chore(deps): update all

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@types/node (source)	8.10.64 -> 8.10.66
ava (source)	3.13.0 -> 3.15.0
express (source)	4.17.1 -> 4.18.2
express-graphql	0.11.0 -> 0.12.0
typescript (source)	3.9.7 -> 3.9.10

---

Release Notes

avajs/ava

v3.15.0: 3.15.0

Compare Source

Automatic snapshot file removal

When you stop using snapshots in a test file, the next time you run ava --update-snapshots we'll remove the left-over snapshot files. Thanks @​ninevra! 4f093ab

TAP improvements

@​tymfear has been on a roll improving our TAP reporter. t.log() output is now compliant with the spec 99ab93a. Tests that did not run due to timeouts are now reported 98595da.

Next-generation configuration

AVA 4 will add full support for ESM configuration files as well as allowing you to have asynchronous factory functions a2f2614. If you're using Node.js 12 or later you can opt-in to these features in AVA 3 by enabling the nextGenConfig experiment. Say in an ava.config.mjs file:

export default {
	nonSemVerExperiments: {
		nextGenConfig: true
	},
	files: ['unit-tests/**/*]
};

This also allows you to pass an .mjs file using the --config argument.

With this experiment enabled, AVA will no longer have special treatment for ava.config.js files. Instead AVA follows Node.js' behavior, so if you've set "type": "module" you must use ESM, and otherwise you must use CommonJS.

You mustn't have an ava.config.mjs file next to an ava.config.js or ava.config.cjs file.

---

See avajs/ava@v3.14.0...v3.15.0 for all changes.

v3.14.0: 3.14.0

Compare Source

Snapshot ordering

With this release, snapshot files are now ordered based on test declaration, not completion. This makes it easier to compare the human-readable reports to your test file, and also stops the .snap from changing when the reports themselves don't. You'll want to rebuild snapshots after upgrading to this release to isolate any changes. Thanks @​ninevra! e66b54c

Shared workers

We’ve been working on making AVA more extensible. One major step on this path is our new shared worker support: run code in the main process, communicate with test workers and influence execution. Find out more in our shared workers recipe.

---

See avajs/ava@v3.13.0...v3.14.0 for all changes.

expressjs/express

v4.18.2

Compare Source

===================

• Fix regression routing a large stack in a single route
• deps: body-parser@1.20.1
  • deps: qs@6.11.0
  • perf: remove unnecessary object clone
• deps: qs@6.11.0

v4.18.1

Compare Source

===================

• Fix hanging on large stack of sync routes

v4.18.0

Compare Source

===================

• Add "root" option to res.download
• Allow options without filename in res.download
• Deprecate string and non-integer arguments to res.status
• Fix behavior of null/undefined as maxAge in res.cookie
• Fix handling very large stacks of sync middleware
• Ignore Object.prototype values in settings through app.set/app.get
• Invoke default with same arguments as types in res.format
• Support proper 205 responses using res.send
• Use http-errors for res.format error
• deps: body-parser@1.20.0
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: depd@2.0.0
  • deps: http-errors@2.0.0
  • deps: on-finished@2.4.1
  • deps: qs@6.10.3
  • deps: raw-body@2.5.1
• deps: cookie@0.5.0
  • Add priority option
  • Fix expires option to reject invalid dates
• deps: depd@2.0.0
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: finalhandler@1.2.0
  • Remove set content headers that break response
  • deps: on-finished@2.4.1
  • deps: statuses@2.0.1
• deps: on-finished@2.4.1
  • Prevent loss of async hooks context
• deps: qs@6.10.3
• deps: send@0.18.0
  • Fix emitted 416 error missing headers property
  • Limit the headers removed for 304 response
  • deps: depd@2.0.0
  • deps: destroy@1.2.0
  • deps: http-errors@2.0.0
  • deps: on-finished@2.4.1
  • deps: statuses@2.0.1
• deps: serve-static@1.15.0
  • deps: send@0.18.0
• deps: statuses@2.0.1
  • Remove code 306
  • Rename 425 Unordered Collection to standard 425 Too Early

v4.17.3

Compare Source

===================

• deps: accepts@~1.3.8
  • deps: mime-types@~2.1.34
  • deps: negotiator@0.6.3
• deps: body-parser@1.19.2
  • deps: bytes@3.1.2
  • deps: qs@6.9.7
  • deps: raw-body@2.4.3
• deps: cookie@0.4.2
• deps: qs@6.9.7
  • Fix handling of __proto__ keys
• pref: remove unnecessary regexp for trust proxy

