search

humanmade / altis-cms

CMS Module for Altis
https://www.altis-dxp.com/resources/docs/core/
46 stars 5 forks source link

Update humanmade/asset-loader requirement from ^0.6.3 to ^0.6.4 #767

Closed dependabot[bot] closed 7 months ago

dependabot[bot] commented 8 months ago

Updates the requirements on humanmade/asset-loader to permit the latest version.

Release notes

Sourced from humanmade/asset-loader's releases.

v0.6.4

What's Changed

New Contributors

Full Changelog: https://github.com/humanmade/asset-loader/compare/v0.6.3...v0.6.4

Changelog

Sourced from humanmade/asset-loader's changelog.

v0.6.4

  • Point to specific commit for 3rd-party Github action
  • Secure href attribute in 404 page to prevent XSS vulnerabilities

v0.6.3

  • Adds support for the composer installers v2 package

v0.6.2

  • Ensure that a version string is always set on an asset, even when the built file has a hash string in the file name. This ensures proper cache invalidation in sites using asset concatenation.

v0.6.1

  • Fix get_file_uri() when using symlinks

v0.6.0

  • Breaking: Remove deprecated autoregister, autoenqueue, and register_assets methods.
  • Add filter asset_loader_manifest_contents to allow filtering of loaded asset manifest contents.

v0.5.0

  • Support enqueuing scripts in the page <head> by passing 'in-footer' => false in options array.
  • Introduce get_active_manifest() function to return the first available manifest in a list.

v0.4.1

  • Fix bug where admin namespace was not loaded.

v0.4.0

  • Breaking: Remove undocumented Asset_Loader\is_development method.
  • Breaking: Remove undocumented Asset_Loader\enqueue_assets method.
  • New: Introduce new Asset_Loader\register_asset() and Asset_Loader\enqueue_asset() public API.
    • Assets should now be registered individually.
    • If a bundle exports both a CSS and JS file, both files should be registered or enqueued individually.
  • Deprecate Asset_Loader\autoenqueue() method. Use the new, singular enqueue_asset() instead.
  • Deprecate Asset_Loader\autoregister() method. Use the new, singular register_asset() instead.
  • Deprecate Asset_Loader\register_assets() method. Use the new, singular register_asset() instead.
  • Refactor how SSL warning notice behavior gets triggered during asset registration.
  • Change how version strings are determined when registering assets
    • If asset is detected to be using a uniquely hashed filename, no version string is used.
    • If an asset manifest is in use, assets are versioned based on a content hash of that manifest.
    • If no other version information can be determined and the loader is running withinAltis, the Altis revision constant is used to version registered assets.

v0.3.4

  • Added composer/installers as a dependency to permit custom installation paths when installing this package.

... (truncated)

Commits
  • 1cc2bdc Merge pull request #58 from humanmade/prepare-0.6.4-release
  • 9dd1897 Prepare v0.6.4 release
  • 33cbdd1 Merge pull request #56 from humanmade/security-enhancements
  • 13e4ddf Secure href attribute in 404 page to prevent XSS vulnerabilities
  • 7f129d0 Point to specific commmit for 3rd-party Github action
  • 8df3bb5 Fix deploy to GH pages script
  • 5b7f079 Fix deploy to GH pages script
  • d5e4ba9 CD to docs first
  • fd81065 Try bundle install without the path
  • ceaf4f6 Replace path flag in deploy script
  • Additional commits viewable in compare view


You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

hm-backport[bot] commented 7 months ago

The backport to v18-branch failed:

Commits ["8ad0f8c5e5e26ad4e895f547644ce22c7e28805b","057fb901bc51136970ccdb8993cc547d23fbae8a"] could not be cherry-picked on top of v18-branch

To backport manually, run these commands in your terminal:

# Fetch latest updates from GitHub.
git fetch
# Create new working tree.
git worktree add .worktrees/backport v18-branch
# Navigate to the new directory.
cd .worktrees/backport
# Cherry-pick all the commits of this pull request and resolve the likely conflicts.
git cherry-pick 8ad0f8c5e5e26ad4e895f547644ce22c7e28805b 057fb901bc51136970ccdb8993cc547d23fbae8a
# Create a new branch with these backported commits.
git checkout -b backport-767-to-v18-branch
# Push it to GitHub.
git push --set-upstream origin backport-767-to-v18-branch
# Go back to the original working tree.
cd ../..
# Delete the working tree.
git worktree remove .worktrees/backport

Then, create a pull request where the base branch is v18-branch and the compare/head branch is backport-767-to-v18-branch.