Closed dependabot[bot] closed 2 months ago
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
Package | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|
npm/lodash@4.17.21 | None | 0 |
1.41 MB | bnjmnt4n |
@dependabot ignore this dependency
OK, I won't notify you about any of these dependencies again, unless you re-open this PR.
Bumps socket.io-parser to 4.2.4 and updates ancestor dependency karma. These dependencies need to be updated together.
Updates
socket.io-parser
from 3.2.0 to 4.2.4Release notes
Sourced from socket.io-parser's releases.
... (truncated)
Changelog
Sourced from socket.io-parser's changelog.
... (truncated)
Commits
164ba2a
chore(release): 4.2.4b0e6400
fix: properly detect plain objectsd9db473
fix: ensure reserved events cannot be used as event names6a5a004
docs(changelog): include changelog for release 3.4.3b6c824f
chore(release): 4.2.3dcc70d9
refactor: export typescript declarations for the commonjs build3b78117
fix: check the format of the event name0841bd5
chore: bump ua-parser-js from 1.0.32 to 1.0.33 (#121)28dd668
chore(release): 4.2.222c42e3
fix: calling destroy() should clear all internal stateUpdates
karma
from 3.1.4 to 6.4.4Release notes
Sourced from karma's releases.
... (truncated)
Changelog
Sourced from karma's changelog.
... (truncated)
Commits
84f85e7
chore(release): 6.4.4 [skip ci]a4d1284
build(deps-dev): bump ws from 6.2.1 to 6.2.3d8cf806
chore(release): 6.4.3 [skip ci]d7f2d69
fix: add build commits for patch release85a2eeb
build(deps-dev): bump decode-uri-component from 0.2.0 to 0.2.20bffce2
build(deps): updated socket.io version to fix security issues with socket.io-...86667ab
build(deps): bump follow-redirects from 1.11.0 to 1.15.4450fdfd
docs: Add deprecation notice to Karma README9de3c00
chore(release): 6.4.2 [skip ci]c6a4271
fix: few typosMost Recent Ignore Conditions Applied to This Pull Request
| Dependency Name | Ignore Conditions | | --- | --- | | karma | [>= 6.a, < 7] | | karma | [> 3.1.4] |Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show