v4.17.2

Compare Source

===================

• Fix handling of undefined in res.jsonp
• Fix handling of undefined when "json escape" is enabled
• Fix incorrect middleware execution with unanchored RegExps
• Fix res.jsonp(obj, status) deprecation message
• Fix typo in res.is JSDoc
• deps: body-parser@1.19.1
  • deps: bytes@3.1.1
  • deps: http-errors@1.8.1
  • deps: qs@6.9.6
  • deps: raw-body@2.4.2
  • deps: safe-buffer@5.2.1
  • deps: type-is@~1.6.18
• deps: content-disposition@0.5.4
  • deps: safe-buffer@5.2.1
• deps: cookie@0.4.1
  • Fix maxAge option to reject invalid values
• deps: proxy-addr@~2.0.7
  • Use req.socket over deprecated req.connection
  • deps: forwarded@0.2.0
  • deps: ipaddr.js@1.9.1
• deps: qs@6.9.6
• deps: safe-buffer@5.2.1
• deps: send@0.17.2
  • deps: http-errors@1.8.1
  • deps: ms@2.1.3
  • pref: ignore empty http tokens
• deps: serve-static@1.14.2
  • deps: send@0.17.2
• deps: setprototypeof@1.2.0

graphql/express-graphql

v0.12.0

Compare Source

v0.12.0 (2020-11-19)

Bug Fix 🐞

• #​715 Use HTTP code of underlying errors (@​IvanGoncharov)
• #​716 Wrap HttpError into GraphQLError (@​IvanGoncharov)

Polish 💅

4 PRs were merged

• #​658 Convert remaining files to TypeScript (@​danielrearden)
• #​677 Improve TS type coverage (@​IvanGoncharov)
• #​713 ESLint: enable more checks (@​IvanGoncharov)
• #​718 Switch to using 'devAssert' similar to graphql-js (@​IvanGoncharov)

Internal 🏠

16 PRs were merged

• #​676 Cleanup from Flow and Babel (@​IvanGoncharov)
• #​680 integrationTests: test built package on all supported node versions (@​IvanGoncharov)
• #​682 ESLint: enable lint rules that were temporary disabled (@​IvanGoncharov)
• #​683 build: rename dist directory to match 'graphql-js' (@​IvanGoncharov)
• #​684 eslint: unify tests and integrationTests overrides (@​IvanGoncharov)
• #​690 integrationTests: add TS 4.0 (@​IvanGoncharov)
• #​692 integrationTests: minimise test logs (@​IvanGoncharov)
• #​695 LICENSE: Remove year from copyright (@​IvanGoncharov)
• #​706 LICENSE: Remove year from copyright (@​IvanGoncharov)
• #​708 build: change to 'build' to 'build:npm' (@​IvanGoncharov)
• #​709 CI: test on node 15 (@​IvanGoncharov)
• #​710 TS: Add more checks/validations into 'tsconfig.json' (@​IvanGoncharov)
• #​711 integrationTests: sync with graphql-js (@​IvanGoncharov)
• #​712 build: add support for experimental releases (@​IvanGoncharov)
• #​717 test: log TS errors but run tests (@​IvanGoncharov)
• #​723 Run tests before release (@​IvanGoncharov)

Dependency 📦

7 PRs were merged

• #​681 Update deps (@​IvanGoncharov)
• #​689 Update deps (@​IvanGoncharov)
• #​694 Update deps (@​IvanGoncharov)
• #​707 Update deps (@​IvanGoncharov)
• #​714 Update deps (@​IvanGoncharov)
• #​719 Update deps (@​IvanGoncharov)
• #​722 Update deps (@​IvanGoncharov)

Committers: 2

• Daniel Rearden(@​danielrearden)
• Ivan Goncharov(@​IvanGoncharov)

Microsoft/TypeScript

v3.9.10: TypeScript 3.9.10

Compare Source

This release ships both an overall performance improvement, along with a mitigation for a performance regression when upgrading to Node.js 16. See the change for more details.

v3.9.9: TypeScript 3.9.9

Compare Source

This release contains a fix for an issue when language service plugins have no specified name.

v3.9.8: TypeScript 3.9.8

Compare Source

This release contains fixes for a security risk involving language service plugin loading. More details are available here.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.