search

SavageLearning / machete-ui

A re-write of the Machete app in Angular12 & Typescript
https://github.com/savagelearning/machete
GNU General Public License v3.0
4 stars 5 forks source link

Bump terser and @angular-devkit/build-angular #130

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps terser to 5.14.2 and updates ancestor dependency @angular-devkit/build-angular. These dependencies need to be updated together.

Updates terser from 5.11.0 to 5.14.2

Changelog

Sourced from terser's changelog.

v5.14.2

  • Security fix for RegExps that should not be evaluated (regexp DDOS)
  • Source maps improvements (#1211)
  • Performance improvements in long property access evaluation (#1213)

v5.14.1

  • keep_numbers option added to TypeScript defs (#1208)
  • Fixed parsing of nested template strings (#1204)

v5.14.0

  • Switched to @​jridgewell/source-map for sourcemap generation (#1190, #1181)
  • Fixed source maps with non-terminated segments (#1106)
  • Enabled typescript types to be imported from the package (#1194)
  • Extra DOM props have been added (#1191)
  • Delete the AST while generating code, as a means to save RAM

v5.13.1

  • Removed self-assignments (varname=varname) (closes #1081)
  • Separated inlining code (for inlining things into references, or removing IIFEs)
  • Allow multiple identifiers with the same name in var destructuring (eg var { a, a } = x) (#1176)

v5.13.0

  • All calls to eval() were removed (#1171, #1184)
  • source-map was updated to 0.8.0-beta.0 (#1164)
  • NavigatorUAData was added to domprops to avoid property mangling (#1166)

v5.12.1

  • Fixed an issue with function definitions inside blocks (#1155)
  • Fixed parens of new in some situations (closes #1159)

v5.12.0

  • TERSER_DEBUG_DIR environment variable
  • @​copyright comments are now preserved with the comments="some" option (#1153)
Commits


Updates @angular-devkit/build-angular from 12.2.16 to 12.2.18

Release notes

Sourced from @​angular-devkit/build-angular's releases.

v12.2.18

12.2.18 (2022-07-21)

@​angular-devkit/build-angular

Commit Description
fix - 4d723ca95 update terser to address CVE-2022-25858

Special Thanks

Alan Agius, Joey Perrott and Paul Gschwendtner

v12.2.17

12.2.17 (2022-03-31)

@​angular-devkit/architect-cli

Commit Description
fix - ccb0f95f3 update minimist to 1.2.6

@​angular-devkit/schematics-cli

Commit Description
fix - abcdf4df2 update minimist to 1.2.6

@​angular-devkit/benchmark

Commit Description
fix - 2656a330e update minimist to 1.2.6

Special Thanks

Alan Agius and Doug Parker

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

12.2.18 (2022-07-21)

@​angular-devkit/build-angular

Commit Type Description
4d723ca95 fix update terser to address CVE-2022-25858

Special Thanks

Alan Agius, Joey Perrott and Paul Gschwendtner

12.2.17 (2022-03-31)

@​angular-devkit/architect-cli

Commit Type Description
ccb0f95f3 fix update minimist to 1.2.6

@​angular-devkit/schematics-cli

Commit Type Description
abcdf4df2 fix update minimist to 1.2.6

@​angular-devkit/benchmark

Commit Type Description
2656a330e fix update minimist to 1.2.6

Special Thanks

Alan Agius

Commits
  • 455848f release: cut the v12.2.18 release
  • ed08d83 test: use correct version of material
  • 4d723ca fix(@​angular-devkit/build-angular): update terser to address CVE-2022-25858
  • 7e33d1e test: remove material-design-icons e2e test
  • 789c4e3 ci: add nightly CI run for 12.2.x branch
  • b61724e build: update saucelabs key
  • 6723a3c build: changes for primary branch rename to main.
  • 60a756f build: preparation for primary branch rename in the Angular repos
  • 98b0867 release: cut the v12.2.17 release
  • 2da68bf build: update minimist to 1.2.6
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/SavageLearning/machete-ui/network/alerts).