[Snyk] Upgrade kafkajs from 1.15.0 to 1.16.0

matu33 commented 1 year ago

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade kafkajs from 1.15.0 to 1.16.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

- The recommended version is **41 versions** ahead of your current version. - The recommended version was released **10 months ago**, on 2022-02-09.

Release notes

Package name: kafkajs

1.16.0 - 2022-02-09
[1.16.0] - 2022-02-09

Added
- Allow manual heartbeating from inside eachMessage handler #1255
- Add rebalancing consumer event #1067 #1079
- Add overload typings for all event types #1202
- Return configSource in admin.decribeConfigs #1023
- Add topics property to admin.fetchOffsets to fetch offsets for multiple topics #992 #998
- Improve error output from admin.createTopic #1104
- Export Error classes #1254
- Validate brokers list contains strings #1284
- Throw error when failing to stop or disconnect consumer #960
Changed
- Don't commit offsets from consumer.seek when autoCommit is false #1012
- Do not restart the consumer on non-retriable errors #1274
- Downgrade consumer rebalance error log to warn #1279
- Make default round-robin partitioner topic-aware #1112
Fixed
- Fix offset type of consumer.seek #981
- Fix crash when used in Electron app built with electron-builder #984
- Improve performance of Fetch requests #985
- Fix crash when using topics with name of built-in Javascript functions #995
- Fix type of consumer constructor to require config object #1002
- Fix message type to allow null key #1037
- Respect heartbeatInterval when invoking heartbeat concurrently #1026
- Fix type of timestamp of LoggerEntryContent to be string #1082
- Fix return type of admin.describeAcls #1118
- Fix consumer getting stuck in DISCONNECTING state if in-flight requests time out during disconnect #1208
- Fix failed serialization of BigInts when logging #1234
- Fix crash when committing offsets for a topic before consumer initialization #1235
- Reauthenticate to all brokers on demand #1241
- Remove unnecessary warn log when calling admin.deleteTopicRecords with offset -1 #1265
- Handle empty control batches #1256
- Send empty topic array as null when fetching metadata #1184
1.16.0-beta.39 - 2022-02-08
1.16.0-beta.38 - 2022-02-08
1.16.0-beta.37 - 2022-02-08
1.16.0-beta.36 - 2022-02-08
1.16.0-beta.35 - 2022-02-07
1.16.0-beta.34 - 2022-02-03
1.16.0-beta.33 - 2022-01-27
1.16.0-beta.32 - 2022-01-10
1.16.0-beta.31 - 2021-12-27
1.16.0-beta.30 - 2021-12-17
1.16.0-beta.29 - 2021-12-08
1.16.0-beta.28 - 2021-11-26
1.16.0-beta.27 - 2021-11-22
1.16.0-beta.26 - 2021-11-22
1.16.0-beta.25 - 2021-11-22
1.16.0-beta.24 - 2021-11-22
1.16.0-beta.23 - 2021-11-22
1.16.0-beta.22 - 2021-09-29
1.16.0-beta.21 - 2021-06-29
1.16.0-beta.20 - 2021-06-09
1.16.0-beta.19 - 2021-06-02
1.16.0-beta.18 - 2021-05-24
1.16.0-beta.17 - 2021-05-22
1.16.0-beta.16 - 2021-05-13
1.16.0-beta.15 - 2021-04-19
1.16.0-beta.14 - 2021-04-17
1.16.0-beta.13 - 2021-04-15
1.16.0-beta.12 - 2021-04-01
1.16.0-beta.11 - 2021-03-08
1.16.0-beta.10 - 2021-03-03
1.16.0-beta.9 - 2021-02-22
1.16.0-beta.8 - 2021-02-10
1.16.0-beta.7 - 2021-02-01
1.16.0-beta.6 - 2021-01-08
1.16.0-beta.5 - 2021-01-07
1.16.0-beta.4 - 2021-01-05
1.16.0-beta.3 - 2020-12-30
1.16.0-beta.2 - 2020-12-11
1.16.0-beta.1 - 2020-12-11
1.16.0-beta.0 - 2020-12-03
1.15.0 - 2020-11-24
[1.15.0] - 2020-11-24

Added
- Initial work for static membership #888
- Add consumer instrumentation event: received unsubscribed topics #897
- Add option for admin.fetchOffsets to resolve the offsets #895
- Add ACL functions to admin client #697
- Add admin.deleteTopicRecords #905
- Emit GROUP_JOIN event on stale partition assignments #937
Changed
- Added properties to error classes typescript types #900
- Make header value type definition possibly undefined #927
- Bump API versions for client-side throttling #933
- Add UNKNOWN_TOPIC_OR_PARTITION check for addMultipleTargetTopics #938
Fixed
- Fix describe/alter broker configs (introduced ConfigResourceTypes) #898
- Fix record batch compression masking (fix ZSTD compression) #912
- Prevent inflight's correlation id collisions #926
- Fix ACL, ISocketFactory and SaslOptions type definitions #941 #959 #966
- Fix deadlock on the connection onError handler #944
- Fix deadlock on the connection onTimeout handler #956
- Remove nested retriers from producer #962 (fixes #958 #950)

