Update dependency prettier to v3.3.3

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
prettier (source)	3.1.1 -> 3.3.3

---

Release Notes

prettier/prettier (prettier)

v3.3.3

Compare Source

diff

Add parentheses for nullish coalescing in ternary (#​16391 by @​cdignam-segment)

This change adds clarity to operator precedence.

// Input
foo ? bar ?? foo : baz;
foo ?? bar ? a : b;
a ? b : foo ?? bar;

// Prettier 3.3.2
foo ? bar ?? foo : baz;
foo ?? bar ? a : b;
a ? b : foo ?? bar;

// Prettier 3.3.3
foo ? (bar ?? foo) : baz;
(foo ?? bar) ? a : b;
a ? b : (foo ?? bar);

Add parentheses for decorator expressions (#​16458 by @​y-schneider)

Prevent parentheses around member expressions or tagged template literals from being removed to follow the stricter parsing rules of TypeScript 5.5.

// Input
@​(foo`tagged template`)
class X {}

// Prettier 3.3.2
@​foo`tagged template`
class X {}

// Prettier 3.3.3
@​(foo`tagged template`)
class X {}

Support @let declaration syntax (#​16474 by @​sosukesuzuki)

Adds support for Angular v18 @let declaration syntax.

Please see the following code example. The @let declaration allows you to define local variables within the template:

@​let name = 'Frodo';

<h1>Dashboard for {{name}}</h1>
Hello, {{name}}

For more details, please refer to the excellent blog post by the Angular Team: Introducing @​let in Angular.

We also appreciate the Angular Team for kindly answering our questions to implement this feature.

v3.3.2

Compare Source

diff

Fix handlebars path expressions starts with @ (#​16358 by @​Princeyadav05)

{{! Input }}
<div>{{@&#8203;x.y.z}}</div>

{{! Prettier 3.3.1 }}
<div>{{@&#8203;x}}</div>

{{! Prettier 3.3.2 }}
<div>{{@&#8203;x.y.z}}</div>

v3.3.1

Compare Source

diff

Preserve empty lines in front matter (#​16347 by @​fisker)

<!-- Input -->
---
foo:
  - bar1

  - bar2

  - bar3
---
Markdown

<!-- Prettier 3.3.0 -->

---
foo:
  - bar1
  - bar2
  - bar3
---

Markdown

<!-- Prettier 3.3.1 -->
---
foo:
  - bar1

  - bar2

  - bar3
---

Markdown

Preserve explicit language in front matter (#​16348 by @​fisker)

<!-- Input -->
---yaml
title: Hello
slug: home
---

<!-- Prettier 3.3.0 -->
---
title: Hello
slug: home
---

<!-- Prettier 3.3.1 -->
---yaml
title: Hello
slug: home
---

Avoid line breaks in import attributes (#​16349 by @​fisker)

// Input
import something from "./some-very-very-very-very-very-very-very-very-long-path.json" with { type: "json" };

// Prettier 3.3.0
import something from "./some-very-very-very-very-very-very-very-very-long-path.json" with { type:
  "json" };

// Prettier 3.3.1
import something from "./some-very-very-very-very-very-very-very-very-long-path.json" with { type: "json" };

v3.3.0

Compare Source

diff

🔗 Release Notes

v3.2.5

Compare Source

diff

Support Angular inline styles as single template literal (#​15968 by @​sosukesuzuki)

Angular v17 supports single string inline styles.

// Input
@​Component({
  template: `<div>...</div>`,
  styles: `h1 { color: blue; }`,
})
export class AppComponent {}

// Prettier 3.2.4
@&#8203;Component({
  template: `<div>...</div>`,
  styles: `h1 { color: blue; }`,
})
export class AppComponent {}

// Prettier 3.2.5
@&#8203;Component({
  template: `<div>...</div>`,
  styles: `
    h1 {
      color: blue;
    }
  `,
})
export class AppComponent {}

Unexpected embedded formatting for Angular template (#​15969 by @​JounQin)

Computed template should not be considered as Angular component template

// Input
const template = "foobar";

@​Component({
  [template]: `<h1>{{       hello }}</h1>`,
})
export class AppComponent {}

// Prettier 3.2.4
const template = "foobar";

@&#8203;Component({
  [template]: `<h1>{{ hello }}</h1>`,
})
export class AppComponent {}

// Prettier 3.2.5
const template = "foobar";

@&#8203;Component({
  [template]: `<h1>{{       hello }}</h1>`,
})
export class AppComponent {}

Use "json" parser for tsconfig.json by default (#​16012 by @​sosukesuzuki)

In v2.3.0, we introduced "jsonc" parser which adds trialing comma by default.

When adding a new parser we also define how it will be used based on the linguist-languages data.

tsconfig.json is a special file used by TypeScript, it uses .json file extension, but it actually uses the JSON with Comments syntax. However, we found that there are many third-party tools not recognize it correctly because of the confusing .json file extension.

We decide to treat it as a JSON file for now to avoid the extra configuration step.

To keep using the "jsonc" parser for your tsconfig.json files, add the following to your .pretterrc file

{
  "overrides": [
    {
      "files": ["tsconfig.json", "jsconfig.json"],
      "options": {
        "parser": "jsonc"
      }
    }
  ]
}

v3.2.4

Compare Source

diff

Fix incorrect parser inference (#​15947 by @​fisker)

Files like .eslintrc.json were incorrectly formatted as JSONC files.

// Input
prettier --file-info .eslintrc.json
{ "ignored": false, "inferredParser": "jsonc" }

// Prettier 3.2.4
prettier --file-info .eslintrc.json
{ "ignored": false, "inferredParser": "json" }

v3.2.3

Compare Source

diff

Throw errors for invalid code (#​15881 by @​fisker, @​Josh-Cena, @​auvred)

// Input
1++;

// Prettier 3.2.2
1++;

// Prettier 3.2.3
SyntaxError: Invalid left-hand side expression in unary operation (1:1)
> 1 | 1++;
    | ^

// Input
try {} catch (error = 1){}

// Prettier 3.2.2
try {
} catch (error) {}

// Prettier 3.2.3
SyntaxError: Catch clause variable cannot have an initializer. (1:23)
> 1 | try {} catch (error = 1){}
    |                       ^

Fix parser inference (#​15927 by @​fisker)

// Prettier 3.2.2
prettier --file-info tsconfig.json
{ "ignored": false, "inferredParser": "json" }

// Prettier 3.2.3
prettier --file-info tsconfig.json
{ "ignored": false, "inferredParser": "jsonc" }

v3.2.2

Compare Source

diff

Fix crash when parsing template literal CSS in a JSX style tag using a spread attribute (#​15896 by @​eelco)

For example this code would crash before:

<style {...spread}>{`.{}`}</style>

Fix formatting error on optional call expression and member chain (#​15920 by @​sosukesuzuki)

// Input
a(() => {}, c?.d());

// Prettier 3.2.1
TypeError: Cannot read properties of undefined (reading 'type')

// Prettier 3.2.2
a(() => {}, c?.d());

v3.2.1

Compare Source

diff

Fix formatting error on member chain (#​15915 by @​sosukesuzuki)

// Input
test().test2().test2(thing?.something);

// Prettier 3.2.0
TypeError: Cannot read properties of undefined (reading 'type')

// Prettier 3.2.1
test().test2().test2(thing?.something);

v3.2.0

Compare Source

diff

🔗 Release Notes

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/[email protected]	environment, filesystem, unsafe	0	7.7 MB	prettier-bot

🚮 Removed packages: npm/[email protected]

View full report↗︎

[sonarcloud]

Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Environment variable access	npm/[email protected]	Env Vars: FORCE_COLOR Location: Package overview	package-lock.json package.json	🚫

View full report↗︎

Next steps

What is environment variable access?

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Packages should be clear about which environment variables they access, and care should be taken to ensure they only access environment variables they claim to.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/[email protected]

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud