Bump electron from 20.3.3 to 20.3.4 (!134) · Merge requests · Geoxor / Amethyst

Geoxor requested to merge dependabot/npm_and_yarn/electron-20.3.4 into master Nov 03, 2022

Created by: dependabot[bot]

Bumps electron from 20.3.3 to 20.3.4.

Release notes

electron v20.3.4

Release Notes for v20.3.4

Fixes

Fixed spurious promise rejection in webContents.loadURL when navigating to a hash. #36149 (Also in 21, 22)

Other Changes

Security: backported fix for 1356234. #36220

Security: backported fix for 1364604. #36080

Security: backported fix for 1368076. #36085

Security: backported fix for CVE-2022-3448. #36079

Security: backported fix for CVE-2022-3450. #36078

Security: backported fix for CVE-2022-3652. #36206

Security: backported fix for CVE-2022-3653. #36210

Commits

f8ab274 chore: cherry-pick b8636b57b8f2 from angle (#36210)
d844933 chore: cherry-pick 194bcc127f21 from v8 (#36206)
30046ca chore: cherry-pick 67c9cbc784d6 from chromium (#36220)
98ab127 build: use python3 for appveyor commands (#36231)
1008774 docs: Fixed outdated documentation (uploading to App Store) (#36211)
782e5ad build: fix building with enable_plugins = false (#36005)
806d084 fix: resolve loadURL properly for in-page navigations (#36149)
bdf6126 build: determine electron version from tags not files (#36136)
378110b build: prefix version in uploader script (#36176)
117b264 test: fixup HID test for ARM CI (#36171)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bump electron from 20.3.3 to 20.3.4

electron v20.3.4

Release Notes for v20.3.4

Fixes

Other Changes

Merge request reports