Closed dependabot[bot] closed 1 week ago
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
Package | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|
npm/lottie-react@2.4.0 | Transitive: environment, network | +5 |
30.5 MB | gamote |
npm/minimist@1.2.8 | None | 0 |
54.5 kB | ljharb |
npm/moment@2.29.4 | None | 0 |
4.23 MB | ichernev |
npm/react-alert@7.0.3 | Transitive: environment | +11 |
6.65 MB | schiehll |
npm/react@18.2.0 | environment | +2 |
337 kB | gnoff |
npm/react18-json-view@0.2.6 | eval | 0 |
286 kB | yysuni |
npm/sass@1.26.10 | Transitive: environment, filesystem | +15 |
4.41 MB | sassbot |
npm/smol-toml@1.1.3 | None | 0 |
71.3 kB | cyyynthia |
npm/ts-node@10.9.2 | environment, filesystem, unsafe | +15 |
3.62 MB | blakeembrey |
npm/typescript@5.3.3 | None | 0 |
32 MB | typescript-bot |
npm/use-query-params@2.2.1 | Transitive: environment, network | +8 |
9.12 MB | pbeshai |
🚮 Removed packages: npm/@types/node@10.12.18, npm/@types/node@20.14.2, npm/agent-base@6.0.2, npm/assert@2.0.0, npm/async@3.2.5, npm/base-x@3.0.9, npm/big-integer@1.6.51, npm/bindings@1.5.0, npm/bip32@2.0.6, npm/bip39@3.0.4, npm/bs58check@2.1.2, npm/buffer@5.6.0, npm/call-bind@1.0.2, npm/cipher-base@1.0.4, npm/create-hash@1.2.0, npm/create-hmac@1.1.7, npm/decimal.js@10.3.1, npm/electron@22.3.25, npm/elliptic@6.5.4, npm/fernet@0.4.0, npm/five-bells-condition@5.0.1, npm/fs@0.0.1-security, npm/get-intrinsic@1.1.1, npm/hash.js@1.1.7, npm/https-proxy-agent@5.0.0, npm/is-callable@1.2.4, npm/is-string@1.0.7, npm/is-symbol@1.0.4, npm/is-typed-array@1.1.8, npm/object-inspect@1.12.0, npm/open@8.4.2, npm/prompt@1.3.0, npm/qrcode@1.5.3, npm/ripemd160@2.0.2, npm/ripple-lib@0.17.9, npm/ripple-lib@1.10.1, npm/secp256k1@5.0.0, npm/sha.js@2.4.11, npm/toml@3.0.0
Bumps ws from 8.5.0 to 8.17.1.
Release notes
Sourced from ws's releases.
... (truncated)
Commits
3c56601
[dist] 8.17.1e55e510
[security] Fix crash when the Upgrade header cannot be read (#2231)6a00029
[test] Increase code coverageddfe4a8
[perf] Reduce the amount ofcrypto.randomFillSync()
callsb73b118
[dist] 8.17.029694a5
[test] Use thehighWaterMark
variable934c9d6
[ci] Test on node 221817bac
[ci] Do not test on node 2196c9b3d
[major] Flip the default value ofallowSynchronousEvents
(#2221)e5f32c7
[fix] Emit at most one event per event loop iteration (#2218)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show