kevinobee / sveltekit-security-headers

Adds missing HTTP response headers to SvelteKit apps
https://sveltekit-security-headers.vercel.app
MIT License
4 stars 0 forks source link

build(deps-dev): bump @playwright/test from 1.41.2 to 1.46.1 #125

Open dependabot[bot] opened 2 months ago

dependabot[bot] commented 2 months ago

Bumps @playwright/test from 1.41.2 to 1.46.1.

Release notes

Sourced from @​playwright/test's releases.

v1.46.1

Highlights

microsoft/playwright#32004 - [REGRESSION]: Client Certificates don't work with Microsoft IIS microsoft/playwright#32004 - [REGRESSION]: Websites stall on TLS handshake errors when using Client Certificates microsoft/playwright#32146 - [BUG]: Credential scanners warn about internal socks-proxy TLS certificates microsoft/playwright#32056 - [REGRESSION]: 1.46.0 (TypeScript) - custom fixtures extend no longer chainable microsoft/playwright#32070 - [Bug]: --only-changed flag and project dependencies microsoft/playwright#32188 - [Bug]: --only-changed with shallow clone throws "unknown revision" error

Browser Versions

  • Chromium 128.0.6613.18
  • Mozilla Firefox 128.0
  • WebKit 18.0

This version was also tested against the following stable channels:

  • Google Chrome 127
  • Microsoft Edge 127

v1.46.0

TLS Client Certificates

Playwright now allows to supply client-side certificates, so that server can verify them, as specified by TLS Client Authentication.

When client certificates are specified, all browser traffic is routed through a proxy that establishes the secure TLS connection, provides client certificates to the server and validates server certificates.

The following snippet sets up a client certificate for https://example.com:

import { defineConfig } from '@playwright/test';

export default defineConfig({ // ... use: { clientCertificates: [{ origin: 'https://example.com', certPath: './cert.pem', keyPath: './key.pem', passphrase: 'mysecretpassword', }], }, // ... });

You can also provide client certificates to a particular test project or as a parameter of browser.newContext() and apiRequest.newContext().

--only-changed cli option

New CLI option --only-changed allows to only run test files that have been changed since the last git commit or from a specific git "ref".

... (truncated)

Commits
  • e1c861c cherry-pick(#32021): test: fix failing client-certificate tests
  • 20b0788 chore: mark v1.46.1 (#32194)
  • 57c3240 cherry-pick(#32192): chore: generate self-signed certificates for socks proxy
  • 301f179 cherry-pick(#32189): fix(only-changed): show nice error message about shallow...
  • b2d6a09 cherry-pick(#32164): docs: release video and trace viewer video (#32173)
  • 7cf7aec cherry-pick(#32094): fix(test runner): run project dependencies of `--only-ch...
  • d78ae01 cherry-pick(#32163): fix(client-certificates): stall on tls handshake errors
  • bd13da4 cherry-pick(#32155): fix(client-certificates): when server does tls renegotia...
  • 30684a7 cherry-pick(#32066): fix(types): revert type changes made to support TS 5.5 (...
  • 5e68061 cherry-pick(#32015): docs(release-notes): fix typo in .NET release notes
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
vercel[bot] commented 2 months ago

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
sveltekit-security-headers ✅ Ready (Inspect) Visit Preview 💬 Add feedback Aug 19, 2024 1:20pm
socket-security[bot] commented 2 months ago

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@playwright/test@1.46.1 None +3 10.6 MB dgozman-ms, mxschmitt, pavelfeldman, ...1 more

🚮 Removed packages: npm/@playwright/test@1.41.2

View full report↗︎