Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update all non-major dependencies #150

Merged
merged 2 commits into from
Feb 19, 2024
Merged

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Feb 12, 2024

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@swc/core (source) ^1.4.0 -> ^1.4.2 age adoption passing confidence
@sxzz/eslint-config ^3.7.6 -> ^3.8.0 age adoption passing confidence
@types/node (source) ^20.11.16 -> ^20.11.19 age adoption passing confidence
@vitejs/plugin-vue (source) 5.0.3 -> 5.0.4 age adoption passing confidence
@vitest/ui (source) 1.2.2 -> 1.3.0 age adoption passing confidence
esbuild 0.20.0 -> 0.20.1 age adoption passing confidence
esbuild ^0.20.0 -> ^0.20.1 age adoption passing confidence
pnpm (source) 8.15.1 -> 8.15.3 age adoption passing confidence
rollup (source) ^4.9.6 -> ^4.12.0 age adoption passing confidence
sass ^1.70.0 -> ^1.71.0 age adoption passing confidence
tsup (source) ^8.0.1 -> ^8.0.2 age adoption passing confidence
vite (source) ^5.0.12 -> ^5.1.3 age adoption passing confidence
vitest (source) 1.2.2 -> 1.3.0 age adoption passing confidence
vue (source) ^3.4.15 -> ^3.4.19 age adoption passing confidence
webpack ^5.90.1 -> ^5.90.3 age adoption passing confidence

Release Notes

swc-project/swc (@​swc/core)

v1.4.2

Compare Source

Bug Fixes
Features
Testing

v1.4.1

Compare Source

Bug Fixes
Features
Miscellaneous Tasks
Refactor
  • (bindings) Remove bindings for experimental packages (#​8600) (6c50ff1)
Testing
Build
sxzz/eslint-config (@​sxzz/eslint-config)

v3.8.0

Compare Source

   🚨 Breaking Changes
   🚀 Features
   🐞 Bug Fixes
    View changes on GitHub
vitejs/vite-plugin-vue (@​vitejs/plugin-vue)

v5.0.4

vitest-dev/vitest (@​vitest/ui)

v1.3.0

Compare Source

🚀 Features
🐞 Bug Fixes
View changes on GitHub
evanw/esbuild (esbuild)

v0.20.1

Compare Source

  • Fix a bug with the CSS nesting transform (#​3648)

    This release fixes a bug with the CSS nesting transform for older browsers where the generated CSS could be incorrect if a selector list contained a pseudo element followed by another selector. The bug was caused by incorrectly mutating the parent rule's selector list when filtering out pseudo elements for the child rules:

    /* Original code */
    .foo {
      &:after,
      & .bar {
        color: red;
      }
    }
    
    /* Old output (with --supported:nesting=false) */
    .foo .bar,
    .foo .bar {
      color: red;
    }
    
    /* New output (with --supported:nesting=false) */
    .foo:after,
    .foo .bar {
      color: red;
    }
  • Constant folding for JavaScript inequality operators (#​3645)

    This release introduces constant folding for the < > <= >= operators. The minifier will now replace these operators with true or false when both sides are compile-time numeric or string constants:

    // Original code
    console.log(1 < 2, '🍕' > '🧀')
    
    // Old output (with --minify)
    console.log(1<2,"🍕">"🧀");
    
    // New output (with --minify)
    console.log(!0,!1);
  • Better handling of __proto__ edge cases (#​3651)

    JavaScript object literal syntax contains a special case where a non-computed property with a key of __proto__ sets the prototype of the object. This does not apply to computed properties or to properties that use the shorthand property syntax introduced in ES6. Previously esbuild didn't correctly preserve the "sets the prototype" status of properties inside an object literal, meaning a property that sets the prototype could accidentally be transformed into one that doesn't and vice versa. This has now been fixed:

    // Original code
    function foo(__proto__) {
      return { __proto__: __proto__ } // Note: sets the prototype
    }
    function bar(__proto__, proto) {
      {
        let __proto__ = proto
        return { __proto__ } // Note: doesn't set the prototype
      }
    }
    
    // Old output
    function foo(__proto__) {
      return { __proto__ }; // Note: no longer sets the prototype (WRONG)
    }
    function bar(__proto__, proto) {
      {
        let __proto__2 = proto;
        return { __proto__: __proto__2 }; // Note: now sets the prototype (WRONG)
      }
    }
    
    // New output
    function foo(__proto__) {
      return { __proto__: __proto__ }; // Note: sets the prototype (correct)
    }
    function bar(__proto__, proto) {
      {
        let __proto__2 = proto;
        return { ["__proto__"]: __proto__2 }; // Note: doesn't set the prototype (correct)
      }
    }
  • Fix cross-platform non-determinism with CSS color space transformations (#​3650)

    The Go compiler takes advantage of "fused multiply and add" (FMA) instructions on certain processors which do the operation x*y + z without intermediate rounding. This causes esbuild's CSS color space math to differ on different processors (currently ppc64le and s390x), which breaks esbuild's guarantee of deterministic output. To avoid this, esbuild's color space math now inserts a float64() cast around every single math operation. This tells the Go compiler not to use the FMA optimization.

  • Fix a crash when resolving a path from a directory that doesn't exist (#​3634)

    This release fixes a regression where esbuild could crash when resolving an absolute path if the source directory for the path resolution operation doesn't exist. While this situation doesn't normally come up, it could come up when running esbuild concurrently with another operation that mutates the file system as esbuild is doing a build (such as using git to switch branches). The underlying problem was a regression that was introduced in version 0.18.0.

pnpm/pnpm (pnpm)

v8.15.3

Compare Source

Patch Changes

  • Remove vulnerable "ip" package from the dependencies #​7652.

Platinum Sponsors

Gold Sponsors

Our Silver Sponsors

v8.15.2

Compare Source

Patch Changes

  • When purging multiple node_modules directories, pnpm will no longer print multiple prompts simultaneously.
  • Don't print an unnecessary warning when adding new dependencies to a project that uses hoisted node_modules.
  • Linking globally the command of a package that has no name in package.json #​4761.
  • Installation should work with lockfile created by pnpm v9.0.0-alpha.4

Platinum Sponsors

Gold Sponsors

Our Silver Sponsors

rollup/rollup (rollup)

v4.12.0

Compare Source

2024-02-16

Features
  • Improve raw bundling performance by 10-15% when not using the cache or plugins that return an AST (#​5391)
Pull Requests

v4.11.0

Compare Source

2024-02-15

Features
  • Add output.reexportProtoFromExternal option to disable special code for handling __proto__ reexports (#​5380)
Bug Fixes
  • Ensure namespace reexport code can be parsed by cjs-module-lexer (#​5380)
  • Throw when trying to reassing const variables (#​5388)
Pull Requests

v4.10.0

Compare Source

2024-02-10

Features
  • Support base-36 and base-16 hashes again via new output.hashCharacters option (#​5371)
Bug Fixes
  • Do not crash process for panics in native code but throw them as JavaScript errors (#​5383)
Pull Requests

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

Copy link

stackblitz bot commented Feb 12, 2024

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

Copy link

socket-security bot commented Feb 12, 2024

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@swc/[email protected] environment, filesystem, shell +2 398 kB kdy1
npm/@sxzz/[email protected] Transitive: environment, eval, filesystem, shell, unsafe +270 76.8 MB sxzz
npm/@types/[email protected] None +1 4.07 MB types
npm/@vitejs/[email protected] environment Transitive: eval, filesystem, network, shell, unsafe +32 57.6 MB vitebot
npm/@vitest/[email protected] Transitive: environment, filesystem, network, shell, unsafe +88 17.8 MB vitestbot
npm/[email protected] environment, filesystem, network, shell 0 134 kB evanw
npm/[email protected] environment, filesystem +1 2.28 MB lukastaegert
npm/[email protected] filesystem Transitive: environment +16 6.35 MB sassbot
npm/[email protected] environment, eval, filesystem Transitive: network, shell, unsafe +109 42.1 MB egoist
npm/[email protected] Transitive: environment, filesystem, network, shell +9 10.4 MB antfu, patak, soda, ...2 more
npm/[email protected] Transitive: environment, filesystem, network, shell, unsafe +88 17.8 MB antfu, oreanno, patak, ...1 more
npm/[email protected] environment, eval Transitive: filesystem, unsafe +24 47.2 MB yyx990803
npm/[email protected] Transitive: environment, eval, filesystem, network, shell, unsafe +406 47.5 MB evilebottnawi, jhnns, sokra, ...1 more

🚮 Removed packages: npm/@swc/[email protected], npm/@sxzz/[email protected], npm/@vitejs/[email protected], npm/@vitest/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

@renovate renovate bot force-pushed the renovate/all-minor-patch branch 12 times, most recently from a9438cb to 9b9deac Compare February 19, 2024 07:39
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 9b9deac to 33bb4a3 Compare February 19, 2024 13:53
@sxzz sxzz merged commit 5b16246 into main Feb 19, 2024
3 checks passed
@sxzz sxzz deleted the renovate/all-minor-patch branch February 19, 2024 14:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant