merge in updates #2
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…361) Bumps [webpack](https://github.com/webpack/webpack) from 5.39.0 to 5.76.0. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.39.0...v5.76.0) --- updated-dependencies: - dependency-name: webpack dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…355) Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.31 to 0.7.33. - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/changelog.md) - [Commits](faisalman/ua-parser-js@0.7.31...0.7.33) --- updated-dependencies: - dependency-name: ua-parser-js dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [engine.io](https://github.com/socketio/engine.io) and [socket.io](https://github.com/socketio/socket.io). These dependencies needed to be updated together. Updates `engine.io` from 6.1.3 to 6.4.1 - [Release notes](https://github.com/socketio/engine.io/releases) - [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md) - [Commits](socketio/engine.io@6.1.3...6.4.1) Updates `socket.io` from 4.4.1 to 4.6.1 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io@4.4.1...4.6.1) --- updated-dependencies: - dependency-name: engine.io dependency-type: indirect - dependency-name: socket.io dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [minimatch](https://github.com/isaacs/minimatch) to 3.1.2 and updates ancestor dependency [mocha](https://github.com/mochajs/mocha). These dependencies need to be updated together. Updates `minimatch` from 3.0.4 to 3.1.2 - [Release notes](https://github.com/isaacs/minimatch/releases) - [Commits](isaacs/minimatch@v3.0.4...v3.1.2) Updates `mocha` from 8.4.0 to 10.1.0 - [Release notes](https://github.com/mochajs/mocha/releases) - [Changelog](https://github.com/mochajs/mocha/blob/master/CHANGELOG.md) - [Commits](mochajs/mocha@v8.4.0...v10.1.0) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect - dependency-name: mocha dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [nanoid](https://github.com/ai/nanoid) and [mocha](https://github.com/mochajs/mocha). These dependencies needed to be updated together. Updates `nanoid` from 3.1.20 to 3.3.3 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](ai/nanoid@3.1.20...3.3.3) Updates `mocha` from 8.4.0 to 10.0.0 - [Release notes](https://github.com/mochajs/mocha/releases) - [Changelog](https://github.com/mochajs/mocha/blob/master/CHANGELOG.md) - [Commits](mochajs/mocha@v8.4.0...v10.0.0) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect - dependency-name: mocha dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [engine.io](https://github.com/socketio/engine.io) from 6.4.1 to 6.4.2. - [Release notes](https://github.com/socketio/engine.io/releases) - [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md) - [Commits](socketio/engine.io@6.4.1...6.4.2) --- updated-dependencies: - dependency-name: engine.io dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…371) Signing commit from @knst from #359 Co-authored-by: Konstantin Akimov <[email protected]>
#374) Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.2 to 4.2.3. - [Release notes](https://github.com/socketio/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io-parser@4.2.2...4.2.3) --- updated-dependencies: - dependency-name: socket.io-parser dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Add python 3.12 * Update cibuildwheel to 2.16.2
Update license
Updated dep-review
Update dep-review
On a bare OS install, one needs both python3 and python3.x-dev
* Update to actions/checkout@v4 * Update more workflows * Use upload-artifact@v4 * set upload overwrite * experimenting with new upload/download stuff
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.4 to 1.15.6. - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.4...v1.15.6) --- updated-dependencies: - dependency-name: follow-redirects dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](micromatch/braces@3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [ws](https://github.com/websockets/ws), [engine.io](https://github.com/socketio/engine.io) and [socket.io-adapter](https://github.com/socketio/socket.io-adapter). These dependencies needed to be updated together. Updates `ws` from 8.11.0 to 8.17.1 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@8.11.0...8.17.1) Updates `engine.io` from 6.5.3 to 6.5.5 - [Release notes](https://github.com/socketio/engine.io/releases) - [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md) - [Commits](socketio/engine.io@6.5.3...6.5.5) Updates `socket.io-adapter` from 2.5.2 to 2.5.5 - [Release notes](https://github.com/socketio/socket.io-adapter/releases) - [Changelog](https://github.com/socketio/socket.io-adapter/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io-adapter@2.5.2...2.5.5) --- updated-dependencies: - dependency-name: ws dependency-type: indirect - dependency-name: engine.io dependency-type: indirect - dependency-name: socket.io-adapter dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Update dep-review
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.4 to 6.5.7. - [Commits](indutny/elliptic@v6.5.4...v6.5.7) --- updated-dependencies: - dependency-name: elliptic dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Update commit-signing
Bumps [body-parser](https://github.com/expressjs/body-parser) from 1.20.2 to 1.20.3. - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.2...1.20.3) --- updated-dependencies: - dependency-name: body-parser dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [webpack](https://github.com/webpack/webpack) from 5.89.0 to 5.95.0. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.89.0...v5.95.0) --- updated-dependencies: - dependency-name: webpack dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.4 to 6.5.7. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/elliptic/commit/3e46a48fdd2ef2f89593e5e058d85530578c9761"><code>3e46a48</code></a> 6.5.7</li> <li><a href="https://github.com/indutny/elliptic/commit/accb61e9c1a005e5c8ff96a8b33893100bb42d11"><code>accb61e</code></a> lib: DER signature decoding correction</li> <li><a href="https://github.com/indutny/elliptic/commit/03e06e135c8e44a2da560fa197d0ba1e1e2759e9"><code>03e06e1</code></a> 6.5.6</li> <li><a href="https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281"><code>7ac5360</code></a> Merge commit from fork</li> <li><a href="https://github.com/indutny/elliptic/commit/75700785ff41bb5d029d19186beff26d4883caa5"><code>7570078</code></a> 6.5.5</li> <li><a href="https://github.com/indutny/elliptic/commit/206da2ee373e68466cde353f81fb59ef251b740b"><code>206da2e</code></a> lib: lint</li> <li><a href="https://github.com/indutny/elliptic/commit/0a78e0399ee1f5d919be6aa66b427c67a9df330d"><code>0a78e03</code></a> [Fix] restore node < 4 compat</li> <li>See full diff in <a href="https://github.com/indutny/elliptic/compare/v6.5.4...v6.5.7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Chia-Network/bls-signatures/network/alerts). </details>
Bumps [cookie](https://github.com/jshttp/cookie) and [socket.io](https://github.com/socketio/socket.io). These dependencies needed to be updated together. Updates `cookie` from 0.4.2 to 0.7.2 - [Release notes](https://github.com/jshttp/cookie/releases) - [Commits](jshttp/cookie@v0.4.2...v0.7.2) Updates `socket.io` from 4.7.2 to 4.8.0 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md) - [Commits](https://github.com/socketio/socket.io/compare/[email protected]) --- updated-dependencies: - dependency-name: cookie dependency-type: indirect - dependency-name: socket.io dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/micromatch/braces/commit/74b2db2938fad48a2ea54a9c8bf27a37a62c350d"><code>74b2db2</code></a> 3.0.3</li> <li><a href="https://github.com/micromatch/braces/commit/88f1429a0f47e1dd3813de35211fc97ffda27f9e"><code>88f1429</code></a> update eslint. lint, fix unit tests.</li> <li><a href="https://github.com/micromatch/braces/commit/415d660c3002d1ab7e63dbf490c9851da80596ff"><code>415d660</code></a> Snyk js braces 6838727 (<a href="https://redirect.github.com/micromatch/braces/issues/40">#40</a>)</li> <li><a href="https://github.com/micromatch/braces/commit/190510f79db1adf21d92798b0bb6fccc1f72c9d6"><code>190510f</code></a> fix tests, skip 1 test in test/braces.expand</li> <li><a href="https://github.com/micromatch/braces/commit/716eb9f12d820b145a831ad678618731927e8856"><code>716eb9f</code></a> readme bump</li> <li><a href="https://github.com/micromatch/braces/commit/a5851e57f45c3431a94d83fc565754bc10f5bbc3"><code>a5851e5</code></a> Merge pull request <a href="https://redirect.github.com/micromatch/braces/issues/37">#37</a> from coderaiser/fix/vulnerability</li> <li><a href="https://github.com/micromatch/braces/commit/2092bd1fb108d2c59bd62e243b70ad98db961538"><code>2092bd1</code></a> feature: braces: add maxSymbols (<a href="https://github.com/micromatch/braces/issues/">https://github.com/micromatch/braces/issues/</a>...</li> <li><a href="https://github.com/micromatch/braces/commit/9f5b4cf47329351bcb64287223ffb6ecc9a5e6d3"><code>9f5b4cf</code></a> fix: vulnerability (<a href="https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727">https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727</a>)</li> <li><a href="https://github.com/micromatch/braces/commit/98414f9f1fabe021736e26836d8306d5de747e0d"><code>98414f9</code></a> remove funding file</li> <li><a href="https://github.com/micromatch/braces/commit/665ab5d561c017a38ba7aafd92cc6655b91d8c14"><code>665ab5d</code></a> update keepEscaping doc (<a href="https://redirect.github.com/micromatch/braces/issues/27">#27</a>)</li> <li>Additional commits viewable in <a href="https://github.com/micromatch/braces/compare/3.0.2...3.0.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Chia-Network/bls-signatures/network/alerts). </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
Bumps [cookie](https://github.com/jshttp/cookie) and [socket.io](https://github.com/socketio/socket.io). These dependencies needed to be updated together. Updates `cookie` from 0.4.2 to 0.7.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jshttp/cookie/releases">cookie's releases</a>.</em></p> <blockquote> <h2>v0.7.2</h2> <p><strong>Fixed</strong></p> <ul> <li>Fix object assignment of <code>hasOwnProperty</code> (<a href="https://redirect.github.com/jshttp/cookie/issues/177">#177</a>) bc38ffd</li> </ul> <p><a href="https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2">https://github.com/jshttp/cookie/compare/v0.7.1...v0.7.2</a></p> <h2>0.7.1</h2> <p><strong>Fixed</strong></p> <ul> <li>Allow leading dot for domain (<a href="https://redirect.github.com/jshttp/cookie/issues/174">#174</a>) <ul> <li>Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec</li> </ul> </li> <li>Add fast path for <code>serialize</code> without options, use <code>obj.hasOwnProperty</code> when parsing (<a href="https://redirect.github.com/jshttp/cookie/issues/172">#172</a>)</li> </ul> <p><a href="https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1">https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1</a></p> <h2>0.7.0</h2> <ul> <li>perf: parse cookies ~10% faster (<a href="https://redirect.github.com/jshttp/cookie/issues/144">#144</a> by <a href="https://github.com/kurtextrem"><code>@kurtextrem</code></a> and <a href="https://redirect.github.com/jshttp/cookie/issues/170">#170</a>)</li> <li>fix: narrow the validation of cookies to match RFC6265 (<a href="https://redirect.github.com/jshttp/cookie/issues/167">#167</a> by <a href="https://github.com/bewinsnw"><code>@bewinsnw</code></a>)</li> <li>fix: add <code>main</code> to <code>package.json</code> for rspack (<a href="https://redirect.github.com/jshttp/cookie/issues/166">#166</a> by <a href="https://github.com/proudparrot2"><code>@proudparrot2</code></a>)</li> </ul> <p><a href="https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0">https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0</a></p> <h2>0.6.0</h2> <ul> <li>Add <code>partitioned</code> option</li> </ul> <h2>0.5.0</h2> <ul> <li>Add <code>priority</code> option</li> <li>Fix <code>expires</code> option to reject invalid dates</li> <li>pref: improve default decode speed</li> <li>pref: remove slow string split in parse</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jshttp/cookie/commit/d19eaa1a2bb9ca43ac0951edd852ba4e88e410e0"><code>d19eaa1</code></a> 0.7.2</li> <li><a href="https://github.com/jshttp/cookie/commit/bc38ffd0eae716b199236dda061d0bdc74192dd3"><code>bc38ffd</code></a> Fix object assignment of <code>hasOwnProperty</code> (<a href="https://redirect.github.com/jshttp/cookie/issues/177">#177</a>)</li> <li><a href="https://github.com/jshttp/cookie/commit/cf4658f492c5bd96aeaf5693c3500f8495031014"><code>cf4658f</code></a> 0.7.1</li> <li><a href="https://github.com/jshttp/cookie/commit/6a8b8f5a49af7897b98ebfb29a1c4955afa3d33e"><code>6a8b8f5</code></a> Allow leading dot for domain (<a href="https://redirect.github.com/jshttp/cookie/issues/174">#174</a>)</li> <li><a href="https://github.com/jshttp/cookie/commit/58015c0b93de0b63db245cfdc5a108e511a81ad0"><code>58015c0</code></a> Remove more code and perf wins (<a href="https://redirect.github.com/jshttp/cookie/issues/172">#172</a>)</li> <li><a href="https://github.com/jshttp/cookie/commit/ab057d6c06b94a7b1e3358e69a685ae49c97b627"><code>ab057d6</code></a> 0.7.0</li> <li><a href="https://github.com/jshttp/cookie/commit/5f02ca87688481dbcf155e49ca8b61732f30e542"><code>5f02ca8</code></a> Migrate history to GitHub releases</li> <li><a href="https://github.com/jshttp/cookie/commit/a5d591ce8447dd63821779724f96ad3c774c8579"><code>a5d591c</code></a> Migrate history to GitHub releases</li> <li><a href="https://github.com/jshttp/cookie/commit/51968f94b5e820adeceef505539fa193ffe2d105"><code>51968f9</code></a> Skip isNaN</li> <li><a href="https://github.com/jshttp/cookie/commit/9e7ca51ade4b325307eedd6b4dec190983e9e2cc"><code>9e7ca51</code></a> perf(parse): cache length, return early (<a href="https://redirect.github.com/jshttp/cookie/issues/144">#144</a>)</li> <li>Additional commits viewable in <a href="https://github.com/jshttp/cookie/compare/v0.4.2...v0.7.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~blakeembrey">blakeembrey</a>, a new releaser for cookie since your current version.</p> </details> <br /> Updates `socket.io` from 4.7.2 to 4.8.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/socketio/socket.io/releases">socket.io's releases</a>.</em></p> <blockquote> <h2>[email protected]</h2> <h3>Features</h3> <h4>Custom transport implementations</h4> <p>The <code>transports</code> option now accepts an array of transport implementations:</p> <pre lang="js"><code>import { io } from "socket.io-client"; import { XHR, WebSocket } from "engine.io-client"; <p>const socket = io({ transports: [XHR, WebSocket] }); </code></pre></p> <p>Here is the list of provided implementations:</p> <table> <thead> <tr> <th>Transport</th> <th>Description</th> </tr> </thead> <tbody> <tr> <td><code>Fetch</code></td> <td>HTTP long-polling based on the built-in <code>fetch()</code> method.</td> </tr> <tr> <td><code>NodeXHR</code></td> <td>HTTP long-polling based on the <code>XMLHttpRequest</code> object provided by the <code>xmlhttprequest-ssl</code> package.</td> </tr> <tr> <td><code>XHR</code></td> <td>HTTP long-polling based on the built-in <code>XMLHttpRequest</code> object.</td> </tr> <tr> <td><code>NodeWebSocket</code></td> <td>WebSocket transport based on the <code>WebSocket</code> object provided by the <code>ws</code> package.</td> </tr> <tr> <td><code>WebSocket</code></td> <td>WebSocket transport based on the built-in <code>WebSocket</code> object.</td> </tr> <tr> <td><code>WebTransport</code></td> <td>WebTransport transport based on the built-in <code>WebTransport</code> object.</td> </tr> </tbody> </table> <p>Usage:</p> <table> <thead> <tr> <th>Transport</th> <th>browser</th> <th>Node.js</th> <th>Deno</th> <th>Bun</th> </tr> </thead> <tbody> <tr> <td><code>Fetch</code></td> <td>:white_check_mark:</td> <td>:white_check_mark: (1)</td> <td>:white_check_mark:</td> <td>:white_check_mark:</td> </tr> <tr> <td><code>NodeXHR</code></td> <td></td> <td>:white_check_mark:</td> <td>:white_check_mark:</td> <td>:white_check_mark:</td> </tr> <tr> <td><code>XHR</code></td> <td>:white_check_mark:</td> <td></td> <td></td> <td></td> </tr> <tr> <td><code>NodeWebSocket</code></td> <td></td> <td>:white_check_mark:</td> <td>:white_check_mark:</td> <td>:white_check_mark:</td> </tr> <tr> <td><code>WebSocket</code></td> <td>:white_check_mark:</td> <td>:white_check_mark: (2)</td> <td>:white_check_mark:</td> <td>:white_check_mark:</td> </tr> <tr> <td><code>WebTransport</code></td> <td>:white_check_mark:</td> <td>:white_check_mark:</td> <td></td> <td></td> </tr> </tbody> </table> <p>(1) since <a href="https://nodejs.org/api/globals.html#fetch">v18.0.0</a> (2) since <a href="https://nodejs.org/api/globals.html#websocket">v21.0.0</a></p> <p>Added in <a href="https://github.com/socketio/engine.io-client/commit/f4d898ee9652939a4550a41ac0e8143056154c0a">f4d898e</a> and <a href="https://github.com/socketio/engine.io-client/commit/b11763beecfe4622867b4dec9d1db77460733ffb">b11763b</a>.</p> <h4>Test each low-level transports</h4> <p>When setting the <code>tryAllTransports</code> option to <code>true</code>, if the first transport (usually, HTTP long-polling) fails, then the other transports will be tested too:</p> <pre lang="js"><code>import { io } from "socket.io-client"; </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/socketio/socket.io/commit/d0fc72042068e7eaef448941add617f05e1ec236"><code>d0fc720</code></a> chore(release): [email protected]</li> <li><a href="https://github.com/socketio/socket.io/commit/4a0555c671b8e848e115e81bb1472e99f348e207"><code>4a0555c</code></a> chore(release): [email protected]</li> <li><a href="https://github.com/socketio/socket.io/commit/2b60df18a88432ced79042e63a62d40cd48c823b"><code>2b60df1</code></a> chore(release): [email protected]</li> <li><a href="https://github.com/socketio/socket.io/commit/d4cb3758564b008f98e5d60d81b87c9faf7fc553"><code>d4cb375</code></a> ci: ignore tests when publishing to npm</li> <li><a href="https://github.com/socketio/socket.io/commit/c251ae7ba77d43de73225770f1470eb2fa112c6d"><code>c251ae7</code></a> chore(release): [email protected]</li> <li><a href="https://github.com/socketio/socket.io/commit/8a2f5a3da0addb386e7a0f4970e1a9696b82797e"><code>8a2f5a3</code></a> fix(eio-client): move 'offline' event listener at the top</li> <li><a href="https://github.com/socketio/socket.io/commit/b04fa64365729244a9c50a6b54b12e9bcc9e55d0"><code>b04fa64</code></a> fix(sio): allow to join a room in a middleware (uws)</li> <li><a href="https://github.com/socketio/socket.io/commit/7085f0e3e46cd1fd41d952450b8d01b04de83daf"><code>7085f0e</code></a> refactor(sio-client): mangle private attributes</li> <li><a href="https://github.com/socketio/socket.io/commit/4f667082108235209df81d44f453826a3f5c08e7"><code>4f66708</code></a> chore(sio-client): use babel loose mode when transpiling classes</li> <li><a href="https://github.com/socketio/socket.io/commit/1a95db21454b5469cc43bb602bac774a57a8bd98"><code>1a95db2</code></a> chore(sio-client): add a script to compute the bundle size</li> <li>Additional commits viewable in <a href="https://github.com/socketio/socket.io/compare/[email protected]">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Chia-Network/bls-signatures/network/alerts). </details>
Bumps [webpack](https://github.com/webpack/webpack) from 5.89.0 to 5.95.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/webpack/webpack/releases">webpack's releases</a>.</em></p> <blockquote> <h2>v5.95.0</h2> <h2>Bug Fixes</h2> <ul> <li>Fixed hanging when attempting to read a symlink-like file that it can't read</li> <li>Handle <code>default</code> for import context element dependency</li> <li>Merge duplicate chunks call after split chunks</li> <li>Generate correctly code for dynamically importing the same file twice and destructuring</li> <li>Use content hash as [base] and [name] for extracted DataURI's</li> <li>Distinguish <code>module</code> and <code>import</code> in <code>module-import</code> for externals <code>import</code>'s</li> <li>[Types] Make <code>EnvironmentPlugin</code> default values types less strict</li> <li>[Types] Typescript 5.6 compatibility</li> </ul> <h2>New Features</h2> <ul> <li>Add new <code>optimization.avoidEntryIife</code> option (<code>true</code> by default for the <code>production</code> mode)</li> <li>Pass output.hash* options to loader context</li> </ul> <h2>Performance</h2> <ul> <li>Avoid unneeded re-visit in build chunk graph</li> </ul> <h2>v5.94.0</h2> <h2>Bug Fixes</h2> <ul> <li>Added runtime condition for harmony reexport checked</li> <li>Handle properly <code>data</code>/<code>http</code>/<code>https</code> protocols in source maps</li> <li>Make <code>bigint</code> optimistic when browserslist not found</li> <li>Move <code>@types/eslint-scope</code> to dev deps</li> <li>Related in asset stats is now always an array when no related found</li> <li>Handle ASI for export declarations</li> <li>Mangle destruction incorrect with export named default properly</li> <li>Fixed unexpected asi generation with sequence expression</li> <li>Fixed a lot of types</li> </ul> <h2>New Features</h2> <ul> <li>Added new external type "module-import"</li> <li>Support <code>webpackIgnore</code> for <code>new URL()</code> construction</li> <li>[CSS] <code>@import</code> pathinfo support</li> </ul> <h2>Security</h2> <ul> <li>Fixed DOM clobbering in auto public path</li> </ul> <h2>v5.93.0</h2> <h2>Bug Fixes</h2> <ul> <li>Generate correct relative path to runtime chunks</li> <li>Makes <code>DefinePlugin</code> quieter under default log level</li> <li>Fixed mangle destructuring default in namespace import</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/webpack/webpack/commit/e20fd634fd24fab2c821a6e6114ace706ca052d0"><code>e20fd63</code></a> chore(release): 5.95.0</li> <li><a href="https://github.com/webpack/webpack/commit/4866b0daf1dfd675a3e5d5b27656bf9529ffa106"><code>4866b0d</code></a> feat: added new <code>optimization.entryIife</code> option</li> <li><a href="https://github.com/webpack/webpack/commit/d90f6920f06b50ccf169b282aff6a8b0a23b43e3"><code>d90f692</code></a> fix: merge duplicate chunks after split chunks</li> <li><a href="https://github.com/webpack/webpack/commit/90dec30ff41ceb745b4e4d39ea1ecdb1cd3e39de"><code>90dec30</code></a> fix(externals): distinguish “module” and “import” in “module-import”</li> <li><a href="https://github.com/webpack/webpack/commit/c1a0a4666e62211a11b1489d16c45e41113b715a"><code>c1a0a46</code></a> fix(externals): distinguish “module” and “import” in “module-import”</li> <li><a href="https://github.com/webpack/webpack/commit/14d8fa8dd563350082a08519154ebce38064759c"><code>14d8fa8</code></a> fix: all tests cases</li> <li><a href="https://github.com/webpack/webpack/commit/dae16ad11e2d2accddc549a92082da3d2e667b01"><code>dae16ad</code></a> feat: pass output.hash* options to loader context</li> <li><a href="https://github.com/webpack/webpack/commit/75d185d27ecc0a73a7a743bc15dc734676da372c"><code>75d185d</code></a> feat: pass <code>output.hash*</code> options to loader context</li> <li><a href="https://github.com/webpack/webpack/commit/46e0b9cc05ae53755cda2d6b6b50be5ce6759d6f"><code>46e0b9c</code></a> test: update</li> <li><a href="https://github.com/webpack/webpack/commit/8e62f9f36b6030ba8de52ec3f6bda43927a1a963"><code>8e62f9f</code></a> test</li> <li>Additional commits viewable in <a href="https://github.com/webpack/webpack/compare/v5.89.0...v5.95.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Chia-Network/bls-signatures/network/alerts). </details>
Bumps [body-parser](https://github.com/expressjs/body-parser) from 1.20.2 to 1.20.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/expressjs/body-parser/releases">body-parser's releases</a>.</em></p> <blockquote> <h2>1.20.3</h2> <h2>What's Changed</h2> <h3>Important</h3> <ul> <li>deps: [email protected]</li> <li>add <code>depth</code> option to customize the depth level in the parser</li> <li><strong>IMPORTANT:</strong> The default <code>depth</code> level for parsing URL-encoded data is now <code>32</code> (previously was <code>Infinity</code>). <a href="https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth">Documentation</a></li> </ul> <h3>Other changes</h3> <ul> <li>chore: add support for OSSF scorecard reporting by <a href="https://github.com/inigomarquinez"><code>@inigomarquinez</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/522">expressjs/body-parser#522</a></li> <li>ci: fix errors in ci github action for node 8 and 9 by <a href="https://github.com/inigomarquinez"><code>@inigomarquinez</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/523">expressjs/body-parser#523</a></li> <li>fix: pin to [email protected] by <a href="https://github.com/wesleytodd"><code>@wesleytodd</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/527">expressjs/body-parser#527</a></li> <li>deps: [email protected] by <a href="https://github.com/melikhov-dev"><code>@melikhov-dev</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/521">expressjs/body-parser#521</a></li> <li>Add OSSF Scorecard badge by <a href="https://github.com/bjohansebas"><code>@bjohansebas</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/531">expressjs/body-parser#531</a></li> <li>Linter by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/534">expressjs/body-parser#534</a></li> <li>Release: 1.20.3 by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/535">expressjs/body-parser#535</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/inigomarquinez"><code>@inigomarquinez</code></a> made their first contribution in <a href="https://redirect.github.com/expressjs/body-parser/pull/522">expressjs/body-parser#522</a></li> <li><a href="https://github.com/melikhov-dev"><code>@melikhov-dev</code></a> made their first contribution in <a href="https://redirect.github.com/expressjs/body-parser/pull/521">expressjs/body-parser#521</a></li> <li><a href="https://github.com/bjohansebas"><code>@bjohansebas</code></a> made their first contribution in <a href="https://redirect.github.com/expressjs/body-parser/pull/531">expressjs/body-parser#531</a></li> <li><a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> made their first contribution in <a href="https://redirect.github.com/expressjs/body-parser/pull/534">expressjs/body-parser#534</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3">https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/expressjs/body-parser/blob/master/HISTORY.md">body-parser's changelog</a>.</em></p> <blockquote> <h1>1.20.3 / 2024-09-10</h1> <ul> <li>deps: [email protected]</li> <li>add <code>depth</code> option to customize the depth level in the parser</li> <li>IMPORTANT: The default <code>depth</code> level for parsing URL-encoded data is now <code>32</code> (previously was <code>Infinity</code>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/expressjs/body-parser/commit/17529513673e39ba79886a7ce3363320cf1c0c50"><code>1752951</code></a> 1.20.3</li> <li><a href="https://github.com/expressjs/body-parser/commit/39744cfe2ac4fb37a19ed7c43e3a74332f428e17"><code>39744cf</code></a> chore: linter (<a href="https://redirect.github.com/expressjs/body-parser/issues/534">#534</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"><code>b2695c4</code></a> Merge commit from fork</li> <li><a href="https://github.com/expressjs/body-parser/commit/ade0f3f82f91086d6cd2ed2cb4b0aff448fbc2e5"><code>ade0f3f</code></a> add scorecard to readme (<a href="https://redirect.github.com/expressjs/body-parser/issues/531">#531</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/99a1bd62456f932004b84767d6393bc261f75d36"><code>99a1bd6</code></a> deps: [email protected] (<a href="https://redirect.github.com/expressjs/body-parser/issues/521">#521</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/947859160527c7aaaa20da79e2c3ba542baaaf66"><code>9478591</code></a> fix: pin to [email protected]</li> <li><a href="https://github.com/expressjs/body-parser/commit/83db46a1e5512135ce01ed90b9132ee16a2657a8"><code>83db46a</code></a> ci: fix errors in ci github action for node 8 and 9 (<a href="https://redirect.github.com/expressjs/body-parser/issues/523">#523</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/9d4e2125b580b055b2a3aa140df9b8fce363af46"><code>9d4e212</code></a> chore: add support for OSSF scorecard reporting (<a href="https://redirect.github.com/expressjs/body-parser/issues/522">#522</a>)</li> <li>See full diff in <a href="https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~ulisesgascon">ulisesgascon</a>, a new releaser for body-parser since your current version.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Chia-Network/bls-signatures/network/alerts). </details>
…er (#471) * install python for blst nightly checks before building instead of after * Update build-blst-nightly.yml
Update dep-review
PoorMansChiaFarm
merged commit 6d46ede
into
PoorMansChiaFarm:main
39 of 50 checks passed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.