Skip to content

Commit 075eeb1

Browse files
chore: update dependencies (#43)
* chore: update dependencies Closes #42 pg-sveltekit: - npm audit fix clears devalue GHSA-77vg-94rm-hx3p (high) and the four svelte SSR/DOM/ReDoS advisories (moderate) by lifting devalue and svelte past the patched versions. - Minor/patch: @e4a/pg-js 1.6.2 -> 1.8.0, @sveltejs/kit 2.59.1 -> 2.60.1, @types/node 25.7.0 -> 25.9.1, eslint 10.3.0 -> 10.4.0, svelte declared range -> ^5.55.8, typescript-eslint 8.59.3 -> 8.59.4. - cookie override stays: @sveltejs/kit 2.60.1 still pins cookie ^0.6.0. pg-manual: - Patch: @e4a/pg-wasm 0.6.0 -> 0.6.1, web-streams-polyfill 4.2.0 -> 4.3.0. - Major: @privacybydesign/yivi-{client,core,css,popup} 0.2 -> 1.x. v1 ships proper ESM with named exports, so examples/utils.js switches to `import { YiviCore } from ...` (etc). yivi.use(...) contract is unchanged; yivi-css stays a side-effect import. vite 7 -> 8 / vite-plugin-svelte 6 -> 7 held back: vite-plugin-top-level-await still `require('rollup')` at load and vite 8 dropped bundled rollup. * chore(pg-sveltekit): vite 7 -> 8, vite-plugin-svelte 6 -> 7 Drops vite-plugin-top-level-await: it required `rollup` at module load and vite 8 swaps rollup for rolldown, so the plugin is unloadable there. With `build.target: 'esnext'`, vite 8 / rolldown passes top-level await through unchanged for modern browsers (Chrome 89+, Firefox 89+, Safari 15+), which the wasm plugin's init relies on. Concurrent TLA imports become sequential after bundling (rolldown semantics), so init may be marginally slower but still correct. - vite 7.3.2 -> 8.0.13 - @sveltejs/vite-plugin-svelte 6.2.4 -> 7.1.2 - remove vite-plugin-top-level-await --------- Co-authored-by: dobby-yivi-agent[bot] <275734547+dobby-yivi-agent[bot]@users.noreply.github.com> Co-authored-by: Ruben Hensen <ruben.hensen@protonmail.com>
1 parent d1870a3 commit 075eeb1

6 files changed

Lines changed: 981 additions & 1594 deletions

File tree

pg-manual/examples/utils.js

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
1-
import * as YiviCore from '@privacybydesign/yivi-core'
2-
import * as YiviClient from '@privacybydesign/yivi-client'
3-
import * as YiviPopup from '@privacybydesign/yivi-popup'
1+
import { YiviCore } from '@privacybydesign/yivi-core'
2+
import { YiviClient } from '@privacybydesign/yivi-client'
3+
import { YiviPopup } from '@privacybydesign/yivi-popup'
44
import '@privacybydesign/yivi-css'
55

66
export const KeySorts = {

pg-manual/package-lock.json

Lines changed: 36 additions & 105 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pg-manual/package.json

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -6,10 +6,10 @@
66
"url": "https://github.com/encryption4all/postguard-examples.git"
77
},
88
"devDependencies": {
9-
"@privacybydesign/yivi-client": "^0.2.1",
10-
"@privacybydesign/yivi-core": "^0.2.1",
11-
"@privacybydesign/yivi-css": "^0.2.1",
12-
"@privacybydesign/yivi-popup": "^0.2.1",
9+
"@privacybydesign/yivi-client": "^1.0.0",
10+
"@privacybydesign/yivi-core": "^1.0.0",
11+
"@privacybydesign/yivi-css": "^1.0.1",
12+
"@privacybydesign/yivi-popup": "^1.0.1",
1313
"clean-webpack-plugin": "^4.0.0",
1414
"css-loader": "^7.1.4",
1515
"html-webpack-plugin": "^5.6.7",
@@ -19,13 +19,13 @@
1919
"streamsaver": "^2.0.6",
2020
"style-loader": "^4.0.0",
2121
"url": "^0.11.4",
22-
"web-streams-polyfill": "^4.2.0",
22+
"web-streams-polyfill": "^4.3.0",
2323
"webpack": "^5.106.2",
2424
"webpack-cli": "^7.0.2",
2525
"webpack-dev-server": "^5.2.4"
2626
},
2727
"dependencies": {
28-
"@e4a/pg-wasm": "^0.6.0",
28+
"@e4a/pg-wasm": "^0.6.1",
2929
"buffer": "^6.0.3",
3030
"util": "^0.12.5"
3131
},

0 commit comments

Comments
 (0)