search

adopted-ember-addons / ember-cognito

AWS Amplify/Cognito and ember-simple-auth integration
MIT License
32 stars 25 forks source link

Bump ember-source from 4.4.1 to 4.8.1 #369

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps ember-source from 4.4.1 to 4.8.1.

Release notes

Sourced from ember-source's releases.

v4.8.1

CHANGELOG

  • CVE pending Fix a prototype pollution vulnerability in set and setProperties

v4.8.0

CHANGELOG

  • #20180 [FEATURE] Publish an opt-in preview of public types for Ember
  • #20166 [BUGFIX] Upgrade router_js to fix Linked list of RouteInfos contains undefined object

v4.8.0-beta.5

CHANGELOG

  • #20212 [BUGFIX] Remove incorrect exports from preview routing types

v4.8.0-beta.4

CHANGELOG

  • #20201 [BUGFIX] Fix type definition for Route

v4.8.0-beta.3

CHANGELOG

  • #20194 [BUGFIX] Provide a .d.ts file at types/stable
  • #20196 [BUGFIX] types imports are at 'ember-source/types'

v4.8.0-beta.2

CHANGELOG

  • #20186 [BUGFIX] Fix @ember/runloop type tests folder name so that the tests are properly excluded from the build
  • #20180 [FEATURE] Publish an opt-in preview of public types for Ember

v4.8.0-beta.1

CHANGELOG

  • #20166 [BUGFIX] Upgrade router_js to fix Linked list of RouteInfos contains undefined object

v4.7.1

CHANGELOG

  • #20166 [BUGFIX] Fix missing RouteInfo entries

v4.7.0

CHANGELOG

  • #20126 [BUGFIX] Replace Firefox detection that used a deprecated browser API

v4.7.0-beta.1

CHANGELOG

... (truncated)

Changelog

Sourced from ember-source's changelog.

v4.8.1 (November 2, 2022)

  • CVE pending Fix a prototype pollution vulnerability in set and setProperties

v4.4.4 (November 2, 2022)

  • CVE pending Fix a prototype pollution vulnerability in set and `setProperties

v3.28.10 (November 2, 2022)

  • CVE pending Fix a prototype pollution vulnerability in set and setProperties

v3.24.7 (November 2, 2022)

  • CVE pending Fix a prototype pollution vulnerability in set and setProperties

v4.9.0-beta.2 (October 25, 2022)

  • #20227 [BUGFIX] Fix unsafe internal cast for NativeArray
  • #20228 [BUGFIX] Remove type export for ControllerMixin

v4.9.0-beta.1 (October 17, 2022)

  • #20203 / #20204 [FEATURE] Preview types: Update to Typescript 4.8

v4.8.0 (October 17, 2022)

  • #20180 [FEATURE] Publish an opt-in preview of public types for Ember
  • #20166 [BUGFIX] Upgrade router_js to fix Linked list of RouteInfos contains undefined object

v4.4.3 (October 12, 2022)

  • #20166 [BUGFIX] Fix missing RouteInfo entries

v4.7.1 (October 12, 2022)

  • #20166 [BUGFIX] Fix missing RouteInfo entries

v4.7.0 (September 6, 2022)

  • #20126 [BUGFIX] Replace Firefox detection that used a deprecated browser API

v4.6.0 (July 25, 2022)

  • #20125 [BUGFIX] Replace deprecated substr() method with substring() method.

v4.5.1 (July 25, 2022)

  • #20120 [BUGFIX] Adjust uniqueId() implementation to only generate valid selectors.

... (truncated)

Commits
  • 04b543e Release v4.8.1
  • 9c226d3 Add v4.8.1 to CHANGELOG
  • 0854ce8 Fix prototype pollution bug
  • 9c1f4f4 Release v4.8.0
  • 9021de5 Add v4.8.0 to CHANGELOG
  • 2905183 Release v4.8.0-beta.5
  • 6dc3b42 Add v4.8.0-beta.5 to CHANGELOG
  • 2c4e000 Remove Function and String from EXTEND_PROTOTYPES type
  • 57d73f1 [BUGFIX beta] remove wrong exports from preview routing types
  • bc69685 Release v4.8.0-beta.4
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

Superseded by #370.