Globally available Vim like productivity application with a fancy mouse control. Home row keyboard mapping makes typing innovatively fast in everywhere
electron/electron
### [`v25.2.0`](https://togithub.com/electron/electron/releases/tag/v25.2.0): electron v25.2.0
[Compare Source](https://togithub.com/electron/electron/compare/v25.1.1...v25.2.0)
##### Release Notes for v25.2.0
##### Features
- `node:` prefixed requires are now supported in sandboxed renderer preloads for `events`, `timers` and `url`. [#38729](https://togithub.com/electron/electron/pull/38729) (Also in [24](https://togithub.com/electron/electron/pull/38727), [26](https://togithub.com/electron/electron/pull/38728))
##### Fixes
- Fixed `webContents.printToPDF` `preferCSSPageSize` type error. [#38791](https://togithub.com/electron/electron/pull/38791) (Also in [24](https://togithub.com/electron/electron/pull/38792), [26](https://togithub.com/electron/electron/pull/38793))
- Fixed a crash seen when trying to change `nativeTheme` source during mara context menu close. [#38839](https://togithub.com/electron/electron/pull/38839) (Also in [26](https://togithub.com/electron/electron/pull/38840))
- Fixed an issue where `webContents.print()` stopped triggering its callback when the user cancelled the print dialog. [#38814](https://togithub.com/electron/electron/pull/38814) (Also in [26](https://togithub.com/electron/electron/pull/38735))
##### Other Changes
- Updated Chromium to 114.0.5735.134. [#38782](https://togithub.com/electron/electron/pull/38782)
nodejs/node
### [`v18.16.1`](https://togithub.com/nodejs/node/releases/tag/v18.16.1): 2023-06-20, Version 18.16.1 'Hydrogen' (LTS), @RafaelGSS
[Compare Source](https://togithub.com/nodejs/node/compare/v18.16.0...v18.16.1)
This is a security release.
##### Notable Changes
The following CVEs are fixed in this release:
- [CVE-2023-30581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30581): `mainModule.__proto__` Bypass Experimental Policy Mechanism (High)
- [CVE-2023-30585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30585): Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium)
- [CVE-2023-30588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30588): Process interuption due to invalid Public Key information in x509 certificates (Medium)
- [CVE-2023-30589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30589): HTTP Request Smuggling via Empty headers separated by CR (Medium)
- [CVE-2023-30590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30590): DiffieHellman does not generate keys after setting a private key (Medium)
- OpenSSL Security Releases
- [OpenSSL security advisory 28th March](https://www.openssl.org/news/secadv/20230328.txt).
- [OpenSSL security advisory 20th April](https://www.openssl.org/news/secadv/20230420.txt).
- [OpenSSL security advisory 30th May](https://www.openssl.org/news/secadv/20230530.txt)
- c-ares vulnerabilities:
- [GHSA-9g78-jv2r-p7vc](https://togithub.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc)
- [GHSA-8r8p-23f3-64c2](https://togithub.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2)
- [GHSA-54xr-f67r-4pc4](https://togithub.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4)
- [GHSA-x6mf-cxr9-8q6v](https://togithub.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v)
More detailed information on each of the vulnerabilities can be found in [June 2023 Security Releases](https://nodejs.org/en/blog/vulnerability/june-2023-security-releases/) blog post.
##### Commits
- \[[`bf3e2c8928`](https://togithub.com/nodejs/node/commit/bf3e2c8928)] - **crypto**: handle cert with invalid SPKI gracefully (Tobias Nießen) [nodejs-private/node-private#393](https://togithub.com/nodejs-private/node-private/pull/393)
- \[[`70f9449072`](https://togithub.com/nodejs/node/commit/70f9449072)] - **deps**: set `CARES_RANDOM_FILE` for c-ares (Richard Lau) [#48156](https://togithub.com/nodejs/node/pull/48156)
- \[[`35d4efb57b`](https://togithub.com/nodejs/node/commit/35d4efb57b)] - **deps**: update c-ares to 1.19.1 (RafaelGSS) [#48115](https://togithub.com/nodejs/node/pull/48115)
- \[[`392dfedc77`](https://togithub.com/nodejs/node/commit/392dfedc77)] - **deps**: update archs files for openssl-3.0.9-quic1 (Node.js GitHub Bot) [#48402](https://togithub.com/nodejs/node/pull/48402)
- \[[`46cd5fe38b`](https://togithub.com/nodejs/node/commit/46cd5fe38b)] - **deps**: upgrade openssl sources to quictls/openssl-3.0.9-quic1 (Node.js GitHub Bot) [#48402](https://togithub.com/nodejs/node/pull/48402)
- \[[`7e3d2d85c2`](https://togithub.com/nodejs/node/commit/7e3d2d85c2)] - **doc,test**: clarify behavior of DH generateKeys (Tobias Nießen) [nodejs-private/node-private#426](https://togithub.com/nodejs-private/node-private/pull/426)
- \[[`4ff6ba050a`](https://togithub.com/nodejs/node/commit/4ff6ba050a)] - **http**: disable request smuggling via rempty headers (Paolo Insogna) [nodejs-private/node-private#428](https://togithub.com/nodejs-private/node-private/pull/428)
- \[[`ab269129a6`](https://togithub.com/nodejs/node/commit/ab269129a6)] - **msi**: do not create AppData\Roaming\npm (Tobias Nießen) [nodejs-private/node-private#408](https://togithub.com/nodejs-private/node-private/pull/408)
- \[[`925e8f5619`](https://togithub.com/nodejs/node/commit/925e8f5619)] - **policy**: handle mainModule.\__proto\_\_ bypass (RafaelGSS) [nodejs-private/node-private#416](https://togithub.com/nodejs-private/node-private/pull/416)
- \[[`d6fae8e47e`](https://togithub.com/nodejs/node/commit/d6fae8e47e)] - **test**: allow SIGBUS in signal-handler abort test (Michaël Zasso) [#47851](https://togithub.com/nodejs/node/pull/47851)
sass/dart-sass
### [`v1.63.6`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1636)
[Compare Source](https://togithub.com/sass/dart-sass/compare/1.63.5...1.63.6)
##### JavaScript API
- Fix `import sass from 'sass'` again after it was broken in the last release.
##### Embedded Sass
- Fix the `exports` declaration in `package.json`.
### [`v1.63.5`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1635)
[Compare Source](https://togithub.com/sass/dart-sass/compare/1.63.4...1.63.5)
##### JavaScript API
- Fix a bug where loading the package through both CJS `require()` and ESM
`import` could crash on Node.js.
##### Embedded Sass
- Fix a deadlock when running at high concurrency on 32-bit systems.
- Fix a race condition where the embedded compiler could deadlock or crash if a
compilation ID was reused immediately after the compilation completed.
vuetifyjs/vuetify
### [`v3.3.5`](https://togithub.com/vuetifyjs/vuetify/releases/tag/v3.3.5)
[Compare Source](https://togithub.com/vuetifyjs/vuetify/compare/v3.3.4...v3.3.5)
##### :wrench: Bug Fixes
- **VDatePicker:** year / month transition ([1673b96](https://togithub.com/vuetifyjs/vuetify/commit/1673b96480ad557bad742087fc21e89a1544361a))
- **VDatePicker:** remove set height, update to better match spec ([2ce7096](https://togithub.com/vuetifyjs/vuetify/commit/2ce70963fd5d35c3191efd8b255df558014a1e6c))
- **VDatePicker:** remove legacy sass imports ([0ecd917](https://togithub.com/vuetifyjs/vuetify/commit/0ecd917069d1b4e725dacacef2b0457a76fb094c)), closes [#17603](https://togithub.com/vuetifyjs/vuetify/issues/17603)
- **VDatePicker:** don't throw on empty model ([e5e3d84](https://togithub.com/vuetifyjs/vuetify/commit/e5e3d8425e1f8914b01497a4275e23a683ef5d70)), closes [#17601](https://togithub.com/vuetifyjs/vuetify/issues/17601)
- **VDatePickerMonth:** remove defined height ([80af8e6](https://togithub.com/vuetifyjs/vuetify/commit/80af8e6ca1ca4c054561d6c591f07ee72dd14ca7))
- **VPicker:** remove legacy sass imports ([cf05b0d](https://togithub.com/vuetifyjs/vuetify/commit/cf05b0dcb9c9097808977107ad18a82c0da5415d)), closes [#17603](https://togithub.com/vuetifyjs/vuetify/issues/17603)
### [`v3.3.4`](https://togithub.com/vuetifyjs/vuetify/releases/tag/v3.3.4)
[Compare Source](https://togithub.com/vuetifyjs/vuetify/compare/v3.3.3...v3.3.4)
##### :wrench: Bug Fixes
- **VAppBar:** update active state when scrollBehavior changes ([18718d1](https://togithub.com/vuetifyjs/vuetify/commit/18718d157eeb16e4b7e12c6d55c8b431ce9473f0)), closes [#17554](https://togithub.com/vuetifyjs/vuetify/issues/17554)
- **VInput:** chips margin as part of min-height calculation ([#17412](https://togithub.com/vuetifyjs/vuetify/issues/17412)) ([edcc168](https://togithub.com/vuetifyjs/vuetify/commit/edcc168abeed214b72f45867c92bff9406bed907)), closes [#17405](https://togithub.com/vuetifyjs/vuetify/issues/17405)
- **VSelect, VAutocomplete:** modelValue respects \[null] ([#16547](https://togithub.com/vuetifyjs/vuetify/issues/16547)) ([c36fe94](https://togithub.com/vuetifyjs/vuetify/commit/c36fe9461da0dcbbf1ffe7b842bd692a29f93773)), closes [#16442](https://togithub.com/vuetifyjs/vuetify/issues/16442)
- **VTab:** remove firefox invalid keyframe property ([#17495](https://togithub.com/vuetifyjs/vuetify/issues/17495)) ([df17ddd](https://togithub.com/vuetifyjs/vuetify/commit/df17ddd9fed37808adfea8060657f7476c55f703)), closes [#16258](https://togithub.com/vuetifyjs/vuetify/issues/16258)
##### :test_tube: Labs
- **VDataTable:** show-select not reactive ([6987695](https://togithub.com/vuetifyjs/vuetify/commit/6987695f2ee6045712ee47e829c20100611aa406)), closes [#17557](https://togithub.com/vuetifyjs/vuetify/issues/17557)
- **VDataTableVirtual:** move slot inside VVirtualScrollItem ([#17572](https://togithub.com/vuetifyjs/vuetify/issues/17572)) ([acad22f](https://togithub.com/vuetifyjs/vuetify/commit/acad22f14e3f2931506350ad1796c7b034fd42ba))
- **VDatePicker:** port to v3 ([#16234](https://togithub.com/vuetifyjs/vuetify/issues/16234)) ([faab332](https://togithub.com/vuetifyjs/vuetify/commit/faab3326272d54ed9535d53fe0099e72372f03e8))
Configuration
📅 Schedule: Branch creation - "after 12pm on Thursday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
25.1.1
->25.2.0
>=v18.16.0
->>=v18.16.1
1.63.4
->1.63.6
~1.63.4
->~1.63.6
3.3.3
->3.3.5
Release Notes
electron/electron
### [`v25.2.0`](https://togithub.com/electron/electron/releases/tag/v25.2.0): electron v25.2.0 [Compare Source](https://togithub.com/electron/electron/compare/v25.1.1...v25.2.0) ##### Release Notes for v25.2.0 ##### Features - `node:` prefixed requires are now supported in sandboxed renderer preloads for `events`, `timers` and `url`. [#38729](https://togithub.com/electron/electron/pull/38729) (Also in [24](https://togithub.com/electron/electron/pull/38727), [26](https://togithub.com/electron/electron/pull/38728)) ##### Fixes - Fixed `webContents.printToPDF` `preferCSSPageSize` type error. [#38791](https://togithub.com/electron/electron/pull/38791) (Also in [24](https://togithub.com/electron/electron/pull/38792), [26](https://togithub.com/electron/electron/pull/38793)) - Fixed a crash seen when trying to change `nativeTheme` source during mara context menu close. [#38839](https://togithub.com/electron/electron/pull/38839) (Also in [26](https://togithub.com/electron/electron/pull/38840)) - Fixed an issue where `webContents.print()` stopped triggering its callback when the user cancelled the print dialog. [#38814](https://togithub.com/electron/electron/pull/38814) (Also in [26](https://togithub.com/electron/electron/pull/38735)) ##### Other Changes - Updated Chromium to 114.0.5735.134. [#38782](https://togithub.com/electron/electron/pull/38782)nodejs/node
### [`v18.16.1`](https://togithub.com/nodejs/node/releases/tag/v18.16.1): 2023-06-20, Version 18.16.1 'Hydrogen' (LTS), @RafaelGSS [Compare Source](https://togithub.com/nodejs/node/compare/v18.16.0...v18.16.1) This is a security release. ##### Notable Changes The following CVEs are fixed in this release: - [CVE-2023-30581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30581): `mainModule.__proto__` Bypass Experimental Policy Mechanism (High) - [CVE-2023-30585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30585): Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium) - [CVE-2023-30588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30588): Process interuption due to invalid Public Key information in x509 certificates (Medium) - [CVE-2023-30589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30589): HTTP Request Smuggling via Empty headers separated by CR (Medium) - [CVE-2023-30590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30590): DiffieHellman does not generate keys after setting a private key (Medium) - OpenSSL Security Releases - [OpenSSL security advisory 28th March](https://www.openssl.org/news/secadv/20230328.txt). - [OpenSSL security advisory 20th April](https://www.openssl.org/news/secadv/20230420.txt). - [OpenSSL security advisory 30th May](https://www.openssl.org/news/secadv/20230530.txt) - c-ares vulnerabilities: - [GHSA-9g78-jv2r-p7vc](https://togithub.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc) - [GHSA-8r8p-23f3-64c2](https://togithub.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2) - [GHSA-54xr-f67r-4pc4](https://togithub.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4) - [GHSA-x6mf-cxr9-8q6v](https://togithub.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v) More detailed information on each of the vulnerabilities can be found in [June 2023 Security Releases](https://nodejs.org/en/blog/vulnerability/june-2023-security-releases/) blog post. ##### Commits - \[[`bf3e2c8928`](https://togithub.com/nodejs/node/commit/bf3e2c8928)] - **crypto**: handle cert with invalid SPKI gracefully (Tobias Nießen) [nodejs-private/node-private#393](https://togithub.com/nodejs-private/node-private/pull/393) - \[[`70f9449072`](https://togithub.com/nodejs/node/commit/70f9449072)] - **deps**: set `CARES_RANDOM_FILE` for c-ares (Richard Lau) [#48156](https://togithub.com/nodejs/node/pull/48156) - \[[`35d4efb57b`](https://togithub.com/nodejs/node/commit/35d4efb57b)] - **deps**: update c-ares to 1.19.1 (RafaelGSS) [#48115](https://togithub.com/nodejs/node/pull/48115) - \[[`392dfedc77`](https://togithub.com/nodejs/node/commit/392dfedc77)] - **deps**: update archs files for openssl-3.0.9-quic1 (Node.js GitHub Bot) [#48402](https://togithub.com/nodejs/node/pull/48402) - \[[`46cd5fe38b`](https://togithub.com/nodejs/node/commit/46cd5fe38b)] - **deps**: upgrade openssl sources to quictls/openssl-3.0.9-quic1 (Node.js GitHub Bot) [#48402](https://togithub.com/nodejs/node/pull/48402) - \[[`7e3d2d85c2`](https://togithub.com/nodejs/node/commit/7e3d2d85c2)] - **doc,test**: clarify behavior of DH generateKeys (Tobias Nießen) [nodejs-private/node-private#426](https://togithub.com/nodejs-private/node-private/pull/426) - \[[`4ff6ba050a`](https://togithub.com/nodejs/node/commit/4ff6ba050a)] - **http**: disable request smuggling via rempty headers (Paolo Insogna) [nodejs-private/node-private#428](https://togithub.com/nodejs-private/node-private/pull/428) - \[[`ab269129a6`](https://togithub.com/nodejs/node/commit/ab269129a6)] - **msi**: do not create AppData\Roaming\npm (Tobias Nießen) [nodejs-private/node-private#408](https://togithub.com/nodejs-private/node-private/pull/408) - \[[`925e8f5619`](https://togithub.com/nodejs/node/commit/925e8f5619)] - **policy**: handle mainModule.\__proto\_\_ bypass (RafaelGSS) [nodejs-private/node-private#416](https://togithub.com/nodejs-private/node-private/pull/416) - \[[`d6fae8e47e`](https://togithub.com/nodejs/node/commit/d6fae8e47e)] - **test**: allow SIGBUS in signal-handler abort test (Michaël Zasso) [#47851](https://togithub.com/nodejs/node/pull/47851)sass/dart-sass
### [`v1.63.6`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1636) [Compare Source](https://togithub.com/sass/dart-sass/compare/1.63.5...1.63.6) ##### JavaScript API - Fix `import sass from 'sass'` again after it was broken in the last release. ##### Embedded Sass - Fix the `exports` declaration in `package.json`. ### [`v1.63.5`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1635) [Compare Source](https://togithub.com/sass/dart-sass/compare/1.63.4...1.63.5) ##### JavaScript API - Fix a bug where loading the package through both CJS `require()` and ESM `import` could crash on Node.js. ##### Embedded Sass - Fix a deadlock when running at high concurrency on 32-bit systems. - Fix a race condition where the embedded compiler could deadlock or crash if a compilation ID was reused immediately after the compilation completed.vuetifyjs/vuetify
### [`v3.3.5`](https://togithub.com/vuetifyjs/vuetify/releases/tag/v3.3.5) [Compare Source](https://togithub.com/vuetifyjs/vuetify/compare/v3.3.4...v3.3.5) ##### :wrench: Bug Fixes - **VDatePicker:** year / month transition ([1673b96](https://togithub.com/vuetifyjs/vuetify/commit/1673b96480ad557bad742087fc21e89a1544361a)) - **VDatePicker:** remove set height, update to better match spec ([2ce7096](https://togithub.com/vuetifyjs/vuetify/commit/2ce70963fd5d35c3191efd8b255df558014a1e6c)) - **VDatePicker:** remove legacy sass imports ([0ecd917](https://togithub.com/vuetifyjs/vuetify/commit/0ecd917069d1b4e725dacacef2b0457a76fb094c)), closes [#17603](https://togithub.com/vuetifyjs/vuetify/issues/17603) - **VDatePicker:** don't throw on empty model ([e5e3d84](https://togithub.com/vuetifyjs/vuetify/commit/e5e3d8425e1f8914b01497a4275e23a683ef5d70)), closes [#17601](https://togithub.com/vuetifyjs/vuetify/issues/17601) - **VDatePickerMonth:** remove defined height ([80af8e6](https://togithub.com/vuetifyjs/vuetify/commit/80af8e6ca1ca4c054561d6c591f07ee72dd14ca7)) - **VPicker:** remove legacy sass imports ([cf05b0d](https://togithub.com/vuetifyjs/vuetify/commit/cf05b0dcb9c9097808977107ad18a82c0da5415d)), closes [#17603](https://togithub.com/vuetifyjs/vuetify/issues/17603) ### [`v3.3.4`](https://togithub.com/vuetifyjs/vuetify/releases/tag/v3.3.4) [Compare Source](https://togithub.com/vuetifyjs/vuetify/compare/v3.3.3...v3.3.4) ##### :wrench: Bug Fixes - **VAppBar:** update active state when scrollBehavior changes ([18718d1](https://togithub.com/vuetifyjs/vuetify/commit/18718d157eeb16e4b7e12c6d55c8b431ce9473f0)), closes [#17554](https://togithub.com/vuetifyjs/vuetify/issues/17554) - **VInput:** chips margin as part of min-height calculation ([#17412](https://togithub.com/vuetifyjs/vuetify/issues/17412)) ([edcc168](https://togithub.com/vuetifyjs/vuetify/commit/edcc168abeed214b72f45867c92bff9406bed907)), closes [#17405](https://togithub.com/vuetifyjs/vuetify/issues/17405) - **VSelect, VAutocomplete:** modelValue respects \[null] ([#16547](https://togithub.com/vuetifyjs/vuetify/issues/16547)) ([c36fe94](https://togithub.com/vuetifyjs/vuetify/commit/c36fe9461da0dcbbf1ffe7b842bd692a29f93773)), closes [#16442](https://togithub.com/vuetifyjs/vuetify/issues/16442) - **VTab:** remove firefox invalid keyframe property ([#17495](https://togithub.com/vuetifyjs/vuetify/issues/17495)) ([df17ddd](https://togithub.com/vuetifyjs/vuetify/commit/df17ddd9fed37808adfea8060657f7476c55f703)), closes [#16258](https://togithub.com/vuetifyjs/vuetify/issues/16258) ##### :test_tube: Labs - **VDataTable:** show-select not reactive ([6987695](https://togithub.com/vuetifyjs/vuetify/commit/6987695f2ee6045712ee47e829c20100611aa406)), closes [#17557](https://togithub.com/vuetifyjs/vuetify/issues/17557) - **VDataTableVirtual:** move slot inside VVirtualScrollItem ([#17572](https://togithub.com/vuetifyjs/vuetify/issues/17572)) ([acad22f](https://togithub.com/vuetifyjs/vuetify/commit/acad22f14e3f2931506350ad1796c7b034fd42ba)) - **VDatePicker:** port to v3 ([#16234](https://togithub.com/vuetifyjs/vuetify/issues/16234)) ([faab332](https://togithub.com/vuetifyjs/vuetify/commit/faab3326272d54ed9535d53fe0099e72372f03e8))Configuration
📅 Schedule: Branch creation - "after 12pm on Thursday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.