search

citp / news-disinformation-study

A research project on how web users consume, are exposed to, and share news online.
8 stars 2 forks source link

Bump cacheable-request and web-ext #118

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps cacheable-request to 10.2.7 and updates ancestor dependency web-ext. These dependencies need to be updated together.

Updates cacheable-request from 2.1.4 to 10.2.7

Release notes

Sourced from cacheable-request's releases.

v10.2.6

Fix for memory leak on Listeners

The listener was not being removed on response and just error but new handlers were being added causing a memory leak.

line 220 in src/index.ts was modified to remove the listener on response also 

         if (this.cache instanceof Keyv) {
                const cachek = this.cache;
                cachek.once('error', errorHandler);
                ee.on('error', () => cachek.removeListener('error', errorHandler));
                ee.on('response', () => cachek.removeListener('error', errorHandler));
            }

What's Changed

Full Changelog: https://github.com/jaredwray/cacheable-request/compare/v10.2.5...v10.2.6

v10.2.5

Types definition issue with http-cache-sematics as that type definition needs to be in dependencies. Thanks @​Maxim-Mazurok

What's Changed

Full Changelog: https://github.com/jaredwray/cacheable-request/compare/v10.2.4...v10.2.5

v10.2.4

Minor updates with one exception is that we removed @types/http-cache-semantics from the main dependencies as it does not look to be needed.

What's Changed

Full Changelog: https://github.com/jaredwray/cacheable-request/compare/v10.2.3...v10.2.4

v10.2.3 Maintenance Release

Upgrading core modules in the system such as keyv and also a minor fix to an uncaught exception that we were seeing referenced here: sindresorhus/got#1925

Additional update is moving normalize-url to 8.0.0 which after testing it looks to not affect anything but will post the release notes here: https://github.com/sindresorhus/normalize-url/releases/tag/v8.0.0

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by jaredwray, a new releaser for cacheable-request since your current version.


Updates web-ext from 6.1.0 to 7.5.0

Release notes

Sourced from web-ext's releases.

7.5.0

Features

  • web-ext lint: updated to use addons-linter v5.27.0 (#2573, #2583, #2602, #2619)
    • import Firefox 109.0b9 API schema
    • ensure empty ZIP files will output results when auto-close feature is disabled
    • switch to vendored ajv-merge-patch library to fix a potential security issue
    • prevent errors when permissions in manifest.json isn't an array
  • web-ext sign: send user agent header with signing requests (#2540)

Bug Fixes

  • web-ext sign: added missing type for channel parameter (#2546)
  • web-ext sign: fixed the default AMO API base URL used by the experimental --use-submission-api CLI flag (#2621)
  • Other dependencies updated:
    • sign-addon to v5.2.0 (#2584)
    • camelcase to v7.0.1 (#2574)
    • eslint to v8.29.0 (#2569)
    • mocha to v10.2.0 (#2572)
    • prettier to v2.8.1 (#2571)
    • ... and some other dev dependencies

See all changes: https://github.com/mozilla/web-ext/compare/7.4.0...7.5.0

7.4.0

Features

  • web-ext lint: enabled MV3 by default (#2557)
  • web-ext lint: updated to use addons-linter v5.23.0 (#2537) (#2561)
    • Firefox 108.0b5 schema has been imported
    • MV3 event pages are now fully supported by the linter
    • Various fixes related to CSP have been made in the linter

Bug Fixes

  • Other dependencies updated:

See all changes https://github.com/mozilla/web-ext/compare/7.3.1...7.4.0

7.3.1

Bug Fixes

  • web-ext sign: fixed a bug that caused the experimental CLI flag --use-submission-api to use an invalid URL (#2531)

See all changes https://github.com/mozilla/web-ext/compare/7.3.0...7.3.1

... (truncated)

Commits
  • fa989f7 7.5.0
  • 71e19d2 add trailing slash to amo-base-url & enforce within submit-addon Client (#2621)
  • 00250d0 chore(deps): bump @​babel/runtime from 7.20.7 to 7.20.13 (#2622)
  • 0bf4881 ci: use Node 18 in Circle CI (#2618)
  • ca817f3 chore: remove 'fast-json-patch' from the exclusion list in .nsprc (#2620)
  • 6659079 chore(deps): bump addons-linter from 5.26.0 to 5.27.0 (#2619)
  • 6356fa9 fix: Add missing type for channel parameter (#2546) (#2570)
  • 870b1d1 chore(deps-dev): bump eslint-plugin-import from 2.27.4 to 2.27.5 (#2613)
  • 9369afb chore(deps-dev): bump prettier from 2.8.2 to 2.8.3 (#2610)
  • 829884d chore(deps-dev): bump eslint from 8.31.0 to 8.32.0 (#2612)
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/citp/news-disinformation-study/network/alerts).