[Snyk] Upgrade chai from 4.2.0 to 4.3.6 #99
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade chai from 4.2.0 to 4.3.6.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-PATHVAL-596926
Why? Proof of Concept exploit, CVSS 6
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: chai
Update loupe to 2.3.1
v4.3.4...v4.3.5
This fixes broken inspect behavior with bigints (#1321) (#1383) thanks @ vapier
This reintroduces
Assertion
as an export in the mjs file. See #1378 & #1375This fixes a regression in IE11. See #1380 & #1379
This releases fixed an engine incompatibility with 4.3.0
The 4.x.x series of releases will be compatible with Node 4.0. Please report any errors found in Node 4 as bugs, and they will be fixed.
The 5.x.x series, when released, will drop support for Node 4.0
This fix also ensures
pathval
is updated to1.1.1
to fix CVE-2020-7751This is a minor release.
Not many changes have got in since the last release but this one contains a very important change (#1257) which will allow
jest
users to get better diffs. From this release onwards,jest
users will be able to see which operator was used in their diffs. Theoperator
is a property of theAssertionError
thrown when assertions fail. This flag indicates what kind of comparison was made.This is also an important change for plugin maintainers. Plugin maintainers will now have access to the
operator
flag, which they can have access to through an
utilmethod called
getOperator`.Thanks to all the amazing people that contributed to this release.
New Features
contain.oneOf
to take an array of possible values (@ voliva)closeTo
error message will now inform the user when adelta
is required (@ eouw0o83hf)Docs
Tests
useProxy
config is checked inoverwriteProperty
(@ vieiralucas)contain.oneOf
(@ voliva )Chores
Read more
Commit messages
Package name: chai
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs