kbase / narrative

MIT License
17 stars 53 forks source link

Bump the npm group across 1 directory with 49 updates #3651

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 2 months ago

Bumps the npm group with 48 updates in the / directory:

Package From To
bootstrap 3.4.1 5.3.3
bowser 1.0.0 2.11.0
d3 3.5.6 7.9.0
datatables.net 1.13.4 2.1.5
datatables.net-bs 1.13.4 2.1.5
datatables.net-buttons 2.3.6 3.1.2
datatables.net-buttons-bs 2.4.1 3.1.2
dompurify 2.5.5 3.1.6
file-saver 1.3.4 2.0.5
jquery 2.2.4 3.7.1
jquery-ui 1.13.3 1.14.0
plotly.js-dist-min 2.33.0 2.35.0
underscore 1.13.6 1.13.7
@babel/traverse 7.24.7 7.25.6
@eslint/js 9.6.0 9.9.1
@wdio/browserstack-service 8.38.2 9.0.7
@wdio/cli 8.38.2 9.0.7
@wdio/local-runner 8.38.2 9.0.7
@wdio/mocha-framework 8.39.0 9.0.6
@wdio/spec-reporter 8.38.2 9.0.7
autoprefixer 10.4.19 10.4.20
axios 1.7.2 1.7.7
chromedriver 127.0.0 128.0.1
cssnano 7.0.2 7.0.5
eslint 9.4.0 9.9.1
expect-webdriverio 3.6.0 5.0.2
glob 10.4.1 11.0.0
globals 15.6.0 15.9.0
grunt-cli 1.4.3 1.5.0
grunt-stylelint 0.20.0 0.20.1
husky 9.0.11 9.1.5
jasmine-core 5.1.2 5.2.0
jquery-migrate 1.4.1 3.5.2
karma 6.4.3 6.4.4
lint-staged 15.2.6 15.2.10
postcss 8.4.40 8.4.42
prettier 3.3.2 3.3.3
puppeteer 22.11.0 23.2.1
requirejs 2.3.6 2.3.7
sass 1.77.5 1.77.8
selenium-standalone 9.5.0 10.0.0
selenium-webdriver 4.23.0 4.24.0
stylelint 16.6.1 16.9.0
stylelint-config-recommended 14.0.0 14.0.1
stylelint-config-sass-guidelines 11.1.0 12.0.0
stylelint-config-standard 36.0.0 36.0.1
terser 5.31.1 5.31.6
webdriverio 8.38.2 9.0.7

Updates bootstrap from 3.4.1 to 5.3.3

Release notes

Sourced from bootstrap's releases.

v5.3.3

Highlights

  • Fixed a breaking change introduced with color modes where it was required to manually import variables-dark.scss when building Bootstrap with Sass. Now, _variables.scss will automatically import _variables-dark.scss. If you were already importing _variables-dark.scss manually, you should keep doing it as it won't break anything and will be the way to go in v6.
  • Fixed a regression in the selector engine that wasn't able to handle multiple IDs anymore.

Color modes

  • Badges now use the .text-bg-* text utilities to be certain that the text is always readable (especially when the customized colors are different in light and dark modes).
  • Fixed our color-modes.js script to handle the case where the OS is set to light mode and the auto color mode is used on the website. If you copied the script from our docs, you should apply this change to your own script.
  • Fixed color schemes description in the color modes documentation to show that color-scheme() only accept light and dark values as parameters.

Miscellaneous

  • Allowed <dl>, <dt> and <dd> in the sanitizer.
  • Dropped evenly items distribution for modal and offcanvas headers.
  • Fixed the accordion CSS selectors to avoid inheritance issues when nesting accordions.
  • Fixed the focus box-shadow for the validation stated form controls.
  • Fixed the focus ring on focused checked buttons.
  • Fixed the product example mobile navbar toggler.
  • Changed the RTL processing of carousel control icons.

🎨 CSS

  • #37508: Use child combinators to avoid inheriting parent accordion's flush styles
  • #38719: Fix focus box-shadow for validation stated form-controls
  • #38884: fix border-radius on radio-switch
  • #39294: Tests: update navbar in visual modal test
  • #39373: refactor css: modal and offcanvas header spacing
  • #39380: Fix Sass compilation breaking change in v5.3
  • #39387: docs: fix typo
  • #39411: Optimize the accordion icon
  • #39497: Fix a typo
  • #39536: Changed RTL processing of carousel control icons
  • #39560: Drop --bs-accordion-btn-focus-border-color and deprecate $accordion-button-focus-border-color
  • #39595: CSS: Fix the focus ring on focused checked buttons

☕️ JavaScript

  • #39201: Selector Engine: fix multiple IDs
  • #39224: Fix edge case in color-mode.js
  • #39376: Allow dl, dt and dd in sanitizer

📖 Docs

  • #39200: Typo Fix
  • #39214: Doc: use .text-bg-{color} for all badges
  • #39246: Docs: fix for example code blocks have unnecessary 30px right-margin

... (truncated)

Commits
  • 6e1f75f Release v5.3.3 (#39524)
  • 3caef2b Build(deps-dev): Bump terser from 5.27.1 to 5.27.2 (#39690)
  • 4abac9b Build(deps-dev): Bump ip from 2.0.0 to 2.0.1 (#39691)
  • c396a2a Build(deps-dev): Bump sass from 1.70.0 to 1.71.0 (#39684)
  • c9a8a40 Build(deps-dev): Bump rollup from 4.9.6 to 4.12.0 (#39683)
  • 6aecb37 Build(deps-dev): Bump eslint-plugin-html from 7.1.0 to 8.0.0 (#39672)
  • 4081168 Build(deps-dev): Bump terser from 5.27.0 to 5.27.1 (#39682)
  • 4605d71 Build(deps-dev): Bump postcss from 8.4.34 to 8.4.35 (#39673)
  • 08eeee3 Build(deps-dev): Bump lockfile-lint from 4.12.1 to 4.13.1 (#39675)
  • f92d635 Build(deps-dev): Bump eslint-plugin-unicorn from 51.0.0 to 51.0.1 (#39676)
  • Additional commits viewable in compare view


Updates bowser from 1.0.0 to 2.11.0

Release notes

Sourced from bowser's releases.

v2.11.0

What's Changed

  • [ADD]: Add detection for Miui Browser #436
  • [ADD]: Add support for using alias in 'is' method #437
  • [FIX]: Add missing typescript property declaration by @​Cordazar in lancedikson/bowser#438
  • [FIX]: Update @​returns of Parser.prototype.parse #427
  • [CHORE]: bump http-proxy from 1.18.0 to 1.18.1 #442
  • [CHORE]: bump yargs-parser from 13.1.1 to 13.1.2 #440
  • [CHORE]: bump elliptic from 6.5.1 to 6.5.3 #431
  • [CHORE] bump lodash from 4.17.15 to 4.17.19 #428

New Contributors

Full Changelog: https://github.com/lancedikson/bowser/compare/2.10.0...v2.11.0

2.10.0

  • [FIX] Fix for Firefox detection on iOS 13 #415
  • [FIX] Fixes for typings.d.ts #409
  • [FIX] Updated development dependencies

2.7.0

  • [FIX] Add support for QQ Browser #362
  • [FIX] Add support for GSA #364
  • [FIX] Updated dependencies

2.5.3 (Aug 4, 2019)

  • [FIX] Add MacOS names support #338
  • [FIX] Point typings.d.ts from package.json #341
  • [FIX] Upgrade dependencies

2.5.1

  • [FIX] Fixes the bug with a custom Error class (#335)
  • [FIX] Fixes the settings for Babel to reduce the bundle size (#259)

2.5.0

  • [ADD] Add constant output so that users can quickly get all types (#325)
  • [FIX] Add support for Roku OS (#332)
  • [FIX] Update devDependencies
  • [FIX] Fix docs, README and added funding information

2.3.0

  • [ADD] Add support for Blink-based MS Edge (#311)
  • [ADD] Add more types for TS (#289)
  • [FIX] Update dev-dependencies
  • [FIX] Update docs

2.1.0

  • [ADD] Add new Parser.getEngineName() method (#288)

... (truncated)

Changelog

Sourced from bowser's changelog.

2.11.0 (Sep 12, 2020)

  • [ADD] Added support for aliases in Parser#is method (#437)
  • [ADD] Added more typings (#438, #427)
  • [ADD] Added support for MIUI Browser (#436)

2.10.0 (Jul 9, 2020)

  • [FIX] Fix for Firefox detection on iOS 13 #415
  • [FIX] Fixes for typings.d.ts #409
  • [FIX] Updated development dependencies

2.9.0 (Jan 28, 2020)

  • [ADD] Export more methods and constants via .d.ts #388, #390

2.8.1 (Dec 26, 2019)

  • [FIX] Reverted #382 as it broke build

2.8.0 (Dec 26, 2019)

  • [ADD] Add polyfills for Array.find & Object.assign #383
  • [ADD] Export constants with types.d.ts #382
  • [FIX] Add support for WeChat on Windows #381
  • [FIX] Fix detection of Firefox on iPad #379
  • [FIX] Add detection of Electron #375
  • [FIX] Updated dev-dependencies

2.7.0 (Oct 2, 2019)

  • [FIX] Add support for QQ Browser #362
  • [FIX] Add support for GSA #364
  • [FIX] Updated dependencies

2.6.0 (Sep 6, 2019)

  • [ADD] Define "module" export in package.json #354
  • [FIX] Fix Tablet PC detection #334

2.5.4 (Sep 2, 2019)

  • [FIX] Exclude docs from the npm package #349

2.5.3 (Aug 4, 2019)

  • [FIX] Add MacOS names support #338
  • [FIX] Point typings.d.ts from package.json #341
  • [FIX] Upgrade dependencies

2.5.2 (July 17, 2019)

  • [FIX] Fixes the bug undefined method because of failed build (#335)

2.5.1 (July 17, 2019)

  • [FIX] Fixes the bug with a custom Error class (#335)
  • [FIX] Fixes the settings for Babel to reduce the bundle size (#259)

2.5.0 (July 16, 2019)

  • [ADD] Add constant output so that users can quickly get all types (#325)

... (truncated)

Commits
  • e188e8a Merge branch '2.11.0' into production
  • 1d64eca chore: bump version, write changelog and docs
  • 5b11ac2 Add missing typescript property declaration
  • 53d54e2 Merge pull request #428 from lancedikson/dependabot/npm_and_yarn/lodash-4.17.19
  • b7c67e9 Merge pull request #431 from lancedikson/dependabot/npm_and_yarn/elliptic-6.5.3
  • b2383ed Merge pull request #440 from lancedikson/dependabot/npm_and_yarn/yargs-parser...
  • e431acf Merge pull request #442 from lancedikson/dependabot/npm_and_yarn/http-proxy-1...
  • c504b11 Merge pull request #427 from YongliangDing/declaration-update
  • a6317d2 Merge pull request #438 from Cordazar/patch-2
  • 24dab5f Merge pull request #437 from willamesoares/include-alias-check
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by lancedikson, a new releaser for bowser since your current version.


Updates d3 from 3.5.6 to 7.9.0

Release notes

Sourced from d3's releases.

v7.9.0

v7.8.5

  • Fix the return value of d3.medianIndex and d3.quantileIndex when the data contains missing values. #275

v7.8.4

v7.8.3

v7.8.2

v7.8.1

  • Tolerate invalid input values when generating contours. #61
  • Tolerate invalid input weights when generating density contours. #65
  • Fix missing contours at extrema when using default thresholds. #68

v7.8.0

  • Add d3.pathRound.
  • Add configurable precision when generating path data via path.digits.
  • Add likewise shape.digits method to d3.arc, d3.area, d3.line, d3.link, and d3.symbol.
  • Improve the performance of d3.geoPath’s string concatenation.
  • Fix arc rendering for small arcs with rounded corners.
  • Fix BumpRadial implementation to support multiple points.
  • Fix projection when lambda is outside the range ±3π.
  • Rename d3.symbolX to d3.symbolTimes; d3.symbolX is now deprecated.

v7.7.0

v7.6.1

v7.6.0

... (truncated)

Changelog

Sourced from d3's changelog.

Changes in D3 7.0

Released June 11, 2021.

This document covers only major changes. For minor and patch changes, please see the release notes.

D3 now ships as pure ES modules and requires Node.js 12 or higher. For more, please read Sindre Sorhus’s FAQ.

d3.bin now ignores nulls. d3.ascending and d3.descending no longer consider null comparable.

Ordinal scales now use InternMap for domains; domain values are now uniqued by coercing to a primitive value via object.valueOf instead of coercing to a string via object.toString.

Array-likes (e.g., a live NodeList such as element.childNodes) are converted to arrays in d3.selectAll and selection.selectAll.

Changes in D3 6.0

Released August 26, 2020.

D3 now uses native collections (Map and Set) and accepts iterables. d3.group and d3.rollup are powerful new aggregation functions that replace d3.nest and work great with d3-hierarchy and d3-selection. There are lots of new helpers in d3-array, too, such as d3.greatest, d3.quickselect, and d3.fsum.

D3 now passes events directly to listeners, replacing the d3.event global and bringing D3 inline with vanilla JavaScript and most other frameworks.

d3-delaunay (based on Vladimir Agafonkin’s excellent Delaunator) replaces d3-voronoi, offering dramatic improvements to performance, robustness, and search. And there’s a new d3-geo-voronoi for spherical (geographical) data! d3-random is greatly expanded and includes a fast linear congruential generator for seeded randomness. d3-chord has new layouts for directed and transposed chord diagrams. d3-scale adds a new radial scale type.

… and a variety of other small enhancements. More than 450 examples have been updated to D3 6.0!

d3-array

... (truncated)

Commits


Updates datatables.net from 1.13.4 to 2.1.5

Release notes

Sourced from datatables.net's releases.

1.13.11

DataTables 1.13.11

Commits
  • 82b7af4 Sync tag release - 2.1.5
  • c5d1afb d8c8900fbafa42a90aec216397ebf13095c10a20 Release 2.1.5
  • 1470279 e6d7805c8832066ecf8917d9f42e67bb74ba03a3 Fix: Add classes for cells (`-init c...
  • b1de1b4 ed2314c0cc69ceba50818ef16986764c0f1341c0 Build: Update SASS
  • 08bb8bd a3f4416739610faf030e6a76d2389bbe385a4a78 Test: Slightly better handling for l...
  • 37c1744 3c4df03c5e03c4c743fb5bdf0067ab3462a723e4 Fix: Column widths given by `-init c...
  • fccf4ef b11d4b03ca9875b9ac1c281cbeb624aeea21989d Docs: Correct return type for `-api ...
  • 931458e bb964802bde5810291ba683d3b158799591cd678 Fix: Bulma integration had two `<nav...
  • 9a82f21 7f32828322eabfab3529968255944c9bc2dbd771 Dev: I missed a loop break
  • d10f0d8 424f4b49816899f53e79cd4b19711583d3f4ec97 Fix: API instances created with a la...
  • Additional commits viewable in compare view


Updates datatables.net-bs from 1.13.4 to 2.1.5

Release notes

Sourced from datatables.net-bs's releases.

1.13.11

Bootstrap 1.13.11

Commits
  • 549b3e7 Sync tag release - 2.1.5
  • 3830f3b d8c8900fbafa42a90aec216397ebf13095c10a20 Release 2.1.5
  • ffb72a5 e6d7805c8832066ecf8917d9f42e67bb74ba03a3 Fix: Add classes for cells (`-init c...
  • 3277594 ed2314c0cc69ceba50818ef16986764c0f1341c0 Build: Update SASS
  • c030c68 a3f4416739610faf030e6a76d2389bbe385a4a78 Test: Slightly better handling for l...
  • cacebe8 3c4df03c5e03c4c743fb5bdf0067ab3462a723e4 Fix: Column widths given by `-init c...
  • 2a8c8c3 b11d4b03ca9875b9ac1c281cbeb624aeea21989d Docs: Correct return type for `-api ...
  • c507dfb bb964802bde5810291ba683d3b158799591cd678 Fix: Bulma integration had two `<nav...
  • 426882c 7f32828322eabfab3529968255944c9bc2dbd771 Dev: I missed a loop break
  • b809168 424f4b49816899f53e79cd4b19711583d3f4ec97 Fix: API instances created with a la...
  • Additional commits viewable in compare view


Updates datatables.net-buttons from 2.3.6 to 3.1.2

Release notes

Sourced from datatables.net-buttons's releases.

3.1.2

Buttons 3.1.2

3.1.1

Buttons 3.1.1

3.1.0

Buttons 3.1.0

3.0.2

Buttons 3.0.2

3.0.1

Buttons 3.0.1

3.0.0

Buttons 3.0.0

2.4.2

Buttons 2.4.2

2.4.1

Buttons 2.4.1

2.4.0

Buttons 2.4.0

Commits
  • c92939f 4013447fd9b542203cf0e082835fa200fe558c65 Release 3.1.2
  • cb89700 8ac1bbb1069ef36fca3bdf3eb2561cff47d4c5a1 Dev: Fix - missing a few extend para...
  • 7d327d5 c4db8db6b753f9747fad37226ea8ae3f5d20e1cf Typescript: Collection button type d...
  • 9439c6c 894b849493bc82b611534124d249f9657c35264b Fix missing call to cb in "copy" whe...
  • 5970e10 4f65fcf69a8348e89dbea3c053e7323b952dc9dd Add control to the successfully copi...
  • 7ffc785 Sync tag release - 3.1.1
  • 9a006d7 c863eed3dcf6200ffa23f4917d4eda0c35fc03e4 Release 3.1.1
  • 32d027a db912ef1d4b5945cbacd7d13cd74e80a715db646 Fix: Excel button was calling `custo...
  • dbe39db 0695dd5c3fb64810edd88aa13107452695a82a8e Fix: Bulma styling on narrow screens...
  • eea7a8f a5f44b037248904631a547f5996510e43cbbae51 Fix: Full support for Bulma 1.0+
  • Additional commits viewable in compare view


Updates datatables.net-buttons-bs from 2.4.1 to 3.1.2

Release notes

Sourced from datatables.net-buttons-bs's releases.

3.1.2

Buttons Bootstrap 3.1.2

3.1.1

Buttons Bootstrap 3.1.1

3.1.0

Buttons Bootstrap 3.1.0

3.0.2

Buttons Bootstrap 3.0.2

3.0.1

Buttons Bootstrap 3.0.1

3.0.0

Buttons Bootstrap 3.0.0

2.4.2

Buttons Bootstrap 2.4.2

Commits
  • 36741fe 4013447fd9b542203cf0e082835fa200fe558c65 Release 3.1.2
  • bf5e20b 8ac1bbb1069ef36fca3bdf3eb2561cff47d4c5a1 Dev: Fix - missing a few extend para...
  • c989859 c4db8db6b753f9747fad37226ea8ae3f5d20e1cf Typescript: Collection button type d...
  • b97df50 894b849493bc82b611534124d249f9657c35264b Fix missing call to cb in "copy" whe...
  • a564b9e 4f65fcf69a8348e89dbea3c053e7323b952dc9dd Add control to the successfully copi...
  • 2843b61 Sync tag release - 3.1.1
  • 482bb67 c863eed3dcf6200ffa23f4917d4eda0c35fc03e4 Release 3.1.1
  • a299fbc db912ef1d4b5945cbacd7d13cd74e80a715db646 Fix: Excel button was calling `custo...
  • c4c4244 0695dd5c3fb64810edd88aa13107452695a82a8e Fix: Bulma styling on narrow screens...
  • 5ced12d a5f44b037248904631a547f5996510e43cbbae51 Fix: Full support for Bulma 1.0+
  • Additional commits viewable in compare view


Updates dompurify from 2.5.5 to 3.1.6

Release notes

Sourced from dompurify's releases.

DOMPurify 3.1.6

  • Fixed an issue with the execution logic of attribute hooks to prevent bypasses, thanks @​kevin-mizu
  • Fixed an issue with element removal leading to uncaught errors through DOM Clobbering, thanks @​realansgar
  • Fixed a minor problem with the bower file pointing to the wrong dist path
  • Fixed several minor typos in docs, comments and comment blocks, thanks @​Rotzbua
  • Updated several development dependencies

DOMPurify 3.1.5

  • Fixed a minor issue with the dist paths in bower.js, thanks @​HakumenNC
  • Fixed a minor issue with sanitizing HTML coming from copy&paste Word content, thanks @​kakao-bishop-cho

DOMPurify 3.1.4

  • Fixed an issue with the recently implemented isNaN checks, thanks @​tulach
  • Added several new popover attributes to allow-list, thanks @​Gigabyte5671
  • Fixed the tests and adjusted the test runner to cover all branches

