Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump socket.io-parser and artillery in /performance_tests/artillery #424

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 28, 2022

Bumps socket.io-parser to 3.3.2 and updates ancestor dependency artillery. These dependencies need to be updated together.

Updates socket.io-parser from 2.2.6 to 3.3.2

Release notes

Sourced from socket.io-parser's releases.

3.3.2

Bug Fixes

  • prevent DoS (OOM) via massive packets (#95) (89197a0)

Links

3.3.1

Links

3.3.0

Bug Fixes

  • remove any reference to the global variable (b47efb2)

Links

3.2.0

Bug fixes

  • properly detect typed arrays (#85)
  • properly handle JSON.stringify errors (#84)

Note

Binary detection was removed from the package (revert of socketio/socket.io-parser#66), so that we can disable the binary check earlier in the chain.

Links

3.1.3

Bug fixes

  • use ArrayBuffer.isView to check for typed arrays (#82)
  • ensure packet data is an array (#83)

#### Links

... (truncated)

Changelog

Sourced from socket.io-parser's changelog.

3.3.2 (2021-01-09)

Bug Fixes

  • prevent DoS (OOM) via massive packets (#95) (89197a0)

3.3.1 (2020-09-30)

Commits
  • 3b0a392 chore(release): 3.3.2
  • 89197a0 fix: prevent DoS (OOM) via massive packets (#95)
  • 25ca624 chore(release): 3.3.1
  • b51b39b test: use Node.js 10 for the browser tests
  • 4184e46 chore: bump component-emitter dependency
  • 0de72b9 [chore] Release 3.3.0
  • b47efb2 [fix] Remove any reference to the global variable
  • d95e38f [chore] Update the Makefile
  • b57e063 [test] Update travis configuration
  • 48f340e [refactor] Fix a small typo and code styling (#88)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by darrachequesne, a new releaser for socket.io-parser since your current version.


Updates artillery from 1.5.6 to 1.7.9

Release notes

Sourced from artillery's releases.

v1.7.9

Artillery v1.7.9

This is a maintenance release of the v1 release branch.

  • Fix bug with handling gzip-compressed responses (#1163)
  • Remove unused dependency (pidusage)

v1.7.5

No release notes provided.

v1.7.4

v1.7.3

  • Fix issue when templating keys with dots in them (#1015, #1017) - h/t @​TwelveNights
  • Update dependencies to address npm audit warnings

v1.7.2

  • Fix an issue where capture would not work with gzipped responses (#998)

v1.7.0

  • Now using Got as the underlying library for the HTTP engine 🥳

v1.6.2

This is a maintenance release off of 1.6.x branch.

  • Update recommended Node.js version to Node.js 12+
  • Update Request.js to latest version
  • Update dependencies to address security issues reported by npm audit

v1.6.1

This is a maintenance release of the v1.6.x branch.

This release adds support for preserving header casing in HTTP requests, but that feature is not yet implemented in the mainline branch. See #839 for more details.

Artillery 1.6.0-10

Changelog

  • Fix the bug where wrong concurrency stats would be reported (#375)
  • Allow for extra options to be passed in to the CSV parser (#381)
  • Fix error handling in onError hook functions (shoreditch-ops/artillery-core#204)

Artillery 1.6.0-9

Changelog

  • (CLI) Allow for parts of the script to be overridden from the command line with --overrides (#372)
  • (HTTP) Add support for looping over arrays with the over attribute (#207)
  • (HTTP) Add support for looping until a condition is met with a whileTrue hook (#207)

... (truncated)

Commits
  • 1897b3e 1.7.9
  • 5690cd9 dep: Remove pidusage - unused
  • 81bff8e fix(http): Emit "end" event even if the response is decompressed
  • 2dde495 1.7.8
  • b934dff feat(run): extend telemetry events
  • ab80c5b fix: Avoid loading plugins more than once
  • 1d021da 1.7.7
  • 3685b1b feat: provide temporary exports for pro
  • 61a9ff8 Merge pull request #1118 from flentini/feat/telemetry-updates
  • 905832b chore: disable telemetry when running npm test
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) to 3.3.2 and updates ancestor dependency [artillery](https://github.com/artilleryio/artillery). These dependencies need to be updated together.


Updates `socket.io-parser` from 2.2.6 to 3.3.2
- [Release notes](https://github.com/socketio/socket.io-parser/releases)
- [Changelog](https://github.com/socketio/socket.io-parser/blob/3.3.2/CHANGELOG.md)
- [Commits](socketio/socket.io-parser@2.2.6...3.3.2)

Updates `artillery` from 1.5.6 to 1.7.9
- [Release notes](https://github.com/artilleryio/artillery/releases)
- [Commits](artilleryio/artillery@1.5.6...v1.7.9)

---
updated-dependencies:
- dependency-name: socket.io-parser
  dependency-type: indirect
- dependency-name: artillery
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Oct 28, 2022
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 9, 2022

Superseded by #427.

@dependabot dependabot bot closed this Nov 9, 2022
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/performance_tests/artillery/socket.io-parser-and-artillery-3.3.2 branch November 9, 2022 22:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants