Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade: puppeteer, source-map-explorer #442

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade: puppeteer, source-map-explorer #442

wants to merge 1 commit into from

Conversation

mohammed-ibra
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

puppeteer
from 5.2.1 to 5.5.0 | 5 versions ahead of your current version | 4 years ago
on 2020-11-16
source-map-explorer
from 2.4.2 to 2.5.3 | 4 versions ahead of your current version | 2 years ago
on 2022-09-26

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-ANSIREGEX-1583908		 482 Proof of Concept
high severity Prototype Pollution
SNYK-JS-Y18N-1021887		 482 Proof of Concept
Release notes
Package name: puppeteer
  • 5.5.0 - 2020-11-16

    v5.5.0 (2020-11-16)

    Features

    Bug Fixes

    • common: fix generic type of _isClosedPromise (#6579) (122f074)
    • domworld: fix missing binding for waittasks (#6562) (67da1cf)
  • 5.4.1 - 2020-10-27

    Bug fixes

    • Fixed an issue in 5.4.0 on Node.js v10.17.0 and below where trying to access fs.promises would throw an error. See #6548 for the bug report and #6550 for the fix. We now run a CI build on Node 10.15 to ensure we don't cause similar regressions in the future.

    Raw notes

    520cd90 - chore: mark version 5.4.1
    8f4a79e - docs(troubleshooting): update Alpine Chromium version (#6529)
    e45acce - chore: run unit tests on node 10.15 + fix fs.promises access (#6550)
    a2175c6 - docs(queryhandler): fix link (#6543)
    d787865 - chore: bump version to v5.4.0-post (#6544)

  • 5.4.0 - 2020-10-23

    Feature changes

    Custom query handler API

    The custom query handler support is no longer marked as experimental. The API has been updated to:

    puppeteer.registerCustomQueryHandler(name: string, queryHandler: CustomQueryHandler): void;
puppeteer.unregisterCustomQueryHandler(name: string): void;
puppeteer.customQueryHandlerNames(): string[];
puppeteer.clearCustomQueryHandlers(): void;

    New built-in query handlers

    Puppeteer now ships with two built-in handlers: aria and pierce:

    • The aria handler (#6307) allows querying elements based on the accessibility tree.
    • The pierce handler (#6509) pierces shadow roots while querying for a CSS selector.

    Roll Chromium 87.0.4272.0 (r809590)

    Behind the scenes

    • We now enforce Conventional Commits through commitlint (#6483)
    • We've started work towards automating the release process. This work can be tracked in #6482.

    Raw notes

    5e5fed1 - fix: ignore spurious bindingCalled events (#6538)
    e6b8c77 - chore: fix travis config (#6537)
    c756fb4 - fix(utils): typo fix (#6522)
    f63a123 - chore(agnostification): agnostify web socket connections (#6520)
    c2c2bb7 - chore(agnostification): common/helper.ts (#6515)
    637a1f7 - chore: gitignore new-docs (#6511)
    e655bb6 - chore(agnostification): split up root Puppeteer class (#6504)
    f3086d7 - fix(launcher): support relative userDataDir on headless Windows (#6506)
    8fabe32 - feat(queryhandler): add built-in pierce handler (#6509)
    f04bec5 - chore: update eslint & eslint plugins (#6487)
    4846b87 - chore(agnostification): split up launcher class (#6484)
    1ed38af - chore(node): move install.ts into node/ (#6490)
    e94a1e8 - chore: bump misc dependencies (#6488)
    936ccdc - chore: enforce Conventional Commits through commitlint (#6483)
    502ed8c - chore(agnostify): Create Node and Web initializer. (#6477)
    3afe193 - feat(a11y-query): extend aria handler with waitFor (#6472)
    cc7f1fd - docs(queryhandler): add custom query handler docs (#6476)
    70ed875 - fix(queryhandler) only expose custom handlers (#6475)
    950ae33 - feat(a11y-query): aria query handler sans waitfor (#6459)
    41ef3ee - fix: update preferences in default Firefox profile (#6465)
    9275653 - docs(examples): update selector for search example (#6471)
    49f25e2 - feat(chromium) roll Chromium to r809590 (#6458)
    4cdbebe - chore: disable firefox windows launcher test until Nov (#6451)
    75e3fb0 - docs(api): fix some outdated links (#6450)
    caa9a1c - chore(agnostic): Remove use of util.promisify (#6446)
    96f3d43 - feat(console): expose stack trace for console messages (#6445)
    322cc96 - chore: remove npm run test-types call (#6447)
    72fe86f - feat(a11y-query): introduce internal handlers (#6437)
    1396c9d - chore: bump version to v5.3.1-post (#6440)
    11ab402 - fix: add mime dependency back to fix build (#6441)

  • 5.3.1 - 2020-09-22

    Highlights

    • New API: page.emulateIdleState(...) (#6410)

