search

Azure-Samples / Cosmic-Food-RAG-app

A chat-based recommendation application that revolutionizes the culinary experience.
MIT License
10 stars 7 forks source link

Bump the node-requirements group across 1 directory with 15 updates #48

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 2 months ago

Bumps the node-requirements group with 14 updates in the /frontend directory:

Package From To
@fluentui/react 8.112.5 8.119.0
@fluentui/react-components 9.37.3 9.54.4
dompurify 3.0.6 3.1.6
@types/dompurify 3.0.4 3.0.5
react-router-dom 6.23.1 6.24.1
scheduler 0.20.2 0.23.2
@eslint/js 9.5.0 9.6.0
@vitejs/plugin-react 4.1.1 4.3.1
eslint 8.57.0 9.6.0
globals 15.6.0 15.8.0
prettier 3.0.3 3.3.2
typescript 5.4.5 5.5.3
typescript-eslint 7.13.1 7.15.0
vite 4.5.3 5.3.3

Updates @fluentui/react from 8.112.5 to 8.119.0

Release notes

Sourced from @​fluentui/react's releases.

@​fluentui/react v8.119.0

Minor changes

@​fluentui/react v8.118.10

Patches

  • Bump @​fluentui/foundation-legacy to v8.4.12 (commit)
  • Bump @​fluentui/font-icons-mdl2 to v8.5.46 (commit)
  • Bump @​fluentui/merge-styles to v8.6.12 (commit)
  • Bump @​fluentui/react-focus to v8.9.9 (commit)
  • Bump @​fluentui/react-hooks to v8.8.9 (commit)
  • Bump @​fluentui/style-utilities to v8.10.17 (commit)
  • Bump @​fluentui/theme to v2.6.55 (commit)
  • Bump @​fluentui/utilities to v8.15.12 (commit)
Commits
  • c543aba release: applying package updates - react v8
  • a1da85c release: applying package updates - web-components
  • 9de8ede Add 'allowParentArrowNavigation' prop to ComboBox. (#31805)
  • 660d5fe Add drawer web component (#31521)
  • 3fe95fd fix: MenuButton is styled correctly when aria-expanded is a string (#31809)
  • 1e1398c chore: Updating version of @fluentui/react-icons to ^2.0.245 (#31802)
  • e53f719 chore:(docs) Migrate e2e Cypress testing doc (#31796)
  • 9f8fa4c chore:(docs) Update API Extractor file (#31651)
  • 5226974 chore: migrate to nx 18 (#31746)
  • 2384048 release: applying package updates - react v8
  • Additional commits viewable in compare view


Updates @fluentui/react-components from 9.37.3 to 9.54.4

Release notes

Sourced from @​fluentui/react-components's releases.

@​fluentui/react-components v9.54.3

Minor changes

  • feat(v0-migration): Attachment compat component (PR #31634 by jurokapsiar)
  • feat: Adds animation to selection indicator and icon. (PR #31720 by mltejera)
  • feat: Adds NavDivider implementation (PR #31848 by mltejera)
  • Update internal state to match Combobox and Listbox changes (PR #31415 by smhigley)
  • feat: add options to manually show/hide focus visibility on active descendants, and scroll the active item into view (PR #31415 by smhigley)
  • feat: Add disableAutoFocus to Combobox and Listbox for cases when the popover is open on focus. (PR #31852 by sopranopillow)
  • fix: Listbox updates activedescendant correctly (PR #31415 by smhigley)
  • feat: Pass data with value to onAction callback (PR #31803 by george-cz)

Patches

... (truncated)

Commits
  • 400cd5a release: applying package updates - react-components
  • 674cdee chore: normalize project names in whole repo (#31893)
  • f5aad26 fix(Tree): Roving tabindexes should be refreshed if current element is unmoun...
  • 99b5b84 chore(vr-tests-v9): Convert Combobox VR tests to CSF (#31922)
  • 0db8092 chore(vr-tests-v9): Convert Checkbox VR tests to CSF (#31916)
  • 6f482a9 chore(vr-tests-v9): Convert DatePickerCompat VR tests to CSF (#31923)
  • bcc482a chore(vr-tests-v9): Convert AvatarGroup to CSF (#31914)
  • 338cd90 chore(vr-tests-v9): Convert Calendar VR tests to CSF (#31915)
  • 8393f61 chore: implement release pipeline for tools scope (#31844)
  • 65769d8 feat: vertically align inline inputs (#31812)
  • Additional commits viewable in compare view


Updates @fluentui/react-icons from 2.0.221 to 2.0.247

Commits


Updates dompurify from 3.0.6 to 3.1.6

Release notes

Sourced from dompurify's releases.

DOMPurify 3.1.6

  • Fixed an issue with the execution logic of attribute hooks to prevent bypasses, thanks @​kevin-mizu
  • Fixed an issue with element removal leading to uncaught errors through DOM Clobbering, thanks @​realansgar
  • Fixed a minor problem with the bower file pointing to the wrong dist path
  • Fixed several minor typos in docs, comments and comment blocks, thanks @​Rotzbua
  • Updated several development dependencies

DOMPurify 3.1.5

  • Fixed a minor issue with the dist paths in bower.js, thanks @​HakumenNC
  • Fixed a minor issue with sanitizing HTML coming from copy&paste Word content, thanks @​kakao-bishop-cho

DOMPurify 3.1.4

  • Fixed an issue with the recently implemented isNaN checks, thanks @​tulach
  • Added several new popover attributes to allow-list, thanks @​Gigabyte5671
  • Fixed the tests and adjusted the test runner to cover all branches

DOMPurify 3.1.3

  • Fixed several mXSS variations found by and thanks to @​kevin-mizu & @​Ry0taK
  • Added better configurability for comment scrubbing default behavior
  • Added better hardening against Prototype Pollution attacks, thanks @​kevin-mizu
  • Added better handling and readability of the nodeType property, thanks @​ssi02014
  • Fixed some smaller issues in README and other documentation

DOMPurify 3.1.2

  • Addressed and fixed a mXSS variation found by @​kevin-mizu
  • Addressed and fixed a mXSS variation found by Adam Kues of Assetnote
  • Updated tests for older Safari and Chrome versions

DOMPurify 3.1.1

  • Fixed an mXSS sanitiser bypass reported by @​icesfont
  • Added new code to track element nesting depth
  • Added new code to enforce a maximum nesting depth of 255
  • Added coverage tests and necessary clobbering protections

Note that this is a security release and should be upgraded to immediately. Please also note that further releases may follow as the underlying vulnerability is apparently new and further variations may be discovered.

DOMPurify 3.1.0

  • Added new setting SAFE_FOR_XML to enable better control over comment scrubbing
  • Updated README to warn about happy-dom not being safe for use with DOMPurify yet
  • Updated the LICENSE file to show the accurate year number
  • Updated several build and test dependencies

DOMPurify 3.0.11

  • Fixed another conditional bypass caused by Processing Instructions, thanks @​Ry0taK
  • Fixed the regex for HTML Custom Element detection, thanks @​AlekseySolovey3T

DOMPurify 3.0.10

  • Fixed two possible bypasses when sanitizing an XML document and later using it in HTML, thanks @​Slonser
  • Bumped up some build and test dependencies

... (truncated)

Commits
  • 4083a90 Merge pull request #978 from cure53/main
  • 90a10a1 fix: Fixed a typo on the README
  • 65df042 chore: Preparing 3.1.6 release
  • 6e03334 fix: Made sure that remove() is not called directly from node
  • 00fc06c fix: Fixed a DOM clobbering issue leading to an error being thrown
  • f8c2ef5 Merge pull request #977 from cure53/dependabot/npm_and_yarn/multi-99ca4f73d8
  • e5112ec build(deps): bump ws and socket.io-adapter
  • 9978cec docs: Added better security warning about SAFE_FOR_XML to README
  • fa542df fix: Changed the order for attribute checks slightly for safer hooks
  • b8b552c Merge pull request #975 from cure53/dependabot/npm_and_yarn/multi-2d3aef8690
  • Additional commits viewable in compare view


