[Snyk] Upgrade chai from 4.3.8 to 4.4.1

[snyk-io]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade chai from 4.3.8 to 4.4.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 4 versions ahead of your current version.

• The recommended version was released 4 months ago, on 2024-01-12.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GETFUNCNAME-5923417	187/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Changed, Exploit Maturity: Proof of Concept, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.00044, Social Trends: No, Days since published: 236, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 6.65, Likelihood: 2.81, Score Version: V5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: chai

• 4.4.1 - 2024-01-12
  

  What's Changed

  • fix: removes ?? for node compat by @ 43081j in #1574

  Full Changelog: v4.4.0...v4.4.1

• 4.4.0 - 2024-01-05
  

  What's Changed

  • Allow deepEqual fonction to be configured globally (4.x.x branch) by @ forty in #1553

  Full Changelog: v4.3.10...v4.4.0

• 4.3.10 - 2023-09-28
  

  This release simply bumps all dependencies to their latest non-breaking versions.

  What's Changed

  • upgrade all dependencies by @ keithamus in #1540

  Full Changelog: v4.3.9...v4.3.10

• 4.3.9 - 2023-09-27
  

  Upgrade dependencies.

  This release upgrades dependencies to address CVE-2023-43646 where a large function name can cause "catastrophic backtracking" (aka ReDOS attack) which can cause the test suite to hang.

  Full Changelog: v4.3.8...v4.3.9

• 4.3.8 - 2023-08-24
  

  What's Changed

  • 4.x.x: Fix link to commit logs on GitHub by @ bugwelle in #1487
  • build(deps): bump socket.io-parser from 4.0.4 to 4.0.5 by @ dependabot in #1488
  • Small typo in test.js by @ mavaddat in #1459
  • docs: specify return type of objDisplay by @ scarf005 in #1490
  • Update CONTRIBUTING.md by @ matheus-rodrigues00 in #1521
  • Fix: update exports.version to current version by @ peanutenthusiast in #1534

  New Contributors

  • @ bugwelle made their first contribution in #1487
  • @ mavaddat made their first contribution in #1459
  • @ scarf005 made their first contribution in #1490
  • @ matheus-rodrigues00 made their first contribution in #1521
  • @ peanutenthusiast made their first contribution in #1534

  Full Changelog: v4.3.7...v4.3.8

from chai GitHub release notes

Commit messages

Package name: chai

• f4b2fbc fix: removes `??` for node compat (#1574)
• 6ef2824 bump version
• fb5fd85 Allow deepEqual fonction to be configured globally (#1553)
• 744a16e 4.3.10
• 0ccd823 upgrade all dependencies (#1540)
• 923d0a4 4.3.9
• 1a0f887 make
• a141e57 upgrade deps

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/[email protected]	None	+3	799 kB	keithamus

🚮 Removed packages: npm/[email protected]

View full report↗︎