search

Azure-Samples / Cosmic-Food-RAG-app

A chat-based recommendation application that revolutionizes the culinary experience.
MIT License
18 stars 10 forks source link

Bump the node-requirements group across 1 directory with 17 updates #60

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 3 months ago

Bumps the node-requirements group with 16 updates in the /frontend directory:

Package From To
@fluentui/react 8.112.5 8.119.3
@fluentui/react-components 9.37.3 9.54.6
@react-spring/web 9.7.3 9.7.4
dompurify 3.0.6 3.1.6
@types/dompurify 3.0.4 3.0.5
react-router-dom 6.23.1 6.25.1
scheduler 0.20.2 0.23.2
@eslint/js 9.5.0 9.7.0
@vitejs/plugin-react 4.1.1 4.3.1
eslint 8.57.0 9.7.0
eslint-plugin-react 7.34.3 7.35.0
globals 15.6.0 15.8.0
prettier 3.0.3 3.3.3
typescript 5.4.5 5.5.4
typescript-eslint 7.13.1 7.17.0
vite 4.5.3 5.3.4

Updates @fluentui/react from 8.112.5 to 8.119.3

Release notes

Sourced from @​fluentui/react's releases.

@​fluentui/react v8.119.3

Patches

  • fix(TimePicker): Clear text when date value changes to null (PR #31626 by behowell)

@​fluentui/react v8.119.2

Patches

  • fix: item.onClick is called when SplitMenuItem checkmark is clicked (PR #31908 by smhigley)
  • Fix WindowProvider utilities always returning window/document/undefined (PR #31968 by Jamie0)
Commits
  • 02db285 release: applying package updates - react v8
  • 8303652 release: applying package updates - web-components
  • 233720f Chore: Create Divider base class to abstract out style and layout specific ap...
  • 5c3c0ba fix(TimePicker): Clear text when date value changes to null (#31626)
  • 1bfb9c9 fix(web-components): move spinner animation off of mainthread (#32056)
  • 0c3c4ac chore: unify jest maxWorkers usage on CI and turn off code coverage (#27680)
  • 5333195 ci(vrt): install vr-app as part of standard yarn install and remedy necessary...
  • ba0b6c5 chore: remove component poster (#32057)
  • 651b92e ci(vrt): upgrade VR tool to be security compliant (#31997)
  • bae6b88 ci: improve codeql performance by not analyzing sourcefiles that cause infint...
  • Additional commits viewable in compare view


Updates @fluentui/react-components from 9.37.3 to 9.54.6

Release notes

Sourced from @​fluentui/react-components's releases.

@​fluentui/react-components v9.54.6

Minor changes

Patches

Commits
  • e55fceb release: applying package updates - react-components
  • 970bf5c [Chore]: Create Spinner base class to abstract out style and layout specific ...
  • 60952ac [Chore]: Create Progress Bar base class to abstract out style and layout spec...
  • 9b99a9d fix(react-storybook-addon): transform decorator to function in withAriaLive()...
  • ace4b73 fix(motion): improve Web Animations API detection in tests (#32029)
  • 5e3705d chore(eslint-plugin): removes type dependency on @​fluentui/react-utilities in...
  • 02db285 release: applying package updates - react v8
  • 8303652 release: applying package updates - web-components
  • 233720f Chore: Create Divider base class to abstract out style and layout specific ap...
  • 5c3c0ba fix(TimePicker): Clear text when date value changes to null (#31626)
  • Additional commits viewable in compare view


Updates @fluentui/react-icons from 2.0.221 to 2.0.249

Commits


Updates @react-spring/web from 9.7.3 to 9.7.4

Release notes

Sourced from @​react-spring/web's releases.

v9.7.4

What's Changed

New Contributors

... (truncated)

Commits
  • fd65b60 v9.7.4
  • d64fc47 fix(shared): add rafz as a package
  • a755bd8 fix: add useReducedMotion compatibility for Safari 13 and older (#2300)
  • f96db5e Revert "chore(deps): update dependency remark-mdx-frontmatter to v5 (#2298)"
  • 28a172d chore(deps): update dependency remark-mdx-frontmatter to v5 (#2298)
  • 1e4406e chore(deps): update dependency tsx to v4 (#2260)
  • 58d06b8 chore: make deps absolute (#2283)
  • f6047e4 chore(deps): update github artifact actions to v4 (major) (#2262)
  • 84ed1db chore(deps): update testing deps (#2282)
  • da2c12e chore: update tooling deps
  • Additional commits viewable in compare view


Updates dompurify from 3.0.6 to 3.1.6

Release notes

Sourced from dompurify's releases.

DOMPurify 3.1.6

  • Fixed an issue with the execution logic of attribute hooks to prevent bypasses, thanks @​kevin-mizu
  • Fixed an issue with element removal leading to uncaught errors through DOM Clobbering, thanks @​realansgar
  • Fixed a minor problem with the bower file pointing to the wrong dist path
  • Fixed several minor typos in docs, comments and comment blocks, thanks @​Rotzbua
  • Updated several development dependencies

DOMPurify 3.1.5

  • Fixed a minor issue with the dist paths in bower.js, thanks @​HakumenNC
  • Fixed a minor issue with sanitizing HTML coming from copy&paste Word content, thanks @​kakao-bishop-cho

DOMPurify 3.1.4

  • Fixed an issue with the recently implemented isNaN checks, thanks @​tulach
  • Added several new popover attributes to allow-list, thanks @​Gigabyte5671
  • Fixed the tests and adjusted the test runner to cover all branches

DOMPurify 3.1.3

  • Fixed several mXSS variations found by and thanks to @​kevin-mizu & @​Ry0taK
  • Added better configurability for comment scrubbing default behavior
  • Added better hardening against Prototype Pollution attacks, thanks @​kevin-mizu
  • Added better handling and readability of the nodeType property, thanks @​ssi02014
  • Fixed some smaller issues in README and other documentation

DOMPurify 3.1.2

  • Addressed and fixed a mXSS variation found by @​kevin-mizu
  • Addressed and fixed a mXSS variation found by Adam Kues of Assetnote
  • Updated tests for older Safari and Chrome versions

DOMPurify 3.1.1

  • Fixed an mXSS sanitiser bypass reported by @​icesfont
  • Added new code to track element nesting depth
  • Added new code to enforce a maximum nesting depth of 255
  • Added coverage tests and necessary clobbering protections

Note that this is a security release and should be upgraded to immediately. Please also note that further releases may follow as the underlying vulnerability is apparently new and further variations may be discovered.

DOMPurify 3.1.0

  • Added new setting SAFE_FOR_XML to enable better control over comment scrubbing
  • Updated README to warn about happy-dom not being safe for use with DOMPurify yet
  • Updated the LICENSE file to show the accurate year number
  • Updated several build and test dependencies

DOMPurify 3.0.11

  • Fixed another conditional bypass caused by Processing Instructions, thanks @​Ry0taK
  • Fixed the regex for HTML Custom Element detection, thanks @​AlekseySolovey3T

DOMPurify 3.0.10

  • Fixed two possible bypasses when sanitizing an XML document and later using it in HTML, thanks @​Slonser
  • Bumped up some build and test dependencies

... (truncated)

Commits
  • 4083a90 Merge pull request #978 from cure53/main
  • 90a10a1 fix: Fixed a typo on the README
  • 65df042 chore: Preparing 3.1.6 release
  • 6e03334 fix: Made sure that remove() is not called directly from node
  • 00fc06c fix: Fixed a DOM clobbering issue leading to an error being thrown
  • f8c2ef5 Merge pull request #977 from cure53/dependabot/npm_and_yarn/multi-99ca4f73d8
  • e5112ec build(deps): bump ws and socket.io-adapter
  • 9978cec docs: Added better security warning about SAFE_FOR_XML to README
  • fa542df fix: Changed the order for attribute checks slightly for safer hooks
  • b8b552c Merge pull request #975 from cure53/dependabot/npm_and_yarn/multi-2d3aef8690
  • Additional commits viewable in compare view


Updates @types/dompurify from 3.0.4 to 3.0.5

Commits


Updates react-router-dom from 6.23.1 to 6.25.1

Release notes

Sourced from react-router-dom's releases.

react-router-dom-v5-compat@6.4.0-pre.15

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.15
    • react-router-dom@6.4.0-pre.15

react-router-dom-v5-compat@6.4.0-pre.11

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.11
    • react-router-dom@6.4.0-pre.11

react-router-dom-v5-compat@6.4.0-pre.10

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.10
    • react-router-dom@6.4.0-pre.10

react-router-dom-v5-compat@6.4.0-pre.9

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.9
    • react-router-dom@6.4.0-pre.9

react-router-dom-v5-compat@6.4.0-pre.8

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.8
    • react-router-dom@6.4.0-pre.8

react-router-dom-v5-compat@6.4.0-pre.7

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.7
    • react-router-dom@6.4.0-pre.7

react-router-dom-v5-compat@6.4.0-pre.6

Patch Changes

  • 44bce3c6: Fix react-router-dom peer dependency version
    • react-router@6.4.0-pre.6
    • react-router-dom@6.4.0-pre.6

react-router-dom-v5-compat@6.4.0-pre.5

... (truncated)

Changelog

Sourced from react-router-dom's changelog.

6.25.1

Patch Changes

  • Memoize some RouterProvider internals to reduce unnecessary re-renders (#11803)
  • Updated dependencies:
    • react-router@6.25.1

6.25.0

Minor Changes

  • Stabilize future.unstable_skipActionErrorRevalidation as future.v7_skipActionErrorRevalidation (#11769)

    • When this flag is enabled, actions will not automatically trigger a revalidation if they return/throw a Response with a 4xx/5xx status code
    • You may still opt-into revalidation via shouldRevalidate
    • This also changes shouldRevalidate's unstable_actionStatus parameter to actionStatus

Patch Changes

  • Updated dependencies:
    • react-router@6.25.0
    • @remix-run/router@1.18.0

6.24.1

Patch Changes

  • Remove polyfill.io reference from warning message because the domain was sold and has since been determined to serve malware (#11741)
  • Export NavLinkRenderProps type for easier typing of custom NavLink callback (#11553)
  • Updated dependencies:
    • @remix-run/router@1.17.1
    • react-router@6.24.1

6.24.0

Minor Changes

Patch Changes

  • Fix fetcher.submit types - remove incorrect navigate/fetcherKey/unstable_viewTransition options because they are only relevant for useSubmit (#11631)
  • Allow falsy location.state values passed to <StaticRouter> (#11495)
  • Updated dependencies:
    • react-router@6.24.0

... (truncated)

Commits


Updates scheduler from 0.20.2 to 0.23.2

Commits
Maintainer changes

This version was pushed to npm by react-bot, a new releaser for scheduler since your current version.


Updates @eslint/js from 9.5.0 to 9.7.0

Release notes

Sourced from @​eslint/js's releases.

v9.7.0

Features

  • 7bd9839 feat: add support for es2025 duplicate named capturing groups (#18630) (Yosuke Ota)
  • 1381394 feat: add regex option in no-restricted-imports (#18622) (Nitin Kumar)

Bug Fixes

  • 14e9f81 fix: destructuring in catch clause in no-unused-vars (#18636) (Francesco Trotta)

Documentation

  • 9f416db docs: Add Powered by Algolia label to the search. (#18633) (Amaresh S M)
  • c8d26cb docs: Open JS Foundation -> OpenJS Foundation (#18649) (Milos Djermanovic)
  • 6e79ac7 docs: loadESLint does not support option cwd (#18641) (Francesco Trotta)

Chores

  • 793b718 chore: upgrade @​eslint/js@​9.7.0 (#18680) (Francesco Trotta)
  • 7ed6f9a chore: package.json update for @​eslint/js release (Jenkins)
  • 7bcda76 refactor: Add type references (#18652) (Nicholas C. Zakas)
  • 51bf57c chore: add tech sponsors through actions (#18624) (Strek)
  • 6320732 refactor: don't use parent property in NodeEventGenerator (#18653) (Milos Djermanovic)
  • 9e6d640 refactor: move "Parsing error" prefix adding to Linter (#18650) (Milos Djermanovic)

v9.6.0

Features

  • e2b16e2 feat: Implement feature flags (#18516) (Nicholas C. Zakas)
  • 8824aa1 feat: add ecmaVersion: 2025, parsing duplicate named capturing groups (#18596) (Milos Djermanovic)

Bug Fixes

  • 1613e2e fix: Allow escaping characters in config patterns on Windows (#18628) (Milos Djermanovic)
  • 21d3766 fix: no-unused-vars include caught errors pattern in report message (#18609) (Kirk Waiblinger)
  • d7a7736 fix: improve no-unused-vars message on unused caught errors (#18608) (Kirk Waiblinger)
  • f9e95d2 fix: correct locations of invalid /* eslint */ comments (#18593) (Milos Djermanovic)

Documentation

  • 13dbecd docs: Limit search to just docs (#18627) (Nicholas C. Zakas)
  • 375227f docs: Update getting-started.md - add pnpm to init eslint config (#18599) (Kostiantyn Ochenash)
  • 44915bb docs: Update README (GitHub Actions Bot)
  • d50db7b docs: Update vscode-eslint info (#18595) (Nicholas C. Zakas)

Chores

  • b15ee30 chore: upgrade @​eslint/js@​9.6.0 (#18632) (Milos Djermanovic)
  • d655503 chore: package.json update for @​eslint/js release (Jenkins)
  • 7c78ad9 refactor: Use language.visitorKeys and check for non-JS SourceCode (#18625) (Nicholas C. Zakas)
  • 69ff64e refactor: Return value of applyInlineConfig() (#18623) (Nicholas C. Zakas)
  • d2d06f7 refactor: use / separator when adjusting ignorePatterns on Windows (#18613) (Milos Djermanovic)
  • 6421973 refactor: fix disable directives for languages with 0-based lines (#18605) (Milos Djermanovic)
  • 0a13539 refactor: Allow optional methods for languages (#18604) (Nicholas C. Zakas)
  • c7ddee0 chore: make internal-rules not being a package (#18601) (Milos Djermanovic)
  • 3379164 chore: remove .eslintrc.js (#18011) (唯然)
  • d0c3a32 chore: update knip (with webdriver-io plugin) (#18594) (Lars Kappert)
Changelog

Sourced from @​eslint/js's changelog.

v9.7.0 - July 12, 2024

  • 793b718 chore: upgrade @​eslint/js@​9.7.0 (#18680) (Francesco Trotta)
  • 7ed6f9a chore: package.json update for @​eslint/js release (Jenkins)
  • 14e9f81 fix: destructuring in catch clause in no-unused-vars (#18636) (Francesco Trotta)
  • 7bcda76 refactor: Add type references (#18652) (Nicholas C. Zakas)
  • 51bf57c chore: add tech sponsors through actions (#18624) (Strek)
  • 9f416db docs: Add Powered by Algolia label to the search. (#18633) (Amaresh S M)
  • 6320732 refactor: don't use parent property in NodeEventGenerator (#18653) (Milos Djermanovic)
  • 7bd9839 feat: add support for es2025 duplicate named capturing groups (#18630) (Yosuke Ota)
  • 1381394 feat: add regex option in no-restricted-imports (#18622) (Nitin Kumar)
  • 9e6d640 refactor: move "Parsing error" prefix adding to Linter (#18650) (Milos Djermanovic)
  • c8d26cb docs: Open JS Foundation -> OpenJS Foundation (#18649) (Milos Djermanovic)
  • 6e79ac7 docs: loadESLint does not support option cwd (#18641) (Francesco Trotta)

v9.6.0 - June 28, 2024

  • b15ee30 chore: upgrade @​eslint/js@​9.6.0 (#18632) (Milos Djermanovic)
  • d655503 chore: package.json update for @​eslint/js release (Jenkins)
  • 1613e2e fix: Allow escaping characters in config patterns on Windows (#18628) (Milos Djermanovic)
  • 13dbecd docs: Limit search to just docs (#18627) (Nicholas C. Zakas)
  • 7c78ad9 refactor: Use language.visitorKeys and check for non-JS SourceCode (#18625) (Nicholas C. Zakas)
  • e2b16e2 feat: Implement feature flags (#18516) (Nicholas C. Zakas)
  • 69ff64e refactor: Return value of applyInlineConfig() (#18623) (Nicholas C. Zakas)
  • 375227f docs: Update getting-started.md - add pnpm to init eslint config (#18599) (Kostiantyn Ochenash)
  • 44915bb docs: Update README (GitHub Actions Bot)
  • d2d06f7 refactor: use / separator when adjusting ignorePatterns on Windows (#18613) (Milos Djermanovic)
  • 21d3766 fix: no-unused-vars include caught errors pattern in report message (#18609) (Kirk Waiblinger)
  • 6421973 refactor: fix disable directives for languages with 0-based lines (#18605) (Milos Djermanovic)
  • d7a7736 fix: improve no-unused-vars message on unused caught errors (#18608) (Kirk Waiblinger)
  • 0a13539 refactor: Allow optional methods for languages (#18604) (Nicholas C. Zakas)
  • f9e95d2 fix: correct locations of invalid /* eslint */ comments (#18593) (Milos Djermanovic)
  • 8824aa1 feat: add ecmaVersion: 2025, parsing duplicate named capturing groups (#18596) (Milos Djermanovic)
  • c7ddee0 chore: make internal-rules not being a package (#18601) (Milos Djermanovic)
  • 3379164 chore: remove .eslintrc.js (#18011) (唯然)
  • d0c3a32 chore: update knip (with webdriver-io plugin) (#18594) (Lars Kappert)
  • d50db7b docs: Update vscode-eslint info (#18595) (Nicholas C. Zakas)
Commits
  • 7ed6f9a chore: package.json update for @​eslint/js release
  • d655503 chore: package.json update for @​eslint/js release
  • See full diff in compare view


Updates @types/dompurify from 3.0.4 to 3.0.5

Commits


Updates @vitejs/plugin-react from 4.1.1 to 4.3.1

Release notes

Sourced from @​vitejs/plugin-react's releases.

v4.3.1

Fix support for React Compiler with React 18

The previous version made this assumption that the compiler was only usable with React 19, but it's possible to use it with React 18 and a custom runtimeModule: https://gist.github.com/poteto/37c076bf112a07ba39d0e5f0645fec43

When using a custom runtimeModule, the plugin will not try to pre-optimize react/compiler-runtime dependency.

Reminder: Vite expect code outside of node_modules to be ESM, so you will need to update the gist with import React from 'react'.

v4.3.0

Fix support for React compiler

Don't set retainLines: true when the React compiler is used. This creates whitespace issues and the compiler is modifying the JSX too much to get correct line numbers after that. If you want to use the React compiler and get back correct line numbers for tools like vite-plugin-react-click-to-component to work, you should update your config to something like:

export default defineConfig(({ command }) => {
  const babelPlugins = [['babel-plugin-react-compiler', {}]]
  if (command === 'serve') {
    babelPlugins.push(['@babel/plugin-transform-react-jsx-development', {}])
  }

return {
plugins: [react({ babel: { plugins: babelPlugins } })],
}
})

Support HMR for class components

This is a long overdue and should fix some issues people had with HMR when migrating from CRA.

v4.2.1

Remove generic parameter on Plugin to avoid type error with Rollup 4/Vite 5 and skipLibCheck: false.

I expect very few people to currently use this feature, but if you are extending the React plugin via api object, you can get back the typing of the hook by importing ViteReactPluginApi:

import type { Plugin } from 'vite'
import type { ViteReactPluginApi } from '@vitejs/plugin-react'

export const somePlugin: Plugin = {
name: 'some-plugin',
api: {
reactBabel: (babelConfig) => {
babelConfig.plugins.push('some-babel-plugin')
},
} satisfies ViteReactPluginApi,
}

... (truncated)

Changelog

Sourced from @​vitejs/plugin-react's changelog.

4.3.1 (2024-06-10)

Fix support for React Compiler with React 18

The previous version made this assumption that the compiler was only usable with React 19, but it's possible to use it with React 18 and a custom runtimeModule: https://gist.github.com/poteto/37c076bf112a07ba39d0e5f0645fec43

When using a custom runtimeModule, the plugin will not try to pre-optimize react/compiler-runtime dependency.

Reminder: Vite expect code outside of node_modules to be ESM, so you will need to update the gist with import React from 'react'.

4.3.0 (2024-05-22)

Fix support for React compiler

Don't set retainLines: true when the React compiler is used. This creates whitespace issues and the compiler is modifying the JSX too much to get correct line numbers after that. If you want to use the React compiler and get back correct line numbers for tools like vite-plugin-react-click-to-component to work, you should update your config to something like:

export default defineConfig(({ command }) => {
  const babelPlugins = [['babel-plugin-react-compiler', {}]]
  if (command === 'serve') {
    babelPlugins.push(['@babel/plugin-transform-react-jsx-development', {}])
  }

return {
plugins: [react({ babel: { plugins: babelPlugins } })],
}
})

Support HMR for class components

This is a long overdue and should fix some issues people had with HMR when migrating from CRA.

4.2.1 (2023-12-04)

Remove generic parameter on Plugin to avoid type error with Rollup 4/Vite 5 and skipLibCheck: false.

I expect very few people to currently use this feature, but if you are extending the React plugin via api object, you can get back the typing of the hook by importing ViteReactPluginApi:

import type { Plugin } from 'vite'
import type { ViteReactPluginApi } from '@vitejs/plugin-react'

export const somePlugin: Plugin = {
name: 'some-plugin',
api: {
reactBabel: (babelConfig) => {
babelConfig.plugins.push('some-babel-plugin')
},
} satisfies ViteReactPluginApi,
</tr></table>

... (truncated)

Commits