Skip to content

[Snyk] Upgrade testcafe from 3.4.0 to 3.6.2 #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 7, 2024
Merged

[Snyk] Upgrade testcafe from 3.4.0 to 3.6.2 #6

merged 1 commit into from
Aug 7, 2024

Conversation

@hashim21223445
Copy link
Owner

@hashim21223445 hashim21223445 commented Aug 7, 2024

snyk-top-banner

Snyk has created this PR to upgrade testcafe from 3.4.0 to 3.6.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 8 versions ahead of your current version.

  • The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
medium severity Server-Side Request Forgery (SSRF)
SNYK-JS-IP-7148531		 119 Proof of Concept
Release notes
Package name: testcafe
  • 3.6.2 - 2024-07-03

    v3.6.2 (2024-07-02)

    Bug Fixes

    • [Native Automation] TestCafe incorrectly uploads files in Chrome v125 and up. (#8198)
    • TestCafe dependencies include the vulnerable endpoint-utils package (#8207). The updated version includes the address package instead.
  • 3.6.2-rc.1 - 2024-07-01

    What’s Changed

  • 3.6.1 - 2024-06-10

    v3.6.1 (2024-06-10)

    Bug Fixes

    • TestCafe incorrectly calculates the dimensions of multi-line elements. (#8179)
    • TestCafe incorrectly executes the resizeWindow method if you maximize the target window first. (#8157)
  • 3.6.1-rc.1 - 2024-06-04

    What’s Changed

  • 3.6.0 - 2024-04-25

    TestCafe v3.6.0 Released

    The TestCafe v3.6.0 update includes two minor changes and a number of bug fixes.

    New method: t.getCurrentCDPSession

    The t.getCurrentCDPSession method allows native automation users to examine and control the CDP connection between TestCafe and the browser.

    Use the method to obtain the Chrome DevTools Protocol object for the current session. The CDP object exposes properties and methods that pertain to the CDP connection between TestCafe and the active browser window.

    fixture Get current CDP session
    .page('https://devexpress.github.io/testcafe/example');

    test(Get current CDP session, async t => {
    const mainWindowId = await t.testRun.activeWindowId;

    <span class="pl-k">let</span> <span class="pl-s1">clientCDP</span> <span class="pl-c1">=</span> <span class="pl-k">await</span> <span class="pl-s1">t</span><span class="pl-kos">.</span><span class="pl-en">getCurrentCDPSession</span><span class="pl-kos">(</span><span class="pl-kos">)</span><span class="pl-kos">;</span>

<span class="pl-k">await</span> <span class="pl-s1">t</span><span class="pl-kos">.</span><span class="pl-en">expect</span><span class="pl-kos">(</span><span class="pl-s1">clientCDP</span><span class="pl-kos">.</span><span class="pl-c1">webSocketUrl</span><span class="pl-kos">)</span><span class="pl-kos">.</span><span class="pl-en">contains</span><span class="pl-kos">(</span><span class="pl-s1">mainWindowId</span><span class="pl-kos">)</span><span class="pl-kos">;</span>

    }

    Headless browser connection

    TestCafe v3.6.0 takes advantage of the recent Chromium headless mode upgrade. The new headless mode offers better reliability and higher emulation accuracy.

    The headless mode upgrade may cause unexpected changes to your tests' behavior. Take note of the following changes:

    • Headless Chromium now automatically upgrades insecure HTTP requests to HTTPS.
    • Headless Chromium does not always honor the --window-size flag. This behavior is a known Chromium bug.

    Bug Fixes

    1. [Native automation] TestCafe does not execute the maximizeWindow() method in beforeEach hooks (#8117)
    2. If TestCafe launch options include --esm, the framework crashes on launch in environments with Node.JS v20 and up (#8132)
    3. The Linux-based Docker image of TestCafe cannot run tests in headless Chromium (#8145)
    4. TestCafe incorrectly crops Safari screenshots (#8154)
  • 3.6.0-rc.1 - 2024-04-23

    What's Changed

    New Contributors

    Full Changelog: v3.5.0...v3.6.0-rc.1

  • 3.5.0 - 2023-12-28

    v3.5.0 (2023-12-28)

    TestCafe v3.5.0 includes multiple enhancements and bug fixes. Pass Selector queries to the Visual Selector Debugger, explore new ways to specify screenshot path patterns, and use a new experimental flag to run multi-window tests with native automation!

    meta-readmore

    Pass Selector queries to the Visual Selector Debugger

    When you pass a Selector query to the t.debug() method, TestCafe uses the query to populate the input field of the Visual Selector Debugger. The debugger highlights page elements that match the query.

    t.debug(Selector('#header'));

    Use a custom path pattern for screenshots of failed tests

    The pathPatternOnFails screenshot option allows TestCafe users to define a separate set of naming rules for screenshots taken on test failure. You can store these screenshots in a different folder, or add a common, recognizable element to their filenames. You can use this option on its own, or in conjunction with the pathPattern property.

    {
    "screenshots": {
        "pathPatternOnFails": "${DATE}_${TIME}/failedTests/test-${TEST_INDEX}/${USERAGENT}/${FILE_INDEX}.png"
    }
}

    Specify a path pattern for individual screenshots

    Use the pathPattern option of the t.takeScreenshot action to specify a custom naming pattern for an individual screenshot:

    t.takeScreenshot({
    pathPattern: "${DATE}_${TIME}/checkout-screenshot.png",
    fullPage: true
})

    (Experimental) Run multi-window tests with native automation

    TestCafe v2.5.0 was the first version of TestCafe to include native automation --- the capability to automate Chromium-based browsers with the native Chrome Debugging Protocol. This approach offers greater test stability and speed, but has a fair share of limitations. One of them is its incompatibility with multi-window tests.

    TestCafe v3.5.0 offers an experimental solution for this issue --- the --experimental-multiple-windows CLI flag. If you enable this flag, you can run multi-window tests with the native automation engine.

    The --experimental-multiple-windows mode does not support tests that include the following:

    • Pop-up windows that launch file downloads.
    • Browser window resizing.
    • Screenshots.
    • Video recording.

    Please do not use the --experimental-multiple-windows flag in production or for business-critical tasks.

    Bug Fixes

    • TypeScript compilation fails if project dependencies include '@ babel/plugin-transorm-runtime' v7.23.3 or greater (#8091).
    • If you enable concurrent test execution, TestCafe launches tests before the conclusion of the fixture.before hook (#6999).
    • The Fixture.disableConcurrency method does not disable concurrent test execution (8087).
    • TestCafe ignores the fullPage option when it takes screenshots on test failure (#7761).
    • [Native Automation] TestCafe cannot populate file input fields with the required attribute (#8079).
    • [Native Automation] TestCafe fails to execute tests that use service workers (#8005, #8054).
    • When an action target is obscured by a sticky element, TestCafe incorrectly calculates the scroll distance necessary to interact with the target. (#7377).
    • Incorrect processing of front-end scripts causes automation errors (#7713, #8067, testcafe-hammerhead#2969).
    • TestCafe incorrectly processes failing network requests when it runs on Node.js v16 and greater (#7097).
    • TestCafe incorrectly handles native dialogs in Mozilla Firefox (#6815).
  • 3.5.0-rc.1 - 2023-12-22

    What’s Changed

  • 3.4.0 - 2023-11-09

    TestCafe v3.4.0 Released

    TestCafe v3.4.0 introduces relative Role URLs, the ability to disable concurrency on a per-fixture basis, as well as other improvements and bug fixes.

    Enhancements

    Relative Role URLs

    Earlier versions of TestCafe did not support relative URLs for Role log-in pages. In TestCafe v3.4.0 and higher, if you set the baseUrl configuration file parameter or the --base-url CLI option, you can set a relative URL for a Role log-in page:

    import { Role } from 'testcafe';

    const userOne = Role('./login', async t => {
    /* log-in actions go here */
    });

    Disable concurrency on a per-fixture basis

    Concurrent test execution is not suitable for tests that can only run in a certain order. To ignore the global concurrency setting for a particular fixture, use the disableConcurrency fixture method.

    fixture`Fixture.disablePageCaching`
    .page`https://devexpress.github.io/testcafe/example/`
    .disableConcurrency;

    Development Mode Enhancements

    When you debug code inside a browser, the browser can appear unresponsive. Earlier versions of TestCafe automatically relaunched unresponsive browsers, including browsers that were used for debugging.

    TestCafe v3.4.0 does not relaunch unresponsive browsers if you enter development mode.

    Debug Panel Enhancements

    The debug panel includes a new "Hide Picker" button. Click this button to disable the Selector Debugger and hide the Selector input field.

    hide-selector-picker

    Bug Fixes

    • TestCafe incorrectly logs requests during concurrent test execution (#7977)
    • TestCafe does not load images with non-lowercase srcset attribute declarations (testcafe-hammerhead#2958)
    • TestCafe raises an unexpected client-side error when the application opens an ngx-formly form (#7758)
    • TestCafe cannot interact with page items at the edge of the viewport when the browser emulates a mobile device (#8057)
from testcafe GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade testcafe from 3.4.0 to 3.6.2
f531f5b 
Snyk has created this PR to upgrade testcafe from 3.4.0 to 3.6.2.

See this package in npm:
testcafe

See this project in Snyk:
https://app.snyk.io/org/hashim21223445/project/d406fa35-4c6f-445d-9a85-2adcf537803e?utm_source=github&utm_medium=referral&page=upgrade-pr
@hashim21223445 hashim21223445 merged commit 7a42165 into master Aug 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

.disableConcurrency flag not respected in quarantine mode Make path pattern smarter for errors screenshots

3 participants

@hashim21223445 @snyk-bot