search

percy / percy-js

[Deprecated] JavaScript API client library for Percy.
MIT License
31 stars 19 forks source link

build(deps): Bump jssha from 2.4.0 to 3.2.0 #247

Closed dependabot-preview[bot] closed 3 years ago

dependabot-preview[bot] commented 3 years ago

Bumps jssha from 2.4.0 to 3.2.0.

Release notes

Sourced from jssha's releases.

Release version 3.2.0

Changelog for this release:

  • Added ESM versions of all variants (thanks wKovacs64!).

Release version 3.1.2

Changelog for this release:

  • Added explicit package.json export to support React (thanks canpoyrazoglu!).

Release version 3.1.1

Changelog for this release:

  • Added dist subpath exports to provide forward compatibility with newer node versions (thanks aravinth2094!).

Release version 3.1.0

Changelog for this release:

  • Added support for cSHAKE128/256 and KMAC128/256 (thanks paulg446 for the ticket and mrecachinas for the test vector help!).
  • Added TypeScript declarations for all variant files (thanks wKovacs64!).
  • Deprecated setHMACKey and getHMAC in order to unify MAC API. See the [jsSHA Wiki] for more information.

Release version 3.0.0

Changelog for this release:

  • Transitioned codebase to TypeScript while still maintaining v2 backwards compatible output files (thanks for the solid start oberondelafay!).
  • v2 backwards compatible files now use the Universal Module Definition (UMD) format which should support all well-known loaders.
  • Added a oft-requested ECMAScript 2015 (ES6) ECMAScript Module (ESM) version of the library (dist/sha.mjs).
  • Reworked package exports to allow Node.js and other tools to smartly choose between ES6 ESM module and ES3 UMD versions of the library.
  • TypeScript declarations are now included with the library for the default entry points (dist/sha.js and dist/sha.mjs).
  • Source maps are now included with the library for the default entry points.
  • Limited hash variant files (sha1.js, sha256.js, sha512.js, and sha3.js) are now accessed via exports rather than file path (e.g. using require("jssha/sha1") rather than the previous require("jssha/src/sha1.js").
  • Changed build system from Google Closure Compiler to Rollup with terser as the minifier/uglifer (thanks blikblum!). This resulted in slightly larger output files but infinitely better maintainability.
  • Optimized 64-bit functions by removing unneeded logical/arithmetic/bit operations.
  • Completely overhauled testing due to transition to TypeScript. This resulted in the ability to get true 100% unit test coverage and identification of a few lurking/obscure bugs (see v2.4.2 and v2.4.1).

Release version 2.4.2

This marks the last v2.X feature release. The codebase is transitioning to TypeScript and, while the API is intended to be fully backwards-compatible, the version will be bumped to v3 as a safety precaution.

Changelog for this release:

  • Fixed incorrect SHAKE128 results when output length was greater than 1344-bits and SHAKE256 results when output length was greater than 1088-bits (1344 and 1088 being internal state size for each variant).

Release version 2.4.1

Changelog

Sourced from jssha's changelog.

3.2.0 (2020-12-07)

  • Added ESM versions of all variants (thanks wKovacs64!).

3.1.2 (2020-08-08)

  • Added explicit package.json export to support React (thanks canpoyrazoglu!).

3.1.1 (2020-07-22)

  • Added dist subpath exports to provide forward compatibility with newer node versions (thanks aravinth2094!).

3.1.0 - Still-At-Home Edition (2020-04-15)

  • Added support for cSHAKE128/256 and KMAC128/256 (thanks paulg446 for the ticket and mrecachinas for the test vector help!).
  • Added TypeScript declarations for all variant files (thanks wKovacs64!).
  • Deprecated setHMACKey and getHMAC in order to unify MAC API. See the jsSHA Wiki for more information.

3.0.0 - Stay-At-Home Order Edition (2020-04-09)

  • Transitioned codebase to TypeScript while still maintaining v2 backwards compatible output files (thanks for the solid start oberondelafay!).
  • v2 backwards compatible files now use the [Universal Module Definition (UMD)][umd] format which should support all well-known loaders.
  • Added a oft-requested ECMAScript 2015 (ES6) ECMAScript Module (ESM) version of the library (dist/sha.mjs).
  • Reworked package exports to allow Node.js and other tools to smartly choose between ES6 ESM module and ES3 UMD versions of the library.
  • TypeScript declarations are now included with the library for the default entry points (dist/sha.js and dist/sha.mjs).
  • Source maps are now included with the library for the default entry points.
  • Limited hash variant files (sha1.js, sha256.js, sha512.js, and sha3.js) are now accessed via exports rather than file path (e.g. using require("jssha/sha1") rather than the previous require("jssha/src/sha1.js").
  • Changed build system from [Google Closure Compiler][gcc] to [Rollup] with [terser] as the minifier/uglifer (thanks blikblum!). This resulted in slightly larger output files but infinitely better maintainability.
  • Optimized 64-bit functions by removing unneeded logical/arithmetic/bit operations.
  • Completely overhauled testing due to transition to TypeScript. This resulted in the ability to get true 100% unit test coverage and identification of a few lurking/obscure bugs (see v2.4.2 and v2.4.1).
Commits
  • 7e1453e Update README with new dist files
  • ddd4b17 Prep for v3.2.0
  • e033f3d Build and export an ES version of all modules
  • 0d8c681 Sync package versions
  • a8f7b1e Add a SECURITY.md
  • 261eaa7 Rebuild dist versions with new dev dependencies
  • 1760007 Bump dev dependencies versions
  • 8698dac Prep for v3.1.2
  • b6a3792 Add export for package.json to appease React
  • d3152ea Prep for v3.1.1
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by caligatio, a new releaser for jssha since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will not automatically merge this PR because it includes a major update to a production dependency.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
dependabot-preview[bot] commented 3 years ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.