search

Yelp / beans

Bringing people together, one cup of coffee at a time
MIT License
93 stars 37 forks source link

Bump the all-dependencies group in /frontend with 17 updates #340

Closed dependabot[bot] closed 8 months ago

dependabot[bot] commented 8 months ago

Bumps the all-dependencies group in /frontend with 17 updates:

Package From To
axios 1.6.2 1.6.7
cookie-session 2.0.0 2.1.0
express-session 1.17.3 1.18.0
moment-timezone 0.5.43 0.5.44
react-redux 9.0.0 9.1.0
react-router-dom 6.20.1 6.21.3
react-tooltip 5.24.0 5.26.0
redux 5.0.0 5.0.1
@babel/cli 7.23.4 7.23.9
@babel/core 7.23.5 7.23.9
@babel/eslint-parser 7.23.3 7.23.9
@babel/preset-env 7.23.5 7.23.9
eslint 8.55.0 8.56.0
eslint-plugin-import 2.29.0 2.29.1
imports-loader 4.0.1 5.0.0
nodemon 3.0.2 3.0.3
webpack 5.89.0 5.90.0

Updates axios from 1.6.2 to 1.6.7

Release notes

Sourced from axios's releases.

Release v1.6.7

Release notes:

Bug Fixes

  • capture async stack only for rejections with native error objects; (#6203) (1a08f90)

Contributors to this release

Release v1.6.6

Release notes:

Bug Fixes

  • fixed missed dispatchBeforeRedirect argument (#5778) (a1938ff)
  • wrap errors to improve async stack trace (#5987) (123f354)

Contributors to this release

Release v1.6.5

Release notes:

Bug Fixes

  • ci: refactor notify action as a job of publish action; (#6176) (0736f95)
  • dns: fixed lookup error handling; (#6175) (f4f2b03)

Contributors to this release

Release v1.6.4

Release notes:

Bug Fixes

  • security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)
  • security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)

Contributors to this release

Release v1.6.3

Release notes:

... (truncated)

Changelog

Sourced from axios's changelog.

1.6.7 (2024-01-25)

Bug Fixes

  • capture async stack only for rejections with native error objects; (#6203) (1a08f90)

Contributors to this release

1.6.6 (2024-01-24)

Bug Fixes

  • fixed missed dispatchBeforeRedirect argument (#5778) (a1938ff)
  • wrap errors to improve async stack trace (#5987) (123f354)

Contributors to this release

1.6.5 (2024-01-05)

Bug Fixes

  • ci: refactor notify action as a job of publish action; (#6176) (0736f95)
  • dns: fixed lookup error handling; (#6175) (f4f2b03)

Contributors to this release

1.6.4 (2024-01-03)

Bug Fixes

  • security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)
  • security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)

Contributors to this release

... (truncated)

Commits


Updates cookie-session from 2.0.0 to 2.1.0

Release notes

Sourced from cookie-session's releases.

2.1.0

  • Fix loading sessions with special keys
  • deps: cookies@0.9.1
    • Add partitioned option for CHIPS support
    • Add priority option for Priority cookie support
    • Fix accidental cookie name/value truncation when given invalid chars
    • Fix maxAge option to reject invalid values
    • Remove quotes from returned quoted cookie value
    • Use req.socket over deprecated req.connection
    • pref: small lookup regexp optimization
Changelog

Sourced from cookie-session's changelog.

2.1.0 / 2024-01-23

  • Fix loading sessions with special keys
  • deps: cookies@0.9.1
    • Add partitioned option for CHIPS support
    • Add priority option for Priority cookie support
    • Fix accidental cookie name/value truncation when given invalid chars
    • Fix maxAge option to reject invalid values
    • Remove quotes from returned quoted cookie value
    • Use req.socket over deprecated req.connection
    • pref: small lookup regexp optimization
Commits


Updates express-session from 1.17.3 to 1.18.0

Release notes

Sourced from express-session's releases.

1.18.0

  • Add debug log for pathname mismatch
  • Add partitioned to cookie options
  • Add priority to cookie options
  • Fix handling errors from setting cookie
  • Support any type in secret that crypto.createHmac supports
  • deps: cookie@0.6.0
    • Fix expires option to reject invalid dates
    • perf: improve default decode speed
    • perf: remove slow string split in parse
  • deps: cookie-signature@1.0.7
Changelog

Sourced from express-session's changelog.

1.18.0 / 2024-01-28

  • Add debug log for pathname mismatch
  • Add partitioned to cookie options
  • Add priority to cookie options
  • Fix handling errors from setting cookie
  • Support any type in secret that crypto.createHmac supports
  • deps: cookie@0.6.0
    • Fix expires option to reject invalid dates
    • perf: improve default decode speed
    • perf: remove slow string split in parse
  • deps: cookie-signature@1.0.7
Commits
  • 24d4972 1.18.0
  • 855f21a docs: add connect-ottoman to the list of session stores
  • 991b7ee Add debug log for pathname mismatch
  • 408229e Add "partitioned" to cookie options
  • 50e1429 build: Node.js@20.11
  • 6153b3f build: Node.js@21.6
  • 88e0f2e build: actions/checkout@v4
  • d9354ef Fix handling errors from setting cookie
  • f9f2318 docs: remove session-rethinkdb to the list of session stores
  • 3ee08c4 Add "priority" to cookie options
  • Additional commits viewable in compare view


Updates moment-timezone from 0.5.43 to 0.5.44

Release notes

Sourced from moment-timezone's releases.

Release 0.5.44

  • Updated data to IANA TZDB 2023d.
  • Fixed .valueOf() to return NaN for invalid zoned objects (matching default moment) #1082.
  • Performance improvements:
    • Use binary search when looking up zone information #720.
    • Avoid redundant checks in tz.guess().
    • Avoid redundant getZone() calls in .tz().
Changelog

Sourced from moment-timezone's changelog.

0.5.44 2023-12-29

  • Updated data to IANA TZDB 2023d.
  • Fixed .valueOf() to return NaN for invalid zoned objects (matching default moment) #1082.
  • Performance improvements:
    • Use binary search when looking up zone information #720.
    • Avoid redundant checks in tz.guess().
    • Avoid redundant getZone() calls in .tz().
Commits
  • 25f19b6 Build moment-timezone 0.5.44
  • 4734cb2 Bump version to 0.5.44
  • 585fabf Merge pull request #1085 from moment/data/2023d
  • ece926a Add test for valueOf behaviour with invalid moments (#1075)
  • 341beac Ensure valueOf returns NaN for invalid instances (#1082)
  • 69d856d data: Add 2023d
  • dc53e6c build(deps): bump @​babel/traverse (#1076)
  • dffed7a perf: Reduce unnecessary getZone() calls in moment.tz()
  • f7d8fc2 docs: Add note about maintenance mode in contributing guide
  • 4b1419b docs: Update contributing guide to reflect the latest data process
  • Additional commits viewable in compare view


Updates react-redux from 9.0.0 to 9.1.0

Release notes

Sourced from react-redux's releases.

v9.1.0

This minor release adds a new syntax for pre-typing hooks.

.withTypes

Previously, the approach for "pre-typing" hooks with your app settings was a little varied. The result would look something like the below:

import type { TypedUseSelectorHook } from "react-redux"
import { useDispatch, useSelector, useStore } from "react-redux"
import type { AppDispatch, AppStore, RootState } from "./store"

export const useAppDispatch: () => AppDispatch = useDispatch
export const useAppSelector: TypedUseSelectorHook<RootState> = useSelector
export const useAppStore = useStore as () => AppStore

React Redux v9.1.0 adds a new .withTypes method to each of these hooks, analogous to the .withTypes method found on Redux Toolkit's createAsyncThunk.

The setup now becomes:

import { useDispatch, useSelector, useStore } from "react-redux"
import type { AppDispatch, AppStore, RootState } from "./store"

export const useAppDispatch = useDispatch.withTypes<AppDispatch>()
export const useAppSelector = useSelector.withTypes<RootState>()
export const useAppStore = useStore.withTypes<AppStore>()

What's Changed

New Contributors

Full Changelog: https://github.com/reduxjs/react-redux/compare/v9.0.4...v9.1.0

v9.0.4

This bugfix release updates the React Native peer dependency to be >= 0.69, to better reflect the need for React 18 compat and (hopefully) resolve issues with the npm package manager throwing peer dep errors on install.

What's Changed

Full Changelog: https://github.com/reduxjs/react-redux/compare/v9.0.3...v9.0.4

v9.0.3

This bugfix release drops the ReactDOM / React Native specific use of render batching, as React 18 now automatically batches, and updates the React types dependencies

... (truncated)

Commits


Updates react-router-dom from 6.20.1 to 6.21.3

Release notes

Sourced from react-router-dom's releases.

react-router-dom-v5-compat@6.4.0-pre.15

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.15
    • react-router-dom@6.4.0-pre.15

react-router-dom-v5-compat@6.4.0-pre.11

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.11
    • react-router-dom@6.4.0-pre.11

react-router-dom-v5-compat@6.4.0-pre.10

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.10
    • react-router-dom@6.4.0-pre.10

react-router-dom-v5-compat@6.4.0-pre.9

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.9
    • react-router-dom@6.4.0-pre.9

react-router-dom-v5-compat@6.4.0-pre.8

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.8
    • react-router-dom@6.4.0-pre.8

react-router-dom-v5-compat@6.4.0-pre.7

Patch Changes

  • Updated dependencies
    • react-router@6.4.0-pre.7
    • react-router-dom@6.4.0-pre.7

react-router-dom-v5-compat@6.4.0-pre.6

Patch Changes

  • 44bce3c6: Fix react-router-dom peer dependency version
    • react-router@6.4.0-pre.6
    • react-router-dom@6.4.0-pre.6

react-router-dom-v5-compat@6.4.0-pre.5

... (truncated)

Changelog

Sourced from react-router-dom's changelog.

6.21.3

Patch Changes

  • Fix NavLink isPending when a basename is used (#11195)
  • Remove leftover unstable_ prefix from Blocker/BlockerFunction types (#11187)
  • Updated dependencies:
    • react-router@6.21.3

6.21.2

Patch Changes

  • Leverage useId for internal fetcher keys when available (#11166)
  • Updated dependencies:
    • @remix-run/router@1.14.2
    • react-router@6.21.2

6.21.1

Patch Changes

  • Updated dependencies:
    • react-router@6.21.1
    • @remix-run/router@1.14.1

6.21.0

Minor Changes

  • Add a new future.v7_relativeSplatPath flag to implement a breaking bug fix to relative routing when inside a splat route. (#11087)

    This fix was originally added in #10983 and was later reverted in #11078 because it was determined that a large number of existing applications were relying on the buggy behavior (see #11052)

    The Bug The buggy behavior is that without this flag, the default behavior when resolving relative paths is to ignore any splat (*) portion of the current route path.

    The Background This decision was originally made thinking that it would make the concept of nested different sections of your apps in <Routes> easier if relative routing would replace the current splat:

    <BrowserRouter>
  <Routes>
    <Route path="/" element={<Home />} />
    <Route path="dashboard/*" element={<Dashboard />} />
  </Routes>
</BrowserRouter>

    Any paths like /dashboard, /dashboard/team, /dashboard/projects will match the Dashboard route. The dashboard component itself can then render nested <Routes>:

... (truncated)

Commits


Updates react-tooltip from 5.24.0 to 5.26.0

Release notes

Sourced from react-tooltip's releases.

v5.26.0

If you like the project, please give the project a GitHub 🌟

What's Changed

New Contributors

Full Changelog: https://github.com/ReactTooltip/react-tooltip/compare/v5.25.2...v5.26.0

v5.25.2

If you like the project, please give the project a GitHub 🌟

What's Changed

New Contributors

Full Changelog: https://github.com/ReactTooltip/react-tooltip/compare/v5.25.1...v5.25.2

v5.25.1

If you like the project, please give the project a GitHub 🌟

What's Changed

Full Changelog: https://github.com/ReactTooltip/react-tooltip/compare/v5.25.0...v5.25.1

v5.25.0

If you like the project, please give the project a GitHub 🌟

What's Changed

New Contributors

Full Changelog: https://github.com/ReactTooltip/react-tooltip/compare/v5.24.0...v5.25.0

Commits
  • 59bb0e5 chore(version): v5.26.0
  • 79ac7dd Updated docs/options
  • 2e6291c Feature : defaultIsOpen is added
  • 6d2a880 Remove anchor when data-tooltip-id gets changed
  • 0b395a4 chore(version): v5.25.2
  • 8eff46b fix: use pointermove event over mousemove
  • adcecb1 Merge pull request #1147 from johannkor/fix-tooltip-staying-open
  • f86b7d7 refactor: use same name as lodash for debounce cancel
  • 4f2c48f fix: debounce prevented tooltip from closing
  • 2e59f10 refactor: fix debounce function typings
  • Additional commits viewable in compare view


Updates redux from 5.0.0 to 5.0.1

Release notes

Sourced from redux's releases.

v5.0.1

This patch release adjusts the isPlainObject util to allow objects created via Object.create(null), and fixes a type issue which accidentally made the store state type non-nullable.

What's Changed

Full Changelog: https://github.com/reduxjs/redux/compare/v5.0.0...v5.0.1

Commits
Maintainer changes

This version was pushed to npm by phryneas, a new releaser for redux since your current version.


Updates @babel/cli from 7.23.4 to 7.23.9

Release notes

Sourced from @​babel/cli's releases.

v7.23.9 (2024-01-25)

:bug: Bug Fix

  • babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env
  • babel-traverse
  • Other

:house: Internal

:running_woman: Performance

:microscope: Output optimization

  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env
  • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

Committers: 4

v7.23.8 (2024-01-08)

:bug: Bug Fix

:leftwards_arrow_with_hook: Revert

:microscope: Output optimization

  • babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-parameters, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

... (truncated)

Changelog

Sourced from @​babel/cli's changelog.

v7.23.9 (2024-01-25)

:bug: Bug Fix

  • babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env
  • babel-traverse
  • Other

:house: Internal

:running_woman: Performance

:microscope: Output optimization

  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env
  • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

v7.23.8 (2024-01-08)

:bug: Bug Fix

:leftwards_arrow_with_hook: Revert

:microscope: Output optimization

  • babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-parameters, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

v7.23.7 (2023-12-29)

:bug: Bug Fix

  • babel-traverse
  • babel-helpers, babel-plugin-proposal-decorators

... (truncated)

Commits


Updates @babel/core from 7.23.5 to 7.23.9

Release notes

Sourced from @​babel/core's releases.

v7.23.9 (2024-01-25)

:bug: Bug Fix

  • babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env
  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env
  • babel-traverse
  • Other

:house: Internal

:running_woman: Performance

:microscope: Output optimization

  • babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env
  • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime... _Description has been truncated_
dependabot[bot] commented 8 months ago

Superseded by #342.