chore(deps): bump the npm_and_yarn group across 1 directories with 32 updates #10

dependabot · 2024-02-03T06:47:04Z

Bumps the npm_and_yarn group with 32 updates in the /. directory:

Package	From	To
lodash	`4.17.15`	`4.17.21`
@babel/traverse	`7.7.4`	`7.23.9`
async	`2.6.3`	`2.6.4`
qs	`6.5.2`	`6.5.3`
browserify-sign	`4.0.4`	`4.2.2`
postcss	`7.0.26`	`8.4.33`
autoprefixer	`8.4.1`	`10.4.17`
css-loader	`0.28.11`	`6.10.0`
postcss-loader	`2.1.4`	`8.1.0`
decode-uri-component	`0.2.0`	`0.2.2`
ejs	`2.7.4`	``
webpack-bundle-analyzer	`3.6.0`	`4.10.1`
eventsource	`1.0.7`	`1.1.2`
follow-redirects	`1.9.0`	`1.15.5`
minimist	`1.2.0`	`1.2.8`
mkdirp	`0.5.1`	`0.5.6`
npm	`6.13.4`	`6.14.18`
loader-fs-cache	`1.0.2`	`1.0.3`
gonzales-pe	`4.2.4`	`4.3.0`
handlebars	`4.5.3`	`4.7.8`
svg-sprite	`1.5.0`	`1.5.4`
tar	`4.4.13`	`6.2.0`
node-sass	`4.13.0`	`9.0.0`
json5	`2.1.1`	`2.2.3`
json5	`1.0.1`	`2.2.3`
html-webpack-plugin	`3.2.0`	`5.6.0`
loader-utils	`1.2.3`	`1.4.2`
webpack-cli	`3.3.10`	`3.3.12`
jsdom	`11.12.0`	``
jest	`24.9.0`	`29.7.0`
request	`2.88.0`	``
@semantic-release/npm	`5.0.2`	`11.0.2`
semantic-release	`15.14.0`	`23.0.0`
svg-sprite	`1.5.4`	`2.0.2`

Updates lodash from 4.17.15 to 4.17.21

Commits

f299b52 Bump to v4.17.21
c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
3469357 Prevent command injection through _.template's variable option
ded9bc6 Bump to v4.17.20.
63150ef Documentation fixes.
00f0f62 test.js: Remove trailing comma.
846e434 Temporarily use a custom fork of lodash-cli.
5d046f3 Re-enable Travis tests on 4.17 branch.
aa816b3 Remove /npm-package.
d7fbc52 Bump to v4.17.19
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Updates @babel/traverse from 7.7.4 to 7.23.9

Release notes

Sourced from @babel/traverse's releases.

v7.23.9 (2024-01-25)

🐛 Bug Fix

babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env

#16225 fix: systemjs re-traverses helpers (@liuxingbaoyu)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16226 Improve decorated private method check (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env

#16224 Properly sort core-js@3 imports (@nicolo-ribaudo)

babel-traverse

#15383 fix: Don't throw in getTypeAnnotation when using TS+inference (@liuxingbaoyu)

Other

#16210 [eslint] Fix no-use-before-define for class ref in fields (@nicolo-ribaudo)

🏠 Internal

babel-core, babel-parser, babel-template

#16222 Migrate eslint-parser to cts (@liuxingbaoyu)

babel-types

#16213 Remove @babel/types props that are not produced by the parser (@liuxingbaoyu)

🏃‍♀️ Performance

babel-parser

#16072 perf: Improve parser performance for typescript (@liuxingbaoyu)

🔬 Output optimization

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env

#16218 Improve temporary variables for decorators (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#15959 Improve output of using (@liuxingbaoyu)

Committers: 4

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

@liuxingbaoyu

v7.23.8 (2024-01-08)

🐛 Bug Fix

babel-preset-env

#16181 fix: preset-env throws exception for export * as x (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-decorators

#16201 fix: decorator binds getter/setter to ctx.access for public fields (@liuxingbaoyu)

#16199 fix: Class decorator correctly passes return value (@liuxingbaoyu)

↩️ Revert

#16202 Revert "chore: Update artifact tools (#16184)" (@JLHwung)

🔬 Output optimization

babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-parameters, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.23.9 (2024-01-25)

