From 5f1c2c0915572dcc8ffc16172602eb0aefde2f4d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 6 Aug 2021 15:00:21 +0000
Subject: [PATCH] fix(deps): Bump ws from 7.5.0 to 7.5.3 (#169)
Bumps [ws](https://github.com/websockets/ws) from 7.5.0 to 7.5.3.
Release notes
Sourced from ws's releases.
7.5.3
Bug fixes
- The
WebSocketServer constructor now throws an error if more than one of the
noServer, server, and port options are specefied (66e58d27).
- Fixed a bug where a
'close' event was emitted by a WebSocketServer before
the internal HTTP/S server was actually closed (5a587304).
- Fixed a bug that allowed WebSocket connections to be established after
WebSocketServer.prototype.close() was called (772236a1).
7.5.2
Bug fixes
- The opening handshake is now aborted if the client receives a
Sec-WebSocket-Extensions header but no extension was requested or if the
server indicates an extension not requested by the client (aca94c86).
7.5.1
Bug fixes
- Fixed an issue that prevented the connection from being closed properly if an
error occurred simultaneously on both peers (b434b9f1).
Commits
4c1849a [dist] 7.5.3772236a [fix] Abort the handshake if the server is closing or closed5a58730 [fix] Emit the 'close' event after the server is closedea63b29 [minor] Fix typo66e58d2 [fix] Make the {noS,s}erver, and port options mutually exclusiveecb9d9e [minor] Improve JSDoc-inferred types (#1912)0ad1f9d [dist] 7.5.2aca94c8 [fix] Abort the handshake if an unexpected extension is received38c6c73 [dist] 7.5.12916006 [test] Add more tests for WebSocket.prototype.close()- Additional commits viewable in compare view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
---
package-lock.json | 6 +++---
package.json | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 1e3b01e4..ef1714fc 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -14562,9 +14562,9 @@
}
},
"ws": {
- "version": "7.5.0",
- "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.0.tgz",
- "integrity": "sha512-6ezXvzOZupqKj4jUqbQ9tXuJNo+BR2gU8fFRk3XCP3e0G6WT414u5ELe6Y0vtp7kmSJ3F7YWObSNr1ESsgi4vw=="
+ "version": "7.5.3",
+ "resolved": "https://registry.npmjs.org/ws/-/ws-7.5.3.tgz",
+ "integrity": "sha512-kQ/dHIzuLrS6Je9+uv81ueZomEwH0qVYstcAQ4/Z93K8zeko9gtAbttJWzoC5ukqXY1PpoouV3+VSOqEAFt5wg=="
},
"xml-name-validator": {
"version": "3.0.0",
diff --git a/package.json b/package.json
index 64f06be0..ab4f867e 100644
--- a/package.json
+++ b/package.json
@@ -46,7 +46,7 @@
"it-pipe": "^1.1.0",
"stream-to-it": "^0.2.4",
"verror": "^1.10.0",
- "ws": "^7.5.0"
+ "ws": "^7.5.3"
},
"devDependencies": {
"@relaycorp/relaynet-testing": "^1.3.0",