chore(deps): bump tar and @mapbox/node-pre-gyp in /packages/server#159
Closed
dependabot[bot] wants to merge 1 commit intomainfrom
Closed
chore(deps): bump tar and @mapbox/node-pre-gyp in /packages/server#159dependabot[bot] wants to merge 1 commit intomainfrom
dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps [tar](https://github.com/isaacs/node-tar) to 7.5.9 and updates ancestor dependency [@mapbox/node-pre-gyp](https://github.com/mapbox/node-pre-gyp). These dependencies need to be updated together. Updates `tar` from 6.1.11 to 7.5.9 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.1.11...v7.5.9) Updates `@mapbox/node-pre-gyp` from 1.0.9 to 2.0.3 - [Release notes](https://github.com/mapbox/node-pre-gyp/releases) - [Changelog](https://github.com/mapbox/node-pre-gyp/blob/master/CHANGELOG.md) - [Commits](mapbox/node-pre-gyp@v1.0.9...v2.0.3) --- updated-dependencies: - dependency-name: tar dependency-version: 7.5.9 dependency-type: indirect - dependency-name: "@mapbox/node-pre-gyp" dependency-version: 2.0.3 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
Contributor
|
Merged into fix/code-review-improvements (#160) to consolidate all updates. |
Contributor
Author
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
bot
deleted the
dependabot/npm_and_yarn/packages/server/multi-e46b564efd
branch
13 tasks
birme
pushed a commit
that referenced
this pull request
Mar 19, 2026
…t coverage (#160) * chore(deps): bump brace-expansion in /packages/server Bumps and [brace-expansion](https://github.com/juliangruber/brace-expansion). These dependencies needed to be updated together. Updates `brace-expansion` from 1.1.11 to 1.1.12 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12) Updates `brace-expansion` from 2.0.1 to 2.0.2 - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](juliangruber/brace-expansion@1.1.11...v1.1.12) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect - dependency-name: brace-expansion dependency-version: 2.0.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps-dev): bump pbkdf2 from 3.1.2 to 3.1.5 in /packages/sdk Bumps [pbkdf2](https://github.com/browserify/pbkdf2) from 3.1.2 to 3.1.5. - [Changelog](https://github.com/browserify/pbkdf2/blob/master/CHANGELOG.md) - [Commits](browserify/pbkdf2@v3.1.2...v3.1.5) --- updated-dependencies: - dependency-name: pbkdf2 dependency-version: 3.1.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump serialize-javascript and mocha in /packages/server Bumps [serialize-javascript](https://github.com/yahoo/serialize-javascript) to 6.0.2 and updates ancestor dependency [mocha](https://github.com/mochajs/mocha). These dependencies need to be updated together. Updates `serialize-javascript` from 6.0.0 to 6.0.2 - [Release notes](https://github.com/yahoo/serialize-javascript/releases) - [Commits](yahoo/serialize-javascript@v6.0.0...v6.0.2) Updates `mocha` from 10.0.0 to 10.8.2 - [Release notes](https://github.com/mochajs/mocha/releases) - [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md) - [Commits](mochajs/mocha@v10.0.0...v10.8.2) --- updated-dependencies: - dependency-name: serialize-javascript dependency-version: 6.0.2 dependency-type: indirect - dependency-name: mocha dependency-version: 10.8.2 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps-dev): bump base-x from 3.0.9 to 3.0.11 in /packages/demo Bumps [base-x](https://github.com/cryptocoinjs/base-x) from 3.0.9 to 3.0.11. - [Commits](cryptocoinjs/base-x@v3.0.9...v3.0.11) --- updated-dependencies: - dependency-name: base-x dependency-version: 3.0.11 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps-dev): bump sha.js from 2.4.11 to 2.4.12 in /packages/sdk Bumps [sha.js](https://github.com/crypto-browserify/sha.js) from 2.4.11 to 2.4.12. - [Changelog](https://github.com/browserify/sha.js/blob/master/CHANGELOG.md) - [Commits](browserify/sha.js@v2.4.11...v2.4.12) --- updated-dependencies: - dependency-name: sha.js dependency-version: 2.4.12 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps-dev): bump cipher-base from 1.0.4 to 1.0.7 in /packages/sdk Bumps [cipher-base](https://github.com/crypto-browserify/cipher-base) from 1.0.4 to 1.0.7. - [Changelog](https://github.com/browserify/cipher-base/blob/master/CHANGELOG.md) - [Commits](browserify/cipher-base@v1.0.4...v1.0.7) --- updated-dependencies: - dependency-name: cipher-base dependency-version: 1.0.7 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump tmp from 0.2.1 to 0.2.5 in /packages/sdk Bumps [tmp](https://github.com/raszi/node-tmp) from 0.2.1 to 0.2.5. - [Changelog](https://github.com/raszi/node-tmp/blob/master/CHANGELOG.md) - [Commits](raszi/node-tmp@v0.2.1...v0.2.5) --- updated-dependencies: - dependency-name: tmp dependency-version: 0.2.