fix(deps): update dependency redis to v3 [security]

[renovate-bot]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
redis	^2.8.0 -> ^3.1.1

---

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

GitHub Vulnerability Alerts

CVE-2021-29469

Impact

When a client is in monitoring mode, the regex begin used to detected monitor messages could cause exponential backtracking on some strings. This issue could lead to a denial of service.

Patches

The problem was fixed in commit 2d11b6d and was released in version 3.1.1.

References

#​1569 (GHSL-2021-026)

---

Release Notes

redis/node-redis

v3.1.1

Compare Source

Enhancements

• Upgrade node and dependencies

Fixes

• Fix a potential exponential regex in monitor mode

v3.1.0

Compare Source

Enhancements

• Upgrade node and dependencies and redis-commands to support Redis 6
• Add support for Redis 6 auth pass [user]

v3.0.2

Compare Source

v3.0.1

Compare Source

v3.0.0

Compare Source

This version is mainly a release to distribute all the unreleased changes on master since 2017 and additionally removes
a lot of old deprecated features and old internals in preparation for an upcoming modernization refactor (v4).

Breaking Changes

• Dropped support for Node.js < 6
• Dropped support for hiredis (no longer required)
• Removed previously deprecated drain event
• Removed previously deprecated idle event
• Removed previously deprecated parser option
• Removed previously deprecated max_delay option
• Removed previously deprecated max_attempts option
• Removed previously deprecated socket_no_delay option

Bug Fixes

• Removed development files from published package (#​1370)
• Duplicate function now allows db param to be passed (#​1311)

Features

• Upgraded to latest redis-commands package
• Upgraded to latest redis-parser package, v3.0.0, which brings performance improvements
• Replaced double-ended-queue with denque, which brings performance improvements
• Add timestamps to debug traces
• Add socket_initial_delay option for socket.setKeepAlive (#​1396)
• Add support for rediss protocol in url (#​1282)

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[codecov]

Codecov Report

Merging #1423 (9f6e991) into main (278ba99) will decrease coverage by 0.17%.
The diff coverage is n/a.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1423      +/-   ##
==========================================
- Coverage   96.06%   95.90%   -0.17%     
==========================================
  Files          14       17       +3     
  Lines         890     1050     +160     
  Branches      192      212      +20     
==========================================
+ Hits          855     1007     +152     
- Misses         35       43       +8     

see 3 files with indirect coverage changes