Bump engine.io, ember-cli and ember-data in /frontend

[dependabot[bot]]

Bumps engine.io to 3.6.0 and updates ancestor dependencies engine.io, ember-cli and ember-data. These dependencies need to be updated together.

Updates engine.io from 1.8.0 to 3.6.0

Release notes

Sourced from engine.io's releases.

3.6.0

Bug Fixes

• add extension in the package.json main entry (#608) (3ad0567)
• do not reset the ping timer after upgrade (1f5d469)

Features

• decrease the default value of maxHttpBufferSize (58e274c)

This change reduces the default value from 100 mb to a more sane 1 mb.

This helps protect the server against denial of service attacks by malicious clients sending huge amounts of data.

See also: https://github.com/advisories/GHSA-j4f2-536g-r55m

• increase the default value of pingTimeout (f55a79a)

Links

• Diff: https://github.com/socketio/engine.io/compare/3.5.0...3.6.0
• Client release: -
• ws version: ~7.4.2

3.5.0

Features

• add support for all cookie options (19cc582)
• disable perMessageDeflate by default (5ad2736)

Links

• Diff: https://github.com/socketio/engine.io/compare/3.4.2...3.5.0
• Client release: 3.5.0
• ws version: ~7.4.2

3.4.2

Bug Fixes

• remove explicit require of uws (85e544a)

Links

• Diff: 3.4.1...3.4.2
• Client release: -

... (truncated)

Changelog

Sourced from engine.io's changelog.

3.6.0 (2022-06-06)

Bug Fixes

• add extension in the package.json main entry (#608) (3ad0567)
• do not reset the ping timer after upgrade (1f5d469), closes socketio/socket.io-client-swift#1309

Features

• decrease the default value of maxHttpBufferSize (58e274c)

This change reduces the default value from 100 mb to a more sane 1 mb.

This helps protect the server against denial of service attacks by malicious clients sending huge amounts of data.

See also: https://github.com/advisories/GHSA-j4f2-536g-r55m

• increase the default value of pingTimeout (f55a79a)

6.2.0 (2022-04-17)

Features

• add the "maxPayload" field in the handshake details (088dcb4)

So that clients in HTTP long-polling can decide how many packets they have to send to stay under the maxHttpBufferSize value.

This is a backward compatible change which should not mandate a new major revision of the protocol (we stay in v4), as we only add a field in the JSON-encoded handshake data:

0{"sid":"lv_VI97HAXpY6yYWAAAC","upgrades":["websocket"],"pingInterval":25000,"pingTimeout":5000,"maxPayload":1000000}

6.1.3 (2022-02-23)

Bug Fixes

• typings: allow CorsOptionsDelegate as cors options (#641) (a463d26)
• uws: properly handle chunked content (#642) (3367440)

... (truncated)

Commits

• f62f265 chore(release): 3.6.0
• f55a79a feat: increase the default value of pingTimeout
• 1f5d469 fix: do not reset the ping timer after upgrade
• 3ad0567 fix: add extension in the package.json main entry (#608)
• 58e274c feat: decrease the default value of maxHttpBufferSize
• b9dee7b chore(release): 3.5.0
• 19cc582 feat: add support for all cookie options
• 5ad2736 feat: disable perMessageDeflate by default
• f632269 chore: bump ws version
• ddb80a2 ci: migrate to GitHub Actions
• Additional commits viewable in compare view

Updates ember-cli from 2.14.0 to 2.18.2

Changelog

Sourced from ember-cli's changelog.

v2.18.2

The following changes are required if you are upgrading from the previous version:

• Users
  • ember new diff
  • Upgrade your project's ember-cli version - docs
• Addon Developers
  • ember addon diff
• Core Contributors
  • No changes required

Community Contributions

• #7569 mark "lib" folder as node style in eslint for apps @​kellyselden
• #7589 upgrade testem @​stefanpenner
• #7594 Install optional dependencies when creating a new project @​tomdale

Thank you to all who took the time to contribute!

