Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update all non-major dependencies #14635

Merged
merged 2 commits into from
Oct 16, 2023
Merged

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 16, 2023

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence Type Update
@babel/core (source) ^7.23.0 -> ^7.23.2 age adoption passing confidence dependencies patch
@babel/preset-env (source) ^7.22.20 -> ^7.23.2 age adoption passing confidence dependencies minor
@babel/runtime (source) ^7.23.1 -> ^7.23.2 age adoption passing confidence dependencies patch
@preact/preset-vite ^2.5.0 -> ^2.6.0 age adoption passing confidence devDependencies minor
@rollup/plugin-commonjs (source) ^25.0.5 -> ^25.0.7 age adoption passing confidence devDependencies patch
@rollup/plugin-dynamic-import-vars (source) ^2.0.6 -> ^2.0.7 age adoption passing confidence devDependencies patch
@types/node (source) ^18.18.4 -> ^18.18.5 age adoption passing confidence devDependencies patch
@types/prompts (source) ^2.4.5 -> ^2.4.6 age adoption passing confidence devDependencies patch
@types/react (source) ^18.2.25 -> ^18.2.28 age adoption passing confidence devDependencies patch
@types/react-dom (source) ^18.2.11 -> ^18.2.13 age adoption passing confidence devDependencies patch
@types/ws (source) ^8.5.6 -> ^8.5.7 age adoption passing confidence devDependencies patch
@typescript-eslint/eslint-plugin ^6.7.4 -> ^6.7.5 age adoption passing confidence devDependencies patch
@typescript-eslint/parser ^6.7.4 -> ^6.7.5 age adoption passing confidence devDependencies patch
eslint-plugin-n ^16.1.0 -> ^16.2.0 age adoption passing confidence devDependencies minor
magic-string ^0.30.4 -> ^0.30.5 age adoption passing confidence devDependencies patch
magic-string ^0.30.4 -> ^0.30.5 age adoption passing confidence dependencies patch
miniflare (source) ^3.20231002.1 -> ^3.20231010.0 age adoption passing confidence devDependencies minor
phoenix ^1.7.7 -> ^1.7.9 age adoption passing confidence dependencies patch
playwright-chromium (source) ^1.38.1 -> ^1.39.0 age adoption passing confidence devDependencies minor
pnpm (source) 8.8.0 -> 8.9.2 age adoption passing confidence packageManager minor
rollup-plugin-license ^3.1.0 -> ^3.2.0 age adoption passing confidence devDependencies minor
sass ^1.69.0 -> ^1.69.3 age adoption passing confidence devDependencies patch
solid-js (source) ^1.7.12 -> ^1.8.1 age adoption passing confidence dependencies minor
tj-actions/changed-files v39.2.1 -> v39.2.2 age adoption passing confidence action patch
vite (source) ^5.0.0-beta.4 -> ^5.0.0-beta.7 age adoption passing confidence devDependencies patch
vite-plugin-solid ^2.7.0 -> ^2.7.1 age adoption passing confidence devDependencies patch
vitepress (source) 1.0.0-rc.20 -> 1.0.0-rc.22 age adoption passing confidence devDependencies patch
vue-tsc ^1.8.18 -> ^1.8.19 age adoption passing confidence devDependencies patch

Release Notes

babel/babel (@​babel/core)

v7.23.2

Compare Source

🐛 Bug Fix
  • babel-traverse
  • babel-preset-typescript
  • babel-helpers
  • babel-helpers, babel-plugin-transform-modules-commonjs, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
preactjs/preset-vite (@​preact/preset-vite)

v2.6.0

Compare Source

Features
  • Allow JSX Import Source to be overwritten #​47
  • Allow users to opt out of compat aliases #​79
Fixes
  • Move types export condition first #​81
  • upgrade dependencies and add new stage 3 explicitResourceManagement #​82
rollup/plugins (@​rollup/plugin-commonjs)

v25.0.7

Compare Source

2023-10-15

Bugfixes
  • fix: bump magic-string version #​1596

v25.0.6

Compare Source

2023-10-15

Bugfixes
  • fix: Keep the shebang at the top of the file content #​1610
rollup/plugins (@​rollup/plugin-dynamic-import-vars)

v2.0.7

Compare Source

2023-10-15

Bugfixes
  • fix: bump magic-string version #​1596
typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v6.7.5

Compare Source

Bug Fixes
  • eslint-plugin: [prefer-string-starts-ends-with] only report slice/substring with correct range (#​7712) (db40a0a)

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v6.7.5

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

You can read about our versioning strategy and releases on our website.

eslint-community/eslint-plugin-n (eslint-plugin-n)

v16.2.0

Compare Source

Features

  • feat: detect non-member expressions in n/no-sync (#​127) (6d02512)

Bugfixes

  • fix: Normalise package.json#files before checking ignores and whitelist (#​123) (fixes #​122) (2d43f48)

Docs & Chores

rich-harris/magic-string (magic-string)

v0.30.5

Compare Source

Bug Fixes
cloudflare/miniflare (miniflare)

v3.20231010.0

Compare Source

phoenixframework/phoenix (phoenix)

v1.7.9

Compare Source

Bug fixes
  • [Phoenix.CodeReloader] - Fix error in code reloader causing compilation errors
  • [phx.new] – fix LiveView debug heex configuration being generated when --no-html pas passed

v1.7.8

Compare Source

Bug fixes
  • [Phoenix.ChannelTest] Stringify lists when pushing data
  • [Phoenix.Controller] Fix filename when sending downloads with non-ascii names
  • [Phoenix.CodeReloader] Remove duplicate warnings on recent Elixir versions
  • [Phoenix.CodeReloader] Do not crash code reloader if file information is missing from diagnostic
  • [Phoenix.Logger] Do not crash when status is atom
  • [phx.gen.release] Fix mix phx.gen.release --docker failing with :http_util error on Elixir v1.15
  • [phx.gen.*] Skip map inputs in generated forms as there is no trivial matching input
  • [phx.new] Fix tailwind/esbuild config and paths in umbrella projects
  • [phx.new] Do not render th for actions if actions are empty
Enhancements
  • [Phoenix] Allow latest plug_crypto
  • [Phoenix.Endpoint] Support dynamic socket drainer configuration
  • [Phoenix.Logger] Change socket serializer/version logs to warning
  • [Phoenix.VerifiedRoutes] Add support for static resources with fragments in ~p
  • [phx.gen.schema] Support --repo and --migration-dir flags
  • [phx.new] Allow <.input type="checkbox"> without value attr in core components
  • [phx.new] Allow UTC datetimes in the generators
  • [phx.new] Automatically migrate when release starts when using sqlite 3
  • [phx.new] Allow ID to be assigned in flash component
  • [phx.new] Add --adapter flag for generating application with bandit
  • [phx.new] Include DNSCluster for simple clustering
  • [phx.routes] Support --method option
microsoft/playwright (playwright-chromium)

v1.39.0

Compare Source

Add custom matchers to your expect

You can extend Playwright assertions by providing custom matchers. These matchers will be available on the expect object.

import { expect as baseExpect } from '@&#8203;playwright/test';
export const expect = baseExpect.extend({
  async toHaveAmount(locator: Locator, expected: number, options?: { timeout?: number }) {
    // ... see documentation for how to write matchers.
  },
});

test('pass', async ({ page }) => {
  await expect(page.getByTestId('cart')).toHaveAmount(5);
});

See the documentation for a full example.

Merge test fixtures

You can now merge test fixtures from multiple files or modules:

import { mergeTests } from '@&#8203;playwright/test';
import { test as dbTest } from 'database-test-utils';
import { test as a11yTest } from 'a11y-test-utils';

export const test = mergeTests(dbTest, a11yTest);
import { test } from './fixtures';

test('passes', async ({ database, page, a11y }) => {
  // use database and a11y fixtures.
});

Merge custom expect matchers

You can now merge custom expect matchers from multiple files or modules:

import { mergeTests, mergeExpects } from '@&#8203;playwright/test';
import { test as dbTest, expect as dbExpect } from 'database-test-utils';
import { test as a11yTest, expect as a11yExpect } from 'a11y-test-utils';

export const test = mergeTests(dbTest, a11yTest);
export const expect = mergeExpects(dbExpect, a11yExpect);
import { test, expect } from './fixtures';

test('passes', async ({ page, database }) => {
  await expect(database).toHaveDatabaseUser('admin');
  await expect(page).toPassA11yAudit();
});

Hide implementation details: box test steps

You can mark a test.step() as "boxed" so that errors inside it point to the step call site.

async function login(page) {
  await test.step('login', async () => {
    // ...
  }, { box: true });  // Note the "box" option here.
}
Error: Timed out 5000ms waiting for expect(locator).toBeVisible()
  ... error details omitted ...

  14 |   await page.goto('https://github.com/login');
> 15 |   await login(page);
     |         ^
  16 | });

See test.step() documentation for a full example.

New APIs

Browser Versions

  • Chromium 119.0.6045.9
  • Mozilla Firefox 118.0.1
  • WebKit 17.4

This version was also tested against the following stable channels:

  • Google Chrome 118
  • Microsoft Edge 118
pnpm/pnpm (pnpm)

v8.9.2

Compare Source

Patch Changes

  • Don't use reflink on Windows #​7186.
  • Do not run node-gyp rebuild if preinstall lifecycle script is present #​7206.

Our Gold Sponsors

Our Silver Sponsors

v8.9.1

Compare Source

Patch Changes

  • Optimize selection result output of pnpm update --interactive 7109
  • When shared-workspace-lockfile is set to false, read the pnpm settings from package.json files that are nested. This was broken in pnpm v8.9.0 #​7184.
  • Fix file cloning to node_modules on Windows Dev Drives #​7186. This is a fix to a regression that was shipped with v8.9.0.
  • pnpm dlx should ignore any settings that are in a package.json file found in the current working directory #​7198.

Our Gold Sponsors

Our Silver Sponsors

v8.9.0

Compare Source

Minor Changes

  • 🚀Performance improvement: Use reflinks instead of hard links by default on macOS and Windows Dev Drives #​5001.

  • The list of packages that are allowed to run installation scripts now may be provided in a separate configuration file. The path to the file should be specified via the pnpm.onlyBuiltDependenciesFile field in package.json. For instance:

    {
      "dependencies": {
        "@&#8203;my-org/policy": "1.0.0"
      }
      "pnpm": {
        "onlyBuiltDependenciesFile": "node_modules/@&#8203;my-org/policy/allow-build.json"
      }
    }

    In the example above, the list is loaded from a dependency. The JSON file with the list should contain an array of package names. For instance:

    ["esbuild", "@&#8203;reflink/reflink"]

    With the above list, only esbuild and @reflink/reflink will be allowed to run scripts during installation.

    Related issue: #​7137.

  • Add disallow-workspace-cycles option to error instead of warn about cyclic dependencies

  • Allow env rm to remove multiple node versions at once, and introduce env add for installing node versions without setting as default #​7155.

Patch Changes

  • Fix memory error in pnpm why when the dependencies tree is too big, the command will now prune the tree to just 10 end leafs and now supports --depth argument #​7122.
  • Use neverBuiltDependencies and onlyBuiltDependencies from the root package.json of the workspace, when shared-workspace-lockfile is set to false #​7141.
  • Optimize peers resolution to avoid out-of-memory exceptions in some rare cases, when there are too many circular dependencies and peer dependencies #​7149.
  • Instead of pnpm.overrides replacing resolutions, the two are now merged. This is intended to make it easier to migrate from Yarn by allowing one to keep using resolutions for Yarn, but adding additional changes just for pnpm using pnpm.overrides.

Our Gold Sponsors

Our Silver Sponsors

mjeanroy/rollup-plugin-license (rollup-plugin-license)

v3.2.0

Compare Source

sass/dart-sass (sass)

v1.69.3

Compare Source

Embedded Sass
  • Fix TypeScript type locations in package.json.

v1.69.2

Compare Source

JS API
  • Fix a bug where Sass crashed when running in the browser if there was a global
    variable named process.

v1.69.1

Compare Source

  • No user-visible changes.
solidjs/solid (solid-js)

v1.8.0

Compare Source

I admit this is not the most exciting release from a feature standpoint. We are in that holding pattern between the end of 1.x and the start of 2.0. We recently made our new reactive experiments public and continue to build those out in public with @​solidjs/signals.

This version is more about addressing some of the fundamentals that will help us in other projects like SolidStart while we do the transition. A big part of this is applying what we have learned when doing performance benchmarks for the work that has been funded by Google Chrome Aurora.

Async and Resources need work and are too all in. It is great to have a solution but now that we have a better understanding we need to start breaking things apart into their fundamental pieces.

De-duping Streaming Serialization

This is the marquee feature of this release and is largely the work of @​lxsmnsyc. Solid has been able to serialize promises and do streaming for a couple of years now, but it was very special-cased. Now it is a generic mechanism.

This matters because it means that we have decoupled the promise serialization from Resources, and in so decoupled the whole when the stream is done from them. This opens up things like nested promises.

More so we have a mechanism now that deeply de-dupes data serialized across flushes. This is important for features like Islands where you might pass the same props to multiple Islands across different Suspense boundaries and don't want to send the data more than once. And even examples where that data can be accessed at varying depths (recursive comments in say a Hackernews site).

Hydration Improvements

Fragments for Hydration have been a bit of a pain and we keep seeming to have different issues reported around element duplication. Most commonly this has been around where there are lazy component siblings or where the fragment is top-level. After looking into and fixing an issue for Astro I decided to look at some of the oldest bugs in Solid and found it was a similar bug.

In many cases, the DOM can change throughout Hydration while doing things like streaming but we need to pause and resume hydration because code isn't available yet. While we don't create elements during hydration, getting an accurate snapshot of the DOM for the current state for future list reconciliation is a process we've had a few tries at but in 1.8 we update this in a way that makes sure it doesn't get out of date.

Also in 1.8, we have added some performance improvements to hydration in the form of not redundantly setting attributes or props as the page hydrates similar to how we don't update text. This is all migration towards a future where we don't need to do as much hydration, but it is important to note that values will be kept as they were on the server rather than how they may compute at runtime during hydration.

Smaller Templates

In 1.7 we removed unnecessary closing tags from template st


Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Oct 16, 2023
@patak-dev patak-dev merged commit 21017a9 into main Oct 16, 2023
10 checks passed
@patak-dev patak-dev deleted the renovate/all-minor-patch branch October 16, 2023 08:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants