Delete inlay css styles, which are not actually used by Closure.
Add non-nullable modifier to return type of functions never returning null.
Remove forwardDeclares from Closure Events Listenable by reducing the typing of the event key's src property to just Listenable, instead of Listenable|EventTarget. Note that EventTarget is the primary implementation of Listenable.
Other Changes
Added SafeUrl.fromMediaSource()
Fix authority parsing in Closure URI parser.
Document mode is now based on user agent on IE if not present in document
Add a define to module manager so that we can control module loading behaviors.
Add non-nullable modifier to return type of functions never returning null.
goog.isArray in deprecated in favor of Array.isArray
Update Thenable.then rejection handler JSDoc to reflect actual functionality.
Closure Library v20200224
New Additions
Create goog.debug.deepFreeze.
Added goog.async.promises.allMapsValues utility function
Backwards Incompatible Changes
AbstractRange.prototype.getTextRange(s) now return AbstractRange instead of the specific TextRange subclass
Other Changes
Remove some forwardDeclares from closure labs net.
Removed ondragexit from Window and friends, per a spec update.
Fixed the URL of about:blank iframes. Previously it was getting set to the parent's URL. (SimonMueller)
Fixed the loading of subresources from the filesystem when they had non-ASCII filenames.
Fixed the hidden="" attribute to cause display: none per the user-agent stylesheet. (ph-fritsche)
Fixed the new File() constructor to no longer convert / to :, per a pending spec update.
Fixed mutation observer callbacks to be called with the MutationObserver instance as their this value.
Fixed <input type=checkbox> and <input type=radio> to be mutable even when disabled, per a spec update.
Fixed XMLHttpRequest to not fire a redundant final progress event if a progress event was previously fired with the same loaded value. This would usually occur with small files.
Fixed XMLHttpRequest to expose the Content-Length header on cross-origin responses.
Fixed xhr.response to return null for failures that occur during the middle of the download.
Fixed edge cases around passing callback functions or event handlers. (ExE-Boss)
Fixed edge cases around the properties of proxy-like objects such as localStorage or dataset. (ExE-Boss)
Fixed a potential memory leak with custom elements (although we could not figure out how to trigger it). (soncodi)
Version 16.4.0
Added a not-implemented warning if you try to use the second pseudo-element argument to getComputedStyle(), unless you pass a ::part or ::slotted pseudo-element, in which case we throw an error per the spec. (ExE-Boss)
Improved the performance of repeated access to el.tagName, which also indirectly improves performance of selector matching and style computation. (eps1lon)
Fixed form.elements to respect the form="" attribute, so that it can contain non-descendant form controls. (ccwebdesign)
Fixed el.focus() to do nothing on disconnected elements. (eps1lon)
Fixed el.focus() to work on SVG elements. (zjffun)
Fixed removing the currently-focused element to move focus to the <body> element. (eps1lon)
Fixed imgEl.complete to return true for <img> elements with empty or unset src="" attributes. (strager)
Fixed imgEl.complete to return true if an error occurs loading the <img>, when canvas is enabled. (strager)
Fixed imgEl.complete to return false if the <img> element's src="" attribute is reset. (strager)
Fixed the valueMissing validation check for <input type="radio">. (zjffun)
Fixed translate="" and draggable="" attribute processing to use ASCII case-insensitivity, instead of Unicode case-insensitivity. (zjffun)
Version 16.3.0
Added firing of focusin and focusout when using el.focus() and el.blur(). (trueadm)
Fixed elements with the contenteditable="" attribute to be considered as focusable. (jamieliu386)
Fixed window.NodeFilter to be per-Window, instead of shared across all Windows. (ExE-Boss)
Fixed edge-case behavior involving use of objects with handleEvent properties as event listeners. (ExE-Boss)
Fixed a second failing image load sometimes firing a load event instead of an error event, when the canvas package is installed. (strager)
Fixed drawing an empty canvas into another canvas. (zjffun)
Version 16.2.2
Updated StyleSheetList for better spec compliance; notably it no longer inherits from Array.prototype. (ExE-Boss)
Fixed requestAnimationFrame() from preventing process exit. This likely regressed in v16.1.0.
Fixed setTimeout() to no longer leak the closures passed in to it. This likely regressed in v16.1.0. (AviVahl)
Fixed infinite recursion that could occur when calling click() on a <label> element, or one of its descendants.
Fixed getComputedStyle() to consider inline style="" attributes. (eps1lon)
Fixed several issues with <input type="number">'s stepUp() and stepDown() functions to be properly decimal-based, instead of floating point-based.
Fixed various issues where updating selectEl.value would not invalidate properties such as selectEl.selectedOptions. (ExE-Boss)
Fixed <input>'s src property, and <ins>/<del>'s cite property, to properly reflect as URLs.
Fixed window.addEventLister, window.removeEventListener, and window.dispatchEvent to properly be inherited from EventTarget, instead of being distinct functions. (ExE-Boss)
Fixed errors that would occur if attempting to use a DOM object, such as a custom element, as an argument to addEventListener.
Removed ondragexit from Window and friends, per a spec update.
Fixed the URL of about:blank iframes. Previously it was getting set to the parent's URL. (SimonMueller)
Fixed the loading of subresources from the filesystem when they had non-ASCII filenames.
Fixed the hidden="" attribute to cause display: none per the user-agent stylesheet. (ph-fritsche)
Fixed the new File() constructor to no longer convert / to :, per a pending spec update.
Fixed mutation observer callbacks to be called with the MutationObserver instance as their this value.
Fixed <input type=checkbox> and <input type=radio> to be mutable even when disabled, per a spec update.
Fixed XMLHttpRequest to not fire a redundant final progress event if a progress event was previously fired with the same loaded value. This would usually occur with small files.
Fixed XMLHttpRequest to expose the Content-Length header on cross-origin responses.
Fixed xhr.response to return null for failures that occur during the middle of the download.
Fixed edge cases around passing callback functions or event handlers. (ExE-Boss)
Fixed edge cases around the properties of proxy-like objects such as localStorage or dataset. (ExE-Boss)
Fixed a potential memory leak with custom elements (although we could not figure out how to trigger it). (soncodi)
16.4.0
Added a not-implemented warning if you try to use the second pseudo-element argument to getComputedStyle(), unless you pass a ::part or ::slotted pseudo-element, in which case we throw an error per the spec. (ExE-Boss)
Improved the performance of repeated access to el.tagName, which also indirectly improves performance of selector matching and style computation. (eps1lon)
Fixed form.elements to respect the form="" attribute, so that it can contain non-descendant form controls. (ccwebdesign)
Fixed el.focus() to do nothing on disconnected elements. (eps1lon)
Fixed el.focus() to work on SVG elements. (zjffun)
Fixed removing the currently-focused element to move focus to the <body> element. (eps1lon)
Fixed imgEl.complete to return true for <img> elements with empty or unset src="" attributes. (strager)
Fixed imgEl.complete to return true if an error occurs loading the <img>, when canvas is enabled. (strager)
Fixed imgEl.complete to return false if the <img> element's src="" attribute is reset. (strager)
Fixed the valueMissing validation check for <input type="radio">. (zjffun)
Fixed translate="" and draggable="" attribute processing to use ASCII case-insensitivity, instead of Unicode case-insensitivity. (zjffun)
16.3.0
Added firing of focusin and focusout when using el.focus() and el.blur(). (trueadm)
Fixed elements with the contenteditable="" attribute to be considered as focusable. (jamieliu386)
Fixed window.NodeFilter to be per-Window, instead of shared across all Windows. (ExE-Boss)
Fixed edge-case behavior involving use of objects with handleEvent properties as event listeners. (ExE-Boss)
Fixed a second failing image load sometimes firing a load event instead of an error event, when the canvas package is installed. (strager)
Fixed drawing an empty canvas into another canvas. (zjffun)
16.2.2
Updated StyleSheetList for better spec compliance; notably it no longer inherits from Array.prototype. (ExE-Boss)
Fixed requestAnimationFrame() from preventing process exit. This likely regressed in v16.1.0.
Fixed setTimeout() to no longer leak the closures passed in to it. This likely regressed in v16.1.0. (AviVahl)
Fixed infinite recursion that could occur when calling click() on a <label> element, or one of its descendants.
Fixed getComputedStyle() to consider inline style="" attributes. (eps1lon)
Fixed several issues with <input type="number">'s stepUp() and stepDown() functions to be properly decimal-based, instead of floating point-based.
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
v2.2.1
Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
v2.2.0
New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)
New: package.json and package.json5 include a module property so
bundlers like webpack, rollup and parcel can take advantage of the ES Module
build. (#208)
Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
New: package.json and package.json5 include a module property so
bundlers like webpack, rollup and parcel can take advantage of the ES Module
build. (#208)
Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)
Security fix for RegExps that should not be evaluated (regexp DDOS)
v4.8.0
Support for numeric separators (million = 1_000_000) was added.
Assigning properties to a class is now assumed to be pure.
Fixed bug where yield wasn't considered a valid property key in generators.
v4.7.0
A bug was fixed where an arrow function would have the wrong size
arguments object is now considered safe to retrieve properties from (useful for length, or 0) even when pure_getters is not set.
Fixed erroneous const declarations without value (which is invalid) in some corner cases when using collapse_vars.
v4.6.13
Fixed issue where ES5 object properties were being turned into ES6 object properties due to more lax unicode rules.
Fixed parsing of BigInt with lowercase e in them.
v4.6.12
Fixed subtree comparison code, making it see that [1,[2, 3]] is different from [1, 2, [3]]
Printing of unicode identifiers has been improved
v4.6.11
Read unused classes' properties and method keys, to figure out if they use other variables.
Prevent inlining into block scopes when there are name collisions
Functions are no longer inlined into parameter defaults, because they live in their own special scope.
When inlining identity functions, take into account the fact they may be used to drop this in function calls.
Nullish coalescing operator (x ?? y), plus basic optimization for it.
Template literals in binary expressions such as + have been further optimized
v4.6.10
Do not use reduce_vars when classes are present
v4.6.9
Check if block scopes actually exist in blocks
v4.6.8
Take into account "executed bits" of classes like static properties or computed keys, when checking if a class evaluation might throw or have side effects.
v4.6.7
Some new performance gains through a AST_Node.size() method which measures a node's source code length without printing it to a string first.
Note: This feature is not compatible with Node 14 or below. To disable it in those versions, set the environment variable GRPC_XDS_EXPERIMENTAL_ENABLE_RING_HASH=false.
Bumps the npm_and_yarn group with 30 updates in the /internal/remediation/fixtures/santatracker directory:
0.7.3
0.7.8
v20190909.0.0
20200315.0.0
12.2.0
16.5.0
2.1.0
2.2.2
3.10.11
4.8.1
5.5.1
5.7.2
7.6.0
7.24.7
1.4.2
1.10.9
2.6.0
4.5.0
4.0.0
4.0.3
10.1.0
21.1.1
12.0.2
17.7.2
5.7.3
8.12.0
7.1.0
8.12.0
6.0.2
8.12.0
3.0.2
3.0.3
2.6.6
2.6.7
8.10.0
8.10.1
2.0.0
2.0.2
5.0.0
5.1.2
6.2.1
6.2.3
0.2.3
0.4.0
1.4.1
1.4.2
4.17.20
4.17.21
3.0.4
3.1.2
5.2.0
10.4.0
0.1.2
0.1.4
0.10.0
1.3.1
3.1.2
3.1.4
1.0.6
1.0.7
1.1.0
1.1.1
6.5.2
6.5.3
Updates
dat.gui
from 0.7.3 to 0.7.8Release notes
Sourced from dat.gui's releases.
Commits
6a444cc
0.7.8103be80
Removed CHANGELOG.mdf720c72
Merge pull request #279 from yetingli/master40f4fc1
Remove link to defunct tutorial.1e1aecb
Fix ReDos in CSS_RGB and CSS_RGBA51d1a37
Merge pull request #274 from dataarts/dependabot/npm_and_yarn/lodash-4.17.1928b15c6
Bump lodash from 4.17.15 to 4.17.19071edeb
Use primitive type instead of nullable boxed type92cebb3
Re-lint.b290bf7
Update lint rules.Maintainer changes
This version was pushed to npm by mrdoob, a new releaser for dat.gui since your current version.
Updates
google-closure-library
from v20190909.0.0 to 20200315.0.0Release notes
Sourced from google-closure-library's releases.
... (truncated)
Commits
c6e4fe0
Bump version.2fb2c6d
Migrate goog.forwardDeclare to goog.requireType.ade336a
Migrate goog.forwardDeclare to goog.requireType.964e8f3
RELNOTES[NEW]: Add SafeHtml.comment.a93d568
RELNOTES: Add non-nullable modifier to return type of functions never returni...294fc00
Fix authority parsing in Closure URI parser.49624ab
Add a define to module manager so that we can control module loading behaviors.5845fb1
Removed the legacy buffering-proxy detection (aka test-channel).f4c4443
Add non-nullable modifier to return type of functions never returning null.60f4a9c
Add non-nullable modifier to return type of functions never returning null.Updates
jsdom
from 12.2.0 to 16.5.0Release notes
Sourced from jsdom's releases.
... (truncated)
Changelog
Sourced from jsdom's changelog.
... (truncated)
Commits
2d82763
Version 16.5.09741311
Fix loading of subresources with Unicode filenames5e46553
Use domenic's ESLint config as the base19b35da
Fix the URL of about:blank iframes017568e
Support inputType on InputEvent29f4fdf
Upgrade dependenciese2f7639
Refactor create‑event‑accessor.js to remove code duplicationff69a75
Convert JSDOM to use callback functions19df6bc
Update links in contributing guidelines1e34ff5
Test triageUpdates
json5
from 2.1.0 to 2.2.2Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
Commits
14f8cb1
2.2.210cc7ca
docs: update CHANGELOG for v2.2.27774c10
fix: add proto to objects and arraysedde30a
Readme: slight tweak to intro97286f8
Improve example in readmed720b4f
Improve readme (e.g. explain JSON5 better!) (#291)910ce25
docs: fix spelling of Aseem2aab4dd
test: require tap as t in cli tests6d42686
test: remove mocha syntax from tests4798b9d
docs: update installation and usage for modulesUpdates
terser
from 3.10.11 to 4.8.1Changelog
Sourced from terser's changelog.
... (truncated)
Commits
40674a4
update changelog, versiond8cc569
backport fix to potential regexp DDOS504b967
4.8.09f380dc
update changelog7dd0b9d
update assumptionscfad907
Allow yield to be used as property key in generators.283f44f
Make class property assignment pure.ee965e8
Add numeric separators support (#725)ee6b8af
4.7.0807f729
update changelogUpdates
semver
from 5.5.1 to 5.7.2Release notes
Sourced from semver's releases.
Changelog
Sourced from semver's changelog.
Commits
f8cc313
chore: release 5.7.22f8fd41
fix: better handling of whitespace (#585)deb5ad5
chore:@npmcli/template-oss
@4
.16.0c83c18c
5.7.1956e228
Correct typo in README8055dda
5.7.0604e73d
auto-publishing scriptsbed01e2
remove the nomin comments, since we don't minify any more anyway9cb68f1
document parse method38d42ca
5.7 changelogMaintainer changes
This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.
Updates
@babel/traverse
from 7.6.0 to 7.24.7Release notes
Sourced from
@babel/traverse
's releases.... (truncated)
Changelog
Sourced from
@babel/traverse
's changelog.... (truncated)
Commits
bf1e9a3
v7.24.74463aa5
fix: incorrectconstantViolations
with destructuring (#16522)07bd000
ImprovegetBindingIdentifiers
(#16544)17a5502
[Babel 8] Removeextra.shorthand
(#16521)7934963
Usetype: module
in allpackage.json
s (#16535)9630250
v7.24.61f010df
Explicitly defineNodePath.prototype.*
(#16488)6e3539b
[babel 8] Publish.d.ts
files for every package (#16416)e37e64d
Use eslint v9 (#16479)3ff20b9
Statically generate boilerplate for bitfield accessors (#16482)Updates
@grpc/grpc-js
from 1.4.2 to 1.10.9Release notes
Sourced from
@grpc/grpc-js
's releases.... (truncated)
Commits
674f4e3
Merge pull request from GHSA-7v5v-9h63-cj867ecaa2d
grpc-js: Bump to 1.10.9e64d816
grpc-js: Avoid buffering significantly more than max_receive_message_size per...45e5fe5
Merge pull request #2750 from murgatroid99/grpc-js_idle_uds_fix87a3541
grpc-js: Fix UDS channels not reconnecting after going idle3105791
Merge pull request #2740 from sergiitk/backport-1.10-psm-interop-common-prod-...fec135a
Merge pull request #2729 from sergiitk/psm-interop-common-prod-tests76fe802
Merge pull request #2739 from murgatroid99/backport-1.10-grpc-js_linkify-it_fixd5edf49
Merge pull request #2735 from murgatroid99/grpc-js_linkify-it_fix23c05fc
Merge pull request #2732 from murgatroid99/grpc-js_proto-loader_updateUpdates
@google-cloud/cloudbuild
from 2.6.0 to 4.5.0Release notes
Sourced from
@google-cloud/cloudbuild
's releases.