Skip to content

chore(deps): update dependency jsdom to v20.0.3#132

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/jsdom-20.x
Open

chore(deps): update dependency jsdom to v20.0.3#132
renovate[bot] wants to merge 1 commit intomainfrom
renovate/jsdom-20.x

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Oct 9, 2022

This PR contains the following updates:

Package Change Age Confidence
jsdom 20.0.020.0.3 age confidence

Release Notes

jsdom/jsdom (jsdom)

v20.0.3

Compare Source

  • Updated dependencies, notably w3c-xmlserializer, which fixes using DOMParser on XML documents containing emoji.

v20.0.2

Compare Source

  • Fixed xhr.abort() to no longer give an exception when the constructed XMLHttpRequest was invalid. (whamtet)
  • Fixed event.getModifierState() on MouseEvent and KeyboardEvent instances to properly consult the ctrlKey, altKey, metaKey, and shiftKey properties of the event. (juzerzarif)
  • Fixed custom element creation to not be affected by any modifications to the window.customElements property. (bicknellr)

v20.0.1

Compare Source

  • Improved the performance of appending <option> elements to <select> elements. (TheHound)
  • Fixed location.pathname getter to not crash when the JSDOM instance was created using an opaque-path URL, including the default URL of about:blank.
  • Fixed crypto.getRandomValues() to accept typed array subclasses. (sebamarynissen)
  • Updated various dependency minor versions. Notably, nwsapi fixed some selectors bugs, and tough-cookie fixed some cookie bugs.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/jsdom-20.x branch from 8f6ef18 to eb491cb Compare November 6, 2022 13:51
@renovate renovate bot changed the title chore(deps): update dependency jsdom to v20.0.1 chore(deps): update dependency jsdom to v20.0.2 Nov 20, 2022
@renovate renovate bot force-pushed the renovate/jsdom-20.x branch from eb491cb to bb9d532 Compare March 16, 2023 11:12
@renovate renovate bot changed the title chore(deps): update dependency jsdom to v20.0.2 chore(deps): update dependency jsdom to v20.0.3 Mar 16, 2023
@renovate renovate bot force-pushed the renovate/jsdom-20.x branch from bb9d532 to 97a9b4f Compare August 10, 2025 13:57
@socket-security
Copy link

socket-security bot commented Aug 10, 2025

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatedjsdom@​20.0.0 ⏵ 20.0.397 +2100100 +19570

View full report

@renovate renovate bot force-pushed the renovate/jsdom-20.x branch from 97a9b4f to 84ed16f Compare September 25, 2025 20:22
@renovate renovate bot force-pushed the renovate/jsdom-20.x branch from 84ed16f to e4dd7ed Compare December 31, 2025 13:41
@socket-security
Copy link

socket-security bot commented Dec 31, 2025

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm entities is 91.0% likely obfuscated

Confidence: 0.91

Location: Package overview

From: package-lock.jsonnpm/jsdom@20.0.3npm/entities@6.0.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/entities@6.0.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

@renovate renovate bot force-pushed the renovate/jsdom-20.x branch from e4dd7ed to 6a731e4 Compare January 8, 2026 18:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants