Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps-dev): bump @sinonjs/fake-timers from 9.1.2 to 10.0.2 #1819

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 19, 2022

Bumps @sinonjs/fake-timers from 9.1.2 to 10.0.2.

Changelog

Sourced from @​sinonjs/fake-timers's changelog.

10.0.2 / 2022-12-15

  • Revert change to lock file. Back on v2

10.0.1 / 2022-12-15

  • fix: requestAnimationFrame args (#458)
  • chore: remove fsevents dependency (#455)
  • Upgrade dependencies (#440)
  • fix(runToLastAsync): tick the correct amount of time
  • Fix #441: update spelling of prop descriptor prop (#453)

10.0.0 / 2022-11-08

  • Prefer @​sinonjs/commons@​2
  • Drop node 12 (#428)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [@sinonjs/fake-timers](https://github.com/sinonjs/fake-timers) from 9.1.2 to 10.0.2.
- [Release notes](https://github.com/sinonjs/fake-timers/releases)
- [Changelog](https://github.com/sinonjs/fake-timers/blob/main/CHANGELOG.md)
- [Commits](sinonjs/fake-timers@v9.1.2...v10.0.2)

---
updated-dependencies:
- dependency-name: "@sinonjs/fake-timers"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Dec 19, 2022
@codecov-commenter
Copy link

codecov-commenter commented Dec 19, 2022

Codecov Report

Base: 87.27% // Head: 87.29% // Increases project coverage by +0.01% 🎉

Coverage data is based on head (aa7a31c) compared to base (b6844f0).
Patch has no changes to coverable lines.

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #1819      +/-   ##
==========================================
+ Coverage   87.27%   87.29%   +0.01%     
==========================================
  Files          66       66              
  Lines        5800     5800              
==========================================
+ Hits         5062     5063       +1     
+ Misses        738      737       -1     
Impacted Files Coverage Δ
lib/fetch/file.js 90.80% <0.00%> (+1.14%) ⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

@github-actions github-actions bot merged commit 0cfe689 into main Dec 19, 2022
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/sinonjs/fake-timers-10.0.2 branch December 19, 2022 22:16
anonrig pushed a commit to anonrig/undici that referenced this pull request Apr 4, 2023
…js#1819)

Bumps [@sinonjs/fake-timers](https://github.com/sinonjs/fake-timers) from 9.1.2 to 10.0.2.
- [Release notes](https://github.com/sinonjs/fake-timers/releases)
- [Changelog](https://github.com/sinonjs/fake-timers/blob/main/CHANGELOG.md)
- [Commits](sinonjs/fake-timers@v9.1.2...v10.0.2)

---
updated-dependencies:
- dependency-name: "@sinonjs/fake-timers"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
kodiakhq bot referenced this pull request in X-oss-byte/Canary-nextjs Sep 18, 2023
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [undici](https://undici.nodejs.org) ([source](https://github.com/nodejs/undici)) | [`5.14.0` -> `5.19.1`](https://renovatebot.com/diffs/npm/undici/5.14.0/5.19.1) | [![age](https://developer.mend.io/api/mc/badges/age/npm/undici/5.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/undici/5.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/undici/5.14.0/5.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/undici/5.14.0/5.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) |

### GitHub Vulnerability Alerts

#### [CVE-2023-23936](https://github.com/nodejs/undici/security/advisories/GHSA-5r9g-qh6m-jxff)

### Impact

undici library does not protect `host` HTTP header from CRLF injection vulnerabilities.

### Patches

This issue was patched in Undici v5.19.1.

### Workarounds

Sanitize the `headers.host` string before passing to undici.

### References

Reported at https://hackerone.com/reports/1820955.

### Credits

Thank you to Zhipeng Zhang ([@&#8203;timon8](https://hackerone.com/timon8)) for reporting this vulnerability.

---

### Release Notes

<details>
<summary>nodejs/undici (undici)</summary>

### [`v5.19.1`](https://github.com/nodejs/undici/releases/tag/v5.19.1)

[Compare Source](https://github.com/nodejs/undici/compare/v5.19.0...v5.19.1)

#### ⚠️ Security Release ⚠️

-   [Regular Expression Denial of Service in Headers](https://github.com/nodejs/undici/security/advisories/GHSA-r6ch-mqf9-qc9w) with CVE-2023-24807
-   [CRLF Injection in Nodejs ‘undici’ via host](https://github.com/nodejs/undici/security/advisories/GHSA-5r9g-qh6m-jxff) with CVE-2023-23936

This release is part of the Node.js security release train: https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/

### [`v5.19.0`](https://github.com/nodejs/undici/releases/tag/v5.19.0)

[Compare Source](https://github.com/nodejs/undici/compare/v5.18.0...v5.19.0)

#### What's Changed

-   fix(fetch): raise AbortSignal max event listeners by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1910](https://github.com/nodejs/undici/pull/1910)
-   fix: content-disposition header parsing by [@&#8203;climba03003](https://github.com/climba03003) in [https://github.com/nodejs/undici/pull/1911](https://github.com/nodejs/undici/pull/1911)
-   fix: remove test by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1916](https://github.com/nodejs/undici/pull/1916)
-   feat: add Headers.prototype.getSetCookie by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1915](https://github.com/nodejs/undici/pull/1915)
-   fix(headers): clone getSetCookie list & add getSetCookie type by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1917](https://github.com/nodejs/undici/pull/1917)
-   doc(mock): update out-of-date reply documentation by [@&#8203;p9f](https://github.com/p9f) in [https://github.com/nodejs/undici/pull/1913](https://github.com/nodejs/undici/pull/1913)
-   fix(types): add missing keepAlive params by [@&#8203;SkeLLLa](https://github.com/SkeLLLa) in [https://github.com/nodejs/undici/pull/1918](https://github.com/nodejs/undici/pull/1918)
-   Make the fetch() abort test pass locally, on Linux and Mac, Node 18/19. by [@&#8203;mcollina](https://github.com/mcollina) in [https://github.com/nodejs/undici/pull/1927](https://github.com/nodejs/undici/pull/1927)

#### New Contributors

-   [@&#8203;climba03003](https://github.com/climba03003) made their first contribution in [https://github.com/nodejs/undici/pull/1911](https://github.com/nodejs/undici/pull/1911)
-   [@&#8203;p9f](https://github.com/p9f) made their first contribution in [https://github.com/nodejs/undici/pull/1913](https://github.com/nodejs/undici/pull/1913)

**Full Changelog**: nodejs/undici@v5.18.0...v5.19.0

### [`v5.18.0`](https://github.com/nodejs/undici/releases/tag/v5.18.0)

[Compare Source](https://github.com/nodejs/undici/compare/v5.17.1...v5.18.0)

##### What's Changed

-   Add ability to set TCP keepalive by [@&#8203;xconverge](https://github.com/xconverge) in [https://github.com/nodejs/undici/pull/1904](https://github.com/nodejs/undici/pull/1904)
-   use faster timers by [@&#8203;ronag](https://github.com/ronag) in [https://github.com/nodejs/undici/pull/1908](https://github.com/nodejs/undici/pull/1908)
-   fix: ensure header value is a string by [@&#8203;ronag](https://github.com/ronag) in [https://github.com/nodejs/undici/pull/1899](https://github.com/nodejs/undici/pull/1899)

**Full Changelog**: nodejs/undici@v5.17.1...v5.18.0

### [`v5.17.1`](https://github.com/nodejs/undici/releases/tag/v5.17.1)

[Compare Source](https://github.com/nodejs/undici/compare/v5.17.0...v5.17.1)

#### What's Changed

-   fix: bad buffer slice (nodejs/undici@d2be675)

**Full Changelog**: nodejs/undici@v5.17.0...v5.17.1

### [`v5.17.0`](https://github.com/nodejs/undici/releases/tag/v5.17.0)

[Compare Source](https://github.com/nodejs/undici/compare/v5.16.0...v5.17.0)

#### What's Changed

-   fix(wpts): Blob is a global getter in >=v19.x.x by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1880](https://github.com/nodejs/undici/pull/1880)
-   doc: fix anchor links dispatcher.stream by [@&#8203;RafaelGSS](https://github.com/RafaelGSS) in [https://github.com/nodejs/undici/pull/1881](https://github.com/nodejs/undici/pull/1881)
-   wpt: make runner more resilient by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1884](https://github.com/nodejs/undici/pull/1884)
-   Make test pass in v19.x by [@&#8203;mcollina](https://github.com/mcollina) in [https://github.com/nodejs/undici/pull/1879](https://github.com/nodejs/undici/pull/1879)
-   Correct the type of DispatchOptions\["headers"] by [@&#8203;pan93412](https://github.com/pan93412) in [https://github.com/nodejs/undici/pull/1896](https://github.com/nodejs/undici/pull/1896)
-   perf(content-type parser): faster string collector by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1894](https://github.com/nodejs/undici/pull/1894)
-   feat: expose content-type parser by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1895](https://github.com/nodejs/undici/pull/1895)
-   fix(types): Update DispatchOptions type for missing "blocking" by [@&#8203;xconverge](https://github.com/xconverge) in [https://github.com/nodejs/undici/pull/1889](https://github.com/nodejs/undici/pull/1889)
-   fix(types): update error type definitions by [@&#8203;rafaelcr](https://github.com/rafaelcr) in [https://github.com/nodejs/undici/pull/1888](https://github.com/nodejs/undici/pull/1888)
-   fix: ensure connection header is a string by [@&#8203;ronag](https://github.com/ronag) in [https://github.com/nodejs/undici/pull/1900](https://github.com/nodejs/undici/pull/1900)
-   fix: throw if invalid content-type header by [@&#8203;ronag](https://github.com/ronag) in [https://github.com/nodejs/undici/pull/1901](https://github.com/nodejs/undici/pull/1901)
-   fix(fetch): use semicolon for Cookie header delimiter by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1906](https://github.com/nodejs/undici/pull/1906)
-   Use FastBuffer by [@&#8203;ronag](https://github.com/ronag) in [https://github.com/nodejs/undici/pull/1907](https://github.com/nodejs/undici/pull/1907)

#### New Contributors

-   [@&#8203;pan93412](https://github.com/pan93412) made their first contribution in [https://github.com/nodejs/undici/pull/1896](https://github.com/nodejs/undici/pull/1896)
-   [@&#8203;rafaelcr](https://github.com/rafaelcr) made their first contribution in [https://github.com/nodejs/undici/pull/1888](https://github.com/nodejs/undici/pull/1888)

**Full Changelog**: nodejs/undici@v5.16.0...v5.17.0

### [`v5.16.0`](https://github.com/nodejs/undici/releases/tag/v5.16.0)

[Compare Source](https://github.com/nodejs/undici/compare/v5.15.2...v5.16.0)

#### What's Changed

-   Add feature to specify custom headers for proxies by [@&#8203;Sebmaster](https://github.com/Sebmaster) in [https://github.com/nodejs/undici/pull/1877](https://github.com/nodejs/undici/pull/1877)

#### New Contributors

-   [@&#8203;Sebmaster](https://github.com/Sebmaster) made their first contribution in [https://github.com/nodejs/undici/pull/1877](https://github.com/nodejs/undici/pull/1877)

**Full Changelog**: nodejs/undici@v5.15.2...v5.16.0

### [`v5.15.2`](https://github.com/nodejs/undici/compare/9d5f23177408dc16d3d4cbb8cebf463081c54e16...9457c9719029945ef9ff36b71d58557443730942)

[Compare Source](https://github.com/nodejs/undici/compare/v5.15.1...v5.15.2)

### [`v5.15.1`](https://github.com/nodejs/undici/releases/tag/v5.15.1)

[Compare Source](https://github.com/nodejs/undici/compare/v5.15.0...v5.15.1)

#### What's Changed

-   fix(websocket): simplify typedarray copying by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1854](https://github.com/nodejs/undici/pull/1854)
-   fix: wpts on node v18.13.0+ by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1859](https://github.com/nodejs/undici/pull/1859)
-   perf: allow keep alive for HEAD requests by [@&#8203;ronag](https://github.com/ronag) in [https://github.com/nodejs/undici/pull/1858](https://github.com/nodejs/undici/pull/1858)
-   fix: flaky abort test by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1863](https://github.com/nodejs/undici/pull/1863)

**Full Changelog**: nodejs/undici@v5.15.0...v5.15.1

### [`v5.15.0`](https://github.com/nodejs/undici/releases/tag/v5.15.0)

[Compare Source](https://github.com/nodejs/undici/compare/v5.14.0...v5.15.0)

#### What's Changed

-   \[types] update ProxyAgent Options (timeout) by [@&#8203;sosoba](https://github.com/sosoba) in [https://github.com/nodejs/undici/pull/1801](https://github.com/nodejs/undici/pull/1801)
-   feat: implement websockets by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1795](https://github.com/nodejs/undici/pull/1795)
-   feat(websocket): handle ping/pong frames & fix fragmented frames by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1809](https://github.com/nodejs/undici/pull/1809)
-   docs: add basic fetch & company docs by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1810](https://github.com/nodejs/undici/pull/1810)
-   make formdata body immutable and encode it only once by [@&#8203;jimmywarting](https://github.com/jimmywarting) in [https://github.com/nodejs/undici/pull/1814](https://github.com/nodejs/undici/pull/1814)
-   test: add regression test for [#&#8203;1814](https://github.com/nodejs/undici/issues/1814) by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1815](https://github.com/nodejs/undici/pull/1815)
-   feat(websocket): only consume necessary bytes by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1812](https://github.com/nodejs/undici/pull/1812)
-   websocket: use Buffer.allocUnsafe by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1817](https://github.com/nodejs/undici/pull/1817)
-   build(deps-dev): bump [@&#8203;sinonjs/fake-timers](https://github.com/sinonjs/fake-timers) from 9.1.2 to 10.0.2 by [@&#8203;dependabot](https://github.com/dependabot) in [https://github.com/nodejs/undici/pull/1819](https://github.com/nodejs/undici/pull/1819)
-   fix(websocket): deprecation warning & 64-bit unsigned int body length by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1818](https://github.com/nodejs/undici/pull/1818)
-   Use nodejs.stream.destroyed symbol by [@&#8203;ronag](https://github.com/ronag) in [https://github.com/nodejs/undici/pull/1816](https://github.com/nodejs/undici/pull/1816)
-   fetch: removal of redundant condition by [@&#8203;debadree25](https://github.com/debadree25) in [https://github.com/nodejs/undici/pull/1821](https://github.com/nodejs/undici/pull/1821)
-   fix(request): request headers array by [@&#8203;jd-carroll](https://github.com/jd-carroll) in [https://github.com/nodejs/undici/pull/1807](https://github.com/nodejs/undici/pull/1807)
-   fix(websocket): validate payload length received by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1822](https://github.com/nodejs/undici/pull/1822)
-   fix(websocket): run parser in loop, instead of recursively by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1828](https://github.com/nodejs/undici/pull/1828)
-   fix(fetch): weaker refs by [@&#8203;ronag](https://github.com/ronag) in [https://github.com/nodejs/undici/pull/1824](https://github.com/nodejs/undici/pull/1824)
-   websocket: add tests for opening handshake by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1831](https://github.com/nodejs/undici/pull/1831)
-   websocket: add tests for constructor, close, and send by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1832](https://github.com/nodejs/undici/pull/1832)
-   websocket: more test coverage by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1833](https://github.com/nodejs/undici/pull/1833)
-   fix(WPTs): flaky abort test by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1835](https://github.com/nodejs/undici/pull/1835)
-   wpt: add test by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1836](https://github.com/nodejs/undici/pull/1836)
-   fix: don't send keep-alive if we want reset by [@&#8203;ronag](https://github.com/ronag) in [https://github.com/nodejs/undici/pull/1846](https://github.com/nodejs/undici/pull/1846)
-   fetch: update body consume to match spec by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1847](https://github.com/nodejs/undici/pull/1847)
-   feat: allow connection header in request by [@&#8203;metcoder95](https://github.com/metcoder95) in [https://github.com/nodejs/undici/pull/1829](https://github.com/nodejs/undici/pull/1829)
-   feat: add cookie parsing ability by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1848](https://github.com/nodejs/undici/pull/1848)
-   fix(cookie): add docs & expose in node v16 by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1849](https://github.com/nodejs/undici/pull/1849)
-   fix(cookies): work with global Headers by [@&#8203;KhafraDev](https://github.com/KhafraDev) in [https://github.com/nodejs/undici/pull/1850](https://github.com/nodejs/undici/pull/1850)
-   docs(Dispatcher): adjust documentation for reset flag by [@&#8203;metcoder95](https://github.com/metcoder95) in [https://github.com/nodejs/undici/pull/1852](https://github.com/nodejs/undici/pull/1852)
-   Fix broken interceptor test by [@&#8203;mcollina](https://github.com/mcollina) in [https://github.com/nodejs/undici/pull/1853](https://github.com/nodejs/undici/pull/1853)

#### New Contributors

-   [@&#8203;sosoba](https://github.com/sosoba) made their first contribution in [https://github.com/nodejs/undici/pull/1801](https://github.com/nodejs/undici/pull/1801)
-   [@&#8203;debadree25](https://github.com/debadree25) made their first contribution in [https://github.com/nodejs/undici/pull/1821](https://github.com/nodejs/undici/pull/1821)
-   [@&#8203;jd-carroll](https://github.com/jd-carroll) made their first contribution in [https://github.com/nodejs/undici/pull/1807](https://github.com/nodejs/undici/pull/1807)

**Full Changelog**: nodejs/undici@v5.14.0...v5.15.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/sammyfilly/Canary-nextjs).
crysmags pushed a commit to crysmags/undici that referenced this pull request Feb 27, 2024
…js#1819)

Bumps [@sinonjs/fake-timers](https://github.com/sinonjs/fake-timers) from 9.1.2 to 10.0.2.
- [Release notes](https://github.com/sinonjs/fake-timers/releases)
- [Changelog](https://github.com/sinonjs/fake-timers/blob/main/CHANGELOG.md)
- [Commits](sinonjs/fake-timers@v9.1.2...v10.0.2)

---
updated-dependencies:
- dependency-name: "@sinonjs/fake-timers"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant