Bump ws and thrift

[dependabot]

Bumps ws to 5.2.3 and updates ancestor dependency thrift. These dependencies need to be updated together.

Updates ws from 0.4.32 to 5.2.3

Release notes

Sourced from ws's releases.

5.2.3

Bug fixes

• Backported 00c425ec to the 5.x release line (76d47c14).

5.2.2

Bug fixes

• Fixed a use after invalidation bug introduced in 6046a28 (8aba871).

5.2.1

Bug fixes

• Fixed a bug that could prevent buffered data from being processed under certain circumstances (6046a28).

5.2.0

Features

• Added ability to specify custom headers when rejecting the handshake (#1379).

5.1.1

Bug fixes

• Fixed a regression introduced in 9e152f9 (#1347).

5.1.0

Features

• The address argument of the WebSocket constructor can now be a URL instance (#1329).
• The options argument of the WebSocket constructor now accepts any TLS option that is also accepted by https.request() (#1332).

5.0.0

Breaking changes

• Dropped support for Node.js < 4.5.0 (#1313).
• The connection is no longer closed if the server does not agree to any of the client's requested subprotocols (#1312).
• net.Socket errors are no longer re-emitted (a4050db).

Features

• Read backpressure is now properly handled when permessage-deflate is enabled (#1302).

... (truncated)

Commits

• 6dd88e7 [dist] 5.2.3
• 76d47c1 [security] Fix ReDoS vulnerability
• 5d55e52 [dist] 5.2.2
• 8aba871 [fix] Fix use after invalidation bug
• 175ce46 [dist] 5.2.1
• 307be7a [fix] Remove the 'data' listener when the receiver emits an error
• 6046a28 [fix] Do not prematurely remove the listener of the 'data' event
• bf9b2ec chore(package): update nyc to version 12.0.2 (#1395)
• bcab531 chore(package): update eslint-plugin-promise to version 3.8.0 (#1389)
• e4d032c [dist] 5.2.0
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by lpinca, a new releaser for ws since your current version.

Updates thrift from 0.9.3 to 0.19.0

Changelog

Sourced from thrift's changelog.

0.19.0

Known Open Issues (Blocker or Critical)

• THRIFT-3877 - C++ library don't work with HTTP (csharp server, cpp client; need cross test enhancement)
• THRIFT-5468 - Swift service generator doesn't support oneway
• THRIFT-5654 - LNK4042 and LNK2019 in go_validator_generator.cc

Build Process

• THRIFT-5701 - Add dependabot

C++

• THRIFT-5725 - Thrift SSL server stops working if the file descriptor returned is zero
• THRIFT-5716 - TMemoryBuffer resizing might shrink the buffer size due to uint32_t overflow

Compiler (General)

• THRIFT-5690 - Constant expects type to be defined before

Delphi

• THRIFT-5686 - Add comparer and capacity arguments to container classes

Go

• THRIFT-5731 - Handle ErrAbandonRequest automatically

Haxe

• THRIFT-5717 - uuid sets and map keys may throw on some Haxe targets
• THRIFT-5704 - Superfluous block scope in generated write() code
• THRIFT-5703 - Haxe 4.30 emits "Local variable retval used without being initialized" on generated code
• THRIFT-5692 - Support for deprecated methods (via annotation)
• THRIFT-5707 - deprecation warning fixes for @:extern and @:enum

Java

• THRIFT-5700 - Migration to JakartaEE and Apache HttpComponents 5
• THRIFT-5711 - FutureClient does not extend when service extends from another service
• THRIFT-5702 - Support Java 8
• THRIFT-5696 - TByteBuffer.java does not allow non-default TConfiguration
• THRIFT-5653 - Fix Java UUID typeid

JavaScript

• THRIFT-5674 - Server implementation exceptions are not sent to client in ES6 promise-style invocation

... (truncated)

Commits

• 5656208 release 0.19.0
• 291b560 THRIFT-5653: Fix Java UUID typeid
• ee1a7ea THRIFT-5731: Handle ErrAbandonRequest automatically
• 4ca47e0 fix kotlin cross test by downgrading to java 8 (#2840)
• 79c5602 Update supported go versions to 1.20 and 1.21
• 628023c fix gradle format
• fd60a9a reformat kotlin files
• 30b31aa Release 0.19.0
• f5a6752 Release 0.19.0
• bccca93 THRIFT-5725: Fix the comparison check for bio_get_fd
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jensg, a new releaser for thrift since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.