Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the production-dependencies group across 1 directory with 4 updates #257

Closed
wants to merge 1 commit into from
Closed

chore(deps): bump the production-dependencies group across 1 directory with 4 updates #257

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 16, 2024
edited
Loading

Bumps the production-dependencies group with 4 updates in the / directory: dotenv, esbuild, isomorphic-dompurify and sass.

Updates dotenv from 16.4.5 to 16.4.7

Changelog

Sourced from dotenv's changelog.

16.4.7 (2024-12-03)

Changed

  • Ignore .tap folder when publishing. (oops, sorry about that everyone. - @​motdotla) #848

16.4.6 (2024-12-02)

Changed

  • Clean up stale dev dependencies #847
  • Various README updates clarifying usage and alternative solutions using dotenvx
Commits

Updates esbuild from 0.23.1 to 0.24.0

Release notes

Sourced from esbuild's releases.

v0.24.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.23.0 or ~0.23.0. See npm's documentation about semver for more information.

  • Drop support for older platforms (#3902)

    This release drops support for the following operating system:

    • macOS 10.15 Catalina

    This is because the Go programming language dropped support for this operating system version in Go 1.23, and this release updates esbuild from Go 1.22 to Go 1.23. Go 1.23 now requires macOS 11 Big Sur or later.

    Note that this only affects the binary esbuild executables that are published to the esbuild npm package. It's still possible to compile esbuild's source code for these older operating systems. If you need to, you can compile esbuild for yourself using an older version of the Go compiler (before Go version 1.23). That might look something like this:

    git clone https://github.com/evanw/esbuild.git
cd esbuild
go build ./cmd/esbuild
./esbuild --version

  • Fix class field decorators in TypeScript if useDefineForClassFields is false (#3913)

    Setting the useDefineForClassFields flag to false in tsconfig.json means class fields use the legacy TypeScript behavior instead of the standard JavaScript behavior. Specifically they use assign semantics instead of define semantics (e.g. setters are triggered) and fields without an initializer are not initialized at all. However, when this legacy behavior is combined with standard JavaScript decorators, TypeScript switches to always initializing all fields, even those without initializers. Previously esbuild incorrectly continued to omit field initializers for this edge case. These field initializers in this case should now be emitted starting with this release.

  • Avoid incorrect cycle warning with tsconfig.json multiple inheritance (#3898)

    TypeScript 5.0 introduced multiple inheritance for tsconfig.json files where extends can be an array of file paths. Previously esbuild would incorrectly treat files encountered more than once when processing separate subtrees of the multiple inheritance hierarchy as an inheritance cycle. With this release, tsconfig.json files containing this edge case should work correctly without generating a warning.

  • Handle Yarn Plug'n'Play stack overflow with tsconfig.json (#3915)

    Previously a tsconfig.json file that extends another file in a package with an exports map could cause a stack overflow when Yarn's Plug'n'Play resolution was active. This edge case should work now starting with this release.

  • Work around more issues with Deno 1.31+ (#3917)

    This version of Deno broke the stdin and stdout properties on command objects for inherited streams, which matters when you run esbuild's Deno module as the entry point (i.e. when import.meta.main is true). Previously esbuild would crash in Deno 1.31+ if you ran esbuild like that. This should be fixed starting with this release.

    This fix was contributed by @​Joshix-1.

Changelog

Sourced from esbuild's changelog.

0.24.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.23.0 or ~0.23.0. See npm's documentation about semver for more information.

  • Drop support for older platforms (#3902)

    This release drops support for the following operating system:

    • macOS 10.15 Catalina

    This is because the Go programming language dropped support for this operating system version in Go 1.23, and this release updates esbuild from Go 1.22 to Go 1.23. Go 1.23 now requires macOS 11 Big Sur or later.

    Note that this only affects the binary esbuild executables that are published to the esbuild npm package. It's still possible to compile esbuild's source code for these older operating systems. If you need to, you can compile esbuild for yourself using an older version of the Go compiler (before Go version 1.23). That might look something like this:

    git clone https://github.com/evanw/esbuild.git
cd esbuild
go build ./cmd/esbuild
./esbuild --version

  • Fix class field decorators in TypeScript if useDefineForClassFields is false (#3913)

    Setting the useDefineForClassFields flag to false in tsconfig.json means class fields use the legacy TypeScript behavior instead of the standard JavaScript behavior. Specifically they use assign semantics instead of define semantics (e.g. setters are triggered) and fields without an initializer are not initialized at all. However, when this legacy behavior is combined with standard JavaScript decorators, TypeScript switches to always initializing all fields, even those without initializers. Previously esbuild incorrectly continued to omit field initializers for this edge case. These field initializers in this case should now be emitted starting with this release.

  • Avoid incorrect cycle warning with tsconfig.json multiple inheritance (#3898)

    TypeScript 5.0 introduced multiple inheritance for tsconfig.json files where extends can be an array of file paths. Previously esbuild would incorrectly treat files encountered more than once when processing separate subtrees of the multiple inheritance hierarchy as an inheritance cycle. With this release, tsconfig.json files containing this edge case should work correctly without generating a warning.

  • Handle Yarn Plug'n'Play stack overflow with tsconfig.json (#3915)

    Previously a tsconfig.json file that extends another file in a package with an exports map could cause a stack overflow when Yarn's Plug'n'Play resolution was active. This edge case should work now starting with this release.

  • Work around more issues with Deno 1.31+ (#3917)

    This version of Deno broke the stdin and stdout properties on command objects for inherited streams, which matters when you run esbuild's Deno module as the entry point (i.e. when import.meta.main is true). Previously esbuild would crash in Deno 1.31+ if you ran esbuild like that. This should be fixed starting with this release.

    This fix was contributed by @​Joshix-1.

Commits

Updates isomorphic-dompurify from 2.15.0 to 2.19.0

Release notes

Sourced from isomorphic-dompurify's releases.

Updated dependencies

Changelog

  • Updated dompurify and other dependencies.

See the complete changelog for more details.

Release

2.19.0

Updated dependencies

Changelog

  • Updated dompurify and other dependencies.

See the complete changelog for more details.

Release

2.18.0

Removed @​types/dompurify dependency. Updated dompurify and other dependencies.

Changelog

  • Removed @types/dompurify dependency which caused an issue kkomelin/isomorphic-dompurify#301. The third-party types are not needed anymore because dompurify provides their own. Thanks to @​Bro3Simon for helping with it.
  • Updated dompurify and other dependencies.

See the complete changelog for more details.

Release

2.17.0

Updated dependencies

Changelog

  • Updated dompurify, jsdom and other dependencies.

See the complete changelog for more details.

Release

2.16.0

Commits
  • c20261b Updated dependencies.
  • 1e55e93 Merge pull request #306 from kkomelin/dependabot/npm_and_yarn/dompurify-3.2.3
  • 80f6f11 Bump dompurify from 3.2.2 to 3.2.3
  • 9260365 Merge pull request #305 from kkomelin/dependabot/npm_and_yarn/terser-5.37.0
  • 9683533 Bump terser from 5.36.0 to 5.37.0
  • 246907b Merge pull request #304 from kkomelin/dependabot/npm_and_yarn/vitest-2.1.8
  • ec1c9b2 Bump vitest from 2.1.6 to 2.1.8
  • efa8ec6 Updated deps. Increased project version.
  • 3d42592 Merge pull request #303 from kkomelin/dependabot/npm_and_yarn/dompurify-3.2.2
  • 12b13a9 Bump dompurify from 3.2.1 to 3.2.2
  • Additional commits viewable in compare view

Updates sass from 1.78.0 to 1.83.0

Release notes

Sourced from sass's releases.

Dart Sass 1.83.0

To install Sass 1.83.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

  • Allow trailing commas in all argument and parameter lists.

See the full changelog for changes in earlier releases.

Dart Sass 1.82.0

To install Sass 1.82.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

Command-Line Interface

  • Improve --watch mode reliability when making multiple changes at once, such as checking out a different Git branch.

  • Parse the calc-size() function as a calculation now that it's supported in some browsers.

Dart API

  • Add a SassCalculation.calcSize() function.

See the full changelog for changes in earlier releases.

Dart Sass 1.81.1

To install Sass 1.81.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

  • No user-visible changes.

See the full changelog for changes in earlier releases.

Dart Sass 1.81.0

To install Sass 1.81.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

... (truncated)

Changelog

Sourced from sass's changelog.

1.83.0

  • Allow trailing commas in all argument and parameter lists.

1.82.0

Command-Line Interface

  • Improve --watch mode reliability when making multiple changes at once, such as checking out a different Git branch.

  • Parse the calc-size() function as a calculation now that it's supported in some browsers.

Dart API

  • Add a SassCalculation.calcSize() function.

1.81.1

  • No user-visible changes.

1.81.0

  • Fix a few cases where deprecation warnings weren't being emitted for global built-in functions whose names overlap with CSS calculations.

  • Add support for the CSS round() calculation with a single argument, as long as that argument might be a unitless number.

1.80.7

Embedded Host

  • Don't treat 0 as undefined for the green and blue channels in the LegacyColor constructor.

1.80.6

Command-Line Interface

  • Make @parcel/watcher an optional dependency so this can still be installed on operating systems where it's unavailable.

1.80.5

Embedded Host

  • Don't produce phantom @import deprecations when using an importer with the legacy API.

... (truncated)

Commits
  • f38dbb0 Merge pull request #2464 from sass/rest-param-comma
  • 0230ccf Update pkg/sass_api/CHANGELOG.md
  • dd9b106 Rename ArgumentInvocation and ArgumentDeclaration
  • c45bc70 Allow a trailing comma after rest parameters and arguments
  • 219fe67 Fix static analysis issues for dart 3.6 (#2462)
  • f9eef81 Fix links to importers in the internal documentation (#2458)
  • 1b3c7de Represent rest parameters as properties on Parameter (#2454)
  • 7a6722c Fix the declaration of ReturnRule._returnExpression (#2455)
  • 1536dc0 Merge pull request #2453 from sass/return
  • a74f9c3 Enable useDefineForClassFields and fix affected TS files. (#2447)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the production-dependencies group across 1 director…
959497b 
…y with 4 updates

Bumps the production-dependencies group with 4 updates in the / directory: [dotenv](https://github.com/motdotla/dotenv), [esbuild](https://github.com/evanw/esbuild), [isomorphic-dompurify](https://github.com/kkomelin/isomorphic-dompurify) and [sass](https://github.com/sass/dart-sass).


Updates `dotenv` from 16.4.5 to 16.4.7
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v16.4.5...v16.4.7)

Updates `esbuild` from 0.23.1 to 0.24.0
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](evanw/esbuild@v0.23.1...v0.24.0)

Updates `isomorphic-dompurify` from 2.15.0 to 2.19.0
- [Release notes](https://github.com/kkomelin/isomorphic-dompurify/releases)
- [Commits](kkomelin/isomorphic-dompurify@v2.15.0...v2.19.0)

Updates `sass` from 1.78.0 to 1.83.0
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](sass/dart-sass@1.78.0...1.83.0)

---
updated-dependencies:
- dependency-name: dotenv
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: esbuild
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: isomorphic-dompurify
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 16, 2024
@dependabot dependabot bot mentioned this pull request Dec 16, 2024
Closed
@netlify Netlify
Copy link

netlify bot commented Dec 16, 2024
edited
Loading

Deploy Preview for triviaccessibility ready!

Name Link
🔨 Latest commit 959497b
🔍 Latest deploy log https://app.netlify.com/sites/triviaccessibility/deploys/675fb605c89aea00084efc92
😎 Deploy Preview https://deploy-preview-257--triviaccessibility.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 23, 2024

Superseded by #259.

@dependabot dependabot bot closed this Dec 23, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/production-dependencies-2eab2dbf18 branch December 23, 2024 05:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants