Skip to content
This repository has been archived by the owner on Oct 4, 2023. It is now read-only.

Bump lodash and cypress #46

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 11, 2022

Bumps lodash to 4.17.21 and updates ancestor dependency cypress. These dependencies need to be updated together.

Updates lodash from 4.17.15 to 4.17.21

Commits
  • f299b52 Bump to v4.17.21
  • c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
  • 3469357 Prevent command injection through _.template's variable option
  • ded9bc6 Bump to v4.17.20.
  • 63150ef Documentation fixes.
  • 00f0f62 test.js: Remove trailing comma.
  • 846e434 Temporarily use a custom fork of lodash-cli.
  • 5d046f3 Re-enable Travis tests on 4.17 branch.
  • aa816b3 Remove /npm-package.
  • d7fbc52 Bump to v4.17.19
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.


Updates cypress from 4.3.0 to 4.12.1

Release notes

Sourced from cypress's releases.

4.12.1

Released 8/5/2020

Bugfixes:

  • The error Cannot set property 'err' of undefined will no longer incorrectly throw when rerunning tests in the Test Runner. Fixes #7874.
  • Skipping the last test before a nested suite with a before hook will now correctly run the tests in the suite following the skipped test. Fixes #8086.

Dependency Updates:

  • Upgraded md5 from 2.2.1 to 2.3.0. Addressed in #8161.
  • Upgraded electron-context-menu from 0.15.1 to 2.2.0. Addressed in #8180.

4.12.0

Released 8/3/2020

Features:

  • Now you can control whether screenshots are automatically taken on test failure during cypress run by setting screenshotOnRunFailure in your configuration. Addresses #5029.
  • The pluginsFile now has access to a readonly version property within the config object that returns the current Cypress version being run. This will allow plugins to better target specific Cypress versions. Addresses #6352.
  • During cypress open, you can now run a subset of all specs by entering a text search filter and clicking 'Run n tests'. Addresses #6581.

Bugfixes:

  • position: fixed elements that have a parent with pointer-events: none will now correctly evaluate as visible. Fixes #6675.
  • Applications using custom elements will no longer trigger infinite XHR request loops. Fixes #1068.
  • When snapshotting the DOM, Cypress no longer causes attributeChangedCallback to be triggered on custom elements. Fixes #7187.
  • Spec files containing + characters now properly run in Cypress. Fixes #5909.
  • When using the fx shortcut in cy.route(), an error is now thrown when the fixture file cannot be found. Fixes #7818.
  • Cypress no longer thrown Cannot read property '__error' of null error when passing a file containing null content to cy.fixture(). Fixes #8010.
  • Values containing exponential operators passed to --env via the command line are now properly read. Fixes #6891.
  • The "Open in IDE" button no longer disappears from hooks when the tests are manually rerun. Fixes #8094.
  • When experimentalSourceRewriting is enabled, AST rewriting will no longer return an output before the body is done being written. This would happen when the response body was too large and the response would be sent while the body was still being modified. Fixes #8043.
  • When using .type(), Cypress now properly types into an input within an iframe that auto focuses the input. Fixes #8111.

Misc:

  • Dependencies for our cypress npm package are no longer pinned to a specific version. This allows the use of npm audit fix to fix security vulnerabilities without needing a patch release from Cypress. Addresses #8046.
  • We now collect environment variables for AWS CodeBuild when recording to the Dashboard. Addressed #8101.
  • Types inside Module API are now accessible via the CypressCommandLine namespace. Addresses #7309.
  • We added more type definitions for the .should() command. Addresses #5573.
  • Cookie command's expiry property type is now a Number instead of a String. Addresses #8144.
  • There are some minor visual improvements to the Test Runner's Command Log when hovering, focusing and clicking on hook titles and pending tests. Addressed in #8153.

Dependency Updates:

  • Upgraded jimp from 0.13.0 to 0.14.0. Addressed in #8102.
  • Upgraded moment from 2.26.0 to 2.27.0. Addressed in #8122.

4.11.0

... (truncated)

Commits
  • 2156e3e release 4.12.1 [skip ci]
  • a54d793 chore(deps): update dependency markdown-it to version .x 🌟 (#8183)
  • 640505e chore(deps): update dependency react-inspector to version .x 🌟 (#8182)
  • d3e90d6 fix(deps): update dependency electron-context-menu to version .x 🌟 (#8180)
  • 996fe97 fix(deps): update dependency md5 to version 2.3.0 🌟 (#8161)
  • 3ad06db fix: it.skip no longer causes hooks to be assigned to the wrong test (#8113)
  • 580087d release 4.12.0 [skip ci]
  • 9d19a9f fix: Capture env vars from AWS Code Build (#8159)
  • e0f587e fix: iFrame input focus should not cause blur if input already activeElement ...
  • 19393e0 fix(reporter): minor UI fixes and improvements (#8153)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by chrisbreiding, a new releaser for cypress since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [lodash](https://github.com/lodash/lodash) to 4.17.21 and updates ancestor dependency [cypress](https://github.com/cypress-io/cypress). These dependencies need to be updated together.


Updates `lodash` from 4.17.15 to 4.17.21
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](lodash/lodash@4.17.15...4.17.21)

Updates `cypress` from 4.3.0 to 4.12.1
- [Release notes](https://github.com/cypress-io/cypress/releases)
- [Changelog](https://github.com/cypress-io/cypress/blob/develop/CHANGELOG.md)
- [Commits](cypress-io/cypress@v4.3.0...v4.12.1)

---
updated-dependencies:
- dependency-name: lodash
  dependency-type: indirect
- dependency-name: cypress
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 11, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants