Closed dependabot[bot] closed 2 weeks ago
[puLL-Merge] - websockets/ws@8.14.1..8.17.1
This PR involves multiple changes across the codebase aimed at updating and enhancing various components of the WebSocket library. The main changes include:
.eslintrc.yaml
to eslint.config.js
for ESLint configuration.FUNDING.json
.allowSynchronousEvents
) and deprecating old opt-in performance methods might affect users who depend on the old behavior.setImmediate
and Node.js version checks might not work as expected in all environments. Thorough testing across versions is needed.FUNDING.json
: Ensure the provided Ethereum address is secure and properly managed to avoid potential abuse.
Bumps ws from 8.14.1 to 8.17.1.
Release notes
Sourced from ws's releases.
... (truncated)
Commits
3c56601
[dist] 8.17.1e55e510
[security] Fix crash when the Upgrade header cannot be read (#2231)6a00029
[test] Increase code coverageddfe4a8
[perf] Reduce the amount ofcrypto.randomFillSync()
callsb73b118
[dist] 8.17.029694a5
[test] Use thehighWaterMark
variable934c9d6
[ci] Test on node 221817bac
[ci] Do not test on node 2196c9b3d
[major] Flip the default value ofallowSynchronousEvents
(#2221)e5f32c7
[fix] Emit at most one event per event loop iteration (#2218)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show