    Raw notes

    c7d32cb - chore: mark version v5.3.1 (#6439)
    8f3171a - feat(permissions): Add idle-detection permission (#6438)
    083ea41 - test(frame): correct terminology in URL fragment test (#6416)
    bb1c521 - chore: remove mime dependency (#6415)
    17960e5 - feat(page): emulate idle state (#6410)
    03e41da - chore: bump version to v5.3.0-post (#6413)

  • 5.3.0 - 2020-09-11

    Highlights

    • Chromium 86.0.4240.0 (r800071)
    • Support configuring the browser download path through PUPPETEER_DOWNLOAD_PATH (#6014)
    • New API: page.waitForTimeout and subsequently, frame.waitForTimeout (#6268)
    • Deprecated API: page.waitFor and frame.waitFor (#6268)

    Raw notes

    030fcaa - chore: mark version v5.3.0 (#6412)
    4ce600a - chore: Remove target debug-unit and add unit-debug (#6411)
    62ac167 - feat(chromium): roll Chromium to r800071 (#6407)
    35cfbe1 - docs(troubleshooting.md): updated commands (#6296)
    ce6ae35 - doc(contributing): add info on bisecting upstream changes (#6402)
    e22ca4c - chore: extend Firefox launch test deadline by a month (#6403)
    2470d1e - chore: update documentation on rolling chromium (#6399)
    b6bbfd0 - fix: ensure frame.url() includes the query string (#6398)
    7b24e54 - fix: revise interesting classification for AXNodes (#6334)
    13ea347 - feat: support configuring the browser download path (#6014)
    615cd37 - chore: use https URL for license info (#6279)
    b4c1e45 - docs: fix setuid sandbox link (#6310)
    054d782 - fix(Launcher): use wait-for-process Firefox option (#6315)
    996e82c - test(install): check for Firefox binary, clean up messages (#6316)
    142f88c - docs(troubleshooting): update Alpine Chromium version (#6320)
    8e29b7a - chore: rename serializeTree parameter (#6308)
    1d08e27 - docs(troubleshooting.md) fix error in docker guidelines (#6267)
    9bc063b - chore: assert location value of ConsoleMessage in tests (#6282)
    713e990 - chore: upgrade Mitt to 2.1 (#6287)
    21552f8 - feat: page.waitForTimeout (#6268)
    3a15c06 - chore: test Connection class in the browser (#6269)
    a47b556 - docs(api): fix typo in elementHandle.evaluateHandle() (#6276)
    8c1a586 - fix: handle promise for reading protocol stream of trace (#6270)
    15d1906 - feat: add web test runner (#6200)
    13f8fe6 - chore(docs): page.emulateVisionDeficiency docs (#6231)
    e3933dd - chore: mark 5.2.1-post (#6257)

  • 5.2.1 - 2020-07-21

    Highlights

    • Chromium 85.0.4182.0 (r782078)
    • We now allow configuring the browser debug logging behavior via globalThis.__PUPPETEER_DEBUG (#6210)

    Raw notes

    4ee4649 - chore: mark v5.2.1 (#6254)
    e89e264 - feat(chromium): roll Chromium to r782078 (#6250)
    b2f6918 - fix: configure debug logging in browser (#6210)
    040f37e - docs: fix link text (#6245)
    9fdf2ba - chore(docs): migrate page.pdf() docs (#6228)
    2331584 - docs(troubleshooting): install libXss in Dockerfile (#6236)
    042c4a2 - chore: mark 5.2.0-post (#6240)

from puppeteer GitHub release notes
Package name: source-map-explorer
  • 2.5.3 - 2022-09-26
    • Bump versions on a few dependencies to support Node 18. See #232. Thanks @ duhdugg!
  • 2.5.2 - 2021-01-08

    🐛 Bug fixes

    • #197 Does not support Windows path separator. Thanks to @ orokanasaru for the contribution!

    🔧 Internal

    • Update dependencies
  • 2.5.1 - 2020-11-28

    🔧 Internal

    • Update dependencies
  • 2.5.0 - 2020-08-21

    🚀 Enhancements

    • #186 Improve performance of HTML generator. Thanks to @ khanguy00 for the contribution!
  • 2.4.2 - 2020-03-30

    🐛 Bug fixes

@snyk-bot
fix: upgrade multiple dependencies with Snyk
cceebf5 
Snyk has created this PR to upgrade:
  - puppeteer from 5.2.1 to 5.5.0.
    See this package in npm: https://www.npmjs.com/package/puppeteer
  - source-map-explorer from 2.4.2 to 2.5.3.
    See this package in npm: https://www.npmjs.com/package/source-map-explorer

See this project in Snyk:
https://app.snyk.io/org/mohammed766/project/3a71c6eb-8b52-4afa-911f-370b0c4e852c?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mohammed-ibra @snyk-bot