Update dependency puppeteer to v1 [SECURITY] #35
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
0.13.0
->1.13.0
GitHub Vulnerability Alerts
CVE-2019-5786
Versions of
puppeteer
prior to 1.13.0 are vulnerable to the Use-After-Free vulnerability in Chromium (CVE-2019-5786). The Chromium FileReader API is vulnerable to Use-After-Free which may lead to Remote Code Execution.Recommendation
Upgrade to version 1.13.0 or later.
Release Notes
puppeteer/puppeteer
v1.13.0
Compare Source
Big Changes
API Changes
No API changes.
Bug Fixes
Raw Notes
ba5f94d
- test: disable flaky cookies test (#4112)02b2451
- fix: check if async error has a stack (#4017)9db09fe
- test: add test to validate redirecting in request.respond (#4106)c68df32
- test: add failing test for bad request interception (#4108)02859c3
- feat(chromium): roll Chromium to r637110 (#4099)bc28f3b
- fix(firefox): fix executablePath() on OSX (#4105)c9f6a3d
- chore(firefox): bump version to v0.5.0 (#4089)a6d8ecc
- fix(firefox): keyboard tests (#4082)e8a4963
- test: cleanup tests (#4078)dae998e
- fix(firefox): enable domains in a proper order (#4077)9ef23b1
- feat(firefox): implement cookies api (#4076)03d06f5
- feat(firefox): page.accessibility.snapshot() (#4071)f21486f
- feat(firefox): implement Page.touchscreen (#4070)3541b89
- test: split out all chromium-specific tests into chromiumonly.spec.js (#4068)77a4ea5
- test: split out fixture tests and make them work with FF (#4067)d04a8d5
- refactor(firefox): split out DOMWorld (#4066)4ecbd91
- refactor(firefox): migrate onto ExecutionContext events (#4064)56dafd7
- feat: support Response.buffer(), Response.json() and Response.text() (#4063)3bea5d6
- feat(firefox): implement browserContext.overridePermissions (#4060)f1a14fe
- feat(firefox): support elementHandle.uploadFile (#4058)1315dc8
- feat(firefox): support Page.emualteMedia (#4056)5c81836
- feat(firefox): implement page.exposeFunction (#4052)7d39aca
- test: split out test for "text" option of ElementHandle.press (#4051)ed984ac
- chore(firefox): kill original puppeteer-firefox tests (#4047)fbf91cc
- test(firefox): move AX tests to Chrome-only (#4042)a0fd2ce
- fix(firefox): enable more tests (#4037)03c542a
- feat(firefox): implement missing launcher options (#4036)719ee5a
- feat(firefox): support page.setExtraHTTPHeaders (#4035)c118b20
- feat(firefox): basic request interception support (#4034)3b18092
- refactor(firefox): migrate onto Juggler flatten protocol (#4033)4a4793a
- feat(firefox): support Browser.target() (#4028)ea482c4
- fix(firefox): properly cleanup networkmanager (#4024)9782f9c
- fix(firefox): add test to make sure remote browser can be closed (#4023)c35821a
- feat(firefox): switch over to WebSocket and support multiclient (#4022)e0d4a5d
- fix(firefox): track frame detachment in navigation watchdog (#4008)247733b
- fix(firefox): enable more firefox tests (#4007)e8f044c
- fix(firefox): enable a bunch of evaluation tests (#4006)6350cf0
- fix(firefox): report more console messages (including warnings) (#4005)0b40d04
- feat(firefox): support running beforeunload hooks when closing (#4003)e3b76b2
- feat(firefox): support consoleMessage.location() (#4002)2275c3c
- fix(firefox): properly round clip when doing element screenshots (#4001)670d758
- feat(firefox): support "referer" option in Page.goto (#4000)fbf3643
- feat(firefox): support Request.postData (#3999)13224a7
- feat(firefox): support Response.securityDetails() (#3997)57e7f12
- test: split out tests for security details (#3996)31ae1d6
- feat(firefox) support Request.headers() & Response.headers() (#3993)89d0f1e
- feat(firefox): implement frame.goto / frame.waitForNavigation (#3992)f0fba56
- test: split out Response.fromCache/fromServiceWorker (#3990)1890dc0
- feat(firefox): Page.waitForRequest/Page.waitForResponse (#3989)afb9355
- feat(firefox): basic support for Network (#3988)fb9d404
- test(mouse): add failing for test for mobile + cross process navigation (#3951)63ea805
- feat(chromium): roll Chromium to r630727 (#3985)b82cc15
- feat(firefox): support Page.setJavascriptEnabled (#3970)edb6f62
- feat(firefox): support page.setDefaultNavigationTimeout (#3969)fc18a79
- feat(firefox): support Page.setUserAgent method (#3968)1ce578b
- chore(test): remove the server.EMPTY_PAGE2 asset (#3967)cfefd61
- feat(firefox): support target.opener() and page.on('popup') (#3966)0cf6ab6
- feat(firefox): support page.browserContext() (#3965)c64e02e
- refactor(firefox): introduce FrameManager (#3964)2a7ed1a
- fix(firefox): add ExecutionContext to api (#3963)a987535
- feat(firefox): implement execution contexts (#3962)5696096
- chore(testrunner): newline for toEqual matcher (#3959)0bb657c
- chore(test): remove --firefox-status flag from tests (#3956)07b43ff
- chore: remove Juggler from Puppeteer repository (#3954)72c0047
- refactor(firefox): introduce /lib/Events (#3949)6b18e8c
- feat(firefox): introduce async stacks for Puppeteer-Firefox (#3948)9216056
- fix(testrunner): fix bad test counter (#3947)addd7f4
- chore(testrunner): introduce verbose mode (#3946)c33be4c
- refactor(firefox): split out JSHandle into a separate file (#3945)76eecde
- chore(test): remove stray console.log (#3943)609e763
- test(firefox): enable screenshot tests for Firefox (#3942)49e8704
- test(firefox): enable more tests on Puppeteer-Firefox (#3937)9679279
- chore(ci): enable firefox on travis (#3935)a762dbe
- chore(ci): add Puppeteer-Firefox to CI (#3932)6887ad8
- chore: further unify Puppeteer-Firefox tests with Puppeteer (#3931)c3b6619
- chore(firefox): readme link to isready site (#3930)14fb3e3
- chore(firefox): mark all Puppeteer tests that are failing on FF (#3924)86783c2
- chore(firefox): run all tests without "UnhandledPromiseRejection" error (#3922)bc71e92
- chore(testrunner): nicer colors for test reporter (#3921)1676f99
- chore(firefox): move sources from //lib/firefox to //lib (#3920)a210dd7
- chore(testrunner): show 5 slowest tests on CI (#3919)00bcecb
- chore: increase test timeout to 20 seconds on Appveyour (#3918)28087c2
- feat(firefox): support ElementHandle.contentFrame() (#3917)dd8bd6d
- test(firefox): support Puppeteer-Firefox specific env variables (#3907)e100000
- docs(api.md): update versions (#3916)a760d79
- chore: bump version to v1.12.2-post (#3915)v1.12.2
Compare Source
Big Changes
API Changes
No API changes.
Bug Fixes
Raw Notes
9a90107
- chore: mark version v1.12.26e1f7dc
- feat(chromium): roll chromium to r624492 (#3909)69c434a
- test(firefox): further unify Puppeteer-Firefox and Puppeteer tests (#3894)47fbb11
- test(firefox): add more Puppeteer-Firefox tests to Puppeteer (#3892)b5e53fd
- test(firefox): add puppeteer-firefox unique evaluation tests (#3891)6bb0350
- test(firefox): introduce vendor-specific specs (#3890)84fe601
- chore(firefox): run Puppeteer-Firefox against Puppeteer tests (#3888)fd67fa7
- test(firefox): run puppeteer-firefox tests in browser contexts (#3887)bd34755
- feat(ppfox): implement browser contexts (#3872)b0e8084
- chore: bump version to v1.12.1-post (#3886)v1.12.1
Compare Source
Big Changes
'd.ts'
file since it's inferior to the @types one.API Changes
No API changes.
Bug Fixes
Raw Notes
a1abd6c
- chore: mark version v1.12.1 (#3885)23b7465
- fix(types): disable shipping our own d.ts file (#3882)718cdf1
- chore: bump version to v1.12.0-post (#3876)v1.12.0
Compare Source
Big Changes
page.setDefaultTimeout(timeout)
allows controlling default timeout for all page operations..d.ts
file for better TypeScript support. (f2c968f
)API Changes
Added:
puppeteer.connect()
now accepts a new option -'browserURL'
(15af75f
)page.on('popup')
(8aaca4e
)page.browserContext()
(c90392b
)page.setDefaultTimeout(timeout)
(a064a63
)consoleMessage.location()
(0c86763
)Changed:
page.setContent(html, options)
now respects default navigation timeout (a064a63
)Bug Fixes
frame.evaluate
freezes / hangs on detached frames.intervention
header when generating request hashRaw Notes
a545059
- chore: mark version v1.12.05cca7c0
- fix(types): don't report events as class members (#3874)3c516f2
- chore: move static constructor to the top (#3873)d89ec00
- fix(ppfox): check directory existance if necessary when running tests (#3871)a2f1e27
- fix: ignore console messages from destroyed execution contexts (#3866)7001042
- fix(launcher): properly disable translate UI (#3863)61bc51c
- fix: update device descriptors (#3862)a064a63
- feat(page): introduce page.setDefaultTimeout (#3854)f2c968f
- chore(types): generate our own d.ts file from api.md (#3744)63d9ac4
- fix(executioncontext): follow up to properly adopt element handles (#3857)55432f8
- fix(page): execute frame.waitFor{Selector,XPath} in secondary world (#3856)2061dd4
- fix(page): teach waitForSelector to returnnull
(#3846)7446550
- docs(api.md): fix typo (#3848)62da236
- chore: introduce //lib/api.js (#3835)cd678fb
- chore(juggler): Roll Firefox to120450a
(#3842)1a79955
- chore(test): prepare tests to be run with Puppeteer-Firefox (#3833)7585e6d
- docs(api.md): expand puppeteer-core explanation (#3830)fb71012
- feat(page): use secondary world to drive clicks (#3828)89a5c39
- refactor: move to flatten protocol (#3827)678b8e8
- fix(page): use secondary DOMWorld to drive page.select() (#3809)c09835f
- feat(chromium): roll Chromium to r624487 (#3817)9fb89e1
- test: Add test for waitForFunction with cross-process navigation (#3826)9fd4b67
- fix(requestinterception): filter out "intervention" header (#3814)c48b574
- docs(juggler/readme.md): more troubleshooting for ff on mac (#3813)8426102
- docs(troubleshooting): fix bundle directions (#3808)a9ad1c3
- docs(juggler/README.md): Add possible solution FF-Build (#3801)f8615c8
- feat(chromium): roll Chromium to r623082 (#3785)4ac00ca
- refactor: split out DOMWorld from Frame (#3780)bea26a7
- chore(testrunner): sort workers numerically when terminating (#3782)489be90
- test: move tracing tests to one-per-browser (#3781)91c4501
- test(coverage): add failing test for skipping all debugger statements (#3779)4e1e2fb
- fix(screenshot): round the clip dimensions (#3778)e574190
- feat(chromium): roll Chromium to r622871 (#3777)04fbbd7
- fix(network): relax request matching heuristic (#3775)e8bb26e
- refactor: split out classes into files (#3773)4e9e3bc
- refactor: consolidate all events in Events.js (#3772)71edfc7
- feat(chromium): roll Chromium to r622472 (#3771)9083c11
- fix(frames): make sure evaluation does not hang in detached iframes (#3770)02ae552
- chore(ci): another sad attempt to fix travis deployment (#3769)2e36b55
- docs(readme): migrate travis.org shield to travis.com (#3767)7daeafc
- chore(ci): yet another attempt to fix travis auto-deployment (#3768)7fabf32
- feat(executioncontext): warn on nested js handle (#3591)d346cb5
- chore: cleanup puppeteer.connect({browserURL}) (#3766)15af75f
- feat(launcher): add browserUrl option to puppeteer.connect (#3558)81cf579
- chore(ci): another attempt to fix travis autopublish (#3759)f933f59
- chore(ci): attempt to fix travis (#3758)96adedf
- fix(screenshots): throw on 0x0 screenshots (#3756)29a2438
- chore(types): Upgrade TypeScript to 3.2.2 (#3754)c44564a
- feat(docs): mention puppeteer@chrome tagged releases (#3528)0505c81
- test: add test for multiline waittask (#3753)f731973
- fix(page): page.waitForFunction should work with multiline strings (#3727)89fc2ad
- fix(page): consoleMessage.location() should work with workers (#3752)0c86763
- feat(page): introduce consoleMessage.location() (#3365)16fc28b
- test: make sure headful browser closes with beforeuload page (#3751)4c48b77
- chore(examples): exclude localhost from proxy bypass list (#3742)82bef70
- docs(troubleshooting.md): Update running on Alpine example (#3708)1899e79
- feat: enable Network Service by default (#3738)c86bc0f
- feat(chromium): roll Chromium to r620317 (#3732)1e66d33
- docs(api.md): better documentation for PUPPETEER_DOWNLOAD_HOST (#3669)3d82465
- fix(page): fix repetitative setContent calls (#3666)8aaca4e
- feat(page): introduce "Popup" event (#3661)c90392b
- feat: introduce page.browserContext() (#3655)4346fa1
- feat(chromium): roll Chromium to r615489 (#3653)0cccc58
- fix: ignore the experimental folder for npm (#3636)2c4198f
- docs(readme): update experimental readmec81f03c
- docs(readme): fix pptrfx readme (#3634)be836be
- docs(pptrfx): update readme (#3633)b874529
- readme(pptr-firefox): adjustments (#3632)45ab3e0
- feat: introduce puppeteer-firefox (#3628)8613e87
- docs(troubleshooting.md): Update troubleshooting.md (#3606)cdaa604
- docs(examples): adding puppetry tool (#3598)68afb3c
- docs(troubleshooting): Update docs about copying file for setuid sandbox (#3608)45c4477
- chore: bump version to v1.11.0-post (#3613)v1.11.0
Compare Source
Big Changes
page.setContent
now awaits resource loading (927d0f4
)API Changes
Changed:
page.setContent
(927d0f4
) now acceptswaitUntil
option similar topage.goto
.Bug Fixes
Raw Notes
a0cbaf3
- chore(types): lint the api docs with typescript (#3577)fb5b080
- feat(chromium): roll Chromium to r609904 (#3587)6656519
- test: split out dialog tests (#3586)309cbe6
- test: split out navigation tests (#3585)d61916b
- test: split out evaluation tests (#3584)e839189
- test: split input tests into keyboard, mouse and touchscreen (#3583)25f4f26
- test: extract clicking tests (#3582)a181bdd
- test: split out emulation tests (#3581)a5b1978
- test: split out waittask tests (#3580)e5830d1
- test: split queryselector tests into separate file (#3579)aa9fb82
- test: split screenshot tests into separate file (#3578)a04100c
- docs(troubleshooting): added link to alixaxel/chrome-aws-lambda (#3576)927d0f4
- feat(page): support waitUntil option forpage.setContent
(#3557)e2e43bc
- fix(page): navigating 11 pages simultaneously should not throw warning (#3560)86e0959
- docs(api.md): mark optional arguments in signatures (#3565)f6bfa32
- docs(api.md): fixes #3517 (#3561)d9d9996
- feat(chromium): roll Chromium to r608752 (#3555)03d8746
- test(accessibility): Fix duplicated test (#3539)95a19c7
- fix(page): dispatch errors into page (#3550)c185eee
- feat(install): support configurations in package.json (#3449)766a951
- docs(troubleshooting): update on sandboxing (#3531)eb7bd9d
- test: setup sandbox on linux (#3530)10a4c8c
- docs(troubleshooting): modern linux sandboxing5687343
- fix(types): fix parameters where they disagree with the api (#3525)27ea226
- test: fix workers test (#3527)d3f50ea
- chore: update dependencies (#3526)1d671c6
- chore(bisect): properly output bisect ranges + output styling (#3523)576c8f8
- chore(chromium): roll Chromium to r606647 (#3522)6693537
- chore: add utils/bisect.js to bisect chromium revisions (#3511)59e7e8c
- docs(api.md): update returned value description (#3514)79ec7a3
- fix(types): fix return types where JSDoc and api.md disagree (#3512)04b6ca8
- Fix dead link (#3497)b9f2104
- test(cookies): Remove duplicated test. (#3492)52a1030
- feat(chromium): roll Chromium to r604907 (#3488)6b65407
- test: unflake cookie test on windows (#3489)60a8d41
- chore: bump version to v1.10.0-post (#3483)v1.10.0
Compare Source
Big Changes
API Changes
Added:
browser.waitForTarget
(6ac66c3
)browserContext.waitForTarget
(6ac66c3
)page.accessibility
(9ba3261
)Bug Fixes
Raw Notes
cffcaad
- chore: mark version v1.10.09ba3261
- feat(accessibility): snapshot the accessibility tree (#3470)eca3c6b
- test(cookies): cookies from headful now work in headless (#3481)3596c5f
- fix(page.evaluate): better function serialization (#3480)e061007
- docs(api.md): update compatibility table4110087
- docs(puppeteer-web): a note about running inside extension (#3477)8e93eab
- docs(api.md): add example to override request headers (#3475)2a88690
- fix(launcher): add flags to improve reliability (#3474)3dd5c28
- fix(pipe): dispatch "disconnected" event when browser is terminated (#3472)9800b2c
- docs(api.md): Fix missingawait
in extension example (#3447)81edbbb
- fix(clicking): handle negative area results in computeQuadArea (#3413)fae441c
- docs(troubleshooting): add workarounds for code transpilation (#3399)cf8c62e
- docs(api.md): Fix ElementHandle example (#3401)d025d1f
- fix(csscoverage): don't prematurely disable the CSS domain (#3418)a4cebd8
- feat(chromium): roll Chromium to r599821 (#3414)0fd3bfb
- test(CSSCoverage): failing test when a stylesheet was recently added (#3400)a04dedc
- docs(troubleshooting.md): run non-headless on CI (#3353)0bb462c
- docs(readme): clarify SPA and SSR (#3363)6ac66c3
- feat: browser.waitForTarget (#3356)07febb6
- fix: add missing location property to some key descriptors (#3354)90d1fe8
- docs(api): fixed grammatical error (it's -> its) #3352af4209f
- chore: bump version to v1.9.0-post (#3351)v1.9.0
Compare Source
Big Changes
frame.goto
andframe.waitForNavigation
API Changes
Added:
browser.target()
(4e48dfc
)frame.goto(url, options)
(5acf953
)frame.waitForNavigation(options)
(5acf953
)response.frame()
(5acf953
)Bug Fixes
omitBackground: true
Raw Notes
4abf7d1
- docs(bundling): add docs about bundling for web (#3348)8becb31
- test: add failing test for page.select (#3346)5ebfe1a
- docs(contributing): remove the --filter note (#3342)cd54ce3
- fix(types): upgrade node types to 8.10.34 (#3341)c9657f8
- docs(api.md): minor grammar and consistency fixes (#3320)c237947
- chore(types): upgrade to TypeScript 3.1.1 (#3331)842fee8
- fix(page): full page screenshot when defaultViewport is null (#3306)e75e36b
- feat(chromium): roll Chromium to r594312 (#3310)85aca8e
- chore(testserver): prepare test server (#3294)9c89090
- chore(testrunner): fix readme description (#3293)[
12e317c
](https://togithub.com/Renovate configuration
📅 Schedule: "" (UTC).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by WhiteSource Renovate. View repository job log here.