Bump System.Text.Encodings.Web from 4.4.0 / 4.0.2 to 4.5.1 & Update npm Dependencies

mmanela / chutzpah

Chutzpah is an open source JavaScript test runner which enables you to run unit tests using QUnit, Jasmine, Mocha and TypeScript.

http://mmanela.github.io/chutzpah/

Apache License 2.0

550 stars 143 forks source link

Bump System.Text.Encodings.Web from 4.4.0 / 4.0.2 to 4.5.1 & Update npm Dependencies #806

Closed F-Forget closed 2 years ago

F-Forget commented 3 years ago

This PR bumps System.Text.Encodings.Web from 4.4.0 (packages.config) / 4.0.2 (csproj) to 4.5.1. This ensures that the version used is consistent across the project and also take care of the CVE-2021-26701 vulnerability.

This PR also updates various other npm dependencies. In this case, it also resolves those vulnerabilities as well : CVE-2020-15366 and CVE-2021-32640

.\build.bat install, .\build.bat, unit tests and both Visual Studio Projects were run and tested before creating this PR.

F-Forget commented 3 years ago

Thank you for the comment @mmanela . Would it be possible for you to review again and approve if it meets your requirements?