search

Latina-Dev / latina-dev

Latina Dev is a directory of Latinas who code 💛️
https://latina.dev
MIT License
19 stars 7 forks source link

Bump the npm_and_yarn group with 7 updates #185

Closed dependabot[bot] closed 3 days ago

dependabot[bot] commented 3 days ago

Bumps the npm_and_yarn group with 7 updates:

Package From To
@sentry/browser 8.19.0 8.41.0
@sentry/nextjs 8.19.0 8.41.0
cookie 0.6.0 0.7.1
express 4.21.0 4.21.1
cross-spawn 7.0.3 7.0.6
elliptic 6.5.6 6.6.1
rollup 3.29.4 3.29.5

Updates @sentry/browser from 8.19.0 to 8.41.0

Release notes

Sourced from @​sentry/browser's releases.

8.41.0

Important Changes

  • meta(nuxt): Require minimum Nuxt v3.7.0 (#14473)

    We formalized that the Nuxt SDK is at minimum compatible with Nuxt version 3.7.0 and above. Additionally, the SDK requires the implicit nitropack dependency to satisfy version ^2.10.0 and ofetch to satisfy ^1.4.0. It is recommended to check your lock-files and manually upgrade these dependencies if they don't match the version ranges.

Deprecations

We are deprecating a few APIs which will be removed in the next major.

The following deprecations will potentially affect you:

  • feat(core): Update & deprecate undefined option handling (#14450)

    In the next major version we will change how passing undefined to tracesSampleRate / tracesSampler / enableTracing will behave.

    Currently, doing the following:

    Sentry.init({
  tracesSampleRate: undefined,
});

    Will result in tracing being enabled (although no spans will be generated) because the tracesSampleRate key is present in the options object. In the next major version, this behavior will be changed so that passing undefined (or rather having a tracesSampleRate key) will result in tracing being disabled, the same as not passing the option at all. If you are currently relying on undefined being passed, and and thus have tracing enabled, it is recommended to update your config to set e.g. tracesSampleRate: 0 instead, which will also enable tracing in v9.

    The same applies to tracesSampler and enableTracing.

  • feat(core): Log warnings when returning null in beforeSendSpan (#14433)

    Currently, the beforeSendSpan option in Sentry.init() allows you to drop individual spans from a trace by returning null from the hook. Since this API lends itself to creating "gaps" inside traces, we decided to change how this API will work in the next major version.

    With the next major version the beforeSendSpan API can only be used to mutate spans, but no longer to drop them. With this release the SDK will warn you if you are using this API to drop spans. Instead, it is recommended to configure instrumentation (i.e. integrations) directly to control what spans are created.

    Additionally, with the next major version, root spans will also be passed to beforeSendSpan.

  • feat(utils): Deprecate @sentry/utils (#14431)

    With the next major version the @sentry/utils package will be merged into the @sentry/core package. It is therefore no longer recommended to use the @sentry/utils package.

  • feat(vue): Deprecate configuring Vue tracing options anywhere else other than through the vueIntegration's tracingOptions option (#14385)

... (truncated)

Changelog

Sourced from @​sentry/browser's changelog.

8.41.0

Important Changes

  • meta(nuxt): Require minimum Nuxt v3.7.0 (#14473)

    We formalized that the Nuxt SDK is at minimum compatible with Nuxt version 3.7.0 and above. Additionally, the SDK requires the implicit nitropack dependency to satisfy version ^2.10.0 and ofetch to satisfy ^1.4.0. It is recommended to check your lock-files and manually upgrade these dependencies if they don't match the version ranges.

Deprecations

We are deprecating a few APIs which will be removed in the next major.

The following deprecations will potentially affect you:

  • feat(core): Update & deprecate undefined option handling (#14450)

    In the next major version we will change how passing undefined to tracesSampleRate / tracesSampler / enableTracing will behave.

    Currently, doing the following:

    Sentry.init({
  tracesSampleRate: undefined,
});

    Will result in tracing being enabled (although no spans will be generated) because the tracesSampleRate key is present in the options object. In the next major version, this behavior will be changed so that passing undefined (or rather having a tracesSampleRate key) will result in tracing being disabled, the same as not passing the option at all. If you are currently relying on undefined being passed, and and thus have tracing enabled, it is recommended to update your config to set e.g. tracesSampleRate: 0 instead, which will also enable tracing in v9.

    The same applies to tracesSampler and enableTracing.

  • feat(core): Log warnings when returning null in beforeSendSpan (#14433)

    Currently, the beforeSendSpan option in Sentry.init() allows you to drop individual spans from a trace by returning null from the hook. Since this API lends itself to creating "gaps" inside traces, we decided to change how this API will work in the next major version.

    With the next major version the beforeSendSpan API can only be used to mutate spans, but no longer to drop them. With this release the SDK will warn you if you are using this API to drop spans. Instead, it is recommended to configure instrumentation (i.e. integrations) directly to control what spans are created.

    Additionally, with the next major version, root spans will also be passed to beforeSendSpan.

  • feat(utils): Deprecate @sentry/utils (#14431)

    With the next major version the @sentry/utils package will be merged into the @sentry/core package. It is therefore no longer recommended to use the @sentry/utils package.

... (truncated)

Commits
  • df843cc release: 8.41.0
  • 470d4ec Merge pull request #14502 from getsentry/prepare-release/8.41.0
  • f7289c4 meta(changelog): Update changelog for 8.41.0
  • a4138e9 perf(opentelemetry): Bucket spans for cleanup (#14154)
  • 3e7969f feat: Deprecate registerEsmLoaderHooks.include and `registerEsmLoaderHooks....
  • 1e0cb04 ref(core): Do not check baggage validity (#14479)
  • de65590 feat(core): Further optimize debug ID parsing (#14365)
  • 09a31d1 feat(node): Add openTelemetryInstrumentations option (#14484)
  • 23e3783 meta(nuxt): Require minimum Nuxt v3.7.0 (#14473)
  • 973ef9c chore: Add GHSA entry for nuxt e2e test (#14490)
  • Additional commits viewable in compare view


Updates @sentry/nextjs from 8.19.0 to 8.41.0

Release notes

Sourced from @​sentry/nextjs's releases.

8.41.0

Important Changes

  • meta(nuxt): Require minimum Nuxt v3.7.0 (#14473)

    We formalized that the Nuxt SDK is at minimum compatible with Nuxt version 3.7.0 and above. Additionally, the SDK requires the implicit nitropack dependency to satisfy version ^2.10.0 and ofetch to satisfy ^1.4.0. It is recommended to check your lock-files and manually upgrade these dependencies if they don't match the version ranges.

Deprecations

We are deprecating a few APIs which will be removed in the next major.

The following deprecations will potentially affect you:

  • feat(core): Update & deprecate undefined option handling (#14450)

    In the next major version we will change how passing undefined to tracesSampleRate / tracesSampler / enableTracing will behave.

    Currently, doing the following:

    Sentry.init({
  tracesSampleRate: undefined,
});

    Will result in tracing being enabled (although no spans will be generated) because the tracesSampleRate key is present in the options object. In the next major version, this behavior will be changed so that passing undefined (or rather having a tracesSampleRate key) will result in tracing being disabled, the same as not passing the option at all. If you are currently relying on undefined being passed, and and thus have tracing enabled, it is recommended to update your config to set e.g. tracesSampleRate: 0 instead, which will also enable tracing in v9.

    The same applies to tracesSampler and enableTracing.

  • feat(core): Log warnings when returning null in beforeSendSpan (#14433)

    Currently, the beforeSendSpan option in Sentry.init() allows you to drop individual spans from a trace by returning null from the hook. Since this API lends itself to creating "gaps" inside traces, we decided to change how this API will work in the next major version.

    With the next major version the beforeSendSpan API can only be used to mutate spans, but no longer to drop them. With this release the SDK will warn you if you are using this API to drop spans. Instead, it is recommended to configure instrumentation (i.e. integrations) directly to control what spans are created.

    Additionally, with the next major version, root spans will also be passed to beforeSendSpan.

  • feat(utils): Deprecate @sentry/utils (#14431)

    With the next major version the @sentry/utils package will be merged into the @sentry/core package. It is therefore no longer recommended to use the @sentry/utils package.

  • feat(vue): Deprecate configuring Vue tracing options anywhere else other than through the vueIntegration's tracingOptions option (#14385)

... (truncated)

Changelog

Sourced from @​sentry/nextjs's changelog.

8.41.0

Important Changes

  • meta(nuxt): Require minimum Nuxt v3.7.0 (#14473)

    We formalized that the Nuxt SDK is at minimum compatible with Nuxt version 3.7.0 and above. Additionally, the SDK requires the implicit nitropack dependency to satisfy version ^2.10.0 and ofetch to satisfy ^1.4.0. It is recommended to check your lock-files and manually upgrade these dependencies if they don't match the version ranges.

Deprecations

We are deprecating a few APIs which will be removed in the next major.

The following deprecations will potentially affect you:

  • feat(core): Update & deprecate undefined option handling (#14450)

    In the next major version we will change how passing undefined to tracesSampleRate / tracesSampler / enableTracing will behave.

    Currently, doing the following:

    Sentry.init({
  tracesSampleRate: undefined,
});

    Will result in tracing being enabled (although no spans will be generated) because the tracesSampleRate key is present in the options object. In the next major version, this behavior will be changed so that passing undefined (or rather having a tracesSampleRate key) will result in tracing being disabled, the same as not passing the option at all. If you are currently relying on undefined being passed, and and thus have tracing enabled, it is recommended to update your config to set e.g. tracesSampleRate: 0 instead, which will also enable tracing in v9.

    The same applies to tracesSampler and enableTracing.

  • feat(core): Log warnings when returning null in beforeSendSpan (#14433)

    Currently, the beforeSendSpan option in Sentry.init() allows you to drop individual spans from a trace by returning null from the hook. Since this API lends itself to creating "gaps" inside traces, we decided to change how this API will work in the next major version.

    With the next major version the beforeSendSpan API can only be used to mutate spans, but no longer to drop them. With this release the SDK will warn you if you are using this API to drop spans. Instead, it is recommended to configure instrumentation (i.e. integrations) directly to control what spans are created.

    Additionally, with the next major version, root spans will also be passed to beforeSendSpan.

  • feat(utils): Deprecate @sentry/utils (#14431)

    With the next major version the @sentry/utils package will be merged into the @sentry/core package. It is therefore no longer recommended to use the @sentry/utils package.

... (truncated)

Commits
  • df843cc release: 8.41.0
  • 470d4ec Merge pull request #14502 from getsentry/prepare-release/8.41.0
  • f7289c4 meta(changelog): Update changelog for 8.41.0
  • a4138e9 perf(opentelemetry): Bucket spans for cleanup (#14154)
  • 3e7969f feat: Deprecate registerEsmLoaderHooks.include and `registerEsmLoaderHooks....
  • 1e0cb04 ref(core): Do not check baggage validity (#14479)
  • de65590 feat(core): Further optimize debug ID parsing (#14365)
  • 09a31d1 feat(node): Add openTelemetryInstrumentations option (#14484)
  • 23e3783 meta(nuxt): Require minimum Nuxt v3.7.0 (#14473)
  • 973ef9c chore: Add GHSA entry for nuxt e2e test (#14490)
  • Additional commits viewable in compare view


Updates cookie from 0.6.0 to 0.7.1

Release notes

Sourced from cookie's releases.

0.7.1

Fixed

  • Allow leading dot for domain (#174)
    • Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec
  • Add fast path for serialize without options, use obj.hasOwnProperty when parsing (#172)

https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1

0.7.0

https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0

Commits
Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.


Updates express from 4.21.0 to 4.21.1

Release notes

Sourced from express's releases.

4.21.1

What's Changed

Full Changelog: https://github.com/expressjs/express/compare/4.21.0...4.21.1

Changelog

Sourced from express's changelog.

4.21.1 / 2024-10-08

Commits


Updates cross-spawn from 7.0.3 to 7.0.6

Changelog

Sourced from cross-spawn's changelog.

7.0.6 (2024-11-18)

Bug Fixes

  • update cross-spawn version to 7.0.5 in package-lock.json (f700743)

7.0.5 (2024-11-07)

Bug Fixes

  • fix escaping bug introduced by backtracking (640d391)

7.0.4 (2024-11-07)

Bug Fixes

Commits
  • 77cd97f chore(release): 7.0.6
  • 6717de4 chore: upgrade standard-version
  • f700743 fix: update cross-spawn version to 7.0.5 in package-lock.json
  • 9a7e3b2 chore: fix build status badge
  • 0852683 chore(release): 7.0.5
  • 640d391 fix: fix escaping bug introduced by backtracking
  • bff0c87 chore: remove codecov
  • a7c6abc chore: replace travis with github workflows
  • 9b9246e chore(release): 7.0.4
  • 5ff3a07 fix: disable regexp backtracking (#160)
  • Additional commits viewable in compare view


Updates elliptic from 6.5.6 to 6.6.1

Commits


Updates rollup from 3.29.4 to 3.29.5

Release notes

Sourced from rollup's releases.

v3.29.5

3.29.5

2024-09-21

Bug Fixes

  • Fix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (#5671)

Pull Requests

Changelog

Sourced from rollup's changelog.

3.29.5

2024-09-21

Bug Fixes

  • Fix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (#5671)

Pull Requests

4.22.4

2024-09-21

Bug Fixes

  • Fix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (#5671)

Pull Requests

4.22.3

2024-09-21

Bug Fixes

  • Ensure that mutations in modules without side effects are observed while properly handling transitive dependencies (#5669)

Pull Requests

4.22.2

2024-09-20

Bug Fixes

  • Revert fix for side effect free modules until other issues are investigated (#5667)

Pull Requests

4.22.1

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Latina-Dev/latina-dev/network/alerts).
vercel[bot] commented 3 days ago

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
latina-dev ✅ Ready (Inspect) Visit Preview 💬 Add feedback Dec 1, 2024 4:30pm
dependabot[bot] commented 3 days ago

Looks like these dependencies are updatable in another way, so this is no longer needed.