search

cisagov / cyber.dhs.gov

A site for CISA directives
https://cyber.dhs.gov
Other
157 stars 61 forks source link

[Snyk] Upgrade uswds from 2.13.2 to 2.13.3 #335

Closed snyk-bot closed 4 months ago

snyk-bot commented 2 years ago

Snyk has created this PR to upgrade uswds from 2.13.2 to 2.13.3.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Release notes
Package name: uswds
  • 2.13.3 - 2022-04-11

    What's new in USWDS 2.13.3

    Improvements and bug fixes

    • All components support High Contrast Mode and forced colors. All our components now support proper display when users have a forced colors mode set in their operating system. (#4610)
    • Big Footer includes more accessible disclosure buttons. Now the Big Footer variant uses more accessible disclosure buttons for showing and hiding submenus at mobile widths. Thanks @ mherchel! (#4476)
    • Allow default value in Time Picker. If the enhanced Time Picker input has a value, the value is now respected during initialization. Thanks @ aduth! (#4488)

    Dependency updates

    dependency old new
    mocha 6.2.0 6.2.3

    Note: We're now pinning our dependencies to exact versions to be more intentional about the dependencies we use.

    0 vulnerabilities in regular dependencies (dependencies for USWDS projects installed with npm install uswds)

    Internal only: 4 low, 8 moderate, 19 high, 1 critical vulnerabilities in devDependencies (development dependencies)

    Release ZIP SHA-256 hash: ee183c713841b49f13e6ca7082b81cfd4b75ceff4d8ee4d6ea2cc61241139e68

  • 2.13.2 - 2022-03-07

    What's new in USWDS 2.13.2

    Improvements and bug fixes

    • Fixed GitHub icon to prevent CSP flag. Resolves an error which can occur when using the USWDS Icon component SVG sprite in combination with a Content Security Policy (CSP), where the presence of an inline style tag within the GitHub icon can violate most common CSPs which do not include the unsafe-inline style-src directive. Thanks @ aduth! (#4487)
    • Fixed Big Footer expanded display. Fixes an issue where the Big Footer variant does not show the proper expanded display at exactly 480px. Thanks @ jkjustjoshing! (#4525, #4531, and #4551)
    • Add proper aria-controls to Combo Box. Now the Combo Box input gets the expected aria-controls property when it's initialized. (#4483)

    Dependency updates

    dependency old new
    postcss-csso 5.0.1 6.0.0

    0 vulnerabilities in regular dependencies (dependencies for USWDS projects installed with npm install uswds)

    Internal only: 4 low, 17 moderate, 22 high, 1 critical vulnerabilities in devDependencies (development dependencies)

    Release ZIP SHA-256 hash: c869a7b5d0ebc5b8f44645782bad39faccdb272b1e38a077586ce94e2b09c4cd

from uswds GitHub release notes
Commit messages
Package name: uswds
  • 974f976 Merge pull request #4619 from uswds/release-2.13.3
  • 80e90c5 Create uswds-2.13.3-zip-hash.txt
  • ef87a9c 2.13.3
  • b546756 Revert version and security hash to prep for re-output
  • 54da400 Update references to 2.13.3
  • 0952fe6 Create uswds-2.13.3-zip-hash.txt
  • a503ef0 2.13.3
  • 641a6ed Update `mocha` to resolve minimist vulnerability
  • cfee857 Merge pull request #4620 from uswds/develop
  • 8349ad2 Merge pull request #4618 from uswds/dependabot/npm_and_yarn/moment-2.29.2
  • 01af019 Merge pull request #4488 from aduth/aduth-time-picker-initial-value
  • f12565a Bump moment from 2.29.1 to 2.29.2
  • fc6df77 Revert "Use data attribute for default value"
  • 88b648e Merge pull request #4476 from mherchel/4475-footer-buttons
  • 731748f Use data attribute for default value
  • 32efd2a Merge branch 'develop' of github.com:uswds/uswds into pr/mherchel/4476
  • c997096 Merge pull request #4548 from uswds/jm-update-security-email
  • a91c817 Merge pull request #4572 from uswds/jm-update-tablet-lg-comment
  • ab9ad6c Merge pull request #4615 from uswds/dw-pin-deps
  • 1acc8d1 Merge pull request #4610 from uswds/cm-high-contrast-a11y
  • 8801626 Only look to change header element if using big footer variant
  • 95ed2df Fix mistake :)
  • 9dd0615 Remove unnecessary usage of template literals
  • a9c6ce6 Linting and unnecessary button id
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

mcdonnnj commented 4 months ago

Snyk has been removed from the organization.