Skip to content

Bump eventsource and quasar-cli#28

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/eventsource-and-quasar-cli-1.1.2
Open

Bump eventsource and quasar-cli#28
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/eventsource-and-quasar-cli-1.1.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 7, 2023

Bumps eventsource to 1.1.2 and updates ancestor dependency quasar-cli. These dependencies need to be updated together.

Updates eventsource from 0.1.6 to 1.1.2

Changelog

Sourced from eventsource's changelog.

1.1.2

  • Inline origin resolution, drops original dependency (#281 Espen Hovlandsdal)

1.1.1

  • Do not include authorization and cookie headers on redirect to different origin (#273 Espen Hovlandsdal)

1.1.0

  • Improve performance for large messages across many chunks (#130 Trent Willis)
  • Add createConnection option for http or https requests (#120 Vasily Lavrov)
  • Support HTTP 302 redirects (#116 Ryan Bonte)
  • Prevent sequential errors from attempting multiple reconnections (#125 David Patty)
  • Add new to correct test (#111 Stéphane Alnet)
  • Fix reconnections attempts now happen more than once (#136 Icy Fish)

1.0.7

  • Add dispatchEvent to EventSource (#101 Ali Afroozeh)
  • Added checkServerIdentity option (#104 cintolas)
  • Surface request error message (#107 RasPhilCo)

1.0.6

  • Fix issue where a unicode sequence split in two chunks would lead to invalid messages (#108 Espen Hovlandsdal)
  • Change example to use eventsource/ssestream (Aslak Hellesøy)

1.0.5

  • Check for window existing before polyfilling. (#80 Neftaly Hernandez)

1.0.4

  • Pass withCredentials on to the XHR. (#79 Ken Mayer)

1.0.2

  • Fix proxy not working when proxy and target URL uses different protocols. (#76 Espen Hovlandsdal)
  • Make close() a prototype method instead of an instance method. (#77 Espen Hovlandsdal)

1.0.1

  • Reconnect if server responds with HTTP 500, 502, 503 or 504. (#74 Vykintas Narmontas)

1.0.0

  • Add missing removeEventListener-method. (#51 Yucheng Tu / Espen Hovlandsdal)
  • Fix EventSource reconnecting on non-200 responses. (af84476 Espen Hovlandsdal)
  • Add ability to customize https options. (#53 Rafael Alfaro)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by rexxars, a new releaser for eventsource since your current version.


Updates quasar-cli from 0.17.13 to 0.17.26

Release notes

Sourced from quasar-cli's releases.

0.17.25 - Security update

Updated lodash.template from 4.4.0 to 4.5.0

0.17.25 - Security update

Vulnerability found in webpack-bundle-analyzer. Upgraded it to 3.3.2

0.17.24

  • feat: Allow cordova mode to run on HTTPS while on dev #194
  • feat: Upgrade electron to v4, and electron-packager (if required) to v13
  • feat: Enforce correct build mode for Cordova on iOS with latest XCode

0.17.23

New

Upgraded to Quasar Framework v0.17.19

Security

Upgraded webpack-dev-server to v3.1.14 (webpack-dev-server "Missing Origin Validation" vulnerability #216)

v0.17.22

feat: Install Electron v3 (instead of v2) when adding Electron mode

v0.17.21

  • Updated deps: Quasar Framework v0.17.18, Quasar Extras v2.0.9, Webpack v4.25.1, workbox-webpack-plugin v3.6.3, and many others.

v0.17.20

  • fix: quasar.conf > build > gzip: true breaks build #184
  • feat: Greatly improve assets hashing -- fixes some browser caching issues
  • feat: Update to quasar-extras v2.0.8
  • feat: Add support for android-versionCode (#189)

v0.17.19

  • Dev on SSR gets stuck if ESLint reports any warning/error #183
  • Installing electron bundle deps fails -- log() undefined #182
  • Upgrade to webpack v4.19.1, Ouch v2, webpack-compression-plugin v2, file-loader v2, postcss-loader v3, webpack-chain v4.11.0
  • Upgrade to Quasar v0.17.16

v0.17.18

  • Update to Quasar v0.17.15

v0.17.17

Update to Quasar v0.17.14

v0.17.16

  • Updated to Quasar v0.17.13
  • Updated some deps (like webpack & workbox plugin)
  • Using router.beforeEach in app plugin fails with SSR
  • Fix missing "n" in ensure-deps.js (#175)

... (truncated)

Commits
  • 0f688f4 chore: Bump version
  • 3058629 chore(deps): bump lodash.template from 4.4.0 to 4.5.0 (#237)
  • 02acddb chore: Bump version
  • 44ab861 feat(deps) webpack-bundle-analyzer version bump (#233)
  • 524e541 chore: Bump version
  • a0350bc feat: Allow devserver's SSL certificate while on dev with HTTPS for cordova iOS
  • a825ff0 feat: Enforce correct build mode for Cordova on iOS with latest XCode
  • 57eb65e feat: Upgrade electron to v4, and electron-packager (if required) to v13
  • 28a8ace feat: Allow cordova mode to run on HTTPS while on dev #194
  • d8c0e7f Revert "Quasar-cli (#225)"
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump eventsource and quasar-cli
6efa2be 
Bumps [eventsource](https://github.com/EventSource/eventsource) to 1.1.2 and updates ancestor dependency [quasar-cli](https://github.com/quasarframework/quasar-cli). These dependencies need to be updated together.


Updates `eventsource` from 0.1.6 to 1.1.2
- [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md)
- [Commits](EventSource/eventsource@v0.1.6...v1.1.2)

Updates `quasar-cli` from 0.17.13 to 0.17.26
- [Release notes](https://github.com/quasarframework/quasar-cli/releases)
- [Commits](quasarframework/quasar-cli@v0.17.13...0.17.26)

---
updated-dependencies:
- dependency-name: eventsource
  dependency-type: indirect
- dependency-name: quasar-cli
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants