Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency mocha to v6 #10

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

mend-for-github-com[bot]
Copy link

This PR contains the following updates:

Package Type Update Change
mocha (source) devDependencies major 3.2.0 -> 6.2.3

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity CVSS Score CVE
High High 9.8 CVE-2017-16042
High High 7.1 WS-2018-0590
Medium Medium 5.6 CVE-2020-7598
Medium Medium 5.3 CVE-2017-16137
Medium Medium 5.3 WS-2019-0425

Release Notes

mochajs/mocha

v6.2.3

Compare Source

🔒 Security Fixes

v6.2.2

Compare Source

🐛 Fixes

📖 Documentation

v6.2.1

Compare Source

🐛 Fixes

📖 Documentation

v6.2.0

Compare Source

🎉 Enhancements

🐛 Fixes

📖 Documentation

🔍 Coverage

🔩 Other

v6.1.4

Compare Source

🔒 Security Fixes

v6.1.3

Compare Source

🐛 Fixes

v6.1.2

Compare Source

🐛 Fixes

v6.1.1

Compare Source

🐛 Fixes

v6.1.0

Compare Source

🔒 Security Fixes

🎉 Enhancements

📠 Deprecations

These are soft-deprecated, and will emit a warning upon use. Support will be removed in (likely) the next major version of Mocha:

🐛 Fixes

and some regressions:

📖 Documentation

🔩 Other

v6.0.2

Compare Source

🐛 Fixes

Two more regressions fixed:

v6.0.1

Compare Source

The obligatory round of post-major-release bugfixes.

🐛 Fixes

These issues were regressions.

  • #​3754: Mocha again finds test.js when run without arguments (@​plroebuck)
  • #​3756: Mocha again supports third-party interfaces via --ui (@​boneskull)
  • #​3755: Fix broken --watch (@​boneskull)
  • #​3759: Fix unwelcome deprecation notice when Mocha run against languages (CoffeeScript) with implicit return statements; returning a non-undefined value from a describe callback is no longer considered deprecated (@​boneskull)

📖 Documentation

v6.0.0

Compare Source

🎉 Enhancements

🐛 Fixes

📖 Documentation

🔩 Other

v5.2.0

Compare Source

🎉 Enhancements

🐛 Fixes

📖 Documentation

🔩 Other

v5.1.1

Compare Source

🐛 Fixes

v5.1.0

Compare Source

🎉 Enhancements

🐛 Fixes

📖 Documentation

🔩 Other

v5.0.5

Compare Source

Welcome @​outsideris to the team!

🐛 Fixes

📖 Documentation

🔩 Other

v5.0.4

Compare Source

🐛 Fixes

v5.0.3

Compare Source

This patch features a fix to address a potential "low severity" ReDoS vulnerability in the diff package (a dependency of Mocha).

🔒 Security Fixes

🔩 Other

v5.0.2

Compare Source

This release fixes a class of tests which report as false positives. Certain tests will now break, though they would have previously been reported as passing. Details below. Sorry for the inconvenience!

🐛 Fixes

  • #​3226: Do not swallow errors that are thrown asynchronously from passing tests (@​boneskull). Example:

    ```js
    it('should actually fail, sorry!', function (done) {
    // passing assertion
    assert(true === true);

    // test complete & is marked as passing
    done();

    // ...but something evil lurks within
    setTimeout(() => {
    throw new Error('chaos!');
    }, 100);
    });
    ```

    Previously to this version, Mocha would have silently swallowed the chaos! exception, and you wouldn't know. Well, now you know. Mocha cannot recover from this gracefully, so it will exit with a nonzero code.

    Maintainers of external reporters: If a test of this class is encountered, the Runner instance will emit the end event twice; you may need to change your reporter to use runner.once('end') intead of runner.on('end').

  • #​3093: Fix stack trace reformatting problem (@​outsideris)

🔩 Other

v5.0.1

Compare Source

...your garden-variety patch release.

Special thanks to Wallaby.js for their continued support! ❤️

🐛 Fixes

📖 Documentation

🔩 Other

v5.0.0

Compare Source

Mocha starts off 2018 right by again dropping support for unmaintained rubbish.

Welcome @​vkarpov15 to the team!

💥 Breaking Changes

  • #​3148: Drop support for IE9 and IE10 (@​Bamieh)
    Practically speaking, only code which consumes (through bundling or otherwise) the userland buffer module should be affected. However, Mocha will no longer test against these browsers, nor apply fixes for them.

🎉 Enhancements

🐛 Fixes

😎 Developer Experience

📖 Documentation

🔩 Other

v4.1.0

Compare Source

4.1.0 / 2017-12-28

This is mainly a "housekeeping" release.

Welcome @​Bamieh and @​xxczaki to the team!

🐛: Fixes

🎉 Enhancements

📖 Documentation

🔩 Other

v4.0.1

Compare Source

4.0.1 / 2017-10-05

🐛 Fixes

v4.0.0

Compare Source

4.0.0 / 2017-10-02

You might want to read this before filing a new bug! 😝

💥 Breaking Changes

For more info, please read this article.

Compatibility
Default Behavior
  • #​2879: By default, Mocha will no longer force the process to exit once all tests complete. This means any test code (or code under test) which would normally prevent node from exiting will do so when run in Mocha. Supply the --exit flag to revert to pre-v4.0.0 behavior (@​ScottFreeCode, @​boneskull)
Reporter Output

👎 Deprecations

🎉 Enhancements

📖 Documentation

🔩 Other

v3.5.3

Compare Source

3.5.3 / 2017-09-11

🐛 Fixes

v3.5.2

Compare Source

3.5.2 / 2017-09-10

🐛 Fixes

v3.5.1

Compare Source

3.5.1 / 2017-09-09

📰 News

  • 📣 Mocha is now sponsoring PDXNode! If you're in the Portland area, come check out the monthly talks and hack nights!

🐛 Fixes

🔩 Other

v3.5.0

Compare Source

v3.5.0 / 2017-07-31

📰 News

  • Mocha now has a code of conduct (thanks @​kungapal!).
  • Old issues and PRs are now being marked "stale" by Probot's "Stale" plugin. If an issue is marked as such, and you would like to see it remain open, simply add a new comment to the ticket or PR.
  • WARNING: Support for non-ES5-compliant environments will be dropped starting with version 4.0.0 of Mocha!

🔒 Security Fixes

🎉 Enhancements

🔩 Other

v3.4.2

Compare Source

3.4.2 / 2017-05-24

🐛 Fixes

🔩 Other

v3.4.1

Compare Source

Fixed a publishing mishap with git's autocrlf settings.

v3.3.0

Compare Source

Thanks to all our contributors, maintainers, sponsors, and users! ❤️

As highlights:

  • We've got coverage now!
  • Testing is looking less flaky \o/.
  • No more nitpicking about "mocha.js" build on PRs.

🎉 Enhancements

🐛 Fixes

🔍 Coverage

🔩 Other


  • If you want to rebase/retry this PR, click this checkbox.

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by WhiteSource label Feb 7, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security fix Security fix generated by WhiteSource
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants