build(deps): bump @splitsoftware/splitio from 10.17.1 to 10.22.3 #157

dependabot · 2022-12-19T01:49:03Z

Bumps @splitsoftware/splitio from 10.17.1 to 10.22.3.

Changelog

Sourced from @splitsoftware/splitio's changelog.

10.22.3 (December 16, 2022)

Updated some transitive dependencies for vulnerability fixes.

Bugfixing - Upgrade @splitsoftware/splitio-commons package to version 1.7.3 which includes a memory leak fix for localhost mode (Related to issue splitio/javascript-commons#181) among other improvements.

10.22.2 (November 3, 2022)

Bugfixing - Replaced bloom filter dependency that caused dependency conflicts (with farmhash lib) in AWS Lambda. This change only affects Node flavor.

10.22.1 (October 14, 2022)

Bugfixing - Upgrade @splitsoftware/splitio-commons package to version 1.7.2, that handles Navigator.sendBeacon API exceptions in the browser, and fallback to regular Fetch/XHR transport in case of error.

10.22.0 (October 5, 2022)

Added a new impressions mode for the SDK called NONE, to be used in factory when there is no desire to capture impressions on an SDK factory to feed Split's analytics engine. Running NONE mode, the SDK will only capture unique keys evaluated for a particular feature flag instead of full blown impressions.

Updated default value of scheduler.featuresRefreshRate config parameter from 5 seconds to 60 seconds for NodeJS and from 30 seconds to 60 seconds for Browser.

Updated @splitsoftware/splitio-commons package to version 1.7.1, that improves the performance of split evaluations (i.e., getTreatment(s) method calls) when using the default storage in memory, among other improvements.

10.21.1 (July 25, 2022)

Bugfixing - Added missed type definitions enabled from sync.

10.21.0 (July 22, 2022)

Added autoRequire configuration option to the Google Analytics to Split integration, which takes care of requiring the splitTracker plugin on trackers dynamically created by Google tag managers (See https://help.split.io/hc/en-us/articles/360040838752#set-up-with-gtm-and-gtag.js).

Updated browser listener to push remaining impressions and events on 'visibilitychange' and 'pagehide' DOM events, instead of 'unload', which is not reliable in modern mobile and desktop Web browsers.

Updated the synchronization flow to be more reliable in the event of an edge case generating delay in cache purge propagation, keeping the SDK cache properly synced.

Updated some dependencies for vulnerability fixes.

Bugfixing - Moved js-yaml dependency from @splitsoftware/splitio-commons to avoid resolution to an incompatible version on certain npm versions when installing third-party dependencies that also define js-yaml as transitive dependency (Related to issue splitio/javascript-client#662).

10.20.0 (June 29, 2022)

Added a new config option to control the tasks that listen or poll for updates on feature flags and segments, via the new config sync.enabled . Running online Split will always pull the most recent updates upon initialization, this only affects updates fetching on a running instance. Useful when a consistent session experience is a must or to save resources when updates are not being used.

Updated telemetry logic to track the anonymous config for user consent flag set to declined or unknown.

Updated submitters logic, to avoid duplicating the post of impressions to Split cloud when the SDK is destroyed while its periodic post of impressions is running.

10.19.1 (Jun 13, 2022)

Updated eventsource dependency range to ^1.1.2 to avoid a vulnerability and dependency resolution to a vulnerable version of url-parse transitive dependency.

Bugfixing - Updated submitters logic, to avoid dropping impressions and events that are being tracked while POST request is pending.

10.19.0 (May 24, 2022)

Added scheduler.telemetryRefreshRate property to SDK configuration, and deprecated scheduler.metricsRefreshRate property.

Updated SDK telemetry storage, metrics and updater to be more effective and send less often.

Bugfixing - Updated default values for scheduler.impressionsRefreshRate config parameter: 300s for OPTIMIZED impression mode and 60s for DEBUG impression mode, in both Browser and NodeJS (previously it was 60s and 300s in Browser and NodeJS respectively, equal for DEBUG and OPTIMIZED impression modes).

10.18.2 (May 6, 2022)

Bugfixing - Removed "ip" dependency to use an inline copy of it that fixes an error when using it in Node v18 (indutny/node-ip#113).

10.18.1 (April 20, 2022)

Updated some dependencies for vulnerability fixes.

Bugfixing - Updated @splitsoftware/splitio-commons package to avoid an error when requiring some third-party dependencies used by the package (Related to issue splitio/javascript-client#662).

Bugfixing - Updated ready method to rejects the promise with an Error object instead of a string value (Related to issue splitio/javascript-client#654).

10.18.0 (April 7, 2022)

Added user consent feature to allow delaying or disabling the data tracking from SDK until user consent is explicitly granted or declined. Read more in our docs.

... (truncated)

Commits

3d03f78 Merge pull request #728 from splitio/development
c4e0ab6 Merge pull request #727 from splitio/migration_polishing
b050500 prepare stable release
2011793 update tests to reduce flakiness
29b7ebf upgrade js-commons and prepare rc
36403fa prepare stable release
32a2005 using ubuntu-20.04
c8be65d rollback ci-cd
14163ca bypass failing tests
92a9604 prepare rc
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [@splitsoftware/splitio](https://github.com/splitio/javascript-client) from 10.17.1 to 10.22.3. - [Release notes](https://github.com/splitio/javascript-client/releases) - [Changelog](https://github.com/splitio/javascript-client/blob/development/CHANGES.txt) - [Commits](splitio/javascript-client@10.17.1...10.22.3) --- updated-dependencies: - dependency-name: "@splitsoftware/splitio" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Dec 19, 2022

dependabot bot mentioned this pull request Dec 19, 2022

build(deps): bump @splitsoftware/splitio from 10.17.1 to 10.22.2 #141

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): bump @splitsoftware/splitio from 10.17.1 to 10.22.3 #157

build(deps): bump @splitsoftware/splitio from 10.17.1 to 10.22.3 #157

Uh oh!

dependabot bot commented on behalf of github Dec 19, 2022

Uh oh!

Uh oh!

build(deps): bump @splitsoftware/splitio from 10.17.1 to 10.22.3 #157

Are you sure you want to change the base?

build(deps): bump @splitsoftware/splitio from 10.17.1 to 10.22.3 #157

Uh oh!

Conversation

dependabot bot commented on behalf of github Dec 19, 2022

Uh oh!

Uh oh!