chore(deps-dev): bump chai from 4.5.0 to 5.1.2 #10720
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [chai](https://github.com/chaijs/chai) from 4.5.0 to 5.1.2. - [Release notes](https://github.com/chaijs/chai/releases) - [Changelog](https://github.com/chaijs/chai/blob/main/History.md) - [Commits](chaijs/chai@v4.5.0...v5.1.2) --- updated-dependencies: - dependency-name: chai dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
|
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
🚮 Removed packages: npm/[email protected] |
|
This PR and #10721 are failing due to peerDependency conflicts. I think we're going to need to make one PR that bumps chai and all related chai- packages in one go. Lines 156 to 160 in d7bb13c plus sinon-chai One thing I have not worked out yet is whether all the chai-related packages we rely on yet have a chai 5 compatible version. Hopefully this will be a bit simpler than ESLint though as we only depend on a handful of chai extensions. |
|
OK. The blocker to this is chai-string, which does not declare compatibility with chai 5. I wonder what will be involved to make a PR upstream to chai-string 🤔 |
|
Hmm. The other issue we have here is that Chai 5 is ESM only and badge-maker still uses CommonJS. We might have to work round that too. Untested, but if that is the only problem we can probably just make the tests |
|
Picked this up in #10732 |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
Bumps chai from 4.5.0 to 5.1.2.
Release notes
Sourced from chai's releases.
... (truncated)
Commits
1b17805Support big int in approximently (#1606)346421fchore: upgrade loupe (#1646)01ac941chore: update deep dependencies (#1641)baf6ce9build(deps): bump rollup from 4.9.1 to 4.22.4 (#1637)ca5d462build(deps-dev): bump@75lb/deep-mergefrom 1.1.1 to 1.1.2 (#1636)3ce5944chore: bump loupe and deep-eql (#1635)ec18925build(deps-dev): bump braces from 3.0.2 to 3.0.3 (#1625)5ab5b86Publish npm packages with provenance (#1615)14fcf6bFix secret name in publish action (#1614)37263c0fix: support some virtual contexts intoThrow(#1609)You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)