v2.18.1

The following changes are required if you are upgrading from the previous version:

• Users
  • ember new diff
  • Upgrade your project's ember-cli version - docs
• Addon Developers
  • ember addon diff
• Core Contributors
  • No changes required

Community Contributions

• #7566 testem: Use --no-sandbox on TravisCI @​Turbo87

Thank you to all who took the time to contribute!

v2.18.0

The following changes are required if you are upgrading from the previous version:

• Users
  • ember new diff
  • Upgrade your project's ember-cli version - docs

... (truncated)

Commits

• ad9322d Release v2.18.2
• dd1027d add-to-output-repos: Add set -e to fail fast
• bebae07 Merge pull request #7594 from ember-cli/hotfix-optional-dependencies
• 4ebd110 [BACKPORT release] Install optional dependencies when creating a new project
• d1131d8 Merge pull request #7589 from ember-cli/release-backport-testem
• a0f4063 [BACKPORT release] upgrade testem
• 5038ff4 Merge pull request #7569 from kellyselden/eslint-lib
• ff50de2 mark "lib" folder as node style in eslint for apps
• 3eec1c8 2.18.1
• 24aeacc Merge pull request #7566 from Turbo87/no-sandbox
• Additional commits viewable in compare view

Updates ember-data from 2.14.11 to 2.18.5

Release notes

Sourced from ember-data's releases.

Ember Data 2.18.5

Changelog (September 14, 2018)

• #5376 [bugfix beta] Fetch cancels unload
• #5586 [BUGFIX Backport] #5467 to 2.18
• #5599 Backport modelName fix from #5406 to 2.18 (#5599)
• #5611 backport #5408 to ember data 2.18 (#5611)
• #5614 [FEAT #5607] ensure release builds only perform necessary jobs (#5614)

Ember Data 2.18.4

Release 2.18.4 (July 24, 2018)

• #5376 [bugfix beta] Fetch cancels unload

Ember Data 2.18.3

Release 2.18.3 (July 6, 2018)

• #5519 Do not publish .node_modules.ember-try folder to npm

Ember Data 2.18.1

Release 2.18.1 (February 13, 2018)

• #5273 client-side-delete semantics unloadRecord

Ember Data 2.18.0

Release 2.18.0 (December 28, 2017)

• #5225 Remove blueprints for Mocha < 0.12. (#5225)
• #4998 [DOC beta] Assert that both modelName and id are passed to peekRecord (#4998)
• #5223 [BUGFIX release] Cleanup test only dependencies.
• #5200 bump rsvp
• #5108 Updates addon to adhere to RFC 176 (#5108)
• #5232 Update documentation in model.js
• #5203 Skip ember try on appveyor
• #5239 Deprecate support for "production like" values in EMBER_ENV
• #5213 [BUGFIX beta] proxy meta on PromiseArray
• #5212 Do not show feature flag improved-ajax methods in the api docs
• #5206 [BUGFIX beta] Fix broccoli-babel-transpiler cache warnings
• #5216 [BUGFIX beta] invalid record becomes loaded when property is reset
• #5217 [BUGFIX beta] RecordReference returns null when not yet loaded
• #5218 Update assert against nulls (#5218)
• #5220 Remove (unnecessary) ember-inflector peer dependency
• #5221 Fix docs link. (#5221)
• #5224 Add missing dependency for travis build
• #5238 Move initialize-store-service.js out of the instance-initializers dir…
• #5242 [BUGFIX beta] Normalize model names during push
• #5250 [doc] Update links to Ember Guide (#5250)
• #5260 [doc] Update urlForFindRecord example

Ember Data 2.18.0-beta.1

Release 2.18.0-beta.1 (November 19, 2017)

... (truncated)

Changelog

Sourced from ember-data's changelog.

Ember Data Changelog

v4.7.1 (2022-09-06)

:goal_net: Test

• -ember-data, model, store
  • #8128 fix: backgroundReloads should not affect recordIsLoaded (#8125) (@​runspired)
• -ember-data
  • #8160 port test from #6147 (@​runspired)

:rocket: Enhancement

• -ember-data, adapter, canary-features, model, record-data, serializer, store, unpublished-adapter-encapsulation-test-app, unpublished-relationship-performance-test-app, unpublished-serializer-encapsulation-test-app
  • #8122 v2.1 cache (@​runspired)
• -ember-data, canary-features, model, private-build-infra, record-data, store, unpublished-adapter-encapsulation-test-app, unpublished-serializer-encapsulation-test-app
  • #8114 implement store portion of v2 cache (@​runspired)
• -ember-data, canary-features, model, record-data, store, unpublished-adapter-encapsulation-test-app, unpublished-serializer-encapsulation-test-app, unpublished-test-infra
  • #8129 feat: deprecate v1 cache (@​runspired)
• -ember-data, adapter, model, private-build-infra, record-data, store, unpublished-relationship-performance-test-app
  • #7955emberjs/rfcs#793@​runspired)

:memo: Documentation

• -ember-data, adapter, canary-features, model, record-data, serializer, store, unpublished-adapter-encapsulation-test-app, unpublished-relationship-performance-test-app, unpublished-serializer-encapsulation-test-app
  • #8122 v2.1 cache (@​runspired)
• -ember-data, adapter, canary-features, debug, model, private-build-infra, record-data, serializer, store
  • #8121 Documentation Upgrades (@​runspired)
• Other
  • #8124 [DOC] typo fix (@​jenweber)
• -ember-data, canary-features, model, private-build-infra, record-data, store, unpublished-adapter-encapsulation-test-app, unpublished-serializer-encapsulation-test-app
  • #8114 implement store portion of v2 cache (@​runspired)
• #8138 [DOC] typo in identifier initializer documentation (@​ciur)

:evergreen_tree: New Deprecation

• -ember-data, adapter, model, private-build-infra, serializer, store
  • #8093 deprecation: implement helper deprecations (@​runspired)
• -ember-data, model, private-build-infra
  • #8092 deprecation: Model.reopen/reopenClass and eager static fields lookups (@​runspired)
• -ember-data, adapter, debug, model, private-build-infra, record-data, serializer, store, unpublished-adapter-encapsulation-test-app, unpublished-fastboot-test-app, unpublished-model-encapsulation-test-app, unpublished-serializer-encapsulation-test-app, unpublished-test-infra
  • #8084 Love of Mine (@​runspired)
• -ember-data, adapter, canary-features, model, record-data, serializer, store, unpublished-adapter-encapsulation-test-app, unpublished-relationship-performance-test-app, unpublished-serializer-encapsulation-test-app
  • #8122 v2.1 cache (@​runspired)
• -ember-data, model, private-build-infra, record-data, unpublished-adapter-encapsulation-test-app, unpublished-relationship-performance-test-app, unpublished-serializer-encapsulation-test-app, unpublished-test-infra
  • #8115 deprecation: implement strict relationships (@​runspired)
• -ember-data, canary-features, model, private-build-infra, record-data, store, unpublished-adapter-encapsulation-test-app, unpublished-serializer-encapsulation-test-app
  • #8114 implement store portion of v2 cache (@​runspired)
• -ember-data, canary-features, model, record-data, store, unpublished-adapter-encapsulation-test-app, unpublished-serializer-encapsulation-test-app, unpublished-test-infra
  • #8129 feat: deprecate v1 cache (@​runspired)
• -ember-data, adapter, model, private-build-infra, record-data, store, unpublished-adapter-encapsulation-test-app, unpublished-relationship-performance-test-app, unpublished-serializer-encapsulation-test-app
  • #8134 feat: deprecate proxies (implements emberjs/rfcs#846) (@​runspired)

:house: Internal

• -ember-data
  • #7634 [CHORE]: Modernized store-adapter-test (@​runnerboy22)

... (truncated)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by runspired, a new releaser for ember-data since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/rubyforgood/Flaredown/network/alerts).

[dependabot[bot]]

Superseded by #604.