Chore(deps): bump cookie, express, msw and msw-storybook-addon by dependabot[bot] · Pull Request #1502 · TimeChimp/tacugama

dependabot · 2024-10-10T15:18:24Z

Bumps cookie to 0.7.1 and updates ancestor dependencies cookie, express, msw and msw-storybook-addon. These dependencies need to be updated together.

Updates cookie from 0.6.0 to 0.7.1

Release notes

Sourced from cookie's releases.

0.7.1

Fixed

Allow leading dot for domain (#174)

Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec

Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

jshttp/cookie@v0.7.0...v0.7.1

0.7.0

perf: parse cookies ~10% faster (#144 by @kurtextrem and #170)

fix: narrow the validation of cookies to match RFC6265 (#167 by @bewinsnw)

fix: add main to package.json for rspack (#166 by @proudparrot2)

jshttp/cookie@v0.6.0...v0.7.0

Commits

cf4658f 0.7.1
6a8b8f5 Allow leading dot for domain (#174)
58015c0 Remove more code and perf wins (#172)
ab057d6 0.7.0
5f02ca8 Migrate history to GitHub releases
a5d591c Migrate history to GitHub releases
51968f9 Skip isNaN
9e7ca51 perf(parse): cache length, return early (#144)
d6f39b0 Fix tests for old node
6bb701f Remove failing scorecard
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.

Updates express from 4.21.0 to 4.21.1

Release notes

Sourced from express's releases.

4.21.1

What's Changed

Backport a fix for CVE-2024-47764 to the 4.x branch by @joshbuker in expressjs/express#6029

Release: 4.21.1 by @UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

Changelog

Sourced from express's changelog.

4.21.1 / 2024-10-08

Backported a fix for CVE-2024-47764

Commits

8e229f9 4.21.1
a024c8a fix(deps): cookie@0.7.1
See full diff in compare view

Updates msw from 0.49.3 to 2.4.9

Release notes

Sourced from msw's releases.

v2.4.9 (2024-09-20)

Bug Fixes

ClientRequest: support Request as init when recording raw headers (#2293) (bf982eaa70ddd5d08706b8877ceb6c6c2517f660) @kettanaito

v2.4.8 (2024-09-17)

Bug Fixes

address express and path-to-regexp vulnerabilities (#2285) (e3487bc4259368adc33739eb9490bde8421a215c) @markmssd

v2.4.7 (2024-09-15)

Bug Fixes

ClientRequest: prevent duplicates when recording set headers (#2284) (e04eb8f44ffcf5ce755aa224d31a8576f4719a9f) @kettanaito

use Object.defineProperty for Headers proxy (#2283) (94e17beea475a494c1de8b58ea399e518f55ddda) @kettanaito

v2.4.6 (2024-09-13)

Bug Fixes

xhr: clone request body before calculating its size (#2282) (397444bcc386bbe560aa649460cb92cdb31d28a9) @kettanaito

v2.4.5 (2024-09-11)

Bug Fixes

remove cookies with max-age=0 from cookie store (#2275) (c307ab27643fc80631d3f0a28e72f7339a54af70) @kettanaito

v2.4.4 (2024-09-08)

Bug Fixes

fetch: follow mocked redirect responses (#2268) (f5785bfba1a026075feca4f74cadfcb636ffc257) @kettanaito

Adopts a new, Socket-based request interception algorithm.

v2.4.3 (2024-09-07)

Bug Fixes

revert "graphql" as optional peer dependency (#2267) (7cd39e787aa9766eef914bce3d65daec1ce16635) @kettanaito

v2.4.2 (2024-09-04)

Bug Fixes

cli: support windows paths in the init command (#2260) (ba285b887cedfa22f32ae1e8d6569e57174cb561) @ivanfernandez2646 @kettanaito

use typescript@4.8 as the minimal supported version (#2251) (6b2a7e6be8f9b63c2549ad7fbf271d38f803ad6e) @THETCR @kettanaito

... (truncated)

Commits

452686d chore(release): v2.4.9
bf982ea fix(ClientRequest): support Request as init when recording raw headers (#2293)
5342c19 chore(release): v2.4.8
e3487bc fix: address express and path-to-regexp vulnerabilities (#2285)
668d31e chore(release): v2.4.7
e04eb8f fix(ClientRequest): prevent duplicates when recording set headers (#2284)
94e17be fix: use Object.defineProperty for Headers proxy (#2283)
1f81e98 chore(release): v2.4.6
397444b fix(xhr): clone request body before calculating its size (#2282)
8e17330 chore(release): v2.4.5
Additional commits viewable in compare view

Updates msw-storybook-addon from 1.10.0 to 2.0.3

Release notes

Sourced from msw-storybook-addon's releases.

v2.0.3

🐛 Bug Fix

Fix: Make sure MSW loader is resolved only when mocking is enabled #157 (@yannbf)

fix docs #155 (@yannbf)

Authors: 1

Yann Braga (@yannbf)

v2.0.2

🐛 Bug Fix

Fix MswParameters handlers type #146 (@jarojasm95)

Authors: 1

Jose Rojas (@jarojasm95)

v2.0.1

🐛 Bug Fix

Fix: Use CJS for node entrypoint #152 (@yannbf)

Maintenance: Migrate monorepo to Yarn 4 #151 (@yannbf)

Add package.json to exports map #150 (@yannbf)

update install instructions #144 (@yannbf)

Authors: 1

Yann Braga (@yannbf)

v2.0.0

Release Notes

BREAKING CHANGE: Support MSW 2.0 (#122)

MSW required version is now ^2.0.0

The addon now requires your MSW version to be 2.0.0 or higher. This means you will have to change the format of your handlers as well. More info on how to migrate to MSW 2.0.0: https://mswjs.io/docs/migrations/1.x-to-2.x/

mswDecorator is deprecated in favor of mswLoader

Using MSW in a decorator worked for most scenarios, but there's a slight chance the service worker will not get registered in time. As a result, a story that requests data might actually request real data. Since v1.7.0, this addon provided a mswLoader to use instead of the mswDecorator. Loaders get executed before a story renders, differently than decorators, which execute as the story renders.

