search

mozilla / multi-account-containers

Firefox Multi-Account Containers lets you keep parts of your online life separated into color-coded tabs that preserve your privacy. Cookies are separated by container, allowing you to use the web with multiple identities or accounts simultaneously.
https://addons.mozilla.org/firefox/addon/multi-account-containers/
Mozilla Public License 2.0
2.64k stars 322 forks source link

Bump fast-json-patch, addons-linter and web-ext #2499

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps fast-json-patch to 3.1.1 and updates ancestor dependencies fast-json-patch, addons-linter and web-ext. These dependencies need to be updated together.

Updates fast-json-patch from 2.2.1 to 3.1.1

Release notes

Sourced from fast-json-patch's releases.

3.1.1

Security Fix for Prototype Pollution - huntr.dev #262

Bug fixes and ES6 modules

Use ES6 Modules

  • package now exports non-bundled ES module Starcounter-Jack/JSON-Patch#232
  • main still points to CommonJS module for backward compatibility
  • README recommends use of named ES imports

List of changes https://github.com/Starcounter-Jack/JSON-Patch/compare/v2.2.1...3.0.0-0

Use ES6 Modules

  • package now exports non-bundled ES module Starcounter-Jack/JSON-Patch#232
  • main still points to CommonJS module for backward compatibility
  • README recommends use of named ES imports

Full list of changes https://github.com/Starcounter-Jack/JSON-Patch/compare/v2.2.1...3.0.0-0

Commits
Maintainer changes

This version was pushed to npm by mountain-jack, a new releaser for fast-json-patch since your current version.


Updates addons-linter from 5.24.0 to 5.28.0

Release notes

Sourced from addons-linter's releases.

5.28.0 (2023-02-06)

Main changes

  • Added: imported Firefox 110.0b8 API schema (#4694)

dependencies

  • Updated: bump @mdn/browser-compat-data to 5.2.33 (#4695)
  • Updated: bump deepmerge to 4.3.0 (#4691)
  • Updated: bump eslint to 8.33.0 (#4692)

dev dependencies

  • Updated: bump @babel/plugin-proposal-decorators to 7.20.13 (#4682)
  • Updated: bump babel-jest to 29.4.1 (#4688)
  • Updated: bump jest to 29.4.1 (#4689)

5.27.0 (2023-01-19)

Main changes

  • Updated: use vendored ajv-merge-patch library (#4678)

dependencies

  • Updated: bump @mdn/browser-compat-data from 5.2.28 to 5.2.29 (#4680)
  • Updated: bump eslint from 8.31.0 to 8.32.0 (#4674)
  • Updated: bump glob from 8.0.3 to 8.1.0 (#4675)

dev dependencies

  • Updated: bump prettier from 2.8.2 to 2.8.3 (#4676)

5.26.0 (2023-01-09)

Main changes

  • Added: import Firefox 109.0b9 API schema (#4655)
  • Added: unit tests for the DNR manifest fields validation (#4667)
  • Fixed: ensure empty ZIP files will output results when auto-close feature is disabled (#4662)
  • Fixed: prevent errors when permissions in manifest.json isn't an array (#4660)

dependencies

  • Updated: dependency @mdn/browser-compat-data to 5.2.26 (#4663)
  • Updated: dependency addons-scanner-utils to 8.3.0 (#4668)
  • Updated: dependency ajv to 8.12.0 (#4653)
  • Updated: dependency eslint to v8.31.0 (#4642)
  • Updated: dependency fluent-syntax to 0.14.0 (#4665)
  • Updated: dependency postcss to 8.4.21 (#4666)

dev dependencies

... (truncated)

Commits
  • 2430dbe 5.28.0
  • b6ea3b1 feat: Imported Firefox 110.0b8 API schema (#4694)
  • 6bd4011 chore(deps): bump @​mdn/browser-compat-data from 5.2.32 to 5.2.33 (#4695)
  • 0d0e770 chore(deps): bump deepmerge from 4.2.2 to 4.3.0 (#4691)
  • 3a9b327 chore(deps-dev): bump babel-jest from 29.4.0 to 29.4.1 (#4688)
  • 88b486a chore(deps): bump eslint from 8.32.0 to 8.33.0 (#4692)
  • 55748e7 chore(deps): bump @​mdn/browser-compat-data from 5.2.31 to 5.2.32 (#4690)
  • f41324d chore(deps-dev): bump jest from 29.4.0 to 29.4.1 (#4689)
  • 5b9397b chore(deps): bump @​mdn/browser-compat-data from 5.2.30 to 5.2.31 (#4687)
  • 64e2391 chore(deps-dev): bump babel-jest from 29.3.1 to 29.4.0 (#4684)
  • Additional commits viewable in compare view


Updates web-ext from 7.4.0 to 7.5.0

Release notes

Sourced from web-ext's releases.

7.5.0

Features

  • web-ext lint: updated to use addons-linter v5.27.0 (#2573, #2583, #2602, #2619)
    • import Firefox 109.0b9 API schema
    • ensure empty ZIP files will output results when auto-close feature is disabled
    • switch to vendored ajv-merge-patch library to fix a potential security issue
    • prevent errors when permissions in manifest.json isn't an array
  • web-ext sign: send user agent header with signing requests (#2540)

Bug Fixes

  • web-ext sign: added missing type for channel parameter (#2546)
  • web-ext sign: fixed the default AMO API base URL used by the experimental --use-submission-api CLI flag (#2621)
  • Other dependencies updated:
    • sign-addon to v5.2.0 (#2584)
    • camelcase to v7.0.1 (#2574)
    • eslint to v8.29.0 (#2569)
    • mocha to v10.2.0 (#2572)
    • prettier to v2.8.1 (#2571)
    • ... and some other dev dependencies

See all changes: https://github.com/mozilla/web-ext/compare/7.4.0...7.5.0

Commits
  • fa989f7 7.5.0
  • 71e19d2 add trailing slash to amo-base-url & enforce within submit-addon Client (#2621)
  • 00250d0 chore(deps): bump @​babel/runtime from 7.20.7 to 7.20.13 (#2622)
  • 0bf4881 ci: use Node 18 in Circle CI (#2618)
  • ca817f3 chore: remove 'fast-json-patch' from the exclusion list in .nsprc (#2620)
  • 6659079 chore(deps): bump addons-linter from 5.26.0 to 5.27.0 (#2619)
  • 6356fa9 fix: Add missing type for channel parameter (#2546) (#2570)
  • 870b1d1 chore(deps-dev): bump eslint-plugin-import from 2.27.4 to 2.27.5 (#2613)
  • 9369afb chore(deps-dev): bump prettier from 2.8.2 to 2.8.3 (#2610)
  • 829884d chore(deps-dev): bump eslint from 8.31.0 to 8.32.0 (#2612)
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mozilla/multi-account-containers/network/alerts).