Skip to content
This repository has been archived by the owner on Nov 20, 2024. It is now read-only.

chore(deps): update dependency happy-dom to v15 [security] #405

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 6, 2024

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
happy-dom 14.12.0 -> 15.10.2 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2024-51757

Impact

Consumers of the NPM package happy-dom

Patches

The security vulnerability has been patched in v15.10.2

Workarounds

No easy workarounds to my knowledge

References

#​1585


Release Notes

capricorn86/happy-dom (happy-dom)

v15.10.2

Compare Source

v15.10.1

Compare Source

v15.10.0

Compare Source

v15.9.0

Compare Source

v15.8.5

Compare Source

v15.8.4

Compare Source

v15.8.3

Compare Source

v15.8.2

Compare Source

v15.8.1

Compare Source

v15.8.0

Compare Source

v15.7.4

Compare Source

👷‍♂️ Patch fixes
  • Fixes incorrect handling of non-node items inserted using replaceWith(), before() and after() - By @​BenjaminAster in task #​1533

v15.7.3

Compare Source

👷‍♂️ Patch fixes
  • Fixes bug that occurs when checking if a symbol property exists on HTMLSelectElement - By @​Cherry in task #​1526

v15.7.2

Compare Source

👷‍♂️ Patch fixes
  • Fixes problem where it is not possible to observe again after disconnecting in MutationObserver - By @​capricorn86 in task #​1524

v15.7.1

Compare Source

👷‍♂️ Patch fixes
  • Fixes selector validation and converts selectors to string (e.g. querySelector(['.class'])) - By @​capricorn86 in task #​1507

v15.7.0

Compare Source

v15.6.1

Compare Source

v15.6.0

Compare Source

v15.5.0

Compare Source

v15.4.3

Compare Source

👷‍♂️ Patch fixes
  • Adds support for supporting new lines and tabs as white-space character in CSS selectors - By @​syi0808 in task #​1414

v15.4.2

Compare Source

👷‍♂️ Patch fixes

v15.4.1

Compare Source

👷‍♂️ Patch fixes
  • Throw error in FormData.append() when value parameter type is incorrect - By @​btea in task #​1484

v15.4.0

Compare Source

v15.3.2

Compare Source

👷‍♂️ Patch fixes
  • Fixes the HTMLInputElement.indeterminate, so that it behaves correctly - By @​malko in task #​1439

v15.3.1

Compare Source

v15.3.0

Compare Source

v15.2.0

Compare Source

🎨 Features

v15.1.0

Compare Source

🎨 Features
  • Refactor internal logic related to injecting the Window context for classes that can be constructed using the "new" operator - By @​capricorn86 in task #​1332
  • Improves the way classes can access the Browser context internally - By @​capricorn86 in task #​1332
  • Refactor of the logic for EventTarget.dispatchEvent() to better handle the event phases "none", "capture", "atTarget" and "bubbling" - By @​capricorn86 in task #​1332
  • Adds support for HTMLInputElement.popoverTargetElement, HTMLInputElement.popoverTargetAction, HTMLButtonElement.popoverTargetElement and HTMLButtonElement.popoverTargetAction - By @​capricorn86 in task #​1332
  • Adds support for HTMLElement.popover - By @​capricorn86 in task #​1332
  • Adds support for PerformanceObserver, PerformanceEntry and PerformanceObserverEntryList - By @​capricorn86 in task #​1332
👷‍♂️ Patch fixes
  • Makes it possible for a polyfill to replace NodeList[Symbol.iterator]() with Array.prototype.values() - By @​capricorn86 in task #​1332
  • Adds logic for canceling any request to start new async tasks while the Window is closing (e.g. using setTimeout() or fetch()) - By @​capricorn86 in task #​1332
  • Fixes issues with errors exiting the browser when using the setting "errorCapture" set to "processLevel" - By @​capricorn86 in task #​1332
    • Refactor internal logic, so that thrown errors are instances of unique error classes assigned to the Window, which makes it possible for BrowserExceptionObserver to know which Window the error originated from
  • Changes Event.composedPath() to not return the Window object if the event type is "load", which is the same behaviour as the browser - By @​capricorn86 in task #​1332
    • This means that "load" events will not bubble up to the Window object

v15.0.0

Compare Source

💣 Breaking Changes
  • Drops offical support for Node.js 16.x and 17.x - By @​capricorn86 in task #​1332
  • A lot of internal logic has been refactored, so if you rely on internal APIs, this release may break your code - By @​capricorn86 in task #​1332
🎨 Features
  • Adds support for HTMLAreaElement, HTMLBodyElement, HTMLQuoteElement, HTMLBRElement, HTMLTableCaptionElement, HTMLTableColElement, HTMLTableColElement, HTMLDataElement, HTMLDataListElement, HTMLModElement, HTMLDetailsElement, HTMLDivElement, HTMLDListElement, HTMLEmbedElement, HTMLFieldSetElement, HTMLHeadingElement, HTMLHeadElement, HTMLHRElement, HTMLHtmlElement, HTMLModElement, HTMLLegendElement, HTMLLIElement, HTMLMapElement, HTMLMenuElement, HTMLMeterElement, HTMLObjectElement, HTMLOListElement, HTMLOutputElement, HTMLParagraphElement, HTMLParamElement, HTMLPictureElement, HTMLPreElement, HTMLProgressElement, HTMLQuoteElement, HTMLSourceElement, HTMLSpanElement, HTMLTableElement, HTMLTableSectionElement, HTMLTableSectionElement, HTMLTitleElement, HTMLTableRowElement, HTMLTrackElement, HTMLUListElement - By @​capricorn86 in task #​1332
  • Adds basic support for HTMLCanvasElement - By @​capricorn86 in task #​1332
  • Adds support for History API - By @​capricorn86 in task #​1332
  • Adds cache to CSSStyleDeclaration, querySelector(), querySelectorAll(), getElementById(), getElementsByClassName(), getElementsByTagName(), getElementsByTagNameNS(), getElementsByClassName() - By @​capricorn86 in task #​1332
  • Uses proxy for NodeList, HTMLCollection, DOMTokenList, TextTrackList, HTMLFormElement, HTMLSelectElement
  • Makes HTMLCollection objects returned by getElementsByClassName(), getElementsByTagName(), getElementsByTagNameNS() and getElementsByClassName() live - By @​capricorn86 in task #​1332
  • Improves support for HTMLMediaElement - By @​capricorn86 in task #​1332
    • It now supports all methods and properties of the HTMLMediaElement interface
  • Adds support for MediaStream, MediaStreamTrack, RemotePlayback, TextTrack, TextTrackCue, TextTrackCueList, TextTrackList, VTTCue, VTTRegion, CanvasCaptureMediaStream, ImageBitmap, OffscreenCanvas - By @​capricorn86 in task #​1332
  • Adds basic support for IntersectionObserver - By @​capricorn86 in task #​1332
  • Uses Array for nodes and elements in the DOM-tree to leverage the JiT compiler better - By @​capricorn86 in task #​1332
  • Adds support for HTMLInputElement.list - By @​capricorn86 in task #​1332
  • Improves support for ShadowRoot (it now supports clonable, serializable and slotAssignment) - By @​capricorn86 in task #​1332
  • Adds support for Element.getHTML() - By @​capricorn86 in task #​1332
  • Improves performance for some pseudo query selectors - By @​capricorn86 in task #​1332
  • Improves support for HTMLSlotElement - By @​capricorn86 in task #​1332
    • It now supports assign(), assignedNodes(), assignedElements() and the slotchange event
👷‍♂️ Patch fixes
  • Attributes and text data wasn't escaped correctly in XMLSerializer (used by features such as innerHTML) - By @​capricorn86 in task #​1265
  • waitForNavigation() would not resolve when navigating to some URLs (e.g. "javascript" or "about:blank") - By @​capricorn86 in task #​1332
  • CSS rules for gradients where not parsed correctly - By @​capricorn86 in task #​1332
  • Updates to CSSStyleDeclaration would not trigger listeners for the "style" attribute - By @​capricorn86 in task #​1332
  • Attributes where added to elements after they were added to the DOM during parsing, causing problems for elements loading resources - By @​capricorn86 in task #​1332
  • Attr.cloneNode() would not clone internal values - By @​capricorn86 in task #​1332
  • Document.title included text data inside child elements, which it shouldn't - By @​capricorn86 in task #​1332
  • Event.preventDefault() shouldn't cancel the default behaviour if cancelable is not sent as an option in EventTarget.dispatchEvent() - By @​capricorn86 in task #​1332
  • Source attributes containing URLs would not be resolved correctly in some elements - By @​capricorn86 in task #​1332
  • Changes name on TimeRange to TimeRanges - By @​capricorn86 in task #​1332
  • Window.parent and Window.top would not be set correctly in some scenarios - By @​capricorn86 in task #​1332

v14.12.3

Compare Source

👷‍♂️ Patch fixes
  • Element.insertBefore works when the node is already inserted - In task #​1429

v14.12.2

Compare Source

👷‍♂️ Patch fixes
  • Fixes problem related to the cookie container using the wrong path when caching cookies - By @​matcic in task #​1455

v14.12.1

Compare Source

👷‍♂️ Patch fixes
  • Fixes problem related to React click handler with preventDefault not preventing navigation - By @​amitdahan in task #​1464

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Copy link

changeset-bot bot commented Nov 6, 2024

⚠️ No Changeset found

Latest commit: 2d760b6

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

Copy link
Contributor

github-actions bot commented Nov 6, 2024

Run report for 2d760b6e

Total time: 1m 11s | Comparison time: 1m 11s | Estimated loss: 128.2ms (0.2% slower)

Action Time Status Info
🟩 SyncWorkspace 5.6ms Passed
⬛️ SetupToolchain(node:global) 2.2s Skipped
🟩 SyncProject(node, worker-playground) 0.3ms Passed
🟩 SyncProject(node, typesense-xior) 1ms Passed
🟩 SyncProject(node, custom-field) 1ms Passed
🟩 SyncProject(node, jose-browser) 0.2ms Passed
🟩 SyncProject(node, code-highlight) 0.3ms Passed
🟩 SyncProject(node, karbon-utils) 0.2ms Passed
🟩 SyncProject(node, karbon) 0.5ms Passed
🟩 SyncProject(node, playground) 0.2ms Passed
🟩 SyncProject(node, karbon-monorepo) 0.1ms Passed
🟩 InstallWorkspaceDeps(node:global) 33.9s Passed
🟪 RunTask(custom-field:build) 30ms Cached
🟪 RunTask(jose-browser:build) 36ms Cached
🟪 RunTask(typesense-xior:build) 45.4ms Cached
🟪 RunTask(code-highlight:build) 46ms Cached
🟩 RunTask(karbon-utils:build) 3.9s Passed
🟩 RunTask(worker-playground:test-run) 3.6s Passed
🟩 RunTask(karbon:dev-stub) 4s Passed
🟩 RunTask(karbon:dev-prepare) 5.2s Passed
And 8 more...
Expanded report
Action Time Status Info
🟩 RunTask(karbon:bundle-cli) 615.2ms Passed
🟩 RunTask(karbon:build-module) 15.2s Passed
🟩 RunTask(karbon:bundle-helper) 419.7ms Passed
🟩 RunTask(karbon:bundle-module) 500.1ms Passed
🟩 RunTask(karbon:build) 9.4ms Passed
🟩 RunTask(playground:dev-prepare) 3.1s Passed
🟩 RunTask(karbon-monorepo:build) 5.3ms Passed
🟩 RunTask(karbon-monorepo:test) 4s Passed
Touched files
packages/karbon-utils/package.json
yarn.lock

@renovate renovate bot force-pushed the renovate/npm-happy-dom-vulnerability branch from 95224d8 to 2d760b6 Compare November 6, 2024 21:51
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants