search

duckduckgo / duckduckgo-privacy-extension

DuckDuckGo Privacy Essentials browser extension for Firefox, Chrome.
https://duckduckgo.com/app
Apache License 2.0
1.25k stars 242 forks source link

Bump the external-dependencies group across 1 directory with 13 updates #2721

Closed dependabot[bot] closed 2 weeks ago

dependabot[bot] commented 3 weeks ago

Bumps the external-dependencies group with 13 updates in the / directory:

Package From To
i18next 23.12.2 23.14.0
tldts 6.1.38 6.1.43
@fingerprintjs/fingerprintjs 4.4.3 4.5.0
@playwright/test 1.46.0 1.47.0
@types/chrome 0.0.269 0.0.270
@types/node 22.1.0 22.5.4
@types/webextension-polyfill 0.10.7 0.12.1
esbuild 0.23.0 0.23.1
eslint-plugin-import 2.29.1 2.30.0
glob 10.4.2 11.0.0
jasmine 5.2.0 5.3.0
jsdom 24.1.1 25.0.0
sass 1.77.8 1.78.0

Updates i18next from 23.12.2 to 23.14.0

Release notes

Sourced from i18next's releases.

v23.14.0

  • If backend errors with retry flag, set internal state to 0, so reloadingResources should work 147

v23.13.0

  • Cache output of getRule to optimize performance 2226

v23.12.7

  • revert last optimization to address 2227

v23.12.6

  • remove console.log statement 2227

v23.12.5

  • try to optimize last fix for 2227

v23.12.4

  • try to address 2227 without the removal of cached formatter for in-built formatters

v23.12.3

  • fix: Using a comma in a formatter parameter 2225
Changelog

Sourced from i18next's changelog.

23.14.0

  • If backend errors with retry flag, set internal state to 0, so reloadingResources should work 147

23.13.0

  • Cache output of getRule to optimize performance 2226

23.12.7

  • revert last optimization to address 2227

23.12.6

  • remove console.log statement 2227

23.12.5

  • try to optimize last fix for 2227

23.12.4

  • try to address 2227 without the removal of cached formatter for in-built formatters

23.12.3

  • fix: Using a comma in a formatter parameter 2225
Commits


Updates tldts from 6.1.38 to 6.1.43

Release notes

Sourced from tldts's releases.

v6.1.43

:scroll: Update Public Suffix List

  • tldts-experimental, tldts-icann, tldts

Authors: 1

v6.1.42

:scroll: Update Public Suffix List

  • tldts-experimental, tldts-icann, tldts

:nut_and_bolt: Dependencies

Authors: 2

v6.1.41

:scroll: Update Public Suffix List

  • tldts-experimental, tldts

:nut_and_bolt: Dependencies

Authors: 2

v6.1.40

:scroll: Update Public Suffix List

... (truncated)

Changelog

Sourced from tldts's changelog.

v6.1.43 (Sat Sep 07 2024)

:scroll: Update Public Suffix List

  • tldts-experimental, tldts-icann, tldts

Authors: 1

v6.1.42 (Thu Sep 05 2024)

:scroll: Update Public Suffix List

  • tldts-experimental, tldts-icann, tldts

:nut_and_bolt: Dependencies

Authors: 2

v6.1.41 (Thu Aug 22 2024)

:scroll: Update Public Suffix List

  • tldts-experimental, tldts

:nut_and_bolt: Dependencies

Authors: 2

... (truncated)

Commits


Updates @fingerprintjs/fingerprintjs from 4.4.3 to 4.5.0

Release notes

Sourced from @​fingerprintjs/fingerprintjs's releases.

v4.5.0

  • Add unsupported field to the webGlExtensions entropy source (#1027)
Commits


Updates @playwright/test from 1.46.0 to 1.47.0

Release notes

Sourced from @​playwright/test's releases.

v1.47.0

Network Tab improvements

The Network tab in the UI mode and trace viewer has several nice improvements:

  • filtering by asset type and URL
  • better display of query string parameters
  • preview of font assets

Network tab now has filters

Credit to @​kubajanik for these wonderful improvements!

--tsconfig CLI option

By default, Playwright will look up the closest tsconfig for each imported file using a heuristic. You can now specify a single tsconfig file in the command line, and Playwright will use it for all imported files, not only test files:

# Pass a specific tsconfig
npx playwright test --tsconfig tsconfig.test.json

APIRequestContext now accepts URLSearchParams and string as query parameters

You can now pass URLSearchParams and string as query parameters to APIRequestContext:

test('query params', async ({ request }) => {
  const searchParams = new URLSearchParams();
  searchParams.set('userId', 1);
  const response = await request.get(
      'https://jsonplaceholder.typicode.com/posts',
      {
        params: searchParams // or as a string: 'userId=1'
      }
  );
  // ...
});

Miscellaneous

  • The mcr.microsoft.com/playwright:v1.47.0 now serves a Playwright image based on Ubuntu 24.04 Noble. To use the 22.04 jammy-based image, please use mcr.microsoft.com/playwright:v1.47.0-jammy instead.
  • The :latest/:focal/:jammy tag for Playwright Docker images is no longer being published. Pin to a specific version for better stability and reproducibility.
  • New option behavior in page.removeAllListeners(), browser.removeAllListeners() and browserContext.removeAllListeners() to wait for ongoing listeners to complete.
  • TLS client certificates can now be passed from memory by passing cert and key as buffers instead of file paths.
  • Attachments with a text/html content type can now be opened in a new tab in the HTML report. This is useful for including third-party reports or other HTML content in the Playwright test report and distributing it to your team.
  • noWaitAfter in locator.selectOption() was deprecated.
  • We've seen reports of WebGL in Webkit misbehaving on GitHub Actions macos-13. We recommend upgrading GitHub Actions to macos-14.

... (truncated)

Commits


Updates @types/chrome from 0.0.269 to 0.0.270

Commits


Updates @types/node from 22.1.0 to 22.5.4

Commits


Updates @types/webextension-polyfill from 0.10.7 to 0.12.1

Commits


Updates esbuild from 0.23.0 to 0.23.1

Release notes

Sourced from esbuild's releases.

v0.23.1

  • Allow using the node: import prefix with es* targets (#3821)

    The node: prefix on imports is an alternate way to import built-in node modules. For example, import fs from "fs" can also be written import fs from "node:fs". This only works with certain newer versions of node, so esbuild removes it when you target older versions of node such as with --target=node14 so that your code still works. With the way esbuild's platform-specific feature compatibility table works, this was added by saying that only newer versions of node support this feature. However, that means that a target such as --target=node18,es2022 removes the node: prefix because none of the es* targets are known to support this feature. This release adds the support for the node: flag to esbuild's internal compatibility table for es* to allow you to use compound targets like this:

    // Original code
import fs from 'node:fs'
fs.open

    // Old output (with --bundle --format=esm --platform=node --target=node18,es2022)
    
import fs from "fs";
    
fs.open;
    

    // New output (with --bundle --format=esm --platform=node --target=node18,es2022)
    
import fs from "node:fs";
    
fs.open;

  • Fix a panic when using the CLI with invalid build flags if --analyze is present (#3834)

    Previously esbuild's CLI could crash if it was invoked with flags that aren't valid for a "build" API call and the --analyze flag is present. This was caused by esbuild's internals attempting to add a Go plugin (which is how --analyze is implemented) to a null build object. The panic has been fixed in this release.

  • Fix incorrect location of certain error messages (#3845)

    This release fixes a regression that caused certain errors relating to variable declarations to be reported at an incorrect location. The regression was introduced in version 0.18.7 of esbuild.

  • Print comments before case clauses in switch statements (#3838)

    With this release, esbuild will attempt to print comments that come before case clauses in switch statements. This is similar to what esbuild already does for comments inside of certain types of expressions. Note that these types of comments are not printed if minification is enabled (specifically whitespace minification).

  • Fix a memory leak with pluginData (#3825)

    With this release, the build context's internal pluginData cache will now be cleared when starting a new build. This should fix a leak of memory from plugins that return pluginData objects from onResolve and/or onLoad callbacks.

Changelog

Sourced from esbuild's changelog.

0.23.1

  • Allow using the node: import prefix with es* targets (#3821)

    The node: prefix on imports is an alternate way to import built-in node modules. For example, import fs from "fs" can also be written import fs from "node:fs". This only works with certain newer versions of node, so esbuild removes it when you target older versions of node such as with --target=node14 so that your code still works. With the way esbuild's platform-specific feature compatibility table works, this was added by saying that only newer versions of node support this feature. However, that means that a target such as --target=node18,es2022 removes the node: prefix because none of the es* targets are known to support this feature. This release adds the support for the node: flag to esbuild's internal compatibility table for es* to allow you to use compound targets like this:

    // Original code
import fs from 'node:fs'
fs.open

    // Old output (with --bundle --format=esm --platform=node --target=node18,es2022)
    
import fs from "fs";
    
fs.open;
    

    // New output (with --bundle --format=esm --platform=node --target=node18,es2022)
    
import fs from "node:fs";
    
fs.open;

  • Fix a panic when using the CLI with invalid build flags if --analyze is present (#3834)

    Previously esbuild's CLI could crash if it was invoked with flags that aren't valid for a "build" API call and the --analyze flag is present. This was caused by esbuild's internals attempting to add a Go plugin (which is how --analyze is implemented) to a null build object. The panic has been fixed in this release.

  • Fix incorrect location of certain error messages (#3845)

    This release fixes a regression that caused certain errors relating to variable declarations to be reported at an incorrect location. The regression was introduced in version 0.18.7 of esbuild.

  • Print comments before case clauses in switch statements (#3838)

    With this release, esbuild will attempt to print comments that come before case clauses in switch statements. This is similar to what esbuild already does for comments inside of certain types of expressions. Note that these types of comments are not printed if minification is enabled (specifically whitespace minification).

  • Fix a memory leak with pluginData (#3825)

    With this release, the build context's internal pluginData cache will now be cleared when starting a new build. This should fix a leak of memory from plugins that return pluginData objects from onResolve and/or onLoad callbacks.

Commits


Updates eslint-plugin-import from 2.29.1 to 2.30.0

Release notes

Sourced from eslint-plugin-import's releases.

v2.30.0

Added

Fixed

Changed

  • [Docs] no-extraneous-dependencies: Make glob pattern description more explicit (#2944, thanks [@​mulztob])
  • [no-unused-modules]: add console message to help debug #2866
  • [Refactor] ExportMap: make procedures static instead of monkeypatching exportmap (#2982, thanks [@​soryy708])
  • [Refactor] ExportMap: separate ExportMap instance from its builder logic (#2985, thanks [@​soryy708])
  • [Docs] order: Add a quick note on how unbound imports and --fix (#2640, thanks [@​minervabot])
  • [Tests] appveyor -> GHA (run tests on Windows in both pwsh and WSL + Ubuntu) (#2987, thanks [@​joeyguerra])
  • [actions] migrate OSX tests to GHA ([ljharb#37], thanks [@​aks-])
  • [Refactor] exportMapBuilder: avoid hoisting (#2989, thanks [@​soryy708])
  • [Refactor] ExportMap: extract "builder" logic to separate files (#2991, thanks [@​soryy708])
  • [Docs] [order]: update the description of the pathGroupsExcludedImportTypes option (#3036, thanks [@​liby])
  • [readme] Clarify how to install the plugin (#2993, thanks [@​jwbth])

... (truncated)

Changelog

Sourced from eslint-plugin-import's changelog.

[2.30.0] - 2024-09-02

Added

  • [dynamic-import-chunkname]: add allowEmpty option to allow empty leading comments (#2942, thanks [@​JiangWeixian])
  • [dynamic-import-chunkname]: Allow empty chunk name when webpackMode: 'eager' is set; add suggestions to remove name in eager mode (#3004, thanks [@​amsardesai])
  • [no-unused-modules]: Add ignoreUnusedTypeExports option (#3011, thanks [@​silverwind])
  • add support for Flat Config (#3018, thanks [@​michaelfaith])

Fixed

Changed

  • [Docs] no-extraneous-dependencies: Make glob pattern description more explicit (#2944, thanks [@​mulztob])
  • [no-unused-modules]: add console message to help debug #2866
  • [Refactor] ExportMap: make procedures static instead of monkeypatching exportmap (#2982, thanks [@​soryy708])
  • [Refactor] ExportMap: separate ExportMap instance from its builder logic (#2985, thanks [@​soryy708])
  • [Docs] order: Add a quick note on how unbound imports and --fix (#2640, thanks [@​minervabot])
  • [Tests] appveyor -> GHA (run tests on Windows in both pwsh and WSL + Ubuntu) (#2987, thanks [@​joeyguerra])
  • [actions] migrate OSX tests to GHA ([ljharb#37], thanks [@​aks-])
  • [Refactor] exportMapBuilder: avoid hoisting (#2989, thanks [@​soryy708])
  • [Refactor] ExportMap: extract "builder" logic to separate files (#2991, thanks [@​soryy708])
  • [Docs] [order]: update the description of the pathGroupsExcludedImportTypes option (#3036, thanks [@​liby])
  • [readme] Clarify how to install the plugin (#2993, thanks [@​jwbth])
Commits
  • 18787d3 Bump to 2.30.0
  • 9902298 [Deps] update eslint-module-utils
  • 9d194a6 [utils] v2.9.0
  • 0a58d75 [resolvers/webpack] v0.13.9
  • a3015eb [Test] namespace: ensure valid case is actually included
  • 8bdb32b [Test] add explicit marker for trailing whitespace in cases
  • 038c26c [readme] Clarify how to install the plugin
  • 32a2b89 [Fix] order: do not compare first path segment for relative paths (#2682)
  • ee1ea02 [Fix] newline-after-import: fix considerComments option when require
  • 806e3c2 [New] add support for Flat Config
  • Additional commits viewable in compare view


Updates glob from 10.4.2 to 11.0.0

Changelog

Sourced from glob's changelog.

changeglob

11.0

  • Drop support for node before v20

10.4

  • Add includeChildMatches: false option
  • Export the Ignore class

10.3

  • Add --default -p flag to provide a default pattern
  • exclude symbolic links to directories when follow and nodir are both set

10.2

  • Add glob cli

10.1

  • Return '.' instead of the empty string '' when the current working directory is returned as a match.
  • Add posix: true option to return / delimited paths, even on Windows.

10.0.0

  • No default exports, only named exports

9.3.3

  • Upgraded minimatch to v8, adding support for any degree of nested extglob patterns.

9.3

  • Add aliases for methods. glob.sync, glob.stream, glob.stream.sync, etc.

9.2

  • Support using a custom fs object, which is passed to PathScurry
  • add maxDepth option
  • add stat option
  • add custom Ignore support

9.1

... (truncated)

Commits


Updates jasmine from 5.2.0 to 5.3.0

Release notes

Sourced from jasmine's releases.

v5.3.0

Please see the release notes.

Commits


Updates jsdom from 24.1.1 to 25.0.0

Release notes

Sourced from jsdom's releases.

Version 25.0.0

This major release changes the prototype of a jsdom's EventTarget.prototype to point to the Object.prototype inside the jsdom, instead of pointing to the Node.js Object.prototype. Thus, the prototype chain of Window stays entirely within the jsdom, never crossing over into the Node.js realm.

This only occurs when runScripts is set to non-default values of "dangerously" or "outside-only", as with the default value, there is no separate Object.prototype inside the jsdom.

This will likely not impact many programs, but could cause some changes in instanceof behavior, and so out of an abundance of caution, we're releasing it as a new major version.

Version 24.1.3

  • Fixed calls to postMessage() that were done as a bare property (i.e., postMessage() instead of window.postMessage()).

Version 24.1.2

  • Fixed an issue with the in operator applied to EventTarget methods, e.g. 'addEventListener' in window, which only appeared in Node.js ≥22.5.0. (legendecas)
  • Fixed the events fired by blur(): it no longer fires focus and focusin on the Document, and blur and focusout no longer have their relatedTarget property set. (asamuzaK)
Changelog

Sourced from jsdom's changelog.

25.0.0

This major release changes the prototype of a jsdom's EventTarget.prototype to point to the Object.prototype inside the jsdom, instead of pointing to the Node.js Object.prototype. Thus, the prototype chain of Window stays entirely within the jsdom, never crossing over into the Node.js realm.

This only occurs when runScripts is set to non-default values of "dangerously" or "outside-only", as with the default value, there is no separate Object.prototype inside the jsdom.

This will likely not impact many programs, but could cause some changes in instanceof behavior, and so out of an abundance of caution, we're releasing it as a new major version.

24.1.3

  • Fixed calls to postMessage() that were done as a bare property (i.e., postMessage() instead of window.postMessage()).

24.1.2

  • Fixed an issue with the in operator applied to EventTarget methods, e.g. 'addEventListener' in window, which only appeared in Node.js ≥22.5.0. (legendecas)
  • Fixed the events fired by blur(): it no longer fires focus and focusin on the Document, and blur and focusout no longer have their relatedTarget property set. (asamuzaK)
Commits
  • c53efc8 Version 25.0.0
  • 784c8a5 Set EventTarget.prototype to the jsdom's Object.prototype
  • 0314f1e Version 24.1.3
  • 46d5d5c Fix postMessage referenced as a bare property
  • a241df6 Version 24.1.2
  • c3a9aed Remove upstreamed WPTs
  • 07fab37 Refactor Window object setup code
  • 3383805 Fix events fired by blur()
  • 065abcb Roll web platform tests
  • 439a43e Setup Window prototype in vm context
  • Additional commits viewable in compare view


Updates sass from 1.77.8 to 1.78.0

Release notes

Sourced from sass's releases.

Dart Sass 1.78.0

To install Sass 1.78.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

  • The meta.feature-exists function is now deprecated. This deprecation is named feature-exists.

  • Fix a crash when using @at-root without any queries or children in the indented syntax.

JS API

  • Backport the deprecation options (fatalDeprecations, futureDeprecations, and silenceDeprecations) to the legacy JS API. The legacy JS API is itself deprecated, and you should move off of it if possible, but this will allow users of bundlers and other tools that are still using the legacy API to still control deprecation warnings.

  • Fix a bug where accessing SourceSpan.url would crash when a relative URL was passed to the Sass API.

Embedded Sass

  • Explicitly expose a sass executable from the sass-embedded npm package. This was intended to be included in 1.63.0, but due to the way platform-specific dependency executables are installed it did not work as intended. Now users can run npx sass for local installs or just sass when sass-embedded is installed globally.

  • Add linux-riscv64, linux-musl-riscv64, and android-riscv64 support for the sass-embedded npm package.

  • Fix an edge case where the Dart VM could hang when shutting down when requests were in flight.

  • Fix a race condition where the embedded host could fail to shut down if it was closed around the same time a new compilation was started.

  • Fix a bug where parse-time deprecation warnings could not be controlled by the deprecation options in some circumstances.

See the full changelog for changes in earlier releases.

Changelog

Sourced from sass's changelog.

1.78.0

  • The meta.feature-exists function is now deprecated. This deprecation is named feature-exists.

  • Fix a crash when using @at-root without any queries or children in the indented syntax.

JS API

  • Backport the deprecation options (fatalDeprecations, futureDeprecations, and silenceDeprecations) to the legacy JS API. The legacy JS API is itself deprecated, and you should move off of it if possible, but this will allow users of bundlers and other tools that are still using the legacy API to still control deprecation warnings.

  • Fix a bug where accessing SourceSpan.url would crash when a relative URL was passed to the Sass API.

Embedded Sass

  • Explicitly expose a sass executable from the sass-embedded npm package. This was intended to be included in 1.63.0, but due to the way platform-specific dependency executables are installed it did not work as intended. Now users can run npx sass for local installs or just sass when sass-embedded is installed globally.

  • Add linux-riscv64, linux-musl-riscv64, and android-riscv64 support for the sass-embedded npm package.

  • Fix an edge case where the Dart VM could hang when shutting down when requests were in flight.

  • Fix a race condition where the embedded host could fail to shut down if it was closed around the same time a new compilation was started.

  • Fix a bug where parse-time deprecation warnings could not be controlled by the deprecation options in some circumstances.

Commits


Most Recent Ignore Conditions Applied to This Pull Request | Dependency Name | Ignore Conditions | | --- | --- | | jsdom | [>= 22.1.a, < 22.2] | | jasmine | [>= 5.1.a, < 5.2] | | @playwright/test | [>= 1.40.a, < 1.41] |

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously... _Description has been truncated_
dependabot[bot] commented 2 weeks ago

Looks like these dependencies are updatable in another way, so this is no longer needed.