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump lodash from 4.17.21 to 4.17.23 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.21...4.17.23) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.17.23 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump semver in /packages/server Bumps and [semver](https://github.com/npm/node-semver). These dependencies needed to be updated together. Updates `semver` from 6.3.0 to 6.3.1 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v6.3.1/CHANGELOG.md) - [Commits](npm/node-semver@v6.3.0...v6.3.1) Updates `semver` from 7.3.5 to 7.7.3 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v6.3.1/CHANGELOG.md) - [Commits](npm/node-semver@v6.3.0...v6.3.1) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v6.3.1/CHANGELOG.md) - [Commits](npm/node-semver@v6.3.0...v6.3.1) --- updated-dependencies: - dependency-name: semver dependency-version: 6.3.1 dependency-type: indirect - dependency-name: semver dependency-version: 7.7.3 dependency-type: indirect - dependency-name: semver dependency-version: 5.7.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump qs and body-parser in /packages/sdk Bumps [qs](https://github.com/ljharb/qs) and [body-parser](https://github.com/expressjs/body-parser). These dependencies needed to be updated together. Updates `qs` from 6.10.3 to 6.14.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.10.3...v6.14.2) Updates `body-parser` from 1.20.0 to 1.20.4 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.0...1.20.4) --- updated-dependencies: - dependency-name: qs dependency-version: 6.14.2 dependency-type: indirect - dependency-name: body-parser dependency-version: 1.20.4 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump ajv and fastify in /packages/server Bumps [ajv](https://github.com/ajv-validator/ajv) to 8.18.0 and updates ancestor dependency [fastify](https://github.com/fastify/fastify). These dependencies need to be updated together. Updates `ajv` from 6.12.6 to 8.18.0 - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](ajv-validator/ajv@v6.12.6...v8.18.0) Updates `fastify` from 3.27.4 to 5.7.4 - [Release notes](https://github.com/fastify/fastify/releases) - [Commits](fastify/fastify@v3.27.4...v5.7.4) --- updated-dependencies: - dependency-name: ajv dependency-version: 8.18.0 dependency-type: indirect - dependency-name: fastify dependency-version: 5.7.4 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * chore(deps): bump tar and @mapbox/node-pre-gyp in /packages/server Bumps [tar](https://github.com/isaacs/node-tar) to 7.5.9 and updates ancestor dependency [@mapbox/node-pre-gyp](https://github.com/mapbox/node-pre-gyp). These dependencies need to be updated together. Updates `tar` from 6.1.11 to 7.5.9 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v6.1.11...v7.5.9) Updates `@mapbox/node-pre-gyp` from 1.0.9 to 2.0.3 - [Release notes](https://github.com/mapbox/node-pre-gyp/releases) - [Changelog](https://github.com/mapbox/node-pre-gyp/blob/master/CHANGELOG.md) - [Commits](mapbox/node-pre-gyp@v1.0.9...v2.0.3) --- updated-dependencies: - dependency-name: tar dependency-version: 7.5.9 dependency-type: indirect - dependency-name: "@mapbox/node-pre-gyp" dependency-version: 2.0.3 dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> * chore(ci): upgrade GitHub Actions to v4 Upgrade actions/checkout and actions/setup-node from v1/v2 to v4 across all workflow files. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(sdk): null-safe regex match handling in util.ts Replace unsafe destructured regex matches with named variables and null guards to prevent runtime errors when patterns do not match. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * feat(server): ISmbProtocol interface, retry resilience, and SMB tests - Extract ISmbProtocol interface for dependency injection and testability - SmbProtocol implements ISmbProtocol - Add withRetry() with exponential backoff for transient errors - Add SmbEndpoint interface (typed endpoint response) - Add authHeaders getter to centralise API key handling - getEndpoints now returns SmbEndpoint[] and throws on non-OK (not silent []) - deleteEndpoint now throws on non-OK (not silent false) - Remove console.log before throws; include HTTP status in error messages - broadcasterClient: throw on non-OK removeChannel response - sfuWhipResource: use ISmbProtocol instead of concrete SmbProtocol - Export ISmbProtocol from package index - Add smbProtocol.spec.ts with 7 tests covering error paths and interface conformance Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(server): modernise Fastify 5 plugin patterns and remove fetch polyfills - Remove node-fetch and cross-fetch dependencies in favour of native fetch (Node 18+) - Remove custom fetch fallback function in smbProtocol.ts - Migrate whipFastifyApi.ts to async plugin signature (Fastify 5 pattern) - Replace callback-based onRequest hook with async/throw error handling - Migrate from fastify-cors to @fastify/cors with ES6 import - Update server.listen() to object options API - Upgrade fastify 3.x → 5.x and typescript 4.x → 5.x - Add 4 test spec files covering WhipFastifyApi, WrtcWhipResource, RtmpWrtcWhipResource, and RtspWrtcWhipResource (66 tests, all passing) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * chore(deps): regenerate package-lock.json after merging dependabot updates Regenerated packages/server/package-lock.json to ensure consistency after merging 12 dependabot PRs (#146-#159). Also apply stashed root/sdk package.json and package-lock.json changes. * feat(demo): redesign UI with dark sidebar layout and status indicators Replace the new.css classless-framework demo with a custom dark-themed interface inspired by broadcast tooling: - Sidebar layout: 300px left panel with Connection and Capture cards, main area with video preview and resource list - Status pill in header: Idle / Connecting… / Live with animated dot - Share button: copies shareable endpoint URL to clipboard via navigator.clipboard, replacing the read-only URL input field - Video placeholder: overlay icon + text hidden once a stream starts - Resource cards: live dot, monospace URL, extension links with rel badges, Delete button — replaces the plain <details> elements - Toast notifications: slide-up messages for stream start, delete, and clipboard copy results - Self-contained CSS: removes CDN dependencies (new.css, xz.style Inter font), uses system font stack with CSS custom properties - Responsive: collapses to single-column below 760px - Preserves all existing functionality: URL param sync, channelId / b64json hidden params, ICE config, environment defaults Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(server): add missing undici-types peer dependency for @types/node v20 @types/node ^20 requires undici-types to be present in node_modules for its fetch/worker_threads type declarations. Without it tsc fails with TS2307 "Cannot find module 'undici-types'" during lerna bootstrap. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * feat(demo): make video player fill content area, compact resources strip - .video-area: flex: 1 so it fills remaining height instead of shrinking - #ingest: height: 100%, removed max-height cap - .resources-pane: fixed 160px height at bottom, tighter padding - .section-header: margin-bottom 12px → 8px to fit compact pane Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(demo): prevent video overflow when stream is active Use position: absolute; inset: 0 on #ingest instead of height: 100%. A block-level video element with height: 100% doesn't reliably stay within flex bounds once a real stream with natural dimensions loads. Absolute positioning inside the already-constrained position: relative + overflow: hidden .video-area container prevents any overflow. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * feat(demo): move Active Resources into sidebar below Capture - Relocate .resources-pane from .content into .aside sidebar - .resources-pane now uses flex: 1 to fill remaining sidebar height - Video area loses border-bottom and occupies the full content column - Tighten empty-state padding and icon size to suit the narrower panel Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(server): register SDP content-type parsers at root server level In Fastify 5, content-type parsing is resolved before plugin-scope parsers are consulted. Parsers registered only inside whipFastifyApi (a scoped plugin) were therefore invisible at parse time, causing Fastify to throw FST_ERR_CTP_INVALID_MEDIA_TYPE (415) for every incoming WHIP POST with Content-Type: application/sdp. Fix: register application/sdp and application/trickle-ice-sdpfrag parsers directly on the root FastifyInstance in WhipEndpoint so they are available globally before any plugin scope is entered. The plugin-level registrations remain for backwards compatibility. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: remove duplicate Fastify 5 content-type parsers and HEAD routes - Remove duplicate application/sdp and application/trickle-ice-sdpfrag parsers from whipFastifyApi plugin (already registered at root level in whipEndpoint.ts to fix Fastify 5 scoping) - Remove explicit HEAD route handlers for /whip/:type and /whip/:type/:resourceId — Fastify 5 auto-registers HEAD for every GET route, causing FST_ERR_DUPLICATED_ROUTE on startup Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: health check initial delay, resilient destroy, revert docker IPV4_ADDR - sfuWhipResource: delay first checkChannelHealth by 15s instead of calling immediately — the previous behaviour checked ICE state at t=0 when the ingest endpoint is still in 'new'/'checking' state, causing spurious FAILED detection and immediate session teardown - sfuWhipResource: wrap destroy() SFU calls in try/catch so DELETE returns 200 instead of 500 when the SFU has already cleaned up (e.g. health check ran first); cancel the health timer before any async operations - sfuWhipResource: replace forEach+async in health check and destroy with for..of so errors are catchable per-element - docker-compose-sfu: revert IPV4_ADDR back to 127.0.0.1 — 0.0.0.0 is an invalid ICE candidate address and causes browsers to discard all SFU candidates; Docker Desktop on macOS handles the UDP port mapping correctly with 127.0.0.1 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(sdk): replace Karma with mocha+ts-node to fix test suite karma-typescript 5.5.4 fails to bundle CommonJS modules when TypeScript target is "esnext", leaving `exports` undefined in the browser runner (ReferenceError: exports is not defined at WHIPProtocol.js:2). Switch @eyevinn/whip-web-client tests to mocha + ts-node (same pattern as the server package). All six WHIPClient tests now run in Node.js: - TS_NODE_COMPILER_OPTIONS forces "module":"commonjs" for ts-node - spec/setup.js stubs RTCSessionDescription, RTCPeerConnection, MediaStream and MediaStreamTrack so ts-mockito can mock them and top-level spec fixtures can call `new RTCSessionDescription()` - ts-node added as devDependency (was missing, needed by mocha --require) - karma.conf.js retained but unused; test script updated 6 tests passing (was 0 — karma runner produced no results) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(sdk): upgrade typedoc to 0.28.x for TypeScript 5 compatibility typedoc@0.23.24 only supports TypeScript 4.6-4.9; upgrading to 0.28.17 which explicitly lists TypeScript 5.9.x in its peer dependencies, and updating typedoc-theme-hierarchy to 6.0.0 which requires typedoc ^0.28.0. This unblocks npm ci in CI environments. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(server): lazy-load @koush/wrtc to prevent native build in CI, suppress test logs, add job timeout - Replace static `import { RTCPeerConnection } from "@koush/wrtc"` with a dynamic require() inside the constructor, guarded behind the pcFactory branch so the native binary is never loaded when a mock is injected. - Add pcFactory parameter to WrtcWhipResource, RtspWrtcWhipResource and RtmpWrtcWhipResource constructors; update all three test subclasses to pass a factory instead of reassigning this.pc after super(). - Add spec/hooks.ts Mocha root hooks file that silences console.log during tests to prevent SDP/ICE payloads from polluting terminal output. - Wire hooks.ts into the test script via --require spec/hooks.ts. - Add timeout-minutes: 10 to the unit-tests CI job to prevent hung runs. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: null-safety in SDP parsing, connectionfailed event, and demo reconnect UI - fix(server): guard optional chaining on all .at(0) SSRC/RTP lookups and skip media sections with no ssrcs to prevent runtime crashes on unexpected SDP shapes (sfuWhipResource.ts) - fix(sdk): emit 'connectionfailed' event before destroy() so callers can react to peer-connection failure without polling; drop verbose SDP log in sendOffer() - fix(demo): handle 'connectionfailed' by cleaning up card/status and showing a persistent toast with a Reconnect action that re-acquires media and creates a new WHIPClient; show video controls only while streaming; pass endpointUrl and clientOpts through ingest/createResourceCard so reconnection works correctly - fix(demo): widen toast to 480px, add close button and action-button styles for persistent actionable toasts - fix(docker-compose-sfu): set IPV4_ADDR to host machine IP (192.168.1.192) so SFU advertises reachable ICE candidates instead of loopback Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * revert(docker): restore docker-compose-sfu.yml to main state Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * docs: update README screenshot to hosted GitHub asset Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * chore(deps): bump lerna to 9.0.5 and fast-xml-parser to 4.5.4 Incorporates dependabot security fixes from PRs #161 and #162. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * fix: remove lerna bootstrap postinstall script incompatible with v9 lerna bootstrap was removed in v7 and fully dropped in v9. Native npm workspaces handle dependency installation automatically. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * fix: add npm workspaces to replace lerna bootstrap in v9 lerna v9 no longer handles package installation via bootstrap. Declaring workspaces lets npm ci hoist all sub-package deps (including mocha) into the root node_modules. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * fix: bump @types/node to ^22.0.0 for TypeScript 5 workspace compatibility With npm workspaces, @types/node is hoisted from the root to all packages. The previous @types/node@17 is incompatible with TS5's generic Uint8Array and causes build failures in packages/server. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * fix: replace @koush/wrtc with @roamhq/wrtc for Alpine/musl compatibility @koush/wrtc ships glibc-compiled binaries (linked against ld-linux-x86-64.so.2) that fail on Alpine Linux / musl libc environments with: Error loading shared library ld-linux-x86-64.so.2: No such file or directory Replace with @roamhq/wrtc@^0.10.0 which is an actively maintained fork with the same RTCPeerConnection API. Also update the Dockerfile to node:22-bookworm-slim (Debian/glibc) to make the glibc requirement explicit and prevent accidental base image changes to Alpine variants. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: replace remaining @koush/wrtc imports with @roamhq/wrtc Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix: add skipLibCheck to suppress @roamhq/wrtc type declaration conflicts * Revert "fix: add skipLibCheck to suppress @roamhq/wrtc type declaration conflicts" This reverts commit b3aaf76. * Revert "fix: replace remaining @koush/wrtc imports with @roamhq/wrtc" This reverts commit ad9063e. * Revert "fix: replace @koush/wrtc with @roamhq/wrtc for Alpine/musl compatibility" This reverts commit e4a8cfd. * chore: update gitignore with local yml * chore: add OSC deployment scripts and static server Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * fix(demo): add input:not([type]) selector to survive Parcel minification Parcel's HTML minifier strips the redundant type="text" attribute from <input> elements during production builds (type=text is the HTML default). The CSS selector input[type="text"] only matches elements with the attribute explicitly present, so the styles were silently discarded in the production build while working fine in the Parcel dev server (which serves unminified HTML). Fix: extend all three input rules to also include input:not([type]), which matches inputs where Parcel has removed the type attribute. The checkbox input retains type=checkbox and is correctly excluded by the :not([type]) selector. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * revert: restore root start script to lerna orchestration Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * feat(demo): add active resources panel, capture-type icons, and improved error handling - Add active resource cards with camera/screen icons based on capture type - Show Channel:<id> label when URL contains channelId param - Add loading resource card while connecting; remove on failure - Show player content immediately on connect attempt; hide on failure - Show toast on connection failure - Remove default WHIP endpoint URL; add .env.local support with sample - Fix status pill and resource URL vertical centering (line-height: normal) - Align footer height and idle button size to webrtc-player demo Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * chore: point root start script to demo server for OSC deployment Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * revert: restore root start script to lerna orchestration Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * chore: point root start script to demo server for OSC deployment Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * revert: restore root start script to lerna orchestration Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps tar to 7.5.9 and updates ancestor dependency @mapbox/node-pre-gyp. These dependencies need to be updated together.
Updates
tarfrom 6.1.11 to 7.5.9Release notes
Sourced from tar's releases.
Changelog
Sourced from tar's changelog.
... (truncated)
Commits
1f0c2c97.5.9fbb0851build minified version as default export6b8eba07.5.82cb1120fix(unpack): improve UnpackSync symlink error "into" path accuracyd18e4e1fix: do not write linkpaths through symlinks4a37eb97.5.7f4a7aa9fix: properly sanitize hard links containing ..394ece67.5.67d4cc17fix race puting a Link ahead of its target File26ab9047.5.5Maintainer changes
This version was pushed to npm by isaacs, a new releaser for tar since your current version.
Install script changes
This version adds
preparescript that runs during installation. Review the package contents before updating.Updates
@mapbox/node-pre-gypfrom 1.0.9 to 2.0.3Release notes
Sourced from
@mapbox/node-pre-gyp's releases.Changelog
Sourced from
@mapbox/node-pre-gyp's changelog.Commits
3d81280v2.0.3 (#926)0f21f19Revert "Bump nopt from 8.0.0 to 9.0.0 (#919)" (#925)5b98d61Bump actions/checkout from 5 to 6 (#922)82ec643Support private S3 buckets (#923)c842373Bump nopt from 8.0.0 to 9.0.0 (#919)97dbf3aBump@mapbox/cloudfriendfrom 8.1.0 to 9.0.0 (#910)aa397bdUpdate dependency tar-fs to v3.1.1 (#921)de8ff62Bump github/codeql-action from 3 to 4 (#917)0c67860Bump actions/setup-node from 4 to 6 (#918)509847bBump actions/checkout from 4 to 5 (#914)Maintainer changes
This version was pushed to npm by mbx-npm-03-production, a new releaser for
@mapbox/node-pre-gypsince your current version.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.