AVA version 3.9.0 introduces several updates compared to version 3.8.2, making it a worthwhile upgrade for Node.js developers seeking a reliable and feature-rich test runner. A key change lies in updated dependencies. Most notably, the acorn dependency jumped from version 7.1.1 to 7.3.1, and chalk from 4.0.0 to 4.1.0. Also globby went through a minor version update from 11.0.0 to 11.0.1. Emittery was bumped up from 0.6.0 to 0.7.0. These dependency updates often bring performance improvements, bug fixes, and new features. Developers might find the update of @babel/plugin-proposal-do-expressions from 7.8.3 to 7.10.1 beneficial for leveraging new JavaScript syntax and features. These updates demonstrate AVA's commitment to staying current with the evolving JavaScript ecosystem.
On the devDependencies side of the two versions, we can see an update to c8 from 7.1.2 to 7.2.0, and to xo from 0.30.0 to 0.32.0. typescript was updated from 3.8.3 to 3.9.5, replace-string updated from 3.0.0 to 3.1.0 and p-event from version 4.1.0 to 4.2.0. While seemingly minor, dependency updates often bring significant under-the-hood improvements and security patches that contribute to a more stable and secure testing environment.
Upgrading also aligns developers with the latest best practices and ensures compatibility with newer Node.js versions and related libraries. Using the newest ava version brings benefits like enhanced features, bug fixes, potential performance improvements and security updates.
All the vulnerabilities related to the version 3.9.0 of the package
Got allows a redirect to a UNIX socket
The got package before 11.8.5 and 12.1.0 for Node.js allows a redirect to a UNIX socket.