Updates @types/dompurify from 3.0.4 to 3.0.5

Commits


Updates react-router-dom from 6.23.1 to 6.24.1

Release notes

Sourced from react-router-dom's releases.

react-router-dom-v5-compat@6.4.0-pre.15

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.15
    • react-router-dom@6.4.0-pre.15

react-router-dom-v5-compat@6.4.0-pre.11

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.11
    • react-router-dom@6.4.0-pre.11

react-router-dom-v5-compat@6.4.0-pre.10

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.10
    • react-router-dom@6.4.0-pre.10

react-router-dom-v5-compat@6.4.0-pre.9

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.9
    • react-router-dom@6.4.0-pre.9

react-router-dom-v5-compat@6.4.0-pre.8

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.8
    • react-router-dom@6.4.0-pre.8

react-router-dom-v5-compat@6.4.0-pre.7

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.7
    • react-router-dom@6.4.0-pre.7

react-router-dom-v5-compat@6.4.0-pre.6

Patch Changes

  • 44bce3c6: Fix react-router-dom peer dependency version
    • react-router@6.4.0-pre.6
    • react-router-dom@6.4.0-pre.6

react-router-dom-v5-compat@6.4.0-pre.5

... (truncated)

Changelog

Sourced from react-router-dom's changelog.

6.24.1

Patch Changes

  • Remove polyfill.io reference from warning message because the domain was sold and has since been determined to serve malware (#11741)
  • Export NavLinkRenderProps type for easier typing of custom NavLink callback (#11553)
  • Updated dependencies:
    • @remix-run/router@1.17.1
    • react-router@6.24.1

6.24.0

Minor Changes

Patch Changes

  • Fix fetcher.submit types - remove incorrect navigate/fetcherKey/unstable_viewTransition options because they are only relevant for useSubmit (#11631)
  • Allow falsy location.state values passed to <StaticRouter> (#11495)
  • Updated dependencies:
    • react-router@6.24.0
    • @remix-run/router@1.17.0
Commits


Updates scheduler from 0.20.2 to 0.23.2

Commits
Maintainer changes

This version was pushed to npm by react-bot, a new releaser for scheduler since your current version.


Updates @eslint/js from 9.5.0 to 9.6.0

Release notes

Sourced from @​eslint/js's releases.

v9.6.0

Features

  • e2b16e2 feat: Implement feature flags (#18516) (Nicholas C. Zakas)
  • 8824aa1 feat: add ecmaVersion: 2025, parsing duplicate named capturing groups (#18596) (Milos Djermanovic)

Bug Fixes

  • 1613e2e fix: Allow escaping characters in config patterns on Windows (#18628) (Milos Djermanovic)
  • 21d3766 fix: no-unused-vars include caught errors pattern in report message (#18609) (Kirk Waiblinger)
  • d7a7736 fix: improve no-unused-vars message on unused caught errors (#18608) (Kirk Waiblinger)
  • f9e95d2 fix: correct locations of invalid /* eslint */ comments (#18593) (Milos Djermanovic)

Documentation

  • 13dbecd docs: Limit search to just docs (#18627) (Nicholas C. Zakas)
  • 375227f docs: Update getting-started.md - add pnpm to init eslint config (#18599) (Kostiantyn Ochenash)
  • 44915bb docs: Update README (GitHub Actions Bot)
  • d50db7b docs: Update vscode-eslint info (#18595) (Nicholas C. Zakas)

Chores

  • b15ee30 chore: upgrade @​eslint/js@​9.6.0 (#18632) (Milos Djermanovic)
  • d655503 chore: package.json update for @​eslint/js release (Jenkins)
  • 7c78ad9 refactor: Use language.visitorKeys and check for non-JS SourceCode (#18625) (Nicholas C. Zakas)
  • 69ff64e refactor: Return value of applyInlineConfig() (#18623) (Nicholas C. Zakas)
  • d2d06f7 refactor: use / separator when adjusting ignorePatterns on Windows (#18613) (Milos Djermanovic)
  • 6421973 refactor: fix disable directives for languages with 0-based lines (#18605) (Milos Djermanovic)
  • 0a13539 refactor: Allow optional methods for languages (#18604) (Nicholas C. Zakas)
  • c7ddee0 chore: make internal-rules not being a package (#18601) (Milos Djermanovic)
  • 3379164 chore: remove .eslintrc.js (#18011) (唯然)
  • d0c3a32 chore: update knip (with webdriver-io plugin) (#18594) (Lars Kappert)
Changelog

Sourced from @​eslint/js's changelog.

v9.6.0 - June 28, 2024

  • b15ee30 chore: upgrade @​eslint/js@​9.6.0 (#18632) (Milos Djermanovic)
  • d655503 chore: package.json update for @​eslint/js release (Jenkins)
  • 1613e2e fix: Allow escaping characters in config patterns on Windows (#18628) (Milos Djermanovic)
  • 13dbecd docs: Limit search to just docs (#18627) (Nicholas C. Zakas)
  • 7c78ad9 refactor: Use language.visitorKeys and check for non-JS SourceCode (#18625) (Nicholas C. Zakas)
  • e2b16e2 feat: Implement feature flags (#18516) (Nicholas C. Zakas)
  • 69ff64e refactor: Return value of applyInlineConfig() (#18623) (Nicholas C. Zakas)
  • 375227f docs: Update getting-started.md - add pnpm to init eslint config (#18599) (Kostiantyn Ochenash)
  • 44915bb docs: Update README (GitHub Actions Bot)
  • d2d06f7 refactor: use / separator when adjusting ignorePatterns on Windows (#18613) (Milos Djermanovic)
  • 21d3766 fix: no-unused-vars include caught errors pattern in report message (#18609) (Kirk Waiblinger)
  • 6421973 refactor: fix disable directives for languages with 0-based lines (#18605) (Milos Djermanovic)
  • d7a7736 fix: improve no-unused-vars message on unused caught errors (#18608) (Kirk Waiblinger)
  • 0a13539 refactor: Allow optional methods for languages (#18604) (Nicholas C. Zakas)
  • f9e95d2 fix: correct locations of invalid /* eslint */ comments (#18593) (Milos Djermanovic)
  • 8824aa1 feat: add ecmaVersion: 2025, parsing duplicate named capturing groups (#18596) (Milos Djermanovic)
  • c7ddee0 chore: make internal-rules not being a package (#18601) (Milos Djermanovic)
  • 3379164 chore: remove .eslintrc.js (#18011) (唯然)
  • d0c3a32 chore: update knip (with webdriver-io plugin) (#18594) (Lars Kappert)
  • d50db7b docs: Update vscode-eslint info (#18595) (Nicholas C. Zakas)
Commits


Updates @types/dompurify from 3.0.4 to 3.0.5

Commits


Updates @vitejs/plugin-react from 4.1.1 to 4.3.1

Release notes

Sourced from @​vitejs/plugin-react's releases.

v4.3.1

Fix support for React Compiler with React 18

The previous version made this assumption that the compiler was only usable with React 19, but it's possible to use it with React 18 and a custom runtimeModule: https://gist.github.com/poteto/37c076bf112a07ba39d0e5f0645fec43

When using a custom runtimeModule, the plugin will not try to pre-optimize react/compiler-runtime dependency.

Reminder: Vite expect code outside of node_modules to be ESM, so you will need to update the gist with import React from 'react'.

v4.3.0

Fix support for React compiler

Don't set retainLines: true when the React compiler is used. This creates whitespace issues and the compiler is modifying the JSX too much to get correct line numbers after that. If you want to use the React compiler and get back correct line numbers for tools like vite-plugin-react-click-to-component to work, you should update your config to something like:

export default defineConfig(({ command }) => {
  const babelPlugins = [['babel-plugin-react-compiler', {}]]
  if (command === 'serve') {
    babelPlugins.push(['@babel/plugin-transform-react-jsx-development', {}])
  }

return {
plugins: [react({ babel: { plugins: babelPlugins } })],
}
})

Support HMR for class components

This is a long overdue and should fix some issues people had with HMR when migrating from CRA.

v4.2.1

Remove generic parameter on Plugin to avoid type error with Rollup 4/Vite 5 and skipLibCheck: false.

I expect very few people to currently use this feature, but if you are extending the React plugin via api object, you can get back the typing of the hook by importing ViteReactPluginApi:

import type { Plugin } from 'vite'
import type { ViteReactPluginApi } from '@vitejs/plugin-react'

export const somePlugin: Plugin = {
name: 'some-plugin',
api: {
reactBabel: (babelConfig) => {
babelConfig.plugins.push('some-babel-plugin')
},
} satisfies ViteReactPluginApi,
}

... (truncated)

Changelog

Sourced from @​vitejs/plugin-react's changelog.

4.3.1 (2024-06-10)

Fix support for React Compiler with React 18

The previous version made this assumption that the compiler was only usable with React 19, but it's possible to use it with React 18 and a custom runtimeModule: https://gist.github.com/poteto/37c076bf112a07ba39d0e5f0645fec43

When using a custom runtimeModule, the plugin will not try to pre-optimize react/compiler-runtime dependency.

Reminder: Vite expect code outside of node_modules to be ESM, so you will need to update the gist with import React from 'react'.

4.3.0 (2024-05-22)

Fix support for React compiler

Don't set retainLines: true when the React compiler is used. This creates whitespace issues and the compiler is modifying the JSX too much to get correct line numbers after that. If you want to use the React compiler and get back correct line numbers for tools like vite-plugin-react-click-to-component to work, you should update your config to something like:

export default defineConfig(({ command }) => {
  const babelPlugins = [['babel-plugin-react-compiler', {}]]
  if (command === 'serve') {
    babelPlugins.push(['@babel/plugin-transform-react-jsx-development', {}])
  }

return {
plugins: [react({ babel: { plugins: babelPlugins } })],
}
})

Support HMR for class components

This is a long overdue and should fix some issues people had with HMR when migrating from CRA.

4.2.1 (2023-12-04)

Remove generic parameter on Plugin to avoid type error with Rollup 4/Vite 5 and skipLibCheck: false.

I expect very few people to currently use this feature, but if you are extending the React plugin via api object, you can get back the typing of the hook by importing ViteReactPluginApi:

import type { Plugin } from 'vite'
import type { ViteReactPluginApi } from '@vitejs/plugin-react'

export const somePlugin: Plugin = {
name: 'some-plugin',
api: {
reactBabel: (babelConfig) => {
babelConfig.plugins.push('some-babel-plugin')
},
} satisfies ViteReactPluginApi,
</tr></table>

... (truncated)

Commits


Updates eslint from 8.57.0 to 9.6.0

Release notes

Sourced from eslint's releases.

v9.6.0

Features

  • e2b16e2 feat: Implement feature flags (#18516) (Nicholas C. Zakas)
  • 8824aa1 feat: add ecmaVersion: 2025, parsing duplicate named capturing groups (#18596) (Milos Djermanovic)

Bug Fixes

  • 1613e2e fix: Allow escaping characters in config patterns on Windows (#18628) (Milos Djermanovic)
  • 21d3766 fix: no-unused-vars include caught errors pattern in report message (#18609) (Kirk Waiblinger)
  • d7a7736 fix: improve no-unused-vars message on unused caught errors (#18608) (Kirk Waiblinger)
  • f9e95d2 fix: correct locations of invalid /* eslint */ comments (#18593) (Milos Djermanovic)

Documentation

  • 13dbecd docs: Limit search to just docs (#18627) (Nicholas C. Zakas)
  • 375227f docs: Update getting-started.md - add pnpm to init eslint config (#18599) (Kostiantyn Ochenash)
  • 44915bb docs: Update README (GitHub Actions Bot)
  • d50db7b docs: Update vscode-eslint info (#18595) (Nicholas C. Zakas)

Chores

  • b15ee30 chore: upgrade @​eslint/js@​9.6.0 (#18632) (Milos Djermanovic)
  • d655503 chore: package.json update for @​eslint/js release (Jenkins)
  • 7c78ad9 refactor: Use language.visitorKeys and check for non-JS SourceCode (#18625) (Nicholas C. Zakas)
  • 69ff64e refactor: Return value of applyInlineConfig() (#18623) (Nicholas C. Zakas)
  • d2d06f7 refactor: use / separator when adjusting ignorePatterns on Windows (#18613) (Milos Djermanovic)
  • 6421973 refactor: fix disable directives for languages with 0-based lines (#18605) (Milos Djermanovic)
  • 0a13539 refactor: Allow optional methods for languages (#18604) (Nicholas C. Zakas)
  • c7ddee0 chore: make internal-rules not being a package (#18601) (Milos Djermanovic)
  • 3379164 chore: remove .eslintrc.js (#18011) (唯然)
  • d0c3a32 chore: update knip (with webdriver-io plugin) (#18594) (Lars Kappert)

v9.5.0

Features

  • b2d256c feat: no-sparse-arrays report on "comma" instead of the whole array (#18579) (fisker Cheung)

Bug Fixes

  • 6880286 fix: treat * as a universal pattern (#18586) (Milos Djermanovic)
  • 7fbe211 fix: message template for all files ignored (#18564) (Milos Djermanovic)
  • 469cb36 fix: Don't lint the same file multiple times (#18552) (Milos Djermanovic)
  • 5cff638 fix: improve message for ignored files without a matching config (#18404) (Francesco Trotta)

Documentation

  • 455f7fd docs: add section about including .gitignore files (#18590) (Milos Djermanovic)
  • 721eafe docs: update info about universal files patterns (#18587) (Francesco Trotta)
  • 8127127 docs: Update README (GitHub Actions Bot)
  • 55c2a66 docs: Update README (GitHub Actions Bot)
  • eb76282 docs: Update README (GitHub Actions Bot)
  • ff6e96e docs: baseConfig and overrideConfig can be arrays (#18571) (Milos Djermanovic)
  • d2d83e0 docs: Add mention of eslint-transforms to v9 migration guide (#18566) (Nicholas C. Zakas)
  • 9ce6832 docs: add callout box for unintuitive behavior (#18567) (Ben McCann)
  • b8db99c docs: Add VS Code info to config migration guide (#18555) (Nicholas C. Zakas)
  • 518a35c docs: Mention config migrator (#18561) (Nicholas C. Zakas)

... (truncated)

Changelog

Sourced from eslint's changelog.

v9.6.0 - June 28, 2024

  • b15ee30 chore: upgrade @​eslint/js@​9.6.0 (#18632) (Milos Djermanovic)
  • d655503 chore: package.json update for @​eslint/js release (Jenkins)
  • 1613e2e fix: Allow escaping characters in config patterns on Windows (#18628) (Milos Djermanovic)
  • 13dbecd docs: Limit search to just docs (#18627) (Nicholas C. Zakas)
  • 7c78ad9 refactor: Use language.visitorKeys and check for non-JS SourceCode (#18625) (Nicholas C. Zakas)
  • e2b16e2 feat: Implement feature flags (#18516) (Nicholas C. Zakas)
  • 69ff64e refactor: Return value of applyInlineConfig() (#18623) (Nicholas C. Zakas)
  • 375227f docs: Update getting-started.md - add pnpm to init eslint config (#18599) (Kostiantyn Ochenash)
  • 44915bb docs: Update README (GitHub Actions Bot)
  • d2d06f7 refactor: use / separator when adjusting ignorePatterns on Windows (#18613) (Milos Djermanovic)
  • dependabot[bot] commented 2 months ago

    Looks like these dependencies are updatable in another way, so this is no longer needed.