Bump serialize-javascript and mocha #139

dependabot · 2025-08-13T18:15:54Z

Bumps serialize-javascript and mocha. These dependencies needed to be updated together.
Updates serialize-javascript from 6.0.0 to 6.0.2

Release notes

Sourced from serialize-javascript's releases.

v6.0.2

fix: serialize URL string contents to prevent XSS (#173) f27d65d

Bump @babel/traverse from 7.10.1 to 7.23.7 (#171) 02499c0

docs: update readme with URL support (#146) 0d88527

chore: update node version and lock file e2a3a91

fix typo (#164) 5a1fa64

yahoo/serialize-javascript@v6.0.1...v6.0.2

v6.0.1

What's Changed

Bump mocha from 9.0.1 to 9.0.2 by @dependabot in yahoo/serialize-javascript#126

Bump mocha from 9.0.2 to 9.0.3 by @dependabot in yahoo/serialize-javascript#127

Bump path-parse from 1.0.6 to 1.0.7 by @dependabot in yahoo/serialize-javascript#129

Bump mocha from 9.0.3 to 9.1.0 by @dependabot in yahoo/serialize-javascript#130

Bump mocha from 9.1.0 to 9.1.1 by @dependabot in yahoo/serialize-javascript#131

Bump mocha from 9.1.1 to 9.1.2 by @dependabot in yahoo/serialize-javascript#132

Bump mocha from 9.1.2 to 9.1.3 by @dependabot in yahoo/serialize-javascript#133

Bump mocha from 9.1.3 to 9.1.4 by @dependabot in yahoo/serialize-javascript#137

Bump mocha from 9.1.4 to 9.2.0 by @dependabot in yahoo/serialize-javascript#138

Bump chai from 4.3.4 to 4.3.6 by @dependabot in yahoo/serialize-javascript#140

Bump ansi-regex from 5.0.0 to 5.0.1 by @dependabot in yahoo/serialize-javascript#141

Bump mocha from 9.2.0 to 9.2.2 by @dependabot in yahoo/serialize-javascript#143

Bump minimist from 1.2.5 to 1.2.6 by @dependabot in yahoo/serialize-javascript#144

Bump mocha from 9.2.2 to 10.0.0 by @dependabot in yahoo/serialize-javascript#145

Bump mocha from 10.0.0 to 10.1.0 by @dependabot in yahoo/serialize-javascript#149

Bump chai from 4.3.6 to 4.3.7 by @dependabot in yahoo/serialize-javascript#150

ci: test.yml - actions bump by @piwysocki in yahoo/serialize-javascript#151

Bump minimatch from 3.0.4 to 3.1.2 by @dependabot in yahoo/serialize-javascript#152

Bump mocha from 10.1.0 to 10.2.0 by @dependabot in yahoo/serialize-javascript#153

Bump json5 from 2.1.3 to 2.2.3 by @dependabot in yahoo/serialize-javascript#155

Fix serialization issue for 0n. by @momocow in yahoo/serialize-javascript#156

Release v6.0.1 by @okuryu in yahoo/serialize-javascript#157

New Contributors

@piwysocki made their first contribution in yahoo/serialize-javascript#151

@momocow made their first contribution in yahoo/serialize-javascript#156

Full Changelog: yahoo/serialize-javascript@v6.0.0...v6.0.1

Commits

b71ec23 6.0.2
f27d65d fix: serialize URL string contents to prevent XSS (#173)
02499c0 Bump @babel/traverse from 7.10.1 to 7.23.7 (#171)
0d88527 docs: update readme with URL support (#146)
e2a3a91 chore: update node version and lock file
5a1fa64 fix typo (#164)
7139f92 Release v6.0.1 (#157)
7e23ae8 Fix serialization issue for 0n. (#156)
343abd9 Bump json5 from 2.1.3 to 2.2.3 (#155)
38d0e70 Bump mocha from 10.1.0 to 10.2.0 (#153)
Additional commits viewable in compare view

Updates mocha from 10.4.0 to 10.8.2

Release notes

Sourced from mocha's releases.

v10.8.2

10.8.2 (2024-10-30)

🩹 Fixes

support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)

test link in html reporter (#5224) (f054acc)

📚 Documentation

indicate 'exports' interface does not work in browsers (#5181) (14e640e)

🧹 Chores

fix docs builds by re-adding eleventy and ignoring gitignore again (#5240) (881e3b0)

🤖 Automation

deps: bump the github-actions group with 1 update (#5132) (e536ab2)

v10.8.1

10.8.1 (2024-10-29)

🩹 Fixes

handle case of invalid package.json with no explicit config (#5198) (f72bc17)

Typos on mochajs.org (#5237) (d8ca270)

use accurate test links in HTML reporter (#5228) (68803b6)

v10.8.0

10.8.0 (2024-10-29)

🌟 Features

highlight browser failures (#5222) (8ff4845)

🩹 Fixes

remove :is() from mocha.css to support older browsers (#5225) (#5227) (0a24b58)

📚 Documentation

... (truncated)

Changelog

Sourced from mocha's changelog.

10.8.2 (2024-10-30)

🩹 Fixes

support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)

test link in html reporter (#5224) (f054acc)

📚 Documentation

indicate 'exports' interface does not work in browsers (#5181) (14e640e)

🧹 Chores

fix docs builds by re-adding eleventy and ignoring gitignore again (#5240) (881e3b0)

🤖 Automation

deps: bump the github-actions group with 1 update (#5132) (e536ab2)

10.8.1 (2024-10-29)

🩹 Fixes

handle case of invalid package.json with no explicit config (#5198) (f72bc17)

Typos on mochajs.org (#5237) (d8ca270)

use accurate test links in HTML reporter (#5228) (68803b6)

10.8.0 (2024-10-29)

🌟 Features

highlight browser failures (#5222) (8ff4845)

🩹 Fixes

remove :is() from mocha.css to support older browsers (#5225) (#5227) (0a24b58)

📚 Documentation

add SECURITY.md pointing to Tidelift (#5210) (bd7e63a)

adopt Collective Funds Guidelines 0.1 (#5199) (2b03d86)

update README, LICENSE and fix outdated (#5197) (1203e0e)

🧹 Chores

fix npm scripts on windows (#5219) (1173da0)

remove trailing whitespace in SECURITY.md (7563e59)

10.7.3 (2024-08-09)

... (truncated)

Commits

05097db chore(main): release 10.8.2 (#5239)
14e640e docs: indicate 'exports' interface does not work in browsers (#5181)
881e3b0 chore: fix docs builds by re-adding eleventy and ignoring gitignore again (#5...
f054acc fix: test link in html reporter (#5224)
e536ab2 build(deps): bump the github-actions group with 1 update (#5132)
ba0fefe fix: support errors with circular dependencies in object values with --parall...
f44f71b chore(main): release 10.8.1 (#5238)
f72bc17 fix: handle case of invalid package.json with no explicit config (#5198)
68803b6 fix: use accurate test links in HTML reporter (#5228)
d8ca270 fix: Typos on mochajs.org (#5237)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [serialize-javascript](https://github.com/yahoo/serialize-javascript) and [mocha](https://github.com/mochajs/mocha). These dependencies needed to be updated together. Updates `serialize-javascript` from 6.0.0 to 6.0.2 - [Release notes](https://github.com/yahoo/serialize-javascript/releases) - [Commits](yahoo/serialize-javascript@v6.0.0...v6.0.2) Updates `mocha` from 10.4.0 to 10.8.2 - [Release notes](https://github.com/mochajs/mocha/releases) - [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md) - [Commits](mochajs/mocha@v10.4.0...v10.8.2) --- updated-dependencies: - dependency-name: serialize-javascript dependency-version: 6.0.2 dependency-type: indirect - dependency-name: mocha dependency-version: 10.8.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

* Pre release (#133) * Prerelease branch prep (#131) (#132) * Changed the way releases work * More fixes to prerelease * Fixed wording * Update release.yml to hopefully fix release with Haaleo action * Update release.yml * Add comprehensive GitHub Copilot instructions with expanded repository structure for Zephyr IDE development (#136) * Initial plan * Create comprehensive .github/copilot-instructions.md Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> * Expand Repository Structure section with detailed file descriptions and architecture patterns Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> --------- Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> * Added new bump patches (#137) * Bump esbuild from 0.20.2 to 0.25.0 (#140) Bumps [esbuild](https://github.com/evanw/esbuild) from 0.20.2 to 0.25.0. - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md) - [Commits](evanw/esbuild@v0.20.2...v0.25.0) --- updated-dependencies: - dependency-name: esbuild dependency-version: 0.25.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump serialize-javascript and mocha (#139) Bumps [serialize-javascript](https://github.com/yahoo/serialize-javascript) and [mocha](https://github.com/mochajs/mocha). These dependencies needed to be updated together. Updates `serialize-javascript` from 6.0.0 to 6.0.2 - [Release notes](https://github.com/yahoo/serialize-javascript/releases) - [Commits](yahoo/serialize-javascript@v6.0.0...v6.0.2) Updates `mocha` from 10.4.0 to 10.8.2 - [Release notes](https://github.com/mochajs/mocha/releases) - [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md) - [Commits](mochajs/mocha@v10.4.0...v10.8.2) --- updated-dependencies: - dependency-name: serialize-javascript dependency-version: 6.0.2 dependency-type: indirect - dependency-name: mocha dependency-version: 10.8.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump brace-expansion from 1.1.11 to 1.1.12 (#138) Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.11 to 1.1.12. - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * More fixes to bump workflow (#141) * Bump fix (#142) * More fixes to bump workflow * Another fix * Bump fix (#143) * More fixes to bump workflow * Another fix * Added write permission to bump workflow * Bump fix (#144) * More fixes to bump workflow * Another fix * Added write permission to bump workflow * added pullrequest permission to bump workflow * Add new west config command with UI integration and optimize workspace setup (#134) * Initial plan * Initial analysis and plan for west config command Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> * Implement west config command with UI buttons and integration Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> * Optimize WorkspaceSetupFromCurrentDirectory by moving switch logic into westConfig Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> * Minor fixes * Removed out of tree setup function * Reworked gui elements * Further optimize WorkspaceSetupFromCurrentDirectory by extracting external installation handling Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> * removed repeated id * Trying to fix failing test * Changed the way the global install pick is defined * Another attempt at fixing test * Another attempt at fixing test * Added debugging of tools folder * More error logging * More error logging * Ensured tools directory exists --------- Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> Co-authored-by: Rijesh Augustine <rijeshaugustine@gmail.com> * 1.10.19 (#145) Co-authored-by: github-actions <github-actions@github.com> * Automated bump pr approve (#146) * Added make prerelease and make release workflows * More fixes to bump workflow * Automated bump pr approve (#148) * Added make prerelease and make release workflows * More fixes to bump workflow * Using different token for PR approval * 1.10.20 (#149) Co-authored-by: github-actions <github-actions@github.com> * Manually Fixing make pre-release.yml --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Rijesh Augustine <7819200+rijesha@users.noreply.github.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: Rijesh Augustine <rijeshaugustine@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions <github-actions@github.com>

* Fixing test errors (#124) * Attempting to fix test errors * another attempt that probably wont work * Added some small delays * More tries to fix * Added explicit check if sdk is installed * Fixing up a few changes * More test fixes * Maybe now the tests are fixed * Fixed incorrect command name * Fixed multiple reprints of packages installed completed * Fixed sdk interactions being missed * Moved sdk mock ui bits back into workspace setup: * A few more minor changes * Fixing release workflow (#127) * Fixing release workflow (#128) * Fixing release workflow (#129) * Update release.yml * Update release.yml * Update package.json * Update release.yml * Update package.json * Update release.yml * Update release.yml * Changed the way releases work (#130) * Prerelease branch prep (#131) * Changed the way releases work * More fixes to prerelease * Fixed wording * Prerelease branch prep (#131) (#132) * Changed the way releases work * More fixes to prerelease * Fixed wording * Update release.yml to hopefully fix release with Haaleo action * Update release.yml * Pre release (#133) * Prerelease branch prep (#131) (#132) * Changed the way releases work * More fixes to prerelease * Fixed wording * Update release.yml to hopefully fix release with Haaleo action * Update release.yml * Add comprehensive GitHub Copilot instructions with expanded repository structure for Zephyr IDE development (#136) * Initial plan * Create comprehensive .github/copilot-instructions.md Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> * Expand Repository Structure section with detailed file descriptions and architecture patterns Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> --------- Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> * Added new bump patches (#137) * Bump esbuild from 0.20.2 to 0.25.0 (#140) Bumps [esbuild](https://github.com/evanw/esbuild) from 0.20.2 to 0.25.0. - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md) - [Commits](evanw/esbuild@v0.20.2...v0.25.0) --- updated-dependencies: - dependency-name: esbuild dependency-version: 0.25.0 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump serialize-javascript and mocha (#139) Bumps [serialize-javascript](https://github.com/yahoo/serialize-javascript) and [mocha](https://github.com/mochajs/mocha). These dependencies needed to be updated together. Updates `serialize-javascript` from 6.0.0 to 6.0.2 - [Release notes](https://github.com/yahoo/serialize-javascript/releases) - [Commits](yahoo/serialize-javascript@v6.0.0...v6.0.2) Updates `mocha` from 10.4.0 to 10.8.2 - [Release notes](https://github.com/mochajs/mocha/releases) - [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md) - [Commits](mochajs/mocha@v10.4.0...v10.8.2) --- updated-dependencies: - dependency-name: serialize-javascript dependency-version: 6.0.2 dependency-type: indirect - dependency-name: mocha dependency-version: 10.8.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump brace-expansion from 1.1.11 to 1.1.12 (#138) Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.11 to 1.1.12. - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * More fixes to bump workflow (#141) * Bump fix (#142) * More fixes to bump workflow * Another fix * Bump fix (#143) * More fixes to bump workflow * Another fix * Added write permission to bump workflow * Bump fix (#144) * More fixes to bump workflow * Another fix * Added write permission to bump workflow * added pullrequest permission to bump workflow * Add new west config command with UI integration and optimize workspace setup (#134) * Initial plan * Initial analysis and plan for west config command Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> * Implement west config command with UI buttons and integration Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> * Optimize WorkspaceSetupFromCurrentDirectory by moving switch logic into westConfig Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> * Minor fixes * Removed out of tree setup function * Reworked gui elements * Further optimize WorkspaceSetupFromCurrentDirectory by extracting external installation handling Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> * removed repeated id * Trying to fix failing test * Changed the way the global install pick is defined * Another attempt at fixing test * Another attempt at fixing test * Added debugging of tools folder * More error logging * More error logging * Ensured tools directory exists --------- Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: rijesha <7819200+rijesha@users.noreply.github.com> Co-authored-by: Rijesh Augustine <rijeshaugustine@gmail.com> * 1.10.19 (#145) Co-authored-by: github-actions <github-actions@github.com> * Automated bump pr approve (#146) * Added make prerelease and make release workflows * More fixes to bump workflow * Automated bump pr approve (#148) * Added make prerelease and make release workflows * More fixes to bump workflow * Using different token for PR approval * 1.10.20 (#149) Co-authored-by: github-actions <github-actions@github.com> * Manually Fixing make pre-release.yml * More fixes to automated workflows * Fixed pre-release flow wording * Added git add -A * Updated Changelog * 2.0.0 * Ignore committing if there are no new file * Removed automatic PR approval * 2.0.0 (#154) Co-authored-by: github-actions <github-actions@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Rijesh Augustine <7819200+rijesha@users.noreply.github.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: Rijesh Augustine <rijeshaugustine@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions <github-actions@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Aug 13, 2025

rijesha merged commit 48b7d47 into develop Aug 13, 2025
1 check passed

dependabot bot deleted the dependabot/npm_and_yarn/multi-456de2e4f1 branch August 13, 2025 18:41

rijesha mentioned this pull request Aug 13, 2025

Creating Release: 2.0.0 (#155) #156

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Bump serialize-javascript and mocha #139

Bump serialize-javascript and mocha #139

Uh oh!

dependabot bot commented on behalf of github Aug 13, 2025

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Bump serialize-javascript and mocha #139

Bump serialize-javascript and mocha #139

Uh oh!

Conversation

dependabot bot commented on behalf of github Aug 13, 2025

v6.0.2

v6.0.1

What's Changed

New Contributors

v10.8.2

10.8.2 (2024-10-30)

🩹 Fixes

📚 Documentation

🧹 Chores

🤖 Automation

v10.8.1

10.8.1 (2024-10-29)

🩹 Fixes

v10.8.0

10.8.0 (2024-10-29)

🌟 Features

🩹 Fixes

📚 Documentation

10.8.2 (2024-10-30)

🩹 Fixes

📚 Documentation

🧹 Chores

🤖 Automation

10.8.1 (2024-10-29)

🩹 Fixes

10.8.0 (2024-10-29)

🌟 Features

🩹 Fixes

📚 Documentation

🧹 Chores

10.7.3 (2024-08-09)

Uh oh!

Uh oh!

Uh oh!