Update dependency mocha to v6 #176

mend-for-github-com · 2022-11-20T12:37:28Z

This PR contains the following updates:

Package	Type	Update	Change
mocha (source)	devDependencies	major	`5.2.0` -> `6.2.3`

By merging this PR, the below issues will be automatically resolved and closed:

Severity	CVSS Score	CVE	GitHub Issue
Critical	9.8	CVE-2021-44906	#132
High	7.5	WS-2021-0638	#164
Medium	5.6	CVE-2020-7598	#20
Medium	5.3	WS-2019-0425	#41

Release Notes

mochajs/mocha (mocha)

`v6.2.3`

Compare Source

🔒 Security Fixes

848d6fb8: Update dependencies mkdirp, yargs-parser and yargs (@juergba)

`v6.2.2`

Compare Source

🐛 Fixes

#4025: Fix duplicate EVENT_RUN_END events upon uncaught exception (@juergba)
#4051: Fix "unhide" function in html reporter (browser) (@pec9399)
#4063: Fix use of esm in Node.js v8.x (@boneskull)
#4033: Fix output when multiple async exceptions are thrown (@juergba)

📖 Documentation

#4046: Site accessibility fixes (@Mia-jeong)
#4026: Update docs for custom reporters in browser (@Lindsay-Needs-Sleep)
#3971: Adopt new OpenJS Foundation Code of Conduct (@craigtaub)

`v6.2.1`

Compare Source

🐛 Fixes

#3955: tty.getWindowSize is not a function inside a "worker_threads" worker (@1999)
#3970: remove extraGlobals() (@juergba)
#3984: Update yargs-unparser to v1.6.0 (@juergba)
#3983: Package 'esm': spawn child-process for correct loading (@juergba)
#3986: Update yargs to v13.3.0 and yargs-parser to v13.1.1 (@juergba)

📖 Documentation

#3886: fix styles on mochajs.org (@outsideris)
#3966: Remove jsdoc index.html placeholder from eleventy file structure and fix broken link in jsdoc tutorial (@Munter)
#3765: Add Matomo to website (@MarioDiaz98)
#3947: Clarify effect of .skip() (@oliversalzburg)

`v6.2.0`

Compare Source

🎉 Enhancements

#3827: Do not fork child-process if no Node flags are present (@boneskull)
#3725: Base reporter store ref to console.log, see mocha/wiki (@craigtaub)

🐛 Fixes

#3942: Fix "No test files found" Error when file is passed via --file (@gabegorelick)
#3914: Modify Mocha constructor to accept options global or globals (@pascalpp)
#3894: Fix parsing of config files with _mocha binary (@juergba)
#3834: Fix CLI parsing with default values (@boneskull, @juergba)
#3831: Fix --timeout/--slow string values and duplicate arguments (@boneskull, @juergba)

📖 Documentation

#3906: Document option to define custom report name for XUnit reporter (@pkuczynski)
#3889: Adds doc links for mocha-examples (@craigtaub)
#3887: Fix broken links (@toyjhlee)
#3841: Fix anchors to configuration section (@trescube)

🔍 Coverage

#3915, #3929: Increase tests coverage for --watch options (@geigerzaehler)

🔩 Other

#3953: Collect test files later, prepares improvements to the --watch mode behavior (@geigerzaehler)
#3939: Upgrade for npm audit (@boneskull)
#3930: Extract runWatch into separate module (@geigerzaehler)
#3922: Add mocha.min.js file to stacktrace filter (@brian-lagerman)
#3919: Update CI config files to use Node-12.x (@plroebuck)
#3892: Rework reporter tests (@plroebuck)
#3872: Rename --exclude to --ignore and create alias (@boneskull)
#3963: Hide stacktrace when cli args are missing (@outsideris)
#3956: Do not redeclare variable in docs array example (@DanielRuf)
#3957: Remove duplicate line-height property in mocha.css (@DanielRuf)
#3960: Don't re-initialize grep option on watch re-run (@geigerzaehler)

🐛 Fixes

#3863: Fix yargs-related global scope pollution (@inukshuk)
#3869: Fix failure when installed w/ pnpm (@boneskull)

`v6.1.2`

Compare Source

🐛 Fixes

#3867: Re-publish v6.1.1 from POSIX OS to avoid dropped executable flags (@boneskull)

`v6.1.1`

Compare Source

🐛 Fixes

#3866: Fix Windows End-of-Line publishing issue (@juergba & @cspotcode)

`v6.1.0`

Compare Source

🔒 Security Fixes

#3845: Update dependency "js-yaml" to v3.13.0 per npm security advisory (@plroebuck)

🎉 Enhancements

#3766: Make reporter constructor support optional options parameter (@plroebuck)
#3760: Add support for config files with .jsonc extension (@sstephant)

📠 Deprecations

These are soft-deprecated, and will emit a warning upon use. Support will be removed in (likely) the next major version of Mocha:

#3719: Deprecate this.skip() for "after all" hooks (@juergba)

🐛 Fixes

#3829: Use cwd-relative pathname to load config file (@plroebuck)
#3745: Fix async calls of this.skip() in "before each" hooks (@juergba)
#3669: Enable --allow-uncaught for uncaught exceptions thrown inside hooks (@givanse)

and some regressions:

#3848: Fix Suite cloning by copying root property (@fatso83)
#3816: Guard against undefined timeout option (@boneskull)
#3814: Update "yargs" in order to avoid deprecation message (@boneskull)
#3788: Fix support for multiple node flags (@aginzberg)

📖 Documentation

mochajs/mocha-examples: New repository of working examples of common configurations using mocha (@craigtaub)
#3850: Remove pound icon showing on header hover on docs (@jd2rogers2)
#3812: Add autoprefixer to documentation page CSS (@Munter)
#3811: Update doc examples "tests.html" (@DavidLi119)
#3807: Mocha website HTML tweaks (@plroebuck)
#3793: Update config file example ".mocharc.yml" (@cspotcode)

🔩 Other

#3830: Replace dependency "findup-sync" with "find-up" for faster startup (@cspotcode)
#3799: Update devDependencies to fix many npm vulnerabilities (@XhmikosR)

`v6.0.2`

Compare Source

🐛 Fixes

Two more regressions fixed:

#3768: Test file paths no longer dropped from mocha.opts (@boneskull)
#3767: --require does not break on module names that look like certain node flags (@boneskull)

`v6.0.1`

Compare Source

The obligatory round of post-major-release bugfixes.

🐛 Fixes

These issues were regressions.

#3754: Mocha again finds test.js when run without arguments (@plroebuck)
#3756: Mocha again supports third-party interfaces via --ui (@boneskull)
#3755: Fix broken --watch (@boneskull)
#3759: Fix unwelcome deprecation notice when Mocha run against languages (CoffeeScript) with implicit return statements; returning a non-undefined value from a describe callback is no longer considered deprecated (@boneskull)

📖 Documentation

#3738: Upgrade to @mocha/docdash@2 (@tendonstrength)
#3751: Use preferred names for example config files (@Szauka)

`v6.0.0`

Compare Source

🎉 Enhancements

#3726: Add ability to unload files from require cache (@plroebuck)

🐛 Fixes

#3737: Fix falsy values from options globals (@plroebuck)
#3707: Fix encapsulation issues for Suite#_onlyTests and Suite#_onlySuites (@vkarpov15)
#3711: Fix diagnostic messages dealing with plurality and markup of output (@plroebuck)
#3723: Fix "reporter-option" to allow comma-separated options (@boneskull)
#3722: Fix code quality and performance of lookupFiles and files (@plroebuck)
#3650, #3654: Fix noisy error message when no files found (@craigtaub)
#3632: Tests having an empty title are no longer confused with the "root" suite (@juergba)
#3666: Fix missing error codes (@vkarpov15)
#3684: Fix exiting problem in Node.js v11.7.0+ (@addaleax)
#3691: Fix --delay (and other boolean options) not working in all cases (@boneskull)
#3692: Fix invalid command-line argument usage not causing actual errors (@boneskull)
#3698, #3699: Fix debug-related Node.js options not working in all cases (@boneskull)
#3700: Growl notifications now show the correct number of tests run (@outsideris)
#3686: Avoid potential ReDoS when diffing large objects (@cyjake)
#3715: Fix incorrect order of emitted events when used programmatically (@boneskull)
#3706: Fix regression wherein --reporter-option/--reporter-options did not support comma-separated key/value pairs (@boneskull)

📖 Documentation

#3652: Switch from Jekyll to Eleventy (@Munter)

🔩 Other

#3677: Add error objects for createUnsupportedError and createInvalidExceptionError (@boneskull)
#3733: Removed unnecessary processing in post-processing hook (@wanseob)
#3730: Update nyc to latest version (@coreyfarrell)
#3648, #3680: Fixes to support latest versions of unexpected and unexpected-sinon (@sunesimonsen)
#3638: Add meta tag to site (@MartijnCuppens)
#3653: Fix parts of test suite failing to run on Windows (@boneskull)

If you want to rebase/retry this PR, check this box

mend-for-github-com bot added the security fix Security fix generated by WhiteSource label Nov 20, 2022

mend-for-github-com bot force-pushed the whitesource-remediate/mocha-6.x branch 15 times, most recently from 086f811 to fe390dc Compare December 11, 2022 11:44

mend-for-github-com bot force-pushed the whitesource-remediate/mocha-6.x branch 14 times, most recently from 8082ed6 to c8972bb Compare December 17, 2022 13:54

mend-for-github-com bot force-pushed the whitesource-remediate/mocha-6.x branch 23 times, most recently from e02582d to 7f86c05 Compare March 26, 2023 03:15

mend-for-github-com bot force-pushed the whitesource-remediate/mocha-6.x branch 4 times, most recently from 4eab2cb to 6b99f68 Compare March 31, 2023 05:21

mend-for-github-com bot force-pushed the whitesource-remediate/mocha-6.x branch from 6b99f68 to d15baed Compare June 15, 2023 07:48

Update dependency mocha to v6

19ff5b3

mend-for-github-com bot force-pushed the whitesource-remediate/mocha-6.x branch from d15baed to 19ff5b3 Compare June 20, 2023 00:11

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependency mocha to v6 #176

Update dependency mocha to v6 #176

mend-for-github-com bot commented Nov 20, 2022 •

edited

Update dependency mocha to v6 #176

Are you sure you want to change the base?

Update dependency mocha to v6 #176

Conversation

mend-for-github-com bot commented Nov 20, 2022 • edited

Release Notes

🔒 Security Fixes

🐛 Fixes

📖 Documentation

🐛 Fixes

📖 Documentation

🎉 Enhancements

🐛 Fixes

📖 Documentation

🔍 Coverage

🔩 Other

🔒 Security Fixes

🐛 Fixes

🐛 Fixes

🐛 Fixes

🔒 Security Fixes

🎉 Enhancements

📠 Deprecations

🐛 Fixes

📖 Documentation

🔩 Other

🐛 Fixes

🐛 Fixes

📖 Documentation

🎉 Enhancements

🐛 Fixes

📖 Documentation

🔩 Other

mend-for-github-com bot commented Nov 20, 2022 •

edited