search

mapcentia / vidi

Vidi – a modern take on browser GIS. It is the front-end client for GC2.
https://www.osgeo.org/projects/gc2-vidi/
GNU Affero General Public License v3.0
44 stars 25 forks source link

Bump debug, socket.io and socket.io-client #268

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps debug to 3.1.0 and updates ancestor dependencies debug, socket.io and socket.io-client. These dependencies need to be updated together.

Updates debug from 2.2.0 to 3.1.0

Release notes

Sourced from debug's releases.

3.1.0

Minor Changes

  • Ignore package-lock.json: e7e568a24736486721882282eb21beb31c741647
  • Remove component.json: 47747f329fe159e94262318b52b87a48f6c0acd4
  • Remove "component" from package.json: bdb7e0137f84dc8bcfc95daede7c694799d38dbf
  • Add DEBUG_HIDE_DATE env var: #486

Patches

  • Correct spelling mistake: daf1a7c8c0f62f5dbc8d48158d6748d0527cc551
  • Examples: fix colors printout: 7cd9e539ce571fc3314d34d9d1dac3124839dbac
  • Fix browser detection: fdfa0f5f6cc7e83fd60b6cf1e7b990cbf6388621
  • Remove ReDoS regexp in %o formatter: #504

Credits

Huge thanks to @​amejiarosario and @​zhuangya for their help!

3.0.0

Featuring pretty new colors!

Major Changes

  • Remove DEBUG_FD: #406
  • Make millisecond timer namespace specific and allow 'always enabled' output: #408
  • Use Date#toISOString() instead to Date#toUTCString() when output is not a TTY: #418
  • enabled() updates existing debug instances: #440

Minor Changes

  • Add destroy() function: #440
  • Document enabled flag: #465
  • Support 256 colors: #481
  • Update "browserify" to v14.4.0: 826fd94639efeaa3c5701b50d335caead084a5d6
  • Separate Node.js and web browser examples: 87880f6ae1f48b12d9f3346bce564a66cba6b93e
  • Example: use %o formatter: 31f3343de76cb8687041387a1b811745c6e84473
  • More readme screenshots replaced: 25eb545324912dd2863658d0ba35426c0f617619
  • Add Namespace Colors section to readme: 8b5c438a222167bd0cc66db046bac073f01b3c01
  • Separate the Node and Browser tests in Travis: f178d861df18abacac6e9e4607c7306a1147bf3d

Patches

  • Readme: fix typo: #473
  • Component: update "ms" to v2.0.0: d2dd80aeaf1b037f0b3be21838c4594bbedc4a9c

Credits

... (truncated)

Changelog

Sourced from debug's changelog.

3.1.0 / 2017-09-26

  • Add DEBUG_HIDE_DATE env var (#486)
  • Remove ReDoS regexp in %o formatter (#504)
  • Remove "component" from package.json
  • Remove component.json
  • Ignore package-lock.json
  • Examples: fix colors printout
  • Fix: browser detection
  • Fix: spelling mistake (#496, @​EdwardBetts)

3.0.1 / 2017-08-24

  • Fix: Disable colors in Edge and Internet Explorer (#489)

3.0.0 / 2017-08-08

  • Breaking: Remove DEBUG_FD (#406)
  • Breaking: Use Date#toISOString() instead to Date#toUTCString() when output is not a TTY (#418)
  • Breaking: Make millisecond timer namespace specific and allow 'always enabled' output (#408)
  • Addition: document enabled flag (#465)
  • Addition: add 256 colors mode (#481)
  • Addition: enabled() updates existing debug instances, add destroy() function (#440)
  • Update: component: update "ms" to v2.0.0
  • Update: separate the Node and Browser tests in Travis-CI
  • Update: refactor Readme, fixed documentation, added "Namespace Colors" section, redid screenshots
  • Update: separate Node.js and web browser examples for organization
  • Update: update "browserify" to v14.4.0
  • Fix: fix Readme typo (#473)

2.6.9 / 2017-09-22

  • remove ReDoS regexp in %o formatter (#504)

2.6.8 / 2017-05-18

2.6.7 / 2017-05-16

... (truncated)

Commits


Updates socket.io from 1.7.4 to 4.5.4

Release notes

Sourced from socket.io's releases.

4.5.4

This release contains a bump of:

Links:

4.5.3

Bug Fixes

  • typings: accept an HTTP2 server in the constructor (d3d0a2d)
  • typings: apply types to "io.timeout(...).emit()" calls (e357daf)

Links:

4.5.2

Bug Fixes

  • prevent the socket from joining a room after disconnection (18f3fda)
  • uws: prevent the server from crashing after upgrade (ba497ee)

Links:

4.5.1

Bug Fixes

  • forward the local flag to the adapter when using fetchSockets() (30430f0)
  • typings: add HTTPS server to accepted types (#4351) (9b43c91)

Links:

... (truncated)

Changelog

Sourced from socket.io's changelog.

4.5.4 (2022-11-22)

This release contains a bump of:

Dependencies

4.5.3 (2022-10-15)

Bug Fixes

  • typings: accept an HTTP2 server in the constructor (d3d0a2d)
  • typings: apply types to "io.timeout(...).emit()" calls (e357daf)

4.5.2 (2022-09-02)

Bug Fixes

  • prevent the socket from joining a room after disconnection (18f3fda)
  • uws: prevent the server from crashing after upgrade (ba497ee)

2.5.0 (2022-06-26)

Bug Fixes

  • fix race condition in dynamic namespaces (05e1278)
  • ignore packet received after disconnection (22d4bdf)
  • only set 'connected' to true after middleware execution (226cc16)
  • prevent the socket from joining a room after disconnection (f223178)

4.5.1 (2022-05-17)

Bug Fixes

... (truncated)

Commits
  • 3b7ced7 chore(release): 4.5.4
  • c00bb95 chore: bump engine.io to version 6.2.1
  • 57e5f25 chore: bump socket.io-parser to version 4.2.1
  • f4b6984 docs: add missing versions in the changelog
  • 945c84b chore(release): 4.5.3
  • d3d0a2d fix(typings): accept an HTTP2 server in the constructor
  • 19b225b docs(examples): update dependencies of the basic CRUD example
  • 8fae95d docs: add jsdoc for each public method
  • e6f6b90 docs: add deprecation notice for the allSockets() method
  • 596eb88 ci: upgrade to actions/checkout@3 and actions/setup-node@3
  • Additional commits viewable in compare view


Updates socket.io-client from 1.7.4 to 4.5.4

Release notes

Sourced from socket.io-client's releases.

4.5.4

This release contains a bump of the socket.io-parser dependency, in order to fix CVE-2022-2421.

Links:

Size of the bundles:

min min+gzip
socket.io.min.js 42.6 KB (-) 13.6 KB (-)
socket.io.msgpack.min.js 47.7 KB (-) 14.6 KB (-)
socket.io.esm.min.js 34.5 KB (-) 11.5 KB (-)

4.5.3

Bug Fixes

  • do not swallow user exceptions (2403b88)

Links:

Size of the bundles:

min min+gzip
socket.io.min.js 42.6 KB (-) 13.6 KB (-)
socket.io.msgpack.min.js 47.7 KB (-) 14.6 KB (-)
socket.io.esm.min.js 34.5 KB (-) 11.5 KB (-)

4.5.2

Bug Fixes

  • handle ill-formatted packet from server (c597023)

Links:

... (truncated)

Changelog

Sourced from socket.io-client's changelog.

4.5.4 (2022-11-22)

This release contains a bump of the socket.io-parser dependency, in order to fix CVE-2022-2421.

Dependencies

4.5.3 (2022-10-15)

Bug Fixes

  • do not swallow user exceptions (2403b88)

4.5.2 (2022-09-02)

Bug Fixes

  • handle ill-formatted packet from server (c597023)

2.5.0 (2022-06-26)

Bug Fixes

  • ensure buffered events are sent in order (991eb0b)

4.5.1 (2022-05-17)

There were some minor bug fixes on the server side, which mandate a client bump.

4.5.0 (2022-04-23)

Features

  • add details to the disconnect event (b862924)

... (truncated)

Commits
  • 91ef839 chore(release): 4.5.4
  • d882822 ci: migrate from zuul to webdriver.io
  • e891289 ci: update actions in GitHub Actions workflows (#1564)
  • cedd311 chore: bump socket.io-parser to version 4.2.1 (#1559)
  • 9ec85f7 docs: add missing versions in the changelog (2)
  • f9b773f docs: add missing versions in the changelog
  • 2eca8da chore(release): 4.5.3
  • 7c05688 docs: add jsdoc for each public method
  • 2403b88 fix: do not swallow user exceptions
  • 1098618 ci: temporarily remove iOS 16 from the test matrix
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mapcentia/vidi/network/alerts).