JS-DevTools / npm-publish

GitHub Action to publish to NPM
https://jstools.dev/npm-publish
MIT License
620 stars 74 forks source link

chore(deps-dev): bump the development group with 5 updates #176

Closed dependabot[bot] closed 9 months ago

dependabot[bot] commented 9 months ago

Bumps the development group with 5 updates:

Package From To
@types/tar 6.1.10 6.1.11
@vitest/coverage-istanbul 1.0.1 1.2.2
esbuild 0.19.8 0.20.0
vitest 1.0.1 1.2.2
vitest-when 0.3.0 0.3.1

Updates @types/tar from 6.1.10 to 6.1.11

Commits


Updates @vitest/coverage-istanbul from 1.0.1 to 1.2.2

Release notes

Sourced from @​vitest/coverage-istanbul's releases.

v1.2.2

   🐞 Bug Fixes

    View changes on GitHub

v1.2.1

   🐞 Bug Fixes

    View changes on GitHub

v1.2.0

... (truncated)

Commits


Updates esbuild from 0.19.8 to 0.20.0

Release notes

Sourced from esbuild's releases.

v0.20.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.19.0 or ~0.19.0. See npm's documentation about semver for more information.

This time there is only one breaking change, and it only matters for people using Deno. Deno tests that use esbuild will now fail unless you make the change described below.

  • Work around API deprecations in Deno 1.40.x (#3609, #3611)

    Deno 1.40.0 was just released and introduced run-time warnings about certain APIs that esbuild uses. With this release, esbuild will work around these run-time warnings by using newer APIs if they are present and falling back to the original APIs otherwise. This should avoid the warnings without breaking compatibility with older versions of Deno.

    Unfortunately, doing this introduces a breaking change. The newer child process APIs lack a way to synchronously terminate esbuild's child process, so calling esbuild.stop() from within a Deno test is no longer sufficient to prevent Deno from failing a test that uses esbuild's API (Deno fails tests that create a child process without killing it before the test ends). To work around this, esbuild's stop() function has been changed to return a promise, and you now have to change esbuild.stop() to await esbuild.stop() in all of your Deno tests.

  • Reorder implicit file extensions within node_modules (#3341, #3608)

    In version 0.18.0, esbuild changed the behavior of implicit file extensions within node_modules directories (i.e. in published packages) to prefer .js over .ts even when the --resolve-extensions= order prefers .ts over .js (which it does by default). However, doing that also accidentally made esbuild prefer .css over .ts, which caused problems for people that published packages containing both TypeScript and CSS in files with the same name.

    With this release, esbuild will reorder TypeScript file extensions immediately after the last JavaScript file extensions in the implicit file extension order instead of putting them at the end of the order. Specifically the default implicit file extension order is .tsx,.ts,.jsx,.js,.css,.json which used to become .jsx,.js,.css,.json,.tsx,.ts in node_modules directories. With this release it will now become .jsx,.js,.tsx,.ts,.css,.json instead.

    Why even rewrite the implicit file extension order at all? One reason is because the .js file is more likely to behave correctly than the .ts file. The behavior of the .ts file may depend on tsconfig.json and the tsconfig.json file may not even be published, or may use extends to refer to a base tsconfig.json file that wasn't published. People can get into this situation when they forget to add all .ts files to their .npmignore file before publishing to npm. Picking .js over .ts helps make it more likely that resulting bundle will behave correctly.

v0.19.12

  • The "preserve" JSX mode now preserves JSX text verbatim (#3605)

    The JSX specification deliberately doesn't specify how JSX text is supposed to be interpreted and there is no canonical way to interpret JSX text. Two most popular interpretations are Babel and TypeScript. Yes they are different (esbuild deliberately follows TypeScript by the way).

    Previously esbuild normalized text to the TypeScript interpretation when the "preserve" JSX mode is active. However, "preserve" should arguably reproduce the original JSX text verbatim so that whatever JSX transform runs after esbuild is free to interpret it however it wants. So with this release, esbuild will now pass JSX text through unmodified:

    // Original code
    let el =
      <a href={'/'} title='&apos;&quot;'> some text
        {foo}
          more text </a>
    

    // Old output (with --loader=jsx --jsx=preserve) let el = <a href="/" title={'&quot;}> {" some text"} {foo} {"more text "} </a>;

    // New output (with --loader=jsx --jsx=preserve) let el = <a href={"/"} title='&apos;&quot;'> some text {foo} more text </a>;

  • Allow JSX elements as JSX attribute values

    JSX has an obscure feature where you can use JSX elements in attribute position without surrounding them with {...}. It looks like this:

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.20.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.19.0 or ~0.19.0. See npm's documentation about semver for more information.

This time there is only one breaking change, and it only matters for people using Deno. Deno tests that use esbuild will now fail unless you make the change described below.

  • Work around API deprecations in Deno 1.40.x (#3609, #3611)

    Deno 1.40.0 was just released and introduced run-time warnings about certain APIs that esbuild uses. With this release, esbuild will work around these run-time warnings by using newer APIs if they are present and falling back to the original APIs otherwise. This should avoid the warnings without breaking compatibility with older versions of Deno.

    Unfortunately, doing this introduces a breaking change. The newer child process APIs lack a way to synchronously terminate esbuild's child process, so calling esbuild.stop() from within a Deno test is no longer sufficient to prevent Deno from failing a test that uses esbuild's API (Deno fails tests that create a child process without killing it before the test ends). To work around this, esbuild's stop() function has been changed to return a promise, and you now have to change esbuild.stop() to await esbuild.stop() in all of your Deno tests.

  • Reorder implicit file extensions within node_modules (#3341, #3608)

    In version 0.18.0, esbuild changed the behavior of implicit file extensions within node_modules directories (i.e. in published packages) to prefer .js over .ts even when the --resolve-extensions= order prefers .ts over .js (which it does by default). However, doing that also accidentally made esbuild prefer .css over .ts, which caused problems for people that published packages containing both TypeScript and CSS in files with the same name.

    With this release, esbuild will reorder TypeScript file extensions immediately after the last JavaScript file extensions in the implicit file extension order instead of putting them at the end of the order. Specifically the default implicit file extension order is .tsx,.ts,.jsx,.js,.css,.json which used to become .jsx,.js,.css,.json,.tsx,.ts in node_modules directories. With this release it will now become .jsx,.js,.tsx,.ts,.css,.json instead.

    Why even rewrite the implicit file extension order at all? One reason is because the .js file is more likely to behave correctly than the .ts file. The behavior of the .ts file may depend on tsconfig.json and the tsconfig.json file may not even be published, or may use extends to refer to a base tsconfig.json file that wasn't published. People can get into this situation when they forget to add all .ts files to their .npmignore file before publishing to npm. Picking .js over .ts helps make it more likely that resulting bundle will behave correctly.

0.19.12

  • The "preserve" JSX mode now preserves JSX text verbatim (#3605)

    The JSX specification deliberately doesn't specify how JSX text is supposed to be interpreted and there is no canonical way to interpret JSX text. Two most popular interpretations are Babel and TypeScript. Yes they are different (esbuild deliberately follows TypeScript by the way).

    Previously esbuild normalized text to the TypeScript interpretation when the "preserve" JSX mode is active. However, "preserve" should arguably reproduce the original JSX text verbatim so that whatever JSX transform runs after esbuild is free to interpret it however it wants. So with this release, esbuild will now pass JSX text through unmodified:

    // Original code
    let el =
      <a href={'/'} title='&apos;&quot;'> some text
        {foo}
          more text </a>
    

    // Old output (with --loader=jsx --jsx=preserve) let el = <a href="/" title={'&quot;}> {" some text"} {foo} {"more text "} </a>;

    // New output (with --loader=jsx --jsx=preserve) let el = <a href={"/"} title='&apos;&quot;'> some text {foo} more text </a>;

  • Allow JSX elements as JSX attribute values

... (truncated)

Commits


Updates vitest from 1.0.1 to 1.2.2

Release notes

Sourced from vitest's releases.

v1.2.2

   🐞 Bug Fixes

    View changes on GitHub

v1.2.1

   🐞 Bug Fixes

    View changes on GitHub

v1.2.0

... (truncated)

Commits
  • b1462a4 chore: release v1.2.2
  • 6689856 fix(coverage): don't crash when re-run removes earlier run's reports (#5022)
  • fff1a27 fix(vitest): don't throw an error if mocked file was already imported (#5050)
  • 6dae3fe fix(typecheck): fix ignoreSourceErrors in run mode (#5044)
  • cf5641a fix(vitest): support older NodeJS with async import.meta.resolve (#5045)
  • 915d6c4 fix(threads): mention common work-around for the logged error (#5024)
  • a9a486f fix(vitest): allow useFakeTimers to fake requestIdleCallback on non brows...
  • 253df1c fix(vitest): throw an error if vi.mock is exported (#5034)
  • 7344870 feat(vitest): expose getHooks & setHooks (#5032)
  • 9c7c0fc fix(vitest): test deep dependencies change detection (#4934)
  • Additional commits viewable in compare view


Updates vitest-when from 0.3.0 to 0.3.1

Commits
  • d3a51d9 chore(release): 0.3.1
  • 7569d64 chore(deps-dev): update dev dependencies (#9)
  • b289297 fix: defer Promise.reject to avoid unhandled rejection error (#8)
  • See full diff in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions