build(deps-dev): bump chai from 4.3.7 to 4.5.0

[dependabot[bot]]

Bumps chai from 4.3.7 to 4.5.0.

Release notes

Sourced from chai's releases.

v4.5.0

• Update type detect (#1631) 1a36d35

https://github.com/chaijs/chai/compare/v4.4.1...v4.5.0

What's Changed

• Update type detect by @​koddsson in chaijs/chai#1631

Full Changelog: https://github.com/chaijs/chai/compare/v4.4.1...v4.5.0

v4.4.1

What's Changed

• fix: removes ?? for node compat by @​43081j in chaijs/chai#1574

Full Changelog: https://github.com/chaijs/chai/compare/v4.4.0...v4.4.1

v4.4.0

What's Changed

• Allow deepEqual fonction to be configured globally (4.x.x branch) by @​forty in chaijs/chai#1553

Full Changelog: https://github.com/chaijs/chai/compare/v4.3.10...v4.4.0

v4.3.10

This release simply bumps all dependencies to their latest non-breaking versions.

What's Changed

• upgrade all dependencies by @​keithamus in chaijs/chai#1540

Full Changelog: https://github.com/chaijs/chai/compare/v4.3.9...v4.3.10

v4.3.9

Upgrade dependencies.

This release upgrades dependencies to address CVE-2023-43646 where a large function name can cause "catastrophic backtracking" (aka ReDOS attack) which can cause the test suite to hang.

Full Changelog: https://github.com/chaijs/chai/compare/v4.3.8...v4.3.9

v4.3.8

What's Changed

• 4.x.x: Fix link to commit logs on GitHub by @​bugwelle in chaijs/chai#1487
• build(deps): bump socket.io-parser from 4.0.4 to 4.0.5 by @​dependabot in chaijs/chai#1488
• Small typo in test.js by @​mavaddat in chaijs/chai#1459
• docs: specify return type of objDisplay by @​scarf005 in chaijs/chai#1490
• Update CONTRIBUTING.md by @​matheus-rodrigues00 in chaijs/chai#1521
• Fix: update exports.version to current version by @​peanutenthusiast in chaijs/chai#1534

... (truncated)

Commits

• 6a19308 4.5.0
• 1a36d35 Update type detect (#1631)
• f4b2fbc fix: removes ?? for node compat (#1574)
• 6ef2824 bump version
• fb5fd85 Allow deepEqual fonction to be configured globally (#1553)
• 744a16e 4.3.10
• 0ccd823 upgrade all dependencies (#1540)
• 923d0a4 4.3.9
• 1a0f887 make
• a141e57 upgrade deps
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

| Dependency Name | Ignore Conditions | | --- | --- | | chai | [>= 5.a, < 6] |

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[jankapunkt]

@dhensby after merging #311 we now have issues with dependabot PRs and tests, claiming package.json and package lock not being in sync. The other PR still pass ci though. Any idea why this might happens only on dependabot PRs?

[dhensby]

@dependabot recreate

[dhensby]

@jankapunkt we just need to ask dependabot to recreate the PRs and then it'll sort out the package-lock file