Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade whatwg-url from 7.1.0 to 14.0.0 #3

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade whatwg-url from 7.1.0 to 14.0.0 #3

wants to merge 1 commit into from

Conversation

snyk-io[bot]
Copy link

@snyk-io snyk-io bot commented Sep 23, 2024

snyk-top-banner

Snyk has created this PR to upgrade whatwg-url from 7.1.0 to 14.0.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

  • The recommended version is 18 versions ahead of your current version.

  • The recommended version was released on a year ago.

Release notes
Package name: whatwg-url
  • 14.0.0 - 2023-11-05

    Breaking change: removed Node.js v16 support.

  • 13.0.0 - 2023-05-28

    Breaking change: removed Node.js v14 support.

    Added URL.canParse(), per whatwg/url@ae3c28b.

    Added URLSearchParams's size getter, per whatwg/url@12b6f0c.

    Added optional second value argument to URLSearchParams's has() and delete() methods, per whatwg/url@bfb9157.

    Changed the serialization of the origin of blob: URLs whose inner URLs were not http: or https: to be "null", per whatwg/url@eee49fd.

  • 12.0.1 - 2023-03-08

    Updated our tr46 dependency, which brings along several fixes related to international domain names. Such as:

    • Empty domain name labels, as in https://xn--4-0bd15808a.../, no longer cause URL parsing to fail.
    • Invalid punycode-encoded domain name labels, as in http://xn--ls8h=/, now correctly cause URL parsing to fail.
    • Includes support for Unicode 15.0.0.

    As part of this, we are now running against the newly-introduced test data derived from the Unicode Consortium-maintained IdnaTestV2.txt file, and passing them all.

  • 12.0.0 - 2023-01-03

    Breaking change: removed Node.js v12 support.

    Changed the characters allowed in domains vs. generic hosts, per whatwg/url@35e195a.

    Changed the URL API's search and hash setters, as well as the URLSearchParams API, to always ensure the URL is serialize-parse roundtrippable, per whatwg/url@fdaa0e5.

  • 11.0.0 - 2021-10-19

    The breaking changes in this release are only to the Low-level URL Standard API. No actual URL parsing or serialization behavior has changed, and users of the URL and URLSearchParams exports are not affected.

    These changes follow whatwg/url@fbaa03c.

    • Removed the URL record type's cannotBeABaseURL property.
    • Changed the URL record type's path from always being an array of strings, to being either a single string or an array of strings.
    • Renamed the "cannot-be-a-base-URL path" parser state (i.e. value for stateOverride) to "opaque path".
    • Added the serializePath(urlRecord) export.
    • Added the hasAnOpaquePath(urlRecord) export.
  • 10.0.0 - 2021-10-06

    The breaking changes in this release are to the API exported by the whatwg-url/webidl2js-wrapper module. In particular it now is based on webidl2js v17, which changes some of the exported function signatures, and changes the realms of any errors thrown on misuse.

  • 9.1.0 - 2021-08-05

    Made the host parser reject non-IPv4 domains that end in numbers, per whatwg/url@ab0e820.

  • 9.0.0 - 2021-06-26

    Breaking changes:

    • Removed Node.js v10 support.

    • The percentDecode() export was renamed percentDecodeBytes(), and now returns a Uint8Array instead of a Node.js Buffer.

    Other changes:

    • The package's main module now exports the percentDecodeString() helper.

    • The punycode and lodash dependencies were removed.

  • 8.7.0 - 2021-06-25

    Make the pathname setter not mess up the URL's path state tracking when given the empty string, per whatwg/url@0672f2e.

  • 8.6.0 - 2021-06-08

    Made the hostname setter do nothing if the given string contains a colon, per whatwg/url@ec96993.

    Updated punycode processing to support Unicode v13.

  • 8.5.0 - 2021-03-24
  • 8.4.0 - 2020-10-08
  • 8.3.0 - 2020-09-30
  • 8.2.2 - 2020-09-06
  • 8.2.1 - 2020-08-25
  • 8.2.0 - 2020-08-24
  • 8.1.0 - 2020-05-08
  • 8.0.0 - 2020-01-02
  • 7.1.0 - 2019-10-21
from whatwg-url GitHub release notes

Important

  • Warning: This PR contains a major version upgrade, and may be a breaking change.
  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-io
feat: upgrade whatwg-url from 7.1.0 to 14.0.0
2688964 
Snyk has created this PR to upgrade whatwg-url from 7.1.0 to 14.0.0.

See this package in npm:
whatwg-url

See this project in Snyk:
https://app.snyk.io/org/sherfeyinv/project/6ec88b49-227c-464e-8ce3-c161a8a2ab55?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants