Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
Other
1.53k
stars
270
forks
source link
Bump jsdom and @vue/cli-plugin-unit-mocha in /Src/WebController/UI #74
Fixed connectedCallback to fire in situations involving document fragments, which was broken in v18.0.1. (GrantGryczan)
Version 18.1.0
Fixed headers.append() and headers.set() to normalize values. (MattiasBuelens)
Fixed pageshow events to have bubbles: true and cancelable: true. (MattiasBuelens)
Implemented the reason property on AbortSignals, along with the corresponding reason argument to abortSignal.abort() and AbortSignal.abort(). (MattiasBuelens)
Version 18.0.1
Fixed live Ranges to update correctly after calling node.normalize(). (hgiesel)
Fixed live Ranges to update correctly after removing child nodes. (hgiesel)
Fixed setting inputEl.valueAsDate = null to no longer throw an exception, but instead set the value to the empty string. (simon-weimann)
Improved performance of node insertion and node.contains(). (GrantGryczan)
Version 18.0.0
Potentially-breaking bug fixes:
Fixed SSL certificate checking for WebSocket connections. Previously, invalid SSL certificates were always accepted; now, they properly respect the ResourceLoader's strictSSL option (which defaults to true).
Changed the global in which almost all Promise and TypeError instances are created to be the jsdom global, not the Node.js global. This could affect any code that uses instanceof.
Other changes:
Fixed moving an element between HTML and XML documents to reset the tagName cache, allowing it to return a lowercase value once it's in the XML document. (LucasLefevre)
Fixed form submission to not happen when the form is invalid. (pozil)
Version 17.0.0
Breaking change: Node v12 is now the minimum supported version.
Version 16.7.0
Added AbortSignal.abort(). (ninevra)
Added dummy x and y properties to the return value of getBoundingClientRect(). (eiko)
Implemented wrapping for textareaEl.value if the wrap="" attribute is specified. (ninevra)
Fixed jsdom's handling of when code running inside the jsdom throws null or undefined as an exception. (@mbest)
Removed the dependency on the deprecated request package, in the process fixing several issues with the XMLHttpRequest implementation around header processing. Thanks go to @tobyhinloopen, @andrewaylett, and especially @vegardbb, for completing this months-long effort!
Version 16.5.3
Fixed infinite recursion when using MutationObservers to observe elements inside a MutationObserver callback.
Version 16.5.2
Fixed Access-Control-Allow-Headers: * to work with XMLHttpRequest. (silviot)
Fixed xhr.response to strip any leading BOM when xhr.responseType is "json".
Fixed new Text() and new Comment() constructors to properly set the resulting node's ownerDocument.
Fixed customElements.whenDefined() to resolve its returned promise with the custom element constructor, per recent spec updates. (ExE-Boss)
Fixed parsing to ensure that <svg>\<template></template></svg> does not throw an exception, but instead correctly produces a SVG-namespace \<template> element.
Fixed domParser.parseFromString() to treat <noscript> elements appropriately.
Fixed connectedCallback to fire in situations involving document fragments, which was broken in v18.0.1. (GrantGryczan)
18.1.0
Fixed headers.append() and headers.set() to normalize values. (MattiasBuelens)
Fixed pageshow events to have bubbles: true and cancelable: true. (MattiasBuelens)
Implemented the reason property on AbortSignals, along with the corresponding reason argument to abortSignal.abort() and AbortSignal.abort(). (MattiasBuelens)
18.0.1
Fixed live Ranges to update correctly after calling node.normalize(). (hgiesel)
Fixed live Ranges to update correctly after removing child nodes. (hgiesel)
Fixed setting inputEl.valueAsDate = null to no longer throw an exception, but instead set the value to the empty string. (simon-weimann)
Improved performance of node insertion and node.contains(). (GrantGryczan)
18.0.0
Potentially-breaking bug fixes:
Fixed SSL certificate checking for WebSocket connections. Previously, invalid SSL certificates were always accepted; now, they properly respect the ResourceLoader's strictSSL option (which defaults to true).
Changed the global in which almost all Promise and TypeError instances are created to be the jsdom global, not the Node.js global. This could affect any code that uses instanceof.
Other changes:
Fixed moving an element between HTML and XML documents to reset the tagName cache, allowing it to return a lowercase value once it's in the XML document. (LucasLefevre)
Fixed form submission to not happen when the form is invalid. (pozil)
17.0.0
Breaking change: Node v12 is now the minimum supported version.
16.7.0
Added AbortSignal.abort(). (ninevra)
Added dummy x and y properties to the return value of getBoundingClientRect(). (eiko)
Implemented wrapping for textareaEl.value if the wrap="" attribute is specified. (ninevra)
Fixed some bad cascade computation in getComputedStyle(). (romain-trotard)
16.6.0
Added parentNode.replaceChildren(). (ninevra)
Fixed jsdom's handling of when code running inside the jsdom throws null or undefined as an exception. (mbest)
Removed the dependency on the deprecated request package, in the process fixing several issues with the XMLHttpRequest implementation around header processing. Special thanks to vegardbb for completing this months-long effort!
16.5.3
Fixed infinite recursion when using MutationObservers to observe elements inside a MutationObserver callback.
[697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/WithSecureLabs/C3/network/alerts).
Bumps jsdom to 18.1.1 and updates ancestor dependency @vue/cli-plugin-unit-mocha. These dependencies need to be updated together.
Updates
jsdomfrom 15.2.1 to 18.1.1Release notes
Sourced from jsdom's releases.
... (truncated)
Changelog
Sourced from jsdom's changelog.
... (truncated)
Commits
a61fdb8Version 18.1.115cbed6Fix connectedCallback with document fragments79ff734Version 18.1.0a303721Add AbortSignal's reason property158ada2Update web platform tests + minor fixesc98e0f5Fix changelog username typob1ce1afVersion 18.0.11f5acaeMajor performance improvements in some casesb86cd55Fix typo in style.js41e10e6Fix valueAsDate for HTMLInputElement with null valuesUpdates
@vue/cli-plugin-unit-mochafrom 4.5.6 to 5.0.8Release notes
Sourced from
@vue/cli-plugin-unit-mocha's releases.... (truncated)
Changelog
Sourced from
@vue/cli-plugin-unit-mocha's changelog.... (truncated)
Commits
b154dbdv5.0.84a0655fv5.0.7ef08a08v5.0.698c66c9v5.0.5ce97e62fix: add XMLSerializer to the global scope (#7101)ca97fc2v5.0.4dd53f26v5.0.3a859b1fv5.0.292d80a8v5.0.1c913cdcv5.0.0Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/WithSecureLabs/C3/network/alerts).