Skip to content
This repository has been archived by the owner on Dec 20, 2023. It is now read-only.

chore(deps): update dependency mocha to v6 (master) #103

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

appcues-wss[bot]
Copy link

@appcues-wss appcues-wss bot commented Sep 24, 2023

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
mocha (source) ^3.0.2 -> ^6.0.0 age adoption passing confidence

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity CVSS Score CVE
Critical Critical 9.8 CVE-2017-16042
High High 7.5 WS-2021-0638
High High 7.1 WS-2018-0590
Medium Medium 5.3 WS-2019-0425

Release Notes

mochajs/mocha (mocha)

v6.0.0

Compare Source

🎉 Enhancements

🐛 Fixes

📖 Documentation

🔩 Other

v5.2.0

Compare Source

🎉 Enhancements

🐛 Fixes

📖 Documentation

🔩 Other

v5.1.1

Compare Source

🐛 Fixes

v5.1.0

Compare Source

🎉 Enhancements

🐛 Fixes

📖 Documentation

🔩 Other

v5.0.5

Compare Source

Welcome @​outsideris to the team!

🐛 Fixes

📖 Documentation

🔩 Other

v5.0.4

Compare Source

🐛 Fixes

v5.0.3

Compare Source

This patch features a fix to address a potential "low severity" ReDoS vulnerability in the diff package (a dependency of Mocha).

🔒 Security Fixes

🔩 Other

v5.0.2

Compare Source

This release fixes a class of tests which report as false positives. Certain tests will now break, though they would have previously been reported as passing. Details below. Sorry for the inconvenience!

🐛 Fixes

  • #​3226: Do not swallow errors that are thrown asynchronously from passing tests (@​boneskull). Example:

    ```js
    it('should actually fail, sorry!', function (done) {
    // passing assertion
    assert(true === true);

    // test complete & is marked as passing
    done();

    // ...but something evil lurks within
    setTimeout(() => {
    throw new Error('chaos!');
    }, 100);
    });
    ```

    Previously to this version, Mocha would have silently swallowed the chaos! exception, and you wouldn't know. Well, now you know. Mocha cannot recover from this gracefully, so it will exit with a nonzero code.

    Maintainers of external reporters: If a test of this class is encountered, the Runner instance will emit the end event twice; you may need to change your reporter to use runner.once('end') intead of runner.on('end').

  • #​3093: Fix stack trace reformatting problem (@​outsideris)

🔩 Other

v5.0.1

Compare Source

...your garden-variety patch release.

Special thanks to Wallaby.js for their continued support! ❤️

🐛 Fixes

📖 Documentation

🔩 Other

v5.0.0

Compare Source

Mocha starts off 2018 right by again dropping support for unmaintained rubbish.

Welcome @​vkarpov15 to the team!

💥 Breaking Changes

  • #​3148: Drop support for IE9 and IE10 (@​Bamieh)
    Practically speaking, only code which consumes (through bundling or otherwise) the userland buffer module should be affected. However, Mocha will no longer test against these browsers, nor apply fixes for them.

🎉 Enhancements

🐛 Fixes

😎 Developer Experience

📖 Documentation

🔩 Other

v4.1.0

Compare Source

4.1.0 / 2017-12-28

This is mainly a "housekeeping" release.

Welcome @​Bamieh and @​xxczaki to the team!

🐛: Fixes

🎉 Enhancements

📖 Documentation

🔩 Other

v4.0.1

Compare Source

4.0.1 / 2017-10-05

🐛 Fixes

v4.0.0

Compare Source

4.0.0 / 2017-10-02

You might want to read this before filing a new bug! 😝

💥 Breaking Changes

For more info, please read this article.

Compatibility
Default Behavior
  • #​2879: By default, Mocha will no longer force the process to exit once all tests complete. This means any test code (or code under test) which would normally prevent node from exiting will do so when run in Mocha. Supply the --exit flag to revert to pre-v4.0.0 behavior (@​ScottFreeCode, @​boneskull)
Reporter Output

👎 Deprecations

🎉 Enhancements

📖 Documentation

🔩 Other

v3.5.3

Compare Source

3.5.3 / 2017-09-11

🐛 Fixes

v3.5.2

Compare Source

3.5.2 / 2017-09-10

🐛 Fixes

v3.5.1

Compare Source

3.5.1 / 2017-09-09

📰 News

  • 📣 Mocha is now sponsoring PDXNode! If you're in the Portland area, come check out the monthly talks and hack nights!

🐛 Fixes

🔩 Other


  • If you want to rebase/retry this PR, check this box

@appcues-wss appcues-wss bot added the security fix Security fix generated by WhiteSource label Sep 24, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
security fix Security fix generated by WhiteSource
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants