Skip to content

chore(deps): update all non-major dependencies#9

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/all-minor-patch
Open

chore(deps): update all non-major dependencies#9
renovate[bot] wants to merge 1 commit intomainfrom
renovate/all-minor-patch

Conversation

@renovate
Copy link
Copy Markdown
Contributor

@renovate renovate bot commented Dec 25, 2023
edited
Loading

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Change Age Confidence
@types/node (source) ^20.9.3^20.19.39 age confidence
@types/semver (source) ^7.5.6^7.7.1 age confidence
@xmldom/xmldom ^0.8.10^0.9.10 age confidence
ConfigureAwaitChecker.Analyzer 5.0.05.0.0.1 age confidence
Finbuckle.MultiTenant (source) 6.11.16.13.1 age confidence
Microsoft.NETFramework.ReferenceAssemblies (source) 1.0.21.0.3 age confidence
chalk ^5.3.0^5.6.2 age confidence
changelogen ^0.5.5^0.6.2 age confidence
defu ^6.1.3^6.1.7 age confidence
detect-indent ^7.0.1^7.0.2 age confidence
dotenv ^16.3.1^16.6.1 age confidence
eslint (source) 8.54.08.57.1 age confidence
globby ^14.0.0^14.1.0 age confidence
js-yaml ^4.1.0^4.1.1 age confidence
jsonpath 1.1.11.3.0 age confidence
knip (source) ^2.41.5^2.43.0 age confidence
pathe ^1.1.1^1.1.2 age confidence
prettier (source) 3.1.03.8.3 age confidence
release-it ^17.0.0^17.11.0 age confidence
rimraf ^5.0.5^5.0.10 age confidence
semver ^7.5.4^7.7.4 age confidence
shelljs ^0.8.5^0.10.0 age confidence
typescript (source) ^5.3.2^5.9.3 age confidence
xpath ^0.0.33^0.0.34 age confidence

Release Notes

xmldom/xmldom (@​xmldom/xmldom)

v0.9.10

Compare Source

Fixed
  • Security: XMLSerializer.serializeToString() (and Node.toString(), NodeList.toString()) now accept a requireWellFormed option. When { requireWellFormed: true } is passed, the serializer throws InvalidStateError for injection-prone node content, preventing XML injection via attacker-controlled node data. GHSA-j759-j44w-7fr8 GHSA-x6wf-f3px-wcqx GHSA-f6ww-3ggp-fr8h
    • Comment: throws when data contains -- anywhere, ends with -, or contains characters outside the XML Char production
    • ProcessingInstruction: throws when target contains : or matches xml (case-insensitive), or data contains characters outside the XML Char production or contains ?>
    • DocumentType: throws when publicId fails PubidLiteral, systemId fails SystemLiteral, or internalSubset contains ]>
  • Security: DOM traversal operations (XMLSerializer.serializeToString(), Node.prototype.normalize(), Node.prototype.cloneNode(true), Document.prototype.importNode(node, true), node.textContent getter, getElementsByTagName() / getElementsByTagNameNS() / getElementsByClassName() / getElementById(), Node.prototype.isEqualNode()) are now iterative. Previously, deeply nested DOM trees would exhaust the JavaScript call stack and throw an unrecoverable RangeError. GHSA-2v35-w6hq-6mfw
  • isEqualNode now correctly returns false for CDATASection nodes with different data
Deprecated
  • The splitCDATASections serializer option is deprecated and will be removed in the next breaking release. The automatic splitting of "]]>" in CDATASection data was introduced as a workaround; use requireWellFormed: true or ensure CDATASection data does not contain "]]>" before serialization.
Chore
  • updated dependencies

Thank you,
@​Jvr2022,
@​praveen-kv,
@​TharVid,
@​decsecre583,
@​tlsbollei,
@​KarimTantawey,
for your contributions

v0.9.9

Compare Source

Added
  • implement ParentNode.children getter #960 / #410
Fixed
  • Security: createCDATASection now throws InvalidCharacterError when data contains "]]>", as required by the WHATWG DOM spec. GHSA-wh4c-j3r5-mjhp
  • Security: XMLSerializer now splits CDATASection nodes whose data contains "]]>" into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (appendData, replaceData, .data =, .textContent =). GHSA-wh4c-j3r5-mjhp
  • correctly traverse ancestor chain in Node.contains #931

Code that passes a string containing "]]>" to createCDATASection and relied on the previously unsafe behavior will now receive InvalidCharacterError. Use a mutation method such as appendData if you intentionally need "]]>" in a CDATASection node's data.

Chore
  • updated dependencies

Thank you,
@​stevenobiajulu,
@​yoshi389111,
@​thesmartshadow,
for your contributions

v0.9.8

Compare Source

Fixed
  • fix: replace \u2029 as part of normalizeLineEndings #839 / #838
  • perf: speed up line detection #847 / #838
Chore
  • updated dependencies
  • drop jazzer and rxjs devDependencies #845

Thank you,
@​kboshold,
@​Ponynjaa,
for your contributions.

v0.9.7

Compare Source

Added
  • Implementation of hasAttributes #804
Fixed
  • locator is now true even when other options are being used for the DOMParser #802 / #803
  • allow case-insensitive DOCTYPE in HTML #817 / #819
Performance
  • simplify DOM.compareDocumentPosition #805
Chore
  • updated devDependencies

Thank you,
@​zorkow,
@​Ponynjaa,
@​WesselKroos,
for your contributions.

v0.9.6

Compare Source

Fixed
  • lower error level for unicode replacement character #790 / #794 / #797
Chore
  • updated devDependencies
  • migrate renovate config #792

Thank you, @​eglitise, for your contributions.

v0.9.5

Compare Source

Fixed
  • fix: re-index childNodes on insertBefore #763 / #766

Thank you,
@​mureinik,
for your contributions.

v0.9.4

Compare Source

Fixed
  • restore performance for large amount of child nodes #748 / #760
  • types: correct error handler level to warning (#​759) #754 / #759
Docs
  • test: verify BOM handling #758

Thank you,
@​luffynando,
@​mattiasw,
@​JoinerDev,
for your contributions.

v0.9.3

Compare Source

Fixed
  • restore more Node and ProcessingInstruction types #725 / #726
  • getElements* methods return LiveNodeList<Element> #731 / #734
  • Add more missing Node props #728, triggered by unclosed #724
Docs
Chore
  • updates devDependencies

Thank you,
@​Ponynjaa,
@​ayZagen,
@​sserdyuk,
@​wydengyre,
@​mykola-mokhnach,
@​benkroeger,
for your contributions.

v0.9.2

Compare Source

Feature
  • add Element.getElementsByClassName #722
Fixed
  • add missing types for Document.documentElement and Element.tagName #721 #720

Thank you, @​censujiang, @​Mathias-S, for your contributions

v0.9.1

Compare Source

Fixed
  • DOMParser.parseFromString requires mimeType as second argument #713
  • correct spelling of isHTMLMimeType in type definition #715 / #712
  • sync types with exports #717 / #285 / #695
Other
  • minimum tested node version is 14 #710

Thank you, @​krystofwoldrich, @​marvinruder, @​amacneil, @​defunctzombie,
@​tjhorner, @​danon, for your contributions

v0.9.0

Compare Source

Features
  • feat: expose all DOM level 2 element prototypes #637 / #40
  • feat: add iterator function to NodeList and NamedNodeMap #634 / #633
Fixed
  • parse empty/whitspace only doctype internal subset #692
  • avoid prototype clash in namespace prefix #554
  • report fatalError when doctype is inside elements #550
Other
  • test: add fuzz target and regression tests #556
  • chore: improve .gitignore and provide .envrc.template #697
  • chore: Apply security best practices #546
  • ci: check test coverage in PRs #524
  • docs: add missing commas to readme #566
  • docs: click to copy install command in readme #644
  • docs: enhance jsdoc comments #511

Thank you, @​kboshold, @​edi9999, @​apupier,
@​shunkica, @​homer0, @​jhauga,
@​UdayKharatmol, for your contributions

v0.8.13

Compare Source

Fixed
  • Security: XMLSerializer.serializeToString() (and Node.toString(), NodeList.toString()) now accept a requireWellFormed option (fourth argument, after isHtml and nodeFilter). When { requireWellFormed: true } is passed, the serializer throws InvalidStateError for injection-prone node content, preventing XML injection via attacker-controlled node data. GHSA-j759-j44w-7fr8 GHSA-x6wf-f3px-wcqx GHSA-f6ww-3ggp-fr8h
    • Comment: throws when data contains -->
    • ProcessingInstruction: throws when data contains ?>
    • DocumentType: throws when publicId fails PubidLiteral, systemId fails SystemLiteral, or internalSubset contains ]>
  • Security: DOM traversal operations (XMLSerializer.serializeToString(), Node.prototype.normalize(), Node.prototype.cloneNode(true), Document.prototype.importNode(node, true), node.textContent getter, getElementsByTagName() / getElementsByTagNameNS() / getElementsByClassName() / getElementById()) are now iterative. Previously, deeply nested DOM trees would exhaust the JavaScript call stack and throw an unrecoverable RangeError. GHSA-2v35-w6hq-6mfw

Thank you,
@​Jvr2022,
@​praveen-kv,
@​TharVid,
@​decsecre583,
@​tlsbollei,
@​KarimTantawey,
for your contributions

v0.8.12

Compare Source

Fixed
  • preserve trailing whitespace in ProcessingInstruction data #962 / #42
  • Security: createCDATASection now throws InvalidCharacterError when data contains "]]>", as required by the WHATWG DOM spec. GHSA-wh4c-j3r5-mjhp
  • Security: XMLSerializer now splits CDATASection nodes whose data contains "]]>" into adjacent CDATA sections at serialization time, preventing XML injection via mutation methods (appendData, replaceData, .data =, .textContent =). GHSA-wh4c-j3r5-mjhp

Code that passes a string containing "]]>" to createCDATASection and relied on the previously unsafe behavior will now receive InvalidCharacterError. Use a mutation method such as appendData if you intentionally need "]]>" in a CDATASection node's data.

Thank you,
@​thesmartshadow,
@​stevenobiajulu,
for your contributions

v0.8.11

Compare Source

Fixed
  • update ownerDocument when moving nodes between documents #933 / #932

Thank you, @​shunkica, for your contributions

Finbuckle/Finbuckle.MultiTenant (Finbuckle.MultiTenant)

v6.13.1

Bug Fixes

v6.13.0

Features
Bug Fixes

v6.12.0

Features
chalk/chalk (chalk)

v5.6.2

Compare Source

  • Fix vulnerability in 5.6.1, see: #​656

v5.6.0

Compare Source

  • Make WezTerm terminal use true color a8f5bf7

v5.5.0

Compare Source

v5.4.1

Compare Source

v5.4.0

Compare Source

  • Update CIRCLECI environments to return level 3 color support f838120
unjs/changelogen (changelogen)

v0.6.2

Compare Source

compare changes

🩹 Fixes
  • cli: Accept hideAuthorEmail arg (#​275)
📖 Documentation
  • Add note about version number interpretation (#​272)
🌊 Types
  • config.types accept boolean value (#​278)
🏡 Chore
❤️ Contributors

v0.6.1

Compare Source

compare changes

🩹 Fixes
  • Pass cwd in more places before running commands (#​266)
🏡 Chore
✅ Tests
❤️ Contributors

v0.6.0

Compare Source

compare changes

🚀 Enhancements
  • Update jiti to v2 (6e85d32)
  • Add check for breaking changes in commit body (#​228)
  • Hide author email address via flag (#​247)
  • Add noAuthors option (#​183)
🩹 Fixes
  • Use https proto for author's github link (#​225)
  • Use https proto for author's github link in tests (#​226)
  • Release version regex supporting pre versions (#​259)
  • Use correct compare changes URL for Bitbucket (#​257)
  • Use tag template for version title and compare change link (#​255)
  • Render usernames in github changelog (#​265)
💅 Refactors
  • Use consola for colors (49e0401)
  • Use confbox for yaml parsing (19e940c)
📦 Build
🏡 Chore
✅ Tests
  • Add tests for parsing co-authors from commit body (#​229)
⚠️ Breaking Changes
❤️ Contributors

v0.5.7

Compare Source

compare changes

🩹 Fixes
  • bump: Avoid using + for canary suffix (#​224)
❤️ Contributors

v0.5.6

Compare Source

compare changes

🚀 Enhancements
  • Add option to sign git tags (#​117)
  • git: Support parse git messages that have prefix emoji (#​146)
🩹 Fixes
  • github: Use bearer token (#​180)
  • Handle repo name with multiple segments (#​219)
  • Lowercase scope when filtering (#​199)
💅 Refactors
  • Replace execa with execSync (#​222)
  • Use human readable date for canary versions (#​223)
  • Update execCommand (68127be)
🏡 Chore
❤️ Contributors
unjs/defu (defu)

v6.1.7

Compare Source

compare changes

🩹 Fixes
  • defu.d.cts: Export Defu types (#​157)
📦 Build
  • Correct the types export entry (#​160)
❤️ Contributors

v6.1.6

Compare Source

compare changes

📦 Build
❤️ Contributors

v6.1.5

Compare Source

compare changes

🩹 Fixes
  • Prevent prototype pollution via __proto__ in defaults (#​156)
  • Ignore inherited enumerable properties (11ba022)
🏡 Chore
✅ Tests
  • Add more tests for plain objects (b65f603)
🤖 CI
❤️ Contributors

v6.1.4

Compare Source

compare changes

🩹 Fixes
  • Merge objects with Module type (#​121)
💅 Refactors
  • Move isPlainObject to _utils to allow testing (e922a16)
  • Make isPlainObject logic more readable (e458b63)
📖 Documentation
🏡 Chore
✅ Tests
  • Improve tests for isPlainObject (b24a213)
❤️ Contributors
sindresorhus/detect-indent (detect-indent)

v7.0.2

Compare Source

  • Fix multi-line comment indent detection 8c39c07
motdotla/dotenv (dotenv)

v16.6.1

Compare Source

Changed
  • Default quiet to true – hiding the runtime log message (#​874)
  • NOTICE: 17.0.0 will be released with quiet defaulting to false. Use config({ quiet: true }) to suppress.
  • And check out the new dotenvx. As coding workflows evolve and agents increasingly handle secrets, encrypted .env files offer a much safer way to deploy both agents and code together with secure secrets. Simply switch require('dotenv').config() for require('@​dotenvx/dotenvx').config().

v16.6.0

Compare Source

Added
  • Default log helpful message [dotenv@16.6.0] injecting env (1) from .env (#​870)
  • Use { quiet: true } to suppress
  • Aligns dotenv more closely with dotenvx.

v16.5.0

Compare Source

Added
  • 🎉 Added new sponsor Graphite - the AI developer productivity platform helping teams on GitHub ship higher quality software, faster.

[!TIP]
Become a sponsor

The dotenvx README is viewed thousands of times DAILY on GitHub and NPM.
Sponsoring dotenv is a great way to get in front of developers and give back to the developer community at the same time.

Changed
  • Remove _log method. Use _debug #​862

v16.4.7

Compare Source

Changed
  • Ignore .tap folder when publishing. (oops, sorry about that everyone. - @​motdotla) #​848

v16.4.6

Compare Source

Changed
  • Clean up stale dev dependencies #​847
  • Various README updates clarifying usage and alternative solutions using dotenvx

v16.4.5

Compare Source

Changed
  • 🐞 Fix recent regression when using path option. return to historical behavior: do not attempt to auto find .env if path set. (regression was introduced in 16.4.3) #​814

v16.4.4

Compare Source

Changed
  • 🐞 Replaced chaining operator ?. with old school && (fixing node 12 failures) #​812

v16.4.3

Compare Source

Changed
  • 🐞 Fix recent regression when using path option. return to historical behavior: do not attempt to auto find .env if path set. (regression was introduced in 16.4.3) #​814

v16.4.2

Compare Source

Changed

v16.4.1

Compare Source

  • Patch support for array as path option #​797

v16.4.0

Compare Source

  • Add error.code to error messages around .env.vault decryption handling #​795
  • Add ability to find .env.vault file when filename(s) passed as an array #​784

v16.3.2

Compare Source

Added
  • Add debug message when no encoding set #​735
Changed
  • Fix output typing for populate #​792
  • Use subarray instead of slice #​793
eslint/eslint (eslint)

v8.57.1

Compare Source

v8.57.0

Compare Source

v8.56.0

Compare Source

v8.55.0

Compare Source

sindresorhus/globby (globby)

v14.1.0

Compare Source

  • Export isIgnoredByIgnoreFiles and isIgnoredByIgnoreFilesSync functions (#​269) cba8941

v14.0.2

Compare Source

v14.0.1

Compare Source

nodeca/js-yaml (js-yaml)

