search

brianlovin / security-checklist

A checklist for staying safe on the internet
https://brianlovin.com/security
MIT License
922 stars 76 forks source link

Bump cypress from 4.11.0 to 4.12.0 #588

Closed dependabot[bot] closed 3 years ago

dependabot[bot] commented 3 years ago

Bumps cypress from 4.11.0 to 4.12.0.

Release notes

Sourced from cypress's releases.

4.12.0

Released 8/3/2020

Features:

  • Now you can control whether screenshots are automatically taken on test failure during cypress run by setting screenshotOnRunFailure in your configuration. Addresses #5029.
  • The pluginsFile now has access to a readonly version property within the config object that returns the current Cypress version being run. This will allow plugins to better target specific Cypress versions. Addresses #6352.
  • During cypress open, you can now run a subset of all specs by entering a text search filter and clicking 'Run n tests'. Addresses #6581.

Bugfixes:

  • position: fixed elements that have a parent with pointer-events: none will now correctly evaluate as visible. Fixes #6675.
  • Applications using custom elements will no longer trigger infinite XHR request loops. Fixes #1068.
  • When snapshotting the DOM, Cypress no longer causes attributeChangedCallback to be triggered on custom elements. Fixes #7187.
  • Spec files containing + characters now properly run in Cypress. Fixes #5909.
  • When using the fx shortcut in cy.route(), an error is now thrown when the fixture file cannot be found. Fixes #7818.
  • Cypress no longer thrown Cannot read property '__error' of null error when passing a file containing null content to cy.fixture(). Fixes #8010.
  • Values containing exponential operators passed to --env via the command line are now properly read. Fixes #6891.
  • The "Open in IDE" button no longer disappears from hooks when the tests are manually rerun. Fixes #8094.
  • When experimentalSourceRewriting is enabled, AST rewriting will no longer return an output before the body is done being written. This would happen when the response body was too large and the response would be sent while the body was still being modified. Fixes #8043.
  • When using .type(), Cypress now properly types into an input within an iframe that auto focuses the input. Fixes #8111.

Misc:

  • Dependencies for our cypress npm package are no longer pinned to a specific version. This allows the use of npm audit fix to fix security vulnerabilities without needing a patch release from Cypress. Addresses #8046.
  • We now collect environment variables for AWS CodeBuild when recording to the Dashboard. Addressed #8101.
  • Types inside Module API are now accessible via the CypressCommandLine namespace. Addresses #7309.
  • We added more type definitions for the .should() command. Addresses #5573.
  • Cookie command's expiry property type is now a Number instead of a String. Addresses #8144.
  • There are some minor visual improvements to the Test Runner's Command Log when hovering, focusing and clicking on hook titles and pending tests. Addressed in #8153.

Dependency Updates:

  • Upgraded jimp from 0.13.0 to 0.14.0. Addressed in #8102.
  • Upgraded moment from 2.26.0 to 2.27.0. Addressed in #8122.
Commits
  • 580087d release 4.12.0 [skip ci]
  • 9d19a9f fix: Capture env vars from AWS Code Build (#8159)
  • e0f587e fix: iFrame input focus should not cause blur if input already activeElement ...
  • 19393e0 fix(reporter): minor UI fixes and improvements (#8153)
  • 008f07a chore: a typo in comment (#8150)
  • 4977450 fix: Cookie interface expiry prop (#8145)
  • e1f9c80 docs: Update contributing to mention titling PRs with semantic-release (#8125)
  • fe96d7c feat: run only filtered specs (#8007)
  • d246272 fix(deps): update dependency moment to version 2.27.0 🌟 (#8122)
  • 15c71c5 fix: Introduce CypressCommandLine namespace to type NPM module api
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
vercel[bot] commented 3 years ago

This pull request is being automatically deployed with Vercel (learn more). To see the status of your deployment, click below or on the icon next to each commit.

🔍 Inspect: https://vercel.com/brianlovin/security-checklist/phhg9eqgs ✅ Preview: https://security-checklist-git-dependabot-npmandyarncypress-4120.brianlovin.vercel.app

lighthouse-metrics[bot] commented 3 years ago

https://security-checklist-phhg9eqgs.vercel.app/:

Lighthouse Scores for https://security-checklist-phhg9eqgs.vercel.app/

dependabot[bot] commented 3 years ago

Superseded by #590.