ant-design / ant-design-web3

🥳 Efficient react components for building dapps easier | Connect crypto wallets and more Web3 UI components | Web3 icons | Supports Ethereum, Solana, Bitcoin, TON, Sui and others.
https://web3.ant.design
MIT License
897 stars 149 forks source link

chore(deps): bump the npm_and_yarn group with 8 updates #1174

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 2 months ago

Bumps the npm_and_yarn group with 8 updates:

Package From To
braces 3.0.2 3.0.3
express 4.19.2 4.21.0
fast-xml-parser 4.3.6 4.5.0
path-to-regexp 0.1.7 0.1.10
send 0.18.0 0.19.0
serve-static 1.15.0 1.16.2
webpack 5.91.0 5.94.0
ws 6.2.2 6.2.3

Updates braces from 3.0.2 to 3.0.3

Commits


Updates express from 4.19.2 to 4.21.0

Release notes

Sourced from express's releases.

4.21.0

What's Changed

New Contributors

Full Changelog: https://github.com/expressjs/express/compare/4.20.0...4.21.0

4.20.0

What's Changed

Important

  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect

Other Changes

... (truncated)

Changelog

Sourced from express's changelog.

4.21.0 / 2024-09-11

  • Deprecate res.location("back") and res.redirect("back") magic string
  • deps: serve-static@1.16.2
    • includes send@0.19.0
  • deps: finalhandler@1.3.1
  • deps: qs@6.13.0

4.20.0 / 2024-09-10

  • deps: serve-static@0.16.0
    • Remove link renderization in html while redirecting
  • deps: send@0.19.0
    • Remove link renderization in html while redirecting
  • deps: body-parser@0.6.0
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: path-to-regexp@0.1.10
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie
Commits


Updates fast-xml-parser from 4.3.6 to 4.5.0

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

4.5.0 / 2024-09-03

  • feat #666: ignoreAttributes support function, and array of string or regex (By ArtemM)

4.4.1 / 2024-07-28

  • v5 fix: maximum length limit to currency value
  • fix #634: build attributes with oneListGroup and attributesGroupName (#653)(By Andreas Naziris)
  • fix: get oneListGroup to work as expected for array of strings (#662)(By Andreas Naziris)

4.4.0 / 2024-05-18

  • fix #654: parse attribute list correctly for self closing stop node.
  • fix: validator bug when closing tag is not opened. (#647) (By Ryosuke Fukatani)
  • fix #581: typings; return type of tagValueProcessor & attributeValueProcessor (#582) (By monholm)

4.3.6 / 2024-03-16

4.3.5 / 2024-02-24

  • code for v5 is added for experimental use

4.3.4 / 2024-01-10

  • fix: Don't escape entities in CDATA sections (#633) (By wackbyte)

4.3.3 / 2024-01-10

  • Remove unnecessary regex

4.3.2 / 2023-10-02

4.3.1 / 2023-09-24

  • revert back "Fix typings for builder and parser to make return type generic" to avoid failure of existing projects. Need to decide a common approach.

4.3.0 / 2023-09-20

4.2.7 / 2023-07-30

  • Fix: builder should set text node correctly when only textnode is present (#589) (By qianqing)
  • Fix: Fix for null and undefined attributes when building xml (#585) (#598). A null or undefined value should be ignored. (By Eugenio Ceschia)

4.2.6 / 2023-07-17

4.2.5 / 2023-06-22

  • change code implementation

4.2.4 / 2023-06-06

  • fix security bug

... (truncated)

Commits
  • 7ed4606 update package detail
  • 98d8f47 feat #666: add selective ignoreAttributes by pattern or callback (#668)
  • d40e29c update package detail and browser bundles
  • d0bfe8a fix maxlength for currency value
  • 2c14fcf Update bug-report-or-unexpected-output.md
  • acf610f fix #634: build attributes with oneListGroup and attributesGroupName (#653)
  • 931e910 fix: get oneListGroup to work as expected for array of strings (#662)
  • b8e40c8 Update ISSUE_TEMPLATE.md
  • a6265ba chore: add trend image (#658)
  • db1c548 redesign README.md
  • Additional commits viewable in compare view


Updates path-to-regexp from 0.1.7 to 0.1.10

Release notes

Sourced from path-to-regexp's releases.

Backtrack protection

Fixed

  • Add backtrack protection to parameters 29b96b4
    • This will break some edge cases but should improve performance

https://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10

Support non-lookahead regex output

Added

  • Allow a non-lookahead regex (#312) c4272e4

https://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9

Support named matching groups in RegExp

Added

  • Add support for named matching groups (#301) 114f62d

https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8

Commits


Updates send from 0.18.0 to 0.19.0

Release notes

Sourced from send's releases.

0.19.0

What's Changed

New Contributors

Full Changelog: https://github.com/pillarjs/send/compare/0.18.0...0.19.0

Changelog

Sourced from send's changelog.

0.19.0 / 2024-09-10

  • Remove link renderization in html while redirecting
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for send since your current version.


Updates serve-static from 1.15.0 to 1.16.2

Release notes

Sourced from serve-static's releases.

1.16.0

What's Changed

New Contributors

Full Changelog: https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0

Changelog

Sourced from serve-static's changelog.

1.16.2 / 2024-09-11

  • deps: encodeurl@~2.0.0

1.16.1 / 2024-09-11

  • deps: send@0.19.0

1.16.0 / 2024-09-10

  • Remove link renderization in html while redirecting
Commits
Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for serve-static since your current version.


