search

duckduckgo / duckduckgo-privacy-extension

DuckDuckGo Privacy Essentials browser extension for Firefox, Chrome.
https://duckduckgo.com/app
Apache License 2.0
1.27k stars 245 forks source link

Bump the external-dependencies group across 1 directory with 9 updates #2716

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 2 months ago

Bumps the external-dependencies group with 9 updates in the / directory:

Package From To
i18next 23.12.2 23.14.0
tldts 6.1.38 6.1.41
@playwright/test 1.46.0 1.46.1
@types/chrome 0.0.269 0.0.270
@types/node 22.1.0 22.5.2
@types/webextension-polyfill 0.10.7 0.12.1
esbuild 0.23.0 0.23.1
glob 10.4.2 11.0.0
jsdom 24.1.1 25.0.0

Updates i18next from 23.12.2 to 23.14.0

Release notes

Sourced from i18next's releases.

v23.14.0

  • If backend errors with retry flag, set internal state to 0, so reloadingResources should work 147

v23.13.0

  • Cache output of getRule to optimize performance 2226

v23.12.7

  • revert last optimization to address 2227

v23.12.6

  • remove console.log statement 2227

v23.12.5

  • try to optimize last fix for 2227

v23.12.4

  • try to address 2227 without the removal of cached formatter for in-built formatters

v23.12.3

  • fix: Using a comma in a formatter parameter 2225
Changelog

Sourced from i18next's changelog.

23.14.0

  • If backend errors with retry flag, set internal state to 0, so reloadingResources should work 147

23.13.0

  • Cache output of getRule to optimize performance 2226

23.12.7

  • revert last optimization to address 2227

23.12.6

  • remove console.log statement 2227

23.12.5

  • try to optimize last fix for 2227

23.12.4

  • try to address 2227 without the removal of cached formatter for in-built formatters

23.12.3

  • fix: Using a comma in a formatter parameter 2225
Commits


Updates tldts from 6.1.38 to 6.1.41

Release notes

Sourced from tldts's releases.

v6.1.41

:scroll: Update Public Suffix List

  • tldts-experimental, tldts

:nut_and_bolt: Dependencies

Authors: 2

v6.1.40

:scroll: Update Public Suffix List

  • tldts-experimental, tldts-icann, tldts

:nut_and_bolt: Dependencies

Authors: 2

v6.1.39

:scroll: Update Public Suffix List

  • tldts-experimental, tldts-icann, tldts

Authors: 1

Changelog

Sourced from tldts's changelog.

v6.1.41 (Thu Aug 22 2024)

:scroll: Update Public Suffix List

  • tldts-experimental, tldts

:nut_and_bolt: Dependencies

Authors: 2

v6.1.40 (Mon Aug 19 2024)

:scroll: Update Public Suffix List

  • tldts-experimental, tldts-icann, tldts

:nut_and_bolt: Dependencies

Authors: 2

v6.1.39 (Sat Aug 10 2024)

:scroll: Update Public Suffix List

  • tldts-experimental, tldts-icann, tldts

Authors: 1

... (truncated)

Commits


Updates @playwright/test from 1.46.0 to 1.46.1

Release notes

Sourced from @​playwright/test's releases.

v1.46.1

Highlights

microsoft/playwright#32004 - [REGRESSION]: Client Certificates don't work with Microsoft IIS microsoft/playwright#32004 - [REGRESSION]: Websites stall on TLS handshake errors when using Client Certificates microsoft/playwright#32146 - [BUG]: Credential scanners warn about internal socks-proxy TLS certificates microsoft/playwright#32056 - [REGRESSION]: 1.46.0 (TypeScript) - custom fixtures extend no longer chainable microsoft/playwright#32070 - [Bug]: --only-changed flag and project dependencies microsoft/playwright#32188 - [Bug]: --only-changed with shallow clone throws "unknown revision" error

Browser Versions

  • Chromium 128.0.6613.18
  • Mozilla Firefox 128.0
  • WebKit 18.0

This version was also tested against the following stable channels:

  • Google Chrome 127
  • Microsoft Edge 127
Commits
  • e1c861c cherry-pick(#32021): test: fix failing client-certificate tests
  • 20b0788 chore: mark v1.46.1 (#32194)
  • 57c3240 cherry-pick(#32192): chore: generate self-signed certificates for socks proxy
  • 301f179 cherry-pick(#32189): fix(only-changed): show nice error message about shallow...
  • b2d6a09 cherry-pick(#32164): docs: release video and trace viewer video (#32173)
  • 7cf7aec cherry-pick(#32094): fix(test runner): run project dependencies of `--only-ch...
  • d78ae01 cherry-pick(#32163): fix(client-certificates): stall on tls handshake errors
  • bd13da4 cherry-pick(#32155): fix(client-certificates): when server does tls renegotia...
  • 30684a7 cherry-pick(#32066): fix(types): revert type changes made to support TS 5.5 (...
  • 5e68061 cherry-pick(#32015): docs(release-notes): fix typo in .NET release notes
  • See full diff in compare view


Updates @types/chrome from 0.0.269 to 0.0.270

Commits


Updates @types/node from 22.1.0 to 22.5.2

Commits


Updates @types/webextension-polyfill from 0.10.7 to 0.12.1

Commits


Updates esbuild from 0.23.0 to 0.23.1

Release notes

Sourced from esbuild's releases.

v0.23.1

  • Allow using the node: import prefix with es* targets (#3821)

    The node: prefix on imports is an alternate way to import built-in node modules. For example, import fs from "fs" can also be written import fs from "node:fs". This only works with certain newer versions of node, so esbuild removes it when you target older versions of node such as with --target=node14 so that your code still works. With the way esbuild's platform-specific feature compatibility table works, this was added by saying that only newer versions of node support this feature. However, that means that a target such as --target=node18,es2022 removes the node: prefix because none of the es* targets are known to support this feature. This release adds the support for the node: flag to esbuild's internal compatibility table for es* to allow you to use compound targets like this:

    // Original code
import fs from 'node:fs'
fs.open

    // Old output (with --bundle --format=esm --platform=node --target=node18,es2022)
    
import fs from "fs";
    
fs.open;
    

    // New output (with --bundle --format=esm --platform=node --target=node18,es2022)
    
import fs from "node:fs";
    
fs.open;

  • Fix a panic when using the CLI with invalid build flags if --analyze is present (#3834)

    Previously esbuild's CLI could crash if it was invoked with flags that aren't valid for a "build" API call and the --analyze flag is present. This was caused by esbuild's internals attempting to add a Go plugin (which is how --analyze is implemented) to a null build object. The panic has been fixed in this release.

  • Fix incorrect location of certain error messages (#3845)

    This release fixes a regression that caused certain errors relating to variable declarations to be reported at an incorrect location. The regression was introduced in version 0.18.7 of esbuild.

  • Print comments before case clauses in switch statements (#3838)

    With this release, esbuild will attempt to print comments that come before case clauses in switch statements. This is similar to what esbuild already does for comments inside of certain types of expressions. Note that these types of comments are not printed if minification is enabled (specifically whitespace minification).

  • Fix a memory leak with pluginData (#3825)

    With this release, the build context's internal pluginData cache will now be cleared when starting a new build. This should fix a leak of memory from plugins that return pluginData objects from onResolve and/or onLoad callbacks.

Changelog

Sourced from esbuild's changelog.

0.23.1

  • Allow using the node: import prefix with es* targets (#3821)

    The node: prefix on imports is an alternate way to import built-in node modules. For example, import fs from "fs" can also be written import fs from "node:fs". This only works with certain newer versions of node, so esbuild removes it when you target older versions of node such as with --target=node14 so that your code still works. With the way esbuild's platform-specific feature compatibility table works, this was added by saying that only newer versions of node support this feature. However, that means that a target such as --target=node18,es2022 removes the node: prefix because none of the es* targets are known to support this feature. This release adds the support for the node: flag to esbuild's internal compatibility table for es* to allow you to use compound targets like this:

    // Original code
import fs from 'node:fs'
fs.open

    // Old output (with --bundle --format=esm --platform=node --target=node18,es2022)
    
import fs from "fs";
    
fs.open;
    

    // New output (with --bundle --format=esm --platform=node --target=node18,es2022)
    
import fs from "node:fs";
    
fs.open;

  • Fix a panic when using the CLI with invalid build flags if --analyze is present (#3834)

    Previously esbuild's CLI could crash if it was invoked with flags that aren't valid for a "build" API call and the --analyze flag is present. This was caused by esbuild's internals attempting to add a Go plugin (which is how --analyze is implemented) to a null build object. The panic has been fixed in this release.

  • Fix incorrect location of certain error messages (#3845)

    This release fixes a regression that caused certain errors relating to variable declarations to be reported at an incorrect location. The regression was introduced in version 0.18.7 of esbuild.

  • Print comments before case clauses in switch statements (#3838)

    With this release, esbuild will attempt to print comments that come before case clauses in switch statements. This is similar to what esbuild already does for comments inside of certain types of expressions. Note that these types of comments are not printed if minification is enabled (specifically whitespace minification).

  • Fix a memory leak with pluginData (#3825)

    With this release, the build context's internal pluginData cache will now be cleared when starting a new build. This should fix a leak of memory from plugins that return pluginData objects from onResolve and/or onLoad callbacks.

Commits


Updates glob from 10.4.2 to 11.0.0

Changelog

Sourced from glob's changelog.

changeglob

11.0

  • Drop support for node before v20

10.4

  • Add includeChildMatches: false option
  • Export the Ignore class

10.3

  • Add --default -p flag to provide a default pattern
  • exclude symbolic links to directories when follow and nodir are both set

10.2

  • Add glob cli

10.1

  • Return '.' instead of the empty string '' when the current working directory is returned as a match.
  • Add posix: true option to return / delimited paths, even on Windows.

10.0.0

  • No default exports, only named exports

9.3.3

  • Upgraded minimatch to v8, adding support for any degree of nested extglob patterns.

9.3

  • Add aliases for methods. glob.sync, glob.stream, glob.stream.sync, etc.

9.2

  • Support using a custom fs object, which is passed to PathScurry
  • add maxDepth option
  • add stat option
  • add custom Ignore support

9.1

... (truncated)

Commits


Updates jsdom from 24.1.1 to 25.0.0

Release notes

Sourced from jsdom's releases.

Version 25.0.0

This major release changes the prototype of a jsdom's EventTarget.prototype to point to the Object.prototype inside the jsdom, instead of pointing to the Node.js Object.prototype. Thus, the prototype chain of Window stays entirely within the jsdom, never crossing over into the Node.js realm.

This only occurs when runScripts is set to non-default values of "dangerously" or "outside-only", as with the default value, there is no separate Object.prototype inside the jsdom.

This will likely not impact many programs, but could cause some changes in instanceof behavior, and so out of an abundance of caution, we're releasing it as a new major version.

Version 24.1.3

  • Fixed calls to postMessage() that were done as a bare property (i.e., postMessage() instead of window.postMessage()).

Version 24.1.2

  • Fixed an issue with the in operator applied to EventTarget methods, e.g. 'addEventListener' in window, which only appeared in Node.js ≥22.5.0. (legendecas)
  • Fixed the events fired by blur(): it no longer fires focus and focusin on the Document, and blur and focusout no longer have their relatedTarget property set. (asamuzaK)
Changelog

Sourced from jsdom's changelog.

25.0.0

This major release changes the prototype of a jsdom's EventTarget.prototype to point to the Object.prototype inside the jsdom, instead of pointing to the Node.js Object.prototype. Thus, the prototype chain of Window stays entirely within the jsdom, never crossing over into the Node.js realm.

This only occurs when runScripts is set to non-default values of "dangerously" or "outside-only", as with the default value, there is no separate Object.prototype inside the jsdom.

This will likely not impact many programs, but could cause some changes in instanceof behavior, and so out of an abundance of caution, we're releasing it as a new major version.

24.1.3

  • Fixed calls to postMessage() that were done as a bare property (i.e., postMessage() instead of window.postMessage()).

24.1.2

  • Fixed an issue with the in operator applied to EventTarget methods, e.g. 'addEventListener' in window, which only appeared in Node.js ≥22.5.0. (legendecas)
  • Fixed the events fired by blur(): it no longer fires focus and focusin on the Document, and blur and focusout no longer have their relatedTarget property set. (asamuzaK)
Commits
  • c53efc8 Version 25.0.0
  • 784c8a5 Set EventTarget.prototype to the jsdom's Object.prototype
  • 0314f1e Version 24.1.3
  • 46d5d5c Fix postMessage referenced as a bare property
  • a241df6 Version 24.1.2
  • c3a9aed Remove upstreamed WPTs
  • 07fab37 Refactor Window object setup code
  • 3383805 Fix events fired by blur()
  • 065abcb Roll web platform tests
  • 439a43e Setup Window prototype in vm context
  • Additional commits viewable in compare view


Most Recent Ignore Conditions Applied to This Pull Request | Dependency Name | Ignore Conditions | | --- | --- | | jsdom | [>= 22.1.a, < 22.2] | | @playwright/test | [>= 1.40.a, < 1.41] |

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 2 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.