mxmul / closure-loader

Webpack loader for Google Closure modules ✨
MIT License
29 stars 22 forks source link

Bump google-closure-library from 20180506.0.0 to 20200315.0.0 #65

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 3 years ago

Bumps google-closure-library from 20180506.0.0 to 20200315.0.0.

Release notes

Sourced from google-closure-library's releases.

Closure Library v20200315

New Additions

  • Add SafeHtml.comment.

Security Fixes

  • Fixes CVE-2020-8910.

Backwards Incompatible Changes

  • Delete inlay css styles, which are not actually used by Closure.
  • Add non-nullable modifier to return type of functions never returning null.
  • Remove forwardDeclares from Closure Events Listenable by reducing the typing of the event key's src property to just Listenable, instead of Listenable|EventTarget. Note that EventTarget is the primary implementation of Listenable.

Other Changes

  • Added SafeUrl.fromMediaSource()
  • Fix authority parsing in Closure URI parser.
  • Document mode is now based on user agent on IE if not present in document
  • Add a define to module manager so that we can control module loading behaviors.
  • Add non-nullable modifier to return type of functions never returning null.
  • goog.isArray in deprecated in favor of Array.isArray
  • Update Thenable.then rejection handler JSDoc to reflect actual functionality.

Closure Library v20200224

New Additions

  • Create goog.debug.deepFreeze.
  • Added goog.async.promises.allMapsValues utility function

Backwards Incompatible Changes

  • AbstractRange.prototype.getTextRange(s) now return AbstractRange instead of the specific TextRange subclass

Other Changes

  • Remove some forwardDeclares from closure labs net.
  • Remove forwardDeclares from closure/graphics.
  • Remove forwardDeclare from closure/fs.
  • Linkify matching {} and () in URL like https://g\.com?res\{x=3\}
  • The functions allowed by the CSS sanitizer are now case insensitive.
  • Replace uses of goog.isArray in preparation for its removal
  • Remove special case for ie6-ie10 in nexttick.
  • Remove some forwardDeclares from closure/net.
  • Remove forwardDeclares from various Closure packages.

Closure Library v20200204

Note: the last two releases were not pushed to npm. To keep a complete changelog these release notes include the last two as well.

New Additions

  • Add TrustedResourceUrl.fromSafeScript().
  • New htmlsanitizer builder API addition.
  • Extract the version from Headless Chrome user-agent strings.

Backwards Incompatible Changes

  • goog.net.WebSocket no longer accepts direct autoReconnect and getNextReconnect arguments; specify these as fields in an options object instead.

... (truncated)

Commits
  • c6e4fe0 Bump version.
  • 2fb2c6d Migrate goog.forwardDeclare to goog.requireType.
  • ade336a Migrate goog.forwardDeclare to goog.requireType.
  • 964e8f3 RELNOTES[NEW]: Add SafeHtml.comment.
  • a93d568 RELNOTES: Add non-nullable modifier to return type of functions never returni...
  • 294fc00 Fix authority parsing in Closure URI parser.
  • 49624ab Add a define to module manager so that we can control module loading behaviors.
  • 5845fb1 Removed the legacy buffering-proxy detection (aka test-channel).
  • f4c4443 Add non-nullable modifier to return type of functions never returning null.
  • 60f4a9c Add non-nullable modifier to return type of functions never returning null.
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mxmul/closure-loader/network/alerts).
dependabot[bot] commented 2 years ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.