search

ptarmiganlabs / butler-spyglass

Utility for extracting data lineage and load scripts for all applications in a Qlik Sense Enterprise environment
https://ptarmiganlabs.com
MIT License
13 stars 2 forks source link

Update dependency ws to v8 #42

Closed renovate[bot] closed 2 years ago

renovate[bot] commented 2 years ago

WhiteSource Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
ws ^7.4.3 -> ^8.0.0 age adoption passing confidence

Release Notes

websockets/ws ### [`v8.5.0`](https://togithub.com/websockets/ws/releases/8.5.0) [Compare Source](https://togithub.com/websockets/ws/compare/8.4.2...8.5.0) ### Features - Added the ability to use a custom `WebSocket` class on the server ([#​2007](https://togithub.com/websockets/ws/issues/2007)). ### Bug fixes - When following redirects, the `Authorization` and `Cookie` headers are no longer sent if the redirect host is different from the original host ([#​2013](https://togithub.com/websockets/ws/issues/2013)). ### [`v8.4.2`](https://togithub.com/websockets/ws/releases/8.4.2) [Compare Source](https://togithub.com/websockets/ws/compare/8.4.1...8.4.2) ### Bug fixes - Fixed a data framing issue introduced in version 8.4.1 ([#​2004](https://togithub.com/websockets/ws/issues/2004)). ### [`v8.4.1`](https://togithub.com/websockets/ws/releases/8.4.1) [Compare Source](https://togithub.com/websockets/ws/compare/8.4.0...8.4.1) ### Notable changes - To improve performance, strings sent via `websocket.ping()`, `websocket.pong()`, and `websocket.send()` are no longer converted to `Buffer`s if the data does not need to be masked ([#​2000](https://togithub.com/websockets/ws/issues/2000)). ### [`v8.4.0`](https://togithub.com/websockets/ws/releases/8.4.0) [Compare Source](https://togithub.com/websockets/ws/compare/8.3.0...8.4.0) ### Features - Added ability to generate custom masking keys ([#​1990](https://togithub.com/websockets/ws/issues/1990)). ### [`v8.3.0`](https://togithub.com/websockets/ws/releases/8.3.0) [Compare Source](https://togithub.com/websockets/ws/compare/8.2.3...8.3.0) ### Features - Added ability to pause and resume a `WebSocket` ([`0a8c7a9`](https://togithub.com/websockets/ws/commit/0a8c7a9c)). ### Bug fixes - Fixed a bug that could prevent the connection from being closed cleanly when using the stream API ([`ed2b803`](https://togithub.com/websockets/ws/commit/ed2b8039)). - When following redirects, an error is now emitted and not thrown if the redirect URL is invalid ([#​1980](https://togithub.com/websockets/ws/issues/1980)). ### [`v8.2.3`](https://togithub.com/websockets/ws/releases/8.2.3) [Compare Source](https://togithub.com/websockets/ws/compare/8.2.2...8.2.3) ### Bug fixes - When context takeover is enabled, messages are now compressed even if their size is below the value of the `perMessageDeflate.threshold` option ([`41ae563`](https://togithub.com/websockets/ws/commit/41ae5631)). ### [`v8.2.2`](https://togithub.com/websockets/ws/releases/8.2.2) [Compare Source](https://togithub.com/websockets/ws/compare/8.2.1...8.2.2) ### Bug fixes - Some closing operations are now run only if needed ([`ec9377c`](https://togithub.com/websockets/ws/commit/ec9377ca)). ### [`v8.2.1`](https://togithub.com/websockets/ws/releases/8.2.1) [Compare Source](https://togithub.com/websockets/ws/compare/8.2.0...8.2.1) ##### Bug fixes - Fixed an issue where the socket was not resumed, preventing the connection from being closed cleanly ([`869c989`](https://togithub.com/websockets/ws/commit/869c9892)). ### [`v8.2.0`](https://togithub.com/websockets/ws/releases/8.2.0) [Compare Source](https://togithub.com/websockets/ws/compare/8.1.0...8.2.0) ### Features - Added `WebSocket.WebSocket` as an alias for `WebSocket` and `WebSocket.WebSocketServer` as an alias for `WebSocket.Server` to fix name consistency and improve interoperability with the ES module wrapper ([#​1935](https://togithub.com/websockets/ws/issues/1935)). ### [`v8.1.0`](https://togithub.com/websockets/ws/releases/8.1.0) [Compare Source](https://togithub.com/websockets/ws/compare/8.0.0...8.1.0) ### Features - Added ability to skip UTF-8 validation ([#​1928](https://togithub.com/websockets/ws/issues/1928)). ### Bug fixes - Fixed an issue with a breaking change in Node.js master ([`6a72da3`](https://togithub.com/websockets/ws/commit/6a72da3e)). - Fixed a misleading error message ([`c95e695`](https://togithub.com/websockets/ws/commit/c95e695d)). ### [`v8.0.0`](https://togithub.com/websockets/ws/releases/8.0.0) [Compare Source](https://togithub.com/websockets/ws/compare/7.5.7...8.0.0) ##### Breaking changes - The `WebSocket` constructor now throws a `SyntaxError` if any of the subprotocol names are invalid or duplicated ([`0aecf0c`](https://togithub.com/websockets/ws/commit/0aecf0c9)). - The server now aborts the opening handshake if an invalid `Sec-WebSocket-Protocol` header field value is received ([`1877dde`](https://togithub.com/websockets/ws/commit/1877ddeb)). - The `protocols` argument of `handleProtocols` hook is no longer an `Array` but a `Set` ([`1877dde`](https://togithub.com/websockets/ws/commit/1877ddeb)). - The opening handshake is now aborted if the `Sec-WebSocket-Extensions` header field value is empty or it begins or ends with a white space ([`e814110`](https://togithub.com/websockets/ws/commit/e814110e)). - Dropped support for Node.js < 10.0.0 ([`552b506`](https://togithub.com/websockets/ws/commit/552b5067)). - The `WebSocket` constructor now throws a `SyntaxError` if the connection URL contains a fragment identifier or if the URL's protocol is not one of `'ws:'`, `'wss:'`, or `'ws+unix:'` ([`ebea038`](https://togithub.com/websockets/ws/commit/ebea038f)). - Text messages and close reasons are no longer decoded to strings. They are passed as `Buffer`s to the listeners of their respective events. The listeners of the `'message'` event now take a boolean argument specifying whether or not the message is binary ([`e173423`](https://togithub.com/websockets/ws/commit/e173423c)). Existing code can be migrated by decoding the buffer explicitly. ```js websocket.on('message', function message(data, isBinary) { const message = isBinary ? data : data.toString(); // Continue as before. }); websocket.on('close', function close(code, data) { const reason = data.toString(); // Continue as before. }); ``` - The package now uses an ES module wrapper ([`78adf5f`](https://togithub.com/websockets/ws/commit/78adf5f7)). - `WebSocketServer.prototype.close()` no longer closes existing connections ([`df7de57`](https://togithub.com/websockets/ws/commit/df7de574)). Existing code can be migrated by closing the connections manually. ```js websocketServer.close(); for (const ws of websocketServer.clients) { ws.terminate(); } ``` - The callback of `WebSocketServer.prototype.close()` is now called with an error if the server is already closed ([`abde9cf`](https://togithub.com/websockets/ws/commit/abde9cfc)). - `WebSocket.prototype.addEventListener()` is now a noop if the `type` argument is not one of `'close'`, `'error'`, `'message'`, or `'open'` ([`9558ed1`](https://togithub.com/websockets/ws/commit/9558ed1c)). - `WebSocket.prototype.removeEventListener()` now only removes listeners added with `WebSocket.prototype.addEventListener()` and only one at time ([`ea95d9c`](https://togithub.com/websockets/ws/commit/ea95d9c4)). - The value of the `onclose`, `onerror`, `onmessage`, and `onopen` properties is now `null` if the respective event handler is not set ([`6756cf5`](https://togithub.com/websockets/ws/commit/6756cf58)). - The `OpenEvent` class has been removed ([`21e6500`](https://togithub.com/websockets/ws/commit/21e65004)). ##### Bug fixes - The event listeners added via handler properties are now independent from the event listeners added with `WebSocket.prototype.addEventListener()` ([`0b21c03`](https://togithub.com/websockets/ws/commit/0b21c03a)). ### [`v7.5.7`](https://togithub.com/websockets/ws/releases/7.5.7) [Compare Source](https://togithub.com/websockets/ws/compare/7.5.6...7.5.7) ### Bug fixes - Backported [`6946f5f`](https://togithub.com/websockets/ws/commit/6946f5fe) to the 7.x release line ([`1f72e2e`](https://togithub.com/websockets/ws/commit/1f72e2e1)). ### [`v7.5.6`](https://togithub.com/websockets/ws/releases/7.5.6) [Compare Source](https://togithub.com/websockets/ws/compare/7.5.5...7.5.6) ### Bug fixes - Backported [`b8186dd`](https://togithub.com/websockets/ws/commit/b8186dd1) to the 7.x release line ([`73dec34`](https://togithub.com/websockets/ws/commit/73dec34b)). - Backported [`ed2b803`](https://togithub.com/websockets/ws/commit/ed2b8039) to the 7.x release line ([`22a26af`](https://togithub.com/websockets/ws/commit/22a26afb)). ### [`v7.5.5`](https://togithub.com/websockets/ws/releases/7.5.5) [Compare Source](https://togithub.com/websockets/ws/compare/7.5.4...7.5.5) ### Bug fixes - Backported [`ec9377c`](https://togithub.com/websockets/ws/commit/ec9377ca) to the 7.x release line ([`0e274ac`](https://togithub.com/websockets/ws/commit/0e274acd)). ### [`v7.5.4`](https://togithub.com/websockets/ws/releases/7.5.4) [Compare Source](https://togithub.com/websockets/ws/compare/7.5.3...7.5.4) ##### Bug fixes - Backported [`6a72da3`](https://togithub.com/websockets/ws/commit/6a72da3e) to the 7.x release line ([`76087fb`](https://togithub.com/websockets/ws/commit/76087fbf)). - Backported [`869c989`](https://togithub.com/websockets/ws/commit/869c9892) to the 7.x release line ([`2799793`](https://togithub.com/websockets/ws/commit/27997933)). ### [`v7.5.3`](https://togithub.com/websockets/ws/releases/7.5.3) [Compare Source](https://togithub.com/websockets/ws/compare/7.5.2...7.5.3) ##### Bug fixes - The `WebSocketServer` constructor now throws an error if more than one of the `noServer`, `server`, and `port` options are specefied ([`66e58d2`](https://togithub.com/websockets/ws/commit/66e58d27)). - Fixed a bug where a `'close'` event was emitted by a `WebSocketServer` before the internal HTTP/S server was actually closed ([`5a58730`](https://togithub.com/websockets/ws/commit/5a587304)). - Fixed a bug that allowed WebSocket connections to be established after `WebSocketServer.prototype.close()` was called ([`772236a`](https://togithub.com/websockets/ws/commit/772236a1)). ### [`v7.5.2`](https://togithub.com/websockets/ws/releases/7.5.2) [Compare Source](https://togithub.com/websockets/ws/compare/7.5.1...7.5.2) ##### Bug fixes - The opening handshake is now aborted if the client receives a `Sec-WebSocket-Extensions` header but no extension was requested or if the server indicates an extension not requested by the client ([`aca94c8`](https://togithub.com/websockets/ws/commit/aca94c86)). ### [`v7.5.1`](https://togithub.com/websockets/ws/releases/7.5.1) [Compare Source](https://togithub.com/websockets/ws/compare/7.5.0...7.5.1) ##### Bug fixes - Fixed an issue that prevented the connection from being closed properly if an error occurred simultaneously on both peers ([`b434b9f`](https://togithub.com/websockets/ws/commit/b434b9f1)). ### [`v7.5.0`](https://togithub.com/websockets/ws/releases/7.5.0) [Compare Source](https://togithub.com/websockets/ws/compare/7.4.6...7.5.0) ##### Features - Some errors now have a `code` property describing the specific type of error that has occurred ([#​1901](https://togithub.com/websockets/ws/issues/1901)). ##### Bug fixes - A close frame is now sent to the remote peer if an error (such as a data framing error) occurs ([`8806aa9`](https://togithub.com/websockets/ws/commit/8806aa9a)). - The close code is now always 1006 if no close frame is received, even if the connection is closed due to an error ([`8806aa9`](https://togithub.com/websockets/ws/commit/8806aa9a)). ### [`v7.4.6`](https://togithub.com/websockets/ws/releases/7.4.6) [Compare Source](https://togithub.com/websockets/ws/compare/7.4.5...7.4.6) ##### Bug fixes - Fixed a ReDoS vulnerability ([`00c425e`](https://togithub.com/websockets/ws/commit/00c425ec)). A specially crafted value of the `Sec-Websocket-Protocol` header could be used to significantly slow down a ws server. ```js for (const length of [1000, 2000, 4000, 8000, 16000, 32000]) { const value = 'b' + ' '.repeat(length) + 'x'; const start = process.hrtime.bigint(); value.trim().split(/ *, */); const end = process.hrtime.bigint(); console.log('length = %d, time = %f ns', length, end - start); } ``` The vulnerability was responsibly disclosed along with a fix in private by [Robert McLaughlin](https://togithub.com/robmcl4) from University of California, Santa Barbara. In vulnerable versions of ws, the issue can be mitigated by reducing the maximum allowed length of the request headers using the [`--max-http-header-size=size`](https://nodejs.org/api/cli.html#cli_max_http_header_size_size) and/or the [`maxHeaderSize`](https://nodejs.org/api/http.html#http_http_createserver_options_requestlistener) options. ### [`v7.4.5`](https://togithub.com/websockets/ws/releases/7.4.5) [Compare Source](https://togithub.com/websockets/ws/compare/7.4.4...7.4.5) ##### Bug fixes - UTF-8 validation is now done even if `utf-8-validate` is not installed ([`23ba6b2`](https://togithub.com/websockets/ws/commit/23ba6b29)). - Fixed an edge case where `websocket.close()` and `websocket.terminate()` did not close the connection ([`67e25ff`](https://togithub.com/websockets/ws/commit/67e25ff5)). ### [`v7.4.4`](https://togithub.com/websockets/ws/releases/7.4.4) [Compare Source](https://togithub.com/websockets/ws/compare/7.4.3...7.4.4) ##### Bug fixes - Fixed a bug that could cause the process to crash when using the permessage-deflate extension ([`9277437`](https://togithub.com/websockets/ws/commit/92774377)).

Configuration

šŸ“… Schedule: At any time (no schedule defined).

šŸš¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.

ā™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

šŸ”• Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by WhiteSource Renovate. View repository job log here.