae8dd88)

Links

4.2.1

Bug Fixes

  • check the format of the index of each attachment (b5d0cb7)

Links

4.2.0

Features

  • allow the usage of custom replacer and reviver (#112) (b08bc1a)

Links

... (truncated)

Changelog

Sourced from socket.io-parser's changelog.

4.2.3 (2023-05-22)

Bug Fixes

  • check the format of the event name (3b78117)

4.2.2 (2023-01-19)

Bug Fixes

  • calling destroy() should clear all internal state (22c42e3)
  • do not modify the input packet upon encoding (ae8dd88)

3.3.3 (2022-11-09)

Bug Fixes

  • check the format of the index of each attachment (fb21e42)

3.4.2 (2022-11-09)

Bug Fixes

  • check the format of the index of each attachment (04d23ce)

4.2.1 (2022-06-27)

Bug Fixes

  • check the format of the index of each attachment (b5d0cb7)
Commits
  • b6c824f chore(release): 4.2.3
  • dcc70d9 refactor: export typescript declarations for the commonjs build
  • 3b78117 fix: check the format of the event name
  • 0841bd5 chore: bump ua-parser-js from 1.0.32 to 1.0.33 (#121)
  • 28dd668 chore(release): 4.2.2
  • 22c42e3 fix: calling destroy() should clear all internal state
  • ae8dd88 fix: do not modify the input packet upon encoding
  • 9143aa4 chore: update browserslist
  • 194a9b7 ci: migrate from zuul to webdriver.io
  • a9758da ci: update actions in GitHub Actions workflows (#117)
  • Additional commits viewable in compare view


Updates gatsby from 2.32.13 to 5.10.0

Release notes

Sourced from gatsby's releases.

v5.10.0

Welcome to gatsby@5.10.0 release (May 2023 #1)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.9.0

Welcome to gatsby@5.9.0 release (April 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.7.0

Welcome to gatsby@5.7.0 release (February 2023 #2)

This release focused on bug fixes and perf improvements. Check out notable bugfixes and improvements.

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

v5.6.0

Welcome to gatsby@5.6.0 release (February 2023 #1)

Key highlights of this release:

Bleeding Edge: Want to try new features as soon as possible? Install gatsby@next and let us know if you have any issues.

Previous release notes

Full changelog

... (truncated)

Commits
  • ceb5527 chore(release): Publish
  • 5bd48a5 chore(docs): update algolia guide (#38085)
  • 89a3232 chore(gatsby-source-contentful): Fix docs pageLimit default value (#38082)
  • 7501d18 chore(docs): Typo in v4 to v5 migration guide (#38081)
  • cbc0b35 feat(create-gatsby): Add Tailwind as a styling choice (#37944)
  • 768581f chore(changelogs): update changelogs (#38077)
  • 9284520 fix(deps): update starters and examples gatsby packages to ^5.9.1 (#38073)
  • 22394b9 fix(deps): update e2e tests (major) (#38071)
  • 9bb9037 chore(deps): update starters and examples (#38067)
  • ed5855e fix(gatsby): don't serve codeframes for files outside of compilation (#38059)
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SAP/openui5-website/network/alerts).
dependabot[bot] commented 10 months ago

Superseded by #550.