from kafkajs GitHub release notes

Commit messages

Package name: kafkajs

4f0c52d Bump version (v1.16.0) and update changelog
937fdac Merge pull request #1288 from tulios/combined-pr-branch
a103d6d Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/lodash-4.17.21' into combined-pr-branch
8b5d841 Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/hosted-git-info-2.8.9' into combined-pr-branch
3a2f3b9 Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/glob-parent-5.1.2' into combined-pr-branch
1c5b447 Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/path-parse-1.0.7' into combined-pr-branch
1b0cc6a Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/tmpl-1.0.5' into combined-pr-branch
963f340 Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/y18n-4.0.3' into combined-pr-branch
13ddcf5 Bump ws from 7.2.3 to 7.5.7
6ef0e58 Bump tmpl from 1.0.4 to 1.0.5
d18c705 Bump y18n from 4.0.0 to 4.0.3
d5ac6a6 Bump glob-parent from 5.1.0 to 5.1.2
aa822d5 Bump path-parse from 1.0.6 to 1.0.7
643d432 Bump lodash from 4.17.20 to 4.17.21
2194dca Bump hosted-git-info from 2.8.8 to 2.8.9
3be2849 Merge pull request #1287 from tulios/combined-pr-branch
caae2c6 Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/website/color-string-1.9.0' into combined-pr-branch
58630e6 Bump color-string from 1.5.3 to 1.9.0 in /website
272d617 Bump postcss from 7.0.14 to 7.0.39 in /website
9e36f66 Merge pull request #1285 from tulios/combined-pr-branch
ad6a3c8 Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/website/dot-prop-4.2.1' into combined-pr-branch
22ffaef Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/website/highlight.js-9.18.5' into combined-pr-branch
c3eb5ef Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/website/lodash-4.17.21' into combined-pr-branch
ed7d346 Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/website/hosted-git-info-2.8.9' into combined-pr-branch

Compare

**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/core-hxz/project/b4caf22f-e067-4d8a-8df3-3a1dbfccd3dd?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/core-hxz/project/b4caf22f-e067-4d8a-8df3-3a1dbfccd3dd/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/core-hxz/project/b4caf22f-e067-4d8a-8df3-3a1dbfccd3dd/settings/integration?pkg=kafkajs&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)

pipedrive-bot-eventsink commented 1 year ago

Main branch dependencies

pipedrive-bot-dora commented 1 year ago

Neodora Analysis ⚠

⚠ Incorrect runner in Github Workflow

**Message:** Github workflow must run on a self-hosted runner

Workflow file	Job name	Actual runs-on value	Expected runs-on value
perf-test.yml	`docker`	`ubuntu-latest`	`Any of [eks-runner, eks-runner-php, eks-runner-nano, eks-runner-debug, eks-runner-compute]`

🔍 [How to fix it](https://neodora.pipedrive.tools/rules/workflowRunner)

⚠ Incorrect runner in Github Workflow

**Message:** Github workflow must run on a self-hosted runner

Workflow file	Job name	Actual runs-on value	Expected runs-on value
integration-test.yml	`test`	`ubuntu-latest`	`Any of [eks-runner, eks-runner-php, eks-runner-nano, eks-runner-debug, eks-runner-compute]`

🔍 [How to fix it](https://neodora.pipedrive.tools/rules/workflowRunner)

⚠ Missing service namespace configuration

**Message:** The property `namespace` in **repository.json** must exist in SPOT and service must be deployed under correct `namespace` **Repository file:** [repository.json](https://github.com/pipedrive/graphql-schema-registry/tree/b07d18211b246fa457a4e48f2dab58d4bdd33983/repository.json)

Namespace status
Error: namespace is not defined

🔍 [How to fix it](https://neodora.pipedrive.tools/rules/namespace)

⚠ Incorrect runner in Github Workflow

**Message:** Github workflow must run on a self-hosted runner

Workflow file	Job name	Actual runs-on value	Expected runs-on value
functional-test.yml	`docker`	`ubuntu-latest`	`Any of [eks-runner, eks-runner-php, eks-runner-nano, eks-runner-debug, eks-runner-compute]`

🔍 [How to fix it](https://neodora.pipedrive.tools/rules/workflowRunner)

⚠ Incorrect runner in Github Workflow

**Message:** Github workflow must run on a self-hosted runner

Workflow file	Job name	Actual runs-on value	Expected runs-on value
unit-test.yml	`test`	`ubuntu-latest`	`Any of [eks-runner, eks-runner-php, eks-runner-nano, eks-runner-debug, eks-runner-compute]`

🔍 [How to fix it](https://neodora.pipedrive.tools/rules/workflowRunner)

⚠ Incorrect runner in Github Workflow

**Message:** Github workflow must run on a self-hosted runner

Workflow file	Job name	Actual runs-on value	Expected runs-on value
lint.yml	`test`	`ubuntu-latest`	`Any of [eks-runner, eks-runner-php, eks-runner-nano, eks-runner-debug, eks-runner-compute]`

🔍 [How to fix it](https://neodora.pipedrive.tools/rules/workflowRunner)

Commit b07d182 Job 126670

tot-ra / graphql-schema-registry