mirror of
https://github.com/maputnik/editor.git
synced 2026-07-09 15:37:28 +00:00
3d1919738be2592df3d9e7620ab644c74cdd2086
2737 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
3d1919738b | Improve test readability | ||
|
|
cc317c20a1 | Move fill local storage to driver | ||
|
|
a9c3da0f40 | Remove hack from modal driver | ||
|
|
dc5d6dd77d | Remove unneeded comments. | ||
|
|
95d87ad7ef | Remove export for a method that isn't used outside the file. | ||
|
|
09efbb5cd6 | Fix utils path | ||
|
|
4f046cb83e | Fix build | ||
|
|
fb00dea285 | Move playwrite stuff to utils folder | ||
|
|
c00395ee11 | Remove coverage file and have everything inside the fixtures.ts file. | ||
|
|
5092a924aa |
[pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci |
||
|
|
7d80dccb81 | Remote test related entries. | ||
|
|
a93fe4d78b | Fix test for regexp | ||
|
|
603a30cba8 |
Potential fix for pull request finding 'CodeQL / Incomplete regular expression for hostnames'
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> |
||
|
|
6f55fda7d4 | Remove docker coverage upload. | ||
|
|
8f0ee898ff | Merge branch 'main' into replace-cypress-with-playwright | ||
|
|
be9456d11b |
Relocate e2e tests (#1989)
## Launch Checklist Renames the e2e test and reduces changes as a preparation step from playwright in the following PR: - #1988 This is to keep as much history as possible. <img width="1907" height="933" alt="image" src="https://github.com/user-attachments/assets/b52075b3-eb3b-45dc-93dc-8c5e9cfd35dd" /> - [x] Briefly describe the changes in this PR. --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com> |
||
|
|
3896c4c187 | Merge branch 'relocate-e2e-tests' into replace-cypress-with-playwright | ||
|
|
c0f1a72d80 | Fix failing unit tests in CI | ||
|
|
ac9186e7f8 |
test: instantiate MaputnikDriver once per describe block
Make the driver page-lazy (it resolves the running test's page on demand via
an auto fixture) so it can be created a single time at describe scope and
reused across the block's tests, matching the pre-migration ergonomics:
const { given, get, when, then } = new MaputnikDriver();
instead of pulling `driver` out of a fixture and destructuring it in every
test. Coverage collection and dialog handling move into the auto fixture.
Also inject a bare invalid token ("zzz") in the json-editor parse-error test:
CodeMirror auto-closes brackets/quotes, so " {" no longer reliably breaks the
JSON.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
||
|
|
8c86607100 | Add alias for 'it' as 'test' in layers list spec | ||
|
|
7c5e5358cb | Merge branch 'relocate-e2e-tests' into replace-cypress-with-playwright | ||
|
|
18b34d3ecd | Fix lint | ||
|
|
08ebca266c | Merge branch 'relocate-e2e-tests' into replace-cypress-with-playwright | ||
|
|
8344a30f5d | Move things back to where this will still work. | ||
|
|
4249e9beb9 | Merge branch 'main' into relocate-e2e-tests | ||
|
|
c3dd253737 |
test: migrate e2e to Playwright and component test to Vitest browser mode
Replace Cypress with Playwright for the end-to-end suite and drop
@shellygo/cypress-test-utils in favour of a hand-written MaputnikDriver
page object that keeps the fluent then(...).shouldX() assertion style
(now async). The InputAutocomplete component test moves to Vitest browser
mode using the Playwright provider.
- e2e/maputnik-driver.ts: driver + MaputnikAssertable over Playwright
- e2e/{fixtures,coverage,global-setup,global-teardown}.ts: test fixture,
istanbul coverage collection, and nyc report generation
- playwright.config.ts / vitest.config.ts
- Code coverage preserved: dev server is istanbul-instrumented, per-test
window.__coverage__ is merged via nyc into coverage/coverage-final.json
- CI: Cypress jobs replaced with Playwright; docker e2e runs against the
container via E2E_NO_WEBSERVER
- Remove Cypress deps, config and support files; update docs and .nycrc
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
||
|
|
f7b48139a4 |
test: adopt Playwright test()/test.describe() naming in e2e specs
Mechanical rename of it() -> test() and describe() -> test.describe() so the subsequent Playwright migration diff only touches test bodies, not the suite/case wrappers. |
||
|
|
8af1cfd5f8 |
test: relocate Cypress e2e suite to e2e/ ahead of Playwright migration
Pure file moves (no content changes) so git records them as renames and history/blame is preserved through the migration that follows: cypress/e2e/*.cy.ts -> e2e/*.spec.ts cypress/e2e/*-driver.ts -> e2e/*-driver.ts cypress/fixtures/ -> e2e/fixtures/ cypress.config.ts -> playwright.config.ts InputAutocomplete.cy.tsx -> InputAutocomplete.browser.test.tsx Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> |
||
|
|
a87a4d8df8 |
chore(deps-dev): Bump i18next-cli from 1.53.2 to 1.65.0 (#1979)
Bumps [i18next-cli](https://github.com/i18next/i18next-cli) from 1.53.2 to 1.65.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/i18next/i18next-cli/blob/main/CHANGELOG.md">i18next-cli's changelog</a>.</em></p> <blockquote> <h2>1.65.0</h2> <ul> <li>fix(extract): respect <code>fallbackNS</code> — keys already translated in a fallback namespace are no longer duplicated into the requesting namespace's file (<a href="https://redirect.github.com/i18next/i18next-cli/issues/272">#272</a>). <ul> <li>Such keys are now attributed to the fallback namespace instead, so <code>removeUnusedKeys</code> no longer prunes them from the fallback file (previously a key like <code>cancel</code> living only in the fallback namespace was <strong>deleted</strong> there and re-created in every namespace that used it).</li> <li>A key that already has a non-empty value in the requesting namespace's own file is treated as an intentional per-namespace override and keeps being extracted there, mirroring the i18next runtime lookup order (requested namespace first, then the fallback chain). Empty-string placeholders left behind by previous extract runs are cleaned up.</li> <li>Keys not found in any fallback namespace are still added to the requesting namespace, like the i18next <code>saveMissing</code> behavior.</li> </ul> </li> <li>feat(extract): <code>fallbackNS</code> now also accepts an array of namespaces (looked up in order, like the i18next runtime option) — supported by <code>extract</code>, <code>status</code>, and the TypeScript types generator.</li> </ul> <h2>1.64.2</h2> <ul> <li>fix(status): scope the pass/fail result to the requested locale (<a href="https://redirect.github.com/i18next/i18next-cli/issues/271">#271</a>). <ul> <li><code>status <locale></code> now exits based on <strong>that locale only</strong>, instead of always evaluating every secondary language. Previously, running e.g. <code>status en-AU</code> on a fully-translated primary could print "🎉 All keys present" and still exit <code>1</code> because an unrelated secondary (e.g. an empty <code>de-DE</code>) was incomplete — a summary that contradicted the exit code.</li> <li>When the requested locale is the primary, the check still fails only on <em>absent</em> keys (empty placeholders are tolerated); for a secondary it fails on any untranslated/absent key. The global view (<code>status</code> with no locale) is unchanged.</li> <li>The failure message now names the locale when scoped (<code>Error: Incomplete translations detected for "de-DE".</code>) so the reason is no longer hidden.</li> </ul> </li> </ul> <h2>1.64.1</h2> <ul> <li>fix(status): align plural reporting with the i18next runtime (<a href="https://redirect.github.com/i18next/i18next-cli/issues/270">#270</a>). <ul> <li>Plural categories that <code>Intl.PluralRules</code> only selects for out-of-range values (e.g. French <code>_many</code>, which fires only for counts ≥ 1,000,000) are now treated as <strong>optional</strong>: a missing or empty variant is shown as a soft "optional plural form" note instead of a hard "missing key" error, so it no longer fails the check. Categories reachable by typical counts (including decimals, e.g. Polish/Russian <code>other</code>) remain required.</li> <li>With <code>disablePlurals: true</code>, a key used with <code>count</code> is now considered satisfied when either its plural variants (<code>_one</code>/<code>_other</code>) <strong>or</strong> the bare key exist — mirroring the runtime's <code>key + suffix → key</code> resolution chain —</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/i18next/i18next-cli/commit/9497126db21489514db6c2d181ccb667af977281"><code>9497126</code></a> 1.65.0</li> <li><a href="https://github.com/i18next/i18next-cli/commit/cebfb66b646ce72d93f888c8438082698f35af6c"><code>cebfb66</code></a> fix(extract): respect fallbackNS and stop duplicating keys into namespace fil...</li> <li><a href="https://github.com/i18next/i18next-cli/commit/4af3b5b767ba144773419d13d045240ebace36d0"><code>4af3b5b</code></a> 1.64.2</li> <li><a href="https://github.com/i18next/i18next-cli/commit/59e5c157b8e6263a7686aa83189169eef4947230"><code>59e5c15</code></a> fix(status): scope pass/fail to the requested locale <a href="https://redirect.github.com/i18next/i18next-cli/issues/271">#271</a></li> <li><a href="https://github.com/i18next/i18next-cli/commit/58e96acf4d779a60dd49555cfbe7125d370918dd"><code>58e96ac</code></a> 1.64.1</li> <li><a href="https://github.com/i18next/i18next-cli/commit/90fb64de7c9973cc2bb93074489a114b3c214a43"><code>90fb64d</code></a> fix(status): align plural reporting with the i18next runtime <a href="https://redirect.github.com/i18next/i18next-cli/issues/270">#270</a></li> <li><a href="https://github.com/i18next/i18next-cli/commit/4f32c051a6b330e5480bea9c5f1e06bfc057b016"><code>4f32c05</code></a> 1.64.0</li> <li><a href="https://github.com/i18next/i18next-cli/commit/9ab66af4796228060d05bda6de5ff7dea92e9c89"><code>9ab66af</code></a> feat(extract): support trailing wildcards in functions (e.g. 'tProps.*')</li> <li><a href="https://github.com/i18next/i18next-cli/commit/3f40d0b904b01546fe86ae14d2e6f54b39ccba78"><code>3f40d0b</code></a> 1.63.1</li> <li><a href="https://github.com/i18next/i18next-cli/commit/eac231da589c9690a3bcc1aaf05f10572ae395cb"><code>eac231d</code></a> fix(init): pin <code>@inlang/plugin-i18next</code><a href="https://github.com/6"><code>@6</code></a>.2.1 (restores Sherlock annotations)</li> <li>Additional commits viewable in <a href="https://github.com/i18next/i18next-cli/compare/v1.53.2...v1.65.0">compare view</a></li> </ul> </details> <br /> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
89d583715f |
chore(deps): Bump the react group across 1 directory with 7 updates (#1976)
Bumps the react group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.7` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.14` | `19.2.17` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.7` | | [react-i18next](https://github.com/i18next/react-i18next) | `17.0.7` | `17.0.8` | | [react-icons](https://github.com/react-icons/react-icons) | `5.6.0` | `5.7.0` | | [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `5.1.4` | `6.0.3` | | [eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh) | `0.5.2` | `0.5.3` | Updates `react` from 19.2.4 to 19.2.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/releases">react's releases</a>.</em></p> <blockquote> <h2>19.2.7 (June 1st, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Fixed missing <code>FormData</code> entries in Server Actions which regressed in 19.2.6 (<a href="https://redirect.github.com/facebook/react/pull/36566">#36566</a> by <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> <h2>19.2.6 (May 6th, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Type hardening and performance improvements (<a href="https://redirect.github.com/facebook/react/pull/36425">#36425</a> by <a href="https://github.com/eps1lon"><code>@eps1lon</code></a> and <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> <h2>19.2.5 (April 8th, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Add more cycle protections (<a href="https://redirect.github.com/facebook/react/pull/36236">#36236</a> by <a href="https://github.com/eps1lon"><code>@eps1lon</code></a> and <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/react/react/blob/main/CHANGELOG.md">react's changelog</a>.</em></p> <blockquote> <h2>19.2.7 (June 1, 2026)</h2> <h3>React Server Components</h3> <ul> <li>Fixed missing <code>FormData</code> entries in Server Actions which regressed in 19.2.6 (<a href="https://github.com/unstubbable"><code>@unstubbable</code></a> <a href="https://redirect.github.com/facebook/react/pull/36566">#36566</a>)</li> </ul> <h2>19.2.6 (May 6, 2026)</h2> <h3>React Server Components</h3> <ul> <li>Type hardening and performance improvements (<a href="https://github.com/eps1lon"><code>@eps1lon</code></a>, <a href="https://github.com/unstubbable"><code>@unstubbable</code></a> <a href="https://redirect.github.com/facebook/react/pull/36425">#36425</a>)</li> </ul> <h2>19.2.5 (March 18, 2026)</h2> <h3>React Server Components</h3> <ul> <li>Add more cycle protections (<a href="https://github.com/eps1lon"><code>@eps1lon</code></a>, <a href="https://github.com/unstubbable"><code>@unstubbable</code></a> <a href="https://redirect.github.com/facebook/react/pull/36236">#36236</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/react/react/commit/6117d7cca4906492c51fe6a03381e35adfd86e7d"><code>6117d7c</code></a> Version 19.2.7 (<a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/36591">#36591</a>)</li> <li><a href="https://github.com/react/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401"><code>eaf3e95</code></a> Version 19.2.6</li> <li><a href="https://github.com/react/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea"><code>23f4f9f</code></a> 19.2.5</li> <li>See full diff in <a href="https://github.com/facebook/react/commits/v19.2.7/packages/react">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for react since your current version.</p> </details> <br /> Updates `@types/react` from 19.2.14 to 19.2.17 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare view</a></li> </ul> </details> <br /> Updates `react-dom` from 19.2.4 to 19.2.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/facebook/react/releases">react-dom's releases</a>.</em></p> <blockquote> <h2>19.2.7 (June 1st, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Fixed missing <code>FormData</code> entries in Server Actions which regressed in 19.2.6 (<a href="https://redirect.github.com/facebook/react/pull/36566">#36566</a> by <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> <h2>19.2.6 (May 6th, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Type hardening and performance improvements (<a href="https://redirect.github.com/facebook/react/pull/36425">#36425</a> by <a href="https://github.com/eps1lon"><code>@eps1lon</code></a> and <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> <h2>19.2.5 (April 8th, 2026)</h2> <h2>React Server Components</h2> <ul> <li>Add more cycle protections (<a href="https://redirect.github.com/facebook/react/pull/36236">#36236</a> by <a href="https://github.com/eps1lon"><code>@eps1lon</code></a> and <a href="https://github.com/unstubbable"><code>@unstubbable</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/react/react/blob/main/CHANGELOG.md">react-dom's changelog</a>.</em></p> <blockquote> <h2>19.2.7 (June 1, 2026)</h2> <h3>React Server Components</h3> <ul> <li>Fixed missing <code>FormData</code> entries in Server Actions which regressed in 19.2.6 (<a href="https://github.com/unstubbable"><code>@unstubbable</code></a> <a href="https://redirect.github.com/facebook/react/pull/36566">#36566</a>)</li> </ul> <h2>19.2.6 (May 6, 2026)</h2> <h3>React Server Components</h3> <ul> <li>Type hardening and performance improvements (<a href="https://github.com/eps1lon"><code>@eps1lon</code></a>, <a href="https://github.com/unstubbable"><code>@unstubbable</code></a> <a href="https://redirect.github.com/facebook/react/pull/36425">#36425</a>)</li> </ul> <h2>19.2.5 (March 18, 2026)</h2> <h3>React Server Components</h3> <ul> <li>Add more cycle protections (<a href="https://github.com/eps1lon"><code>@eps1lon</code></a>, <a href="https://github.com/unstubbable"><code>@unstubbable</code></a> <a href="https://redirect.github.com/facebook/react/pull/36236">#36236</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/react/react/commit/6117d7cca4906492c51fe6a03381e35adfd86e7d"><code>6117d7c</code></a> Version 19.2.7 (<a href="https://github.com/facebook/react/tree/HEAD/packages/react-dom/issues/36591">#36591</a>)</li> <li><a href="https://github.com/react/react/commit/eaf3e95ca92be7a23d3c9cc8ffd6f199a40be401"><code>eaf3e95</code></a> Version 19.2.6</li> <li><a href="https://github.com/react/react/commit/23f4f9f30da9e9af2108c18bb197bae75ab584ea"><code>23f4f9f</code></a> 19.2.5</li> <li>See full diff in <a href="https://github.com/facebook/react/commits/v19.2.7/packages/react-dom">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for react-dom since your current version.</p> </details> <br /> Updates `react-i18next` from 17.0.7 to 17.0.8 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md">react-i18next's changelog</a>.</em></p> <blockquote> <h2>17.0.8</h2> <ul> <li>fix(types): <code><Trans i18nKey={$ => ...}></code> now typechecks under <code>enableSelector: 'strict'</code>. The <code>Trans</code> component's conditional type was gated on <code>_EnableSelector extends true | 'optimize'</code>, excluding <code>'strict'</code> and falling back to the legacy string-key signature. Runtime was already correct (it calls <code>keyFromSelector(i18nKey)</code> whenever <code>typeof i18nKey === 'function'</code>); this is a type-only fix that widens the conditional to include <code>'strict'</code>. Thanks <a href="https://github.com/Faithfinder"><code>@Faithfinder</code></a> (<a href="https://redirect.github.com/i18next/react-i18next/pull/1921">#1921</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/i18next/react-i18next/commit/a46ad23ad07f1a3440d03cce80d0cab7ad23e2f0"><code>a46ad23</code></a> 17.0.8</li> <li><a href="https://github.com/i18next/react-i18next/commit/f715031fd7d90542bacd15d50e57235763527271"><code>f715031</code></a> update i18next dep</li> <li><a href="https://github.com/i18next/react-i18next/commit/a515d5b767366e2b48704d219a3b7e4744e7ce72"><code>a515d5b</code></a> changelog: 17.0.8 entry for <a href="https://redirect.github.com/i18next/react-i18next/issues/1921">#1921</a></li> <li><a href="https://github.com/i18next/react-i18next/commit/d5ab7c82e93b4cb4b64b298b407745f3dbb235a1"><code>d5ab7c8</code></a> fix(types): accept selector i18nKey on <Trans> under enableSelector: 'strict'...</li> <li><a href="https://github.com/i18next/react-i18next/commit/b91ba362800ca7af2461306b900731eaad1de19a"><code>b91ba36</code></a> Add Locize advice section near the top of README</li> <li>See full diff in <a href="https://github.com/i18next/react-i18next/compare/v17.0.7...v17.0.8">compare view</a></li> </ul> </details> <br /> Updates `react-icons` from 5.6.0 to 5.7.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/react-icons/react-icons/releases">react-icons's releases</a>.</em></p> <blockquote> <h2>v5.7.0</h2> <h2>What's Changed</h2> <ul> <li>update packages by <a href="https://github.com/kamijin-fanta"><code>@kamijin-fanta</code></a> in <a href="https://redirect.github.com/react-icons/react-icons/pull/1153">react-icons/react-icons#1153</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/react-icons/react-icons/compare/v5.6.0...v5.7.0">https://github.com/react-icons/react-icons/compare/v5.6.0...v5.7.0</a></p> <table> <thead> <tr> <th>Icon Library</th> <th>License</th> <th>Version</th> <th align="right">Count</th> </tr> </thead> <tbody> <tr> <td><a href="https://circumicons.com/">Circum Icons</a></td> <td><a href="https://github.com/Klarr-Agency/Circum-Icons/blob/main/LICENSE">MPL-2.0 license</a></td> <td>1.0.0</td> <td align="right">288</td> </tr> <tr> <td><a href="https://fontawesome.com/">Font Awesome 5</a></td> <td><a href="https://creativecommons.org/licenses/by/4.0/">CC BY 4.0 License</a></td> <td>5.15.4-3-gafecf2a</td> <td align="right">1612</td> </tr> <tr> <td><a href="https://fontawesome.com/">Font Awesome 6</a></td> <td><a href="https://creativecommons.org/licenses/by/4.0/">CC BY 4.0 License</a></td> <td>6.7.2-1-g840c215</td> <td align="right">2060</td> </tr> <tr> <td><a href="https://ionicons.com/">Ionicons 4</a></td> <td><a href="https://github.com/ionic-team/ionicons/blob/master/LICENSE">MIT</a></td> <td>4.6.3</td> <td align="right">696</td> </tr> <tr> <td><a href="https://ionicons.com/">Ionicons 5</a></td> <td><a href="https://github.com/ionic-team/ionicons/blob/master/LICENSE">MIT</a></td> <td>5.5.4</td> <td align="right">1332</td> </tr> <tr> <td><a href="http://google.github.io/material-design-icons/">Material Design icons</a></td> <td><a href="https://github.com/google/material-design-icons/blob/master/LICENSE">Apache License Version 2.0</a></td> <td>4.0.0-161-gf3fb4442b2</td> <td align="right">4341</td> </tr> <tr> <td><a href="http://s-ings.com/typicons/">Typicons</a></td> <td><a href="https://creativecommons.org/licenses/by-sa/3.0/">CC BY-SA 3.0</a></td> <td>2.1.2</td> <td align="right">336</td> </tr> <tr> <td><a href="https://octicons.github.com/">Github Octicons icons</a></td> <td><a href="https://github.com/primer/octicons/blob/master/LICENSE">MIT</a></td> <td>18.3.0</td> <td align="right">264</td> </tr> <tr> <td><a href="https://feathericons.com/">Feather</a></td> <td><a href="https://github.com/feathericons/feather/blob/master/LICENSE">MIT</a></td> <td>4.29.2</td> <td align="right">287</td> </tr> <tr> <td><a href="https://lucide.dev/">Lucide</a></td> <td><a href="https://github.com/lucide-icons/lucide/blob/main/LICENSE">ISC</a></td> <td>0.462.0</td> <td align="right">1541</td> </tr> <tr> <td><a href="https://game-icons.net/">Game Icons</a></td> <td><a href="https://creativecommons.org/licenses/by/3.0/">CC BY 3.0</a></td> <td>12920d6565588f0512542a3cb0cdfd36a497f910</td> <td align="right">4040</td> </tr> <tr> <td><a href="https://erikflowers.github.io/weather-icons/">Weather Icons</a></td> <td><a href="http://scripts.sil.org/OFL">SIL OFL 1.1</a></td> <td>2.0.12</td> <td align="right">219</td> </tr> <tr> <td><a href="https://vorillaz.github.io/devicons/">Devicons</a></td> <td><a href="https://opensource.org/licenses/MIT">MIT</a></td> <td>1.8.0</td> <td align="right">192</td> </tr> <tr> <td><a href="https://github.com/ant-design/ant-design-icons">Ant Design Icons</a></td> <td><a href="https://opensource.org/licenses/MIT">MIT</a></td> <td>4.4.2</td> <td align="right">831</td> </tr> <tr> <td><a href="https://github.com/twbs/icons">Bootstrap Icons</a></td> <td><a href="https://opensource.org/licenses/MIT">MIT</a></td> <td>1.13.1</td> <td align="right">2754</td> </tr> <tr> <td><a href="https://github.com/Remix-Design/RemixIcon">Remix Icon</a></td> <td><a href="http://www.apache.org/licenses/">Apache License Version 2.0</a></td> <td>4.9.1</td> <td align="right">3229</td> </tr> <tr> <td><a href="https://github.com/icons8/flat-color-icons">Flat Color Icons</a></td> <td><a href="https://opensource.org/licenses/MIT">MIT</a></td> <td>1.0.2</td> <td align="right">329</td> </tr> <tr> <td><a href="https://github.com/grommet/grommet-icons">Grommet-Icons</a></td> <td><a href="http://www.apache.org/licenses/">Apache License Version 2.0</a></td> <td>4.14.0</td> <td align="right">637</td> </tr> <tr> <td><a href="https://github.com/tailwindlabs/heroicons">Heroicons</a></td> <td><a href="https://opensource.org/licenses/MIT">MIT</a></td> <td>1.0.6</td> <td align="right">460</td> </tr> <tr> <td><a href="https://github.com/tailwindlabs/heroicons">Heroicons 2</a></td> <td><a href="https://opensource.org/licenses/MIT">MIT</a></td> <td>2.2.0</td> <td align="right">972</td> </tr> <tr> <td><a href="https://simpleicons.org/">Simple Icons</a></td> <td><a href="https://creativecommons.org/publicdomain/zero/1.0/">CC0 1.0 Universal</a></td> <td>16.24.0</td> <td align="right">3446</td> </tr> <tr> <td><a href="https://thesabbir.github.io/simple-line-icons/">Simple Line Icons</a></td> <td><a href="https://opensource.org/licenses/MIT">MIT</a></td> <td>2.5.5</td> <td align="right">189</td> </tr> <tr> <td><a href="https://github.com/Keyamoon/IcoMoon-Free">IcoMoon Free</a></td> <td><a href="https://github.com/Keyamoon/IcoMoon-Free/blob/master/License.txt">CC BY 4.0 License</a></td> <td>d006795ede82361e1bac1ee76f215cf1dc51e4ca</td> <td align="right">491</td> </tr> <tr> <td><a href="https://github.com/atisawd/boxicons">BoxIcons</a></td> <td><a href="https://github.com/atisawd/boxicons/blob/master/LICENSE">MIT</a></td> <td>2.1.4</td> <td align="right">1634</td> </tr> <tr> <td><a href="https://github.com/astrit/css.gg">css.gg</a></td> <td><a href="https://opensource.org/licenses/MIT">MIT</a></td> <td>2.1.4</td> <td align="right">704</td> </tr> <tr> <td><a href="https://github.com/microsoft/vscode-codicons">VS Code Icons</a></td> <td><a href="https://creativecommons.org/licenses/by/4.0/">CC BY 4.0</a></td> <td>0.0.0</td> <td align="right">612</td> </tr> <tr> <td><a href="https://github.com/tabler/tabler-icons">Tabler Icons</a></td> <td><a href="https://opensource.org/licenses/MIT">MIT</a></td> <td>3.44.0</td> <td align="right">6146</td> </tr> <tr> <td><a href="https://github.com/lykmapipo/themify-icons">Themify Icons</a></td> <td><a href="https://github.com/thecreation/standard-icons/blob/master/modules/themify-icons/LICENSE">MIT</a></td> <td>v0.1.2-2-g9600186</td> <td align="right">352</td> </tr> <tr> <td><a href="https://icons.radix-ui.com">Radix Icons</a></td> <td><a href="https://github.com/radix-ui/icons/blob/master/LICENSE">MIT</a></td> <td><code>@radix-ui/react-icons</code><a href="https://github.com/1"><code>@1</code></a>.3.2-35-g112af91</td> <td align="right">332</td> </tr> <tr> <td><a href="https://github.com/phosphor-icons/core">Phosphor Icons</a></td> <td><a href="https://github.com/phosphor-icons/core/blob/main/LICENSE">MIT</a></td> <td>2.1.1</td> <td align="right">9072</td> </tr> <tr> <td><a href="https://icons8.com/line-awesome">Icons8 Line Awesome</a></td> <td><a href="https://github.com/icons8/line-awesome/blob/master/LICENSE.md">MIT</a></td> <td>1.3.1</td> <td align="right">1544</td> </tr> </tbody> </table> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/react-icons/react-icons/commit/87470d588c5624bf3e291f17527c3ecd1419c8ae"><code>87470d5</code></a> v5.7.0</li> <li><a href="https://github.com/react-icons/react-icons/commit/e1cb06116df395109208fa4786b5e6ae4cc20187"><code>e1cb061</code></a> fix ci publish</li> <li><a href="https://github.com/react-icons/react-icons/commit/bffaab7c0f90d78b240bd06be1c40953be89a992"><code>bffaab7</code></a> Revert "v5.7.0"</li> <li><a href="https://github.com/react-icons/react-icons/commit/2cde989e0d3637fa39471e3f24df99ffb88cb1d1"><code>2cde989</code></a> v5.7.0</li> <li><a href="https://github.com/react-icons/react-icons/commit/dac95ccf8126f41dc068f17fb09573fd86b6a0e9"><code>dac95cc</code></a> update npm in ci workflow</li> <li><a href="https://github.com/react-icons/react-icons/commit/21fcd0452250a30cde4827b83bff3e086b106369"><code>21fcd04</code></a> Revert "v5.7.0"</li> <li><a href="https://github.com/react-icons/react-icons/commit/3a05518a3b8b1fe147c915aea1ca6db6cd212ae8"><code>3a05518</code></a> v5.7.0</li> <li><a href="https://github.com/react-icons/react-icons/commit/c8b5050f417e08a270fc74393d36a7ea844a1977"><code>c8b5050</code></a> fix github pages deploy</li> <li><a href="https://github.com/react-icons/react-icons/commit/2f78ae43254f217c132078956848f257b72ec6cb"><code>2f78ae4</code></a> Update CI actions, Pages deploy, and staged npm publishing</li> <li><a href="https://github.com/react-icons/react-icons/commit/11f5a06ff937287537590bd165ccbd24e9f800e4"><code>11f5a06</code></a> update packages (<a href="https://redirect.github.com/react-icons/react-icons/issues/1153">#1153</a>)</li> <li>See full diff in <a href="https://github.com/react-icons/react-icons/compare/v5.6.0...v5.7.0">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for react-icons since your current version.</p> </details> <br /> Updates `@types/react` from 19.2.14 to 19.2.17 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react">compare view</a></li> </ul> </details> <br /> Updates `@vitejs/plugin-react` from 5.1.4 to 6.0.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite-plugin-react/releases">@vitejs/plugin-react's releases</a>.</em></p> <blockquote> <h2>plugin-react@6.0.3</h2> <p>No release notes provided.</p> <h2>plugin-react@6.0.2</h2> <h3>Allow all options in reactCompilerPreset (<a href="https://redirect.github.com/vitejs/vite-plugin-react/pull/1189">#1189</a>)</h3> <p>This is a type only change. Only <code>compilationMode</code> and <code>target</code> options were available for <code>reactCompilerPreset</code>.</p> <h2>plugin-react@6.0.1</h2> <h3>Expand <code>@rolldown/plugin-babel</code> peer dep range (<a href="https://redirect.github.com/vitejs/vite-plugin-react/pull/1146">#1146</a>)</h3> <p>Expanded <code>@rolldown/plugin-babel</code> peer dep range to include <code>^0.2.0</code>.</p> <h2>plugin-react@6.0.0</h2> <h3>Remove Babel Related Features (<a href="https://redirect.github.com/vitejs/vite-plugin-react/pull/1123">#1123</a>)</h3> <p>Vite 8+ can handle React Refresh Transform by Oxc and doesn't need Babel for it. With that, there are no transform applied that requires Babel. To reduce the installation size of this plugin, babel is no longer a dependency of this plugin and the related features are removed.</p> <p>If you are using Babel, you can use <code>@rolldown/plugin-babel</code> together with this plugin:</p> <pre lang="diff"><code> import { defineConfig } from 'vite' import react from '@vitejs/plugin-react' +import babel from '@rolldown/plugin-babel' <p>export default defineConfig({ plugins: [</p> <ul> <li> <pre><code>react({ </code></pre> </li> <li> <pre><code> babel: { </code></pre> </li> <li> <pre><code> plugins: ['@babel/plugin-proposal-throw-expressions'], </code></pre> </li> <li> <pre><code> }, </code></pre> </li> <li> <pre><code>}), </code></pre> </li> </ul> <ul> <li> <pre><code>react(), </code></pre> </li> <li> <pre><code>babel({ </code></pre> </li> <li> <pre><code> plugins: ['@babel/plugin-proposal-throw-expressions'], </code></pre> </li> <li> <pre><code>}), </code></pre> ] }) </code></pre></li> </ul> <p>For React compiler users, you can use <code>reactCompilerPreset</code> for easier setup with preconfigured filter to improve build performance:</p> <pre lang="diff"><code> import { defineConfig } from 'vite' -import react from '@vitejs/plugin-react' +import react, { reactCompilerPreset } from '@vitejs/plugin-react' +import babel from '@rolldown/plugin-babel' <p>export default defineConfig({ plugins: [ </tr></table> </code></pre></p> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md">@vitejs/plugin-react's changelog</a>.</em></p> <blockquote> <h2>6.0.3 (2026-06-23)</h2> <h2>6.0.2 (2026-05-14)</h2> <h3>Allow all options in reactCompilerPreset (<a href="https://redirect.github.com/vitejs/vite-plugin-react/pull/1189">#1189</a>)</h3> <p>This is a type only change. Only <code>compilationMode</code> and <code>target</code> options were available for <code>reactCompilerPreset</code>.</p> <h2>6.0.1 (2026-03-13)</h2> <h3>Expand <code>@rolldown/plugin-babel</code> peer dep range (<a href="https://redirect.github.com/vitejs/vite-plugin-react/pull/1146">#1146</a>)</h3> <p>Expanded <code>@rolldown/plugin-babel</code> peer dep range to include <code>^0.2.0</code>.</p> <h2>6.0.0 (2026-03-12)</h2> <h2>6.0.0-beta.0 (2026-03-03)</h2> <h3>Remove Babel Related Features (<a href="https://redirect.github.com/vitejs/vite-plugin-react/pull/1123">#1123</a>)</h3> <p>Vite 8+ can handle React Refresh Transform by Oxc and doesn't need Babel for it. With that, there are no transform applied that requires Babel. To reduce the installation size of this plugin, babel is no longer a dependency of this plugin and the related features are removed.</p> <p>If you are using Babel, you can use <code>@rolldown/plugin-babel</code> together with this plugin:</p> <pre lang="diff"><code> import { defineConfig } from 'vite' import react from '@vitejs/plugin-react' +import babel from '@rolldown/plugin-babel' <p>export default defineConfig({ plugins: [</p> <ul> <li> <pre><code>react({ </code></pre> </li> <li> <pre><code> babel: { </code></pre> </li> <li> <pre><code> plugins: ['@babel/plugin-proposal-throw-expressions'], </code></pre> </li> <li> <pre><code> }, </code></pre> </li> <li> <pre><code>}), </code></pre> </li> </ul> <ul> <li> <pre><code>react(), </code></pre> </li> <li> <pre><code>babel({ </code></pre> </li> <li> <pre><code> plugins: ['@babel/plugin-proposal-throw-expressions'], </code></pre> </li> <li> <pre><code>}), </code></pre> ] }) </code></pre></li> </ul> <p>For React compiler users, you can use <code>reactCompilerPreset</code> for easier setup with preconfigured filter to improve build performance:</p> <pre lang="diff"><code> import { defineConfig } from 'vite' -import react from '@vitejs/plugin-react' +import react, { reactCompilerPreset } from '@vitejs/plugin-react' </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vitejs/vite-plugin-react/commit/640fd358a0e82393acfce4e92e19a6ac6e1641a7"><code>640fd35</code></a> release: plugin-react@6.0.3</li> <li><a href="https://github.com/vitejs/vite-plugin-react/commit/889efb02cdc4ec978a5e177a37e0213cfded38a4"><code>889efb0</code></a> fix(deps): update all non-major dependencies (<a href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1249">#1249</a>)</li> <li><a href="https://github.com/vitejs/vite-plugin-react/commit/6c57dd4c5d71075b48039df2532804e72880da21"><code>6c57dd4</code></a> fix(plugin-react): use '/' base in bundledDev preamble to fix non-root base p...</li> <li><a href="https://github.com/vitejs/vite-plugin-react/commit/3cc33a703636b558a1c1c99e787ddc6bd64aab2d"><code>3cc33a7</code></a> fix(deps): update react-related dependencies (<a href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1245">#1245</a>)</li> <li><a href="https://github.com/vitejs/vite-plugin-react/commit/c0f7c7ff709dc9d88bc1f29f1b27c1b3e2bfcfca"><code>c0f7c7f</code></a> docs: mention the Biome rule in the "Consistent components exports" section (...</li> <li><a href="https://github.com/vitejs/vite-plugin-react/commit/cd80f0f7b2b750f6e8f719f9c3dbe4f22ddd94db"><code>cd80f0f</code></a> fix(deps): update all non-major dependencies (<a href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1241">#1241</a>)</li> <li><a href="https://github.com/vitejs/vite-plugin-react/commit/e38accafea0c7c84f7fc72fd69d9cec731fa7600"><code>e38acca</code></a> fix(deps): update all non-major dependencies (<a href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1227">#1227</a>)</li> <li><a href="https://github.com/vitejs/vite-plugin-react/commit/9a9bb26c23b966dceed47ff9ec257faeb0e777d9"><code>9a9bb26</code></a> perf(react): improve react compiler preset so that slightly more modules are ...</li> <li><a href="https://github.com/vitejs/vite-plugin-react/commit/6535b55e956b425e6650ffc2cc98fd23cca1d231"><code>6535b55</code></a> release: plugin-react@6.0.2</li> <li><a href="https://github.com/vitejs/vite-plugin-react/commit/bf0e43b756e3be81f8572d59727c218311f431ef"><code>bf0e43b</code></a> feat(react): whitelist debugging-options (<a href="https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react/issues/1189">#1189</a>)</li> <li>Additional commits viewable in <a href="https://github.com/vitejs/vite-plugin-react/commits/plugin-react@6.0.3/packages/plugin-react">compare view</a></li> </ul> </details> <br /> Updates `eslint-plugin-react-refresh` from 0.5.2 to 0.5.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/releases">eslint-plugin-react-refresh's releases</a>.</em></p> <blockquote> <h2>v0.5.3</h2> <ul> <li>Fix check for non component class exported via <code>export { }</code> <a href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/pull/110">#110</a> (fixes <a href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/109">#109</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/blob/main/CHANGELOG.md">eslint-plugin-react-refresh's changelog</a>.</em></p> <blockquote> <h2>0.5.3</h2> <ul> <li>Fix check for non component class exported via <code>export { }</code> <a href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/pull/110">#110</a> (fixes <a href="https://redirect.github.com/ArnaudBarre/eslint-plugin-react-refresh/issues/109">#109</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/00818e991486da1e4b76f510f5f9113271549944"><code>00818e9</code></a> v0.5.3 [publish]</li> <li><a href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/commit/202fc4a8bddcfb442a317ad604693d8436c3d3ea"><code>202fc4a</code></a> Fix PascalCase class exported via <code>export { Name }</code> incorrectly treated as Re...</li> <li>See full diff in <a href="https://github.com/ArnaudBarre/eslint-plugin-react-refresh/compare/v0.5.2...v0.5.3">compare view</a></li> </ul> </details> <br /> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: HarelM <harel.mazor@gmail.com> |
||
|
|
fadf01a51d |
Remove jsonlint build hack (#1987)
## Launch Checklist This removes the jsonlint build hack that was used for a long time due to json lint part of the style spec package that was missing a fix. This is now no longer needed with the latest style spec package. - [x] Briefly describe the changes in this PR. |
||
|
|
251fe40fde |
chore(deps): Bump actions/setup-go from 6.4.0 to 6.5.0 (#1960)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 6.4.0 to 6.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-go/releases">actions/setup-go's releases</a>.</em></p> <blockquote> <h2>v6.5.0</h2> <h2>What's Changed</h2> <h3>Dependency update</h3> <ul> <li>Upgrade actions dependencies by <a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> with <a href="https://github.com/Copilot"><code>@Copilot</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/744">actions/setup-go#744</a></li> <li>Upgrade <code>@types/node</code> and typescript-eslint dependencies to resolve npm audit findings by <a href="https://github.com/HarithaVattikuti"><code>@HarithaVattikuti</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/755">actions/setup-go#755</a></li> <li>Upgrade <code>@actions/cache</code> to 5.1.0, log cache write denied by <a href="https://github.com/jasongin"><code>@jasongin</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/758">actions/setup-go#758</a></li> <li>Upgrade version to 6.5.0 in package.json and package-lock.json by <a href="https://github.com/HarithaVattikuti"><code>@HarithaVattikuti</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/762">actions/setup-go#762</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> with <a href="https://github.com/Copilot"><code>@Copilot</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-go/pull/744">actions/setup-go#744</a></li> <li><a href="https://github.com/jasongin"><code>@jasongin</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-go/pull/758">actions/setup-go#758</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-go/compare/v6...v6.5.0">https://github.com/actions/setup-go/compare/v6...v6.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-go/commit/924ae3a1cded613372ab5595356fb5720e22ba16"><code>924ae3a</code></a> chore: bump version to 6.5.0 in package.json and package-lock.json (<a href="https://redirect.github.com/actions/setup-go/issues/762">#762</a>)</li> <li><a href="https://github.com/actions/setup-go/commit/e91cc3bfe0c3efd0b2d1dc3a51269c9038deb4f1"><code>e91cc3b</code></a> Bump <code>@actions/cache</code> to 5.1.0, log cache write denied (<a href="https://redirect.github.com/actions/setup-go/issues/758">#758</a>)</li> <li><a href="https://github.com/actions/setup-go/commit/4a2405e6aebff6aabd8e43618539aa35cf90ac92"><code>4a2405e</code></a> chore: update <code>@types/node</code> and <a href="https://github.com/typescript-eslint"><code>@typescript-eslint</code></a> dependencies to latest versi...</li> <li><a href="https://github.com/actions/setup-go/commit/78961f6f84d799cd858575bb931c3e51d3b13290"><code>78961f6</code></a> chore: update <a href="https://github.com/actions"><code>@actions</code></a> dependencies and refresh license cache (<a href="https://redirect.github.com/actions/setup-go/issues/744">#744</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-go/compare/4a3601121dd01d1626a1e23e37211e3254c1c06c...924ae3a1cded613372ab5595356fb5720e22ba16">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f175749fb7 |
chore(deps): Bump codecov/codecov-action from 6.0.1 to 7.0.0 (#1938)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 6.0.1 to 7.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v7.0.0</h2> <p>⚠️ Due to migration issues with keybase, we are unable to update our keys under the <code>codecovsecurity</code> account. We have deleted the account and are using <code>codecovsecops</code> with the original gpg key</p> <h2>What's Changed</h2> <ul> <li>ci: remove Enforce License Compliance workflow by <a href="https://github.com/thomasrockhu-codecov"><code>@thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1950">codecov/codecov-action#1950</a></li> <li>chore(release): 7.0.0 by <a href="https://github.com/thomasrockhu-codecov"><code>@thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1957">codecov/codecov-action#1957</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v6.0.1...v7.0.0">https://github.com/codecov/codecov-action/compare/v6.0.1...v7.0.0</a></p> <h2>v6.0.2</h2> <p>This is a copy of the <code>v7.0.0</code> release to make updates easier</p> <h2>What's Changed</h2> <ul> <li>ci: remove Enforce License Compliance workflow by <a href="https://github.com/thomasrockhu-codecov"><code>@thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1950">codecov/codecov-action#1950</a></li> <li>chore(release): 7.0.0 by <a href="https://github.com/thomasrockhu-codecov"><code>@thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1957">codecov/codecov-action#1957</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v6.0.1...v6.0.2">https://github.com/codecov/codecov-action/compare/v6.0.1...v6.0.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's changelog</a>.</em></p> <blockquote> <h2>v5.5.2</h2> <h3>What's Changed</h3> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2">https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2</a></p> <h2>v5.5.1</h2> <h3>What's Changed</h3> <ul> <li>fix: overwrite pr number on fork by <a href="https://github.com/thomasrockhu-codecov"><code>@thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1871">codecov/codecov-action#1871</a></li> <li>build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by <code>@app/dependabot</code> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1868">codecov/codecov-action#1868</a></li> <li>build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by <code>@app/dependabot</code> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1867">codecov/codecov-action#1867</a></li> <li>fix: update to use local app/ dir by <a href="https://github.com/thomasrockhu-codecov"><code>@thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1872">codecov/codecov-action#1872</a></li> <li>docs: fix typo in README by <a href="https://github.com/datalater"><code>@datalater</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1866">codecov/codecov-action#1866</a></li> <li>Document a <code>codecov-cli</code> version reference example by <a href="https://github.com/webknjaz"><code>@webknjaz</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1774">codecov/codecov-action#1774</a></li> <li>build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by <code>@app/dependabot</code> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1861">codecov/codecov-action#1861</a></li> <li>build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by <code>@app/dependabot</code> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1833">codecov/codecov-action#1833</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1">https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1</a></p> <h2>v5.5.0</h2> <h3>What's Changed</h3> <ul> <li>feat: upgrade wrapper to 0.2.4 by <a href="https://github.com/jviall"><code>@jviall</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1864">codecov/codecov-action#1864</a></li> <li>Pin actions/github-script by Git SHA by <a href="https://github.com/martincostello"><code>@martincostello</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1859">codecov/codecov-action#1859</a></li> <li>fix: check reqs exist by <a href="https://github.com/joseph-sentry"><code>@joseph-sentry</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1835">codecov/codecov-action#1835</a></li> <li>fix: Typo in README by <a href="https://github.com/spalmurray"><code>@spalmurray</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1838">codecov/codecov-action#1838</a></li> <li>docs: Refine OIDC docs by <a href="https://github.com/spalmurray"><code>@spalmurray</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1837">codecov/codecov-action#1837</a></li> <li>build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by <code>@app/dependabot</code> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1829">codecov/codecov-action#1829</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0">https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0</a></p> <h2>v5.4.3</h2> <h3>What's Changed</h3> <ul> <li>build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by <code>@app/dependabot</code> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1822">codecov/codecov-action#1822</a></li> <li>fix: OIDC on forks by <a href="https://github.com/joseph-sentry"><code>@joseph-sentry</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1823">codecov/codecov-action#1823</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3">https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3</a></p> <h2>v5.4.2</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/codecov/codecov-action/commit/fb8b3582c8e4def4969c97caa2f19720cb33a72f"><code>fb8b358</code></a> chore(release): 7.0.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/1957">#1957</a>)</li> <li><a href="https://github.com/codecov/codecov-action/commit/ca0a928a4cb3911011e868128a5cd90437c12db1"><code>ca0a928</code></a> ci: remove Enforce License Compliance workflow (<a href="https://redirect.github.com/codecov/codecov-action/issues/1950">#1950</a>)</li> <li>See full diff in <a href="https://github.com/codecov/codecov-action/compare/e79a6962e0d4c0c17b229090214935d2e33f8354...fb8b3582c8e4def4969c97caa2f19720cb33a72f">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f9219c3c83 |
chore(deps): Bump github/codeql-action/autobuild from 4.36.2 to 4.36.3 (#1986)
Bumps [github/codeql-action/autobuild](https://github.com/github/codeql-action) from 4.36.2 to 4.36.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action/autobuild's releases</a>.</em></p> <blockquote> <h2>v4.36.3</h2> <p>No user facing changes.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action/autobuild's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.36.3 - 01 Jul 2026</h2> <p>No user facing changes.</p> <h2>4.36.2 - 04 Jun 2026</h2> <ul> <li>Cache CodeQL CLI version information across Actions steps. <a href="https://redirect.github.com/github/codeql-action/pull/3943">#3943</a></li> <li>Reduce requests while waiting for analysis processing by using exponential backoff when polling SARIF processing status. <a href="https://redirect.github.com/github/codeql-action/pull/3937">#3937</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.6">2.25.6</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3948">#3948</a></li> </ul> <h2>4.36.1 - 02 Jun 2026</h2> <p>No user facing changes.</p> <h2>4.36.0 - 22 May 2026</h2> <ul> <li><em>Breaking change</em>: Bump the minimum required CodeQL bundle version to 2.19.4. <a href="https://redirect.github.com/github/codeql-action/pull/3894">#3894</a></li> <li>Add support for SHA-256 Git object IDs. <a href="https://redirect.github.com/github/codeql-action/pull/3893">#3893</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5">2.25.5</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3926">#3926</a></li> </ul> <h2>4.35.5 - 15 May 2026</h2> <ul> <li>We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3899">#3899</a></li> <li>For performance and accuracy reasons, <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. <a href="https://redirect.github.com/github/codeql-action/pull/3791">#3791</a></li> <li>If multiple inputs are provided for the GitHub-internal <code>analysis-kinds</code> input, only <code>code-scanning</code> will be enabled. The <code>analysis-kinds</code> input is experimental, for GitHub-internal use only, and may change without notice at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3892">#3892</a></li> <li>Added an experimental change which, when running a Code Scanning analysis for a PR with <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. <a href="https://redirect.github.com/github/codeql-action/pull/3880">#3880</a></li> </ul> <h2>4.35.4 - 07 May 2026</h2> <ul> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4">2.25.4</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3881">#3881</a></li> </ul> <h2>4.35.3 - 01 May 2026</h2> <ul> <li><em>Upcoming breaking change</em>: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3837">#3837</a></li> <li>Configurations for private registries that use Cloudsmith or GCP OIDC are now accepted. <a href="https://redirect.github.com/github/codeql-action/pull/3850">#3850</a></li> <li>Best-effort connection tests for private registries now use <code>GET</code> requests instead of <code>HEAD</code> for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. <a href="https://redirect.github.com/github/codeql-action/pull/3853">#3853</a></li> <li>Fixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. <a href="https://redirect.github.com/github/codeql-action/pull/3852">#3852</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3">2.25.3</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3865">#3865</a></li> </ul> <h2>4.35.2 - 15 Apr 2026</h2> <ul> <li>The undocumented TRAP cache cleanup feature that could be enabled using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the <code>trap-caching: false</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/54f647b7e1bb85c95cddabcd46b0c578ec92bc1a"><code>54f647b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3984">#3984</a> from github/update-v4.36.3-1f34ec164</li> <li><a href="https://github.com/github/codeql-action/commit/e78819e05527766c3c5919e3177647e280c6cb83"><code>e78819e</code></a> Trigger checks</li> <li><a href="https://github.com/github/codeql-action/commit/2c9d3d63eb4941734e2d29468953529a56f5ff1c"><code>2c9d3d6</code></a> Update changelog for v4.36.3</li> <li><a href="https://github.com/github/codeql-action/commit/1f34ec16430d82636d18716acc7aaa6d843b35a9"><code>1f34ec1</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3983">#3983</a> from github/mbg/repo-props/ff-for-config-file-prop</li> <li><a href="https://github.com/github/codeql-action/commit/d5f0145480025b49d8b08c3f6b36e6ad41a68c90"><code>d5f0145</code></a> Log when repository property has a value but is ignored</li> <li><a href="https://github.com/github/codeql-action/commit/f27f56386a3c745af8d7bbfb806098c714a5e32a"><code>f27f563</code></a> Add test for when the FF is off</li> <li><a href="https://github.com/github/codeql-action/commit/0025d0f2b5676fde748a0be9725dcce18dd9f986"><code>0025d0f</code></a> Use FF</li> <li><a href="https://github.com/github/codeql-action/commit/f7fa18f05d107ff6735857c3510fbff190c9a1eb"><code>f7fa18f</code></a> Add FF for config file repo property</li> <li><a href="https://github.com/github/codeql-action/commit/628fc3f124e68b0151f0d2a5d81e864ee1e42335"><code>628fc3f</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3979">#3979</a> from github/henrymercer/overlay-db-cleanup-size-tele...</li> <li><a href="https://github.com/github/codeql-action/commit/9cfb67bab9b32441237f92d4ba29a7f3ccff259f"><code>9cfb67b</code></a> Add clarifying comments</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/8aad20d150bbac5944a9f9d289da16a4b0d87c1e...54f647b7e1bb85c95cddabcd46b0c578ec92bc1a">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f78b9ccaaa |
chore(deps): Bump @codemirror/view from 6.43.4 to 6.43.5 (#1985)
Bumps [@codemirror/view](https://github.com/codemirror/view) from 6.43.4 to 6.43.5. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/codemirror/view/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
bb73a2b1e8 |
chore(deps): Bump github/codeql-action/analyze from 4.36.2 to 4.36.3 (#1982)
Bumps [github/codeql-action/analyze](https://github.com/github/codeql-action) from 4.36.2 to 4.36.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action/analyze's releases</a>.</em></p> <blockquote> <h2>v4.36.3</h2> <p>No user facing changes.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action/analyze's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.36.3 - 01 Jul 2026</h2> <p>No user facing changes.</p> <h2>4.36.2 - 04 Jun 2026</h2> <ul> <li>Cache CodeQL CLI version information across Actions steps. <a href="https://redirect.github.com/github/codeql-action/pull/3943">#3943</a></li> <li>Reduce requests while waiting for analysis processing by using exponential backoff when polling SARIF processing status. <a href="https://redirect.github.com/github/codeql-action/pull/3937">#3937</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.6">2.25.6</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3948">#3948</a></li> </ul> <h2>4.36.1 - 02 Jun 2026</h2> <p>No user facing changes.</p> <h2>4.36.0 - 22 May 2026</h2> <ul> <li><em>Breaking change</em>: Bump the minimum required CodeQL bundle version to 2.19.4. <a href="https://redirect.github.com/github/codeql-action/pull/3894">#3894</a></li> <li>Add support for SHA-256 Git object IDs. <a href="https://redirect.github.com/github/codeql-action/pull/3893">#3893</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5">2.25.5</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3926">#3926</a></li> </ul> <h2>4.35.5 - 15 May 2026</h2> <ul> <li>We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3899">#3899</a></li> <li>For performance and accuracy reasons, <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. <a href="https://redirect.github.com/github/codeql-action/pull/3791">#3791</a></li> <li>If multiple inputs are provided for the GitHub-internal <code>analysis-kinds</code> input, only <code>code-scanning</code> will be enabled. The <code>analysis-kinds</code> input is experimental, for GitHub-internal use only, and may change without notice at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3892">#3892</a></li> <li>Added an experimental change which, when running a Code Scanning analysis for a PR with <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. <a href="https://redirect.github.com/github/codeql-action/pull/3880">#3880</a></li> </ul> <h2>4.35.4 - 07 May 2026</h2> <ul> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4">2.25.4</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3881">#3881</a></li> </ul> <h2>4.35.3 - 01 May 2026</h2> <ul> <li><em>Upcoming breaking change</em>: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3837">#3837</a></li> <li>Configurations for private registries that use Cloudsmith or GCP OIDC are now accepted. <a href="https://redirect.github.com/github/codeql-action/pull/3850">#3850</a></li> <li>Best-effort connection tests for private registries now use <code>GET</code> requests instead of <code>HEAD</code> for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. <a href="https://redirect.github.com/github/codeql-action/pull/3853">#3853</a></li> <li>Fixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. <a href="https://redirect.github.com/github/codeql-action/pull/3852">#3852</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3">2.25.3</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3865">#3865</a></li> </ul> <h2>4.35.2 - 15 Apr 2026</h2> <ul> <li>The undocumented TRAP cache cleanup feature that could be enabled using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the <code>trap-caching: false</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/54f647b7e1bb85c95cddabcd46b0c578ec92bc1a"><code>54f647b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3984">#3984</a> from github/update-v4.36.3-1f34ec164</li> <li><a href="https://github.com/github/codeql-action/commit/e78819e05527766c3c5919e3177647e280c6cb83"><code>e78819e</code></a> Trigger checks</li> <li><a href="https://github.com/github/codeql-action/commit/2c9d3d63eb4941734e2d29468953529a56f5ff1c"><code>2c9d3d6</code></a> Update changelog for v4.36.3</li> <li><a href="https://github.com/github/codeql-action/commit/1f34ec16430d82636d18716acc7aaa6d843b35a9"><code>1f34ec1</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3983">#3983</a> from github/mbg/repo-props/ff-for-config-file-prop</li> <li><a href="https://github.com/github/codeql-action/commit/d5f0145480025b49d8b08c3f6b36e6ad41a68c90"><code>d5f0145</code></a> Log when repository property has a value but is ignored</li> <li><a href="https://github.com/github/codeql-action/commit/f27f56386a3c745af8d7bbfb806098c714a5e32a"><code>f27f563</code></a> Add test for when the FF is off</li> <li><a href="https://github.com/github/codeql-action/commit/0025d0f2b5676fde748a0be9725dcce18dd9f986"><code>0025d0f</code></a> Use FF</li> <li><a href="https://github.com/github/codeql-action/commit/f7fa18f05d107ff6735857c3510fbff190c9a1eb"><code>f7fa18f</code></a> Add FF for config file repo property</li> <li><a href="https://github.com/github/codeql-action/commit/628fc3f124e68b0151f0d2a5d81e864ee1e42335"><code>628fc3f</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3979">#3979</a> from github/henrymercer/overlay-db-cleanup-size-tele...</li> <li><a href="https://github.com/github/codeql-action/commit/9cfb67bab9b32441237f92d4ba29a7f3ccff259f"><code>9cfb67b</code></a> Add clarifying comments</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/8aad20d150bbac5944a9f9d289da16a4b0d87c1e...54f647b7e1bb85c95cddabcd46b0c578ec92bc1a">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
a4da75d722 |
chore(deps): Bump docker/login-action from 4.2.0 to 4.4.0 (#1983)
Bumps [docker/login-action](https://github.com/docker/login-action) from 4.2.0 to 4.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/login-action/releases">docker/login-action's releases</a>.</em></p> <blockquote> <h2>v4.4.0</h2> <ul> <li>Skip empty <code>registry-auth</code> secret mask by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/1035">docker/login-action#1035</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> and <code>@aws-sdk/client-ecr-public</code> to 3.1077.0 <a href="https://redirect.github.com/docker/login-action/pull/1034">docker/login-action#1034</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v4.3.0...v4.4.0">https://github.com/docker/login-action/compare/v4.3.0...v4.4.0</a></p> <h2>v4.3.0</h2> <ul> <li>Preserve names in esbuild bundle by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/login-action/pull/1022">docker/login-action#1022</a></li> <li>Bump <code>@aws-sdk/client-ecr</code> and <code>@aws-sdk/client-ecr-public</code> to 3.1076.0 <a href="https://redirect.github.com/docker/login-action/pull/999">docker/login-action#999</a> <a href="https://redirect.github.com/docker/login-action/pull/1030">docker/login-action#1030</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.90.0 to 0.92.0 in <a href="https://redirect.github.com/docker/login-action/pull/1004">docker/login-action#1004</a> <a href="https://redirect.github.com/docker/login-action/pull/1027">docker/login-action#1027</a></li> <li>Bump <code>@sigstore/core</code> from 3.1.0 to 3.2.1 in <a href="https://redirect.github.com/docker/login-action/pull/1023">docker/login-action#1023</a></li> <li>Bump <code>@sigstore/verify</code> from 3.1.0 to 3.1.1 in <a href="https://redirect.github.com/docker/login-action/pull/1029">docker/login-action#1029</a></li> <li>Bump http-proxy-agent and https-proxy-agent to 9.1.0 in <a href="https://redirect.github.com/docker/login-action/pull/1017">docker/login-action#1017</a></li> <li>Bump js-yaml from 4.1.1 to 5.2.0 in <a href="https://redirect.github.com/docker/login-action/pull/1028">docker/login-action#1028</a></li> <li>Bump sigstore from 4.1.0 to 4.1.1 in <a href="https://redirect.github.com/docker/login-action/pull/1031">docker/login-action#1031</a></li> <li>Bump tmp from 0.2.5 to 0.2.7 in <a href="https://redirect.github.com/docker/login-action/pull/1002">docker/login-action#1002</a></li> <li>Bump undici from 6.24.1 to 6.27.0 in <a href="https://redirect.github.com/docker/login-action/pull/1020">docker/login-action#1020</a></li> <li>Bump vite from 7.3.3 to 7.3.6 in <a href="https://redirect.github.com/docker/login-action/pull/1019">docker/login-action#1019</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/login-action/compare/v4.2.0...v4.3.0">https://github.com/docker/login-action/compare/v4.2.0...v4.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/login-action/commit/af1e73f918a031802d376d3c8bbc3fe56130a9b0"><code>af1e73f</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/1034">#1034</a> from docker/dependabot/npm_and_yarn/aws-sdk-dependen...</li> <li><a href="https://github.com/docker/login-action/commit/da722bde43bacb027adfc67d42dbaa4c0f9e550b"><code>da722bd</code></a> [dependabot skip] chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/2916ad60bd5cb72f07aa54c69fdcc61749c09b7a"><code>2916ad6</code></a> build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...</li> <li><a href="https://github.com/docker/login-action/commit/ca0a662f786e4cfddce972005bd68f3dafc3a903"><code>ca0a662</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/1035">#1035</a> from crazy-max/fix-registry-auth-empty-mask</li> <li><a href="https://github.com/docker/login-action/commit/c455755a579833bf0d2e4e54e3beb413ef10cc80"><code>c455755</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/login-action/commit/48351901f89581a7c12870c787d3f06d1f498438"><code>4835190</code></a> skip empty registry-auth secret mask</li> <li><a href="https://github.com/docker/login-action/commit/992421c6e6806a7f6df609d1bfff374f9eca3004"><code>992421c</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/1033">#1033</a> from docker/dependabot/github_actions/docker/bake-ac...</li> <li><a href="https://github.com/docker/login-action/commit/b249b43765525dd7951068267a34cf63f22ab4f0"><code>b249b43</code></a> Merge pull request <a href="https://redirect.github.com/docker/login-action/issues/1032">#1032</a> from docker/dependabot/github_actions/docker/bake-ac...</li> <li><a href="https://github.com/docker/login-action/commit/1b67977736863551a88ff218642a2d7628b10520"><code>1b67977</code></a> build(deps): bump docker/bake-action from 7.2.0 to 7.3.0</li> <li><a href="https://github.com/docker/login-action/commit/9d49d6a3234c78daa10c3c12183ef7b6caa8e69e"><code>9d49d6a</code></a> build(deps): bump docker/bake-action/subaction/matrix</li> <li>Additional commits viewable in <a href="https://github.com/docker/login-action/compare/650006c6eb7dba73a995cc03b0b2d7f5ca915bee...af1e73f918a031802d376d3c8bbc3fe56130a9b0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
1b314b11b9 |
chore(deps): Bump github/codeql-action/init from 4.36.2 to 4.36.3 (#1981)
Bumps [github/codeql-action/init](https://github.com/github/codeql-action) from 4.36.2 to 4.36.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action/init's releases</a>.</em></p> <blockquote> <h2>v4.36.3</h2> <p>No user facing changes.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action/init's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>4.36.3 - 01 Jul 2026</h2> <p>No user facing changes.</p> <h2>4.36.2 - 04 Jun 2026</h2> <ul> <li>Cache CodeQL CLI version information across Actions steps. <a href="https://redirect.github.com/github/codeql-action/pull/3943">#3943</a></li> <li>Reduce requests while waiting for analysis processing by using exponential backoff when polling SARIF processing status. <a href="https://redirect.github.com/github/codeql-action/pull/3937">#3937</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.6">2.25.6</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3948">#3948</a></li> </ul> <h2>4.36.1 - 02 Jun 2026</h2> <p>No user facing changes.</p> <h2>4.36.0 - 22 May 2026</h2> <ul> <li><em>Breaking change</em>: Bump the minimum required CodeQL bundle version to 2.19.4. <a href="https://redirect.github.com/github/codeql-action/pull/3894">#3894</a></li> <li>Add support for SHA-256 Git object IDs. <a href="https://redirect.github.com/github/codeql-action/pull/3893">#3893</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5">2.25.5</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3926">#3926</a></li> </ul> <h2>4.35.5 - 15 May 2026</h2> <ul> <li>We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3899">#3899</a></li> <li>For performance and accuracy reasons, <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. <a href="https://redirect.github.com/github/codeql-action/pull/3791">#3791</a></li> <li>If multiple inputs are provided for the GitHub-internal <code>analysis-kinds</code> input, only <code>code-scanning</code> will be enabled. The <code>analysis-kinds</code> input is experimental, for GitHub-internal use only, and may change without notice at any time. <a href="https://redirect.github.com/github/codeql-action/pull/3892">#3892</a></li> <li>Added an experimental change which, when running a Code Scanning analysis for a PR with <a href="https://redirect.github.com/github/roadmap/issues/1158">improved incremental analysis</a> enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. <a href="https://redirect.github.com/github/codeql-action/pull/3880">#3880</a></li> </ul> <h2>4.35.4 - 07 May 2026</h2> <ul> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4">2.25.4</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3881">#3881</a></li> </ul> <h2>4.35.3 - 01 May 2026</h2> <ul> <li><em>Upcoming breaking change</em>: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/3837">#3837</a></li> <li>Configurations for private registries that use Cloudsmith or GCP OIDC are now accepted. <a href="https://redirect.github.com/github/codeql-action/pull/3850">#3850</a></li> <li>Best-effort connection tests for private registries now use <code>GET</code> requests instead of <code>HEAD</code> for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. <a href="https://redirect.github.com/github/codeql-action/pull/3853">#3853</a></li> <li>Fixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. <a href="https://redirect.github.com/github/codeql-action/pull/3852">#3852</a></li> <li>Update default CodeQL bundle version to <a href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3">2.25.3</a>. <a href="https://redirect.github.com/github/codeql-action/pull/3865">#3865</a></li> </ul> <h2>4.35.2 - 15 Apr 2026</h2> <ul> <li>The undocumented TRAP cache cleanup feature that could be enabled using the <code>CODEQL_ACTION_CLEANUP_TRAP_CACHES</code> environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the <code>trap-caching: false</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/3795">#3795</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/54f647b7e1bb85c95cddabcd46b0c578ec92bc1a"><code>54f647b</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3984">#3984</a> from github/update-v4.36.3-1f34ec164</li> <li><a href="https://github.com/github/codeql-action/commit/e78819e05527766c3c5919e3177647e280c6cb83"><code>e78819e</code></a> Trigger checks</li> <li><a href="https://github.com/github/codeql-action/commit/2c9d3d63eb4941734e2d29468953529a56f5ff1c"><code>2c9d3d6</code></a> Update changelog for v4.36.3</li> <li><a href="https://github.com/github/codeql-action/commit/1f34ec16430d82636d18716acc7aaa6d843b35a9"><code>1f34ec1</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3983">#3983</a> from github/mbg/repo-props/ff-for-config-file-prop</li> <li><a href="https://github.com/github/codeql-action/commit/d5f0145480025b49d8b08c3f6b36e6ad41a68c90"><code>d5f0145</code></a> Log when repository property has a value but is ignored</li> <li><a href="https://github.com/github/codeql-action/commit/f27f56386a3c745af8d7bbfb806098c714a5e32a"><code>f27f563</code></a> Add test for when the FF is off</li> <li><a href="https://github.com/github/codeql-action/commit/0025d0f2b5676fde748a0be9725dcce18dd9f986"><code>0025d0f</code></a> Use FF</li> <li><a href="https://github.com/github/codeql-action/commit/f7fa18f05d107ff6735857c3510fbff190c9a1eb"><code>f7fa18f</code></a> Add FF for config file repo property</li> <li><a href="https://github.com/github/codeql-action/commit/628fc3f124e68b0151f0d2a5d81e864ee1e42335"><code>628fc3f</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/3979">#3979</a> from github/henrymercer/overlay-db-cleanup-size-tele...</li> <li><a href="https://github.com/github/codeql-action/commit/9cfb67bab9b32441237f92d4ba29a7f3ccff259f"><code>9cfb67b</code></a> Add clarifying comments</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/8aad20d150bbac5944a9f9d289da16a4b0d87c1e...54f647b7e1bb85c95cddabcd46b0c578ec92bc1a">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
