search

endojs / endo

Endo is a distributed secure JavaScript sandbox, based on SES
Apache License 2.0
834 stars 72 forks source link

chore: bump the all-minor-patch group across 1 directory with 18 updates #2581

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps the all-minor-patch group with 18 updates in the / directory:

Package From To
eslint-plugin-import 2.29.1 2.31.0
prettier 3.2.5 3.3.3
typedoc 0.26.6 0.26.8
typedoc-plugin-markdown 4.2.5 4.2.9
typescript 5.6.2 5.6.3
zx 8.1.8 8.1.9
acorn 8.11.3 8.12.1
execa 9.3.0 9.4.0
ws 8.16.0 8.18.0
requireindex 1.1.0 1.2.0
mocha 10.6.0 10.7.3
@types/mocha 10.0.7 10.0.9
@babel/parser 7.23.6 7.25.8
@babel/traverse 7.23.7 7.25.7
@types/babel__traverse 7.20.5 7.20.6
source-map-js 1.2.0 1.2.1
core-js 3.31.0 3.38.1
terser 5.16.6 5.34.1

Updates eslint-plugin-import from 2.29.1 to 2.31.0

Release notes

Sourced from eslint-plugin-import's releases.

v2.31.0

Added

Fixed

Changed

#3073: import-js/eslint-plugin-import#3073 #3072: import-js/eslint-plugin-import#3072 #3071: import-js/eslint-plugin-import#3071 #3070: import-js/eslint-plugin-import#3070 #3068: import-js/eslint-plugin-import#3068 #3066: import-js/eslint-plugin-import#3066 #3065: import-js/eslint-plugin-import#3065 #3062: import-js/eslint-plugin-import#3062 #3052: import-js/eslint-plugin-import#3052 #3043: import-js/eslint-plugin-import#3043 #3032: import-js/eslint-plugin-import#3032 #2996: import-js/eslint-plugin-import#2996 #2817: import-js/eslint-plugin-import#2817 [@​akwodkiewicz]: https://github.com/akwodkiewicz [@​joshuaobrien]: https://github.com/joshuaobrien [@​liuxingbaoyu]: https://github.com/liuxingbaoyu [@​manuth]: https://github.com/manuth [@​michaelfaith]: https://github.com/michaelfaith [@​phryneas]: https://github.com/phryneas

... (truncated)

Changelog

Sourced from eslint-plugin-import's changelog.

[2.31.0] - 2024-10-03

Added

Fixed

  • ExportMap / flat config: include languageOptions in context (#3052, thanks [@​michaelfaith])
  • [no-named-as-default]: Allow using an identifier if the export is both a named and a default export (#3032, thanks [@​akwodkiewicz])
  • [export]: False positive for exported overloaded functions in TS (#3065, thanks [@​liuxingbaoyu])
  • exportMap: export map cache is tainted by unreliable parse results (#3062, thanks [@​michaelfaith])
  • exportMap: improve cacheKey when using flat config (#3072, thanks [@​michaelfaith])
  • adjust "is source type module" checks for flat config (#2996, thanks [@​G-Rath])

Changed

[2.30.0] - 2024-09-02

Added

  • [dynamic-import-chunkname]: add allowEmpty option to allow empty leading comments (#2942, thanks [@​JiangWeixian])
  • [dynamic-import-chunkname]: Allow empty chunk name when webpackMode: 'eager' is set; add suggestions to remove name in eager mode (#3004, thanks [@​amsardesai])
  • [no-unused-modules]: Add ignoreUnusedTypeExports option (#3011, thanks [@​silverwind])
  • add support for Flat Config (#3018, thanks [@​michaelfaith])

Fixed

Changed

  • [Docs] [no-extraneous-dependencies]: Make glob pattern description more explicit (#2944, thanks [@​mulztob])
  • [no-unused-modules]: add console message to help debug #2866
  • [Refactor] ExportMap: make procedures static instead of monkeypatching exportmap (#2982, thanks [@​soryy708])
  • [Refactor] ExportMap: separate ExportMap instance from its builder logic (#2985, thanks [@​soryy708])
  • [Docs] [order]: Add a quick note on how unbound imports and --fix (#2640, thanks [@​minervabot])
  • [Tests] appveyor -> GHA (run tests on Windows in both pwsh and WSL + Ubuntu) (#2987, thanks [@​joeyguerra])
  • [actions] migrate OSX tests to GHA ([ljharb#37], thanks [@​aks-])
  • [Refactor] exportMapBuilder: avoid hoisting (#2989, thanks [@​soryy708])
  • [Refactor] ExportMap: extract "builder" logic to separate files (#2991, thanks [@​soryy708])
  • [Docs] [order]: update the description of the pathGroupsExcludedImportTypes option (#3036, thanks [@​liby])
  • [readme] Clarify how to install the plugin (#2993, thanks [@​jwbth])
Commits
  • 91f809b v2.31.0
  • 3f1ac24 [utils] [refactor] parse: avoid using a regex here
  • d225176 [New] extensions: add the checkTypeImports option
  • 5a51b9a [Tests] rule-tester: try this babel class workaround
  • d66cde0 [New] support eslint v9
  • d27a639 [Fix] adjust "is source type module" checks for flat config
  • 1fa8a07 [Refactor] create sourceType helper
  • 0bc1355 [Tests] no-default-export, no-named-export: add test cases with non-modu...
  • 55fa203 [Tests] no-default-export, no-named-export: add test case
  • 6be20df [Docs] no-restricted-paths: fix grammar
  • Additional commits viewable in compare view