Please replace your mswDecorator with mswLoader, as the mswDecorator will be removed in the next major release. It works the same, respecting the parameters you set, so there's no need to change anything else in your codebase.
// .storybook/preview.js
-import { initialize, mswDecorator } from 'msw-storybook-addon'
+import { initialize, mswLoader } from 'msw-storybook-addon'
</tr></table> 

... (truncated)

Changelog

Sourced from msw-storybook-addon's changelog.

v2.0.3 (Fri Jul 12 2024)

🐛 Bug Fix

Fix: Make sure MSW loader is resolved only when mocking is enabled #157 (@yannbf)

fix docs #155 (@yannbf)

Authors: 1

Yann Braga (@yannbf)

v2.0.2 (Sun May 05 2024)

🐛 Bug Fix

Fix MswParameters handlers type #146 (@jarojasm95)

Authors: 1

Jose Rojas (@jarojasm95)

v2.0.1 (Fri May 03 2024)

🐛 Bug Fix

Fix: Use CJS for node entrypoint #152 (@yannbf)

Maintenance: Migrate monorepo to Yarn 4 #151 (@yannbf)

Add package.json to exports map #150 (@yannbf)

update install instructions #144 (@yannbf)

Authors: 1

Yann Braga (@yannbf)

Commits

8867608 Update CHANGELOG.md [skip ci]
7758e8f Fix: Make sure MSW loader is resolved only when mocking is enabled (#157)
8f27913 Update CHANGELOG.md [skip ci]
9e31318 Fix MswParameters handlers type (#146)
0836adc Update CHANGELOG.md [skip ci]
104e651 Fix: Use CJS for node entrypoint (#152)
6ec7c44 Maintenance: Migrate monorepo to Yarn 4 (#151)
cb27d28 Add package.json to exports map (#150)
7557c31 update install instructions (#144)
4e94e82 BREAKING CHANGE: Support MSW 2.0 (#122)
See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps [cookie](https://github.com/jshttp/cookie) to 0.7.1 and updates ancestor dependencies [cookie](https://github.com/jshttp/cookie), [express](https://github.com/expressjs/express), [msw](https://github.com/mswjs/msw) and [msw-storybook-addon](https://github.com/mswjs/msw-storybook-addon/tree/HEAD/packages/msw-addon). These dependencies need to be updated together. Updates `cookie` from 0.6.0 to 0.7.1 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](jshttp/cookie@v0.6.0...v0.7.1) Updates `express` from 4.21.0 to 4.21.1 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/4.21.1/History.md) - [Commits](expressjs/express@4.21.0...4.21.1) Updates `msw` from 0.49.3 to 2.4.9 - [Release notes](https://github.com/mswjs/msw/releases) - [Changelog](https://github.com/mswjs/msw/blob/main/CHANGELOG.md) - [Commits](mswjs/msw@v0.49.3...v2.4.9) Updates `msw-storybook-addon` from 1.10.0 to 2.0.3 - [Release notes](https://github.com/mswjs/msw-storybook-addon/releases) - [Changelog](https://github.com/mswjs/msw-storybook-addon/blob/main/packages/msw-addon/CHANGELOG.md) - [Commits](https://github.com/mswjs/msw-storybook-addon/commits/v2.0.3/packages/msw-addon) --- updated-dependencies: - dependency-name: cookie dependency-type: indirect - dependency-name: express dependency-type: indirect - dependency-name: msw dependency-type: direct:development - dependency-name: msw-storybook-addon dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Oct 10, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Chore(deps): bump cookie, express, msw and msw-storybook-addon#1502

Chore(deps): bump cookie, express, msw and msw-storybook-addon#1502
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/multi-d8297f6a17

dependabot bot commented on behalf of github Oct 10, 2024 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Oct 10, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

0.7.1

0.7.0

4.21.1

What's Changed

4.21.1 / 2024-10-08

v2.4.9 (2024-09-20)

Bug Fixes

v2.4.8 (2024-09-17)

Bug Fixes

v2.4.7 (2024-09-15)

Bug Fixes

v2.4.6 (2024-09-13)

Bug Fixes

v2.4.5 (2024-09-11)

Bug Fixes

v2.4.4 (2024-09-08)

Bug Fixes

v2.4.3 (2024-09-07)

Bug Fixes

v2.4.2 (2024-09-04)

Bug Fixes

v2.0.3

🐛 Bug Fix

Authors: 1

v2.0.2

🐛 Bug Fix

Authors: 1

v2.0.1

🐛 Bug Fix

Authors: 1

v2.0.0

Release Notes

BREAKING CHANGE: Support MSW 2.0 (#122)

MSW required version is now ^2.0.0

mswDecorator is deprecated in favor of mswLoader

v2.0.3 (Fri Jul 12 2024)

🐛 Bug Fix

Authors: 1

v2.0.2 (Sun May 05 2024)

🐛 Bug Fix

Authors: 1

v2.0.1 (Fri May 03 2024)

🐛 Bug Fix

Authors: 1

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot bot commented on behalf of github Oct 10, 2024 •

edited

Loading