Bump chai from 4.5.0 to 5.1.1

[dependabot]

Bumps chai from 4.5.0 to 5.1.1.

Release notes

Sourced from chai's releases.

v5.1.1

What's Changed

• Set up ESLint for JSDoc comments by @​koddsson in chaijs/chai#1605
• build(deps-dev): bump ip from 1.1.8 to 1.1.9 by @​dependabot in chaijs/chai#1608
• Correct Mocha import instructions by @​MattiSG in chaijs/chai#1611
• fix: support some virtual contexts in toThrow by @​43081j in chaijs/chai#1609

New Contributors

• @​MattiSG made their first contribution in chaijs/chai#1611

Full Changelog: chaijs/chai@v5.1.0...v5.1.1

v5.1.0

What's Changed

• Remove useless guards and add parentheses to constuctors by @​koddsson in chaijs/chai#1593
• Cleanup jsdoc comments by @​koddsson in chaijs/chai#1596
• Convert comments in "legal comments" format to jsdoc or normal comments by @​koddsson in chaijs/chai#1598
• Implement iterable assertion by @​koddsson in chaijs/chai#1592
• Assert interface fix by @​developer-bandi in chaijs/chai#1601
• Set support in same members by @​koddsson in chaijs/chai#1583
• Fix publish script by @​koddsson in chaijs/chai#1602

New Contributors

• @​developer-bandi made their first contribution in chaijs/chai#1601

Full Changelog: chaijs/chai@v5.0.3...v5.1.0

v5.0.3

Fix bad v5.0.2 publish.

Full Changelog: chaijs/chai@v5.0.2...v5.0.3

v5.0.2

What's Changed

• build(deps): bump nanoid and mocha by @​dependabot in chaijs/chai#1558
• remove bump-cli by @​koddsson in chaijs/chai#1559
• Update developer dependencies by @​koddsson in chaijs/chai#1560
• fix: removes ?? for node compat (5.x) by @​43081j in chaijs/chai#1576
• Update loupe to latest version by @​koddsson in chaijs/chai#1579
• Re-enable some webkit tests by @​koddsson in chaijs/chai#1580
• Remove a bunch of if statements in test/should.js by @​koddsson in chaijs/chai#1581
• Remove a bunch of unused files by @​koddsson in chaijs/chai#1582
• Fix 1564 by @​koddsson in chaijs/chai#1566

Full Changelog: chaijs/chai@v5.0.1...v5.0.2

v5.0.0

BREAKING CHANGES

• Chai now only supports EcmaScript Modules (ESM). This means your tests will need to either have import {...} from 'chai' or import('chai'). require('chai') will cause failures in nodejs. If you're using ESM and seeing failures, it may be due to a bundler or transpiler which is incorrectly converting import statements into require calls.

... (truncated)

Commits

• 37263c0 fix: support some virtual contexts in toThrow (#1609)
• 91e58ed Correct Mocha import instructions (#1611)
• 61159d1 build(deps-dev): bump ip from 1.1.8 to 1.1.9 (#1608)
• 8475d2a Set up ESLint for JSDoc comments (#1605)
• 936c0ca 5.1.0
• 2cf92f5 Fix publish script (#1602)
• 1ba37b5 Set support in same members (#1583)
• f224339 Assert interface fix (#1601)
• d504573 Implement iterable assertion (#1592)
• 640d932 Convert comments in "legal comments" format to jsdoc (#1598)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/assertion-error	2.0.1	🟢 4.7	Details Check Score Reason Code-Review 🟢 6 Found 17/25 approved changesets -- score normalized to 6 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
npm/chai	5.1.1	🟢 4.6	Details Check Score Reason Code-Review 🟢 6 Found 17/25 approved changesets -- score normalized to 6 Maintained 🟢 3 3 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 3 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy ⚠️ 0 security policy file not detected Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Packaging ⚠️ -1 packaging workflow not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
npm/check-error	2.1.1	🟢 3.7	Details Check Score Reason Code-Review 🟢 8 Found 15/18 approved changesets -- score normalized to 8 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 39 existing vulnerabilities detected
npm/deep-eql	5.0.2	🟢 3.3	Details Check Score Reason Code-Review 🟢 5 Found 14/26 approved changesets -- score normalized to 5 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 20 existing vulnerabilities detected
npm/loupe	3.1.1	🟢 3.7	Details Check Score Reason Code-Review 🟢 8 Found 24/30 approved changesets -- score normalized to 8 Maintained ⚠️ 0 1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 53 existing vulnerabilities detected
npm/pathval	2.0.0	🟢 3.2	Details Check Score Reason Code-Review 🟢 8 Found 8/9 approved changesets -- score normalized to 8 Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow ⚠️ -1 no workflows found Token-Permissions ⚠️ -1 No tokens found Pinned-Dependencies ⚠️ -1 no dependencies found Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 57 existing vulnerabilities detected
npm/chai	^5.1.1	🟢 4.6	Details Check Score Reason Code-Review 🟢 6 Found 17/25 approved changesets -- score normalized to 6 Maintained 🟢 3 3 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 3 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Security-Policy ⚠️ 0 security policy file not detected Signed-Releases ⚠️ -1 no releases found Fuzzing ⚠️ 0 project is not fuzzed Packaging ⚠️ -1 packaging workflow not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 7 3 existing vulnerabilities detected

Scanned Manifest Files

package-lock.json

• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]
• [email protected]

package.json

• chai@^5.1.1
• chai@^4.5.0

[Lomilar]

@dependabot rebase