jhwohlgemuth / voxelcss

Voxel.css with updated architecture, robust tests, and npm availability
https://voxelcss.js.org/
MIT License
4 stars 2 forks source link

Bump browser-sync from 2.23.7 to 2.26.14 #256

Closed dependabot-preview[bot] closed 3 years ago

dependabot-preview[bot] commented 3 years ago

Bumps browser-sync from 2.23.7 to 2.26.14.

Release notes

Sourced from browser-sync's releases.

upgraded dependencies

This is a maintenance release to address 2 security related issues (socket.io & axios)

Happy Browsersync'in :)

v2.26.0

these notes describe the change from 2.24.6 -> 2.26.0

fixes

  • Removing default logger prefix [BS] - fixes #1607 257fba6d3fa3b4e77f526912a395625efcdebcb3
  • case-insensitive matching on domain key in proxy responses dacfc8bcedbd1f8e27a3ad4944aee44ff7f73533
  • bump chokidar fixing fsevents build - closes #1613 11729cc0a398d276a66d1883d1273f2fd3c1d36e
  • Unexpected Page Reload after Pausing in Debugger - fixes #1591 06ee1b7db8d3090f693dc8ba0650f3e7022463ae
  • scroll - add missing init method for window.name method of scroll restoring - fixes #1586 #1457 #1457 9e96603e2f8e859a5ae6fe921c7380787c706896
  • proxy Port gets unnecesarily rewritten in Proxy - fixes #1577 48286e0d09e35b06b5736be674ffe52105ba0a86

chore

  • move cypress to top-level dep 0d4ab8156b30bbdafbb202ee0f597d4ea5dc4d0b
  • package-lock files 900e23e321ffe2110068e3194b9d00d988ffb721
  • change API of option transforms ef12e9aa576d4395db9353d80761487ff4f82206

lerna

  • initial version 7c0ad4eaffbd1e1b9760277cce193692f0577bcd
  • more path updates c108af8ed973c74cdfecbf3cfb104e6b6c5e9bde
  • updated more stuff since the move to lerna 4ac3a49ce92b8eef8e6898962ae6aca1f48537c4
  • bring in server/client/ui d6198f92cccbb1945b5a0cff1a1a3328d3f505ce
  • add browser-sync-ui 325c7751cb583272fb69c56846dede9cf22c2d53

feature

  • adding 'listen' option to restrict binding of interfaces d6419160382fc45c739cac20679b9d7bbbcfee5b

docs

  • emphasize a couple of points - fixes #1461 cf0febd978b20e9c8b9bc0a8aa262e3b54972b98
  • added additional note about httpModule option - fixes #1485 16487adbc282f13b774d597ee729c57eec377cd1

deps

  • npm audit for localtunnel - fixes #1587 27f21731874fa4ec56aa4b3039086317aa5584dd
  • easy-extender@2.3.4 cypress@3.1.0 supertest@3.1.0 a6578a3adcc310386c10957e5dd3fdcd8d3b9a21

the listen option release

Browsersync can now be used in more restrictive areas, ones where you cannot simply bind to all addresses on the host (such as schools or universities) - this is enabled via the listen option.

For backwards compatibility reasons, we actually cannot use the host option to acheive this (even though that would make the most sense), as it would break some people's existing setups.

This is mainly because in the past, host was not used to determine an address to bind to, but rather just as a way of changing the urls Browsersync displays to the user. :( :( :(

It was a big mistake, but now with the sheer size of the user base we have, every tiny change to any existing option causes some kind of breakage. I'm not prepared to do that again with host.

So, instead we're back to the old method of instead adding a new option, that I've called listen. It's the only way we can acheive the goal without breaking existing users who are using host for other reasons.

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)

This change is Reviewable

dependabot-preview[bot] commented 3 years ago

Superseded by #280.