search

duckduckgo / duckduckgo-privacy-extension

DuckDuckGo Privacy Essentials browser extension for Firefox, Chrome.
https://duckduckgo.com/app
Apache License 2.0
1.21k stars 242 forks source link

Bump the external-dependencies group with 10 updates #2489

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 3 months ago

Bumps the external-dependencies group with 10 updates:

Package From To
dexie 3.2.5 4.0.1
i18next 23.10.0 23.10.1
tldts 6.1.11 6.1.16
@types/chrome 0.0.262 0.0.263
@types/node 20.11.24 20.12.2
esbuild 0.20.1 0.20.2
glob 10.3.10 10.3.12
sass 1.71.1 1.72.0
typescript 5.3.3 5.4.3
mocha 10.3.0 10.4.0

Updates dexie from 3.2.5 to 4.0.1

Release notes

Sourced from dexie's releases.

Dexie v4.0.1

Dexie 4 Stable

After 3 years is alpha and beta, and a week in RC, Dexie@4 is finally out!

Changed Version Handling (PR #1880)

  • Dexie@4 accepts upgrading schema WITHOUT incrementing the version number.
  • Dexie@4 is now able to open a previous version of the database without throwing VersionError.

It's still recommended to increment version number when schema has been updated before publishing new versions of an application since it can make opening the db fractions of ms faster. But it's not required.

(If the native version has diverged from the declared version - which happen when extending schema without incrementing version, dexie need to increment the native version to extend schema - and after a page refresh dexie will detect diverged version by catching VersionError and will redo open with the exact installed version under the hood. When measuring the extra time to open an older version in indexedDB and catch VersionError 10,000 times, it only took 1000 ms - 0.1 ms per try (on a macbook pro), so it should be negligible (https://jsfiddle.net/dfahlander/9tg13fwk/19/))

Cache

Non-transactional live queries utilize memory cache to assist in query resolution. It is possible to opt-out from using the cache using the option {cache: 'disabled'}. The cache can greatly improve simple pure range-based live queries and reduce the queries towards IndexedDB by reusing common queries from different components. The cache will be continously developed and optimized further to improve the new paging support in Dexie 5.0.

Workarounds for flaky browsers

Dexie 4 catches various issues in the IndexedDB support for Chrome and Safari. Without dexie@4 tranasactions and write operations can suddenly fail in modern versions of Chrome and Safari but dexie makes sure to protect the end user from experience any issues. It does this by reopening the database or redoing the transaction when these things happen - all without the developer having to worry about it. See issues #543 and #613. (A close upcoming release on the 4.0-track will also address #1660 and #1829).

Supports Dexie Cloud

With Dexie 4.0, you can optionally use dexie-cloud-addon and connect your local database with a cloud based database. Dexie Cloud is a complete solution for authorization and synchronization of personal data with support for sharing data between users.

