[Snyk] Upgrade @hotwired/turbo from 7.3.0 to 8.0.4 #4
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade @hotwired/turbo from 7.3.0 to 8.0.4. See this package in npm: @hotwired/turbo See this project in Snyk: https://app.snyk.io/org/youtacrands-va/project/2707f74d-bdfc-4a90-b3a1-07d154cd45e3?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade @hotwired/turbo from 7.3.0 to 8.0.4.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 12 versions ahead of your current version.
The recommended version was released on 3 months ago.
Issues fixed by the recommended upgrade:
SNYK-JS-WS-7266574
SNYK-JS-BRACES-6838727
SNYK-JS-FOLLOWREDIRECTS-6141137
SNYK-JS-MICROMATCH-6838728
SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555
SNYK-JS-WS-7266574
SNYK-JS-EXPRESS-6474509
SNYK-JS-FOLLOWREDIRECTS-6444610
SNYK-JS-SERIALIZEJAVASCRIPT-6147607
SNYK-JS-SPICYSECTIONS-3038484
Release notes
Package name: @hotwired/turbo
-
8.0.4 - 2024-03-08
- Bump ip from 1.1.8 to 1.1.9 by @ dependabot in #1197
- Morphing + complete frame issue : Stop reloading turbo frames when complete attribute changes by @ Intrepidd in #1175
- Use Playwright assertions for autofocus by @ seanpdoyle in #1219
-
8.0.3 - 2024-02-21
- Omit
- Ensure that page refreshes do not trigger a snapshot cache by @ afcapel in #1196
-
8.0.2 - 2024-02-09
- Add more prefetch conditions by @ afcapel in #1178
-
8.0.1 - 2024-02-08
- Fix progress bar persisting when following a redirect by @ Intrepidd in #1168
-
8.0.0 - 2024-02-07
- Page refreshes with morphing by @ jorgemanrubia & @ afcapel in #1019
- Support View Transition API for navigations by @ kevinmcconnell in #935
- Add InstantClick behavior by @ davidalejandroaguilar in #1101
- Remove TypeScript by @ afcapel in #971
- Remove unused stylesheets when navigating by @ kevinmcconnell in #1128
- Introduce data-turbo-track="dynamic" by @ afcapel in #1140
- Set aria-busy on the form element during a form submission by @ afcapel in #1110
- Communicate Visit direction with
- Introduce
- Set
- Dispatch
- Change default action for form submissions that redirect to the current location by @ afcapel in #1072
- Override
- Turbo Streams: Manage element focus by @ seanpdoyle in #686
- Rename header for preload requests by @ pfeiffer in #925
- Dispatch turbo:load after loading 404 response by @ domchristie in #960
- Page refreshes: Replace remaining calls to nextAnimationFrame by nextRepaint by @ brunoprietog in #1102
- Restore attribute "refresh=morph" to flag turbo frames to reload during a page refresh by @ jorgemanrubia in #1068
- Replace nextAnimationFrame by nextMicroTask by @ michelson in #1042
- Hide Progress bar on
- Avoid infinite recursion from
- Fix back navigation after POST form submission by @ afcapel in #1014
- Fix Turbo stream link setting the src of a turbo frame container by @ BakiVernes in #968
- Fix for SubmitEvent polyfill breaking requestSubmit() for newer Safari versions by @ mrtnin in #933
- Don't preserve scroll position unless it's a page refresh by @ jorgemanrubia in #1096
- Page refreshes: Use pathname instead of href to detect if locations are equal by @ brunoprietog in #1079
- Page refreshes: Don't render previews by @ brunoprietog in #1098
- Debounce page refreshes triggered via Turbo streams by @ brunoprietog in #1099
- Guard
- Resolve issues with timeouts and target closures in test framework by @ AfolabiOlaoluwa in #981
- Close
- Create Frame Snapshot from Fetch Response HTML by @ seanpdoyle in #887
- Ensure that the turbo-frame header is not sent when the turbo-frame has a target of _top by @ afcapel in #1138
- Preloader: Rename header to
- Morph with
- Do not invalidate pages in visits that don't render by @ afcapel in #1144
- Ensure page refreshes cause a reload when assets change by @ afcapel in #1146
- Drive
-
8.0.0-rc.3 - 2024-02-06
- Enable InstaClick by default by @ afcapel in #1162
-
8.0.0-rc.2 - 2024-02-02
- Build dist file against idiomorph main branch
- Test async page refreshes by @ afcapel in #1157
-
8.0.0-rc.1 - 2024-02-02
- Introduce
- Preloader: Rename header to
- Morph with
- Do not invalidate pages in visits that don't render by @ afcapel in #1144
- Ensure page refreshes cause a reload when assets change by @ afcapel in #1146
- Page refreshes: Don't render previews by @ brunoprietog in #1098
- Drive
-
8.0.0-beta.4 - 2024-01-25
- Ensure that the turbo-frame header is not sent when the turbo-frame has a target of _top by @ afcapel in #1138
- Introduce data-turbo-track="dynamic" by @ afcapel in #1140
-
8.0.0-beta.3 - 2024-01-22
- Update copyright year to 2024 by @ devcamke in #1118
- Debounce page refreshes triggered via Turbo streams by @ brunoprietog in #1099
- Upgrade idiomorph to 0.3.0 by @ afcapel in #1122
- Remove unused stylesheets when navigating by @ kevinmcconnell in #1128
- Keep Trix dynamic styles in the head by @ afcapel in #1133
- Revert: Proposal: pass isPreview value into the event detail in render events (#926) by @ domchristie in #1126
- Add InstantClick behavior by @ davidalejandroaguilar in #1101
- Fix attribute name by @ afcapel in #1134
- @ devcamke made their first contribution in #1118
- @ davidalejandroaguilar made their first contribution in #1101
-
8.0.0-beta.2 - 2023-12-19
-
8.0.0-beta.1 - 2023-11-23
-
7.3.0 - 2023-03-01
from @hotwired/turbo GitHub release notesWhat's Changed
Full Changelog: v8.0.3...v8.0.4
What's Changed
ignoreActiveValue: trueMorph option by @ seanpdoyle in #1195Full Changelog: v8.0.2...v8.0.3
What's Changed
Full Changelog: v8.0.1...v8.0.2
What's Changed
Full Changelog: v8.0.0...v8.0.1
Features
html[data-turbo-visit-direction]by @ domchristie in #1007turbo:{before-,}morph-{element,attribute}events by @ seanpdoyle in #1097html[lang]during navigation by @ seanpdoyle in #1035turbo:before-fetch-{request,response}during preloading by @ seanpdoyle in #1034Fixes
FetchOptionsfrom event listeners by @ seanpdoyle in #691turbo:loadby @ seanpdoyle in #1036window.fetchname collision by @ seanpdoyle in #1077[data-turbo-preload]with conditionals by @ seanpdoyle in #1033StreamSourcewhen<turbo-stream-source>disconnects by @ seanpdoyle in #970x-purposeto avoid it being stripped by @ pfeiffer in #1108ignoreActiveValue: trueby @ seanpdoyle in #1141LinkPrefetchObserver: replacedatasetwithgetAttributeby @ seanpdoyle in #1148turbo-framewithTurbo.visit(url, { frame:, action: })by @ seanpdoyle in #1135Full Changelog: v7.3.0...v8.0.0
What's Changed
Full Changelog: v8.0.0-rc.2...v8.0.0-rc.3
What's Changed
Full Changelog: v8.0.0-rc.1...v8.0.0-rc.2
What's Changed
turbo:{before-,}morph-{element,attribute}events by @ seanpdoyle in #1097x-purposeto avoid it being stripped by @ pfeiffer in #1108ignoreActiveValue: trueby @ seanpdoyle in #1141LinkPrefetchObserver: replacedatasetwithgetAttributeby @ seanpdoyle in #1148turbo-framewithTurbo.visit(url, { frame:, action: })by @ seanpdoyle in #1135Full Changelog: v8.0.0-beta.4...v8.0.0-rc.1
What's Changed
Full Changelog: v8.0.0-beta.3...v8.0.0-beta.4
What's Changed
New Contributors
Full Changelog: v8.0.0-beta.2...v8.0.0-beta.3
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: