Skip to content

[Snyk] Upgrade bottleneck from 1.16.0 to 2.19.5#4

Open
snyk-bot wants to merge 1 commit intomasterfrom
snyk-upgrade-cb7976f81920ca8cecb8a889fee214d5
Open

[Snyk] Upgrade bottleneck from 1.16.0 to 2.19.5#4
snyk-bot wants to merge 1 commit intomasterfrom
snyk-upgrade-cb7976f81920ca8cecb8a889fee214d5

Conversation

@snyk-bot
Copy link

@snyk-bot snyk-bot commented Jan 28, 2022

Snyk has created this PR to upgrade bottleneck from 1.16.0 to 2.19.5.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

  • The recommended version is 46 versions ahead of your current version.
  • The recommended version was released 2 years ago, on 2019-08-03.
Release notes
Package name: bottleneck
  • 2.19.5 - 2019-08-03
    • Fixes a minor and rare race condition in Clustering due to an inconsistent network. The only negative effects were an error message and an expired job not be retried. Thank you @ gr2m for reporting this issue #132
  • 2.19.4 - 2019-07-17
    • Fixes a few issues with the TypeScript type definitions.
  • 2.19.3 - 2019-07-16
    • Allow directly passing the redis/ioredis module. This fixes an issue for Clustering users that bundle their app, as seen in serverless environments. Thank you @ cliffkoh for the issue #130
  • 2.19.2 - 2019-07-06
    • Fixed an issue when using Redis Cluster and a custom Redis client object. Thank you @ marektihkan for the excellent bug report #129
    • Fixed issue with light bundle, it would broadcast a lot of annoying but harmless exceptions on the error listener. Thank you @ richtera for the excellent bug report #127
    • Updated several (dev) dependencies. Bottleneck continues to have zero run time dependencies.
  • 2.19.1 - 2019-06-08
    • Fixed TypeScript typings

    The "failed" event listener typings did not allow returning undefined/null or Promise<undefined>/Promise<null>.

    Thank you @ dobesv for your contribution!

  • 2.19.0 - 2019-06-01
    • Added the following events: received, queued, scheduled, executing and done.

    They map to Jobs Lifecycle transitions. These events are local to a limiter inside a Cluster, for performance reasons.

    Thank you @ lp-wodell for the feature suggestion! #124

  • 2.18.1 - 2019-05-11
    • Reduced the memory usage of queued jobs by 40%.

    This massive gain is thanks to a refactor of the engine internals. The behavior of this module should be unchanged. If Bottleneck 2.18.1 behaves differently from 2.18.0 in your application, please open an issue.

    • Expired jobs without a catch would not trigger the Node.js "Unhandled Promise Rejection" warning.

    This has been fixed and Node now correctly alerts you, as this points to a bug in your application. async/await users: wrap your jobs into a try/catch at the place where the job is await'ed. Promise users: make sure your jobs have a .catch().

  • 2.18.0 - 2019-04-13

    Added Increase Intervals. Similar to the Refresh Interval, it increases a limiter's reservoir on an interval. Instead of resetting the reservoir to a specific value, it increments the reservoir by a certain value, up to an optional maximum value.

    Thanks @ TheGame2500 and @ tomblanchard for suggesting this feature.

  • 2.17.1 - 2019-03-03

    Optimized Clustering code for use cases where short lived clients are created at a high rate.

  • 2.17.0 - 2019-02-25
    • Bottleneck now ensures that jobs passed to schedule() and wrap() will return a promise, even if it failed with a synchronous exception. It is poor practice in JS to mix synchronous and asynchronous failures in the same flow. Few users will be affected by this change, and those who are affected will now benefit from more reliable code as a result.

    Thank you @ elliot-nelson for this feature #116

    • Bottleneck Clustering now cleans up Redis data from unresponsive clients. This change has no effect on functionality, directly or otherwise. Previously, Bottleneck left the data in Redis to avoid complex race conditions when unresponsive clients reconnect after a delay. As of v2.17.0, those race conditions are explicitly handled and Bottleneck cleans up data on the fly. These changes allowed for several efficiency optimizations. Large scale users should notice improved performance. More details in #115 and #112
  • 2.16.2 - 2019-02-10
  • 2.16.1 - 2019-02-05
  • 2.16.0 - 2019-02-03
  • 2.15.3 - 2019-01-15
  • 2.15.2 - 2019-01-13
  • 2.15.1 - 2019-01-12
  • 2.15.0 - 2018-12-28
  • 2.14.1 - 2018-12-23
  • 2.14.0 - 2018-12-16
  • 2.13.2 - 2018-12-04
  • 2.13.1 - 2018-12-01
  • 2.13.0 - 2018-11-03
  • 2.12.2 - 2018-10-21
  • 2.12.1 - 2018-10-13
  • 2.12.0 - 2018-10-09
  • 2.11.2 - 2018-10-02
  • 2.11.1 - 2018-09-27
  • 2.11.0 - 2018-09-20
  • 2.10.0 - 2018-09-13
  • 2.9.0 - 2018-09-06
  • 2.8.0 - 2018-08-20
  • 2.7.2 - 2018-08-17
  • 2.7.1 - 2018-08-13
  • 2.7.0 - 2018-08-12
  • 2.6.0 - 2018-07-08
  • 2.5.1 - 2018-07-03
  • 2.5.0 - 2018-06-16
  • 2.4.0 - 2018-06-09
  • 2.3.1 - 2018-05-19
  • 2.3.0 - 2018-04-08
  • 2.2.2 - 2018-03-24
  • 2.2.1 - 2018-03-18
  • 2.2.0 - 2018-03-13
  • 2.1.0 - 2018-02-22
  • 2.0.1 - 2018-01-16
  • 2.0.0 - 2018-01-14
  • 1.16.0 - 2017-06-19
from bottleneck GitHub release notes
Commit messages
Package name: bottleneck

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@snyk-bot