Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm_and_yarn group across 1 directory with 9 updates #292

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the npm_and_yarn group across 1 directory with 9 updates #292

wants to merge 1 commit into from
+12,057 −24,824

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 25, 2024
edited
Loading

Bumps the npm_and_yarn group with 3 updates in the / directory: vue, @quasar/app and rollup.

Updates vue from 2.7.16 to 3.0.0

Changelog

Sourced from vue's changelog.

3.0.0 (2020-09-18)

3.0.0-rc.13 (2020-09-18)

Bug Fixes

  • hmr: make hmr working with class components (#2144) (422f05e)
  • reactivity: avoid length mutating array methods causing infinite updates (#2138) (f316a33), closes #2137
  • suspense: should discard unmount effects of invalidated pending branch (5bfcad1)
  • types: component instance inference without props (#2145) (57bdaa2)

Code Refactoring

Features

  • runtime-core: support using inject() inside props default functions (58c31e3)
  • watch: support dot-delimited path in watch option (1c9a0b3)

BREAKING CHANGES

  • watch APIs now default to use flush: 'pre' instead of flush: 'post'. This change affects watch, watchEffect, the watch component option, and this.$watch. See (49bb447) for more details.

3.0.0-rc.12 (2020-09-16)

Bug Fixes

  • reactivity: effect should only recursively self trigger with explicit options (3810de7), closes #2125
  • runtime-core: ensure root stable fragments inherit elements for moving (bebd44f), closes #2134
  • runtime-core: should still do full traverse of stable fragment children in dev + hmr (dd40ad8)
  • runtime-core/async-component: fix error component when there are no error handlers (c7b4a37), closes #2129
  • types/tsx: optional props from Mixin/Extends are treated as required (#2048) (89e9ab8)

Features

  • compiler-sfc: additionalData support for css preprocessors (#2126) (066d514)

3.0.0-rc.11 (2020-09-15)

... (truncated)

Commits

Updates @quasar/app from 2.4.3 to 3.3.3

Commits
  • ad27458 chore(app): Bump version
  • f6856ac feat(app): upgrade deps
  • ba04f89 feat(docs): update vue links (since v3 is now default/latest version)
  • 453dfda feat(docs): update vue links (since v3 is now default/latest version)
  • 656a42d fix(app): Capacitor not opening IDE when configured to do so (regression) #12368
  • 2437d97 feat(docs): make some instances of quasar.conf more clear that they refer to ...
  • 9f8a083 chore(ui): Bump version
  • 7d9ab19 feat(ui): various small improvements
  • 7dfca62 feat(TS/QForm): broaden the definition of the submit event #12399
  • dc6d64a Merge branch 'dev' of github.com:quasarframework/quasar into dev
  • Additional commits viewable in compare view

Updates postcss from 7.0.39 to 8.4.38

Release notes

Sourced from postcss's releases.

8.4.38

8.4.37

  • Fixed original.column are not numbers error in another case.

8.4.36

  • Fixed original.column are not numbers error on broken previous source map.

8.4.35

  • Avoid ! in node.parent.nodes type.
  • Allow to pass undefined to node adding method to simplify types.

8.4.34

8.4.33

8.4.32

8.4.31

8.4.30

8.4.29

8.4.28

  • Fixed Root.source.end for better source map (by @​romainmenke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.38

8.4.37

  • Fixed original.column are not numbers error in another case.

8.4.36

  • Fixed original.column are not numbers error on broken previous source map.

8.4.35

  • Avoid ! in node.parent.nodes type.
  • Allow to pass undefined to node adding method to simplify types.

8.4.34

  • Fixed AtRule#nodes type (by Tim Weißenfels).
  • Cleaned up code (by Dmitry Kirillov).

8.4.33

  • Fixed NoWorkResult behavior difference with normal mode (by Romain Menke).
  • Fixed NoWorkResult usage conditions (by @​ahmdammarr).

8.4.32

  • Fixed postcss().process() types (by Andrew Ferreira).

8.4.31

8.4.30

  • Improved source map performance (by Romain Menke).

8.4.29

  • Fixed Node#source.offset (by Ido Rosenthal).
  • Fixed docs (by Christian Oliff).

8.4.28

  • Fixed Root.source.end for better source map (by Romain Menke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.

... (truncated)

Commits
  • a69d45e Release 8.4.38 version
  • 64e35d9 Update dependencies
  • c1ad8fb Merge pull request #1932 from romainmenke/fix-warning-end-index--inventive-nu...
  • b45e7e9 fix endIndex
  • 1bea246 failing test: for endIndex 0 in rangeBy
  • 0fd1d86 Add changelog auto release on Github
  • 49c906e Release 8.4.37 version
  • b5bd92c Fix another broken prev source map issue
  • 2882039 Update dependencies
  • e5ad939 Release 8.4.36 version
  • Additional commits viewable in compare view

Updates body-parser from 1.19.2 to 1.19.1

Changelog

Sourced from body-parser's changelog.

1.19.2 / 2022-02-15

1.19.1 / 2021-12-10

1.19.0 / 2019-04-25

1.18.3 / 2018-05-14

  • Fix stack trace for strict json parse error
  • deps: depd@~1.1.2

... (truncated)

Commits

Updates braces from 2.3.2 to 3.0.2

Changelog

Sourced from braces's changelog.

Release history

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

  • Changelogs are for humans, not machines.
  • There should be an entry for every single version.
  • The same types of changes should be grouped.
  • Versions and sections should be linkable.
  • The latest version comes first.
  • The release date of each versions is displayed.
  • Mention whether you follow Semantic Versioning.

Changelog entries are classified using the following labels (from keep-a-changelog):

  • Added for new features.
  • Changed for changes in existing functionality.
  • Deprecated for soon-to-be removed features.
  • Removed for now removed features.
  • Fixed for any bug fixes.
  • Security in case of vulnerabilities.

[3.0.0] - 2018-04-08

v3.0 is a complete refactor, resulting in a faster, smaller codebase, with fewer deps, and a more accurate parser and compiler.

Breaking Changes

  • The undocumented .makeRe method was removed

Non-breaking changes

  • Caching was removed
Commits

Updates cookie from 0.4.2 to 0.4.1

Changelog

Sourced from cookie's changelog.

0.4.1 / 2020-04-21

  • Fix maxAge option to reject invalid values

0.4.0 / 2019-05-15

  • Add SameSite=None support

0.3.1 / 2016-05-26

  • Fix sameSite: true to work with draft-7 clients
    • true now sends SameSite=Strict instead of SameSite

0.3.0 / 2016-05-26

  • Add sameSite option
    • Replaces firstPartyOnly option, never implemented by browsers
  • Improve error message when encode is not a function
  • Improve error message when expires is not a Date

0.2.4 / 2016-05-20

  • perf: enable strict mode
  • perf: use for loop in parse
  • perf: use string concatination for serialization

0.2.3 / 2015-10-25

  • Fix cookie Max-Age to never be a floating point number

0.2.2 / 2015-09-17

  • Fix regression when setting empty cookie value
    • Ease the new restriction, which is just basic header-level validation
  • Fix typo in invalid value errors

0.2.1 / 2015-09-17

  • Throw on invalid values provided to serialize
    • Ensures the resulting string is a valid HTTP header value

0.2.0 / 2015-08-13

... (truncated)

Commits

Updates express from 4.17.3 to 4.17.2

Changelog

Sourced from express's changelog.

4.17.3 / 2022-02-16

4.17.2 / 2021-12-16

4.17.1 / 2019-05-25

... (truncated)

Commits

Updates rollup from 2.79.1 to 2.79.2

Changelog

Sourced from rollup's changelog.

rollup changelog

4.24.0

2024-10-02

Features

  • Support preserving and transpiling JSX syntax (#5668)

Pull Requests

4.23.0

2024-10-01

Features

  • Collect all emitted names and originalFileNames for assets (#5686)

Pull Requests

4.22.5

2024-09-27

Bug Fixes

  • Allow parsing of certain unicode characters again (#5674)

Pull Requests

4.22.4

2024-09-21

Bug Fixes

  • Fix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (#5671)

... (truncated)

Commits

Updates webpack-dev-middleware from 3.7.3 to 5.3.4

Release notes

Sourced from webpack-dev-middleware's releases.

v5.3.4

5.3.4 (2024-03-20)

Bug Fixes

  • security: do not allow to read files above (#1779) (189c4ac)

v5.3.3

5.3.3 (2022-05-18)

Bug Fixes

v5.3.2

5.3.2 (2022-05-17)

Bug Fixes

  • node types (#1195) (d68ab36)
  • compatibility with Node.js 18

v5.3.1

5.3.1 (2022-02-01)

Bug Fixes

v5.3.0

5.3.0 (2021-12-16)

Features

v5.2.2

5.2.2 (2021-11-17)

Chore

  • update schema-utils package to 4.0.0 version

... (truncated)

Changelog

Sourced from webpack-dev-middleware's changelog.

5.3.4 (2024-03-20)

Bug Fixes

  • security: do not allow to read files above (#1779) (189c4ac)

5.3.3 (2022-05-18)

Bug Fixes

5.3.2 (2022-05-17)

Bug Fixes

5.3.1 (2022-02-01)

Bug Fixes

5.3.0 (2021-12-16)

Features

5.2.2 (2021-11-17)

Chore

  • update schema-utils package to 4.0.0 version

5.2.1 (2021-09-25)

  • internal release, no visible changes and features

5.2.0 (2021-09-24)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Oct 25, 2024
@dependabot dependabot bot mentioned this pull request Oct 25, 2024
Closed
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-e91d141d03 branch 3 times, most recently from 141a3b6 to 10fae24 Compare November 2, 2024 16:04
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-e91d141d03 branch from 10fae24 to 265b71f Compare November 8, 2024 16:54
@dependabot
Bump the npm_and_yarn group across 1 directory with 9 updates
fb402ef 
Bumps the npm_and_yarn group with 3 updates in the / directory: [vue](https://github.com/vuejs/core), [@quasar/app](https://github.com/quasarframework/quasar) and [rollup](https://github.com/rollup/rollup).


Updates `vue` from 2.7.16 to 3.0.0
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/v3.0.0/CHANGELOG.md)
- [Commits](https://github.com/vuejs/core/commits/v3.0.0)

Updates `@quasar/app` from 2.4.3 to 3.3.3
- [Release notes](https://github.com/quasarframework/quasar/releases)
- [Commits](https://github.com/quasarframework/quasar/compare/@quasar/app-v2.4.3...@quasar/app-v3.3.3)

Updates `postcss` from 7.0.39 to 8.4.38
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@7.0.39...8.4.38)

Updates `body-parser` from 1.19.2 to 1.19.1
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md)
- [Commits](expressjs/body-parser@1.19.2...1.19.1)

Updates `braces` from 2.3.2 to 3.0.2
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/braces/commits/3.0.2)

Updates `cookie` from 0.4.2 to 0.4.1
- [Release notes](https://github.com/jshttp/cookie/releases)
- [Changelog](https://github.com/jshttp/cookie/blob/v0.4.1/HISTORY.md)
- [Commits](jshttp/cookie@v0.4.2...v0.4.1)

Updates `express` from 4.17.3 to 4.17.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.17.3...4.17.2)

Updates `rollup` from 2.79.1 to 2.79.2
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](rollup/rollup@v2.79.1...v2.79.2)

Updates `webpack-dev-middleware` from 3.7.3 to 5.3.4
- [Release notes](https://github.com/webpack/webpack-dev-middleware/releases)
- [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md)
- [Commits](webpack/webpack-dev-middleware@v3.7.3...v5.3.4)

---
updated-dependencies:
- dependency-name: vue
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@quasar/app"
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: body-parser
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: braces
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: cookie
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: express
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: rollup
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: webpack-dev-middleware
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/npm_and_yarn-e91d141d03 branch from 265b71f to fb402ef Compare November 17, 2024 11:11
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Nov 17, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants