search

angular-university / angular-testing-course

Angular Testing Course - A complete guide to Angular Unit Testing and E2E Testing
MIT License
297 stars 661 forks source link

Bump json5, webpack and @cypress/webpack-preprocessor #47

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps json5 to 2.2.3 and updates ancestor dependencies json5, webpack and @cypress/webpack-preprocessor. These dependencies need to be updated together.

Updates json5 from 2.2.1 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).
Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).
Commits
  • c3a7524 2.2.3
  • 94fd06d docs: update CHANGELOG for v2.2.3
  • 3b8cebf docs(security): use GitHub security advisories
  • f0fd9e1 docs: publish a security policy
  • 6a91a05 docs(template): bug -> bug report
  • 14f8cb1 2.2.2
  • 10cc7ca docs: update CHANGELOG for v2.2.2
  • 7774c10 fix: add proto to objects and arrays
  • edde30a Readme: slight tweak to intro
  • 97286f8 Improve example in readme
  • Additional commits viewable in compare view


Updates webpack from 4.46.0 to 5.75.0

Release notes

Sourced from webpack's releases.

v5.75.0

Bugfixes

  • experiments.* normalize to false when opt-out
  • avoid NaN%
  • show the correct error when using a conflicting chunk name in code
  • HMR code tests existance of window before trying to access it
  • fix eval-nosources-* actually exclude sources
  • fix race condition where no module is returned from processing module
  • fix position of standalong semicolon in runtime code

Features

  • add support for @import to extenal CSS when using experimental CSS in node
  • add i64 support to the deprecated WASM implementation

Developer Experience

  • expose EnableWasmLoadingPlugin
  • add more typings
  • generate getters instead of readonly properties in typings to allow overriding them

v5.74.0

Features

  • add resolve.extensionAlias option which allows to alias extensions
    • This is useful when you are forced to add the .js extension to imports when the file really has a .ts extension (typescript + "type": "module")
  • add support for ES2022 features like static blocks
  • add Tree Shaking support for ProvidePlugin

Bugfixes

  • fix persistent cache when some build dependencies are on a different windows drive
  • make order of evaluation of side-effect-free modules deterministic between concatenated and non-concatenated modules
  • remove left-over from debugging in TLA/async modules runtime code
  • remove unneeded extra 1s timestamp offset during watching when files are actually untouched
    • This sometimes caused an additional second build which are not really needed
  • fix shareScope option for ModuleFederationPlugin
  • set "use-credentials" also for same origin scripts

Performance

  • Improve memory usage and performance of aggregating needed files/directories for watching
    • This affects rebuild performance

Extensibility

  • export HarmonyImportDependency for plugins

v5.73.0

... (truncated)

Commits


Updates @cypress/webpack-preprocessor from 4.1.5 to 5.16.1

Release notes

Sourced from @​cypress/webpack-preprocessor's releases.

5.6.0

Released 11/09/2020

Features:

  • You can now dynamically add aliases for requests intercepted via cy.route2(). See an example. Addresses #387.
  • You can now run all integration specs or all component specs separately (or a filtered list of specs) by clicking the appropriate button in the Test Runner in the Tests tab. Addresses #8203.
  • Added a new modifier syntax to cy.type(). You can now type shortcuts like {ctrl+z}. Addressed in #5694.
  • We now show a modal with release notes when available when there is a new version of Cypress. Addressed in #9006.
  • In the Test Runner's Settings and Runs tab you can now quickly copy the project id configuration and record key using a copy to clipboard icon. Addresses #9002.

Bugfixes:

  • Fixed a regression introduced in 4.12.0 where snapshotting caused images to load too many times. Fixes #8679.
  • Using cy.visit() on sites with content-type of text-html followed by parameters (like text/html;charset=utf-8) will no longer throw an error about visiting a site with an invalid content-type. Fixes #8506
  • The Cannot access 'continueSent' before initialization error will no longer throw when using cy.route2(). Fixes #8926.
  • Awaiting a request body when providing a static response stub in cy.route2() should now work properly. Addressed in #9059.
  • The way that intercepted cy.route2() requests are displayed in the Command Log has been improved, including showing the progress bar correctly. Addresses #9053.
  • The Cannot read property 'replace' of undefined error will no longer throw when attempting to generate the stack trace from an error thrown in the application. Fixes #7915.
  • Stack traces in the Command Log originating from application errors where the location is unavailable will no longer show as a clickable link to open in IDE. Fixes #9106.
  • When using the fixture: prefix as a stubbed response to cy.route(), JSON fixtures containing only a number or boolean will no longer throw an error. Fixes #4899.
  • Fixed an issue causing failed subresource integrity checks for external scripts. Fixes #8983, #9049, and #8992.

Misc:

  • Typings for .invoke() and .its() now allow for a timeout option. Addresses #9079.
  • Typings for cy.task() now allow for parameterizing the task return type. Addresses #7136.
  • A clearer error is printed during cypress cache list when no cached versions are found. Addresses #6303.

Dependency Updates:

  • Upgraded commander from ^4.1.1 to ^5.1.0. Addressed in #8979.
  • Upgraded semver from 6.3.0 to 7.3.2. Addressed in #9068.
  • Upgraded systeminformation from 4.26.9 to 4.27.11. Addressed in #8979.
  • Removed node-webkit-updater. This should remove some security warnings that were shown during install. Addresses #8314.

5.5.0

Released 10/26/2020

Features:

  • cy.viewport() has a new macbook-16 preset. Addresses #8889.
  • .type() now fires the beforeInput event during typing. Note: Firefox does not support the beforeinput event. Addresses #7088.

Bugfixes:

  • Updated the Cypress proxy layer to proxy HTTPS traffic from non-AUT origins. Addressed in #8827.
    • This fixed an issue with cy.route2 where HTTPS requests to a non-AUT origin would not be intercepted as expected.
  • cy.route2() now properly handles passing a method as its first argument. Fixes #8729.
  • Fixed an issue with cy.route2() where a "Cannot set property response of undefined" error would occasionally occur. Fixes #8858.

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/angular-university/angular-testing-course/network/alerts).