search

StrongKey / fido2

Open-source FIDO server, featuring the FIDO2 standard. https://demo4.strongkey.com/getstarted/#/openapi/fido
202 stars 59 forks source link

Bump terser and @angular-devkit/build-angular in /sampleapps/java/sacl/sfakma/angular/demo6 #208

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps terser and @angular-devkit/build-angular. These dependencies needed to be updated together. Updates terser from 4.6.3 to 5.14.2

Changelog

Sourced from terser's changelog.

v5.14.2

  • Security fix for RegExps that should not be evaluated (regexp DDOS)
  • Source maps improvements (#1211)
  • Performance improvements in long property access evaluation (#1213)

v5.14.1

  • keep_numbers option added to TypeScript defs (#1208)
  • Fixed parsing of nested template strings (#1204)

v5.14.0

  • Switched to @​jridgewell/source-map for sourcemap generation (#1190, #1181)
  • Fixed source maps with non-terminated segments (#1106)
  • Enabled typescript types to be imported from the package (#1194)
  • Extra DOM props have been added (#1191)
  • Delete the AST while generating code, as a means to save RAM

v5.13.1

  • Removed self-assignments (varname=varname) (closes #1081)
  • Separated inlining code (for inlining things into references, or removing IIFEs)
  • Allow multiple identifiers with the same name in var destructuring (eg var { a, a } = x) (#1176)

v5.13.0

  • All calls to eval() were removed (#1171, #1184)
  • source-map was updated to 0.8.0-beta.0 (#1164)
  • NavigatorUAData was added to domprops to avoid property mangling (#1166)

v5.12.1

  • Fixed an issue with function definitions inside blocks (#1155)
  • Fixed parens of new in some situations (closes #1159)

v5.12.0

  • TERSER_DEBUG_DIR environment variable
  • @​copyright comments are now preserved with the comments="some" option (#1153)

v5.11.0

  • Unicode code point escapes (\u{abcde}) are not emitted inside RegExp literals anymore (#1147)
  • acorn is now a regular dependency

v5.10.0

  • Massive optimization to max_line_len (#1109)
  • Basic support for import assertions
  • Marked ES2022 Object.hasOwn as a pure function
  • Fix delete optional?.property
  • New CI/CD pipeline with github actions (#1057)

... (truncated)

Commits


Updates @angular-devkit/build-angular from 0.803.25 to 14.1.3

Release notes

Sourced from @​angular-devkit/build-angular's releases.

v14.1.3

14.1.3 (2022-08-17)

@​angular-devkit/core

Commit Description
fix - 365035cb3 update workspace extension warning to use correct phrasing

Special Thanks

AgentEnder, Alan Agius, Charles Lyding and Jason Bedard

v14.1.2

14.1.2 (2022-08-10)

@​angular-devkit/build-angular

Commit Description
fix - 3e19c842c avoid collect stats from chunks with no files
fix - d0a0c597c correctly handle data URIs with escaped quotes in stylesheets
fix - 67b3a086f process stylesheet resources from url tokens with esbuild browser builder
perf - e6c45c316 reduce babel transformation in esbuild builder
perf - 38b71bcc0 use esbuild in esbuild builder to downlevel native async/await

@​ngtools/webpack

Commit Description
fix - dd47a5e8c elide type only named imports when using emitDecoratorMetadata

Special Thanks

Alan Agius, Charles Lyding and Jason Bedard

v14.1.1

14.1.1 (2022-08-03)

@​schematics/angular

Commit Description
fix - 83dcfb32f prevent numbers from class names

@​angular/cli

Commit Description
fix - 4ee825bac catch clause variable is not an Error instance

@​angular-devkit/build-angular

Commit Description
fix - ef6da4aad allow the esbuild-based builder to fully resolve global stylesheet packages
fix - eed54b359 catch clause variable is not an Error instance
fix - c98471094 correctly respond to preflight requests
fix - 94b444e4c correctly set ngDevMode in esbuilder

@​angular-devkit/core

Commit Description
fix - 44c18082a classify string util should concat string without using a .

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

14.1.3 (2022-08-17)

@​angular-devkit/core

Commit Type Description
365035cb3 fix update workspace extension warning to use correct phrasing

Special Thanks

AgentEnder, Alan Agius, Charles Lyding and Jason Bedard

14.2.0-next.1 (2022-08-11)

@​angular-devkit/build-angular

Commit Type Description
44c25511e feat add ability to serve service worker when using dev-server
3fb569b5c feat switch to Sass modern API in esbuild builder
7de9b470c fix avoid collect stats from chunks with no files
70bc35456 fix correctly handle data URIs with escaped quotes in stylesheets
f474bf532 fix process stylesheet resources from url tokens with esbuild browser builder
50c783307 fix use valid CSS comment for sourcemaps with Sass in esbuild builder
3e3dc6962 perf reduce babel transformation in esbuild builder
8f9cee351 perf use esbuild in esbuild builder to downlevel native async/await

@​ngtools/webpack

Commit Type Description
cf9afeec2 fix elide type only named imports when using emitDecoratorMetadata

Special Thanks

Alan Agius, Charles Lyding and Jason Bedard

14.1.2 (2022-08-10)

@​angular-devkit/build-angular

| Commit | Type | Description |

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by google-wombot, a new releaser for @​angular-devkit/build-angular since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/StrongKey/fido2/network/alerts).
CLAassistant commented 1 year ago

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

dependabot[bot] commented 1 year ago

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.