mozilla / betachannel

DEPRECATED - Give beta testers access to your Apps
https://wiki.mozilla.org/Mobile/Projects/BetaFox
4 stars 5 forks source link

Bump request from 2.36.0 to 2.88.0 #61

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 5 years ago

Bumps request from 2.36.0 to 2.88.0.

Changelog *Sourced from [request's changelog](https://github.com/request/request/blob/master/CHANGELOG.md).* > ### v2.88.0 (2018/08/10) > - [#2996](https://github-redirect.dependabot.com/request/request/pull/2996) fix(uuid): import versioned uuid ([@​kwonoj](https://github.com/kwonoj)) > - [#2994](https://github-redirect.dependabot.com/request/request/pull/2994) Update to oauth-sign 0.9.0 ([@​dlecocq](https://github.com/dlecocq)) > - [#2993](https://github-redirect.dependabot.com/request/request/pull/2993) Fix header tests ([@​simov](https://github.com/simov)) > - [#2904](https://github-redirect.dependabot.com/request/request/pull/2904) [#515](https://github-redirect.dependabot.com/request/request/issues/515), [#2894](https://github-redirect.dependabot.com/request/request/issues/2894) Strip port suffix from Host header if the protocol is known. ([#2904](https://github-redirect.dependabot.com/request/request/issues/2904)) ([@​paambaati](https://github.com/paambaati)) > - [#2791](https://github-redirect.dependabot.com/request/request/pull/2791) Improve AWS SigV4 support. ([#2791](https://github-redirect.dependabot.com/request/request/issues/2791)) ([@​vikhyat](https://github.com/vikhyat)) > - [#2977](https://github-redirect.dependabot.com/request/request/pull/2977) Update test certificates ([@​simov](https://github.com/simov)) > > ### v2.87.0 (2018/05/21) > - [#2943](https://github-redirect.dependabot.com/request/request/pull/2943) Replace hawk dependency with a local implemenation ([#2943](https://github-redirect.dependabot.com/request/request/issues/2943)) ([@​hueniverse](https://github.com/hueniverse)) > > ### v2.86.0 (2018/05/15) > - [#2885](https://github-redirect.dependabot.com/request/request/pull/2885) Remove redundant code (for Node.js 0.9.4 and below) and dependency ([@​ChALkeR](https://github.com/ChALkeR)) > - [#2942](https://github-redirect.dependabot.com/request/request/pull/2942) Make Test GREEN Again! ([@​simov](https://github.com/simov)) > - [#2923](https://github-redirect.dependabot.com/request/request/pull/2923) Alterations for failing CI tests ([@​gareth-robinson](https://github.com/gareth-robinson)) > > ### v2.85.0 (2018/03/12) > - [#2880](https://github-redirect.dependabot.com/request/request/pull/2880) Revert "Update hawk to 7.0.7 ([#2880](https://github-redirect.dependabot.com/request/request/issues/2880))" ([@​simov](https://github.com/simov)) > > ### v2.84.0 (2018/03/12) > - [#2793](https://github-redirect.dependabot.com/request/request/pull/2793) Fixed calculation of oauth_body_hash, issue [#2792](https://github-redirect.dependabot.com/request/request/issues/2792) ([@​dvishniakov](https://github.com/dvishniakov)) > - [#2880](https://github-redirect.dependabot.com/request/request/pull/2880) Update hawk to 7.0.7 ([#2880](https://github-redirect.dependabot.com/request/request/issues/2880)) ([@​kornel-kedzierski](https://github.com/kornel-kedzierski)) > > ### v2.83.0 (2017/09/27) > - [#2776](https://github-redirect.dependabot.com/request/request/pull/2776) Updating tough-cookie due to security fix. ([#2776](https://github-redirect.dependabot.com/request/request/issues/2776)) ([@​karlnorling](https://github.com/karlnorling)) > > ### v2.82.0 (2017/09/19) > - [#2703](https://github-redirect.dependabot.com/request/request/pull/2703) Add Node.js v8 to Travis CI ([@​ryysud](https://github.com/ryysud)) > - [#2751](https://github-redirect.dependabot.com/request/request/pull/2751) Update of hawk and qs to latest version ([#2751](https://github-redirect.dependabot.com/request/request/issues/2751)) ([@​Olivier-Moreau](https://github.com/Olivier-Moreau)) > - [#2658](https://github-redirect.dependabot.com/request/request/pull/2658) Fixed some text in README.md ([#2658](https://github-redirect.dependabot.com/request/request/issues/2658)) ([@​Marketionist](https://github.com/Marketionist)) > - [#2635](https://github-redirect.dependabot.com/request/request/pull/2635) chore(package): update aws-sign2 to version 0.7.0 ([#2635](https://github-redirect.dependabot.com/request/request/issues/2635)) ([@​greenkeeperio-bot](https://github.com/greenkeeperio-bot)) > - [#2641](https://github-redirect.dependabot.com/request/request/pull/2641) Update README to simplify & update convenience methods ([#2641](https://github-redirect.dependabot.com/request/request/issues/2641)) ([@​FredKSchott](https://github.com/FredKSchott)) > - [#2541](https://github-redirect.dependabot.com/request/request/pull/2541) Add convenience method for HTTP OPTIONS ([#2541](https://github-redirect.dependabot.com/request/request/issues/2541)) ([@​jamesseanwright](https://github.com/jamesseanwright)) > - [#2605](https://github-redirect.dependabot.com/request/request/pull/2605) Add promise support section to README ([#2605](https://github-redirect.dependabot.com/request/request/issues/2605)) ([@​FredKSchott](https://github.com/FredKSchott)) > - [#2579](https://github-redirect.dependabot.com/request/request/pull/2579) refactor(lint): replace eslint with standard ([#2579](https://github-redirect.dependabot.com/request/request/issues/2579)) ([@​ahmadnassri](https://github.com/ahmadnassri)) > - [#2598](https://github-redirect.dependabot.com/request/request/pull/2598) Update codecov to version 2.0.2 🚀 ([@​greenkeeperio-bot](https://github.com/greenkeeperio-bot)) > - [#2590](https://github-redirect.dependabot.com/request/request/pull/2590) Adds test-timing keepAlive test ([@​nicjansma](https://github.com/nicjansma)) > - [#2589](https://github-redirect.dependabot.com/request/request/pull/2589) fix tabulation on request example README.MD ([@​odykyi](https://github.com/odykyi)) > - [#2594](https://github-redirect.dependabot.com/request/request/pull/2594) chore(dependencies): har-validator to 5.x [removes babel dep] ([@​ahmadnassri](https://github.com/ahmadnassri)) > > ### v2.81.0 (2017/03/09) > - [#2584](https://github-redirect.dependabot.com/request/request/pull/2584) Security issue: Upgrade qs to version 6.4.0 ([@​sergejmueller](https://github.com/sergejmueller)) > - [#2578](https://github-redirect.dependabot.com/request/request/pull/2578) safe-buffer doesn't zero-fill by default, its just a polyfill. ([#2578](https://github-redirect.dependabot.com/request/request/issues/2578)) ([@​mikeal](https://github.com/mikeal)) > - [#2566](https://github-redirect.dependabot.com/request/request/pull/2566) Timings: Tracks 'lookup', adds 'wait' time, fixes connection re-use ([#2566](https://github-redirect.dependabot.com/request/request/issues/2566)) ([@​nicjansma](https://github.com/nicjansma)) > - [#2574](https://github-redirect.dependabot.com/request/request/pull/2574) Migrating to safe-buffer for improved security. ([@​mikeal](https://github.com/mikeal)) > - [#2573](https://github-redirect.dependabot.com/request/request/pull/2573) fixes [#2572](https://github-redirect.dependabot.com/request/request/issues/2572) ([@​ahmadnassri](https://github.com/ahmadnassri)) > > ### v2.80.0 (2017/03/04) > - [#2571](https://github-redirect.dependabot.com/request/request/pull/2571) Correctly format the Host header for IPv6 addresses ([@​JamesMGreene](https://github.com/JamesMGreene)) > - [#2558](https://github-redirect.dependabot.com/request/request/pull/2558) Update README.md example snippet ([@​FredKSchott](https://github.com/FredKSchott)) > ... (truncated)
Commits - [`6420240`](https://github.com/request/request/commit/642024036379239a7fa29c27ef7bb4dd3fa3b3a4) 2.88.0 - [`bd22e21`](https://github.com/request/request/commit/bd22e217f1590804ebfea031d158f2a486b0c985) fix: massive dependency upgrade, fixes all production vulnerabilities - [`925849a`](https://github.com/request/request/commit/925849a8278ae794eb9c257cf4d6cc4fb3ee89a8) Merge pull request [#2996](https://github-redirect.dependabot.com/request/request/issues/2996) from kwonoj/fix-uuid - [`7b68551`](https://github.com/request/request/commit/7b685511edbfdb909814473c3fccde3fb285503d) fix(uuid): import versioned uuid - [`5797963`](https://github.com/request/request/commit/579796327218bb6ae30440b4f25da6166f72c282) Merge pull request [#2994](https://github-redirect.dependabot.com/request/request/issues/2994) from dlecocq/oauth-sign-0.9.0 - [`628ff5e`](https://github.com/request/request/commit/628ff5e3c9a242bb82805c368fc5b6f942d9af70) Update to oauth-sign 0.9.0 - [`10987ef`](https://github.com/request/request/commit/10987ef9d611a0f24e340505f97c8eca119854e5) Merge pull request [#2993](https://github-redirect.dependabot.com/request/request/issues/2993) from simov/fix-header-tests - [`cd848af`](https://github.com/request/request/commit/cd848afbdbac78b656847c75be1c0a9daf619045) These are not going to fail if there is a server listening on those ports - [`a92e138`](https://github.com/request/request/commit/a92e138d897d78ce19dd70bd1ad271c7f9c6a23d) [#515](https://github-redirect.dependabot.com/request/request/issues/515), [#2894](https://github-redirect.dependabot.com/request/request/issues/2894) Strip port suffix from Host header if the protocol is known. ([#2904](https://github-redirect.dependabot.com/request/request/issues/2904)) - [`45ffc4b`](https://github.com/request/request/commit/45ffc4b536043e85e0850edf35ba47067c0dbada) Improve AWS SigV4 support. ([#2791](https://github-redirect.dependabot.com/request/request/issues/2791)) - Additional commits viewable in [compare view](https://github.com/request/request/compare/v2.36.0...v2.88.0)


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mozilla/betachannel/network/alerts).
dependabot[bot] commented 1 year ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.