Updates webpack from 5.91.0 to 5.94.0

Release notes

Sourced from webpack's releases.

v5.94.0

Bug Fixes

  • Added runtime condition for harmony reexport checked
  • Handle properly data/http/https protocols in source maps
  • Make bigint optimistic when browserslist not found
  • Move @​types/eslint-scope to dev deps
  • Related in asset stats is now always an array when no related found
  • Handle ASI for export declarations
  • Mangle destruction incorrect with export named default properly
  • Fixed unexpected asi generation with sequence expression
  • Fixed a lot of types

New Features

  • Added new external type "module-import"
  • Support webpackIgnore for new URL() construction
  • [CSS] @import pathinfo support

Security

  • Fixed DOM clobbering in auto public path

v5.93.0

Bug Fixes

  • Generate correct relative path to runtime chunks
  • Makes DefinePlugin quieter under default log level
  • Fixed mangle destructuring default in namespace import
  • Fixed consumption of eager shared modules for module federation
  • Strip slash for pretty regexp
  • Calculate correct contenthash for CSS generator options

New Features

  • Added the binary generator option for asset modules to explicitly keep source maps produced by loaders
  • Added the modern-module library value for tree shakable output
  • Added the overrideStrict option to override strict or non-strict mode for javascript modules

v5.92.1

Bug Fixes

  • Doesn't crash with an error when the css experiment is enabled and contenthash is used

v5.92.0

Bug Fixes

  • Correct tidle range's comutation for module federation
  • Consider runtime for pure expression dependency update hash
  • Return value in the subtractRuntime function for runtime logic

... (truncated)

Commits
  • eabf85d chore(release): 5.94.0
  • 955e057 security: fix DOM clobbering in auto public path
  • 9822387 test: fix
  • cbb86ed test: fix
  • 5ac3d7f fix: unexpected asi generation with sequence expression
  • 2411661 security: fix DOM clobbering in auto public path
  • b8c03d4 fix: unexpected asi generation with sequence expression
  • f46a03c revert: do not use heuristic fallback for "module-import"
  • 60f1898 fix: do not use heuristic fallback for "module-import"
  • 66306aa Revert "fix: module-import get fallback from externalsPresets"
  • Additional commits viewable in compare view


Updates ws from 6.2.2 to 6.2.3

Release notes

Sourced from ws's releases.

6.2.3

Bug fixes

  • Backported e55e5106 to the 6.x release line (eeb76d31).
Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ant-design/ant-design-web3/network/alerts).
vercel[bot] commented 2 months ago

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
ant-design-web3 ✅ Ready (Inspect) Visit Preview 💬 Add feedback Sep 19, 2024 6:47pm
changeset-bot[bot] commented 2 months ago

⚠️ No Changeset found

Latest commit: 714249735ced5d13ea0befbf1141aa298aa01b39

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

github-actions[bot] commented 2 months ago

Preview is ready

socket-security[bot] commented 2 months ago

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@ant-design/cssinjs@1.21.1 environment +3 553 kB madccc
npm/@ant-design/icons@5.3.7 environment +4 15.4 MB afc163
npm/@changesets/changelog-git@0.2.0 None +1 31.9 kB changesets-release-bot
npm/@changesets/cli@2.27.7 environment, filesystem, shell +21 2.1 MB changesets-release-bot
npm/@ctrl/tinycolor@4.1.0 None 0 244 kB scttcper
npm/@ianvs/prettier-plugin-sort-imports@4.3.1 environment, unsafe Transitive: filesystem +27 7.95 MB ianvs
npm/@inline-svg-unique-id/react@1.2.3 None 0 10.7 kB laleksiunas
npm/@metaplex-foundation/js@0.20.1 network Transitive: environment, filesystem +77 47.2 MB blockiosaurus
npm/@mysten/dapp-kit@0.14.17 Transitive: network +32 5.5 MB ebmifa
npm/@mysten/sui@1.7.0 None +9 10.1 MB ebmifa
npm/@solana/wallet-adapter-base@0.9.23 None +1 143 kB jordansexton
npm/@solana/wallet-adapter-coinbase@0.1.19 Transitive: network +6 13.9 MB jordansexton
npm/@solana/wallet-adapter-phantom@0.9.24 None 0 67 kB jordansexton
npm/@solana/wallet-adapter-react@0.15.35 None +13 3.75 MB jordansexton
npm/@solana/wallet-adapter-trust@0.1.13 Transitive: network +6 14 MB jordansexton
npm/@solana/web3.js@1.89.1 network +4 13.5 MB lorisleiva
npm/@tanstack/query-sync-storage-persister@5.52.0 Transitive: environment +2 2.21 MB tannerlinsley
npm/@tanstack/react-query-persist-client@5.52.1 Transitive: environment +2 2.22 MB nksaraf, tannerlinsley
npm/@tanstack/react-query@5.51.11 environment +1 3.11 MB tannerlinsley
npm/@testing-library/react@16.0.1 environment +7 3.36 MB testing-library-bot
npm/@tonconnect/sdk@3.0.3 network +3 1.06 MB thekiba
npm/@types/debug@4.1.12 None +1 9.65 kB types
npm/@types/lodash-es@4.17.12 None +1 938 kB types
npm/@types/node@22.1.0 None 0 2.08 MB types
npm/@types/react-copy-to-clipboard@5.0.7 None 0 4.36 kB types
npm/@types/react-dom@18.3.0 None 0 37.8 kB types
npm/@types/react@18.3.5 None +1 444 kB types

🚮 Removed packages: npm/classnames@2.5.1, npm/copy-to-clipboard@3.3.3, npm/cross-env@7.0.3, npm/lodash-es@4.17.21, npm/lodash@4.17.21

View full report↗︎

dependabot[bot] commented 2 months ago

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml