search

stanford-oval / genie-server

The home server version of Almond
Apache License 2.0
266 stars 42 forks source link

Bump ws from 7.5.6 to 8.8.0 #344

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 2 years ago

Bumps ws from 7.5.6 to 8.8.0.

Release notes

Sourced from ws's releases.

8.8.0

Features

  • Added the WS_NO_BUFFER_UTIL and WS_NO_UTF_8_VALIDATE environment variables (becf237c).

8.7.0

Features

  • Added the ability to inspect the invalid handshake requests and respond to them with a custom HTTP response. (6e5a5ce3).

Bug fixes

  • The handshake is now aborted if the Upgrade header field value in the HTTP response is not a case-insensitive match for the value "websocket" (0fdcc0af).
  • The Authorization and Cookie headers are no longer sent when following an insecure redirect (wss: to ws:) to the same host (d68ba9e1).

8.6.0

Features

  • Added the ability to remove confidential headers on a per-redirect basis (#2030).

8.5.0

Features

  • Added the ability to use a custom WebSocket class on the server (#2007).

Bug fixes

  • When following redirects, the Authorization and Cookie headers are no longer sent if the redirect host is different from the original host (#2013).

8.4.2

Bug fixes

  • Fixed a data framing issue introduced in version 8.4.1 (#2004).

8.4.1

Notable changes

  • To improve performance, strings sent via websocket.ping(), websocket.pong(), and websocket.send() are no longer converted to Buffers if the data does not need to be masked (#2000).

8.4.0

Features

  • Added ability to generate custom masking keys (#1990).

... (truncated)

Commits
  • 982b782 [dist] 8.8.0
  • becf237 [feature] Add the WS_NO_{BUFFER_UTIL, UTF_8_VALIDATE} variables
  • 0792742 [doc] Fix nit
  • c1a126f [doc] Rename WS Error Codes section to Error codes
  • a6dbd1c [ci] Set permissions explicitly (#2051)
  • 5e4149e [test] Fix typo
  • 4b62fbf [dist] 8.7.0
  • 6e5a5ce [feature] Introduce the 'wsClientError' event (#2046)
  • 903ec62 [doc] Update the type of the socket argument
  • d68ba9e [security] Drop sensitive headers when following insecure redirects
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #350.