Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade jsdom from 16.5.3 to 16.7.0 #5

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade jsdom from 16.5.3 to 16.7.0 #5

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade jsdom from 16.5.3 to 16.7.0.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 2 versions ahead of your current version.
  • The recommended version was released a year ago, on 2021-08-01.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-WS-1296835		 372/1000
Why? Proof of Concept exploit, CVSS 5.3		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: jsdom
  • 16.7.0 - 2021-08-01
    • Added AbortSignal.abort(). (ninevra)
    • Added dummy x and y properties to the return value of getBoundingClientRect(). (eiko)
    • Implemented wrapping for textareaEl.value if the wrap="" attribute is specified. (ninevra)
    • Changed newline normalization in <textarea>s according to recent HTML Standard updates. (ninevra)
    • Fixed some bad cascade computation in getComputedStyle(). (romain-trotard)
  • 16.6.0 - 2021-05-23
    • Added parentNode.replaceChildren(). (@ ninevra)
    • Fixed jsdom's handling of when code running inside the jsdom throws null or undefined as an exception. (@ mbest)
    • Removed the dependency on the deprecated request package, in the process fixing several issues with the XMLHttpRequest implementation around header processing. Thanks go to @ tobyhinloopen, @ andrewaylett, and especially @ vegardbb, for completing this months-long effort!
  • 16.5.3 - 2021-04-11
    • Fixed infinite recursion when using MutationObservers to observe elements inside a MutationObserver callback.
from jsdom GitHub release notes
Commit messages
Package name: jsdom
  • 1aa3cbc Version 16.7.0
  • df1f551 Don't run WebSocketStream tests
  • eb105b2 Fix browser tests by enabling SharedArrayBuffer
  • 0dedfc0 Fix some bad cascade computation in getComputedStyle()
  • 8021a56 Fix "configuation" typo (#3213)
  • a7febe3 Fix typo in level2/html.js (#3222)
  • c9896c0 Return x, y properties from Element.getBoundingClientRect (#3187)
  • 346ea98 Update web-platform tests (#3203)
  • 364c77d Bump to ws 7.4.6
  • 93ba6a0 We are now on Matrix (#3207)
  • 0024630 Replace two HTTP README links with HTTPS
  • 74a8d1e Version 16.6.0
  • f51f2ec Remove the dependency on request
  • 2b6d5ae Update dependencies
  • b72b33b Disable now-crashing canvas test
  • 39b7972 Handle null and undefined thrown as exceptions
  • 04f6c13 Add ParentNode.replaceChildren() (#3176)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot