Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Frontend #1529

Merged
merged 2 commits into from
Apr 8, 2024
Merged

Update Frontend #1529

merged 2 commits into from
Apr 8, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Mar 25, 2024

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@ianvs/prettier-plugin-sort-imports 4.2.0 -> 4.2.1 age adoption passing confidence
@playwright/test (source) 1.42.0 -> 1.43.0 age adoption passing confidence
@types/node (source) 20.11.27 -> 20.12.5 age adoption passing confidence
sharp (source, changelog) 0.33.2 -> 0.33.3 age adoption passing confidence
typescript (source) 5.4.2 -> 5.4.4 age adoption passing confidence

Release Notes

ianvs/prettier-plugin-sort-imports (@​ianvs/prettier-plugin-sort-imports)

v4.2.1

Compare Source

What's Changed

Bugfixes

Full Changelog: IanVS/prettier-plugin-sort-imports@v4.2.0...v4.2.1

microsoft/playwright (@​playwright/test)

v1.43.0

Compare Source

New APIs

  • Method browserContext.clearCookies() now supports filters to remove only some cookies.

    // Clear all cookies.
    await context.clearCookies();
    // New: clear cookies with a particular name.
    await context.clearCookies({ name: 'session-id' });
    // New: clear cookies for a particular domain.
    await context.clearCookies({ domain: 'my-origin.com' });
  • New mode retain-on-first-failure for testOptions.trace. In this mode, trace is recorded for the first run of each test, but not for retires. When test run fails, the trace file is retained, otherwise it is removed.

    import { defineConfig } from '@​playwright/test';
    
    export default defineConfig({
      use: {
        trace: 'retain-on-first-failure',
      },
    });
  • New property testInfo.tags exposes test tags during test execution.

    test('example', async ({ page }) => {
      console.log(test.info().tags);
    });
  • New method locator.contentFrame() converts a Locator object to a FrameLocator. This can be useful when you have a Locator object obtained somewhere, and later on would like to interact with the content inside the frame.

    const locator = page.locator('iframe[name="embedded"]');
    // ...
    const frameLocator = locator.contentFrame();
    await frameLocator.getByRole('button').click();
  • New method frameLocator.owner() converts a FrameLocator object to a Locator. This can be useful when you have a FrameLocator object obtained somewhere, and later on would like to interact with the iframe element.

    const frameLocator = page.frameLocator('iframe[name="embedded"]');
    // ...
    const locator = frameLocator.owner();
    await expect(locator).toBeVisible();

UI Mode Updates

Playwright UI Mode

  • See tags in the test list.
  • Filter by tags by typing @fast or clicking on the tag itself.
  • New shortcuts:
    • F5 to run tests.
    • Shift F5 to stop running tests.
    • Ctrl ` to toggle test output.

Browser Versions

  • Chromium 124.0.6367.29
  • Mozilla Firefox 124.0
  • WebKit 17.4

This version was also tested against the following stable channels:

  • Google Chrome 123
  • Microsoft Edge 123

v1.42.1

Compare Source

Highlights

https://github.com/microsoft/playwright/issues/29732 - [Regression]: HEAD requests to webServer.url since v1.42.0https://github.com/microsoft/playwright/issues/297466 - [Regression]: Playwright CT CLI scripts fail due to broken initializePlugin imporhttps://github.com/microsoft/playwright/issues/2973939 - [Bug]: Component tests fails when imported a module with a dot in a nahttps://github.com/microsoft/playwright/issues/29731731 - [Regression]: 1.42.0 breaks some import statemehttps://github.com/microsoft/playwright/issues/297609760 - [Bug]: Possible regression with chained locators in v1.42

Browser Versions
  • Chromium 123.0.6312.4
  • Mozilla Firefox 123.0
  • WebKit 17.4

This version was also tested against the following stable channels:

  • Google Chrome 122
  • Microsoft Edge 123
lovell/sharp (sharp)

v0.33.3

Compare Source

Microsoft/TypeScript (typescript)

v5.4.4: TypeScript 5.4.4

Compare Source

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

v5.4.3: TypeScript 5.4.3

Compare Source

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:


Configuration

📅 Schedule: Branch creation - "on the 2nd and 4th day instance on sunday after 9pm" in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/frontend branch 17 times, most recently from 735c1f8 to 2aa2e48 Compare April 1, 2024 20:22
@acouch
Copy link
Collaborator

acouch commented Apr 2, 2024

The same CVE-2024-28085 is tripping up our front-end tests:

┌───────────────┬────────────────┬──────────┬────────┬────────────────────┬──────────────────┬─────────────────────────────────────────────────────────────┐
│    Library    │ Vulnerability  │ Severity │ Status │ Installed Version  │  Fixed Version   │                            Title                            │
├───────────────┼────────────────┼──────────┼────────┼────────────────────┼──────────────────┼─────────────────────────────────────────────────────────────┤
│ bsdutils      │ CVE-2024-28085 │ HIGH     │ fixed  │ 1:2.36.1-8+deb11u1 │ 2.36.1-8+deb11u2 │ util-linux: CVE-2024-28085: wall: escape sequence injection │
│               │                │          │        │                    │                  │ https://avd.aquasec.com/nvd/cve-2024-28085                  │
├───────────────┤                │          │        ├────────────────────┤                  │                                                             │
│ libblkid1     │                │          │        │ 2.[36](https://github.com/HHS/simpler-grants-gov/actions/runs/8513273599/job/23316649271?pr=1529#step:6:37).1-8+deb11u1   │                  │                                                             │
│               │                │          │        │                    │                  │                                                             │
├───────────────┤

Noting that we are using bullesye in the front-end and bookworm (not bullesye in the API. The bookworm node docker image has the util-linux fix. We could wait for an upstream fix to node-20:bullseye-slim, try to upgrade, or add this to the list.

@renovate renovate bot force-pushed the renovate/frontend branch 4 times, most recently from a6f36ea to 98d3a1a Compare April 3, 2024 04:18
@renovate renovate bot force-pushed the renovate/frontend branch 9 times, most recently from b2ab457 to a89820c Compare April 6, 2024 00:04
Copy link
Contributor Author

renovate bot commented Apr 8, 2024

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

Warning: custom changes will be lost.

@coilysiren coilysiren merged commit 7491ff1 into main Apr 8, 2024
9 checks passed
@coilysiren coilysiren deleted the renovate/frontend branch April 8, 2024 22:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants