Skip to content

Releases: hypothesis/client

v1.1766.0

v1.1766.0 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 01 Jul 17:35
revert: roll back client transitive-resolutions (#7557, #7560)

Reverts the resolutions block to restore the last-known-good build output.
#7557's build-tool pins (serialize-javascript v6->v7 etc.) changed the
generated inline bootstrap script's bytes, so its sha256 no longer matched
the CSP script-src hash allowlist the backend serves -> browser blocked the
inline script -> broken client in production (CSP violation).

Restores package.json + yarn.lock to 63075201 (pre-#7557). Security pins will
be re-applied carefully, excluding the ones that alter build output / CSP hash.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

v1.1765.0

v1.1765.0 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 01 Jul 16:58
fix(deps): drop fast-xml-parser pin breaking the S3 deploy

The fast-xml-parser 5.7.0 resolution added in #7557 broke the client Release
pipeline at 'Deploy to S3': @aws-sdk's XML response parser (fast-xml-parser
5.7.0) rejects the '&#xD;' entity in S3's XML reply ([EntityReplacer] Invalid
character '#' in entity name: '#xD'). Deploy isn't in PR CI, so it passed
review and only failed post-merge on main.

fast-xml-parser here is deploy-tooling only (@aws-sdk in scripts/deploy-to-s3.js),
not shipped. Its CVEs are in the XMLBuilder (write path, unused by @aws-sdk) or
need untrusted XML input (@aws-sdk parses trusted S3 responses) -> LOW and not
reachable. Reverting to the @aws-sdk-compatible 5.2.5 restores the working
deploy; the proper long-term fix is bumping @aws-sdk itself.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

v1.1764.0

v1.1764.0 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 30 Jun 19:32
build(deps-dev): bump @vitest/* group to 4.1.9 (Vanta critical remedi…

v1.1763.0

v1.1763.0 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 28 May 18:04
build(deps-dev): bump postcss from 8.5.6 to 8.5.10

Bumps [postcss](https://github.com/postcss/postcss) from 8.5.6 to 8.5.10.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.5.6...8.5.10)

---
updated-dependencies:
- dependency-name: postcss
  dependency-version: 8.5.10
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

v1.1762.0

v1.1762.0 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 26 May 14:39
build(deps-dev): bump the tailwind group across 1 directory with 2 up…

v1.1761.0

v1.1761.0 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 25 May 15:13
build(deps-dev): bump the vitest group across 1 directory with 5 updates

Bumps the vitest group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@vitest/browser](https://github.com/vitest-dev/vitest/tree/HEAD/packages/browser) | `4.0.15` | `4.1.7` |
| [@vitest/browser-playwright](https://github.com/vitest-dev/vitest/tree/HEAD/packages/browser-playwright) | `4.0.15` | `4.1.7` |
| [@vitest/coverage-istanbul](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-istanbul) | `4.0.15` | `4.1.7` |
| [@vitest/eslint-plugin](https://github.com/vitest-dev/eslint-plugin-vitest) | `1.5.2` | `1.6.17` |
| [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.0.15` | `4.1.7` |



Updates `@vitest/browser` from 4.0.15 to 4.1.7
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.7/packages/browser)

Updates `@vitest/browser-playwright` from 4.0.15 to 4.1.7
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.7/packages/browser-playwright)

Updates `@vitest/coverage-istanbul` from 4.0.15 to 4.1.7
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.7/packages/coverage-istanbul)

Updates `@vitest/eslint-plugin` from 1.5.2 to 1.6.17
- [Release notes](https://github.com/vitest-dev/eslint-plugin-vitest/releases)
- [Commits](https://github.com/vitest-dev/eslint-plugin-vitest/compare/v1.5.2...v1.6.17)

Updates `vitest` from 4.0.15 to 4.1.7
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.7/packages/vitest)

---
updated-dependencies:
- dependency-name: "@vitest/browser"
  dependency-version: 4.0.18
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vitest
- dependency-name: "@vitest/browser-playwright"
  dependency-version: 4.0.18
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vitest
- dependency-name: "@vitest/coverage-istanbul"
  dependency-version: 4.0.18
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vitest
- dependency-name: "@vitest/eslint-plugin"
  dependency-version: 1.6.6
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: vitest
- dependency-name: vitest
  dependency-version: 4.0.18
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vitest
...

Signed-off-by: dependabot[bot] <support@github.com>

v1.1760.0

v1.1760.0 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 21 May 16:16
fix comments

v1.1759.0

v1.1759.0 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 21 May 14:40
build(deps-dev): bump rollup from 4.53.3 to 4.59.0

Bumps [rollup](https://github.com/rollup/rollup) from 4.53.3 to 4.59.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.53.3...v4.59.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

v1.1758.0

v1.1758.0 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 18 May 14:49
  • Fix sentry-cli syntax #7536

v1.1757.0

v1.1757.0 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 07 May 13:49
build(deps): bump flatted from 3.3.1 to 3.4.2

Bumps [flatted](https://github.com/WebReflection/flatted) from 3.3.1 to 3.4.2.
- [Commits](https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.2)

---
updated-dependencies:
- dependency-name: flatted
  dependency-version: 3.4.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>