pie-framework / pie-elements

A collection of pies for rendering interactions in an assessment environment
http://pie-website.surge.sh
ISC License
0 stars 7 forks source link

chore(deps): bump mathjs from 7.6.0 to 13.2.0 #2202

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps mathjs from 7.6.0 to 13.2.0.

Changelog

Sourced from mathjs's changelog.

2204-10-02, 13.2.0

  • Feat: improve performance of functions map, filter and forEach (#3256). Thanks @​dvd101x.
  • Feat: improve performance of the methods map() and forEach() of DenseMatrix (#3251). Thanks @​Galm007.
  • Fix: #3253 cannot use identifiers containing special characters in function derivative.
  • Fix: improve the type definitions of ConstantNode to support all data types (#3257). Thanks @​smith120bh.
  • Fix: #3259 function symbolicEqual missing in the TypeScript definitions.
  • Fix: #3246 function leafCount missing in the TypeScript definitions.
  • Fix: #3267 implicit multiplication with a negative number and unit in.
  • Docs: fix broken links on the Configuration page. Thanks @​vassudanagunta.
  • Docs: document the syntax of map and forEach in the expression parser (#3272). Thanks @​dvd101x.

2024-08-27, 13.1.1

  • Fix security vulnerability in the CLI and web API allowing to call functions import, createUnit and reviver, allowing to get access to the internal math namespace and allowing arbitrary code execution. Thanks @​StarlightPWN.
  • Fix security vulnerability: when overwriting a rawArgs function with a non-rawArgs function, it was still called with raw arguments. This was both a functional issue and a security issue. Thanks @​StarlightPWN.
  • Fix security vulnerability: ensure that ObjectWrappingMap cannot delete unsafe properties. Thanks @​StarlightPWN.
  • Fix: not being able to use methods and properties on arrays inside the expression parser.

2024-08-26, 13.1.0

  • Feat: support multiple inputs in function map (#3228, #3196). Thanks @​dvd101x.
  • Feat: add matrix datatypes in more cases (#3235). Thanks @​dvd101x.
  • Feat: export util functions isMap, isPartitionedMap, and isObjectWrappingMap.
  • Fix: #3241 function map not always working with matrices (#3242). Thanks @​dvd101x.
  • Fix: #3244 fix broken link to ResultSet in the docs about classes.
  • Docs: add a link to the documentation page about the syntax expression from the function evaluate (see #3238).
  • Docs: improve the documentation of scope and fix the example custom_scope_objects.js (#3150)
  • Docs: spelling fixes in the embedded docs (#3252). Thanks @​dvd101x.

2024-07-19, 13.0.3

  • Fix: #3232 fix type definitions of function format to support notations hex, bin, and oct.

... (truncated)

Commits
  • 0c9c497 chore: publish v13.2.0
  • 302d799 chore: update devDependencies
  • b153c33 chore: update docs
  • 1d29c27 docs: document the syntax of map and forEach in the expression parser (#3...
  • 6bcb26c chore: try fix the codecov-action
  • d7df3fb chore: try fix the codecov-action
  • b2a7130 chore: try fix the codecov-action
  • 53413fd chore: try fix the codecov-action
  • 17a24ed chore: use codecov/codecov-action
  • 64d72e8 chore: update HISTORY.md and AUTHORS
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 month ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.