66377f5dcf |
Bump version to 3.1.0 (#1978)
Automated changes by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action Co-authored-by: HarelM <3269297+HarelM@users.noreply.github.com>v3.1.0 |
||
|
|
fc4a7c5ab9 |
chore(deps-dev): Bump eslint from 10.5.0 to 10.6.0 (#1969)
Bumps [eslint](https://github.com/eslint/eslint) from 10.5.0 to 10.6.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/eslint/eslint/releases">eslint's releases</a>.</em></p> <blockquote> <h2>v10.6.0</h2> <h2>Features</h2> <ul> <li><a href="https://github.com/eslint/eslint/commit/b1f910628e29a018c860e2352bc14cd07c853d67"><code>b1f9106</code></a> feat: detect Symbol() and BigInt() in no-constant-binary-expression (<a href="https://redirect.github.com/eslint/eslint/issues/20981">#20981</a>) (Taejin Kim)</li> <li><a href="https://github.com/eslint/eslint/commit/f291007cb73f55c09cf3c2aa3a405df379a5c594"><code>f291007</code></a> feat: add checkRelationalComparisons to no-constant-binary-expression (<a href="https://redirect.github.com/eslint/eslint/issues/20948">#20948</a>) (sethamus)</li> </ul> <h2>Bug Fixes</h2> <ul> <li><a href="https://github.com/eslint/eslint/commit/6b05784eb271ac98ca3e1e2a48c4b14bb588c786"><code>6b05784</code></a> fix: prefer-exponentiation-operator invalid autofix at statement start (<a href="https://redirect.github.com/eslint/eslint/issues/20997">#20997</a>) (Milos Djermanovic)</li> <li><a href="https://github.com/eslint/eslint/commit/bb9eb2ab28daf6e6dafc62daa6b5daf9c2b7046c"><code>bb9eb2a</code></a> fix: account for shadowed <code>Boolean</code> in <code>no-extra-boolean-cast</code> (<a href="https://redirect.github.com/eslint/eslint/issues/21013">#21013</a>) (den$)</li> <li><a href="https://github.com/eslint/eslint/commit/8fd8741009a3ed7845c89bfe2fb3eaa2119b2d15"><code>8fd8741</code></a> fix: don't report shadowed undefined in <code>radix</code> rule (<a href="https://redirect.github.com/eslint/eslint/issues/21011">#21011</a>) (Pixel)</li> <li><a href="https://github.com/eslint/eslint/commit/5784980ce8ba99556db98907895d82ef49cd0a27"><code>5784980</code></a> fix: don't report shadowed undefined in no-throw-literal (<a href="https://redirect.github.com/eslint/eslint/issues/21010">#21010</a>) (Pixel)</li> <li><a href="https://github.com/eslint/eslint/commit/9cd1e6de5bad487a9c713bdc9fda5af7ea0babcd"><code>9cd1e6d</code></a> fix: suppress invalid class suggestion in no-promise-executor-return (<a href="https://redirect.github.com/eslint/eslint/issues/21008">#21008</a>) (Pixel)</li> <li><a href="https://github.com/eslint/eslint/commit/d4eb2dc95f17cdf491edca91b7d9caf05b86253f"><code>d4eb2dc</code></a> fix: don't report shadowed undefined in prefer-promise-reject-errors (<a href="https://redirect.github.com/eslint/eslint/issues/21006">#21006</a>) (Pixel)</li> <li><a href="https://github.com/eslint/eslint/commit/23604646db6d987d01edb8aa5f4d2a88bd4c01d0"><code>2360464</code></a> fix: prefer-promise-reject-errors false positives for shadowed Promise (<a href="https://redirect.github.com/eslint/eslint/issues/21003">#21003</a>) (den$)</li> <li><a href="https://github.com/eslint/eslint/commit/63d52d28de705ec46f328d18166e8b7170b3f024"><code>63d52d2</code></a> fix: restore max-classes-per-file report range (<a href="https://redirect.github.com/eslint/eslint/issues/21002">#21002</a>) (Pixel)</li> <li><a href="https://github.com/eslint/eslint/commit/7feaff0cfb8d6a6260d3ea56887c9161daf8c700"><code>7feaff0</code></a> fix: callback detection logic for IIFEs in max-nested-callbacks (<a href="https://redirect.github.com/eslint/eslint/issues/20979">#20979</a>) (fnx)</li> <li><a href="https://github.com/eslint/eslint/commit/399a2ec81bcbcff2c67920db51d9276b20ac1025"><code>399a2ec</code></a> fix: don't report inner non-callbacks in <code>max-nested-callbacks</code> (<a href="https://redirect.github.com/eslint/eslint/issues/20995">#20995</a>) (Milos Djermanovic)</li> </ul> <h2>Documentation</h2> <ul> <li><a href="https://github.com/eslint/eslint/commit/a83683db1c27193c2ad333fc5c0aedcc8a293db7"><code>a83683d</code></a> docs: Update README (GitHub Actions Bot)</li> <li><a href="https://github.com/eslint/eslint/commit/f5449f96c2caabbc1a28b15211873e2f672f5ae5"><code>f5449f9</code></a> docs: document userland patterns for global assertionOptions in RuleT… (<a href="https://redirect.github.com/eslint/eslint/issues/20986">#20986</a>) (playgirl)</li> <li><a href="https://github.com/eslint/eslint/commit/bea49f7b2899ebf708482f977ef2ada41fd2c3f0"><code>bea49f7</code></a> docs: Update README (GitHub Actions Bot)</li> <li><a href="https://github.com/eslint/eslint/commit/e5f70f9b06683a887dd0d6dc1cc91a9c9bea816d"><code>e5f70f9</code></a> docs: update code-path diagrams (<a href="https://redirect.github.com/eslint/eslint/issues/20984">#20984</a>) (Tanuj Kanti)</li> <li><a href="https://github.com/eslint/eslint/commit/8890c2d40880b195b9167735c24ec0cc5de5eb96"><code>8890c2d</code></a> docs: add TypeScript config guidance for MCP server (<a href="https://redirect.github.com/eslint/eslint/issues/20796">#20796</a>) (Pierluigi Lenoci)</li> <li><a href="https://github.com/eslint/eslint/commit/3eb3d9b1b5edecc3fcae0519ddba0e3745e889e3"><code>3eb3d9b</code></a> docs: Update README (GitHub Actions Bot)</li> <li><a href="https://github.com/eslint/eslint/commit/c5bb59cf613dabafd550227b6adaa9327b1095f5"><code>c5bb59c</code></a> docs: Update README (GitHub Actions Bot)</li> <li><a href="https://github.com/eslint/eslint/commit/eb3c97c776731ce11b28cc99f0271f41b9994701"><code>eb3c97c</code></a> docs: fix grammar in prefer-const rule description (<a href="https://redirect.github.com/eslint/eslint/issues/20983">#20983</a>) (lumir)</li> </ul> <h2>Chores</h2> <ul> <li><a href="https://github.com/eslint/eslint/commit/6a42034a57a816b0a313720b3b9df09455bd0b5e"><code>6a42034</code></a> ci: run ecosystem tests on main branch (<a href="https://redirect.github.com/eslint/eslint/issues/20891">#20891</a>) (sethamus)</li> <li><a href="https://github.com/eslint/eslint/commit/3dbacdbb31673c87ca86ecafbb18712d8d1daed8"><code>3dbacdb</code></a> ci: bump actions/checkout from 6 to 7 (<a href="https://redirect.github.com/eslint/eslint/issues/21014">#21014</a>) (dependabot[bot])</li> <li><a href="https://github.com/eslint/eslint/commit/c3abfca7c96cc9a244f54eeb66e9971c59280354"><code>c3abfca</code></a> chore: correct JSDoc param types in html formatter (<a href="https://redirect.github.com/eslint/eslint/issues/21018">#21018</a>) (Minseon Kim)</li> <li><a href="https://github.com/eslint/eslint/commit/a8323209cdbefefd540c5beeaa51418d8ec40f9e"><code>a832320</code></a> ci: split ecosystem tests into separate jobs (<a href="https://redirect.github.com/eslint/eslint/issues/21001">#21001</a>) (xbinaryx)</li> <li><a href="https://github.com/eslint/eslint/commit/27166e78511db526688afc34bbfab1a458405f3f"><code>27166e7</code></a> chore: update ecosystem plugins (<a href="https://redirect.github.com/eslint/eslint/issues/21005">#21005</a>) (ESLint Bot)</li> <li><a href="https://github.com/eslint/eslint/commit/865d76e40107d4fa10a17fc3203b303eb8a88dc3"><code>865d76e</code></a> ci: bump pnpm/action-setup from 6.0.8 to 6.0.9 (<a href="https://redirect.github.com/eslint/eslint/issues/20989">#20989</a>) (dependabot[bot])</li> <li><a href="https://github.com/eslint/eslint/commit/27a88c9fa7c040f4cd39e5a5e6e2d02441c408ef"><code>27a88c9</code></a> chore: update dependency markdown-it to v14 in root (<a href="https://redirect.github.com/eslint/eslint/issues/20994">#20994</a>) (Milos Djermanovic)</li> <li><a href="https://github.com/eslint/eslint/commit/970cea62b295d931a4109abedeb21ba192d3f2be"><code>970cea6</code></a> chore: update dependency markdown-it to v14 (<a href="https://redirect.github.com/eslint/eslint/issues/20993">#20993</a>) (Milos Djermanovic)</li> <li><a href="https://github.com/eslint/eslint/commit/b482120bacb40204fbf16f3b20be7207057157a5"><code>b482120</code></a> chore: update dependency prettier to v3.8.4 (<a href="https://redirect.github.com/eslint/eslint/issues/20990">#20990</a>) (renovate[bot])</li> <li><a href="https://github.com/eslint/eslint/commit/6993fb3173da84999fc208507b93f523aa657448"><code>6993fb3</code></a> chore: update ecosystem plugins (<a href="https://redirect.github.com/eslint/eslint/issues/20985">#20985</a>) (ESLint Bot)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/eslint/eslint/commit/5d12a0419636abb71628b7e45063a943c454a7c7"><code>5d12a04</code></a> 10.6.0</li> <li><a href="https://github.com/eslint/eslint/commit/f7ca54b138c4ba7b8e65f83b7fe58cc8de50af8b"><code>f7ca54b</code></a> Build: changelog update for 10.6.0</li> <li><a href="https://github.com/eslint/eslint/commit/6a42034a57a816b0a313720b3b9df09455bd0b5e"><code>6a42034</code></a> ci: run ecosystem tests on main branch (<a href="https://redirect.github.com/eslint/eslint/issues/20891">#20891</a>)</li> <li><a href="https://github.com/eslint/eslint/commit/b1f910628e29a018c860e2352bc14cd07c853d67"><code>b1f9106</code></a> feat: detect Symbol() and BigInt() in no-constant-binary-expression (<a href="https://redirect.github.com/eslint/eslint/issues/20981">#20981</a>)</li> <li><a href="https://github.com/eslint/eslint/commit/3dbacdbb31673c87ca86ecafbb18712d8d1daed8"><code>3dbacdb</code></a> ci: bump actions/checkout from 6 to 7 (<a href="https://redirect.github.com/eslint/eslint/issues/21014">#21014</a>)</li> <li><a href="https://github.com/eslint/eslint/commit/c3abfca7c96cc9a244f54eeb66e9971c59280354"><code>c3abfca</code></a> chore: correct JSDoc param types in html formatter (<a href="https://redirect.github.com/eslint/eslint/issues/21018">#21018</a>)</li> <li><a href="https://github.com/eslint/eslint/commit/a83683db1c27193c2ad333fc5c0aedcc8a293db7"><code>a83683d</code></a> docs: Update README</li> <li><a href="https://github.com/eslint/eslint/commit/a8323209cdbefefd540c5beeaa51418d8ec40f9e"><code>a832320</code></a> ci: split ecosystem tests into separate jobs (<a href="https://redirect.github.com/eslint/eslint/issues/21001">#21001</a>)</li> <li><a href="https://github.com/eslint/eslint/commit/6b05784eb271ac98ca3e1e2a48c4b14bb588c786"><code>6b05784</code></a> fix: prefer-exponentiation-operator invalid autofix at statement start (<a href="https://redirect.github.com/eslint/eslint/issues/20997">#20997</a>)</li> <li><a href="https://github.com/eslint/eslint/commit/bb9eb2ab28daf6e6dafc62daa6b5daf9c2b7046c"><code>bb9eb2a</code></a> fix: account for shadowed <code>Boolean</code> in <code>no-extra-boolean-cast</code> (<a href="https://redirect.github.com/eslint/eslint/issues/21013">#21013</a>)</li> <li>Additional commits viewable in <a href="https://github.com/eslint/eslint/compare/v10.5.0...v10.6.0">compare view</a></li> </ul> </details> <br /> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
d4f90b9bd7 |
chore(deps): Bump downshift from 9.3.6 to 9.4.0 (#1975)
Bumps [downshift](https://github.com/downshift-js/downshift) from 9.3.6 to 9.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/downshift-js/downshift/releases">downshift's releases</a>.</em></p> <blockquote> <h2>v9.4.0</h2> <h1><a href="https://github.com/downshift-js/downshift/compare/v9.3.6...v9.4.0">9.4.0</a> (2026-06-30)</h1> <h3>Features</h3> <ul> <li>fix React Compiler compatibility. (<a href="https://redirect.github.com/downshift-js/downshift/issues/1690">#1690</a>) (<a href="https://github.com/downshift-js/downshift/commit/1bb8b75e506fe807a5c5201a103d1bd128e5a5e2">1bb8b75</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/downshift-js/downshift/commit/1bb8b75e506fe807a5c5201a103d1bd128e5a5e2"><code>1bb8b75</code></a> feat: fix React Compiler compatibility. (<a href="https://redirect.github.com/downshift-js/downshift/issues/1690">#1690</a>)</li> <li><a href="https://github.com/downshift-js/downshift/commit/3c7584b62e900b80b998c2d486c3ff458b30214c"><code>3c7584b</code></a> docs: fix docs dark mode example contrast (<a href="https://redirect.github.com/downshift-js/downshift/issues/1694">#1694</a>)</li> <li>See full diff in <a href="https://github.com/downshift-js/downshift/compare/v9.3.6...v9.4.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
aa5693ad6b |
chore(deps): Bump i18next from 26.3.3 to 26.3.4 (#1974)
Bumps [i18next](https://github.com/i18next/i18next) from 26.3.3 to 26.3.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/i18next/i18next/releases">i18next's releases</a>.</em></p> <blockquote> <h2>v26.3.4</h2> <ul> <li>fix(security): <code>deepExtend</code> (used by <code>addResourceBundle(..., deep, overwrite)</code>) no longer recurses into inherited properties. It checked key existence with the <code>in</code> operator, which walks the prototype chain, so a source key matching an inherited built-in (e.g. <code>hasOwnProperty</code>, <code>toString</code>) caused recursion into the shared <code>Object.prototype</code> function and, with <code>overwrite: true</code>, could overwrite e.g. <code>Object.prototype.hasOwnProperty.call</code> with a non-callable value — corrupting a shared built-in process-wide (DoS). Existence is now checked with <code>Object.prototype.hasOwnProperty.call</code>, so such keys are copied as plain own data instead. This complements the existing <code>__proto__</code>/<code>constructor</code> guard and is also strictly more correct for an own-property merge. Only affects applications that pass attacker-controlled data with <code>deep: true</code> and <code>overwrite: true</code>; no standard backend/integration does this. Distinct from CVE-2026-48713 / CVE-2026-48714 (different packages, <code>setPath</code> mechanism). Thanks to zx (Jace) for the responsible disclosure.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's changelog</a>.</em></p> <blockquote> <h2>26.3.4</h2> <ul> <li>fix(security): <code>deepExtend</code> (used by <code>addResourceBundle(..., deep, overwrite)</code>) no longer recurses into inherited properties. It checked key existence with the <code>in</code> operator, which walks the prototype chain, so a source key matching an inherited built-in (e.g. <code>hasOwnProperty</code>, <code>toString</code>) caused recursion into the shared <code>Object.prototype</code> function and, with <code>overwrite: true</code>, could overwrite e.g. <code>Object.prototype.hasOwnProperty.call</code> with a non-callable value — corrupting a shared built-in process-wide (DoS). Existence is now checked with <code>Object.prototype.hasOwnProperty.call</code>, so such keys are copied as plain own data instead. This complements the existing <code>__proto__</code>/<code>constructor</code> guard and is also strictly more correct for an own-property merge. Only affects applications that pass attacker-controlled data with <code>deep: true</code> and <code>overwrite: true</code>; no standard backend/integration does this. Distinct from CVE-2026-48713 / CVE-2026-48714 (different packages, <code>setPath</code> mechanism). See advisory <a href="https://github.com/i18next/i18next/security/advisories/GHSA-6jcc-5g8w-32mx">GHSA-6jcc-5g8w-32mx</a>, CVSS 5.9 (<code>CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H</code>). Thanks to zx (Jace) <a href="https://github.com/manus-use"><code>@manus-use</code></a> for the responsible disclosure.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/i18next/i18next/commit/817ede5146e6d366645982885b0a729861d10a3a"><code>817ede5</code></a> 26.3.4</li> <li><a href="https://github.com/i18next/i18next/commit/46d0dd80b505b6b69feccebbe7d9c4fd66c8f85c"><code>46d0dd8</code></a> build</li> <li><a href="https://github.com/i18next/i18next/commit/642137b7786d83661ec3ee53027798dc4b81d30a"><code>642137b</code></a> fix(security): prevent deepExtend from recursing into inherited built-ins</li> <li>See full diff in <a href="https://github.com/i18next/i18next/compare/v26.3.3...v26.3.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
c596006e25 |
chore(deps-dev): Bump typescript-eslint from 8.62.0 to 8.62.1 (#1973)
Bumps [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint) from 8.62.0 to 8.62.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/releases">typescript-eslint's releases</a>.</em></p> <blockquote> <h2>v8.62.1</h2> <h2>8.62.1 (2026-06-29)</h2> <h3>🩹 Fixes</h3> <ul> <li><strong>eslint-plugin:</strong> [prefer-optional-chain] use suggestion instead of autofix for trailing binary operator (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12328">#12328</a>)</li> <li><strong>eslint-plugin:</strong> [no-unnecessary-boolean-literal-compare] preserve boolean result in fixer for nullable true comparisons (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12365">#12365</a>)</li> <li><strong>eslint-plugin:</strong> [no-unnecessary-type-assertion] parenthesize object literal at left edge of expression statement (<a href="https://redirect.github.com/typescript-eslint/typescript-eslint/pull/12443">#12443</a>, <a href="https://redirect.github.com/typescript-eslint/typescript-eslint/issues/12418">#12418</a>)</li> </ul> <h3>❤️ Thank You</h3> <ul> <li>Kirk Waiblinger <a href="https://github.com/kirkwaiblinger"><code>@kirkwaiblinger</code></a></li> <li>mdm317</li> <li>Patrick Aleite</li> <li>송재욱</li> </ul> <p>See <a href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.62.1">GitHub Releases</a> for more information.</p> <p>You can read about our <a href="https://typescript-eslint.io/users/versioning">versioning strategy</a> and <a href="https://typescript-eslint.io/users/releases">releases</a> on our website.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md">typescript-eslint's changelog</a>.</em></p> <blockquote> <h2>8.62.1 (2026-06-29)</h2> <p>This was a version bump only for typescript-eslint to align it with other projects, there were no code changes.</p> <p>See <a href="https://github.com/typescript-eslint/typescript-eslint/releases/tag/v8.62.1">GitHub Releases</a> for more information.</p> <p>You can read about our <a href="https://typescript-eslint.io/users/versioning">versioning strategy</a> and <a href="https://typescript-eslint.io/users/releases">releases</a> on our website.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/typescript-eslint/typescript-eslint/commit/3ea32f4ba5e196c08c6da1095619d7f65ba4905e"><code>3ea32f4</code></a> chore(release): publish 8.62.1</li> <li>See full diff in <a href="https://github.com/typescript-eslint/typescript-eslint/commits/v8.62.1/packages/typescript-eslint">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
99b70a5fe8 |
chore(deps): Bump cypress-io/github-action from 7.4.0 to 7.4.1 (#1972)
Bumps [cypress-io/github-action](https://github.com/cypress-io/github-action) from 7.4.0 to 7.4.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cypress-io/github-action/releases">cypress-io/github-action's releases</a>.</em></p> <blockquote> <h2>v7.4.1</h2> <h2><a href="https://github.com/cypress-io/github-action/compare/v7.4.0...v7.4.1">7.4.1</a> (2026-06-29)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>deps:</strong> update transient dependency to undici 6.27.0 (<a href="https://redirect.github.com/cypress-io/github-action/issues/1807">#1807</a>) (<a href="https://github.com/cypress-io/github-action/commit/fa4a118725a8f001170d49631ea89e5d66fee626">fa4a118</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/cypress-io/github-action/commit/fa4a118725a8f001170d49631ea89e5d66fee626"><code>fa4a118</code></a> fix(deps): update transient dependency to undici 6.27.0 (<a href="https://redirect.github.com/cypress-io/github-action/issues/1807">#1807</a>)</li> <li><a href="https://github.com/cypress-io/github-action/commit/a609ff3e0785adbfe6d791246f0753efcac6b430"><code>a609ff3</code></a> chore(deps): update dependency cypress to v15.18.0 (<a href="https://redirect.github.com/cypress-io/github-action/issues/1805">#1805</a>)</li> <li><a href="https://github.com/cypress-io/github-action/commit/f34caf174c7c963934ce4d4a42b693b7948f2b0e"><code>f34caf1</code></a> chore(deps): update webpack (<a href="https://redirect.github.com/cypress-io/github-action/issues/1803">#1803</a>)</li> <li><a href="https://github.com/cypress-io/github-action/commit/a96a1cc1cec77938149a3789c30753561583f536"><code>a96a1cc</code></a> chore(deps): update tailwindcss monorepo to ^4.3.1 (<a href="https://redirect.github.com/cypress-io/github-action/issues/1802">#1802</a>)</li> <li><a href="https://github.com/cypress-io/github-action/commit/2952a93a95c3b427bcc869bf023eee9ace5da587"><code>2952a93</code></a> chore(deps): execute npm audit fix (<a href="https://redirect.github.com/cypress-io/github-action/issues/1800">#1800</a>)</li> <li><a href="https://github.com/cypress-io/github-action/commit/4affc969de931eeb754601e2f609c5cc8570420d"><code>4affc96</code></a> chore(deps): update yarn monorepo to v4.17.0 (<a href="https://redirect.github.com/cypress-io/github-action/issues/1804">#1804</a>)</li> <li><a href="https://github.com/cypress-io/github-action/commit/47646e1836697bfbba7622f189e32efba1b3e7aa"><code>47646e1</code></a> chore(deps): update actions/checkout to v7 (<a href="https://redirect.github.com/cypress-io/github-action/issues/1797">#1797</a>)</li> <li><a href="https://github.com/cypress-io/github-action/commit/1b202e7fd031e9175e60706cc0b4dea5ac59cb5c"><code>1b202e7</code></a> chore(deps): update dependency <code>@vercel/ncc</code> to v0.44.0 (<a href="https://redirect.github.com/cypress-io/github-action/issues/1796">#1796</a>)</li> <li><a href="https://github.com/cypress-io/github-action/commit/345abf6f15f00f50bcc3cc93120d18feea99a356"><code>345abf6</code></a> chore(deps): lock file maintenance (<a href="https://redirect.github.com/cypress-io/github-action/issues/1793">#1793</a>)</li> <li><a href="https://github.com/cypress-io/github-action/commit/e0ea1ad818d933ed2ba225606e39593de003a62e"><code>e0ea1ad</code></a> chore(deps): update dependency prettier to v3.8.4 (<a href="https://redirect.github.com/cypress-io/github-action/issues/1795">#1795</a>)</li> <li>Additional commits viewable in <a href="https://github.com/cypress-io/github-action/compare/948d67d3074f1bbb6379c8bdbb04e95d2f8e593f...fa4a118725a8f001170d49631ea89e5d66fee626">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
84310f1798 |
chore(deps-dev): Bump postcss from 8.5.15 to 8.5.16 (#1971)
Bumps [postcss](https://github.com/postcss/postcss) from 8.5.15 to 8.5.16. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/releases">postcss's releases</a>.</em></p> <blockquote> <h2>8.5.16</h2> <ul> <li>Fixed <code>Input#origin()</code> position (by <a href="https://github.com/mizdra"><code>@mizdra</code></a>).</li> <li>Fixed <code>raws</code> after rehydrating a JSON AST (by <a href="https://github.com/sarathfrancis90"><code>@sarathfrancis90</code></a>).</li> <li>Fixed putting parent-less node in <code>nodes</code> of new node (by <a href="https://github.com/MahinAnowar"><code>@MahinAnowar</code></a>).</li> <li>Fixed computing <code>offset</code> in <code>positionBy()</code> (by <a href="https://github.com/greymoth-jp"><code>@greymoth-jp</code></a>).</li> <li>Fixed <code>rangeBy()</code> on <code>index: 0</code> (by <a href="https://github.com/sarathfrancis90"><code>@sarathfrancis90</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's changelog</a>.</em></p> <blockquote> <h2>8.5.16</h2> <ul> <li>Fixed <code>Input#origin()</code> position (by <a href="https://github.com/mizdra"><code>@mizdra</code></a>).</li> <li>Fixed <code>raws</code> after rehydrating a JSON AST (by <a href="https://github.com/sarathfrancis90"><code>@sarathfrancis90</code></a>).</li> <li>Fixed putting parent-less node in <code>nodes</code> of new node (by <a href="https://github.com/MahinAnowar"><code>@MahinAnowar</code></a>).</li> <li>Fixed computing <code>offset</code> in <code>positionBy()</code> (by <a href="https://github.com/greymoth-jp"><code>@greymoth-jp</code></a>).</li> <li>Fixed <code>rangeBy()</code> on <code>index: 0</code> (by <a href="https://github.com/sarathfrancis90"><code>@sarathfrancis90</code></a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/postcss/postcss/commit/92ccc93ff15bd193491d67fad9763e62d489dfad"><code>92ccc93</code></a> Release 8.5.16 version</li> <li><a href="https://github.com/postcss/postcss/commit/818bdd6043359af773ccc3ca8663053d61a707c8"><code>818bdd6</code></a> Update formatting</li> <li><a href="https://github.com/postcss/postcss/commit/46e451068ee6160b837865b715cf6972f28fabd5"><code>46e4510</code></a> Fix <code>Input#origin()</code> returning incorrect position (<a href="https://redirect.github.com/postcss/postcss/issues/2036">#2036</a>)</li> <li><a href="https://github.com/postcss/postcss/commit/34942ce76c0b0c9ee65b1421017ac71855e722c4"><code>34942ce</code></a> Fix tests</li> <li><a href="https://github.com/postcss/postcss/commit/d4feed645314ee421edf80ee9ebe453cc75c997f"><code>d4feed6</code></a> Don't clone root-less child nodes in container constructor (<a href="https://redirect.github.com/postcss/postcss/issues/2097">#2097</a>)</li> <li><a href="https://github.com/postcss/postcss/commit/da323fc8d327a38199a21987dcbf7e27e3bc34f3"><code>da323fc</code></a> Revert version update to fix old Node.js on CI</li> <li><a href="https://github.com/postcss/postcss/commit/886336919497516df8f140d0fb327bd125e35053"><code>8863369</code></a> Update dependencies</li> <li><a href="https://github.com/postcss/postcss/commit/3828982213fec6bc13d0791b1adf40393be0935e"><code>3828982</code></a> Preserve node raws when rehydrating a JSON AST (<a href="https://redirect.github.com/postcss/postcss/issues/2100">#2100</a>)</li> <li><a href="https://github.com/postcss/postcss/commit/d1e80b830386b08dcd5b962fd466d1c51f28e82d"><code>d1e80b8</code></a> Fix Node#rangeBy() ignoring index 0 (<a href="https://redirect.github.com/postcss/postcss/issues/2091">#2091</a>)</li> <li><a href="https://github.com/postcss/postcss/commit/b91e4a63907325d98b75d11fda546bdd91acc608"><code>b91e4a6</code></a> Fix Node.js 26 tests</li> <li>Additional commits viewable in <a href="https://github.com/postcss/postcss/compare/8.5.15...8.5.16">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for postcss since your current version.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
4679af47eb |
chore(deps): Bump @codemirror/view from 6.43.3 to 6.43.4 (#1970)
Bumps [@codemirror/view](https://github.com/codemirror/view) from 6.43.3 to 6.43.4. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/codemirror/view/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
bb743a01ee |
chore(deps-dev): Bump cypress from 15.17.0 to 15.18.0 (#1966)
Bumps [cypress](https://github.com/cypress-io/cypress) from 15.17.0 to 15.18.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cypress-io/cypress/releases">cypress's releases</a>.</em></p> <blockquote> <h2>v15.18.0</h2> <p>Changelog: <a href="https://docs.cypress.io/app/references/changelog#15-18-0">https://docs.cypress.io/app/references/changelog#15-18-0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/cypress-io/cypress/commit/fa083dbc716f2fd1c50ba505ee9c400366c922f6"><code>fa083db</code></a> fix: prevent proxy crash on IPv6 literal hosts in cy.visit (<a href="https://redirect.github.com/cypress-io/cypress/issues/34146">#34146</a>)</li> <li><a href="https://github.com/cypress-io/cypress/commit/063636c047f63747db9155f9b6dd71874710f0a7"><code>063636c</code></a> chore(ci): only install firefox in UI test jobs that target it (<a href="https://redirect.github.com/cypress-io/cypress/issues/34142">#34142</a>)</li> <li><a href="https://github.com/cypress-io/cypress/commit/02aa75de2afc9632a1d80a0629099125fb16fb58"><code>02aa75d</code></a> feat: add removeSRIAttributes config option to strip SRI from first-party res...</li> <li><a href="https://github.com/cypress-io/cypress/commit/2d6b11ec3f63c59b1afb563467ceeee889404be0"><code>2d6b11e</code></a> chore(deps): bump undici to 6.27.0 for SNYK-JS-UNDICI-17372658 (<a href="https://redirect.github.com/cypress-io/cypress/issues/34121">#34121</a>)</li> <li><a href="https://github.com/cypress-io/cypress/commit/56759eaef142cf84d4c8e32b430c73adfaf69f1e"><code>56759ea</code></a> misc: remove the global install warning from cypress install (<a href="https://redirect.github.com/cypress-io/cypress/issues/34139">#34139</a>)</li> <li><a href="https://github.com/cypress-io/cypress/commit/d47b81db661033eb2ee4cc25851b00609952fa1a"><code>d47b81d</code></a> chore: resync yarn.lock (shell-quote) (<a href="https://redirect.github.com/cypress-io/cypress/issues/34145">#34145</a>)</li> <li><a href="https://github.com/cypress-io/cypress/commit/19ac7196b0c04a749524db6f6cca4a23df6f1228"><code>19ac719</code></a> chore(ci): remove duplicate test run in npm-webpack-dev-server job (<a href="https://redirect.github.com/cypress-io/cypress/issues/34141">#34141</a>)</li> <li><a href="https://github.com/cypress-io/cypress/commit/6f96dac9af3caf620381f5fe90141b9c3a939680"><code>6f96dac</code></a> docs: document PR title prefixes, changelog, and template requirements (<a href="https://redirect.github.com/cypress-io/cypress/issues/34128">#34128</a>)</li> <li><a href="https://github.com/cypress-io/cypress/commit/d70617532c88956b7b412be04ded639d8e941628"><code>d706175</code></a> chore: correct misleading WebKit browser debug log message (<a href="https://redirect.github.com/cypress-io/cypress/issues/34135">#34135</a>)</li> <li><a href="https://github.com/cypress-io/cypress/commit/fb767947ef37a0191c6514a857bf75e648c5859b"><code>fb76794</code></a> chore: remove no-op CYPRESS_DOWNLOAD_USE_CA environment variable (<a href="https://redirect.github.com/cypress-io/cypress/issues/34131">#34131</a>)</li> <li>Additional commits viewable in <a href="https://github.com/cypress-io/cypress/compare/v15.17.0...v15.18.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
28ceff7b0e |
chore(deps): Bump @maplibre/maplibre-gl-style-spec from 25.0.0 to 25.0.1 (#1965)
Bumps [@maplibre/maplibre-gl-style-spec](https://github.com/maplibre/maplibre-style-spec) from 25.0.0 to 25.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/maplibre/maplibre-style-spec/releases">@maplibre/maplibre-gl-style-spec's releases</a>.</em></p> <blockquote> <h2>v25.0.1</h2> <h3>🐞 Bug fixes</h3> <ul> <li><code>has</code> filter now returns <code>false</code> when a property exists but is set to <code>undefined</code> (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1712">#1712</a>) (by <a href="https://github.com/xavierjs"><code>@xavierjs</code></a>)</li> <li>Fix incorrect replacement suggestion in error messages for mixed legacy+expression <code>$type</code> filters (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1727">#1727</a>, <a href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1728">#1728</a>) (by <a href="https://github.com/ciscorn"><code>@ciscorn</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/maplibre/maplibre-style-spec/blob/main/CHANGELOG.md">@maplibre/maplibre-gl-style-spec's changelog</a>.</em></p> <blockquote> <h2>25.0.1</h2> <h3>🐞 Bug fixes</h3> <ul> <li><code>has</code> filter now returns <code>false</code> when a property exists but is set to <code>undefined</code> (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1712">#1712</a>) (by <a href="https://github.com/xavierjs"><code>@xavierjs</code></a>)</li> <li>Fix incorrect replacement suggestion in error messages for mixed legacy+expression <code>$type</code> filters (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1727">#1727</a>, <a href="https://redirect.github.com/maplibre/maplibre-style-spec/pull/1728">#1728</a>) (by <a href="https://github.com/ciscorn"><code>@ciscorn</code></a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/maplibre/maplibre-style-spec/commit/ef522e45a28e0efafabbebb27197d3440c99fe34"><code>ef522e4</code></a> Bump js version to 25.0.1 (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1739">#1739</a>)</li> <li><a href="https://github.com/maplibre/maplibre-style-spec/commit/14e1a146d97f369f7f1903b22f4e4f1848805476"><code>14e1a14</code></a> fix: simplify legacy+expression $type filter suggestions (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1728">#1728</a>)</li> <li><a href="https://github.com/maplibre/maplibre-style-spec/commit/1acc24620e74cf14cbaf187d97ffc467f62e5981"><code>1acc246</code></a> Add AI usage note to CONTRIBUTING.md (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1729">#1729</a>)</li> <li><a href="https://github.com/maplibre/maplibre-style-spec/commit/bc77eda0780c039352e2808a691d046431f5d852"><code>bc77eda</code></a> build(deps-dev): bump oxfmt from 0.55.0 to 0.56.0 (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1733">#1733</a>)</li> <li><a href="https://github.com/maplibre/maplibre-style-spec/commit/936d5ff7f65d9f697e62e6e9c8b16775a34a1171"><code>936d5ff</code></a> build(deps-dev): bump eslint-plugin-jsdoc from 63.0.7 to 63.0.10 (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1734">#1734</a>)</li> <li><a href="https://github.com/maplibre/maplibre-style-spec/commit/e57824f3c5c28e3a3dee09f2b8fd49939138dfe5"><code>e57824f</code></a> build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code> (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1732">#1732</a>)</li> <li><a href="https://github.com/maplibre/maplibre-style-spec/commit/f6256f23ca5d50be24e0861bd44e4a33d04f92c4"><code>f6256f2</code></a> build(deps-dev): bump globals from 17.6.0 to 17.7.0 (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1736">#1736</a>)</li> <li><a href="https://github.com/maplibre/maplibre-style-spec/commit/47e628483b47a68ac0e82a8e4fe684d8efd13659"><code>47e6284</code></a> build(deps): bump <code>@mapbox/jsonlint-lines-primitives</code> from 2.0.2 to 2.0.3 (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1738">#1738</a>)</li> <li><a href="https://github.com/maplibre/maplibre-style-spec/commit/d67067c58f126afee866f97531e48e776700d0fd"><code>d67067c</code></a> build(deps-dev): bump rolldown from 1.1.2 to 1.1.3 (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1737">#1737</a>)</li> <li><a href="https://github.com/maplibre/maplibre-style-spec/commit/f60c345a0f99207212c1fd3981ba9fb93d5a5240"><code>f60c345</code></a> build(deps-dev): bump <code>@types/node</code> from 26.0.0 to 26.0.1 (<a href="https://redirect.github.com/maplibre/maplibre-style-spec/issues/1735">#1735</a>)</li> <li>Additional commits viewable in <a href="https://github.com/maplibre/maplibre-style-spec/compare/v25.0.0...v25.0.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
b533c9dc24 |
chore(deps): Bump @codemirror/view from 6.43.1 to 6.43.3 (#1967)
Bumps [@codemirror/view](https://github.com/codemirror/view) from 6.43.1 to 6.43.3. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/codemirror/view/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
a421a93ca8 |
chore(deps): Bump i18next from 26.3.1 to 26.3.3 (#1968)
Bumps [i18next](https://github.com/i18next/i18next) from 26.3.1 to 26.3.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/i18next/i18next/releases">i18next's releases</a>.</em></p> <blockquote> <h2>v26.3.3</h2> <ul> <li>fix(types): selector <code>t($ => $.arr, { returnObjects: true, context })</code> on a JSON array of <strong>heterogeneous</strong> objects now preserves each element's full shape (e.g. <code>{ transKey1: string; transKey2: string }[]</code>) instead of collapsing to a union of partial element types. Two type-level causes: (1) <code>FilterKeys</code> evaluated the whole array element type at once, so <code>keyof (A | B)</code> only saw the keys common to every element — it now distributes over the object union and filters each element independently; (2) when TypeScript merges mismatched array element types it injects phantom optional <code>undefined</code> keys (e.g. <code>transKey1_withContext?: undefined</code> on elements that don't define it), which the context-detection helpers mistook for real context variants — they now skip keys typed as <code>undefined</code>. Also adds a dedicated <code>context</code> + <code>returnObjects: true</code> selector overload using <code>const Fn</code> + <code>ReturnType<Fn></code>, so <code>Target</code> is no longer collapsed to <code>unknown</code> via <code>ApplyTarget</code>. Resolves Problem 1 of <a href="https://redirect.github.com/i18next/i18next/issues/2398">#2398</a> (Problem 2 was already fixed on master). Thanks <a href="https://github.com/sauravgupta-dotcom"><code>@sauravgupta-dotcom</code></a> (<a href="https://redirect.github.com/i18next/i18next/pull/2438">#2438</a>). Fixes <a href="https://redirect.github.com/i18next/i18next/issues/2398">#2398</a>.</li> </ul> <h2>v26.3.2</h2> <ul> <li>fix: chained formatters with a parenthesised option that contains the format separator (e.g. <code>join(separator: ', ')</code>) now work at <strong>any</strong> position in the chain, not just first. Previously the comma-in-parens reassembly only repaired <code>formats[0]</code>, so <code>{{v, uppercase, join(separator: ', ')}}</code> split the <code>join(...)</code> option on the inner comma and never rejoined it, producing corrupt output. Replaced the first-position-only repair with a position-independent pass that re-joins fragments until each open paren closes. Thanks <a href="https://github.com/spokodev"><code>@spokodev</code></a> (<a href="https://redirect.github.com/i18next/i18next/pull/2437">#2437</a>).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/i18next/i18next/blob/master/CHANGELOG.md">i18next's changelog</a>.</em></p> <blockquote> <h2>26.3.3</h2> <ul> <li>fix(types): selector <code>t($ => $.arr, { returnObjects: true, context })</code> on a JSON array of <strong>heterogeneous</strong> objects now preserves each element's full shape (e.g. <code>{ transKey1: string; transKey2: string }[]</code>) instead of collapsing to a union of partial element types. Two type-level causes: (1) <code>FilterKeys</code> evaluated the whole array element type at once, so <code>keyof (A | B)</code> only saw the keys common to every element — it now distributes over the object union and filters each element independently; (2) when TypeScript merges mismatched array element types it injects phantom optional <code>undefined</code> keys (e.g. <code>transKey1_withContext?: undefined</code> on elements that don't define it), which the context-detection helpers mistook for real context variants — they now skip keys typed as <code>undefined</code>. Also adds a dedicated <code>context</code> + <code>returnObjects: true</code> selector overload using <code>const Fn</code> + <code>ReturnType<Fn></code>, so <code>Target</code> is no longer collapsed to <code>unknown</code> via <code>ApplyTarget</code>. Resolves Problem 1 of <a href="https://redirect.github.com/i18next/i18next/issues/2398">#2398</a> (Problem 2 was already fixed on master). Thanks <a href="https://github.com/sauravgupta-dotcom"><code>@sauravgupta-dotcom</code></a> (<a href="https://redirect.github.com/i18next/i18next/pull/2438">#2438</a>). Fixes <a href="https://redirect.github.com/i18next/i18next/issues/2398">#2398</a>.</li> </ul> <h2>26.3.2</h2> <ul> <li>fix: chained formatters with a parenthesised option that contains the format separator (e.g. <code>join(separator: ', ')</code>) now work at <strong>any</strong> position in the chain, not just first. Previously the comma-in-parens reassembly only repaired <code>formats[0]</code>, so <code>{{v, uppercase, join(separator: ', ')}}</code> split the <code>join(...)</code> option on the inner comma and never rejoined it, producing corrupt output. Replaced the first-position-only repair with a position-independent pass that re-joins fragments until each open paren closes. Thanks <a href="https://github.com/spokodev"><code>@spokodev</code></a> (<a href="https://redirect.github.com/i18next/i18next/pull/2437">#2437</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/i18next/i18next/commit/cf7080d363c0bc775681215bba6513a3610dee8b"><code>cf7080d</code></a> 26.3.3</li> <li><a href="https://github.com/i18next/i18next/commit/05fd7be281a3c2175da16c9e867a91d95e034889"><code>05fd7be</code></a> build</li> <li><a href="https://github.com/i18next/i18next/commit/cc0bd80943eae4f45867abbd78c0ae8dd964bb82"><code>cc0bd80</code></a> changelog: 26.3.3 entry for <a href="https://redirect.github.com/i18next/i18next/issues/2438">#2438</a></li> <li><a href="https://github.com/i18next/i18next/commit/9cbfa6353b6ab726c42be1e6ed52aab5b0601612"><code>9cbfa63</code></a> fix(types): preserve selector returnObjects shape with context (<a href="https://redirect.github.com/i18next/i18next/issues/2438">#2438</a>)</li> <li><a href="https://github.com/i18next/i18next/commit/3b047122f5ad5b99a29f9138bb8542de125c8783"><code>3b04712</code></a> 26.3.2</li> <li><a href="https://github.com/i18next/i18next/commit/fc20f5dd5ae9744045942e135e93dd787e4bc869"><code>fc20f5d</code></a> changelog: 26.3.2 entry for <a href="https://redirect.github.com/i18next/i18next/issues/2437">#2437</a></li> <li><a href="https://github.com/i18next/i18next/commit/6901e04f07f0eec1848242d8af26509ab5438920"><code>6901e04</code></a> fix: reassemble comma-in-parens formatters at any chain position (<a href="https://redirect.github.com/i18next/i18next/issues/2437">#2437</a>)</li> <li><a href="https://github.com/i18next/i18next/commit/6e086281e2ff40e0beabd5a75f94f777332a7304"><code>6e08628</code></a> README: mention npx i18next-cli localize as the zero-to-localized path</li> <li>See full diff in <a href="https://github.com/i18next/i18next/compare/v26.3.1...v26.3.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |