Skip to content

deps(extension)(deps): bump centrifuge from 3.1.2 to 5.5.3 in /chartsmith-extension#178

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/chartsmith-extension/centrifuge-5.5.3
Closed

deps(extension)(deps): bump centrifuge from 3.1.2 to 5.5.3 in /chartsmith-extension#178
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/chartsmith-extension/centrifuge-5.5.3

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 16, 2025
edited
Loading

Bumps centrifuge from 3.1.2 to 5.5.3.

Release notes

Sourced from centrifuge's releases.

5.5.3

What's Changed

  • General maintenance release to audit and update used dependencies

Full Changelog: centrifugal/centrifuge-js@5.5.2...5.5.3

5.5.2

What's Changed

New Contributors

Full Changelog: centrifugal/centrifuge-js@5.5.1...5.5.2

5.5.1

What's Changed

Full Changelog: centrifugal/centrifuge-js@5.5.0...5.5.1

5.5.0

What's Changed

Full Changelog: centrifugal/centrifuge-js@5.4.0...5.5.0

5.4.0

What's Changed

This version introduces a transition to the minimal build of ProtobufJS, contributed by @​wrangelvid. It speeds up Protobuf encode/decode methods (in our benchmark suite: encode from 5.94 µs/op -> 4.80 µs/op, i.e. 19% improvement, and decode from 2.54 µs/op -> 1.87 µs/op, i.e. 26% improvement). While the minified build of centrifuge-js with Protobuf codec is larger now, the gzipped version is actually 18% smaller.

... (truncated)

Changelog

Sourced from centrifuge's changelog.

5.0.2 and higher

Since centrifuge-js 5.0.2 we do not maintain CHANGELOG.md file.

All changes may be found on releases page on Github.

5.0.1

  • Add missing .hasOwnProperty check when iterating over arrays

5.0.0

In v5 release we are moving to Rollup to build the library. For centrifuge-js this means both ESM and CommonJS support and thus solve some issues when users could not use SDK with their existing toolchains. The migration includes some changes in how we provide Protobuf version of Centrifuge client. That's why we are making a new major v5 release.

For users which work with JSON-based Centrifuge client (default behaviour) the migration to v5 should be smooth and require no code changes.

Users of Protobuf version of the client need to change how they import Centrifuge when using the library. Also, we removed protocol option of Centrifuge instance config object. Imported Protobuf client now automatically uses Protobuf protocol under the hood.

For example, previously, when using Protobuf version of Centrifuge client, you have to import Protobuf client and then provide an option to constructor:

import Centrifuge from 'centrifuge/build/protobuf';
const centrifuge = new Centrifuge('ws://centrifuge.example.com/connection/websocket", {
protocol: 'protobuf'
});

Now this simplifies to:

import { Centrifuge } from 'centrifuge/build/protobuf';
const centrifuge = new Centrifuge('ws://centrifuge.example.com/connection/websocket", {});

Note - changed import and no need to pass protocol: 'protobuf'. See readme for more information about using Protobuf client and constructing binary payloads.

4.1.0

  • Fix types: use Record instead of Map for publication tags and clients field of PresenceResult.

4.0.1

  • Update dependencies. In particular: migrate to the latest protobufjs 7.2.4.

... (truncated)

Commits
  • a5a327a bump to 5.5.3
  • 525b1de Merge pull request #346 from centrifugal/update_deps
  • 2ca9917 update dependencies
  • da652a0 Merge pull request #331 from centrifugal/dependabot/npm_and_yarn/tmp-0.2.4
  • c4334cb Bump to 5.5.2
  • 7e6760a Merge pull request #343 from den1sar/den1sar-fix-instanceof
  • c966e71 Changed instanceof to Array.isArray
  • e0f9400 fix TypeError: localStorage.getItem is not a function on NodeJS 25
  • e263c05 bump to 5.5.1
  • a724178 fix jest
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
deps(extension)(deps): bump centrifuge in /chartsmith-extension
ac45901 
Bumps [centrifuge](https://github.com/centrifugal/centrifuge-js) from 3.1.2 to 5.5.3.
- [Release notes](https://github.com/centrifugal/centrifuge-js/releases)
- [Changelog](https://github.com/centrifugal/centrifuge-js/blob/master/CHANGELOG.md)
- [Commits](centrifugal/centrifuge-js@3.1.2...5.5.3)

---
updated-dependencies:
- dependency-name: centrifuge
  dependency-version: 5.5.3
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added chartsmith-extension dependencies Pull requests that update a dependency file npm labels Dec 16, 2025
@dependabot dependabot bot mentioned this pull request Dec 16, 2025
Closed
@marccampbell
Copy link
Member

marccampbell commented Feb 3, 2026

Closing stale dependabot PR - likely superseded by newer grouped updates

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 3, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/npm_and_yarn/chartsmith-extension/centrifuge-5.5.3 branch February 3, 2026 19:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

chartsmith-extension dependencies Pull requests that update a dependency file npm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@marccampbell