fds2610 / NCT-Desktop

Desktop-App for notifying Nextcloud-Talk Events
Creative Commons Zero v1.0 Universal
37 stars 3 forks source link

Bump electron from 8.3.1 to 8.5.1 #29

Closed dependabot[bot] closed 4 years ago

dependabot[bot] commented 4 years ago

Bumps electron from 8.3.1 to 8.5.1.

Release notes

Sourced from electron's releases.

electron v8.5.1

Release Notes for v8.5.1

Fixes

    • Fixes the following issues for frameless when maximized on Windows:
  • fix unreachable task bar when auto hidden with position top
  • fix 1px extending to secondary monitor
  • fix 1px overflowing into taskbar at certain resolutions
  • fix white line on top of window under 4k resolutions. #25219
  • Fixed powerMonitor not emitting suspend/resume events on some Windows machines. #25163
  • Fixed an issue where notifications with a reply button could potentially be destroyed too early when a user clicked on the notification body before replying. #25102
  • Fixed an issue where some Node.js methods would not work with URL instances constructed in the renderer process. #24861
  • Fixed frameless window's size being changed when restored from minimized state. #25057
  • Fixed inactive windows having active titlebar on Windows. #24875
  • Fixed network permission error when there are multiple WebContents sharing same session are created with web security disabled. #25181
  • Fixed node's TLS stack not allowing renegotiation. #25042
  • Fixed window size being changed after unmaximizing. #25148

Other Changes

  • Backported the fix to CVE-2020-6532: Use after free in SCTP. #24886
  • Security: Backported fix for CVE-2020-6541. #25025
  • Security: backported fix for 1095584. #25227
  • Security: backported fix for 1103827. #25244
  • Security: backported fix for 1104046. #25243
  • Security: backported fix for 1105202. #25262
  • Security: backported fix for 1105426. #25241
  • Security: backported fix for 1106682,1109467. #25239
  • Security: backported fix for 1107433. #25235
  • Security: backported fix for 1107815. #25232
  • Security: backported fix for 1115345. #25266

electron v8.5.0

Release Notes for v8.5.0

Fixes

  • Fixed an issue where suspend/resume were emitted twice on macOS. #24844
  • Fixed crash when navigating from a page with webview that has inherited zoom level. #24766

electron v8.4.1

Release Notes for v8.4.1

Fixes

  • Fix: DCHECK failure in value.IsHeapObject() in objectsdebug.cc. (Chromium security issue 1084820). #24565
  • Fix: PDFium Javascript Active Document memory corruption. (Chromium security issue 1091404). #24570
  • Fix: XSS on chrome://histograms/ with a compromised renderer. (Chromium security issue 1073409). #24626
  • Fix: heap-use-after-free in content::NavigationRequest::OnWillProcessResponseProcessed. (Chromium security issue 1090543). #24568

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fds2610/NCT-Desktop/network/alerts).
dependabot[bot] commented 4 years ago

Superseded by #30.