search

selfup / hyperapp-one

Hyperapp One is a Parcel boilerplate for quickstarting a web application with Hyperapp (V1), JSX, and Prettier.
https://selfup.github.io/hyperapp-one
MIT License
126 stars 20 forks source link

Bump node-forge and parcel #70

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Removes node-forge. It's no longer used after updating ancestor dependency parcel. These dependencies need to be updated together.

Removes node-forge

Updates parcel from 1.12.4 to 2.8.0

Release notes

Sourced from parcel's releases.

v2.8.0

Blog post: https://parceljs.org/blog/v2-8-0/

Added

  • Core
    • Code splitting across reexports using symbol data by splitting dependencies – Details
    • Update without bundling for non-dependency related changes – Details
    • Improve performance of incremental bundling – Details
    • Only serialize and send shared references to workers that need them – Details
    • Improve performance of HMR by not waiting for packaging – Details
  • JavaScript
    • Verify version when resolving Node builtin polyfills – Details
    • Add loadBundleConfig method to Packager plugins – Details
  • SVG
    • Generate typescript for SVGs when using svgr and typescript option – Details
  • Bundler
    • Move experimental bundler to default – Details

Fixed

  • Core
    • Fix verbose warning: reexport all doesn't include default – Details
    • Support multiple edge types in Graph.hasEdge – Details
    • Ensure edge exists before removal in Graph.removeEdge – Details
    • Disable splitting dependencies on symbols for non-scope hoisted bundles – Details
    • Fix TypeScript definitions for Parcel config API – Details
    • Use traverseAssets in packager to improve performance – Details
    • Make uniqueKey undefined by default – Details
    • Catch uncaught promise build abort race – Details
    • Bump parcel dependencies – Details
  • JavaScript
    • Bump SWC - Details, Details
    • Fix Chrome Android browserslist support check – Details
    • Fix CommonJS symbol collection without scope hoisting – Details
    • Make React Refresh debounce call on the leading edge – Details
    • Retain correct dependency order between imports and reexports without scopehoisting – Details
  • Bundler
    • Consider sibling in available assets to younger sibling for parallel deps – Details
    • Don't merge isolated child assets – Details
    • Do not merge isolated bundles in experimental bundler – Details
    • Implement min bundles configuration – Details
  • Dev server
    • Include Content-Length header in HEAD requests – Details
  • Vue
    • Fix errors displaying errors when compiling Vue SFCs – Details
    • Add file path to error code frames – Details
    • Fix location of errors – Details
  • Image

... (truncated)

Changelog

Sourced from parcel's changelog.

[2.8.0] - 2022-11-09

Added

  • Core
    • Code splitting across reexports using symbol data by splitting dependencies – Details
    • Update without bundling for non-dependency related changes – Details
    • Improve performance of incremental bundling – Details
    • Only serialize and send shared references to workers that need them – Details
    • Improve performance of HMR by not waiting for packaging – Details
  • JavaScript
    • Verify version when resolving Node builtin polyfills – Details
    • Add loadBundleConfig method to Packager plugins – Details
  • SVG
    • Generate typescript for SVGs when using svgr and typescript option – Details
  • Bundler
    • Move experimental bundler to default – Details

Fixed

  • Core
    • Fix verbose warning: reexport all doesn't include default – Details
    • Support multiple edge types in Graph.hasEdge – Details
    • Ensure edge exists before removal in Graph.removeEdge – Details
    • Disable splitting dependencies on symbols for non-scope hoisted bundles – Details
    • Fix TypeScript definitions for Parcel config API – Details
    • Use traverseAssets in packager to improve performance – Details
    • Make uniqueKey undefined by default – Details
    • Catch uncaught promise build abort race – Details
    • Bump parcel dependencies – Details
  • JavaScript
    • Bump SWC - Details, Details
    • Fix Chrome Android browserslist support check – Details
    • Fix CommonJS symbol collection without scope hoisting – Details
    • Make React Refresh debounce call on the leading edge – Details
    • Retain correct dependency order between imports and reexports without scopehoisting – Details
  • Bundler
    • Consider sibling in available assets to younger sibling for parallel deps – Details
    • Don't merge isolated child assets – Details
    • Do not merge isolated bundles in experimental bundler – Details
    • Implement min bundles configuration – Details
  • Dev server
    • Include Content-Length header in HEAD requests – Details
  • Vue
    • Fix errors displaying errors when compiling Vue SFCs – Details
    • Add file path to error code frames – Details
    • Fix location of errors – Details
  • Image
  • TypeScript

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/selfup/hyperapp-one/network/alerts).
dependabot[bot] commented 1 year ago

Looks like these dependencies are no longer a dependency, so this is no longer needed.