DOMPurify 3.1.3

  • Fixed several mXSS variations found by and thanks to @​kevin-mizu & @​Ry0taK
  • Added better configurability for comment scrubbing default behavior
  • Added better hardening against Prototype Pollution attacks, thanks @​kevin-mizu
  • Added better handling and readability of the nodeType property, thanks @​ssi02014
  • Fixed some smaller issues in README and other documentation

DOMPurify 3.1.2

  • Addressed and fixed a mXSS variation found by @​kevin-mizu
  • Addressed and fixed a mXSS variation found by Adam Kues of Assetnote
  • Updated tests for older Safari and Chrome versions

DOMPurify 3.1.1

  • Fixed an mXSS sanitiser bypass reported by @​icesfont
  • Added new code to track element nesting depth
  • Added new code to enforce a maximum nesting depth of 255
  • Added coverage tests and necessary clobbering protections

Note that this is a security release and should be upgraded to immediately. Please also note that further releases may follow as the underlying vulnerability is apparently new and further variations may be discovered.

DOMPurify 3.1.0

  • Added new setting SAFE_FOR_XML to enable better control over comment scrubbing
  • Updated README to warn about happy-dom not being safe for use with DOMPurify yet
  • Updated the LICENSE file to show the accurate year number
  • Updated several build and test dependencies

DOMPurify 3.0.11

  • Fixed another conditional bypass caused by Processing Instructions, thanks @​Ry0taK
  • Fixed the regex for HTML Custom Element detection, thanks @​AlekseySolovey3T

DOMPurify 3.0.10

  • Fixed two possible bypasses when sanitizing an XML document and later using it in HTML, thanks @​Slonser
  • Bumped up some build and test dependencies

... (truncated)

Commits
  • 4083a90 Merge pull request #978 from cure53/main
  • 90a10a1 fix: Fixed a typo on the README
  • 65df042 chore: Preparing 3.1.6 release
  • 6e03334 fix: Made sure that remove() is not called directly from node
  • 00fc06c fix: Fixed a DOM clobbering issue leading to an error being thrown
  • f8c2ef5 Merge pull request #977 from cure53/dependabot/npm_and_yarn/multi-99ca4f73d8
  • e5112ec build(deps): bump ws and socket.io-adapter
  • 9978cec docs: Added better security warning about SAFE_FOR_XML to README
  • fa542df fix: Changed the order for attribute checks slightly for safer hooks
  • b8b552c Merge pull request #975 from cure53/dependabot/npm_and_yarn/multi-2d3aef8690
  • Additional commits viewable in compare view


Updates file-saver from 1.3.4 to 2.0.5

Release notes

Sourced from file-saver's releases.

v2.0.4

changes how it detect safari

v2.0.2

  • Catching an exception on Send (HEAD) (#534)

v2.0.0

No release notes provided.

1.3.8

No release notes provided.

1.3.7

No release notes provided.

1.3.6

No release notes provided.

Commits


Updates jquery from 2.2.4 to 3.7.1

Release notes

Sourced from jquery's releases.

jQuery 3.7.1 Released: Reliable Table Row Dimensions

https://blog.jquery.com/2023/08/28/jquery-3-7-1-released-reliable-table-row-dimensions/

jQuery 3.7.0: Staying in Order

https://blog.jquery.com/2023/05/11/jquery-3-7-0-released-staying-in-order/

jQuery 3.6.4 Released: Selector Forgiveness

https://blog.jquery.com/2023/03/08/jquery-3-6-4-released-selector-forgiveness/

jQuery supports CSS.supports in jQuery 3.6.3

https://blog.jquery.com/2022/12/20/jquery-3-6-3-released-a-quick-selector-fix/

jQuery 3.6.2 :has arrived!

https://blog.jquery.com/2022/12/13/jquery-3-6-2-released/

jQuery 3.6.1 Maintenance Release

https://blog.jquery.com/2022/08/26/jquery-3-6-1-maintenance-release/

jQuery 3.6.0 Released!

https://blog.jquery.com/2021/03/02/jquery-3-6-0-released/

jQuery 3.5.0 Released!

See the blog post: https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ and the upgrade guide: https://jquery.com/upgrade-guide/3.5/

NOTE: Despite being a minor release, this update includes a breaking change that we had to make to fix a security issue ( CVE-2020-11022). Please follow the blog post & the upgrade guide for more details.

Commits
  • f79d5f1 3.7.1
  • 399b201 Release: revert change that broke release
  • f85d521 Release: update authors
  • 763ade6 Build: Generate the slim build on grunt & run compare_size on it
  • a288838 CSS: Make the reliableTrDimensions support test work with Bootstrap CSS (3.x ...
  • 87467a6 Selector: Only attach the unload handler in IE & Edge Legacy
  • 3c18c1f Build: Make sure *.cjs & *.mjs files use UNIX line endings as well
  • 72ae577 Build: switch preferred email for timmywil
  • a370d7d Build: Build: Bump actions/checkout from 3.5.2 to 3.5.3
  • 4a29888 Docs: Fix typos found by codespell
  • Additional commits viewable in compare view


Updates jquery-ui from 1.13.3 to 1.14.0

Release notes

Sourced from jquery-ui's releases.

jQuery UI 1.14.0 released

https://blog.jqueryui.com/2024/08/jquery-ui-1-14-0-released/

Commits
  • 501c347 1.14.0
  • 2fb378e Docs: Update AUTHORS.txt
  • 02a6e6b Datepicker: Hide the UI on destroy
  • a0c5b12 Build: Bump actions/setup-node from 4.0.2 to 4.0.3 in the github-actions group
  • cd41c45 Tests: Update jQuery Migrate from 3.4.1 to 3.5.2, simplify Migrate setup
  • 600057f Demos: Make autocomplete demos work on jqueryui.com
  • 5665215 Build: Group dependabot PRs updating GitHub Actions
  • 7f0e920 Release: Update download.jqueryui.com from 2.3.6 to 2.3.7
  • 872c28a Build: Bump actions/checkout from 4.1.6 to 4.1.7
  • 2735f7d Release: Update download.jqueryui.com from 2.3.5 to 2.3.6
  • Additional commits viewable in compare view


Updates plotly.js-dist-min from 2.33.0 to 2.35.0

Release notes

Sourced from plotly.js-dist-min's releases.

v2.35.0

Added

Changed

  • Deprecate mapbox traces and mapbox subplot [#7087]
  • Drop obsolete npm v6 installation [#7095]
  • Use Node.js v18 and npm v10 in development [#7078]
  • Update npm lockfile to v3 [#7099]
  • Update turf to v7 [#7116]

Fixed

  • Fix centroid calculation in turf [#7115], with thanks to @​birkskyum for the contribution!
  • Fix missing cursor for Ternary Plot[#7057], with thanks to @​Lexachoc for the contribution!
  • Elaborate on the Custom Bundle guide [#7101]

v2.34.0

Added

  • Add subtitle attribute to layout.title to enable adding subtitles to plots [#7012]
  • Introduce "u" and "s" pseudo html tags to add partial underline and strike-through styles to SVG text elements [#7043]
  • Add geometric mean functionality and 'geometric mean ascending' + 'geometric mean descending' to category_order on cartesian axes [#6223], with thanks to @​acxz and @​prabhathc for the contribution!
  • Add axis property ticklabelindex for drawing the label for each minor tick n positions away from a major tick, with thanks to @​my-tien for the contribution! [#7036]
  • Add property ticklabelstandoff and ticklabelshift to cartesian axes to adjust positioning of tick labels, with thanks to @​my-tien for the contribution! [#7006]
  • Add x0shift, x1shift, y0shift, y1shift to shapes to add control over positioning of shape vertices on (multi-)category axes, with thanks to @​my-tien for the contribution! [#7005]

Fixed

  • Fix displaying scattergl traces while zooming or panning (regression introduced in 2.26.0) [#7018], with thanks to @​eiriklv for the contribution!
  • Fix for excessive hoverlabel removal and overlap for plots with both scatter and bar traces [#6954], with thanks to @​mbant for the contribution!
  • F... _Description has been truncated_
sonarcloud[bot] commented 2 months ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

dependabot[bot] commented 1 month ago

Looks like these dependencies are updatable in another way, so this is no longer needed.