Improved Typing

Dexie 4 has some improved typing. Specifically, https://github.com/dexie/Dexie.js/blob/HEAD[https://github.com/dexie/Dexie.js/blob/HEADChttps://github.com/dexie/Dexie.js/blob/HEADohttps://github.com/dexie/Dexie.js/blob/HEADlhttps://github.com/dexie/Dexie.js/blob/HEADlhttps://github.com/dexie/Dexie.js/blob/HEADehttps://github.com/dexie/Dexie.js/blob/HEADchttps://github.com/dexie/Dexie.js/blob/HEADthttps://github.com/dexie/Dexie.js/blob/HEADihttps://github.com/dexie/Dexie.js/blob/HEADohttps://github.com/dexie/Dexie.js/blob/HEADnhttps://github.com/dexie/Dexie.js/blob/HEAD.https://github.com/dexie/Dexie.js/blob/HEADmhttps://github.com/dexie/Dexie.js/blob/HEADohttps://github.com/dexie/Dexie.js/blob/HEADdhttps://github.com/dexie/Dexie.js/blob/HEADihttps://github.com/dexie/Dexie.js/blob/HEADfhttps://github.com/dexie/Dexie.js/blob/HEADyhttps://github.com/dexie/Dexie.js/blob/HEAD(https://github.com/dexie/Dexie.js/blob/HEAD)https://github.com/dexie/Dexie.js/blob/HEAD]https://github.com/dexie/Dexie.js/blob/HEAD(https://github.com/dexie/Dexie.js/blob/HEADhttps://github.com/dexie/Dexie.js/blob/HEAD/https://github.com/dexie/Dexie.js/blob/HEADdhttps://github.com/dexie/Dexie.js/blob/HEADohttps://github.com/dexie/Dexie.js/blob/HEADchttps://github.com/dexie/Dexie.js/blob/HEADshttps://github.com/dexie/Dexie.js/blob/HEAD/https://github.com/dexie/Dexie.js/blob/HEADChttps://github.com/dexie/Dexie.js/blob/HEADohttps://github.com/dexie/Dexie.js/blob/HEADlhttps://github.com/dexie/Dexie.js/blob/HEADlhttps://github.com/dexie/Dexie.js/blob/HEADehttps://github.com/dexie/Dexie.js/blob/HEADchttps://github.com/dexie/Dexie.js/blob/HEADthttps://github.com/dexie/Dexie.js/blob/HEADihttps://github.com/dexie/Dexie.js/blob/HEADohttps://github.com/dexie/Dexie.js/blob/HEADnhttps://github.com/dexie/Dexie.js/blob/HEAD/https://github.com/dexie/Dexie.js/blob/HEADChttps://github.com/dexie/Dexie.js/blob/HEADohttps://github.com/dexie/Dexie.js/blob/HEADlhttps://github.com/dexie/Dexie.js/blob/HEADlhttps://github.com/dexie/Dexie.js/blob/HEADehttps://github.com/dexie/Dexie.js/blob/HEADchttps://github.com/dexie/Dexie.js/blob/HEADthttps://github.com/dexie/Dexie.js/blob/HEADihttps://github.com/dexie/Dexie.js/blob/HEADohttps://github.com/dexie/Dexie.js/blob/HEADnhttps://github.com/dexie/Dexie.js/blob/HEAD.https://github.com/dexie/Dexie.js/blob/HEADmhttps://github.com/dexie/Dexie.js/blob/HEADohttps://github.com/dexie/Dexie.js/blob/HEADdhttps://github.com/dexie/Dexie.js/blob/HEADihttps://github.com/dexie/Dexie.js/blob/HEADfhttps://github.com/dexie/Dexie.js/blob/HEADyhttps://github.com/dexie/Dexie.js/blob/HEAD(https://github.com/dexie/Dexie.js/blob/HEAD)https://github.com/dexie/Dexie.js/blob/HEAD) and https://github.com/dexie/Dexie.js/blob/HEAD[https://github.com/dexie/Dexie.js/blob/HEADThttps://github.com/dexie/Dexie.js/blob/HEADahttps://github.com/dexie/Dexie.js/blob/HEADbhttps://github.com/dexie/Dexie.js/blob/HEADlhttps://github.com/dexie/Dexie.js/blob/HEADehttps://github.com/dexie/Dexie.js/blob/HEAD.https://github.com/dexie/Dexie.js/blob/HEADuhttps://github.com/dexie/Dexie.js/blob/HEADphttps://github.com/dexie/Dexie.js/blob/HEADdhttps://github.com/dexie/Dexie.js/blob/HEADahttps://github.com/dexie/Dexie.js/blob/HEADthttps://github.com/dexie/Dexie.js/blob/HEADehttps://github.com/dexie/Dexie.js/blob/HEAD(https://github.com/dexie/Dexie.js/blob/HEAD)https://github.com/dexie/Dexie.js/blob/HEAD]https://github.com/dexie/Dexie.js/blob/HEAD(https://github.com/dexie/Dexie.js/blob/HEADhttps://github.com/dexie/Dexie.js/blob/HEAD/https://github.com/dexie/Dexie.js/blob/HEADdhttps://github.com/dexie/Dexie.js/blob/HEADohttps://github.com/dexie/Dexie.js/blob/HEADchttps://github.com/dexie/Dexie.js/blob/HEADshttps://github.com/dexie/Dexie.js/blob/HEAD/https://github.com/dexie/Dexie.js/blob/HEADThttps://github.com/dexie/Dexie.js/blob/HEADahttps://github.com/dexie/Dexie.js/blob/HEADbhttps://github.com/dexie/Dexie.js/blob/HEADlhttps://github.com/dexie/Dexie.js/blob/HEADehttps://github.com/dexie/Dexie.js/blob/HEAD/https://github.com/dexie/Dexie.js/blob/HEADThttps://github.com/dexie/Dexie.js/blob/HEADahttps://github.com/dexie/Dexie.js/blob/HEADbhttps://github.com/dexie/Dexie.js/blob/HEADlhttps://github.com/dexie/Dexie.js/blob/HEADehttps://github.com/dexie/Dexie.js/blob/HEAD.https://github.com/dexie/Dexie.js/blob/HEADuhttps://github.com/dexie/Dexie.js/blob/HEADphttps://github.com/dexie/Dexie.js/blob/HEADdhttps://github.com/dexie/Dexie.js/blob/HEADahttps://github.com/dexie/Dexie.js/blob/HEADthttps://github.com/dexie/Dexie.js/blob/HEADehttps://github.com/dexie/Dexie.js/blob/HEAD(https://github.com/dexie/Dexie.js/blob/HEAD)https://github.com/dexie/Dexie.js/blob/HEAD) use template literals to suggest code completion and type checking of keypaths to update.

Distinguish insert- from output types

The type passed to db.table.add() can be different from the type returned from db.table.get() and tb.table.toArray(). This mirrors reality better since some properties may be optional when adding (such as an auto-incremented primary key or dexie-cloud properties realmId and owner).

The generic type Table<T, TKey> is extended with a 3rd optional parameter TInsertType making it possible to declare a table as such:

class MyDB extends Dexie {
  friends!: Table<
    { id: number; name: string; age: number }, // T (id is always there)
    number, // TKey (type of primary key)
    { id?: number; name: string; age: number } // TInsertType (id is optional)
  >;
}

A new helper generic EntityTable<T> also exists as a "don't repeat yourself" sugar on top of this, and will also omit any method on the type. In case the type is a mapped class with helper methods, you are still able to pass simple POJO objects to add() and put() with only data properties.

</tr></table>

... (truncated)

Commits
  • 396b884 Build output
  • 5894f19 Merge remote-tracking branch 'origin/releases'
  • f7d3708 Releasing v4.0.1
  • 77a7f59 Releasing dexie-cloud-addon@4.0.1 (stable)
  • cc4962b Releasing dexie-cloud-addon@4.0.1-rc.3
  • 1c4328e Restart websocket flow if persistedSyncState isnt loaded
  • 33fdadd Fix tmp error on logout: cannot read undefined (serverRevision)
  • 3265585 Releasing dexie-cloud-addon@4.0.1-rc.1
  • 057b257 Remove yarn.lock from todo-app example
  • 03b027d Build output
  • Additional commits viewable in compare view


Updates i18next from 23.10.0 to 23.10.1

Release notes

Sourced from i18next's releases.

v23.10.1

Changelog

Sourced from i18next's changelog.

23.10.1

Commits


Updates tldts from 6.1.11 to 6.1.16

Release notes

Sourced from tldts's releases.

v6.1.16

:scroll: Update Public Suffix List

:nut_and_bolt: Dependencies

Authors: 2

v6.1.15

:scroll: Update Public Suffix List

  • tldts-experimental, tldts

:nut_and_bolt: Dependencies

Authors: 2

v6.1.14

:scroll: Update Public Suffix List

  • tldts-experimental, tldts

:nut_and_bolt: Dependencies

... (truncated)

Changelog

Sourced from tldts's changelog.

v6.1.16 (Fri Mar 29 2024)

:scroll: Update Public Suffix List

:nut_and_bolt: Dependencies

Authors: 2

v6.1.15 (Wed Mar 27 2024)

:scroll: Update Public Suffix List

  • tldts-experimental, tldts

:nut_and_bolt: Dependencies

Authors: 2

v6.1.14 (Thu Mar 21 2024)

:scroll: Update Public Suffix List

  • tldts-experimental, tldts

:nut_and_bolt: Dependencies

... (truncated)

Commits


Updates @types/chrome from 0.0.262 to 0.0.263

Commits


Updates @types/node from 20.11.24 to 20.12.2

Commits


Updates esbuild from 0.20.1 to 0.20.2

Release notes

Sourced from esbuild's releases.

v0.20.2

  • Support TypeScript experimental decorators on abstract class fields (#3684)

    With this release, you can now use TypeScript experimental decorators on abstract class fields. This was silently compiled incorrectly in esbuild 0.19.7 and below, and was an error from esbuild 0.19.8 to esbuild 0.20.1. Code such as the following should now work correctly:

    // Original code
const log = (x: any, y: string) => console.log(y)
abstract class Foo { @log abstract foo: string }
new class extends Foo { foo = '' }

    // Old output (with --loader=ts --tsconfig-raw={&quot;compilerOptions&quot;:{&quot;experimentalDecorators&quot;:true}})
const log = (x, y) => console.log(y);
class Foo {
}
new class extends Foo {
foo = "";
}();
    

    // New output (with --loader=ts --tsconfig-raw={&quot;compilerOptions&quot;:{&quot;experimentalDecorators&quot;:true}})
const log = (x, y) => console.log(y);
class Foo {
}
__decorateClass([
log
], Foo.prototype, "foo", 2);
new class extends Foo {
foo = "";
}();

  • JSON loader now preserves __proto__ properties (#3700)

    Copying JSON source code into a JavaScript file will change its meaning if a JSON object contains the __proto__ key. A literal __proto__ property in a JavaScript object literal sets the prototype of the object instead of adding a property named __proto__, while a literal __proto__ property in a JSON object literal just adds a property named __proto__. With this release, esbuild will now work around this problem by converting JSON to JavaScript with a computed property key in this case:

    // Original code
import data from 'data:application/json,{"__proto__":{"fail":true}}'
if (Object.getPrototypeOf(data)?.fail) throw 'fail'

    // Old output (with --bundle)
(() => {
// <data:application/json,{"proto":{"fail":true}}>
var json_proto_fail_true_default = { proto: { fail: true } };
    

    // entry.js
if (Object.getPrototypeOf(json_proto_fail_true_default)?.fail)
throw "fail";
})();

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.20.2

  • Support TypeScript experimental decorators on abstract class fields (#3684)

    With this release, you can now use TypeScript experimental decorators on abstract class fields. This was silently compiled incorrectly in esbuild 0.19.7 and below, and was an error from esbuild 0.19.8 to esbuild 0.20.1. Code such as the following should now work correctly:

    // Original code
const log = (x: any, y: string) => console.log(y)
abstract class Foo { @log abstract foo: string }
new class extends Foo { foo = '' }

    // Old output (with --loader=ts --tsconfig-raw={&quot;compilerOptions&quot;:{&quot;experimentalDecorators&quot;:true}})
const log = (x, y) => console.log(y);
class Foo {
}
new class extends Foo {
foo = "";
}();
    

    // New output (with --loader=ts --tsconfig-raw={&quot;compilerOptions&quot;:{&quot;experimentalDecorators&quot;:true}})
const log = (x, y) => console.log(y);
class Foo {
}
__decorateClass([
log
], Foo.prototype, "foo", 2);
new class extends Foo {
foo = "";
}();

  • JSON loader now preserves __proto__ properties (#3700)

    Copying JSON source code into a JavaScript file will change its meaning if a JSON object contains the __proto__ key. A literal __proto__ property in a JavaScript object literal sets the prototype of the object instead of adding a property named __proto__, while a literal __proto__ property in a JSON object literal just adds a property named __proto__. With this release, esbuild will now work around this problem by converting JSON to JavaScript with a computed property key in this case:

    // Original code
import data from 'data:application/json,{"__proto__":{"fail":true}}'
if (Object.getPrototypeOf(data)?.fail) throw 'fail'

    // Old output (with --bundle)
(() => {
// <data:application/json,{"proto":{"fail":true}}>
var json_proto_fail_true_default = { proto: { fail: true } };
    

    // entry.js
if (Object.getPrototypeOf(json_proto_fail_true_default)?.fail)
throw "fail";
})();

... (truncated)

Commits


Updates glob from 10.3.10 to 10.3.12

Commits


Updates sass from 1.71.1 to 1.72.0

Release notes

Sourced from sass's releases.

Dart Sass 1.72.0

To install Sass 1.72.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

  • Support adjacent /s without whitespace in between when parsing plain CSS expressions.

  • Allow the Node.js pkg: importer to load Sass stylesheets for package.json exports field entries without extensions.

  • When printing suggestions for variables, use underscores in variable names when the original usage used underscores.

JavaScript API

  • Properly resolve pkg: imports with the Node.js package importer when arguments are passed to the JavaScript process.

See the full changelog for changes in earlier releases.

Changelog

Sourced from sass's changelog.

1.72.0

  • Support adjacent /s without whitespace in between when parsing plain CSS expressions.

  • Allow the Node.js pkg: importer to load Sass stylesheets for package.json exports field entries without extensions.

  • When printing suggestions for variables, use underscores in variable names when the original usage used underscores.

JavaScript API

  • Properly resolve pkg: imports with the Node.js package importer when arguments are passed to the JavaScript process.
Commits


Updates typescript from 5.3.3 to 5.4.3

Release notes

Sourced from typescript's releases.

TypeScript 5.4.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.4

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.4 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.4 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

... (truncated)

Commits
  • 6ea273c Update LKG
  • cd06f92 🤖 Pick PR #57853 (Revert PR 56161) into release-5.4 (#57854)
  • ca8e720 Update LKG
  • 010b188 release-5.4: Revert PR 56087 (#57850)
  • fc7006c Update LKG
  • b45a418 🤖 Pick PR #57801 (Distribute mapped types over array/...) into release-5.4 (#...
  • 609560f Bump version to 5.4.3 and LKG
  • f42605f 🤖 Pick PR #57746 (Revert "Defer processing of nested ...) into release-5.4 (#...
  • 485c7c5 Revert "Allow (non-assert) type predicates to narrow by discriminant"… (#57795)
  • 7f11456 🤖 Pick PR #57751 (Exclude generic string-like types f...) into release-5.4 (#...
  • Additional commits viewable in compare view


Updates mocha from 10.3.0 to 10.4.0

Release notes

Sourced from mocha's releases.

v10.4.0

10.4.0 / 2024-03-26

:tada: Enhancements

:bug: Fixes

:nut_and_bolt: Other

Changelog

Sourced from mocha's changelog.

10.4.0 / 2024-03-26

:tada: Enhancements

:bug: Fixes

:nut_and_bolt: Other

Commits
Maintainer changes

This version was pushed to npm by voxpelli, a new releaser for mocha since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 2 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.