From 55166598c7fc297424bbaecbe89ac0a0c9849aad Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 22 Jun 2021 02:59:50 -0700
Subject: [PATCH] Bump ws from 7.4.6 to 7.5.0 in /desktop (#2487)
Summary:
Bumps [ws](https://github.com/websockets/ws) from 7.4.6 to 7.5.0.
Release notes
Sourced from ws's releases.
7.5.0
Features
Bug fixes
- A close frame is now sent to the remote peer if an error (such as a data
framing error) occurs (8806aa9a).
- The close code is now always 1006 if no close frame is received, even if the
connection is closed due to an error (8806aa9a).
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Pull Request resolved: https://github.com/facebook/flipper/pull/2487
Reviewed By: nikoant
Differential Revision: D29264222
Pulled By: mweststrate
fbshipit-source-id: 2c7eebd793c6ea9f28543a2808f387399043e59f
---
desktop/app/package.json | 2 +-
desktop/static/package.json | 2 +-
desktop/yarn.lock | 8 ++++----
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/desktop/app/package.json b/desktop/app/package.json
index a4527958f..c006d7ae5 100644
--- a/desktop/app/package.json
+++ b/desktop/app/package.json
@@ -75,7 +75,7 @@
"tmp": "^0.2.1",
"uuid": "^8.3.2",
"which": "^2.0.1",
- "ws": "^7.4.6",
+ "ws": "^7.5.0",
"xdg-basedir": "^4.0.0"
},
"optionalDependencies": {
diff --git a/desktop/static/package.json b/desktop/static/package.json
index 8c7553ea8..eaf3f4bca 100644
--- a/desktop/static/package.json
+++ b/desktop/static/package.json
@@ -10,7 +10,7 @@
"mac-ca": "^1.0.6",
"mkdirp": "^1.0.4",
"node-fetch": "^2.6.1",
- "ws": "^7.4.6",
+ "ws": "^7.5.0",
"xdg-basedir": "^4.0.0",
"yargs": "^16.2.0"
}
diff --git a/desktop/yarn.lock b/desktop/yarn.lock
index cbec7cabf..b628e8490 100644
--- a/desktop/yarn.lock
+++ b/desktop/yarn.lock
@@ -13685,10 +13685,10 @@ ws@1.1.5, ws@^1.1.5:
options ">=0.0.5"
ultron "1.0.x"
-ws@^7.4.5, ws@^7.4.6, ws@~7.4.2:
- version "7.4.6"
- resolved "https://registry.yarnpkg.com/ws/-/ws-7.4.6.tgz#5654ca8ecdeee47c33a9a4bf6d28e2be2980377c"
- integrity sha512-YmhHDO4MzaDLB+M9ym/mDA5z0naX8j7SIlT8f8z+I0VtzsRbekxEutHSme7NPS2qE8StCYQNUnfWdXta/Yu85A==
+ws@^7.4.5, ws@^7.4.6, ws@^7.5.0, ws@~7.4.2:
+ version "7.5.0"
+ resolved "https://registry.yarnpkg.com/ws/-/ws-7.5.0.tgz#0033bafea031fb9df041b2026fc72a571ca44691"
+ integrity sha512-6ezXvzOZupqKj4jUqbQ9tXuJNo+BR2gU8fFRk3XCP3e0G6WT414u5ELe6Y0vtp7kmSJ3F7YWObSNr1ESsgi4vw==
xdg-basedir@^4.0.0:
version "4.0.0"