Delete inlay css styles, which are not actually used by Closure.
Add non-nullable modifier to return type of functions never returning null.
Remove forwardDeclares from Closure Events Listenable by reducing the typing of the event key's src property to just Listenable, instead of Listenable|EventTarget. Note that EventTarget is the primary implementation of Listenable.
Other Changes
Added SafeUrl.fromMediaSource()
Fix authority parsing in Closure URI parser.
Document mode is now based on user agent on IE if not present in document
Add a define to module manager so that we can control module loading behaviors.
Add non-nullable modifier to return type of functions never returning null.
goog.isArray in deprecated in favor of Array.isArray
Update Thenable.then rejection handler JSDoc to reflect actual functionality.
Closure Library v20200224
New Additions
Create goog.debug.deepFreeze.
Added goog.async.promises.allMapsValues utility function
Backwards Incompatible Changes
AbstractRange.prototype.getTextRange(s) now return AbstractRange instead of the specific TextRange subclass
Other Changes
Remove some forwardDeclares from closure labs net.
Removed ondragexit from Window and friends, per a spec update.
Fixed the URL of about:blank iframes. Previously it was getting set to the parent's URL. (SimonMueller)
Fixed the loading of subresources from the filesystem when they had non-ASCII filenames.
Fixed the hidden="" attribute to cause display: none per the user-agent stylesheet. (ph-fritsche)
Fixed the new File() constructor to no longer convert / to :, per a pending spec update.
Fixed mutation observer callbacks to be called with the MutationObserver instance as their this value.
Fixed <input type=checkbox> and <input type=radio> to be mutable even when disabled, per a spec update.
Fixed XMLHttpRequest to not fire a redundant final progress event if a progress event was previously fired with the same loaded value. This would usually occur with small files.
Fixed XMLHttpRequest to expose the Content-Length header on cross-origin responses.
Fixed xhr.response to return null for failures that occur during the middle of the download.
Fixed edge cases around passing callback functions or event handlers. (ExE-Boss)
Fixed edge cases around the properties of proxy-like objects such as localStorage or dataset. (ExE-Boss)
Fixed a potential memory leak with custom elements (although we could not figure out how to trigger it). (soncodi)
Version 16.4.0
Added a not-implemented warning if you try to use the second pseudo-element argument to getComputedStyle(), unless you pass a ::part or ::slotted pseudo-element, in which case we throw an error per the spec. (ExE-Boss)
Improved the performance of repeated access to el.tagName, which also indirectly improves performance of selector matching and style computation. (eps1lon)
Fixed form.elements to respect the form="" attribute, so that it can contain non-descendant form controls. (ccwebdesign)
Fixed el.focus() to do nothing on disconnected elements. (eps1lon)
Fixed el.focus() to work on SVG elements. (zjffun)
Fixed removing the currently-focused element to move focus to the <body> element. (eps1lon)
Fixed imgEl.complete to return true for <img> elements with empty or unset src="" attributes. (strager)
Fixed imgEl.complete to return true if an error occurs loading the <img>, when canvas is enabled. (strager)
Fixed imgEl.complete to return false if the <img> element's src="" attribute is reset. (strager)
Fixed the valueMissing validation check for <input type="radio">. (zjffun)
Fixed translate="" and draggable="" attribute processing to use ASCII case-insensitivity, instead of Unicode case-insensitivity. (zjffun)
Version 16.3.0
Added firing of focusin and focusout when using el.focus() and el.blur(). (trueadm)
Fixed elements with the contenteditable="" attribute to be considered as focusable. (jamieliu386)
Fixed window.NodeFilter to be per-Window, instead of shared across all Windows. (ExE-Boss)
Fixed edge-case behavior involving use of objects with handleEvent properties as event listeners. (ExE-Boss)
Fixed a second failing image load sometimes firing a load event instead of an error event, when the canvas package is installed. (strager)
Fixed drawing an empty canvas into another canvas. (zjffun)
Version 16.2.2
Updated StyleSheetList for better spec compliance; notably it no longer inherits from Array.prototype. (ExE-Boss)
Fixed requestAnimationFrame() from preventing process exit. This likely regressed in v16.1.0.
Fixed setTimeout() to no longer leak the closures passed in to it. This likely regressed in v16.1.0. (AviVahl)
Fixed infinite recursion that could occur when calling click() on a <label> element, or one of its descendants.
Fixed getComputedStyle() to consider inline style="" attributes. (eps1lon)
Fixed several issues with <input type="number">'s stepUp() and stepDown() functions to be properly decimal-based, instead of floating point-based.
Fixed various issues where updating selectEl.value would not invalidate properties such as selectEl.selectedOptions. (ExE-Boss)
Fixed <input>'s src property, and <ins>/<del>'s cite property, to properly reflect as URLs.
Fixed window.addEventLister, window.removeEventListener, and window.dispatchEvent to properly be inherited from EventTarget, instead of being distinct functions. (ExE-Boss)
Fixed errors that would occur if attempting to use a DOM object, such as a custom element, as an argument to addEventListener.
Removed ondragexit from Window and friends, per a spec update.
Fixed the URL of about:blank iframes. Previously it was getting set to the parent's URL. (SimonMueller)
Fixed the loading of subresources from the filesystem when they had non-ASCII filenames.
Fixed the hidden="" attribute to cause display: none per the user-agent stylesheet. (ph-fritsche)
Fixed the new File() constructor to no longer convert / to :, per a pending spec update.
Fixed mutation observer callbacks to be called with the MutationObserver instance as their this value.
Fixed <input type=checkbox> and <input type=radio> to be mutable even when disabled, per a spec update.
Fixed XMLHttpRequest to not fire a redundant final progress event if a progress event was previously fired with the same loaded value. This would usually occur with small files.
Fixed XMLHttpRequest to expose the Content-Length header on cross-origin responses.
Fixed xhr.response to return null for failures that occur during the middle of the download.
Fixed edge cases around passing callback functions or event handlers. (ExE-Boss)
Fixed edge cases around the properties of proxy-like objects such as localStorage or dataset. (ExE-Boss)
Fixed a potential memory leak with custom elements (although we could not figure out how to trigger it). (soncodi)
16.4.0
Added a not-implemented warning if you try to use the second pseudo-element argument to getComputedStyle(), unless you pass a ::part or ::slotted pseudo-element, in which case we throw an error per the spec. (ExE-Boss)
Improved the performance of repeated access to el.tagName, which also indirectly improves performance of selector matching and style computation. (eps1lon)
Fixed form.elements to respect the form="" attribute, so that it can contain non-descendant form controls. (ccwebdesign)
Fixed el.focus() to do nothing on disconnected elements. (eps1lon)
Fixed el.focus() to work on SVG elements. (zjffun)
Fixed removing the currently-focused element to move focus to the <body> element. (eps1lon)
Fixed imgEl.complete to return true for <img> elements with empty or unset src="" attributes. (strager)
Fixed imgEl.complete to return true if an error occurs loading the <img>, when canvas is enabled. (strager)
Fixed imgEl.complete to return false if the <img> element's src="" attribute is reset. (strager)
Fixed the valueMissing validation check for <input type="radio">. (zjffun)
Fixed translate="" and draggable="" attribute processing to use ASCII case-insensitivity, instead of Unicode case-insensitivity. (zjffun)
16.3.0
Added firing of focusin and focusout when using el.focus() and el.blur(). (trueadm)
Fixed elements with the contenteditable="" attribute to be considered as focusable. (jamieliu386)
Fixed window.NodeFilter to be per-Window, instead of shared across all Windows. (ExE-Boss)
Fixed edge-case behavior involving use of objects with handleEvent properties as event listeners. (ExE-Boss)
Fixed a second failing image load sometimes firing a load event instead of an error event, when the canvas package is installed. (strager)
Fixed drawing an empty canvas into another canvas. (zjffun)
16.2.2
Updated StyleSheetList for better spec compliance; notably it no longer inherits from Array.prototype. (ExE-Boss)
Fixed requestAnimationFrame() from preventing process exit. This likely regressed in v16.1.0.
Fixed setTimeout() to no longer leak the closures passed in to it. This likely regressed in v16.1.0. (AviVahl)
Fixed infinite recursion that could occur when calling click() on a <label> element, or one of its descendants.
Fixed getComputedStyle() to consider inline style="" attributes. (eps1lon)
Fixed several issues with <input type="number">'s stepUp() and stepDown() functions to be properly decimal-based, instead of floating point-based.
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
v2.2.1
Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
v2.2.0
New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)
New: package.json and package.json5 include a module property so
bundlers like webpack, rollup and parcel can take advantage of the ES Module
build. (#208)
Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)
Fix: Properties with the name __proto__ are added to objects and arrays.
(#199) This also fixes a prototype pollution vulnerability reported by
Jonathan Gregson! (#295).
New: package.json and package.json5 include a module property so
bundlers like webpack, rollup and parcel can take advantage of the ES Module
build. (#208)
Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)
This is a prerelease version to test our ability to release.
Other than removing or updating dependencies, it contains no intended user-facing changes.
Security fix for RegExps that should not be evaluated (regexp DDOS)
v4.8.0
Support for numeric separators (million = 1_000_000) was added.
Assigning properties to a class is now assumed to be pure.
Fixed bug where yield wasn't considered a valid property key in generators.
v4.7.0
A bug was fixed where an arrow function would have the wrong size
arguments object is now considered safe to retrieve properties from (useful for length, or 0) even when pure_getters is not set.
Fixed erroneous const declarations without value (which is invalid) in some corner cases when using collapse_vars.
v4.6.13
Fixed issue where ES5 object properties were being turned into ES6 object properties due to more lax unicode rules.
Fixed parsing of BigInt with lowercase e in them.
v4.6.12
Fixed subtree comparison code, making it see that [1,[2, 3]] is different from [1, 2, [3]]
Printing of unicode identifiers has been improved
v4.6.11
Read unused classes' properties and method keys, to figure out if they use other variables.
Prevent inlining into block scopes when there are name collisions
Functions are no longer inlined into parameter defaults, because they live in their own special scope.
When inlining identity functions, take into account the fact they may be used to drop this in function calls.
Nullish coalescing operator (x ?? y), plus basic optimization for it.
Template literals in binary expressions such as + have been further optimized
v4.6.10
Do not use reduce_vars when classes are present
v4.6.9
Check if block scopes actually exist in blocks
v4.6.8
Take into account "executed bits" of classes like static properties or computed keys, when checking if a class evaluation might throw or have side effects.
v4.6.7
Some new performance gains through a AST_Node.size() method which measures a node's source code length without printing it to a string first.
Bumps the npm_and_yarn group with 22 updates in the /internal/remediation/fixtures/santatracker directory:
0.7.3
0.7.8
8.10.0
10.12.2
v20190909.0.0
20200315.0.0
12.2.0
16.5.0
2.1.0
2.2.2
5.2.0
10.4.0
0.1.2
0.1.4
3.10.11
4.8.1
12.0.2
17.7.2
2.6.0
4.5.0
5.5.1
5.7.2
7.6.0
7.24.7
5.7.3
8.12.0
7.1.0
8.12.0
6.0.2
8.12.0
3.0.2
3.0.3
2.0.0
2.0.2
3.1.2
3.1.4
0.2.3
0.4.0
1.4.1
1.4.2
4.17.20
4.17.21
1.0.6
1.0.7
1.1.0
1.1.1
6.5.2
6.5.3
Updates
dat.gui
from 0.7.3 to 0.7.8Release notes
Sourced from dat.gui's releases.
Commits
6a444cc
0.7.8103be80
Removed CHANGELOG.mdf720c72
Merge pull request #279 from yetingli/master40f4fc1
Remove link to defunct tutorial.1e1aecb
Fix ReDos in CSS_RGB and CSS_RGBA51d1a37
Merge pull request #274 from dataarts/dependabot/npm_and_yarn/lodash-4.17.1928b15c6
Bump lodash from 4.17.15 to 4.17.19071edeb
Use primitive type instead of nullable boxed type92cebb3
Re-lint.b290bf7
Update lint rules.Maintainer changes
This version was pushed to npm by mrdoob, a new releaser for dat.gui since your current version.
Updates
firebase
from 8.10.0 to 10.12.2Release notes
Sourced from firebase's releases.
... (truncated)
Commits
d92d01e
Version Packages (#8264)a8bdda6
Merge master into release52d6266
Add vertex preview token to canary deploy workflow. (#8262)0af23e0
Generate dts rollups for auth webextension and cordova (#8251)370b6c8
Add toc (#8257)aa060a7
More robust clean up after unexpected docgen process exits. (#8260)3883133
Fix typings issue (#8256)7381f21
Version Packages (#8254)ff65c13
Merge master into release43a8d99
Add job to create a GitHub release (#8248)Updates
google-closure-library
from v20190909.0.0 to 20200315.0.0Release notes
Sourced from google-closure-library's releases.
... (truncated)
Commits
c6e4fe0
Bump version.2fb2c6d
Migrate goog.forwardDeclare to goog.requireType.ade336a
Migrate goog.forwardDeclare to goog.requireType.964e8f3
RELNOTES[NEW]: Add SafeHtml.comment.a93d568
RELNOTES: Add non-nullable modifier to return type of functions never returni...294fc00
Fix authority parsing in Closure URI parser.49624ab
Add a define to module manager so that we can control module loading behaviors.5845fb1
Removed the legacy buffering-proxy detection (aka test-channel).f4c4443
Add non-nullable modifier to return type of functions never returning null.60f4a9c
Add non-nullable modifier to return type of functions never returning null.Updates
jsdom
from 12.2.0 to 16.5.0Release notes
Sourced from jsdom's releases.
... (truncated)
Changelog
Sourced from jsdom's changelog.
... (truncated)
Commits
2d82763
Version 16.5.09741311
Fix loading of subresources with Unicode filenames5e46553
Use domenic's ESLint config as the base19b35da
Fix the URL of about:blank iframes017568e
Support inputType on InputEvent29f4fdf
Upgrade dependenciese2f7639
Refactor create‑event‑accessor.js to remove code duplicationff69a75
Convert JSDOM to use callback functions19df6bc
Update links in contributing guidelines1e34ff5
Test triageUpdates
json5
from 2.1.0 to 2.2.2Release notes
Sourced from json5's releases.
Changelog
Sourced from json5's changelog.
Commits
14f8cb1
2.2.210cc7ca
docs: update CHANGELOG for v2.2.27774c10
fix: add proto to objects and arraysedde30a
Readme: slight tweak to intro97286f8
Improve example in readmed720b4f
Improve readme (e.g. explain JSON5 better!) (#291)910ce25
docs: fix spelling of Aseem2aab4dd
test: require tap as t in cli tests6d42686
test: remove mocha syntax from tests4798b9d
docs: update installation and usage for modulesUpdates
mocha
from 5.2.0 to 10.4.0Release notes
Sourced from mocha's releases.
... (truncated)
Changelog
Sourced from mocha's changelog.
... (truncated)
Commits
ffd9557
Release v10.4.07ac67f3
build(deps): bump the github-actions group with 2 updates (#5125)7a2781c
chore: activate dependabot for workflows (#5123)97dcbb2
fix: harden error handling inlib/cli/run.js
(#5074)6f3f45e
fix: xunit integration test (#5122)a5b5652
docs: fix documentation concerning glob expansion on UNIX (#4869)efbb147
feat: add file path to xunit reporter (#4985)a2e600d
fix: closes #5115 (#5116)3735873
feat: include.cause
stacks in the error stack traces (#4829)b88978d
chore: bump ESLint ecmaVersion to 2020 (#5104)Maintainer changes
This version was pushed to npm by voxpelli, a new releaser for mocha since your current version.
Updates
mocha-headless-server
from 0.1.2 to 0.1.4Commits
Updates
terser
from 3.10.11 to 4.8.1Changelog
Sourced from terser's changelog.
... (truncated)
Commits
40674a4
update changelog, versiond8cc569
backport fix to potential regexp DDOS504b967
4.8.09f380dc
update changelog7dd0b9d
update assumptionscfad907
Allow yield to be used as property key in generators.283f44f
Make class property assignment pure.ee965e8
Add numeric separators support (#725)ee6b8af
4.7.0807f729
update changelogUpdates
yargs
from 12.0.2 to 17.7.2Release notes
Sourced from yargs's releases.
Changelog
Sourced from yargs's changelog.
... (truncated)
Commits
3566b84
chore(main): release 17.7.2 (#2323)7f42848
fix: do not crash completion when having negated options (#2322)2b6ba31
chore(main): release 17.7.1 (#2304)9aa2490
fix: address display bug with default sub-commands (#2303)663c1b6
chore(main): release 17.7.0 (#2285)4cb41dc
feat: convert line break to whitespace for the description of the option (#2271)7dc1086
test: mock additional hasColors method introduced in Node 16 (#2297)f37ee6f
fix: copy the description of the option to its alias in completion (#2269)These are test fixtures and not meant to be updated.
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.
To ignore these dependencies, configure ignore rules in dependabot.yml