Skip to content

Bump fflate from 0.7.4 to 0.8.2#1826

Merged
larabr merged 1 commit intomainfrom
dependabot/npm_and_yarn/fflate-0.8.2
Feb 11, 2025
Merged

Bump fflate from 0.7.4 to 0.8.2#1826
larabr merged 1 commit intomainfrom
dependabot/npm_and_yarn/fflate-0.8.2

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 11, 2025
edited
Loading

Bumps fflate from 0.7.4 to 0.8.2.

Release notes

Sourced from fflate's releases.

v0.8.2

  • Fixed broken UMD build
  • Fixed edge-case causing skipped data during streaming compression
  • Fixed bug in GZIP streaming on member boundary
  • Improved streaming performance on inconsistent chunk sizes
  • Improved unzip performance on undercompressed archives
  • Added flushing support into streaming API
  • Added backpressure support into async streaming API
    • Use new ondrain handler and queuedSize

v0.8.0

No release notes provided.

Changelog

Sourced from fflate's changelog.

0.8.2

  • Fixed broken UMD build
  • Fixed edge-case causing skipped data during streaming compression
  • Fixed bug in GZIP streaming on member boundary
  • Improved streaming performance on inconsistent chunk sizes
  • Improved unzip performance on undercompressed archives
  • Added flushing support into streaming API
  • Added backpressure support into async streaming API
    • Use new ondrain handler and queuedSize

0.8.1

  • Fixed reallocating on pre-supplied buffer in inflateSync and unzlibSync
  • Minor documentation fixes

0.8.0

  • BREAKING: synchronous decompression functions now take an options object rather than an output buffer as a second parameter
    • inflateSync(compressed, outBuf) is now inflateSync(compressed, { out: outBuf })
  • Support dictionaries in compression and decompression
  • Support multi-member files in GZIP streaming decompression
  • Dramatically improved streaming performance
  • Fixed missing error on certain malformed GZIP files

0.7.3

  • Fix folder creation for certain operating system
    • Create 0-length "files" for each directory specified with "object" syntax"
    • Support empty folders
    • Add options for folders
  • Fix minification in SWC
    • Remove instanceof, no-whitespace assumptions in async functions

0.7.2

  • Fixed TypeScript typing for errors when using strictNullChecks
  • Fixed failure to compress files above 64kB with { level: 0 }
  • Fixed AMD module definition in UMD build

0.7.1

  • Removed requirement for setTimeout
  • Added support for unzip file filters (thanks to @​manucorporat: #67)
  • Fixed streaming gunzip and unzlib bug causing corruption

0.7.0

  • Improved errors
    • Now errors are error objects instead of strings
    • Check the error code to apply custom logic based on error type
  • Made async operations always call callbacks asynchronously
  • Fixed bug that caused errors to not appear in asynchronous operations in browsers

0.6.10

  • Fixed async operations on Node.js with native ESM

0.6.5

  • Fixed streams not recognizing final chunk
  • Fixed streaming UTF-8 decoder bug

0.6.4

  • Made streaming inflate consume all data possible
  • Optimized use of values near 32-bit boundary

0.6.3

  • Patch exports of async functions

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 11, 2025
@dependabot
Bump fflate from 0.7.4 to 0.8.2
d4a622d 
Bumps [fflate](https://github.com/101arrowz/fflate) from 0.7.4 to 0.8.2.
- [Release notes](https://github.com/101arrowz/fflate/releases)
- [Changelog](https://github.com/101arrowz/fflate/blob/master/CHANGELOG.md)
- [Commits](101arrowz/fflate@v0.7.4...v0.8.2)

---
updated-dependencies:
- dependency-name: fflate
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/fflate-0.8.2 branch from b07edde to d4a622d Compare February 11, 2025 12:28
@larabr larabr merged commit e9fe979 into main Feb 11, 2025
13 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/fflate-0.8.2 branch February 11, 2025 12:59
larabr added a commit to larabr/openpgpjs that referenced this pull request Sep 2, 2025
@larabr
Fix zlib compression for data larger than 65KB
cb3a8b7 
Regression introduced in openpgpjs#1826
(v6.2.0) .
Due to internal fflate lib changes, part of the compressed data ended up being discarded,
leading to a corrupted compressed payload for the encrypted/signed message,
which cannot be decompressed.

Compression is disabled by default in openpgpjs.
Hence, the issue affects only users who enabled zlib compression via e.g.
`config.preferredCompressionAlgorithm = openpgp.enums.compression.zlib`
and encrypted or signed data larger than 65KB.
@larabr larabr mentioned this pull request Sep 2, 2025
Merged
larabr added a commit to larabr/openpgpjs that referenced this pull request Sep 2, 2025
@larabr
Fix zlib compression for data larger than 65KB
0ab548c 
Regression introduced in openpgpjs#1826
(v6.2.0) .
Due to internal fflate lib changes, part of the compressed data ended up being discarded,
leading to a corrupted compressed payload for the encrypted/signed message,
which cannot be decompressed.

Compression is disabled by default in openpgpjs.
Hence, the issue affects only users who enabled zlib compression via e.g.
`config.preferredCompressionAlgorithm = openpgp.enums.compression.zlib`
and encrypted or signed data larger than 65KB.
larabr added a commit that referenced this pull request Sep 2, 2025
@larabr
Fix zlib compression for data larger than 65KB (#1894)
93d9df7 
Regression introduced in #1826
(v6.2.0) .
Due to internal fflate lib changes, part of the compressed data ended up being discarded,
leading to a corrupted compressed payload for the encrypted/signed message,
which cannot be decompressed.

Compression is disabled by default in openpgpjs.
Hence, the issue affects only users who enabled zlib compression via e.g.
`config.preferredCompressionAlgorithm = openpgp.enums.compression.zlib`
and encrypted or signed data larger than 65KB.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@larabr larabr larabr approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@larabr