Updates prettier from 3.2.5 to 3.3.3

Release notes

Sourced from prettier's releases.

3.3.3

🔗 Changelog

3.3.2

🔗 Changelog

3.3.1

🔗 Changelog

3.3.0

diff

🔗 Release note

Changelog

Sourced from prettier's changelog.

3.3.3

diff

Add parentheses for nullish coalescing in ternary (#16391 by @​cdignam-segment)

This change adds clarity to operator precedence.

// Input
foo ? bar ?? foo : baz;
foo ?? bar ? a : b;
a ? b : foo ?? bar;

// Prettier 3.3.2

foo ? bar ?? foo : baz;

foo ?? bar ? a : b;

a ? b : foo ?? bar;


// Prettier 3.3.3

foo ? (bar ?? foo) : baz;

(foo ?? bar) ? a : b;

a ? b : (foo ?? bar);

Add parentheses for decorator expressions (#16458 by @​y-schneider)

Prevent parentheses around member expressions or tagged template literals from being removed to follow the stricter parsing rules of TypeScript 5.5.

// Input
@(foo`tagged template`)
class X {}

// Prettier 3.3.2

@​footagged template

class X {}


// Prettier 3.3.3

@(footagged template)

class X {}

Support @let declaration syntax (#16474 by @​sosukesuzuki)

Adds support for Angular v18 @let declaration syntax.

Please see the following code example. The @let declaration allows you to define local variables within the template:

... (truncated)

Commits


Updates typedoc from 0.26.6 to 0.26.8

Release notes

Sourced from typedoc's releases.

v0.26.8

Features

  • Updated Chinese translations, #2706.
  • Exported constants no longer render the type and default value if they are the same, #2717.
  • The HTML output now wraps tag blocks with <div> tags and includes the tag name in a class name, #2723.

Bug Fixes

  • Correctly handle external link resolver link text when referencing an external symbol, #2700.
  • Big integer literals are now supported as default values, #2721.
  • Corrected handling of @link tags present in comments at the start of source files.
  • The index will now display when a module only contains documents, #2722.
  • ReflectionSymbolId.pos no longer references the position before any doc comments for a symbol. This could cause typedoc-plugin-dt-links to produce links which didn't go to the expected location in a file.

Thanks!

v0.26.7

Features

  • Support TypeScript 5.6, #2699.
  • Added customJs option to include a script tag in generated HTML output, #2650.
  • Added markdownLinkExternal option to treat http[s]:// links in markdown documents and comments as external to be opened in a new tab, #2679.
  • Added navigation.excludeReferences option to prevent re-exports from appearing in the left hand navigation, #2685.
  • Added support for the @abstract tag, #2692.

Bug Fixes

  • Fixed an issue where links in packages mode would be resolved incorrectly, #2680.
  • @link tags to symbols which are not included in the documentation will produce invalid link warnings again, #2681.
  • Fixed handling of @param tags on comments attached to function callback parameters, #2683.
  • The alphabetical and alphabetical-ignoring-documents sort options now use localeCompare to sort, #2684.
  • Fixed incorrect placement of parameter default values in some signatures with a this parameter, #2698.

Thanks!

Changelog

Sourced from typedoc's changelog.

v0.26.8 (2024-10-04)

Features

  • Updated Chinese translations, #2706.
  • Exported constants no longer render the type and default value if they are the same, #2717.
  • The HTML output now wraps tag blocks with <div> tags and includes the tag name in a class name, #2723.

Bug Fixes

  • Correctly handle external link resolver link text when referencing an external symbol, #2700.
  • Big integer literals are now supported as default values, #2721.
  • Corrected handling of @link tags present in comments at the start of source files.
  • The index will now display when a module only contains documents, #2722.
  • ReflectionSymbolId.pos no longer references the position before any doc comments for a symbol. This could cause typedoc-plugin-dt-links to produce links which didn't go to the expected location in a file.

Thanks!

v0.26.7 (2024-09-09)

Features

  • Support TypeScript 5.6, #2699.
  • Added customJs option to include a script tag in generated HTML output, #2650.
  • Added markdownLinkExternal option to treat http[s]:// links in markdown documents and comments as external to be opened in a new tab, #2679.
  • Added navigation.excludeReferences option to prevent re-exports from appearing in the left hand navigation, #2685.
  • Added support for the @abstract tag, #2692.

Bug Fixes

  • Fixed an issue where links in packages mode would be resolved incorrectly, #2680.
  • @link tags to symbols which are not included in the documentation will produce invalid link warnings again, #2681.
  • Fixed handling of @param tags on comments attached to function callback parameters, #2683.
  • The alphabetical and alphabetical-ignoring-documents sort options now use localeCompare to sort, #2684.
  • Fixed incorrect placement of parameter default values in some signatures with a this parameter, #2698.

Thanks!

Commits
  • 59ec968 Update changelog for release
  • a65766d Bump version to 0.26.8
  • 77cf917 Fix missing index with only document children
  • d349280 ReflectionSymbolId.pos uses getStart for position
  • 40d1cec Merge pull request #2724 from lriggle-strib/master
  • 2445045 Add div wrapper around tags in comment partial.
  • 81fec38 Update changelog for fixing #2717
  • bdd610c Add handling for bigint literals in default values
  • 1dbfe3a Merge pull request #2721 from Corso02/master
  • b9f56e0 simplified checking if type should be rendered
  • Additional commits viewable in compare view


Updates typedoc-plugin-markdown from 4.2.5 to 4.2.9

Release notes

Sourced from typedoc-plugin-markdown's releases.

typedoc-plugin-markdown@4.2.9

Patch Changes

  • Expose @return block tags on declarations (#694)
  • Add parentheses on function names in type declaration table views (#696)

typedoc-plugin-markdown@4.2.8

Patch Changes

  • Fix missing slash when public path is prefixed with http (#688)

typedoc-plugin-markdown@4.2.7

Patch Changes

  • Correctly handle top level custom groups in navigation (#685)
  • Fix missing index descriptions for some signatures (#670)
  • Add '?' for optional type declarations in tables

typedoc-plugin-markdown@4.2.6

Patch Changes

  • Expose missing entrypoints to navigation (#663)
  • Fix missing function descriptions in indexes
Changelog

Sourced from typedoc-plugin-markdown's changelog.

4.2.9 (2024-10-01)

Patch Changes

  • Expose @return block tags on declarations (#694)
  • Add parentheses on function names in type declaration table views (#696)

4.2.8 (2024-09-22)

Patch Changes

  • Fix missing slash when public path is prefixed with http (#688)

4.2.7 (2024-09-05)

Patch Changes

  • Correctly handle top level custom groups in navigation (#685)
  • Fix missing index descriptions for some signatures (#670)
  • Add '?' for optional type declarations in tables

4.2.6 (2024-08-25)

Patch Changes

  • Expose missing entrypoints to navigation (#663)
  • Fix missing function descriptions in indexes
Commits
  • 1cd85ca Version Packages
  • 563875e fix(core): add parentheses on function names in type declaration table views ...
  • 300db20 fix(core): expose "@​return" block tags on declarations (#694)
  • 974a60d chore(docs): updated docs
  • e60b02e Version Packages
  • a7e4775 fix(core): fix missing slash when public path is prefixed with http (#688)
  • 21c6811 chore(docs): updated changelog date
  • d1bf2a5 Version Packages
  • 37f3b34 chore(docs): updated navigation docs
  • fa60205 fix(core): trim link label
  • Additional commits viewable in compare view


Updates typescript from 5.6.2 to 5.6.3

Release notes

Sourced from typescript's releases.

TypeScript 5.6.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

Commits
  • d48a5cf Bump version to 5.6.3 and LKG
  • fefa70a 🤖 Pick PR #60083 (Don't issue implicit any when obtai...) into release-5.6 (#...
  • ff71692 [release-5.6] Remove tsbuildInfo specification error now that we need it for ...
  • 1f44dcf 🤖 Pick PR #60157 (fix automatic type acquisition) into release-5.6 (#60169)
  • See full diff in compare view


Updates zx from 8.1.8 to 8.1.9

Release notes

Sourced from zx's releases.

8.1.9

Today's release is a minor update that includes:

Enhancements

  • We have replaced ProcessOutput fields with lazy getters to reduce mem consumption #903, #908
  • Reduced ReDos risks for codeblock patterns #906
  • Kept argv reference on update #916
  • Strengthened Shell interface to properly handle sync mode #915:
expectType<ProcessPromise>($`cmd`)
expectType<ProcessPromise>($({ sync: false })`cmd`)
expectType<ProcessOutput>($({ sync: true })`cmd`)
expectType<ProcessOutput>($.sync`cmd`)

Fixes

  • Corrected stdall fill for $.sync calls: #911, #912
Commits


Updates acorn from 8.11.3 to 8.12.1

Commits
  • 12ad116 Mark version 8.12.1
  • c26b84a Don't use an /s regexp
  • da521f6 Simplify imports
  • ba22623 Bump actions/setup-node v4
  • 2679c9f Bump test262
  • ac29659 Mark acorn-walk version 8.3.3
  • 5445810 Mark version 8.12.0
  • 9046cc0 Specify a direct dependency on acorn in acorn-walk
  • 88234f5 Add VariableDeclarator to AnyNode type
  • 757da7b Actually initialize branchID in RegExpValidationState constuctor
  • Additional commits viewable in compare view


Updates execa from 9.3.0 to 9.4.0

Release notes

Sourced from execa's releases.

v9.4.0

Features

  • We've created a separate package called nano-spawn. It is similar to Execa but with fewer features, for a much smaller package size. More info.

Bug fixes

Documentation

v9.3.1

Thanks @​holic and @​jimhigson for your contributions!

Bugs

Bugs (types)

  • Fix type of the env option. It was currently failing for Remix or Next.js users. (by @​holic) (#1141)

Documentation

Commits


Updates ws from 8.16.0 to 8.18.0

Release notes

Sourced from ws's releases.

8.18.0

Features

  • Added support for Blob (#2229).

8.17.1

Bug fixes

  • Fixed a DoS vulnerability (#2231).

A request with a number of headers exceeding the[server.maxHeadersCount][] threshold could be used to crash a ws server.

const http = require('http');
const WebSocket = require('ws');

const wss = new WebSocket.Server({ port: 0 }, function () {
const chars = "!#$%&'*+-.0123456789abcdefghijklmnopqrstuvwxyz^_`|~".split('');
const headers = {};
let count = 0;


for (let i = 0; i < chars.length; i++) {
if (count === 2000) break;


for (let j = 0; j &lt; chars.length; j++) {
  const key = chars[i] + chars[j];
  headers[key] = 'x';

  if (++count === 2000) break;
}



}


headers.Connection = 'Upgrade';
headers.Upgrade = 'websocket';
headers['Sec-WebSocket-Key'] = 'dGhlIHNhbXBsZSBub25jZQ==';
headers['Sec-WebSocket-Version'] = '13';


const request = http.request({
headers: headers,
host: '127.0.0.1',
port: wss.address().port
});


request.end();
});

The vulnerability was reported by Ryan LaPointe in websockets/ws#2230.

... (truncated)

Commits
  • 976c53c [dist] 8.18.0
  • 59b9629 [feature] Add support for Blob (#2229)
  • 0d1b5e6 [security] Use more descriptive text for 2017 vulnerability link
  • 15f11a0 [security] Add new DoS vulnerability to SECURITY.md
  • 3c56601 [dist] 8.17.1
  • e55e510 [security] Fix crash when the Upgrade header cannot be read (#2231)
  • 6a00029 [test] Increase code coverage
  • ddfe4a8 [perf] Reduce the amount of crypto.randomFillSync() calls
  • b73b118 [dist] 8.17.0
  • 29694a5 [test] Use the highWaterMark variable
  • Additional commits viewable in compare view


Updates requireindex from 1.1.0 to 1.2.0

Commits


Updates mocha from 10.6.0 to 10.7.3

Release notes

Sourced from mocha's releases.

v10.7.3

10.7.3 (2024-08-09)

🩹 Fixes

v10.7.2

10.7.2 (2024-08-06)

📚 Documentation

🧹 Chores

v10.7.1

10.7.1 (2024-08-06)

🩹 Fixes

  • crash with --parallel and --retries both enabled (#5173) (d7013dd)

🧹 Chores

  • add knip to validate included dependencies (5c2989f)
  • more fully remove assetgraph-builder and canvas (#5175) (1883c41)
  • replace nps with npm scripts (#5128) (c44653a), closes #5126

v10.7.0

What's Changed

New Contributors

Full Changelog: https://github.com/mochajs/mocha/compare/v10.6.1...v10.7.0

v10.6.1

What's Changed

... (truncated)

Changelog

Sourced from mocha's changelog.

10.7.3 (2024-08-09)

🩹 Fixes

10.7.2 (2024-08-06)

📚 Documentation

🧹 Chores

10.7.1 (2024-08-06)

🩹 Fixes

  • crash with --parallel and --retries both enabled (#5173) (d7013dd)

🧹 Chores

  • add knip to validate included dependencies (5c2989f)
  • more fully remove assetgraph-builder and canvas (#5175) (1883c41)
  • replace nps with npm scripts (
    dependabot[bot] commented 1 month ago

    Superseded by #2585.