Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update all non-major dependencies #50

Merged
merged 1 commit into from
Mar 28, 2023
Merged

chore(deps): update all non-major dependencies #50

merged 1 commit into from
Mar 28, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Feb 13, 2023
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@commitlint/cli (source) 17.4.2 -> 17.5.0 age adoption passing confidence
@commitlint/config-conventional (source) 17.4.2 -> 17.4.4 age adoption passing confidence
@trivago/prettier-plugin-sort-imports 4.0.0 -> 4.1.1 age adoption passing confidence
cleye 1.3.1 -> 1.3.2 age adoption passing confidence
pkgroll 1.8.2 -> 1.9.0 age adoption passing confidence
prettier (source) 2.8.4 -> 2.8.7 age adoption passing confidence
tsd 0.25.0 -> 0.28.0 age adoption passing confidence
tsx 3.12.3 -> 3.12.6 age adoption passing confidence
vite (source) 4.1.1 -> 4.2.1 age adoption passing confidence
vitest 0.28.4 -> 0.29.7 age adoption passing confidence

Release Notes

conventional-changelog/commitlint (@​commitlint/cli)

v17.5.0

Compare Source

Note: Version bump only for package @​commitlint/cli

17.4.4 (2023-02-17)

Note: Version bump only for package @​commitlint/cli

17.4.3 (2023-02-13)

Note: Version bump only for package @​commitlint/cli

17.4.2 (2023-01-12)

Note: Version bump only for package @​commitlint/cli

17.4.1 (2023-01-09)

Note: Version bump only for package @​commitlint/cli

v17.4.4

Compare Source

Note: Version bump only for package @​commitlint/cli

v17.4.3

Compare Source

Note: Version bump only for package @​commitlint/cli

conventional-changelog/commitlint (@​commitlint/config-conventional)

v17.4.4

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

v17.4.3

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

trivago/prettier-plugin-sort-imports

v4.1.1

Compare Source

Revert

v4.1.0

Compare Source

New features
privatenumber/cleye

v1.3.2

Compare Source

Bug Fixes
  • consistent camelCase conversion between type and runtime (#​23) (51bfad5)
privatenumber/pkgroll

v1.9.0

Compare Source

Features
  • warn when [@types](https://github.com/types) is in devDeps but couterpart is in deps (#​31) (4a7ec03)
prettier/prettier

v2.8.7

Compare Source

diff

Allow multiple decorators on same getter/setter (#​14584 by @​fisker)
// Input
class A {
  @​decorator()
  get foo () {}
  
  @​decorator()
  set foo (value) {}
}

// Prettier 2.8.6
SyntaxError: Decorators cannot be applied to multiple get/set accessors of the same name. (5:3)
  3 |   get foo () {}
  4 |   
> 5 |   @​decorator()
    |   ^^^^^^^^^^^^
  6 |   set foo (value) {}
  7 | }

// Prettier 2.8.7
class A {
  @​decorator()
  get foo() {}

  @​decorator()
  set foo(value) {}
}

v2.8.6

Compare Source

diff

Allow decorators on private members and class expressions (#​14548 by @​fisker)
// Input
class A {
  @​decorator()
  #privateMethod () {}
}

// Prettier 2.8.5
SyntaxError: Decorators are not valid here. (2:3)
  1 | class A {
> 2 |   @​decorator()
    |   ^^^^^^^^^^^^
  3 |   #privateMethod () {}
  4 | }

// Prettier 2.8.6
class A {
  @​decorator()
  #privateMethod() {}
}

v2.8.5

Compare Source

diff

Support TypeScript 5.0 (#​14391 by @​fisker, #​13819 by @​fisker, @​sosukesuzuki)

TypeScript 5.0 introduces two new syntactic features:

  • const modifiers for type parameters
  • export type * declarations
Add missing parentheses for decorator (#​14393 by @​fisker)
// Input
class Person {
  @​(myDecoratorArray[0])
  greet() {}
}

// Prettier 2.8.4
class Person {
  @​myDecoratorArray[0]
  greet() {}
}

// Prettier 2.8.5
class Person {
  @​(myDecoratorArray[0])
  greet() {}
}
Add parentheses for TypeofTypeAnnotation to improve readability (#​14458 by @​fisker)
// Input
type A = (typeof node.children)[];

// Prettier 2.8.4
type A = typeof node.children[];

// Prettier 2.8.5
type A = (typeof node.children)[];
Support max_line_length=off when parsing .editorconfig (#​14516 by @​josephfrazier)

If an .editorconfig file is in your project and it sets max_line_length=off for the file you're formatting,
it will be interpreted as a printWidth of Infinity rather than being ignored
(which previously resulted in the default printWidth of 80 being applied, if not overridden by Prettier-specific configuration).

<!-- Input -->
<div className='HelloWorld' title={`You are visitor number ${ num }`} onMouseOver={onMouseOver}/>

<!-- Prettier 2.8.4 -->
<div
  className="HelloWorld"
  title={`You are visitor number ${num}`}
  onMouseOver={onMouseOver}
/>;

<!-- Prettier 2.8.5 -->
<div className="HelloWorld" title={`You are visitor number ${num}`} onMouseOver={onMouseOver} />;
SamVerschueren/tsd

v0.28.0

Compare Source

v0.27.0

Compare Source

v0.26.1

Compare Source

v0.26.0

Compare Source

esbuild-kit/tsx

v3.12.6

Compare Source

Bug Fixes
  • repl: suppress autocomplete transformation errors (#​205) (8e1958d)

v3.12.5

Compare Source

Bug Fixes
  • watch: ignore hidden files (afa3c78)

v3.12.4

Compare Source

Bug Fixes
vitejs/vite

v4.2.1

Compare Source

v4.2.0

Compare Source

Vite 4.2 is out!

Support env variables replacement in HTML files

Vite now supports replacing env variables in HTML files. Any properties in import.meta.env can be used in HTML files with a special %ENV_NAME% syntax:

<h1>Vite is running in %MODE%</h1>
<p>Using data from %VITE_API_URL%</p>
Sourcemaps improvements

The Chrome Dev Tools team has been working to improve the DX of Vite and Vite-powered frameworks in the dev tools. Vite 4.2 brings an improved experience and tools for framework authors to hide 3rd party code and build artifacts from the user from console log traces using server.sourcemapIgnoreList and build.rollupOptions.output.sourcemapIgnoreList.

ESM subpath imports

Vite 4.2 now supports subpath imports, thanks to @​lukeed05's resolve.exports library.

TypeScript 5 support

Vite 4.2 also supports TypeScript 5's tsconfig extends array format, thanks to tsconfck.

esbuild 0.17

esbuild v0.17.0 improved the design of its incremental, watch, and serve APIs. Check out #​11908 for the rationale of why we didn't consider the backward-incompatible changes breaking for our use cases. The updated esbuild design now allows Vite to properly cancel in-fly builds and improve server restarts.

Use Rollup types from the vite package

Expose Rollup types as a namespace. This is helpful to avoid type conflicts because of different versions of Rollup types in environments like vite-ecosystem-ci (#​12316).

import type { Rollup } from 'vite'
Português Docs Translation

The Vite documentation is now translated to Português at pt.vitejs.dev thanks to Nazaré Da Piedade .

Features
Bug Fixes
Previous Changelogs
4.2.0-beta.2 (2023-03-13)

See 4.2.0-beta.2 changelog

4.2.0-beta.1 (2023-03-07)

See 4.2.0-beta.1 changelog

4.2.0-beta.0 (2023-02-27)

See 4.2.0-beta.0 changelog

v4.1.4

Compare Source

v4.1.3

Compare Source

v4.1.2

Compare Source

vitest-dev/vitest

v0.29.7

Compare Source

   🐞 Bug Fixes
    View changes on GitHub

v0.29.6

Compare Source

   🐞 Bug Fixes
    View changes on GitHub

v0.29.5

Compare Source

   🐞 Bug Fixes
    View changes on GitHub

v0.29.4

Compare Source

   🚀 Features
   🐞 Bug Fixes
    View changes on GitHub

v0.29.3

Compare Source

   🚀 Features
   🐞 Bug Fixes
   🏎 Performance
    View changes on GitHub

v0.29.2

Compare Source

   🐞 Bug Fixes
    View changes on GitHub

v0.29.1

Compare Source

   🐞 Bug Fixes
    View changes on GitHub

v0.29.0

Compare Source

This release makes some significant changes to how tests are running. If you were using --no-threads before, you might consider enabling --single-thread instead (because your tests are now running in child_process instead of a worker thread) or try our new performance optimization feature (discussed later). If you were relying on API that was not available inside a worker (like process.chdir(), you can now use this option.

One of the potential breaking bug fixes is that environments do not share the same global scope anymore if you run them with --no-isolate, --no-threads or --single-thread - you might need to update your setup files if you were relying on a global variable before.

If you had performance issues on large code bases before, try the new deps.experimentalOptimizer option instead of disabling threads. Feedback is welcome!

One of the breaking changes includes adding a link to snapshots inside snapshot files, meaning you will need to update all your snapshots.

   🚨 Breaking Changes

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@changeset-bot
Copy link

changeset-bot bot commented Feb 13, 2023
edited
Loading

⚠️ No Changeset found

Latest commit: d27ae8d

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@socket-security
Copy link

socket-security bot commented Feb 13, 2023
edited
Loading

New dependency changes detected. Learn more about Socket for GitHub ↗︎

🚨 Potential security issues found in this pull request. To accept the risk, merge this PR and you will not be notified again.

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

  • @SocketSecurity ignore esbuild@0.17.14

⚠️ Please accept the latest app permissions to ensure bot commands work properly. Accept the new permissions here.

📜 Install scripts

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Package Script field Source
esbuild@0.17.14 (upgraded) postinstall package.json via pkgroll@1.9.0, vite@4.1.1, vitest@0.29.7
Pull request alert summary
Issue Status
Install scripts ⚠️ 1 issue
Native code ✅ 0 issues
Bin script shell injection ✅ 0 issues
Unresolved require ✅ 0 issues
Invalid package.json ✅ 0 issues
HTTP dependency ✅ 0 issues
Git dependency ✅ 0 issues
Potential typo squat ✅ 0 issues
Known Malware ✅ 0 issues
Telemetry ✅ 0 issues
Protestware/Troll package ✅ 0 issues

📊 Modified Dependency Overview:

⬆️ Updated Package Version Diff Capability Access +/- Transitive Count Publisher
pkgroll@1.9.0 1.8.2...1.9.0 filesystem, environment +37/-15 hirokiosame
vitest@0.29.7 0.28.4...0.29.7 eval, filesystem, shell, environment +25/-47 oreanno
cleye@1.3.2 1.3.1...1.3.2 None +0/-0 hirokiosame
tsx@3.12.6 3.12.3...3.12.6 filesystem, shell, environment +0/-0 hirokiosame
@commitlint/config-conventional@17.4.4 17.4.2...17.4.4 None +0/-0 escapedcat
@trivago/prettier-plugin-sort-imports@4.1.1 4.0.0...4.1.1 None +1/-35 ayusharma
prettier@2.8.3 2.8.4...2.8.3 eval, filesystem, environment +0/-0 prettier-bot

🚮 Removed packages: @commitlint/cli@17.4.2, tsd@0.25.0

@renovate renovate bot changed the title chore(deps): update dependency pkgroll to v1.9.0 chore(deps): update all non-major dependencies Feb 13, 2023
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 6 times, most recently from d2ed60b to e230175 Compare February 20, 2023 09:24
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 5 times, most recently from 5b1e7d2 to e175451 Compare February 28, 2023 17:24
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 4 times, most recently from a742228 to bb29c07 Compare March 12, 2023 15:18
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 5 times, most recently from 4eb1700 to 7018690 Compare March 20, 2023 09:28
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 6 times, most recently from ad268a6 to 73398f8 Compare March 24, 2023 12:40
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 176c218 to bdbc666 Compare March 28, 2023 09:16
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from bdbc666 to d27ae8d Compare March 28, 2023 10:04
@jellydn jellydn merged commit c44f6cb into main Mar 28, 2023
@renovate renovate bot deleted the renovate/all-minor-patch branch March 28, 2023 10:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@renovate-approve renovate-approve[bot] renovate-approve[bot] approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jellydn