Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update all non-major dependencies with stable version (minor) #1599

Merged
merged 7 commits into from
Oct 17, 2024
Merged

chore(deps): update all non-major dependencies with stable version (minor) #1599

merged 7 commits into from
Oct 17, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Sep 9, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence Type Update Pending
@stylistic/stylelint-plugin ^3.0.1 -> ^3.1.0 age adoption passing confidence devDependencies minor 3.1.1
axios (source) ^1.6.8 -> ^1.7.7 age adoption passing confidence peerDependencies minor
cypress (source) ^13.14.2 -> ^13.15.0 age adoption passing confidence devDependencies minor
date-fns-tz ^3.1.3 -> ^3.2.0 age adoption passing confidence dependencies minor
node (source) 18.19.1 -> 18.20.4 age adoption passing confidence minor
node (source) 18.19.1 -> 18.20.4 age adoption passing confidence volta minor
node (source) >=18.19.1 -> >=18.20.4 age adoption passing confidence engines minor
npm-run-all2 ^6.1.2 -> ^6.2.3 age adoption passing confidence devDependencies minor
pnpm (source) 9.4.0 -> 9.12.0 age adoption passing confidence packageManager minor 9.12.1
pnpm (source) 9.4.0 -> 9.12.0 age adoption passing confidence volta minor 9.12.1
vue (source) ^3.4.38 -> ^3.5.11 age adoption passing confidence devDependencies minor 3.5.12
vue (source) ^3.4.38 -> ^3.5.11 age adoption passing confidence peerDependencies minor 3.5.12
vue-router ^4.3.3 -> ^4.4.5 age adoption passing confidence peerDependencies minor
webpack ^5.94.0 -> ^5.95.0 age adoption passing confidence devDependencies minor

Release Notes

stylelint-stylistic/stylelint-stylistic (@​stylistic/stylelint-plugin)

v3.1.0

Compare Source

Added
Fixed
  • Calculation of indentation using postcss-styled-syntax custom syntax (#​41) (@​MorevM).
axios/axios (axios)

v1.7.7

Compare Source

Bug Fixes
  • fetch: fix stream handling in Safari by fallback to using a stream reader instead of an async iterator; (#​6584) (d198085)
  • http: fixed support for IPv6 literal strings in url (#​5731) (364993f)
Contributors to this release

v1.7.6

Compare Source

Bug Fixes
Contributors to this release

v1.7.5

Compare Source

Bug Fixes
  • adapter: fix undefined reference to hasBrowserEnv (#​6572) (7004707)
  • core: add the missed implementation of AxiosError#status property; (#​6573) (6700a8a)
  • core: fix ReferenceError: navigator is not defined for custom environments; (#​6567) (fed1a4b)
  • fetch: fix credentials handling in Cloudflare workers (#​6533) (550d885)
Contributors to this release

v1.7.4

Compare Source

Bug Fixes
Contributors to this release

v1.7.3

Compare Source

Bug Fixes
Contributors to this release

v1.7.2

Compare Source

Bug Fixes
Contributors to this release

v1.7.1

Compare Source

Bug Fixes
  • fetch: fixed ReferenceError issue when TextEncoder is not available in the environment; (#​6410) (733f15f)
Contributors to this release

v1.7.0

Compare Source

Features
Bug Fixes
Contributors to this release
cypress-io/cypress (cypress)

v13.15.0

Compare Source

Changelog: https://docs.cypress.io/guides/references/changelog#13-15-0

marnusw/date-fns-tz (date-fns-tz)

v3.2.0

Compare Source

nodejs/node (node)

v18.20.4

Compare Source

v18.20.3: 2024-05-21, Version 18.20.3 'Hydrogen' (LTS), @​richardlau

Compare Source

Notable Changes

This release fixes a regression introduced in Node.js 18.19.0 where http.server.close() was incorrectly closing idle connections.

A fix has also been included for compiling Node.js from source with newer versions of Clang.

The list of keys used to sign releases has been synchronized with the current list from the main branch.

Updated dependencies
  • acorn updated to 8.11.3.
  • acorn-walk updated to 8.3.2.
  • ada updated to 2.7.8.
  • c-ares updated to 1.28.1.
  • corepack updated to 0.28.0.
  • nghttp2 updated to 1.61.0.
  • ngtcp2 updated to 1.3.0.
  • npm updated to 10.7.0. Includes a fix from [email protected] to limit the number of open connections npm/cli#7324.
  • simdutf updated to 5.2.4.
  • zlib updated to 1.3.0.1-motley-7d77fb7.
Commits

v18.20.2: 2024-04-10, Version 18.20.2 'Hydrogen' (LTS), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes
  • CVE-2024-27980 - Command injection via args parameter of child_process.spawn without shell option enabled on Windows
Commits

v18.20.1

Compare Source

v18.20.0

Compare Source

bcomnes/npm-run-all2 (npm-run-all2)

v6.2.3

Compare Source

Commits
  • Merge pull request #​151 from bcomnes/fix-pnpm-agian c43fa2b
  • Avoid passing config fields as flags for pnpm dc2d7da

v6.2.2

Compare Source

Commits
  • Revert "Compatibility: npm, yarn and pnpm run scripts" fc35f0d

v6.2.1

Compare Source

Merged
  • Compatibility: npm, yarn and pnpm run scripts #143
  • Use neostandard + add more static code analysis #142
  • Upgrade: Bump c8 from 9.1.0 to 10.0.0 #141
  • Upgrade: Bump p-queue from 7.4.1 to 8.0.1 #138

v6.2.0

Compare Source

Merged
  • Placeholder that unfolds into multiple tasks #134
  • 📝 add compatibility note for pnpm. #136
  • Upgrade: Bump codecov/codecov-action from 3 to 4 #131
pnpm/pnpm (pnpm)

v9.12.0: pnpm 9.12

Compare Source

Minor Changes

  • Fix peer dependency resolution dead lock #​8570. This change might change some of the keys in the snapshots field inside pnpm-lock.yaml but it should happen very rarely.

  • pnpm outdated command supports now a --sort-by=name option for sorting outdated dependencies by package name #​8523.

  • Added the ability for overrides to remove dependencies by specifying "-" as the field value #​8572. For example, to remove lodash from the dependencies, use this configuration in package.json:

    {
  "pnpm": {
    "overrides": {
      "lodash": "-"
    }
  }
}
Patch Changes
  • Fixed an issue where pnpm list --json pkg showed "private": false for a private package #​8519.
  • Packages with libc that differ from pnpm.supportedArchitectures.libc are not downloaded #​7362.
  • Prevent ENOENT errors caused by running store prune in parallel #​8586.
  • Add issues alias to pnpm bugs #​8596.
Platinum Sponsors
Gold Sponsors
Our Silver Sponsors

v9.11.0

Compare Source

v9.10.0: pnpm 9.10

Compare Source

Minor Changes

  • Support for a new CLI flag, --exclude-peers, added to the list and why commands. When --exclude-peers is used, peer dependencies are not printed in the results, but dependencies of peer dependencies are still scanned #​8506.

  • Added a new setting to package.json at pnpm.auditConfig.ignoreGhsas for ignoring vulnerabilities by their GHSA code #​6838.

    For instance:

    {
  "pnpm": {
    "auditConfig": {
      "ignoreGhsas": [
        "GHSA-42xw-2xvc-qx8m",
        "GHSA-4w2v-q235-vp99",
        "GHSA-cph5-m8f7-6c5x",
        "GHSA-vh95-rmgr-6w4m"
      ]
    }
  }
}

Patch Changes

  • Throw an exception if pnpm switches to the same version of itself.
  • Reduce memory usage during peer dependencies resolution.

Platinum Sponsors

Gold Sponsors

Our Silver Sponsors

v9.9.0

Compare Source

v9.8.0

Compare Source

v9.7.1

Compare Source

v9.7.0: pnpm 9.7

Compare Source

Minor Changes

  • Added pnpm version management. If the manage-package-manager-versions setting is set to true, pnpm will switch to the version specified in the packageManager field of package.json #​8363. This is the same field used by Corepack. Example:

    {
  "packageManager": "[email protected]"
}

  • Added the ability to apply patch to all versions #​8337.

    If the key of pnpm.patchedDependencies is a package name without a version (e.g. pkg), pnpm will attempt to apply the patch to all versions of the package. Failures will be skipped. If there's only one version of pkg installed, pnpm patch pkg and subsequent pnpm patch-commit $edit_dir will create an entry named pkg in pnpm.patchedDependencies. And pnpm will attempt to apply this patch to other versions of pkg in the future.

  • Change the default edit dir location when running pnpm patch from a temporary directory to node_modules/.pnpm_patches/pkg[@​version] to allow the code editor to open the edit dir in the same file tree as the main project #​8379.

  • Substitute environment variables in config keys #​6679.

Patch Changes

  • pnpm install should run node-gyp rebuild if the project has a binding.gyp file even if the project doesn't have an install script #​8293.
  • Print warnings to stderr #​8342.
  • Peer dependencies of optional peer dependencies should be automatically installed #​8323.

Platinum Sponsors

Gold Sponsors

config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested review from a team, adamdehaven, ValeryG and jillztom as code owners September 9, 2024 04:50
@renovate renovate bot enabled auto-merge (squash) September 9, 2024 04:50
kongponents-bot
kongponents-bot previously approved these changes Sep 9, 2024
View reviewed changes
kongponents-bot
kongponents-bot previously approved these changes Sep 9, 2024
View reviewed changes
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Oct 17, 2024

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

adamdehaven
adamdehaven previously approved these changes Oct 17, 2024
View reviewed changes
kaiarrowood
kaiarrowood previously approved these changes Oct 17, 2024
View reviewed changes
Copy link
Contributor

@kaiarrowood kaiarrowood left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

mihai-peteu
mihai-peteu previously approved these changes Oct 17, 2024
View reviewed changes
@mihai-peteu mihai-peteu dismissed stale reviews from kaiarrowood and themself via 4d565e0 October 17, 2024 20:31
@adamdehaven adamdehaven merged commit d2074c7 into main Oct 17, 2024
36 checks passed
@adamdehaven adamdehaven deleted the renovate/all-minor-patch branch October 17, 2024 20:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@portikM portikM portikM left review comments

@adamdehaven adamdehaven adamdehaven approved these changes

@mihai-peteu mihai-peteu mihai-peteu left review comments

@kongponents-bot kongponents-bot kongponents-bot left review comments

@kaiarrowood kaiarrowood kaiarrowood left review comments

@ValeryG ValeryG Awaiting requested review from ValeryG ValeryG is a code owner

@jillztom jillztom Awaiting requested review from jillztom jillztom is a code owner

Assignees
No one assigned
Labels
dependencies renovate-bot
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@adamdehaven @portikM @kaiarrowood @kongponents-bot @mihai-peteu