v4.1.1

Compare Source

dchester/jsonpath (jsonpath)

v1.3.0

Compare Source

v1.2.1

Compare Source

v1.2.0

Compare Source

webpro-nl/knip (knip)

v2.43.0

Compare Source

  • Fix up name resolver in babel plugin helper (resolves #​363) (a3a5fbb)
  • Add config file paths to babel plugin (d7a07a0)
  • Use flowNode pos if available for export declarations (resolves #​353) (9e89be6)

v2.42.0

Compare Source

  • Add tests with typescript@​latest (c95e060)
  • Add compat w/ typescript v5.3.2 (395c278)

v2.41.6

Compare Source

  • Update dependencies (a69fa9e)
  • Fix error message (76c5b26)
  • Add tsconfig.json to nx fixture (#​358) (622848a)
  • Use babel plugin to find dependencies from babelOptions in eslint plugin (resolves #​357) (be9a14c)
unjs/pathe (pathe)

v1.1.2

Compare Source

compare changes

🩹 Fixes
  • Trim root folder / when calculating relative paths (#​142)
  • Check process.cwd before calling it (#​147)
  • Uppercase windows drive letters (#​151)
  • resolveAlias: Handle aliases ending with trailing slash (#​155)
  • relative: Handle different windows drive letters (#​158)
🏡 Chore
❤️ Contributors
1.1.1 (2023-06-01)
Bug Fixes
prettier/prettier (prettier)

v3.8.3

Compare Source

v3.8.2

Compare Source

v3.8.1

Compare Source

v3.8.0

Compare Source

diff

🔗 Release note

v3.7.4

Compare Source

diff

LWC: Avoid quote around interpolations (#​18383 by @​kovsu)
<!-- Input -->
<div foo={bar}>   </div>

<!-- Prettier 3.7.3 (--embedded-language-formatting off) -->
<div foo="{bar}"></div>

<!-- Prettier 3.7.4 (--embedded-language-formatting off) -->
<div foo={bar}></div>
TypeScript: Fix comment inside union type gets duplicated (#​18393 by @​fisker)
// Input
type Foo = (/** comment */ a | b) | c;

// Prettier 3.7.3
type Foo = /** comment */ (/** comment */ a | b) | c;

// Prettier 3.7.4
type Foo = /** comment */ (a | b) | c;
TypeScript: Fix unstable comment print in union type comments (#​18395 by @​fisker)
// Input
type X = (A | B) & (
  // comment
  A | B
);

// Prettier 3.7.3 (first format)
type X = (A | B) &
  (// comment
  A | B);

// Prettier 3.7.3 (second format)
type X = (
  | A
  | B // comment
) &
  (A | B);

// Prettier 3.7.4
type X = (A | B) &
  // comment
  (A | B);

v3.7.3

Compare Source

diff

API: Fix prettier.getFileInfo() change that breaks VSCode extension (#​18375 by @​fisker)

An internal refactor accidentally broke the VSCode extension plugin loading.

v3.7.2

Compare Source

[diff](https://redirect.githu

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • "after 2am and before 3am"
  • Automerge
    • "after 1am and before 2am"

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 69c12ff to ff3ef44 Compare January 5, 2024 21:31
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 7 times, most recently from 3b8e53b to f0765fe Compare January 14, 2024 03:15
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 7 times, most recently from 1a8163f to f942ef0 Compare January 19, 2024 20:23
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 8 times, most recently from de822ec to f80c218 Compare January 29, 2024 01:08
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 6 times, most recently from f3f7ea2 to 214b50f Compare February 1, 2024 19:11
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 6 times, most recently from 64d3127 to aa7105b Compare February 24, 2024 19:19
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 4 times, most recently from ebb5fec to 5dd07d3 Compare February 29, 2024 18:05
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 3 times, most recently from 41d22f5 to 9864a71 Compare March 13, 2024 16:54
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 4 times, most recently from cae098c to 6fa9243 Compare March 20, 2024 23:32
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 5 times, most recently from 4f98bd3 to 1e8bbd8 Compare April 5, 2024 22:59
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 4 times, most recently from e13ede2 to a03baac Compare April 12, 2024 09:35
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from af38287 to e90bdf8 Compare May 1, 2024 20:10
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from e90bdf8 to c60264c Compare May 6, 2024 16:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants