search

brianlovin / security-checklist

A checklist for staying safe on the internet
https://brianlovin.com/security
MIT License
923 stars 76 forks source link

Bump cypress from 4.8.0 to 4.9.0 #558

Closed dependabot-preview[bot] closed 4 years ago

dependabot-preview[bot] commented 4 years ago

Bumps cypress from 4.8.0 to 4.9.0.

Release notes

Sourced from cypress's releases.

4.9.0

Released 6/23/2020

Features:

  • An animated progress bar now displays on every command in the Command Log indicating how long the command has left to run before reaching its command timeout. Addresses #7642.
  • There is now an experimentalFetchPolyfill configuration option. When this option is true, Cypress will automatically replace window.fetch with a polyfill that Cypress can spy on and stub. Addresses #7710.
  • You can now pass a --quiet flag to cypress run to silence any Cypress specific output from stdout. Addresses #7714.

Bugfixes:

  • cy.wait() now correctly resolves when waiting for XHR requests that contain resource-like text in the XHR's query params or hash (like .js, .html, .css). #7280.
  • We fixed a regression in 4.6.0 where errors thrown from the application under test as strings would not be correctly handled. Fixes #7590.
  • We fixed a regression in 4.8.0 where .click() would hang if the subject had a shadow root and experimentalShadowDomSupport was not enabled. Fixes #7679.
  • We fixed a regression in 4.6.0 so that .should('have.value') now properly asserts against <progress>, <meter> or <li> element's values. Fixes #7603.
  • Cypress no longer responds with 413 responses during a recorded cypress run when the stdout is too large. Fixes #7548.
  • We fixed an issue where Cypress could exit successfully even with failing tests when launched in global mode. Fixes #7755.
  • Assertion logs now properly display as parent commands in the Command Log regardless of what is in the beforeEach hook. Fixes #7731.
  • When experimentalShadowDomSupport is enabled, querying shadow dom in certain situations will no longer cause the error Cannot read property 'length' of undefined during cypress run. Fixes #7676.
  • Highlighting of elements upon hover of a command in the Command Log are now visible when targeting absolute positioned elements. Fixes #7762.
  • cypress run will no longer crash when provided an empty string to the --project flag. Fixes #7743.

Misc:

  • There is now a loading state to indicated when tests are loading in the Command Log. Addresses #7700.
  • The type definitions for fixturesFolder, pluginsFile, screenshotsFolders and videoCompression have been updated to allow false TypeScript types. Addresses #7654.
  • The type definitions for cy.wait(ms) now correctly yield the type of the previous subject. Addresses #7682.
  • The type definitions now allow for the 'key' keyword when chaining off 'any' or 'all' assertion chainers. Addresses #7665.

Dependency Updates:

  • Upgraded arch from 2.1.1 to 2.1.2. Addressed in #7672.
  • Upgraded eventemitter2 from 4.1.2 to 6.4.2. Addressed in #7705 and #7707.
  • Upgraded getos from 3.1.1 to 3.2.1. Addressed in #7685.
  • Upgraded is-installed-globally from 0.1.0 to 0.3.2. Addressed in #7703.
  • Upgraded jimp from 0.12.0 to 0.13.0. Addressed in #7618.
  • Upgraded moment from 2.24.0 to 2.26.0. Addressed in #7718.
  • Upgraded signal-exit from 3.0.2 to 3.0.3. Addressed in #7738.
Commits
  • 29ca809 release 4.9.0 [skip ci]
  • 653739b Handle --project "" command line argument (#7744)
  • 6423b35 chore: clean up postProcessRecording code (#7777)
  • bf752f1 fix: correct bad propagation of exit signals (#7755)
  • 768da16 feat: add quiet cli arg/module option (#7714)
  • baaf24a fix dom-highlights rendering under absolute position elements (#7763)
  • abe2f3d chore(deps): Update dependency angular to version 1.8.0 🌟 (#7754)
  • 1e2368d fix(deps): update dependency signal-exit to version 3.0.3 🌟 (#7738)
  • 22e47aa Update license copyright year (#7758)
  • dc2b50d Add UTM parameters to Dashboard login buttons (#7639)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

If all status checks pass Dependabot will automatically merge this pull request.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
vercel[bot] commented 4 years ago

This pull request is being automatically deployed with Vercel (learn more). To see the status of your deployment, click below or on the icon next to each commit.

🔍 Inspect: https://vercel.com/brianlovin/security-checklist/pk0qi69bk ✅ Preview: https://security-checklist-git-dependabot-npmandyarncypress-490.brianlovin.vercel.app

lighthouse-metrics[bot] commented 4 years ago

https://security-checklist-pk0qi69bk.vercel.app/:

Lighthouse Scores for https://security-checklist-pk0qi69bk.vercel.app/