AVA version 3.7.0 represents a minor update focusing primarily on dependency upgrades compared to the preceding version 3.6.0. Developers considering migrating should be aware of these changes, particularly in the devDependencies. The most notable difference lies in the updated versions of development tools. For instance, "xo" jumps from version 0.28.2 to 0.29.1, potentially introducing new linting rules or stylistic changes enforced during development. "sinon" also sees a minor update from 9.0.1 to 9.0.2, which could address bug fixes or minor feature enhancements within the mocking and stubbing library. Most important is the typescript update, which goes from version 3.7.5 to 3.8.3, with all of the improvements attached to the new version.
While the core dependencies remain largely consistent, the development environment enhancements suggest a continued commitment to code quality and modern JavaScript practices. This upgrade likely incorporates performance improvements, bug fixes, and potentially new features available in the updated dev dependencies. Specifically, given the focus of AVA on testing, upgrades to testing-related devDependencies like xo and typescript may be of importance to the developer.
For developers already utilizing AVA, upgrading to 3.7.0 should prove straightforward assuming compatibility with the updated development tools. It's recommended to review the changelogs for "xo" and "typescript" to understand the specific changes introduced and ensure seamless integration within their existing workflow. The increase in unpacked size is negligible and should therefore be taken into account.
All the vulnerabilities related to the version 3.7.0 of the package
Got allows a redirect to a UNIX socket
The got package before 11.8.5 and 12.1.0 for Node.js allows a redirect to a UNIX socket.
