Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

chore(deps): bump ws from 7.5.3 to 8.0.0 #3871

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
dependabot wants to merge 1 commit into main from dependabot/npm_and_yarn/ws-8.0.0

Conversation

Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 29, 2021

Bumps ws from 7.5.3 to 8.0.0.

Release notes

Sourced from ws's releases.

8.0.0

Breaking changes

  • The WebSocket constructor now throws a SyntaxError if any of the subprotocol names are invalid or duplicated (0aecf0c9).

  • The server now aborts the opening handshake if an invalid Sec-WebSocket-Protocol header field value is received (1877ddeb).

  • The protocols argument of handleProtocols hook is no longer an Array but a Set (1877ddeb).

  • The opening handshake is now aborted if the Sec-WebSocket-Extensions header field value begins or ends with a white space (e814110e).

  • Dropped support for Node.js < 10.0.0 (552b5067).

  • The WebSocket constructor now throws a SyntaxError if the connection URL contains a fragment identifier or if the URL's protocol is not one of 'ws:', 'wss:', or 'ws+unix:' (ebea038f).

  • Text messages and close reasons are no longer decoded to strings. They are passed as Buffers to the listeners of their respective events. The listeners of the 'message' event now take a boolean argument specifying whether or not the message is binary (e173423c).

    Existing code can be migrated by decoding the buffer explicitly.

    websocket.on('message', function message(data, isBinary) {
 const message = isBinary ? data : data.toString();
 // Continue as before.
});
websocket.on('close', function close(code, data) {
const reason = data.toString();
// Continue as before.
});

  • The package now uses an ES module wrapper (78adf5f7).

  • WebSocketServer.prototype.close() no longer closes existing connections (df7de574).

    Existing code can be migrated by closing the connections manually.

    websocketServer.close();
for (const ws of websocketServer.clients) {
 ws.terminate();
}

  • The callback of WebSocketServer.prototype.close() is now called with an error if the server is already closed (abde9cfc).

  • WebSocket.prototype.addEventListener() is now a noop if the type argument

... (truncated)

Commits
  • fc40248 [dist] 8.0.0
  • 21e6500 [major] Overhaul event classes
  • bd7febb [minor] Fix nits
  • 6756cf5 [fix] Return null if the event handler is not set
  • 8c61563 [fix] Make listeners added via event handler properties independent
  • ea95d9c [major] Ignore listeners not added with WebSocket#addEventListener()
  • 9558ed1 [major] Make WebSocket#addEventListener() ignore non standard events
  • 77a675c [minor] Remove unneeded setters
  • 64b3c71 [pkg] Update mocha to version 8.4.0
  • abde9cf [major] Call the callback with an error if the server is closed
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
 

Bumps [ws](https://github.com/websockets/ws) from 7.5.3 to 8.0.0.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](websockets/ws@7.5.3...8.0.0)
---
updated-dependencies:
- dependency-name: ws
 dependency-type: direct:production
 update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team as a code owner July 29, 2021 11:02
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript labels Jul 29, 2021
Copy link

codecov bot commented Jul 29, 2021

Codecov Report

Merging #3871 (a49920b) into main (7a5c457) will not change coverage.
The diff coverage is n/a.

❗ Current head a49920b differs from pull request most recent head 869c072. Consider uploading reports for the commit 869c072 to get more accurate results
Impacted file tree graph 

@@ Coverage Diff @@
## main #3871 +/- ##
=======================================
 Coverage 63.40% 63.40% 
=======================================
 Files 36 36 
 Lines 1872 1872 
 Branches 379 379 
=======================================
 Hits 1187 1187 
 Misses 582 582 
 Partials 103 103

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7a5c457...869c072. Read the comment docs.

Copy link
Member

Duplicate PR.
jsjoeio reacted with thumbs up emoji

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jul 30, 2021

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@code-asher code-asher deleted the dependabot/npm_and_yarn/ws-8.0.0 branch July 30, 2021 16:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant

AltStyle によって変換されたページ (->オリジナル) /