chore(deps-dev): bump sockjs-client from 1.5.1 to 1.5.2 #3739
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
dependabot
bot
requested review from
alexander-akait,
anshumanv,
hiroppy,
knagaitsev and
snitin315
as code owners
dependabot
bot
added
the
dependencies
Codecov Report
@@ Coverage Diff @@
## master #3739 +/- ##
=======================================
Coverage 92.87% 92.87%
=======================================
Files 14 14
Lines 1320 1320
Branches 466 466
=======================================
Hits 1226 1226
Misses 87 87
Partials 7 7 Continue to review full report at Codecov.
|
|
This addresses the vulnerability issue detected on Reference: |
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/sockjs-client-1.5.2
branch
from
16dad6b to
9f694d1
Compare
Bumps [sockjs-client](https://github.com/sockjs/sockjs-client) from 1.5.1 to 1.5.2. - [Release notes](https://github.com/sockjs/sockjs-client/releases) - [Changelog](https://github.com/sockjs/sockjs-client/blob/main/Changelog.md) - [Commits](sockjs/sockjs-client@v1.5.1...v1.5.2) --- updated-dependencies: - dependency-name: sockjs-client dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
force-pushed
the
dependabot/npm_and_yarn/sockjs-client-1.5.2
branch
from
9f694d1 to
d6fa573
Compare
alexander-akait
deleted the
dependabot/npm_and_yarn/sockjs-client-1.5.2
branch
|
@alexander-akait This PR only changed the |
|
Because we use |
|
@alexander-akait Thank you for the response. When the next release of |
|
I think we will do release today |
|
Hi all, what version of webpack-dev-server has this fix? Is it 4.1.0 or later? I checked the following, but I don't see any reference to this PR: https://github.com/webpack/webpack-dev-server/releases/tag/v4.1.0 |
Bumps sockjs-client from 1.5.1 to 1.5.2.
Release notes
Sourced from sockjs-client's releases.
Changelog
Sourced from sockjs-client's changelog.
Commits
71876b31.5.2a1cfabfUpdate url-parseff8b525Update README.mdDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)