Update dependency puppeteer to v1.13.0 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
puppeteer (source)	1.11.0 -> 1.13.0

GitHub Vulnerability Alerts

CVE-2019-5786

Versions of puppeteer prior to 1.13.0 are vulnerable to the Use-After-Free vulnerability in Chromium (CVE-2019-5786). The Chromium FileReader API is vulnerable to Use-After-Free which may lead to Remote Code Execution.

Recommendation

Upgrade to version 1.13.0 or later.

---

Release Notes

puppeteer/puppeteer

v1.13.0

Compare Source

Big Changes

• Chromium 74.0.3723.0 (r637110)

API Changes

No API changes.

Bug Fixes

• #​3762 - uploadFile in puppeteer-firefox
• #​3889 - firefox: merge Puppeteer-Firefox tests with Puppeteer tests
• #​4011 - Page.Content freezes without error after running 101 times
• #​4102 - Firefox macOS installation fails

Raw Notes

ba5f94d - test: disable flaky cookies test (#​4112)
02b2451 - fix: check if async error has a stack (#​4017)
9db09fe - test: add test to validate redirecting in request.respond (#​4106)
c68df32 - test: add failing test for bad request interception (#​4108)
02859c3 - feat(chromium): roll Chromium to r637110 (#​4099)
bc28f3b - fix(firefox): fix executablePath() on OSX (#​4105)
c9f6a3d - chore(firefox): bump version to v0.5.0 (#​4089)
a6d8ecc - fix(firefox): keyboard tests (#​4082)
e8a4963 - test: cleanup tests (#​4078)
dae998e - fix(firefox): enable domains in a proper order (#​4077)
9ef23b1 - feat(firefox): implement cookies api (#​4076)
03d06f5 - feat(firefox): page.accessibility.snapshot() (#​4071)
f21486f - feat(firefox): implement Page.touchscreen (#​4070)
3541b89 - test: split out all chromium-specific tests into chromiumonly.spec.js (#​4068)
77a4ea5 - test: split out fixture tests and make them work with FF (#​4067)
d04a8d5 - refactor(firefox): split out DOMWorld (#​4066)
4ecbd91 - refactor(firefox): migrate onto ExecutionContext events (#​4064)
56dafd7 - feat: support Response.buffer(), Response.json() and Response.text() (#​4063)
3bea5d6 - feat(firefox): implement browserContext.overridePermissions (#​4060)
f1a14fe - feat(firefox): support elementHandle.uploadFile (#​4058)
1315dc8 - feat(firefox): support Page.emualteMedia (#​4056)
5c81836 - feat(firefox): implement page.exposeFunction (#​4052)
7d39aca - test: split out test for "text" option of ElementHandle.press (#​4051)
ed984ac - chore(firefox): kill original puppeteer-firefox tests (#​4047)
fbf91cc - test(firefox): move AX tests to Chrome-only (#​4042)
a0fd2ce - fix(firefox): enable more tests (#​4037)
03c542a - feat(firefox): implement missing launcher options (#​4036)
719ee5a - feat(firefox): support page.setExtraHTTPHeaders (#​4035)
c118b20 - feat(firefox): basic request interception support (#​4034)
3b18092 - refactor(firefox): migrate onto Juggler flatten protocol (#​4033)
4a4793a - feat(firefox): support Browser.target() (#​4028)
ea482c4 - fix(firefox): properly cleanup networkmanager (#​4024)
9782f9c - fix(firefox): add test to make sure remote browser can be closed (#​4023)
c35821a - feat(firefox): switch over to WebSocket and support multiclient (#​4022)
e0d4a5d - fix(firefox): track frame detachment in navigation watchdog (#​4008)
247733b - fix(firefox): enable more firefox tests (#​4007)
e8f044c - fix(firefox): enable a bunch of evaluation tests (#​4006)
6350cf0 - fix(firefox): report more console messages (including warnings) (#​4005)
0b40d04 - feat(firefox): support running beforeunload hooks when closing (#​4003)
e3b76b2 - feat(firefox): support consoleMessage.location() (#​4002)
2275c3c - fix(firefox): properly round clip when doing element screenshots (#​4001)
670d758 - feat(firefox): support "referer" option in Page.goto (#​4000)
fbf3643 - feat(firefox): support Request.postData (#​3999)
13224a7 - feat(firefox): support Response.securityDetails() (#​3997)
57e7f12 - test: split out tests for security details (#​3996)
31ae1d6 - feat(firefox) support Request.headers() & Response.headers() (#​3993)
89d0f1e - feat(firefox): implement frame.goto / frame.waitForNavigation (#​3992)
f0fba56 - test: split out Response.fromCache/fromServiceWorker (#​3990)
1890dc0 - feat(firefox): Page.waitForRequest/Page.waitForResponse (#​3989)
afb9355 - feat(firefox): basic support for Network (#​3988)
fb9d404 - test(mouse): add failing for test for mobile + cross process navigation (#​3951)
63ea805 - feat(chromium): roll Chromium to r630727 (#​3985)
b82cc15 - feat(firefox): support Page.setJavascriptEnabled (#​3970)
edb6f62 - feat(firefox): support page.setDefaultNavigationTimeout (#​3969)
fc18a79 - feat(firefox): support Page.setUserAgent method (#​3968)
1ce578b - chore(test): remove the server.EMPTY_PAGE2 asset (#​3967)
cfefd61 - feat(firefox): support target.opener() and page.on('popup') (#​3966)
0cf6ab6 - feat(firefox): support page.browserContext() (#​3965)
c64e02e - refactor(firefox): introduce FrameManager (#​3964)
2a7ed1a - fix(firefox): add ExecutionContext to api (#​3963)
a987535 - feat(firefox): implement execution contexts (#​3962)
5696096 - chore(testrunner): newline for toEqual matcher (#​3959)
0bb657c - chore(test): remove --firefox-status flag from tests (#​3956)
07b43ff - chore: remove Juggler from Puppeteer repository (#​3954)
72c0047 - refactor(firefox): introduce /lib/Events (#​3949)
6b18e8c - feat(firefox): introduce async stacks for Puppeteer-Firefox (#​3948)
9216056 - fix(testrunner): fix bad test counter (#​3947)
addd7f4 - chore(testrunner): introduce verbose mode (#​3946)
c33be4c - refactor(firefox): split out JSHandle into a separate file (#​3945)
76eecde - chore(test): remove stray console.log (#​3943)
609e763 - test(firefox): enable screenshot tests for Firefox (#​3942)
49e8704 - test(firefox): enable more tests on Puppeteer-Firefox (#​3937)
9679279 - chore(ci): enable firefox on travis (#​3935)
a762dbe - chore(ci): add Puppeteer-Firefox to CI (#​3932)
6887ad8 - chore: further unify Puppeteer-Firefox tests with Puppeteer (#​3931)
c3b6619 - chore(firefox): readme link to isready site (#​3930)
14fb3e3 - chore(firefox): mark all Puppeteer tests that are failing on FF (#​3924)
86783c2 - chore(firefox): run all tests without "UnhandledPromiseRejection" error (#​3922)
bc71e92 - chore(testrunner): nicer colors for test reporter (#​3921)
1676f99 - chore(firefox): move sources from //lib/firefox to //lib (#​3920)
a210dd7 - chore(testrunner): show 5 slowest tests on CI (#​3919)
00bcecb - chore: increase test timeout to 20 seconds on Appveyour (#​3918)
28087c2 - feat(firefox): support ElementHandle.contentFrame() (#​3917)
dd8bd6d - test(firefox): support Puppeteer-Firefox specific env variables (#​3907)
e100000 - docs(api.md): update versions (#​3916)
a760d79 - chore: bump version to v1.12.2-post (#​3915)

v1.12.2

Compare Source

Big Changes

• Chromium 73.0.3679.0 (r624492)

API Changes

No API changes.

Bug Fixes

• #​3880 - puppeteer stops working with some https URLs
• #​3893 - Puppeteer are now restricted on certain websites?

Raw Notes

9a90107 - chore: mark version v1.12.2
6e1f7dc - feat(chromium): roll chromium to r624492 (#​3909)
69c434a - test(firefox): further unify Puppeteer-Firefox and Puppeteer tests (#​3894)
47fbb11 - test(firefox): add more Puppeteer-Firefox tests to Puppeteer (#​3892)
b5e53fd - test(firefox): add puppeteer-firefox unique evaluation tests (#​3891)
6bb0350 - test(firefox): introduce vendor-specific specs (#​3890)
84fe601 - chore(firefox): run Puppeteer-Firefox against Puppeteer tests (#​3888)
fd67fa7 - test(firefox): run puppeteer-firefox tests in browser contexts (#​3887)
bd34755 - feat(ppfox): implement browser contexts (#​3872)
b0e8084 - chore: bump version to v1.12.1-post (#​3886)

v1.12.1

Compare Source

Big Changes

• Chromium 73.0.3679.0 (r624487)
• un-ship the auto-generated 'd.ts' file since it's inferior to the @​types one.

API Changes

No API changes.

Bug Fixes

• #​3878 - TS: New typings inferior to former @​types ones

Raw Notes

a1abd6c - chore: mark version v1.12.1 (#​3885)
23b7465 - fix(types): disable shipping our own d.ts file (#​3882)
718cdf1 - chore: bump version to v1.12.0-post (#​3876)

v1.12.0

Compare Source

Big Changes

• Chromium 73.0.3679.0 (r624487)
• New page.setDefaultTimeout(timeout) allows controlling default timeout for all page operations.
• Puppeteer now ships a .d.ts file for better TypeScript support. (f2c968f)

API Changes

Added:

• puppeteer.connect() now accepts a new option - 'browserURL' (15af75f)
• page.on('popup') (8aaca4e)
• page.browserContext() (c90392b)
• page.setDefaultTimeout(timeout) (a064a63)
• consoleMessage.location() (0c86763)

Changed:

• page.setContent(html, options) now respects default navigation timeout (a064a63)

Bug Fixes

• #​609 - page.waitForSelector doesn't work on baidu.com
• #​2672 - When the target element width is zero, elementHandle.screenshot does not work.
• #​3029 - Feature request: expose URL and line number for ConsoleMessage object
• #​3261 - frame.evaluate freezes / hangs on detached frames.
• #​3319 - Implement setDefaultWaitTimeout or setDefaultTimeouts
• #​3327 - Puppeteer page.select got error: Cannot read property 'indexOf' of undefined
• #​3537 - Feature proposal: Ability to pass browserUrl to puppeteer.connect
• #​3562 - Better error message for TypeError: Converting circular structure to JSON
• #​3635 - PUPPETEER_DOWNLOAD_HOST poorly named & documented
• #​3665 - Repeated setContent is 50x slower without goto('about:blank') in between than with it
• #​3673 - browser.close hangs with beforeunload dialog
• #​3684 - Puppeteer does not follow javascript redirects - leads to infinite loading of page without timeout
• #​3711 - puppeteer 1.11.0 ignore --proxy-server for localhost URLs
• #​3723 - page.waitForFunction fails because of whitespace
• #​3798 - Ignore intervention header when generating request hash
• #​3812 - pptr-ff: Black screen when building FF
• #​3858 - disable-translate flag replacement
• #​3859 - Emulated devices have old User Agents
• #​3865 - executionContextId is 0 when using multiples connections

Raw Notes

a545059 - chore: mark version v1.12.0
5cca7c0 - fix(types): don't report events as class members (#​3874)
3c516f2 - chore: move static constructor to the top (#​3873)
d89ec00 - fix(ppfox): check directory existance if necessary when running tests (#​3871)
a2f1e27 - fix: ignore console messages from destroyed execution contexts (#​3866)
7001042 - fix(launcher): properly disable translate UI (#​3863)
61bc51c - fix: update device descriptors (#​3862)
a064a63 - feat(page): introduce page.setDefaultTimeout (#​3854)
f2c968f - chore(types): generate our own d.ts file from api.md (#​3744)
63d9ac4 - fix(executioncontext): follow up to properly adopt element handles (#​3857)
55432f8 - fix(page): execute frame.waitFor{Selector,XPath} in secondary world (#​3856)
2061dd4 - fix(page): teach waitForSelector to return null (#​3846)
7446550 - docs(api.md): fix typo (#​3848)
62da236 - chore: introduce //lib/api.js (#​3835)
cd678fb - chore(juggler): Roll Firefox to 120450a (#​3842)
1a79955 - chore(test): prepare tests to be run with Puppeteer-Firefox (#​3833)
7585e6d - docs(api.md): expand puppeteer-core explanation (#​3830)
fb71012 - feat(page): use secondary world to drive clicks (#​3828)
89a5c39 - refactor: move to flatten protocol (#​3827)
678b8e8 - fix(page): use secondary DOMWorld to drive page.select() (#​3809)
c09835f - feat(chromium): roll Chromium to r624487 (#​3817)
9fb89e1 - test: Add test for waitForFunction with cross-process navigation (#​3826)
9fd4b67 - fix(requestinterception): filter out "intervention" header (#​3814)
c48b574 - docs(juggler/readme.md): more troubleshooting for ff on mac (#​3813)
8426102 - docs(troubleshooting): fix bundle directions (#​3808)
a9ad1c3 - docs(juggler/README.md): Add possible solution FF-Build (#​3801)
f8615c8 - feat(chromium): roll Chromium to r623082 (#​3785)
4ac00ca - refactor: split out DOMWorld from Frame (#​3780)
bea26a7 - chore(testrunner): sort workers numerically when terminating (#​3782)
489be90 - test: move tracing tests to one-per-browser (#​3781)
91c4501 - test(coverage): add failing test for skipping all debugger statements (#​3779)
4e1e2fb - fix(screenshot): round the clip dimensions (#​3778)
e574190 - feat(chromium): roll Chromium to r622871 (#​3777)
04fbbd7 - fix(network): relax request matching heuristic (#​3775)
e8bb26e - refactor: split out classes into files (#​3773)
4e9e3bc - refactor: consolidate all events in Events.js (#​3772)
71edfc7 - feat(chromium): roll Chromium to r622472 (#​3771)
9083c11 - fix(frames): make sure evaluation does not hang in detached iframes (#​3770)
02ae552 - chore(ci): another sad attempt to fix travis deployment (#​3769)
2e36b55 - docs(readme): migrate travis.org shield to travis.com (#​3767)
7daeafc - chore(ci): yet another attempt to fix travis auto-deployment (#​3768)
7fabf32 - feat(executioncontext): warn on nested js handle (#​3591)
d346cb5 - chore: cleanup puppeteer.connect({browserURL}) (#​3766)
15af75f - feat(launcher): add browserUrl option to puppeteer.connect (#​3558)
81cf579 - chore(ci): another attempt to fix travis autopublish (#​3759)
f933f59 - chore(ci): attempt to fix travis (#​3758)
96adedf - fix(screenshots): throw on 0x0 screenshots (#​3756)
29a2438 - chore(types): Upgrade TypeScript to 3.2.2 (#​3754)
c44564a - feat(docs): mention puppeteer@chrome tagged releases (#​3528)
0505c81 - test: add test for multiline waittask (#​3753)
f731973 - fix(page): page.waitForFunction should work with multiline strings (#​3727)
89fc2ad - fix(page): consoleMessage.location() should work with workers (#​3752)
0c86763 - feat(page): introduce consoleMessage.location() (#​3365)
16fc28b - test: make sure headful browser closes with beforeuload page (#​3751)
4c48b77 - chore(examples): exclude localhost from proxy bypass list (#​3742)
82bef70 - docs(troubleshooting.md): Update running on Alpine example (#​3708)
1899e79 - feat: enable Network Service by default (#​3738)
c86bc0f - feat(chromium): roll Chromium to r620317 (#​3732)
1e66d33 - docs(api.md): better documentation for PUPPETEER_DOWNLOAD_HOST (#​3669)
3d82465 - fix(page): fix repetitative setContent calls (#​3666)
8aaca4e - feat(page): introduce "Popup" event (#​3661)
c90392b - feat: introduce page.browserContext() (#​3655)
4346fa1 - feat(chromium): roll Chromium to r615489 (#​3653)
0cccc58 - fix: ignore the experimental folder for npm (#​3636)
2c4198f - docs(readme): update experimental readme
c81f03c - docs(readme): fix pptrfx readme (#​3634)
be836be - docs(pptrfx): update readme (#​3633)
b874529 - readme(pptr-firefox): adjustments (#​3632)
45ab3e0 - feat: introduce puppeteer-firefox (#​3628)
8613e87 - docs(troubleshooting.md): Update troubleshooting.md (#​3606)
cdaa604 - docs(examples): adding puppetry tool (#​3598)
68afb3c - docs(troubleshooting): Update docs about copying file for setuid sandbox (#​3608)
45c4477 - chore: bump version to v1.11.0-post (#​3613)

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.