search

craftcms / europa-museum

Craft CMS demo site.
https://craftcms.com/demo?kind=europa
BSD Zero Clause License
47 stars 24 forks source link

Bump cacheable-request, snyk and critical #46

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps cacheable-request to 10.2.7 and updates ancestor dependencies cacheable-request, snyk and critical. These dependencies need to be updated together.

Updates cacheable-request from 2.1.4 to 10.2.7

Release notes

Sourced from cacheable-request's releases.

v10.2.6

Fix for memory leak on Listeners

The listener was not being removed on response and just error but new handlers were being added causing a memory leak.

line 220 in src/index.ts was modified to remove the listener on response also 

         if (this.cache instanceof Keyv) {
                const cachek = this.cache;
                cachek.once('error', errorHandler);
                ee.on('error', () => cachek.removeListener('error', errorHandler));
                ee.on('response', () => cachek.removeListener('error', errorHandler));
            }

What's Changed

Full Changelog: https://github.com/jaredwray/cacheable-request/compare/v10.2.5...v10.2.6

v10.2.5

Types definition issue with http-cache-sematics as that type definition needs to be in dependencies. Thanks @​Maxim-Mazurok

What's Changed

Full Changelog: https://github.com/jaredwray/cacheable-request/compare/v10.2.4...v10.2.5

v10.2.4

Minor updates with one exception is that we removed @types/http-cache-semantics from the main dependencies as it does not look to be needed.

What's Changed

Full Changelog: https://github.com/jaredwray/cacheable-request/compare/v10.2.3...v10.2.4

v10.2.3 Maintenance Release

Upgrading core modules in the system such as keyv and also a minor fix to an uncaught exception that we were seeing referenced here: sindresorhus/got#1925

Additional update is moving normalize-url to 8.0.0 which after testing it looks to not affect anything but will post the release notes here: https://github.com/sindresorhus/normalize-url/releases/tag/v8.0.0

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by jaredwray, a new releaser for cacheable-request since your current version.


Updates snyk from 1.661.0 to 1.1100.0

Release notes

Sourced from snyk's releases.

v1.1100.0

1.1100.0 (2023-02-08)

Features

  • Revert the Release of the Extensible CLI via npm (91074c3)

v1.1099.0

1.1099.0 (2023-02-08)

Features

  • use date to create filename (0e9be6f)

v1.1098.0

1.1098.0 (2023-02-08)

Features

  • Release Extensible CLI via npm (f198761)

v1.1097.0

1.1097.0 (2023-02-06)

Bug Fixes

  • maven aggregate project test scope (3618d6a)

v1.1096.0

1.1096.0 (2023-02-03)

Features

  • improve deployment testing (1750ebd)

v1.1095.0

1.1095.0 (2023-02-02)

Features

  • upgrade snyk-iac-test to 0.39.0 (3fc1dab)

v1.1094.0

1.1094.0 (2023-02-01)

... (truncated)

Commits
  • 9478b01 Merge pull request #4392 from snyk/feat/HEAD-57_ext_cli_to_npm_revert
  • 7e845a5 Merge pull request #4393 from snyk/feat/HEAD-57_improve_tmp_file_handling
  • 91074c3 feat: Revert the Release of the Extensible CLI via npm
  • 0e9be6f feat: use date to create filename
  • 1c40a37 Merge pull request #4383 from snyk/feat/HEAD-57_ext_cli_to_npm
  • f198761 feat: Release Extensible CLI via npm
  • 99b2db8 Merge pull request #4384 from snyk/fix/maven-aggregate-project-test-scope
  • 3618d6a fix: maven aggregate project test scope
  • 83eaba1 Merge pull request #4382 from snyk/feat/HEAD-3_deployment_tests
  • 1750ebd feat: improve deployment testing
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by snyk-admin, a new releaser for snyk since your current version.


Updates critical from 1.3.10 to 5.0.4

Release notes

Sourced from critical's releases.

v5.0.4

  • Bump dependencies (#548) 17afde1

https://github.com/addyosmani/critical/compare/v5.0.3...v5.0.4

v5.0.3

  • Allow multiple --css flags in cli (fixes #514) (#546) 5077dc0
  • Bump dependencies (#545) 6651b7c

https://github.com/addyosmani/critical/compare/v5.0.2...v5.0.3

Thanks to @​josenobile

v5.0.2

  • bump dependencies (#544) 116b9c3

https://github.com/addyosmani/critical/compare/v5.0.1...v5.0.2

v5.0.1

  • adds missing exports in package.json 80d6d26
  • Update README.md 4749fb3

https://github.com/addyosmani/critical/compare/v5.0.0...v5.0.1

v5.0.0

Breaking

  • Require Node.js 14.16
  • This package is now pure ESM. Please read this.

New Contributors

Full Changelog: https://github.com/addyosmani/critical/compare/v4.0.1...v5.0.0

v4.0.1

  • Adds support for media attribute on link elements (#510) f6aadc9
  • Npm audit fix 24e2266
  • Bump normalize-url from 4.5.0 to 4.5.1 (#502) 4c8988c
  • Bump trim-newlines from 3.0.0 to 3.0.1 (#501) 8e5beb8

https://github.com/addyosmani/critical/compare/v4.0.0...v4.0.1

v4.0.0

Maintenance

  • Bump dependencies 26e8b7c
  • Bump ws from 6.2.1 to 6.2.2 (#500) 712122d
  • Adds node 16 to ci matrix 143c398
  • Removes link to changelog c2b14d9
  • Fix config test fdd5705

... (truncated)

Changelog

Sourced from critical's changelog.

v2.0.0 / 2020-06-16

  • Drop support for Node.js < 10
  • Bump dependencies
  • Use Jest for testing
  • Drop include and timeout options as they can be specified in the penthouse options.
  • Drop options styleTarget & dest in favour of target You can specify either a css file, an html file or an object {css: dest.css, html: dest.html} if you want to store both. We may also add an extract target here in a future release.
  • Drop options destFolder, folder and pathPrefix. We tried our best to improve the way critical auto-detects the paths to used assets in the critical css which should suit for most cases. If this doesn't work out you can use the new rebase option to either specify the location of the css & the html file like this: {from: '/styles/main.css', to: '/en/test.html'}. You can also pass a callback function to dynamically compute the path or specify a cdn for example. We utilize postcss-url for this task.
  • Due to some limitations with modern css features we replaced filter-css as the library of choice for handling ignores with postcss-discard. We tried to keep things backwards compatible but you may have to change your ignore configuration.
  • Add concurrency option to specify how many operations can run in parallel.
  • Add the ability to specify used css files using file globs. See supported minimatch patterns.

v1.3.4 / 2018-07-19

  • fix: return Promise.reject instead of re-throw
  • fix: handle PAGE_UNLOADED_DURING_EXECUTION error (#314)
  • output warning on invalid extract setting
  • Add user agent option (#316)
  • Bump dependencies
  • npm audit fix

v1.3.3 / 2018-06-06

  • Bump dependencies
  • Docs: fix typo (#310)
  • Reduced vulnerabilities (#308)

v1.3.2 / 2018-05-15

  • Switched to async-exit-hook

v1.3.1 / 2018-05-14

  • Bump dependencies
  • Removed process.exit on cleanup
  • Adding html-webpack-critical-plugin to README (#306)

v1.3.0 / 2018-05-02

  • Add basic auth option (#295)

v1.2.2 / 2018-04-02

  • Improved handling of protocol-relative asset URLs (#288)
  • Adjust test files according to (#293)
  • Improve error reporting (#258)
  • Replace gutil with fancy-log (#297)
  • Update README.md (#296)

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/craftcms/europa-museum/network/alerts).