AVA 3.13.0 is a minor release over 3.12.1 of this popular Node.js test runner, bringing several dependency updates that enhance the developer experience. In the dependencies section, notable upgrades include del (from 5.1.0 to 6.0.0), mem (from 6.1.0 to 6.1.1), ora (from 5.0.0 to 5.1.0), debug (from 4.1.1 to 4.2.0), yargs (from 15.4.1 to 16.0.3), and pretty-ms (from 7.0.0 to 7.0.1). These updates generally bring performance improvements, bug fixes, and potentially new features within those respective packages.
A key difference is the addition of p-event as a dependency in version 3.13.0, which wasn't present in 3.12.1. This suggests a refined approach to handling asynchronous event-driven scenarios within AVA. In the devDependencies, c8 (coverage tool) moves from 7.3.0 to 7.3.1, xo(linter) from 0.33.0 to 0.33.1 and typescript jumps from 3.9.7 to 4.0.3 . Furthermore, the distribution size has increased slightly (unpackedSize from 247672 to 271847), and the file count went from 48 to 54, indicating potential additions or modifications to the core codebase or included assets. Developers leveraging AVA should consider upgrading to 3.13.0 to benefit from these dependency enhancements, improved asynchronous operations, and potentially enhanced test runner stability and features. Finally, the package was released one month later.
All the vulnerabilities related to the version 3.13.0 of the package
Got allows a redirect to a UNIX socket
The got package before 11.8.5 and 12.1.0 for Node.js allows a redirect to a UNIX socket.
