Globally available Vim like productivity application with a fancy mouse control. Home row keyboard mapping makes typing innovatively fast in everywhere
electron/electron
### [`v20.3.12`](https://togithub.com/electron/electron/releases/tag/v20.3.12): electron v20.3.12
[Compare Source](https://togithub.com/electron/electron/compare/v20.3.11...v20.3.12)
### Release Notes for v20.3.12
#### End of Support for 20.x.y
Electron 20.x.y has reached end-of-support as per the project's [support policy](https://www.electronjs.org/docs/latest/tutorial/electron-timelines#version-support-policy). Developers and applications are encouraged to upgrade to a newer version of Electron.
#### Other Changes
- Security: backported fix for [`1376354`](https://togithub.com/electron/electron/commit/1376354). [#37172](https://togithub.com/electron/electron/pull/37172)
- Security: backported fix for [`1406115`](https://togithub.com/electron/electron/commit/1406115). [#37171](https://togithub.com/electron/electron/pull/37171)
- Security: backported fix for CVE-2023-0472. [#37058](https://togithub.com/electron/electron/pull/37058)
nodejs/node
### [`v18.14.2`](https://togithub.com/nodejs/node/releases/tag/v18.14.2): 2023-02-21, Version 18.14.2 'Hydrogen' (LTS), @MylesBorins
[Compare Source](https://togithub.com/nodejs/node/compare/v18.14.1...v18.14.2)
##### Notable Changes
- \[[`f864bef32a`](https://togithub.com/nodejs/node/commit/f864bef32a)] - **deps**: upgrade npm to 9.5.0 (npm team) [#46673](https://togithub.com/nodejs/node/pull/46673)
##### Commits
- \[[`880a65d7ff`](https://togithub.com/nodejs/node/commit/880a65d7ff)] - **build**: delete `snapshot.blob` file from the project (Juan José Arboleda) [#46626](https://togithub.com/nodejs/node/pull/46626)
- \[[`cbea56efda`](https://togithub.com/nodejs/node/commit/cbea56efda)] - **deps**: update undici to 5.20.0 (Node.js GitHub Bot) [#46711](https://togithub.com/nodejs/node/pull/46711)
- \[[`f864bef32a`](https://togithub.com/nodejs/node/commit/f864bef32a)] - **deps**: upgrade npm to 9.5.0 (npm team) [#46673](https://togithub.com/nodejs/node/pull/46673)
- \[[`648041d568`](https://togithub.com/nodejs/node/commit/648041d568)] - **deps**: upgrade npm to 9.4.0 (npm team) [#46353](https://togithub.com/nodejs/node/pull/46353)
- \[[`5e1f213f3c`](https://togithub.com/nodejs/node/commit/5e1f213f3c)] - **deps**: patch V8 to 10.2.154.26 (Michaël Zasso) [#46446](https://togithub.com/nodejs/node/pull/46446)
### [`v18.14.1`](https://togithub.com/nodejs/node/releases/tag/v18.14.1): 2023-02-16, Version 18.14.1 'Hydrogen' (LTS), @RafaelGSS prepared by @juanarbol
[Compare Source](https://togithub.com/nodejs/node/compare/v18.14.0...v18.14.1)
This is a security release.
##### Notable Changes
The following CVEs are fixed in this release:
- **[CVE-2023-23918](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23918)**: Node.js Permissions policies can be bypassed via process.mainModule (High)
- **[CVE-2023-23919](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23919)**: Node.js OpenSSL error handling issues in nodejs crypto library (Medium)
- **[CVE-2023-23936](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23936)**: Fetch API in Node.js did not protect against CRLF injection in host headers (Medium)
- **[CVE-2023-24807](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24807)**: Regular Expression Denial of Service in Headers in Node.js fetch API (Low)
- **[CVE-2023-23920](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23920)**: Node.js insecure loading of ICU data through ICU_DATA environment variable (Low)
More detailed information on each of the vulnerabilities can be found in [February 2023 Security Releases](https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/) blog post.
This security release includes OpenSSL security updates as outlined in the recent
[OpenSSL security advisory](https://www.openssl.org/news/secadv/20230207.txt).
##### Commits
- \[[`8393ebc72d`](https://togithub.com/nodejs/node/commit/8393ebc72d)] - **build**: build ICU with ICU_NO_USER_DATA_OVERRIDE (RafaelGSS) [nodejs-private/node-private#379](https://togithub.com/nodejs-private/node-private/pull/379)
- \[[`004e34d046`](https://togithub.com/nodejs/node/commit/004e34d046)] - **crypto**: clear OpenSSL error on invalid ca cert (RafaelGSS) [#46572](https://togithub.com/nodejs/node/pull/46572)
- \[[`5e0142a852`](https://togithub.com/nodejs/node/commit/5e0142a852)] - **deps**: cherry-pick Windows ARM64 fix for openssl (Richard Lau) [#46572](https://togithub.com/nodejs/node/pull/46572)
- \[[`f71fe278a6`](https://togithub.com/nodejs/node/commit/f71fe278a6)] - **deps**: update archs files for quictls/openssl-3.0.8+quic (RafaelGSS) [#46572](https://togithub.com/nodejs/node/pull/46572)
- \[[`2c6817e42b`](https://togithub.com/nodejs/node/commit/2c6817e42b)] - **deps**: upgrade openssl sources to quictls/openssl-3.0.8+quic (RafaelGSS) [#46572](https://togithub.com/nodejs/node/pull/46572)
- \[[`f0afa0bfe5`](https://togithub.com/nodejs/node/commit/f0afa0bfe5)] - **deps**: update undici to 5.19.1 (Node.js GitHub Bot) [#46634](https://togithub.com/nodejs/node/pull/46634)
- \[[`c26a34c13e`](https://togithub.com/nodejs/node/commit/c26a34c13e)] - **deps**: update undici to 5.18.0 (Node.js GitHub Bot) [#46634](https://togithub.com/nodejs/node/pull/46634)
- \[[`db93ee4a15`](https://togithub.com/nodejs/node/commit/db93ee4a15)] - **deps**: update undici to 5.17.1 (Node.js GitHub Bot) [#46634](https://togithub.com/nodejs/node/pull/46634)
- \[[`b4e49fb02c`](https://togithub.com/nodejs/node/commit/b4e49fb02c)] - **deps**: update undici to 5.16.0 (Node.js GitHub Bot) [#46634](https://togithub.com/nodejs/node/pull/46634)
- \[[`90994e6a2c`](https://togithub.com/nodejs/node/commit/90994e6a2c)] - **deps**: update undici to 5.15.1 (Node.js GitHub Bot) [#46634](https://togithub.com/nodejs/node/pull/46634)
- \[[`00302fc7ac`](https://togithub.com/nodejs/node/commit/00302fc7ac)] - **deps**: update undici to 5.15.0 (Node.js GitHub Bot) [#46634](https://togithub.com/nodejs/node/pull/46634)
- \[[`0e3b796cc5`](https://togithub.com/nodejs/node/commit/0e3b796cc5)] - **lib**: makeRequireFunction patch when experimental policy (RafaelGSS) [nodejs-private/node-private#371](https://togithub.com/nodejs-private/node-private/pull/371)
- \[[`7cccd5565f`](https://togithub.com/nodejs/node/commit/7cccd5565f)] - **policy**: makeRequireFunction on mainModule.require (RafaelGSS) [nodejs-private/node-private#371](https://togithub.com/nodejs-private/node-private/pull/371)
nuxt/nuxt
### [`v3.2.2`](https://togithub.com/nuxt/nuxt/releases/tag/v3.2.2)
[Compare Source](https://togithub.com/nuxt/nuxt/compare/v3.2.1...v3.2.2)
> **3.2.1** is a patch release with (lots of) bug fixes and performance improvements since last week's minor release.
> **3.2.2** was a swiftly following release to patch an issue with `nuxi init`
#### 👀 Highlights
As a patch release, there are mostly bug fixes and performance improvements in the changelog. (Nevertheless, it's always worth reading through!) But one point of note is an experimental reload strategy when chunk errors are encountered. We're hoping to finalise the API and land it in v3.3 (our next feature release) with [https://github.com/nuxt/nuxt/pull/19086](https://togithub.com/nuxt/nuxt/pull/19086), but you can test out an experimental version with the following config:
```ts
export default defineNuxtConfig({
experimental: {
emitRouteChunkError: 'reload'
}
})
```
With this strategy, your app will hard reload on route changes if there's a chunk error. More info at [https://github.com/nuxt/nuxt/pull/19038](https://togithub.com/nuxt/nuxt/pull/19038).
#### 👉 Changelog
[compare changes](https://togithub.com/nuxt/nuxt/compare/v3.2.0...v3.2.1)
##### 🚀 Enhancements
- **nuxt:** Add experimental `app:chunkError` hook and reload strategy ([#19038](https://togithub.com/nuxt/nuxt/pull/19038))
##### 🔥 Performance
- **nuxt:** Allow tree-shaking empty meta from build ([#19032](https://togithub.com/nuxt/nuxt/pull/19032))
- **nuxt:** Animate transform rather than width ([#19073](https://togithub.com/nuxt/nuxt/pull/19073))
- **nuxt:** Don't include side-effects from `#components` ([#19008](https://togithub.com/nuxt/nuxt/pull/19008))
##### 🩹 Fixes
- **schema:** Allow type inference of arrays in runtime config ([#18931](https://togithub.com/nuxt/nuxt/pull/18931))
- **nuxt:** Avoid recursive import in nitro renderer ([#18948](https://togithub.com/nuxt/nuxt/pull/18948))
- **nuxt:** Expose `nuxt/schema` subpath for augmentation ([#18922](https://togithub.com/nuxt/nuxt/pull/18922))
- **nitro:** Ensure ssr error `statusCode` is a number ([#19001](https://togithub.com/nuxt/nuxt/pull/19001))
- **nuxt:** Prevent hyphens forming child routes & warn if dupes are detected ([#18944](https://togithub.com/nuxt/nuxt/pull/18944))
- **schema:** Transpile `nuxt/app` by default ([#19009](https://togithub.com/nuxt/nuxt/pull/19009))
- **vite:** Exclude `nuxt/app` from optimised deps ([9e789c76c](https://togithub.com/nuxt/nuxt/commit/9e789c76c))
- **vite:** Respect `isCustomElement` config for jsx transform ([#19053](https://togithub.com/nuxt/nuxt/pull/19053))
- **nuxt:** Use parser to treeshake client-only declarations ([#18951](https://togithub.com/nuxt/nuxt/pull/18951))
- **cli:** Pass through exit code from test errors ([#18959](https://togithub.com/nuxt/nuxt/pull/18959))
- **nuxt:** Show client error if no page matches after validate fails ([#18978](https://togithub.com/nuxt/nuxt/pull/18978))
- **cli:** Read `devServer` options from nuxt config ([#19055](https://togithub.com/nuxt/nuxt/pull/19055))
- **nuxt:** Validate no `//` in path when constructing payload url ([#19085](https://togithub.com/nuxt/nuxt/pull/19085))
- **nuxt:** Restore previous check on payload url ([e9ff34ace](https://togithub.com/nuxt/nuxt/commit/e9ff34ace))
- **nuxt:** Test generated pathname ([af55b9882](https://togithub.com/nuxt/nuxt/commit/af55b9882))
- **nuxt:** Respect redirects which differ only by trailing slash ([#18593](https://togithub.com/nuxt/nuxt/pull/18593))
- **nuxt:** Pass nuxt + workspace paths when importing builder ([#19099](https://togithub.com/nuxt/nuxt/pull/19099))
##### 💅 Refactors
- **nuxt:** Combine imports from same relative path ([ee2f568fc](https://togithub.com/nuxt/nuxt/commit/ee2f568fc))
##### 📖 Documentation
- Add info for `nuxi devtools` command ([#18888](https://togithub.com/nuxt/nuxt/pull/18888))
- Update link to bridge repo ([#18950](https://togithub.com/nuxt/nuxt/pull/18950))
- Fix typos ([#18976](https://togithub.com/nuxt/nuxt/pull/18976))
- Fix typo ([#18975](https://togithub.com/nuxt/nuxt/pull/18975))
- Fix link to ESM page ([#19000](https://togithub.com/nuxt/nuxt/pull/19000))
- Fix spacing ([#19018](https://togithub.com/nuxt/nuxt/pull/19018))
- Flatten top-level project in layers example ([#18967](https://togithub.com/nuxt/nuxt/pull/18967))
- Remove reference to obsolete `static` property ([80f73d39c](https://togithub.com/nuxt/nuxt/commit/80f73d39c))
- Add note about nested directory order ([#19061](https://togithub.com/nuxt/nuxt/pull/19061))
- Updated public directory explanation ([#18464](https://togithub.com/nuxt/nuxt/pull/18464))
- Add information on when mw runs & how to skip ([#19083](https://togithub.com/nuxt/nuxt/pull/19083))
- Add `sendRedirect` usage ([#19070](https://togithub.com/nuxt/nuxt/pull/19070))
##### 📦 Build
- **nuxt:** Add `nuxt/schema` to externals ([e3e768873](https://togithub.com/nuxt/nuxt/commit/e3e768873))
- Add `nuxt` to nuxt externals ([b1b908b1e](https://togithub.com/nuxt/nuxt/commit/b1b908b1e))
##### 🏡 Chore
- Increase node 14 minor version constraint ([#19111](https://togithub.com/nuxt/nuxt/pull/19111))
- Update nitropack and unjs dependencies ([#19100](https://togithub.com/nuxt/nuxt/pull/19100))
- Dedupe rollup ([576ce9ee3](https://togithub.com/nuxt/nuxt/commit/576ce9ee3))
##### ✅ Tests
- Skip vnode warning on windows dev mode ([71bcd9550](https://togithub.com/nuxt/nuxt/commit/71bcd9550))
##### 🤖 CI
- Run webpack/vite and dev/prod as matrices ([#18905](https://togithub.com/nuxt/nuxt/pull/18905))
##### ❤️ Contributors
- Daniel Roe
- Pooya Parsa
- Mathieu Magalhaes
- Yuyin
- Hamish Claxton
- Nathan Chase
- Alex
- Julien Huang
- Nick Williams
- Favour Felix Chinemerem
- Alois Sečkár
- Florent Delerue
- Xin Du (Clark)
- Tim Van Den Eijnden
- Benjamin Flesch
- Lioness100
- Felix
### [`v3.2.1`](https://togithub.com/nuxt/nuxt/compare/v3.2.0...v3.2.1)
[Compare Source](https://togithub.com/nuxt/nuxt/compare/v3.2.0...v3.2.1)
### [`v3.2.0`](https://togithub.com/nuxt/nuxt/releases/tag/v3.2.0)
[Compare Source](https://togithub.com/nuxt/nuxt/compare/v3.1.2...v3.2.0)
> **3.2.0** is the first minor release since we've started our new release schedule. We've brought it forward by a couple of weeks to include some goodies we want you to be able to play with soon.
#### 👀 Highlights
- ⚡️ **Nuxt DevTools**
> You can opt-in to Nuxt DevTools per-project by going to the project root and running:
>
> ```bash
> npx nuxi@latest devtools enable
> ```
>
> Restart your Nuxt server and open your app in browser. Click the Nuxt icon on the bottom (or press `Alt+D`) to toggle the DevTools.
More information in the [docs](https://togithub.com/nuxt/devtools)!
- ✨ **Better DX for overriding** `runtimeConfig`, including inline type helpers
- 🪄 **Automatically inferred return type** for `useFetch` and `$fetch` based on method.
> It'll be a type error to use the wrong method when hitting an endpoint.
>
> Plus, if you have multiple methods served by a single endpoint (like `~/server/api/test.get.ts` and `~/server/api/test.post.ts` then the response type will match the kind of response you make.
- 🍪 `useFetch` is now integrated with `event.$fetch`, meaning **cookies and context are now passed to api requests automagically** within internal requests.
- 🔥 We now **treeshake client-only components** out of the server build more effectively using the experimental `treeshakeClientOnly` feature
> This is turned on by default but if you experience any issues, you can turn this off via:
>
> ```js
> export default defineNuxtConfig({
> experimental: {
> treeshakeClientOnly: false
> }
> })
> ```
- 🛠️ New **`addRouteMiddleware` kit utility** for module authors
- 💪 **Nitropack v2.2** has been released
> Lots of features, including runtime proxy support using route rules, nested fetch calls, binary and raw storage operations, exposed `event.context.cf` (cloudflare) and built-in session support.
>
> For full details see [release notes](https://togithub.com/unjs/nitro/blob/main/CHANGELOG.md#v220)
#### Changelog
[compare changes](https://togithub.com/nuxt/nuxt/compare/v3.1.2...v3.2.0)
##### 🚀 Enhancements
- **kit:** Add `addRouteMiddleware` method ([#18553](https://togithub.com/nuxt/nuxt/pull/18553))
- **cli:** Warn when prerendering routes with `ssr: false` ([#18783](https://togithub.com/nuxt/nuxt/pull/18783))
- **schema:** Add type hints for runtime config ([#18652](https://togithub.com/nuxt/nuxt/pull/18652))
- **nuxt:** Support type auto-import ([#18859](https://togithub.com/nuxt/nuxt/pull/18859))
- **nuxt:** Infer `useFetch` return based on the method ([#18526](https://togithub.com/nuxt/nuxt/pull/18526))
- **cli:** Add initial support for enabling/disabling devtools ([#18864](https://togithub.com/nuxt/nuxt/pull/18864))
- **nuxt:** Upgrade to nitropack 2.2 ([#18889](https://togithub.com/nuxt/nuxt/pull/18889))
##### 🔥 Performance
- **vite:** Use stub entry in vite server build when ` ssr: false ` ([#18782](https://togithub.com/nuxt/nuxt/pull/18782))
##### 🩹 Fixes
- **nuxt:** Treeshake client-only components with placeholders ([#8789](https://togithub.com/nuxt/nuxt/pull/8789))
- **webpack:** Client-side typechecking when `ssr: false` ([#18828](https://togithub.com/nuxt/nuxt/pull/18828))
- **vite:** Exclude styles, not all assets ([#18752](https://togithub.com/nuxt/nuxt/pull/18752))
- **nuxt:** Defer adding route path to preloaded record ([#18862](https://togithub.com/nuxt/nuxt/pull/18862))
- **nuxt:** Don't exclude pnpm layers from nitro esbuild/imports ([#9952](https://togithub.com/nuxt/nuxt/pull/9952))
- **nuxt:** Use parser to treeshake `` ([#8713](https://togithub.com/nuxt/nuxt/pull/8713))
- Reorder the types field in package.json ([#18880](https://togithub.com/nuxt/nuxt/pull/18880))
##### 💅 Refactors
- **nuxt:** Within nuxt app, import directly from source file ([#18902](https://togithub.com/nuxt/nuxt/pull/18902))
##### 📖 Documentation
- Remove extra word ([#18750](https://togithub.com/nuxt/nuxt/pull/18750))
- **example:** Fix app config link ([#18760](https://togithub.com/nuxt/nuxt/pull/18760))
- Add `useError` composable ([#8912](https://togithub.com/nuxt/nuxt/pull/8912))
- Clarify augmenting input/output app config ([#8953](https://togithub.com/nuxt/nuxt/pull/8953))
- Add explanation of composable lifecycle ([#8116](https://togithub.com/nuxt/nuxt/pull/8116))
- **typescript:** Type-checking guide ([#18768](https://togithub.com/nuxt/nuxt/pull/18768))
- **schema:** Add NuxtHooks interface documentation ([#18756](https://togithub.com/nuxt/nuxt/pull/18756))
- Resolve `preloadRouteComponents` page heading error ([#18804](https://togithub.com/nuxt/nuxt/pull/18804))
- Update to nuxt 2.16.0 in bridge installation ([#18836](https://togithub.com/nuxt/nuxt/pull/18836))
- Add link to vue hydration mismatch docs ([#18842](https://togithub.com/nuxt/nuxt/pull/18842))
- Update auto-imports for the server part ([#18848](https://togithub.com/nuxt/nuxt/pull/18848))
- Warn about slots in server components ([#18854](https://togithub.com/nuxt/nuxt/pull/18854))
- Add explanation with augmented meta for new routes ([#18901](https://togithub.com/nuxt/nuxt/pull/18901))
##### ✅ Tests
- Decrease vite logging during tests ([5426e5609](https://togithub.com/nuxt/nuxt/commit/5426e5609))
##### ❤️ Contributors
- Daniel Roe
- Pooya Parsa
- Chen
- Julien Huang
- Yasser Lahbibi
- Dany Sluijk
- Alex Liu
- Anthony Fu
- Ayaka Rizumu
- Alexander Lichter
- Sébastien Chopin
- Mehdi HosseinZade
- Yesid
- Lucas
- Joseph Ojoko
- Dago
- Krutie Patel
- Leigh sass/dart-sass
### [`v1.58.3`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1583)
[Compare Source](https://togithub.com/sass/dart-sass/compare/1.58.2...1.58.3)
- No user-visible changes.
### [`v1.58.2`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1582)
[Compare Source](https://togithub.com/sass/dart-sass/compare/1.58.1...1.58.2)
##### Command Line Interface
- Add a timestamp to messages printed in `--watch` mode.
- Print better `calc()`-based suggestions for `/`-as-division expression that
contain calculation-incompatible constructs like unary minus.
### [`v1.58.1`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1581)
[Compare Source](https://togithub.com/sass/dart-sass/compare/1.58.0...1.58.1)
- Emit a unitless hue when serializing `hsl()` colors. The `deg` unit is
incompatible with IE, and while that officially falls outside our
compatibility policy, it's better to lean towards greater compatibility.
Configuration
📅 Schedule: Branch creation - "before 3am on Monday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
18.11.19->18.14.220.3.11->20.3.12>=v18.14.0->>=v18.14.23.1.2->3.2.21.58.0->1.58.3~1.58.0->~1.58.3Release Notes
electron/electron
### [`v20.3.12`](https://togithub.com/electron/electron/releases/tag/v20.3.12): electron v20.3.12 [Compare Source](https://togithub.com/electron/electron/compare/v20.3.11...v20.3.12) ### Release Notes for v20.3.12 #### End of Support for 20.x.y Electron 20.x.y has reached end-of-support as per the project's [support policy](https://www.electronjs.org/docs/latest/tutorial/electron-timelines#version-support-policy). Developers and applications are encouraged to upgrade to a newer version of Electron. #### Other Changes - Security: backported fix for [`1376354`](https://togithub.com/electron/electron/commit/1376354). [#37172](https://togithub.com/electron/electron/pull/37172) - Security: backported fix for [`1406115`](https://togithub.com/electron/electron/commit/1406115). [#37171](https://togithub.com/electron/electron/pull/37171) - Security: backported fix for CVE-2023-0472. [#37058](https://togithub.com/electron/electron/pull/37058)nodejs/node
### [`v18.14.2`](https://togithub.com/nodejs/node/releases/tag/v18.14.2): 2023-02-21, Version 18.14.2 'Hydrogen' (LTS), @MylesBorins [Compare Source](https://togithub.com/nodejs/node/compare/v18.14.1...v18.14.2) ##### Notable Changes - \[[`f864bef32a`](https://togithub.com/nodejs/node/commit/f864bef32a)] - **deps**: upgrade npm to 9.5.0 (npm team) [#46673](https://togithub.com/nodejs/node/pull/46673) ##### Commits - \[[`880a65d7ff`](https://togithub.com/nodejs/node/commit/880a65d7ff)] - **build**: delete `snapshot.blob` file from the project (Juan José Arboleda) [#46626](https://togithub.com/nodejs/node/pull/46626) - \[[`cbea56efda`](https://togithub.com/nodejs/node/commit/cbea56efda)] - **deps**: update undici to 5.20.0 (Node.js GitHub Bot) [#46711](https://togithub.com/nodejs/node/pull/46711) - \[[`f864bef32a`](https://togithub.com/nodejs/node/commit/f864bef32a)] - **deps**: upgrade npm to 9.5.0 (npm team) [#46673](https://togithub.com/nodejs/node/pull/46673) - \[[`648041d568`](https://togithub.com/nodejs/node/commit/648041d568)] - **deps**: upgrade npm to 9.4.0 (npm team) [#46353](https://togithub.com/nodejs/node/pull/46353) - \[[`5e1f213f3c`](https://togithub.com/nodejs/node/commit/5e1f213f3c)] - **deps**: patch V8 to 10.2.154.26 (Michaël Zasso) [#46446](https://togithub.com/nodejs/node/pull/46446) ### [`v18.14.1`](https://togithub.com/nodejs/node/releases/tag/v18.14.1): 2023-02-16, Version 18.14.1 'Hydrogen' (LTS), @RafaelGSS prepared by @juanarbol [Compare Source](https://togithub.com/nodejs/node/compare/v18.14.0...v18.14.1) This is a security release. ##### Notable Changes The following CVEs are fixed in this release: - **[CVE-2023-23918](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23918)**: Node.js Permissions policies can be bypassed via process.mainModule (High) - **[CVE-2023-23919](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23919)**: Node.js OpenSSL error handling issues in nodejs crypto library (Medium) - **[CVE-2023-23936](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23936)**: Fetch API in Node.js did not protect against CRLF injection in host headers (Medium) - **[CVE-2023-24807](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24807)**: Regular Expression Denial of Service in Headers in Node.js fetch API (Low) - **[CVE-2023-23920](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23920)**: Node.js insecure loading of ICU data through ICU_DATA environment variable (Low) More detailed information on each of the vulnerabilities can be found in [February 2023 Security Releases](https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/) blog post. This security release includes OpenSSL security updates as outlined in the recent [OpenSSL security advisory](https://www.openssl.org/news/secadv/20230207.txt). ##### Commits - \[[`8393ebc72d`](https://togithub.com/nodejs/node/commit/8393ebc72d)] - **build**: build ICU with ICU_NO_USER_DATA_OVERRIDE (RafaelGSS) [nodejs-private/node-private#379](https://togithub.com/nodejs-private/node-private/pull/379) - \[[`004e34d046`](https://togithub.com/nodejs/node/commit/004e34d046)] - **crypto**: clear OpenSSL error on invalid ca cert (RafaelGSS) [#46572](https://togithub.com/nodejs/node/pull/46572) - \[[`5e0142a852`](https://togithub.com/nodejs/node/commit/5e0142a852)] - **deps**: cherry-pick Windows ARM64 fix for openssl (Richard Lau) [#46572](https://togithub.com/nodejs/node/pull/46572) - \[[`f71fe278a6`](https://togithub.com/nodejs/node/commit/f71fe278a6)] - **deps**: update archs files for quictls/openssl-3.0.8+quic (RafaelGSS) [#46572](https://togithub.com/nodejs/node/pull/46572) - \[[`2c6817e42b`](https://togithub.com/nodejs/node/commit/2c6817e42b)] - **deps**: upgrade openssl sources to quictls/openssl-3.0.8+quic (RafaelGSS) [#46572](https://togithub.com/nodejs/node/pull/46572) - \[[`f0afa0bfe5`](https://togithub.com/nodejs/node/commit/f0afa0bfe5)] - **deps**: update undici to 5.19.1 (Node.js GitHub Bot) [#46634](https://togithub.com/nodejs/node/pull/46634) - \[[`c26a34c13e`](https://togithub.com/nodejs/node/commit/c26a34c13e)] - **deps**: update undici to 5.18.0 (Node.js GitHub Bot) [#46634](https://togithub.com/nodejs/node/pull/46634) - \[[`db93ee4a15`](https://togithub.com/nodejs/node/commit/db93ee4a15)] - **deps**: update undici to 5.17.1 (Node.js GitHub Bot) [#46634](https://togithub.com/nodejs/node/pull/46634) - \[[`b4e49fb02c`](https://togithub.com/nodejs/node/commit/b4e49fb02c)] - **deps**: update undici to 5.16.0 (Node.js GitHub Bot) [#46634](https://togithub.com/nodejs/node/pull/46634) - \[[`90994e6a2c`](https://togithub.com/nodejs/node/commit/90994e6a2c)] - **deps**: update undici to 5.15.1 (Node.js GitHub Bot) [#46634](https://togithub.com/nodejs/node/pull/46634) - \[[`00302fc7ac`](https://togithub.com/nodejs/node/commit/00302fc7ac)] - **deps**: update undici to 5.15.0 (Node.js GitHub Bot) [#46634](https://togithub.com/nodejs/node/pull/46634) - \[[`0e3b796cc5`](https://togithub.com/nodejs/node/commit/0e3b796cc5)] - **lib**: makeRequireFunction patch when experimental policy (RafaelGSS) [nodejs-private/node-private#371](https://togithub.com/nodejs-private/node-private/pull/371) - \[[`7cccd5565f`](https://togithub.com/nodejs/node/commit/7cccd5565f)] - **policy**: makeRequireFunction on mainModule.require (RafaelGSS) [nodejs-private/node-private#371](https://togithub.com/nodejs-private/node-private/pull/371)nuxt/nuxt
### [`v3.2.2`](https://togithub.com/nuxt/nuxt/releases/tag/v3.2.2) [Compare Source](https://togithub.com/nuxt/nuxt/compare/v3.2.1...v3.2.2) > **3.2.1** is a patch release with (lots of) bug fixes and performance improvements since last week's minor release. > **3.2.2** was a swiftly following release to patch an issue with `nuxi init` #### 👀 Highlights As a patch release, there are mostly bug fixes and performance improvements in the changelog. (Nevertheless, it's always worth reading through!) But one point of note is an experimental reload strategy when chunk errors are encountered. We're hoping to finalise the API and land it in v3.3 (our next feature release) with [https://github.com/nuxt/nuxt/pull/19086](https://togithub.com/nuxt/nuxt/pull/19086), but you can test out an experimental version with the following config: ```ts export default defineNuxtConfig({ experimental: { emitRouteChunkError: 'reload' } }) ``` With this strategy, your app will hard reload on route changes if there's a chunk error. More info at [https://github.com/nuxt/nuxt/pull/19038](https://togithub.com/nuxt/nuxt/pull/19038). #### 👉 Changelog [compare changes](https://togithub.com/nuxt/nuxt/compare/v3.2.0...v3.2.1) ##### 🚀 Enhancements - **nuxt:** Add experimental `app:chunkError` hook and reload strategy ([#19038](https://togithub.com/nuxt/nuxt/pull/19038)) ##### 🔥 Performance - **nuxt:** Allow tree-shaking empty meta from build ([#19032](https://togithub.com/nuxt/nuxt/pull/19032)) - **nuxt:** Animate transform rather than width ([#19073](https://togithub.com/nuxt/nuxt/pull/19073)) - **nuxt:** Don't include side-effects from `#components` ([#19008](https://togithub.com/nuxt/nuxt/pull/19008)) ##### 🩹 Fixes - **schema:** Allow type inference of arrays in runtime config ([#18931](https://togithub.com/nuxt/nuxt/pull/18931)) - **nuxt:** Avoid recursive import in nitro renderer ([#18948](https://togithub.com/nuxt/nuxt/pull/18948)) - **nuxt:** Expose `nuxt/schema` subpath for augmentation ([#18922](https://togithub.com/nuxt/nuxt/pull/18922)) - **nitro:** Ensure ssr error `statusCode` is a number ([#19001](https://togithub.com/nuxt/nuxt/pull/19001)) - **nuxt:** Prevent hyphens forming child routes & warn if dupes are detected ([#18944](https://togithub.com/nuxt/nuxt/pull/18944)) - **schema:** Transpile `nuxt/app` by default ([#19009](https://togithub.com/nuxt/nuxt/pull/19009)) - **vite:** Exclude `nuxt/app` from optimised deps ([9e789c76c](https://togithub.com/nuxt/nuxt/commit/9e789c76c)) - **vite:** Respect `isCustomElement` config for jsx transform ([#19053](https://togithub.com/nuxt/nuxt/pull/19053)) - **nuxt:** Use parser to treeshake client-only declarations ([#18951](https://togithub.com/nuxt/nuxt/pull/18951)) - **cli:** Pass through exit code from test errors ([#18959](https://togithub.com/nuxt/nuxt/pull/18959)) - **nuxt:** Show client error if no page matches after validate fails ([#18978](https://togithub.com/nuxt/nuxt/pull/18978)) - **cli:** Read `devServer` options from nuxt config ([#19055](https://togithub.com/nuxt/nuxt/pull/19055)) - **nuxt:** Validate no `//` in path when constructing payload url ([#19085](https://togithub.com/nuxt/nuxt/pull/19085)) - **nuxt:** Restore previous check on payload url ([e9ff34ace](https://togithub.com/nuxt/nuxt/commit/e9ff34ace)) - **nuxt:** Test generated pathname ([af55b9882](https://togithub.com/nuxt/nuxt/commit/af55b9882)) - **nuxt:** Respect redirects which differ only by trailing slash ([#18593](https://togithub.com/nuxt/nuxt/pull/18593)) - **nuxt:** Pass nuxt + workspace paths when importing builder ([#19099](https://togithub.com/nuxt/nuxt/pull/19099)) ##### 💅 Refactors - **nuxt:** Combine imports from same relative path ([ee2f568fc](https://togithub.com/nuxt/nuxt/commit/ee2f568fc)) ##### 📖 Documentation - Add info for `nuxi devtools` command ([#18888](https://togithub.com/nuxt/nuxt/pull/18888)) - Update link to bridge repo ([#18950](https://togithub.com/nuxt/nuxt/pull/18950)) - Fix typos ([#18976](https://togithub.com/nuxt/nuxt/pull/18976)) - Fix typo ([#18975](https://togithub.com/nuxt/nuxt/pull/18975)) - Fix link to ESM page ([#19000](https://togithub.com/nuxt/nuxt/pull/19000)) - Fix spacing ([#19018](https://togithub.com/nuxt/nuxt/pull/19018)) - Flatten top-level project in layers example ([#18967](https://togithub.com/nuxt/nuxt/pull/18967)) - Remove reference to obsolete `static` property ([80f73d39c](https://togithub.com/nuxt/nuxt/commit/80f73d39c)) - Add note about nested directory order ([#19061](https://togithub.com/nuxt/nuxt/pull/19061)) - Updated public directory explanation ([#18464](https://togithub.com/nuxt/nuxt/pull/18464)) - Add information on when mw runs & how to skip ([#19083](https://togithub.com/nuxt/nuxt/pull/19083)) - Add `sendRedirect` usage ([#19070](https://togithub.com/nuxt/nuxt/pull/19070)) ##### 📦 Build - **nuxt:** Add `nuxt/schema` to externals ([e3e768873](https://togithub.com/nuxt/nuxt/commit/e3e768873)) - Add `nuxt` to nuxt externals ([b1b908b1e](https://togithub.com/nuxt/nuxt/commit/b1b908b1e)) ##### 🏡 Chore - Increase node 14 minor version constraint ([#19111](https://togithub.com/nuxt/nuxt/pull/19111)) - Update nitropack and unjs dependencies ([#19100](https://togithub.com/nuxt/nuxt/pull/19100)) - Dedupe rollup ([576ce9ee3](https://togithub.com/nuxt/nuxt/commit/576ce9ee3)) ##### ✅ Tests - Skip vnode warning on windows dev mode ([71bcd9550](https://togithub.com/nuxt/nuxt/commit/71bcd9550)) ##### 🤖 CI - Run webpack/vite and dev/prod as matrices ([#18905](https://togithub.com/nuxt/nuxt/pull/18905)) ##### ❤️ Contributors - Daniel Roesass/dart-sass
### [`v1.58.3`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1583) [Compare Source](https://togithub.com/sass/dart-sass/compare/1.58.2...1.58.3) - No user-visible changes. ### [`v1.58.2`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1582) [Compare Source](https://togithub.com/sass/dart-sass/compare/1.58.1...1.58.2) ##### Command Line Interface - Add a timestamp to messages printed in `--watch` mode. - Print better `calc()`-based suggestions for `/`-as-division expression that contain calculation-incompatible constructs like unary minus. ### [`v1.58.1`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1581) [Compare Source](https://togithub.com/sass/dart-sass/compare/1.58.0...1.58.1) - Emit a unitless hue when serializing `hsl()` colors. The `deg` unit is incompatible with IE, and while that officially falls outside our compatibility policy, it's better to lean towards greater compatibility.Configuration
📅 Schedule: Branch creation - "before 3am on Monday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.