search

fastify / fastify-nextjs

React server side rendering support for Fastify with Next
Other
526 stars 60 forks source link

chore(deps): Bump the npm_and_yarn at /. security update group with 2 updates #865

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 8 months ago

Bumps the npm_and_yarn at /. security update group with 2 updates: next and postcss.

Updates next from 13.4.12 to 13.5.0

Release notes

Sourced from next's releases.

v13.4.20-canary.41

Core Changes

  • Add mui-core to the default optimizePackageImports list: #55554
  • Consolidate experimental React opt-in & add ppr flag: #55560
  • Add react-icons to optimizePackageImports: #55572
  • Fix useState function initialiser case for optimize_server_react transform: #55551
  • Update supported config options for Turbopack: #55556
  • Fix react packages are not bundled for metadata routes: #55579
  • improve internal error logging: #55582
  • fix styled-jsx alias: #55581

Documentation Changes

  • chore: Fix heading hierarchy in revalidateTag documentation: #55470
  • chore: replace issue triaing actions with nissuer: #55525

Credits

Huge thanks to @​romeobravo, @​shuding, @​ztanner, @​balazsorban44, @​padmaia, @​huozhi, and @​sokra for helping!

v13.4.20-canary.40

Core Changes

  • Fix missing module.compiled trace file and unhandledRejection in ensurePage: #55553

Example Changes

  • Type Error on Event Type payment_intent webhook: #55493
  • Correct spelling in playwright docs: #55557

Credits

Huge thanks to @​roigecode, @​hoop71, and @​ijjk for helping!

v13.4.20-canary.39

Core Changes

  • fix next.js own build on windows: #55544
  • Fix notFound status code with ISR in app: #55542
  • Disable client-only for middleware and pages api layer: #55541

Documentation Changes

  • Add route groups example to revalidatePath doc: #55543

Misc Changes

  • chore(third-parties): replace rimraf with rm.mjs: #55547

... (truncated)

Commits


Updates postcss from 8.4.14 to 8.4.31

Release notes

Sourced from postcss's releases.

8.4.31

  • Fixed \r parsing to fix CVE-2023-44270.

8.4.30

8.4.29

8.4.28

  • Fixed Root.source.end for better source map (by @​romainmenke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.

8.4.23

  • Fixed warnings in TypeDoc.

8.4.22

8.4.21

8.4.20

  • Fixed source map generation for childless at-rules like @layer.

8.4.19

  • Fixed whitespace preserving after AST transformations (by @​romainmenke).

8.4.18

  • Fixed an error on absolute: true with empty sourceContent (by @​KingSora).

8.4.17

8.4.16

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.31

  • Fixed \r parsing to fix CVE-2023-44270.

8.4.30

  • Improved source map performance (by Romain Menke).

8.4.29

  • Fixed Node#source.offset (by Ido Rosenthal).
  • Fixed docs (by Christian Oliff).

8.4.28

  • Fixed Root.source.end for better source map (by Romain Menke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

8.4.26

  • Fixed clone methods types.

8.4.25

8.4.24

  • Fixed Plugin types.

8.4.23

  • Fixed warnings in TypeDoc.

8.4.22

  • Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

  • Fixed Input#error types (by Aleks Hudochenkov).

8.4.20

  • Fixed source map generation for childless at-rules like @layer.

8.4.19

  • Fixed whitespace preserving after AST transformations (by Romain Menke).

8.4.18

  • Fixed an error on absolute: true with empty sourceContent (by Rene Haas).

8.4.17

  • Fixed Node.before() unexpected behavior (by Romain Menke).
  • Added TOC to docs (by Mikhail Dedov).

8.4.16

... (truncated)

Commits


Updates next from 13.5.0 to 13.5.6

Release notes

Sourced from next's releases.

v13.4.20-canary.41

Core Changes

  • Add mui-core to the default optimizePackageImports list: #55554
  • Consolidate experimental React opt-in & add ppr flag: #55560
  • Add react-icons to optimizePackageImports: #55572
  • Fix useState function initialiser case for optimize_server_react transform: #55551
  • Update supported config options for Turbopack: #55556
  • Fix react packages are not bundled for metadata routes: #55579
  • improve internal error logging: #55582
  • fix styled-jsx alias: #55581

Documentation Changes

  • chore: Fix heading hierarchy in revalidateTag documentation: #55470
  • chore: replace issue triaing actions with nissuer: #55525

Credits

Huge thanks to @​romeobravo, @​shuding, @​ztanner, @​balazsorban44, @​padmaia, @​huozhi, and @​sokra for helping!

v13.4.20-canary.40

Core Changes

  • Fix missing module.compiled trace file and unhandledRejection in ensurePage: #55553

Example Changes

  • Type Error on Event Type payment_intent webhook: #55493
  • Correct spelling in playwright docs: #55557

Credits

Huge thanks to @​roigecode, @​hoop71, and @​ijjk for helping!

v13.4.20-canary.39

Core Changes

  • fix next.js own build on windows: #55544
  • Fix notFound status code with ISR in app: #55542
  • Disable client-only for middleware and pages api layer: #55541

Documentation Changes

  • Add route groups example to revalidatePath doc: #55543

Misc Changes

  • chore(third-parties): replace rimraf with rm.mjs: #55547

... (truncated)

Commits


You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/fastify/fastify-nextjs/network/alerts).

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Fdawgs commented 6 months ago

@Dependabot rebase

dependabot[bot] commented 6 months ago

Superseded by #903.