🐛 Bug Fix

babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env

#16225 fix: systemjs re-traverses helpers (@liuxingbaoyu)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16226 Improve decorated private method check (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env

#16224 Properly sort core-js@3 imports (@nicolo-ribaudo)

babel-traverse

#15383 fix: Don't throw in getTypeAnnotation when using TS+inference (@liuxingbaoyu)

Other

#16210 [eslint] Fix no-use-before-define for class ref in fields (@nicolo-ribaudo)

🏠 Internal

babel-core, babel-parser, babel-template

#16222 Migrate eslint-parser to cts (@liuxingbaoyu)

babel-types

#16213 Remove @babel/types props that are not produced by the parser (@liuxingbaoyu)

🏃‍♀️ Performance

babel-parser

#16072 perf: Improve parser performance for typescript (@liuxingbaoyu)

🔬 Output optimization

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env

#16218 Improve temporary variables for decorators (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#15959 Improve output of using (@liuxingbaoyu)

v7.23.8 (2024-01-08)

🐛 Bug Fix

babel-preset-env

#16181 fix: preset-env throws exception for export * as x (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-decorators

#16201 fix: decorator binds getter/setter to ctx.access for public fields (@liuxingbaoyu)

#16199 fix: Class decorator correctly passes return value (@liuxingbaoyu)

↩️ Revert

#16202 Revert "chore: Update artifact tools (#16184)" (@JLHwung)

🔬 Output optimization

babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-parameters, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16194 Improve output of super() (@liuxingbaoyu)

v7.23.7 (2023-12-29)

🐛 Bug Fix

babel-traverse

#16191 fix: Crash when removing without Program (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-decorators

... (truncated)

Commits

a0dd614 v7.23.9
1200542 fix: Don't throw in getTypeAnnotation when using TS+inference (#15383)
e428a6d v7.23.7
d292822 fix: Crash when removing without Program (#16191)
d02c1f7 v7.23.6
cce807f Bump debug to ^4.3.1 (#16164)
8479012 v7.23.5
da7dc40 Do not remove bindings when removing assignment expression path (#16131)
fadc081 fix: Unexpected duplication of comments (#16110)
13a5c83 v7.23.4
Additional commits viewable in compare view

Updates async from 2.6.3 to 2.6.4

Changelog

Sourced from async's changelog.

v2.6.4

Fix potential prototype pollution exploit (#1828)

Commits

c6bdaca Version 2.6.4
8870da9 Update built files
4df6754 update changelog
8f7f903 Fix prototype pollution vulnerability (#1828)
See full diff in compare view

Maintainer changes

This version was pushed to npm by hargasinski, a new releaser for async since your current version.

Updates qs from 6.5.2 to 6.5.3

Changelog

Sourced from qs's changelog.

6.5.3

[Fix] parse: ignore __proto__ keys (#428)

[Fix] utils.merge: avoid a crash with a null target and a truthy non-array source

[Fix] correctly parse nested arrays

[Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)

[Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided

[Fix] when parseArrays is false, properly handle keys ending in []

[Fix] fix for an impossible situation: when the formatter is called with a non-string value

[Fix] utils.merge: avoid a crash with a null target and an array source

[Refactor] utils: reduce observable [[Get]]s

[Refactor] use cached Array.isArray

[Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)

[Refactor] parse: only need to reassign the var once

[Robustness] stringify: avoid relying on a global undefined (#427)

[readme] remove travis badge; add github actions/codecov badges; update URLs

[Docs] Clean up license text so it’s properly detected as BSD-3-Clause

[Docs] Clarify the need for "arrayLimit" option

[meta] fix README.md (#399)

[meta] add FUNDING.yml

[actions] backport actions from main

[Tests] always use String(x) over x.toString()

[Tests] remove nonexistent tape option

[Dev Deps] backport from main

Commits

298bfa5 v6.5.3
ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
12ac1c4 [meta] fix README.md (#399)
0338716 [actions] backport actions from main
5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
51b8a0b add FUNDING.yml
45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
f814a7f [Dev Deps] backport from main
Additional commits viewable in compare view

Updates browserify-sign from 4.0.4 to 4.2.2

Changelog

Sourced from browserify-sign's changelog.

v4.2.2 - 2023-10-25

Fixed

[Tests] log when openssl doesn't support cipher [#37](https://github.com/crypto-browserify/browserify-sign/issues/37)

Commits

Only apps should have lockfiles 09a8995

[eslint] switch to eslint 83fe463

[meta] add npmignore and auto-changelog 4418183

[meta] fix package.json indentation 9ac5a5e

[Tests] migrate from travis to github actions d845d85

[Fix] sign: throw on unsupported padding scheme 8767739

[Fix] properly check the upper bound for DSA signatures 85994cd

[Tests] handle openSSL not supporting a scheme f5f17c2

[Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb

[Dev Deps] update nyc, standard, tape cc5350b

[Tests] always run coverage; downgrade nyc 75ce1d5

[meta] add safe-publish-latest dcf49ce

[Tests] add npm run posttest 75dd8fd

[Dev Deps] update tape 3aec038

[Tests] skip unsupported schemes 703c83e

[Tests] node < 6 lacks array includes 3aa43cf

[Dev Deps] fix eslint range 98d4e0d

v4.2.1 - 2020-08-04

Merged

bump elliptic [#58](https://github.com/crypto-browserify/browserify-sign/issues/58)

v4.2.0 - 2020-05-18

Merged

switch to safe buffer [#53](https://github.com/crypto-browserify/browserify-sign/issues/53)

v4.1.0 - 2020-05-05

Merged

update deps, modernise usage, use readable-stream [#49](https://github.com/crypto-browserify/browserify-sign/issues/49)

Commits

4af5a90 v4.2.2
3aec038 [Dev Deps] update tape
85994cd [Fix] properly check the upper bound for DSA signatures
9ac5a5e [meta] fix package.json indentation
dcf49ce [meta] add safe-publish-latest
4418183 [meta] add npmignore and auto-changelog
8767739 [Fix] sign: throw on unsupported padding scheme
5f6fb17 [Tests] log when openssl doesn't support cipher
f5f17c2 [Tests] handle openSSL not supporting a scheme
d845d85 [Tests] migrate from travis to github actions
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.

Updates postcss from 7.0.26 to 8.4.33

Release notes

Sourced from postcss's releases.

8.4.33

Fixed NoWorkResult behavior difference with normal mode (by @romainmenke).

Fixed NoWorkResult usage conditions (by @ahmdammarr).

8.4.32

Fixed postcss().process() types (by @ferreira-tb).

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by @romainmenke).

8.4.29

Fixed Node#source.offset (by @idoros).

Fixed docs (by @coliff).

8.4.28

Fixed Root.source.end for better source map (by @romainmenke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by @romainmenke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

8.4.23

Fixed warnings in TypeDoc.

8.4.22

Fixed TypeScript support with node16 (by @remcohaszing).

8.4.21

Fixed Input#error types (by @hudochenkov).

8.4.20

Fixed source map generation for childless at-rules like @layer.

8.4.19

Fixed whitespace preserving after AST transformations (by @romainmenke).

8.4.18

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.33

Fixed NoWorkResult behavior difference with normal mode (by Romain Menke).

Fixed NoWorkResult usage conditions (by @ahmdammarr).

8.4.32

Fixed postcss().process() types (by Andrew Ferreira).

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by Romain Menke).

8.4.29

Fixed Node#source.offset (by Ido Rosenthal).

Fixed docs (by Christian Oliff).

8.4.28

Fixed Root.source.end for better source map (by Romain Menke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by Romain Menke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

8.4.23

Fixed warnings in TypeDoc.

8.4.22

Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

Fixed Input#error types (by Aleks Hudochenkov).

8.4.20

Fixed source map generation for childless at-rules like @layer.

8.4.19

Fixed whitespace preserving after AST transformations (by Romain Menke).

8.4.18

... (truncated)

Commits

ae57d83 Release 8.4.33 version
2e9d029 Update dependencies
892b269 Update size limit for new metric on brotli
f2e7a9f Merge pull request #1908 from ahmdammarr/refactor/safe-check-for-NoWorkResult
c751e11 Merge pull request #1909 from romainmenke/no-work-result-vs-lazy-result--inve...
3c2fa2a fix
a4626e9 failing test
c37346d refactor: check all falsy conditions of plugins and opts before returning NoW...
a0d9f10 Release 8.4.32 version
0146b3e Add Node.js 21 to CI
Additional commits viewable in compare view

Updates autoprefixer from 8.4.1 to 10.4.17

Release notes

Sourced from autoprefixer's releases.

10.4.17

Fixed user-select: contain prefixes.

10.4.16

Improved performance (by @romainmenke).

Fixed docs (by @coliff).

10.4.15

Fixed ::backdrop prefixes (by @yisibl).

Fixed docs (by @coliff).

10.4.14

Improved startup time and reduced JS bundle size (by @Knagis).

10.4.13

Fixed missed prefixes on vendor prefixes in name of CSS Custom Property.

10.4.12

Fixed support of unit-less zero angle in backgrounds (by @yisibl).

10.4.11

Fixed text-decoration prefixes by moving to MDN data (by @romainmenke).

10.4.10

Fixed unicode-bidi prefixes by moving to MDN data.

10.4.9

Fixed css-unicode-bidi issue from latest Can I Use.

10.4.8

Do not print color-adjust warning if print-color-adjust also is in rule.

10.4.7

Fixed print-color-adjust support in Firefox.

10.4.6

Fixed print-color-adjust support.

10.4.5

Fixed NaN in grid (by @SukkaW).

10.4.4

Fixed package.funding to have same value between all PostCSS packages.

10.4.3

Fixed package.funding (by @mondeja).

10.4.2

Fixed missed -webkit- prefix for width: stretch.

... (truncated)

Changelog

Sourced from autoprefixer's changelog.

10.4.17

Fixed user-select: contain prefixes.

10.4.16

Improved performance (by Romain Menke).

Fixed docs (by Christian Oliff).

10.4.15

Fixed ::backdrop prefixes (by 一丝).

Fixed docs (by Christian Oliff).

10.4.14

Improved startup time and reduced JS bundle size (by Kārlis Gaņģis).

10.4.13

Fixed missed prefixes on vendor prefixes in name of CSS Custom Property.

10.4.12

Fixed support of unit-less zero angle in backgrounds (by 一丝).

10.4.11

Fixed text-decoration prefixes by moving to MDN data (by Romain Menke).

10.4.10

Fixed unicode-bidi prefixes by moving to MDN data.

10.4.9

Fixed css-unicode-bidi issue from latest Can I Use.

10.4.8

Do not print color-adjust warning if print-color-adjust also is in rule.

10.4.7

Fixed print-color-adjust support in Firefox.

10.4.6

Fixed print-color-adjust support.

10.4.5

Fixed NaN in grid (by @SukkaW).

10.4.4

Fixed package.funding to have same value between all PostCSS packages.

10.4.3

Fixed package.funding (by Álvaro Mondéjar).

10.4.2

Fixed missed -webkit- prefix for width: stretch.

... (truncated)

Commits

46cd2cc Release 10.4.17 version
2738f72 Update dependencies
b0a4007 Fix user-select: contain
1db31f0 Update dependencies
026083c Release 10.4.16 version
4cda7ae Update dependencies
7a49d6a Update CI
a87f4cd improve performance (#1500)
0d6496e Update dependencies
d9064cb Remove deprecated browsers from README (#1499)
Additional commits viewable in compare view

Updates css-loader from 0.28.11 to 6.10.0

Release notes

Sourced from css-loader's releases.

v6.10.0

6.10.0 (2024-01-30)

Features

add @rspack/core as an optional peer dependency (#1568) (3924679)

pass the resourceQuery and resourceFragment to the auto and mode callback (#1569) (d641c4d)

support named exports with any characters (6f43929)

v6.9.1

6.9.1 (2024-01-18)

Bug Fixes

css nesting support

@scope at-rule support

v6.9.0

6.9.0 (2024-01-09)

Features

updated generateExportEntry to expose node details (#1556) (05002f3)

Bug Fixes

css experiment detection (#1559) (f2cfe30)

v6.8.1

6.8.1 (2023-05-28)

Bug Fixes

use cause for original errors and warnings (#1526) (ae3d8ae)

v6.8.0

6.8.0 (2023-05-27)

Features

use template literal when it possible to prevent Maximum call stack size exceeded (#1525) (6eb5661)

Bug Fixes

... (truncated)

Changelog

Sourced from css-loader's changelog.

