[Snyk] Upgrade: , , jsonwebtoken, lru-cache, gcf-utils, , , , c8, gts, mocha, nock, sinon, smee-client, typescript #525

WontonSam · 2024-09-23T10:05:09Z

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

Name	Versions	Released on

@types/node
from 18.11.18 to 22.5.2 | 289 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 22 days ago
on 2024-09-01
@octokit/types
from 8.1.0 to 13.5.0 | 39 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 5 months ago
on 2024-04-29
jsonwebtoken
from 9.0.0 to 9.0.2 | 2 versions ahead of your current version | a year ago
on 2023-08-30
lru-cache
from 7.14.1 to 11.0.0 | 39 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
on 2024-07-08
gcf-utils
from 14.4.6 to 15.0.1 | 2 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-09-26
@google-automations/issue-utils
from 2.1.2 to 3.0.0 | 2 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
on 2023-09-18
@types/mocha
from 10.0.1 to 10.0.7 | 6 versions ahead of your current version | 3 months ago
on 2024-06-22
@types/sinon
from 10.0.13 to 17.0.3 | 11 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 8 months ago
on 2024-01-10
c8
from 7.14.0 to 10.1.2 | 8 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 3 months ago
on 2024-06-13
gts
from 4.0.1 to 5.3.1 | 10 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 3 months ago
on 2024-06-11
mocha
from 10.2.0 to 10.7.3 | 10 versions ahead of your current version | a month ago
on 2024-08-09
nock
from 13.3.0 to 13.5.5 | 15 versions ahead of your current version | a month ago
on 2024-08-20
sinon
from 15.0.1 to 18.0.0 | 16 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 4 months ago
on 2024-05-15
smee-client
from 1.2.3 to 2.0.3 | 6 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | a month ago
on 2024-08-15
typescript
from 4.9.4 to 5.5.4 | 596 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
on 2024-07-22

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Improper Handling of Exceptional Conditions SNYK-JS-PROBOT-6129524	67	No Known Exploit
Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	67	No Known Exploit
Uncontrolled resource consumption SNYK-JS-BRACES-6838727	67	Proof of Concept
Infinite loop SNYK-JS-MARKDOWNIT-6483324	67	Proof of Concept
Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	67	No Known Exploit
Improper Handling of Exceptional Conditions SNYK-JS-OCTOKITWEBHOOKS-6129527	67	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	67	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	67	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-SERIALIZEJAVASCRIPT-6147607	67	Proof of Concept
Open Redirect SNYK-JS-EXPRESS-6474509	67	No Known Exploit
Cross-site Scripting SNYK-JS-EXPRESS-7926867	67	No Known Exploit
Uncontrolled Resource Consumption SNYK-JS-GRPCGRPCJS-7242922	67	No Known Exploit
Cross-site Scripting SNYK-JS-SEND-7926862	67	No Known Exploit
Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	67	No Known Exploit

Release notes

Package name: @types/node

22.5.2 - 2024-09-01
22.5.1 - 2024-08-28
22.5.0 - 2024-08-21
22.4.2 - 2024-08-21
22.4.1 - 2024-08-19
22.4.0 - 2024-08-16
22.3.0 - 2024-08-14
22.2.0 - 2024-08-09
22.1.0 - 2024-08-02
22.0.3 - 2024-08-02
22.0.2 - 2024-07-31
22.0.1 - 2024-07-31
22.0.0 - 2024-07-28
20.16.5 - 2024-09-04
20.16.4 - 2024-09-04
20.16.3 - 2024-09-01
20.16.2 - 2024-08-28
20.16.1 - 2024-08-19
20.16.0 - 2024-08-18
20.15.0 - 2024-08-16
20.14.15 - 2024-08-09
20.14.14 - 2024-08-02
20.14.13 - 2024-07-28
20.14.12 - 2024-07-23
20.14.11 - 2024-07-16
20.14.10 - 2024-07-05
20.14.9 - 2024-06-25
20.14.8 - 2024-06-22
20.14.7 - 2024-06-20
20.14.6 - 2024-06-19
20.14.5 - 2024-06-18
20.14.4 - 2024-06-17
20.14.3 - 2024-06-17
20.14.2 - 2024-06-05
20.14.1 - 2024-06-03
20.14.0 - 2024-06-02
20.13.0 - 2024-05-31
20.12.14 - 2024-05-31
20.12.13 - 2024-05-29
20.12.12 - 2024-05-14
20.12.11 - 2024-05-08
20.12.10 - 2024-05-06
20.12.9 - 2024-05-06
20.12.8 - 2024-05-01
20.12.7 - 2024-04-09
20.12.6 - 2024-04-09
20.12.5 - 2024-04-05
20.12.4 - 2024-04-03
20.12.3 - 2024-04-02
20.12.2 - 2024-03-30
20.12.1 - 2024-03-30
20.12.0 - 2024-03-30
20.11.30 - 2024-03-19
20.11.29 - 2024-03-18
20.11.28 - 2024-03-15
20.11.27 - 2024-03-13
20.11.26 - 2024-03-11
20.11.25 - 2024-03-06
20.11.24 - 2024-02-29
20.11.23 - 2024-02-29
20.11.22 - 2024-02-28
20.11.21 - 2024-02-27
20.11.20 - 2024-02-22
20.11.19 - 2024-02-15
20.11.18 - 2024-02-15
20.11.17 - 2024-02-08
20.11.16 - 2024-02-01
20.11.15 - 2024-02-01
20.11.14 - 2024-01-31
20.11.13 - 2024-01-30
20.11.12 - 2024-01-30
20.11.11 - 2024-01-30
20.11.10 - 2024-01-28
20.11.9 - 2024-01-28
20.11.8 - 2024-01-27
20.11.7 - 2024-01-26
20.11.6 - 2024-01-24
20.11.5 - 2024-01-17
20.11.4 - 2024-01-16
20.11.3 - 2024-01-15
20.11.2 - 2024-01-15
20.11.1 - 2024-01-15
20.11.0 - 2024-01-11
20.10.8 - 2024-01-09
20.10.7 - 2024-01-07
20.10.6 - 2023-12-30
20.10.5 - 2023-12-17
20.10.4 - 2023-12-07
20.10.3 - 2023-12-03
20.10.2 - 2023-12-01
20.10.1 - 2023-11-29
20.10.0 - 2023-11-24
20.9.5 - 2023-11-23
20.9.4 - 2023-11-22
20.9.3 - 2023-11-21
20.9.2 - 2023-11-18
20.9.1 - 2023-11-16
20.9.0 - 2023-11-07
20.8.10 - 2023-10-31
20.8.9 - 2023-10-25
20.8.8 - 2023-10-24
20.8.7 - 2023-10-18
20.8.6 - 2023-10-13
20.8.5 - 2023-10-12
20.8.4 - 2023-10-09
20.8.3 - 2023-10-06
20.8.2 - 2023-10-02
20.8.1 - 2023-10-02
20.8.0 - 2023-09-30
20.7.2 - 2023-09-29
20.7.1 - 2023-09-27
20.7.0 - 2023-09-25
20.6.5 - 2023-09-24
20.6.4 - 2023-09-23
20.6.3 - 2023-09-20
20.6.2 - 2023-09-16
20.6.1 - 2023-09-15
20.6.0 - 2023-09-08
20.5.9 - 2023-09-02
20.5.8 - 2023-09-01
20.5.7 - 2023-08-28
20.5.6 - 2023-08-24
20.5.5 - 2023-08-24
20.5.4 - 2023-08-23
20.5.3 - 2023-08-22
20.5.2 - 2023-08-22
20.5.1 - 2023-08-18
20.5.0 - 2023-08-13
20.4.10 - 2023-08-11
20.4.9 - 2023-08-08
20.4.8 - 2023-08-05
20.4.7 - 2023-08-04
20.4.6 - 2023-08-02
20.4.5 - 2023-07-25
20.4.4 - 2023-07-22
20.4.3 - 2023-07-21
20.4.2 - 2023-07-12
20.4.1 - 2023-07-07
20.4.0 - 2023-07-05
20.3.3 - 2023-06-30
20.3.2 - 2023-06-26
20.3.1 - 2023-06-13
20.3.0 - 2023-06-10
20.2.6 - 2023-06-10
20.2.5 - 2023-05-26
20.2.4 - 2023-05-25
20.2.3 - 2023-05-21
20.2.2 - 2023-05-21
20.2.1 - 2023-05-18
20.2.0 - 2023-05-17
20.1.7 - 2023-05-16
20.1.6 - 2023-05-16
20.1.5 - 2023-05-16
20.1.4 - 2023-05-13
20.1.3 - 2023-05-11
20.1.2 - 2023-05-10
20.1.1 - 2023-05-08
20.1.0 - 2023-05-05
20.0.0 - 2023-05-05
18.19.50 - 2024-09-04
18.19.49 - 2024-09-04
18.19.48 - 2024-09-01
18.19.47 - 2024-08-28
18.19.46 - 2024-08-26
18.19.45 - 2024-08-19
18.19.44 - 2024-08-09
18.19.43 - 2024-08-02
18.19.42 - 2024-07-23
18.19.41 - 2024-07-18
18.19.40 - 2024-07-16
18.19.39 - 2024-06-22
18.19.38 - 2024-06-20
18.19.37 - 2024-06-19
18.19.36 - 2024-06-17
18.19.35 - 2024-06-17
18.19.34 - 2024-06-03
18.19.33 - 2024-05-08
18.19.32 - 2024-05-06
18.19.31 - 2024-04-09
18.19.30 - 2024-04-05
18.19.29 - 2024-04-02
18.19.28 - 2024-03-30
18.19.27 - 2024-03-30
18.19.26 - 2024-03-19
18.19.25 - 2024-03-18
18.19.24 - 2024-03-13
18.19.23 - 2024-03-11
18.19.22 - 2024-03-06
18.19.21 - 2024-02-29
18.19.20 - 2024-02-28
18.19.19 - 2024-02-27
18.19.18 - 2024-02-22
18.19.17 - 2024-02-15
18.19.16 - 2024-02-15
18.19.15 - 2024-02-08
18.19.14 - 2024-02-01
18.19.13 - 2024-02-01
18.19.12 - 2024-01-31
18.19.11 - 2024-01-30
18.19.10 - 2024-01-26
18.19.9 - 2024-01-24
18.19.8 - 2024-01-17
18.19.7 - 2024-01-15
18.19.6 - 2024-01-09
18.19.5 - 2024-01-07
18.19.4 - 2023-12-30
18.19.3 - 2023-12-07
18.19.2 - 2023-12-03
18.19.1 - 2023-12-01
18.19.0 - 2023-11-30
18.18.14 - 2023-11-29
18.18.13 - 2023-11-23
18.18.12 - 2023-11-22
18.18.11 - 2023-11-21
18.18.10 - 2023-11-18
18.18.9 - 2023-11-07
18.18.8 - 2023-10-31
18.18.7 - 2023-10-25
18.18.6 - 2023-10-18
18.18.5 - 2023-10-12
18.18.4 - 2023-10-06
18.18.3 - 2023-10-02
18.18.2 - 2023-10-02
18.18.1 - 2023-09-29
18.18.0 - 2023-09-25
18.17.19 - 2023-09-23
18.17.18 - 2023-09-20
18.17.17 - 2023-09-16
18.17.16 - 2023-09-15
18.17.15 - 2023-09-08
18.17.14 - 2023-09-02
18.17.13 - 2023-09-01
18.17.12 - 2023-08-28
18.17.11 - 2023-08-24
18.17.10 - 2023-08-24
18.17.9 - 2023-08-23
18.17.8 - 2023-08-22
18.17.7 - 2023-08-22
18.17.6 - 2023-08-18
18.17.5 - 2023-08-11
18.17.4 - 2023-08-08
18.17.3 - 2023-08-05
18.17.2 - 2023-08-04
18.17.1 - 2023-07-25
18.17.0 - 2023-07-22
18.16.20 - 2023-07-21
18.16.19 - 2023-06-30
18.16.18 - 2023-06-13
18.16.17 - 2023-06-10
18.16.16 - 2023-05-26
18.16.15 - 2023-05-25
18.16.14 - 2023-05-21
18.16.13 - 2023-05-18
18.16.12 - 2023-05-16
18.16.11 - 2023-05-16
18.16.10 - 2023-05-16
18.16.9 - 2023-05-13
18.16.8 - 2023-05-11
18.16.7 - 2023-05-10
18.16.6 - 2023-05-08
18.16.5 - 2023-05-05
18.16.4 - 2023-05-05
18.16.3 - 2023-04-29
18.16.2 - 2023-04-27
18.16.1 - 2023-04-25
18.16.0 - 2023-04-23
18.15.13 - 2023-04-21
18.15.12 - 2023-04-19
18.15.11 - 2023-03-28
18.15.10 - 2023-03-25
18.15.9 - 2023-03-25
18.15.8 - 2023-03-24
18.15.7 - 2023-03-24
18.15.6 - 2023-03-23
18.15.5 - 2023-03-20
18.15.4 - 2023-03-20
18.15.3 - 2023-03-14
18.15.2 - 2023-03-13
18.15.1 - 2023-03-13
18.15.0 - 2023-03-09
18.14.6 - 2023-03-03
18.14.5 - 2023-03-03
18.14.4 - 2023-03-02
18.14.3 - 2023-03-02
18.14.2 - 2023-02-26
18.14.1 - 2023-02-23
18.14.0 - 2023-02-17
18.13.0 - 2023-02-07
18.11.19 - 2023-02-04
18.11.18 - 2022-12-26

from @types/node GitHub release notes

Package name: @octokit/types

13.5.0 - 2024-04-29
13.5.0 (2024-04-29)

Features
- add Copilot operations, bump openapi-types version (#638) (69c7f34)
13.4.1 - 2024-04-15
13.4.1 (2024-04-15)

Bug Fixes
- openapi-types and openapi-version minor bumps (#633) (fa8e2bb)
13.4.0 - 2024-04-09
13.4.0 (2024-04-09)

Features
- updates @ octokit/openapi-types to v22.0.1 (#631) (73f3c21)
13.3.0 - 2024-04-09
13.3.0 (2024-04-09)

Features
- add redirect option in RequestRequestOptions (#630) (9c58158)
13.2.0 - 2024-04-08
13.2.0 (2024-04-08)

Features
- Updates @ octokit/openapi-types to 22.0.0 (which had breaking changes). BREAKING CHANGES: Renames [repository-rule-params-code-scanning-threshold to repository-rule-params-code-scanning-tool, security_alerts to security_alerts_threshold], renames fields[repository-rule-params-code-scanning-threshold.alerts to repository-rule-params-code-scanning-tool.alerts_threshold, repository-rule-params-code-scanning-threshold.security_alerts to repository-rule-params-code-scanning-tool.security_alerts_threshold] (#629) (d32a77f)
- updates @ octokit/openapi-types to v21.2.0 (#627) (a5bfb8f)
13.1.0 - 2024-04-04
13.1.0 (2024-04-04)

Features
- security: Add provenance (#628) (cd916a4)
13.0.0 - 2024-04-02
13.0.0 (2024-04-02)

Features
- Updates openapi-types to v21.0.0 (which had breaking changes), BREAKING CHANGE: Updates multiple endpoints to use owner + repo in place of repository_id (#625) (ad024fe)
BREAKING CHANGES
- Updates multiple endpoints to use owner + repo in place of repository_id
12.6.0 - 2024-02-22
12.6.0 (2024-02-22)

Features
- many new endpoints (#618) (b2d7de9)
12.5.0 - 2024-02-15
12.5.0 (2024-02-15)

Features
- add x-accepted-github-permissions (#609) (bc28bdc)
12.4.0 - 2023-12-04
12.4.0 (2023-12-04)

Features
- permissions.organization_custom_properties (#598) (ff98468)
12.3.0 - 2023-11-12
12.2.0 - 2023-11-07
12.1.1 - 2023-10-25
12.1.0 - 2023-10-24
12.0.1 - 2023-10-24
12.0.0 - 2023-09-23
11.1.0 - 2023-07-10
11.0.0 - 2023-07-07
10.1.0-beta.1 - 2023-06-30
10.0.0 - 2023-06-13
10.0.0-beta.2 - 2023-06-12
10.0.0-beta.1 - 2023-05-26
9.3.2 - 2023-06-13
9.3.1 - 2023-06-10
9.3.0 - 2023-06-09
9.3.0-beta.1 - 2023-05-25
9.2.3 - 2023-05-19
9.2.2 - 2023-05-11
9.2.1 - 2023-05-05
9.2.0 - 2023-04-28
9.1.4 - 2023-04-27
9.1.3 - 2023-04-27
9.1.2 - 2023-04-21
9.1.1 - 2023-04-20
9.1.0 - 2023-04-19
9.0.0 - 2023-01-20
8.2.1 - 2023-01-20
8.2.0 - 2023-01-20
8.1.1 - 2023-01-13
8.1.0 - 2023-01-11

from @octokit/types GitHub release notes

Package name: jsonwebtoken

9.0.2 - 2023-08-30
Release 9.0.2 (#935)
9.0.1 - 2023-07-05
Updating package version to 9.0.1 (#920)
9.0.0 - 2022-12-21
- Check if node version supports asymmetricKeyDetails
- Validate algorithms for ec key type
- Rename variable
- Rename function
- Add early return for symmetric keys
- Validate algorithm for RSA key type
- Validate algorithm for RSA-PSS key type
- Check key types for EdDSA algorithm
- Rename function
- Move validateKey function to module
- Convert arrow to function notation
- Validate key in verify function
- Simplify if
- Convert if to switch..case
- Guard against empty key in validation
- Remove empty line
- Add lib to check modulus length
- Add modulus length checks
- Validate mgf1HashAlgorithm and saltLength
- Check node version before using key details API
- Use built-in modulus length getter
- Fix Node version validations
- Remove duplicate validateKey
- Add periods to error messages
- Fix validation in verify function
- Make asymmetric key validation the latest validation step
- Change key curve validation
- Remove support for ES256K
- Fix old test that was using wrong key types to sign tokens
- Enable RSA-PSS for old Node versions
- Add specific RSA-PSS validations on Node 16 LTS+
- Improve error message
- Simplify key validation code
- Fix typo
- Improve error message
- Change var to const in test
- Change const to let to avoid reassigning problem
- Improve error message
- Test incorrect private key type
- Rename invalid to unsupported
- Test verifying of jwt token with unsupported key
- Test invalid private key type
- Change order of object parameters
- Move validation test to separate file
- Move all validation tests to separate file
- Add prime256v1 ec key
- Remove modulus length check
- WIP: Add EC key validation tests
- Fix node version checks
- Fix error message check on test
- Add successful tests for EC curve check
- Remove only from describe
- Remove only
- Remove duplicate block of code
- Move variable to a different scope and make it const
- Convert allowed curves to object for faster lookup
- Rename variable
- Change variable assignment order
- Remove unused object properties
- Test RSA-PSS happy path and wrong length
- Add missing tests
- Pass validation if no algorithm has been provided
- Test validation of invalid salt length
- Test error when signing token with invalid key
- Change var to const/let in verify tests
- Test verifying token with invalid key
- Improve test error messages
- Add parameter to skip private key validation
- Replace DSA key with a 4096 bit long key
- Test allowInvalidPrivateKeys in key signing
- Improve test message
- Rename variable
- Add key validation flag tests
- Fix variable name in Readme
- Change private to public dsa key in verify
- Rename flag
- Run EC validation tests conditionally
- Fix tests in old node versions
- Ignore block of code from test coverage
- Separate EC validations tests into two different ones
- Add comment
- Wrap switch in if instead of having an early return
- Remove unsupported algorithms from asymmetric key validation
- Rename option to allowInvalidAsymmetricKeyTypes and improve Readme
- 9.0.0
- adding migration notes to readme
- adding changelog for version 9.0.0
Co-authored-by: julienwoll julien.wollscheid@auth0.com

from jsonwebtoken GitHub release notes

Package name: lru-cache

from lru-cache GitHub release notes

Package name: gcf-utils

15.0.1 - 2023-09-26
15.0.1 (2023-09-26)

Bug Fixes
- getAuthenticatedOctokit is a standalone method (#5235) (0f95e5a)
15.0.0 - 2023-09-15
14.4.6 - 2023-01-12

from gcf-utils GitHub release notes

Package name: @google-automations/issue-utils

3.0.0 - 2023-09-18
2.2.0 - 2023-09-18
2.1.2 - 2023-01-10

from @google-automations/issue-utils GitHub release notes

Package name: @types/mocha

10.0.7 - 2024-06-22
10.0.6 - 2023-11-22
10.0.5 - 2023-11-21
10.0.4 - 2023-11-07
10.0.3 - 2023-10-18
10.0.2 - 2023-09-27
10.0.1 - 2022-11-28

from @types/mocha GitHub release notes

Package name: @types/sinon

17.0.3 - 2024-01-10
17.0.2 - 2023-11-21
17.0.1 - 2023-11-07
17.0.0 - 2023-11-03
10.0.20 - 2023-10-18
10.0.19 - 2023-10-06
10.0.18 - 2023-10-02
10.0.17 - 2023-09-25
10.0.16 - 2023-08-01
10.0.15 - 2023-05-14
10.0.14 - 2023-04-17
10.0.13 - 2022-07-20

from @types/sinon GitHub release notes

Package name: c8

10.1.2 - 2024-06-13
10.1.2 (2024-06-13)

Bug Fixes
- deps: make monocart-coverage-reports an optional with meta defined (3b91fda)
10.1.1 - 2024-06-11
10.1.1 (2024-06-11)

Bug Fixes
- stop installing monocart-coverage-reports (#535) (13979a7)
10.1.0 - 2024-06-11
10.1.0 (2024-06-11)

Features
- add experimental monocart reports (#521) (2e5e297)
10.0.0 - 2024-06-10
10.0.0 (2024-06-10)

⚠ BREAKING CHANGES
- deps: Node 18 is now the minimum supported Node.js version
Bug Fixes
- deps: update test-exclude with new glob / minimatch (#531) (e33cf30)
9.1.0 - 2024-01-12
9.1.0 (2024-01-11)

Features
- support passing reporter options from config (#459) (88db5db)
Bug Fixes
- refactor: remove stale check for createDynamicModule (5e18365)
9.0.0 - 2024-01-03
9.0.0 (2024-01-03)

⚠ BREAKING CHANGES
- build: minimum Node.js version is now 14.14.0
Features
- build: minimum Node.js version is now 14.14.0 (2cdc86b)
- deps: update foreground-child to promise API (#512) (b46b640)
- deps: use Node.js built in rm (2cdc86b)
8.0.1 - 2023-07-25
8.0.1 (2023-07-25)

Bug Fixes
- deps: update istanbul deps (#485) (3be8bd9), closes #478
8.0.0 - 2023-06-13
8.0.0 (2023-06-05)

⚠ BREAKING CHANGES
- dropped Node 10 support (#475)
Miscellaneous Chores
- dropped Node 10 support (#475) (f8ee1ff)
7.14.0 - 2023-05-28
7.14.0 (2023-05-26)

Features
- added a new CLI arg --merge-async to asynchronously and incrementally merge process coverage files to avoid OOM due to heap exhaustion (#469) (45f2f84)

from c8 GitHub release notes

Package name: gts

5.3.1 - 2024-06-11
5.3.1 (2024-04-10)

Bug Fixes
- deps: replace dependency eslint-plugin-node with eslint-plugin-n (#865) (efbe3a8)
- deps: update dependency eslint to v8.57.0 (#833) (0c0a45c)
- deps: update dependency prettier to v3.2.5 (#846) (7e60e38)
Performance Improvements
- Supercharge Performance & Efficiency: Leveraging Promise.all for Resource-Friendly Tasks 🚤 (#838) (7424fe1)
5.3.0 - 2024-03-22
5.3.0 (2024-03-21)

Features
- adding pre-commit-hooks.yaml (#858) (b17994d)
Bug Fixes
- deps: update dependency eslint to v8.51.0 (#812) (ae913c1)
- deps: update dependency eslint to v8.52.0 (#821) (50b3ce5)
- deps: update dependency eslint to v8.53.0 (#829) (7d9ffed)
- deps: update dependency eslint-config-prettier to v9.1.0 (#836) (9105ebb)
- deps: update dependency eslint-plugin-prettier to v5.0.1 (#817) (89b8955)
- deps: update dependency eslint-plugin-prettier to v5.1.2 (#839) (b5ab5c4)
- deps: update dependency eslint-plugin-prettier to v5.1.3 (#845) (6e13e12)
- deps: update dependency prettier to v3.1.0 (#832) (faf6d7e)
- deps: update dependency prettier to v3.1.1 (#837) (6de3e3b)
5.2.0 - 2023-10-05
5.2.0 (2023-10-04)

Features
- warn for ts-ignore comments for ESM (#810) (350fbf0)
5.1.1 - 2023-10-04
5.1.1 (2023-10-04)

Bug Fixes
- revert feat: no-floating-promises (44de7f7)
5.1.0 - 2023-10-03
5.1.0 (2023-09-29)

Features
- no-floating-promises (#756) (c93e733)
Bug Fixes
- deps: update dependency eslint to v8.49.0 (#784) (5e2a05c)
- deps: update dependency eslint to v8.50.0 (#802) (794abf3)
- deps: update dependency eslint-config-prettier to v8.10.0 (#785) (5391d89)
- deps: update dependency eslint-config-prettier to v9 (#777) (470977a)
- deps: update dependency prettier to v3.0.3 (#782) (5a04e76)
- run eslint from PATH (#654) (5dc2a76)
5.0.2-debug - 2023-08-18
5.0.1 - 2023-08-21
5.0.1 (2023-08-21)

Bug Fixes
- line up linting with owlbot post-processing linting (#778) (a731fe9)
5.0.1-debug - 2023-08-18
5.0.0 - 2023-07-27
5.0.0 (2023-07-26)

⚠ BREAKING CHANGES
- Upgrade to node 14 as the minimum version (#771)
Bug Fixes
- deps: update dependency prettier to ~2.8.0 (#743) (7582516)
- update eslint-prettier (43d4a06)
Miscellaneous Chores
- Upgrade to node 14 as the minimum version (#771) (6301178)
5.0.0-debug - 2023-08-03
4.0.1 - 2023-03-30
4.0.1 (2023-01-09)

Bug Fixes
- deps: bump json5 from 2.2.1 to 2.2.2 addressing CVE-2022-46175 (2a1fd61)

from gts GitHub release notes

Package name: mocha

10.7.3 - 2024-08-09
10.7.3 (2024-08-09)

🩹 Fixes
- make release-please build work (#5194) (afd66ef)
10.7.0 - 2024-07-20
What's Changed
- feat: add option to not fail on failing test suite by @ ilgonmic in #4771
New Contributors
- @ ilgonmic made their first contribution in

Snyk has created this PR to upgrade: - @types/node from 18.11.18 to 22.5.2. See this package in npm: https://www.npmjs.com/package/@types/node - @octokit/types from 8.1.0 to 13.5.0. See this package in npm: https://www.npmjs.com/package/@octokit/types - jsonwebtoken from 9.0.0 to 9.0.2. See this package in npm: https://www.npmjs.com/package/jsonwebtoken - lru-cache from 7.14.1 to 11.0.0. See this package in npm: https://www.npmjs.com/package/lru-cache - gcf-utils from 14.4.6 to 15.0.1. See this package in npm: https://www.npmjs.com/package/gcf-utils - @google-automations/issue-utils from 2.1.2 to 3.0.0. See this package in npm: https://www.npmjs.com/package/@google-automations/issue-utils - @types/mocha from 10.0.1 to 10.0.7. See this package in npm: https://www.npmjs.com/package/@types/mocha - @types/sinon from 10.0.13 to 17.0.3. See this package in npm: https://www.npmjs.com/package/@types/sinon - c8 from 7.14.0 to 10.1.2. See this package in npm: https://www.npmjs.com/package/c8 - gts from 4.0.1 to 5.3.1. See this package in npm: https://www.npmjs.com/package/gts - mocha from 10.2.0 to 10.7.3. See this package in npm: https://www.npmjs.com/package/mocha - nock from 13.3.0 to 13.5.5. See this package in npm: https://www.npmjs.com/package/nock - sinon from 15.0.1 to 18.0.0. See this package in npm: https://www.npmjs.com/package/sinon - smee-client from 1.2.3 to 2.0.3. See this package in npm: https://www.npmjs.com/package/smee-client - typescript from 4.9.4 to 5.5.4. See this package in npm: https://www.npmjs.com/package/typescript See this project in Snyk: https://app.snyk.io/org/cachiman/project/119e54e9-91e9-447b-b37c-028b7cb92ac3?utm_source=github&utm_medium=referral&page=upgrade-pr

google-cla · 2024-09-23T10:05:16Z

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

product-auto-label bot added the bot: failurechecker label Sep 23, 2024

[Snyk] Upgrade: , , jsonwebtoken, lru-cache, gcf-utils, , , , c8, gts, mocha, nock, sinon, smee-client, typescript #525

Are you sure you want to change the base?

[Snyk] Upgrade: , , jsonwebtoken, lru-cache, gcf-utils, , , , c8, gts, mocha, nock, sinon, smee-client, typescript #525

Conversation

WontonSam commented Sep 23, 2024

Snyk has created this PR to upgrade multiple dependencies.

Issues fixed by the recommended upgrade:

13.5.0 (2024-04-29)

Features

13.4.1 (2024-04-15)

Bug Fixes

13.4.0 (2024-04-09)

Features

13.3.0 (2024-04-09)

Features

13.2.0 (2024-04-08)

Features

13.1.0 (2024-04-04)

Features

13.0.0 (2024-04-02)

Features

BREAKING CHANGES

12.6.0 (2024-02-22)

Features

12.5.0 (2024-02-15)

Features

12.4.0 (2023-12-04)

Features

15.0.1 (2023-09-26)

Bug Fixes

10.1.2 (2024-06-13)

Bug Fixes

10.1.1 (2024-06-11)

Bug Fixes

10.1.0 (2024-06-11)

Features

10.0.0 (2024-06-10)

⚠ BREAKING CHANGES

Bug Fixes

9.1.0 (2024-01-11)

Features

Bug Fixes

9.0.0 (2024-01-03)

⚠ BREAKING CHANGES

Features

8.0.1 (2023-07-25)

Bug Fixes

8.0.0 (2023-06-05)

⚠ BREAKING CHANGES

Miscellaneous Chores

7.14.0 (2023-05-26)

Features

5.3.1 (2024-04-10)

Bug Fixes

Performance Improvements

5.3.0 (2024-03-21)

Features

Bug Fixes

5.2.0 (2023-10-04)

Features

5.1.1 (2023-10-04)

Bug Fixes

5.1.0 (2023-09-29)

Features

Bug Fixes

5.0.1 (2023-08-21)

Bug Fixes

5.0.0 (2023-07-26)

⚠ BREAKING CHANGES

Bug Fixes

Miscellaneous Chores

4.0.1 (2023-01-09)

Bug Fixes

10.7.3 (2024-08-09)

🩹 Fixes

What's Changed

New Contributors

google-cla bot commented Sep 23, 2024