6.10.0 (2024-01-30)

Features

add @rspack/core as an optional peer dependency (#1568) (3924679)

pass the resourceQuery and resourceFragment to the auto and mode callback (#1569) (d641c4d)

support named exports with any characters (6f43929)

6.9.1 (2024-01-18)

Bug Fixes

css nesting support

@scope at-rule support

6.9.0 (2024-01-09)

Features

updated generateExportEntry to expose node details (#1556) (05002f3)

Bug Fixes

css experiment detection (#1559) (f2cfe30)

6.8.1 (2023-05-28)

Bug Fixes

use cause for original errors and warnings (#1526) (ae3d8ae)

6.8.0 (2023-05-27)

Features

use template literal when it possible to prevent Maximum call stack size exceeded (#1525) (6eb5661)

Bug Fixes

warning and error serialization (#1523) (3e52969)

6.7.4 (2023-05-19)

... (truncated)

Commits

7bbb57c chore(release): 6.10.0
d641c4d feat: pass the resourceQuery and resourceFragment to the auto and `mode...
3924679 feat: add @rspack/core as an optional peer dependency (#1568)
6f43929 feat: support named exports with any characters
f9192ee chore(release): 6.9.1
6515be0 fix: css nesting support and @scope at-rule
0751f7a docs: update (#1562)
2d17551 chore(release): 6.9.0
e38116f chore: update dependencies to latest version (#1561)
d09ff73 test: getLocalIdent and node type (#1560)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for css-loader since your current version.

Updates postcss-loader from 2.1.4 to 8.1.0

Release notes

Sourced from postcss-loader's releases.

v8.1.0

8.1.0 (2024-01-30)

Features

add @rspack/core as an optional peer dependency (#679) (512e4c3)

v8.0.0

8.0.0 (2024-01-16)

⚠ BREAKING CHANGES

minimum supported Node.js version is 18.12.0 (#677) (8dd0315)

v7.3.4

7.3.4 (2023-12-27)

Bug Fixes

do not crash if pkg.(d|devD)ependencies unset (#667) (8ef0c7e)

v7.3.3

7.3.3 (2023-06-10)

Bug Fixes

perf: avoid using klona for postcss options (#658) (e754c3f)

bug with loading configurations after updating cosmiconfig to version 8.2 (684d265)

v7.3.2

7.3.2 (2023-05-28)

Bug Fixes

use cause to keep original errors and warnings (#655) (e8873f4)

v7.3.1

7.3.1 (2023-05-26)

Bug Fixes

warning and error serialization (65748ec)

v7.3.0

... (truncated)

Changelog

Sourced from postcss-loader's changelog.

8.1.0 (2024-01-30)

Features

add @rspack/core as an optional peer dependency (#679) (512e4c3)

8.0.0 (2024-01-16)

⚠ BREAKING CHANGES

minimum supported Node.js version is 18.12.0 (#677) (8dd0315)

7.3.4 (2023-12-27)

Bug Fixes

do not crash if pkg.(d|devD)ependencies unset (#667) (8ef0c7e)

7.3.3 (2023-06-10)

Bug Fixes

perf: avoid using klona for postcss options (#658) (e754c3f)

bug with loading configurations after updating cosmiconfig to version 8.2 (684d265)

7.3.2 (2023-05-28)

Bug Fixes

use cause to keep original errors and warnings (#655) (e8873f4)

7.3.1 (2023-05-26)

Bug Fixes

warning and error serialization (65748ec)

7.3.0 (2023-04-28)

Features

use jiti for typescript configurations (#649) (8b876fa)

... (truncated)

Commits

df307b5 chore(release): 8.1.0
512e4c3 feat: add @rspack/core as an optional peer dependency (#679)
d53fe9d chore(release): 8.0.0
8dd0315 chore!: minimum supported Node.js version is 18.12.0 (#677)
754c4a5 chore(release): 7.3.4
8ef0c7e fix: do not crash if pkg.(d|devD)ependencies unset (#667)
84f16be chore: update github action/setup-node (#675)
d6a0768 chore(deps-dev): bump @babel/traverse from 7.22.17 to 7.23.2 (#674)
fdf99fd chore: upgrade dependencies to the latest version (#671)
c05b3bf chore: update github actions/checkout (#665)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for postcss-loader since your current version.

Updates decode-uri-component from 0.2.0 to 0.2.2

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

Prevent overwriting previously decoded tokens 980e0bf

SamVerschueren/decode-uri-component@v0.2.1...v0.2.2

v0.2.1

Switch to GitHub workflows 76abc93

Fix issue where decode throws - fixes #6 746ca5...
Description has been truncated

… updates Bumps the npm_and_yarn group with 32 updates in the /. directory: | Package | From | To | | --- | --- | --- | | [lodash](https://github.com/lodash/lodash) | `4.17.15` | `4.17.21` | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.7.4` | `7.23.9` | | [async](https://github.com/caolan/async) | `2.6.3` | `2.6.4` | | [qs](https://github.com/ljharb/qs) | `6.5.2` | `6.5.3` | | [browserify-sign](https://github.com/crypto-browserify/browserify-sign) | `4.0.4` | `4.2.2` | | [postcss](https://github.com/postcss/postcss) | `7.0.26` | `8.4.33` | | [autoprefixer](https://github.com/postcss/autoprefixer) | `8.4.1` | `10.4.17` | | [css-loader](https://github.com/webpack-contrib/css-loader) | `0.28.11` | `6.10.0` | | [postcss-loader](https://github.com/webpack-contrib/postcss-loader) | `2.1.4` | `8.1.0` | | [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) | `0.2.0` | `0.2.2` | | [ejs](https://github.com/mde/ejs) | `2.7.4` | `` | | [webpack-bundle-analyzer](https://github.com/webpack-contrib/webpack-bundle-analyzer) | `3.6.0` | `4.10.1` | | [eventsource](https://github.com/EventSource/eventsource) | `1.0.7` | `1.1.2` | | [follow-redirects](https://github.com/follow-redirects/follow-redirects) | `1.9.0` | `1.15.5` | | [minimist](https://github.com/minimistjs/minimist) | `1.2.0` | `1.2.8` | | [mkdirp](https://github.com/isaacs/node-mkdirp) | `0.5.1` | `0.5.6` | | [npm](https://github.com/npm/cli) | `6.13.4` | `6.14.18` | | [loader-fs-cache](https://github.com/viankakrisna/loader-fs-cache) | `1.0.2` | `1.0.3` | | [gonzales-pe](https://github.com/tonyganch/gonzales-pe) | `4.2.4` | `4.3.0` | | [handlebars](https://github.com/handlebars-lang/handlebars.js) | `4.5.3` | `4.7.8` | | [svg-sprite](https://github.com/svg-sprite/svg-sprite) | `1.5.0` | `1.5.4` | | [tar](https://github.com/isaacs/node-tar) | `4.4.13` | `6.2.0` | | [node-sass](https://github.com/sass/node-sass) | `4.13.0` | `9.0.0` | | [json5](https://github.com/json5/json5) | `2.1.1` | `2.2.3` | | [json5](https://github.com/json5/json5) | `1.0.1` | `2.2.3` | | [html-webpack-plugin](https://github.com/jantimon/html-webpack-plugin) | `3.2.0` | `5.6.0` | | [loader-utils](https://github.com/webpack/loader-utils) | `1.2.3` | `1.4.2` | | [webpack-cli](https://github.com/webpack/webpack-cli) | `3.3.10` | `3.3.12` | | [jsdom](https://github.com/jsdom/jsdom) | `11.12.0` | `` | | [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) | `24.9.0` | `29.7.0` | | [request](https://github.com/request/request) | `2.88.0` | `` | | [@semantic-release/npm](https://github.com/semantic-release/npm) | `5.0.2` | `11.0.2` | | [semantic-release](https://github.com/semantic-release/semantic-release) | `15.14.0` | `23.0.0` | | [svg-sprite](https://github.com/svg-sprite/svg-sprite) | `1.5.4` | `2.0.2` | Updates `lodash` from 4.17.15 to 4.17.21 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.15...4.17.21) Updates `@babel/traverse` from 7.7.4 to 7.23.9 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.9/packages/babel-traverse) Updates `async` from 2.6.3 to 2.6.4 - [Release notes](https://github.com/caolan/async/releases) - [Changelog](https://github.com/caolan/async/blob/v2.6.4/CHANGELOG.md) - [Commits](caolan/async@v2.6.3...v2.6.4) Updates `qs` from 6.5.2 to 6.5.3 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.5.2...v6.5.3) Updates `browserify-sign` from 4.0.4 to 4.2.2 - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.0.4...v4.2.2) Updates `postcss` from 7.0.26 to 8.4.33 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@7.0.26...8.4.33) Updates `autoprefixer` from 8.4.1 to 10.4.17 - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](postcss/autoprefixer@8.4.1...10.4.17) Updates `css-loader` from 0.28.11 to 6.10.0 - [Release notes](https://github.com/webpack-contrib/css-loader/releases) - [Changelog](https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md) - [Commits](webpack-contrib/css-loader@v0.28.11...v6.10.0) Updates `postcss-loader` from 2.1.4 to 8.1.0 - [Release notes](https://github.com/webpack-contrib/postcss-loader/releases) - [Changelog](https://github.com/webpack-contrib/postcss-loader/blob/master/CHANGELOG.md) - [Commits](webpack-contrib/postcss-loader@v2.1.4...v8.1.0) Updates `decode-uri-component` from 0.2.0 to 0.2.2 - [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases) - [Commits](SamVerschueren/decode-uri-component@v0.2.0...v0.2.2) Removes `ejs` Updates `webpack-bundle-analyzer` from 3.6.0 to 4.10.1 - [Release notes](https://github.com/webpack-contrib/webpack-bundle-analyzer/releases) - [Changelog](https://github.com/webpack-contrib/webpack-bundle-analyzer/blob/master/CHANGELOG.md) - [Commits](webpack-contrib/webpack-bundle-analyzer@v3.6.0...v4.10.1) Updates `eventsource` from 1.0.7 to 1.1.2 - [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md) - [Commits](EventSource/eventsource@v1.0.7...v1.1.2) Updates `follow-redirects` from 1.9.0 to 1.15.5 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.9.0...v1.15.5) Updates `minimist` from 1.2.0 to 1.2.8 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.0...v1.2.8) Updates `mkdirp` from 0.5.1 to 0.5.6 - [Changelog](https://github.com/isaacs/node-mkdirp/blob/main/CHANGELOG.md) - [Commits](isaacs/node-mkdirp@0.5.1...v0.5.6) Updates `npm` from 6.13.4 to 6.14.18 - [Release notes](https://github.com/npm/cli/releases) - [Changelog](https://github.com/npm/cli/blob/v6.14.18/CHANGELOG.md) - [Commits](npm/cli@v6.13.4...v6.14.18) Updates `loader-fs-cache` from 1.0.2 to 1.0.3 - [Commits](https://github.com/viankakrisna/loader-fs-cache/commits) Updates `gonzales-pe` from 4.2.4 to 4.3.0 - [Release notes](https://github.com/tonyganch/gonzales-pe/releases) - [Changelog](https://github.com/tonyganch/gonzales-pe/blob/dev/CHANGELOG.md) - [Commits](https://github.com/tonyganch/gonzales-pe/commits) Updates `handlebars` from 4.5.3 to 4.7.8 - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.8/release-notes.md) - [Commits](handlebars-lang/handlebars.js@v4.5.3...v4.7.8) Updates `svg-sprite` from 1.5.0 to 1.5.4 - [Release notes](https://github.com/svg-sprite/svg-sprite/releases) - [Changelog](https://github.com/svg-sprite/svg-sprite/blob/main/CHANGELOG.md) - [Commits](svg-sprite/svg-sprite@v1.5.0...v1.5.4) Updates `tar` from 4.4.13 to 6.2.0 - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v4.4.13...v6.2.0) Updates `node-sass` from 4.13.0 to 9.0.0 - [Release notes](https://github.com/sass/node-sass/releases) - [Changelog](https://github.com/sass/node-sass/blob/master/CHANGELOG.md) - [Commits](sass/node-sass@v4.13.0...v9.0.0) Updates `json5` from 2.1.1 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.1.1...v2.2.3) Updates `json5` from 1.0.1 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.1.1...v2.2.3) Updates `html-webpack-plugin` from 3.2.0 to 5.6.0 - [Release notes](https://github.com/jantimon/html-webpack-plugin/releases) - [Changelog](https://github.com/jantimon/html-webpack-plugin/blob/main/CHANGELOG.md) - [Commits](jantimon/html-webpack-plugin@v3.2.0...v5.6.0) Updates `loader-utils` from 1.2.3 to 1.4.2 - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md) - [Commits](webpack/loader-utils@v1.2.3...v1.4.2) Updates `webpack-cli` from 3.3.10 to 3.3.12 - [Release notes](https://github.com/webpack/webpack-cli/releases) - [Changelog](https://github.com/webpack/webpack-cli/blob/master/CHANGELOG.md) - [Commits](webpack/webpack-cli@v3.3.10...v3.3.12) Removes `jsdom` Updates `jest` from 24.9.0 to 29.7.0 - [Release notes](https://github.com/jestjs/jest/releases) - [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jestjs/jest/commits/v29.7.0/packages/jest) Removes `request` Updates `@semantic-release/npm` from 5.0.2 to 11.0.2 - [Release notes](https://github.com/semantic-release/npm/releases) - [Commits](semantic-release/npm@v5.0.2...v11.0.2) Updates `semantic-release` from 15.14.0 to 23.0.0 - [Release notes](https://github.com/semantic-release/semantic-release/releases) - [Commits](semantic-release/semantic-release@v15.14.0...v23.0.0) Updates `svg-sprite` from 1.5.4 to 2.0.2 - [Release notes](https://github.com/svg-sprite/svg-sprite/releases) - [Changelog](https://github.com/svg-sprite/svg-sprite/blob/main/CHANGELOG.md) - [Commits](svg-sprite/svg-sprite@v1.5.0...v1.5.4) --- updated-dependencies: - dependency-name: lodash dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: async dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: qs dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: browserify-sign dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: autoprefixer dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: css-loader dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: postcss-loader dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: decode-uri-component dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: ejs dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: webpack-bundle-analyzer dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: eventsource dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: follow-redirects dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: minimist dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: mkdirp dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: npm dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: loader-fs-cache dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: gonzales-pe dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: handlebars dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: svg-sprite dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: tar dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: node-sass dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: html-webpack-plugin dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: loader-utils dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: webpack-cli dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: jsdom dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: jest dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: request dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: "@semantic-release/npm" dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: semantic-release dependency-type: direct:development dependency-group: npm_and_yarn-security-group - dependency-name: svg-sprite dependency-type: direct:development dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Feb 3, 2024

dependabot bot mentioned this pull request Feb 3, 2024

chore(deps): bump the npm_and_yarn group across 1 directories with 31 updates #9

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the npm_and_yarn group across 1 directories with 32 updates #10

chore(deps): bump the npm_and_yarn group across 1 directories with 32 updates #10

dependabot bot commented on behalf of github Feb 3, 2024

chore(deps): bump the npm_and_yarn group across 1 directories with 32 updates #10

Are you sure you want to change the base?

chore(deps): bump the npm_and_yarn group across 1 directories with 32 updates #10

Conversation

dependabot bot commented on behalf of github Feb 3, 2024

v7.23.9 (2024-01-25)

🐛 Bug Fix

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

Committers: 4

v7.23.8 (2024-01-08)

🐛 Bug Fix

↩️ Revert

🔬 Output optimization

v7.23.9 (2024-01-25)

🐛 Bug Fix

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

v7.23.8 (2024-01-08)

🐛 Bug Fix

↩️ Revert

🔬 Output optimization

v7.23.7 (2023-12-29)

🐛 Bug Fix

v2.6.4

6.5.3

v4.2.2 - 2023-10-25

Fixed

Commits

v4.2.1 - 2020-08-04

Merged

v4.2.0 - 2020-05-18

Merged

v4.1.0 - 2020-05-05

Merged

8.4.33

8.4.32

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

8.4.23

8.4.22

8.4.21

8.4.20

8.4.19

8.4.18

8.4.33

8.4.32

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

8.4.23

8.4.22

8.4.21

8.4.20

8.4.19

8.4.18

10.4.17

10.4.16

10.4.15

10.4.14

10.4.13

10.4.12

10.4.11

10.4.10

10.4.9

10.4.8

10.4.7