stackblitz[bot]
commented
1 year ago 
Run & review this pull request in StackBlitz Codeflow.
Closed renovate[bot] closed 1 year ago
stackblitz[bot]
commented
1 year ago Run & review this pull request in StackBlitz Codeflow.
This PR contains the following updates:
25.1.1->25.2.0>=v18.16.0->>=v18.16.11.63.4->1.63.6~1.63.4->~1.63.63.3.3->3.3.5Release Notes
electron/electron
### [`v25.2.0`](https://togithub.com/electron/electron/releases/tag/v25.2.0): electron v25.2.0 [Compare Source](https://togithub.com/electron/electron/compare/v25.1.1...v25.2.0) ##### Release Notes for v25.2.0 ##### Features - `node:` prefixed requires are now supported in sandboxed renderer preloads for `events`, `timers` and `url`. [#38729](https://togithub.com/electron/electron/pull/38729) (Also in [24](https://togithub.com/electron/electron/pull/38727), [26](https://togithub.com/electron/electron/pull/38728)) ##### Fixes - Fixed `webContents.printToPDF` `preferCSSPageSize` type error. [#38791](https://togithub.com/electron/electron/pull/38791) (Also in [24](https://togithub.com/electron/electron/pull/38792), [26](https://togithub.com/electron/electron/pull/38793)) - Fixed a crash seen when trying to change `nativeTheme` source during mara context menu close. [#38839](https://togithub.com/electron/electron/pull/38839) (Also in [26](https://togithub.com/electron/electron/pull/38840)) - Fixed an issue where `webContents.print()` stopped triggering its callback when the user cancelled the print dialog. [#38814](https://togithub.com/electron/electron/pull/38814) (Also in [26](https://togithub.com/electron/electron/pull/38735)) ##### Other Changes - Updated Chromium to 114.0.5735.134. [#38782](https://togithub.com/electron/electron/pull/38782)nodejs/node
### [`v18.16.1`](https://togithub.com/nodejs/node/releases/tag/v18.16.1): 2023-06-20, Version 18.16.1 'Hydrogen' (LTS), @RafaelGSS [Compare Source](https://togithub.com/nodejs/node/compare/v18.16.0...v18.16.1) This is a security release. ##### Notable Changes The following CVEs are fixed in this release: - [CVE-2023-30581](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30581): `mainModule.__proto__` Bypass Experimental Policy Mechanism (High) - [CVE-2023-30585](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30585): Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium) - [CVE-2023-30588](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30588): Process interuption due to invalid Public Key information in x509 certificates (Medium) - [CVE-2023-30589](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30589): HTTP Request Smuggling via Empty headers separated by CR (Medium) - [CVE-2023-30590](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30590): DiffieHellman does not generate keys after setting a private key (Medium) - OpenSSL Security Releases - [OpenSSL security advisory 28th March](https://www.openssl.org/news/secadv/20230328.txt). - [OpenSSL security advisory 20th April](https://www.openssl.org/news/secadv/20230420.txt). - [OpenSSL security advisory 30th May](https://www.openssl.org/news/secadv/20230530.txt) - c-ares vulnerabilities: - [GHSA-9g78-jv2r-p7vc](https://togithub.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc) - [GHSA-8r8p-23f3-64c2](https://togithub.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2) - [GHSA-54xr-f67r-4pc4](https://togithub.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4) - [GHSA-x6mf-cxr9-8q6v](https://togithub.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v) More detailed information on each of the vulnerabilities can be found in [June 2023 Security Releases](https://nodejs.org/en/blog/vulnerability/june-2023-security-releases/) blog post. ##### Commits - \[[`bf3e2c8928`](https://togithub.com/nodejs/node/commit/bf3e2c8928)] - **crypto**: handle cert with invalid SPKI gracefully (Tobias Nießen) [nodejs-private/node-private#393](https://togithub.com/nodejs-private/node-private/pull/393) - \[[`70f9449072`](https://togithub.com/nodejs/node/commit/70f9449072)] - **deps**: set `CARES_RANDOM_FILE` for c-ares (Richard Lau) [#48156](https://togithub.com/nodejs/node/pull/48156) - \[[`35d4efb57b`](https://togithub.com/nodejs/node/commit/35d4efb57b)] - **deps**: update c-ares to 1.19.1 (RafaelGSS) [#48115](https://togithub.com/nodejs/node/pull/48115) - \[[`392dfedc77`](https://togithub.com/nodejs/node/commit/392dfedc77)] - **deps**: update archs files for openssl-3.0.9-quic1 (Node.js GitHub Bot) [#48402](https://togithub.com/nodejs/node/pull/48402) - \[[`46cd5fe38b`](https://togithub.com/nodejs/node/commit/46cd5fe38b)] - **deps**: upgrade openssl sources to quictls/openssl-3.0.9-quic1 (Node.js GitHub Bot) [#48402](https://togithub.com/nodejs/node/pull/48402) - \[[`7e3d2d85c2`](https://togithub.com/nodejs/node/commit/7e3d2d85c2)] - **doc,test**: clarify behavior of DH generateKeys (Tobias Nießen) [nodejs-private/node-private#426](https://togithub.com/nodejs-private/node-private/pull/426) - \[[`4ff6ba050a`](https://togithub.com/nodejs/node/commit/4ff6ba050a)] - **http**: disable request smuggling via rempty headers (Paolo Insogna) [nodejs-private/node-private#428](https://togithub.com/nodejs-private/node-private/pull/428) - \[[`ab269129a6`](https://togithub.com/nodejs/node/commit/ab269129a6)] - **msi**: do not create AppData\Roaming\npm (Tobias Nießen) [nodejs-private/node-private#408](https://togithub.com/nodejs-private/node-private/pull/408) - \[[`925e8f5619`](https://togithub.com/nodejs/node/commit/925e8f5619)] - **policy**: handle mainModule.\__proto\_\_ bypass (RafaelGSS) [nodejs-private/node-private#416](https://togithub.com/nodejs-private/node-private/pull/416) - \[[`d6fae8e47e`](https://togithub.com/nodejs/node/commit/d6fae8e47e)] - **test**: allow SIGBUS in signal-handler abort test (Michaël Zasso) [#47851](https://togithub.com/nodejs/node/pull/47851)sass/dart-sass
### [`v1.63.6`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1636) [Compare Source](https://togithub.com/sass/dart-sass/compare/1.63.5...1.63.6) ##### JavaScript API - Fix `import sass from 'sass'` again after it was broken in the last release. ##### Embedded Sass - Fix the `exports` declaration in `package.json`. ### [`v1.63.5`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1635) [Compare Source](https://togithub.com/sass/dart-sass/compare/1.63.4...1.63.5) ##### JavaScript API - Fix a bug where loading the package through both CJS `require()` and ESM `import` could crash on Node.js. ##### Embedded Sass - Fix a deadlock when running at high concurrency on 32-bit systems. - Fix a race condition where the embedded compiler could deadlock or crash if a compilation ID was reused immediately after the compilation completed.vuetifyjs/vuetify
### [`v3.3.5`](https://togithub.com/vuetifyjs/vuetify/releases/tag/v3.3.5) [Compare Source](https://togithub.com/vuetifyjs/vuetify/compare/v3.3.4...v3.3.5) ##### :wrench: Bug Fixes - **VDatePicker:** year / month transition ([1673b96](https://togithub.com/vuetifyjs/vuetify/commit/1673b96480ad557bad742087fc21e89a1544361a)) - **VDatePicker:** remove set height, update to better match spec ([2ce7096](https://togithub.com/vuetifyjs/vuetify/commit/2ce70963fd5d35c3191efd8b255df558014a1e6c)) - **VDatePicker:** remove legacy sass imports ([0ecd917](https://togithub.com/vuetifyjs/vuetify/commit/0ecd917069d1b4e725dacacef2b0457a76fb094c)), closes [#17603](https://togithub.com/vuetifyjs/vuetify/issues/17603) - **VDatePicker:** don't throw on empty model ([e5e3d84](https://togithub.com/vuetifyjs/vuetify/commit/e5e3d8425e1f8914b01497a4275e23a683ef5d70)), closes [#17601](https://togithub.com/vuetifyjs/vuetify/issues/17601) - **VDatePickerMonth:** remove defined height ([80af8e6](https://togithub.com/vuetifyjs/vuetify/commit/80af8e6ca1ca4c054561d6c591f07ee72dd14ca7)) - **VPicker:** remove legacy sass imports ([cf05b0d](https://togithub.com/vuetifyjs/vuetify/commit/cf05b0dcb9c9097808977107ad18a82c0da5415d)), closes [#17603](https://togithub.com/vuetifyjs/vuetify/issues/17603) ### [`v3.3.4`](https://togithub.com/vuetifyjs/vuetify/releases/tag/v3.3.4) [Compare Source](https://togithub.com/vuetifyjs/vuetify/compare/v3.3.3...v3.3.4) ##### :wrench: Bug Fixes - **VAppBar:** update active state when scrollBehavior changes ([18718d1](https://togithub.com/vuetifyjs/vuetify/commit/18718d157eeb16e4b7e12c6d55c8b431ce9473f0)), closes [#17554](https://togithub.com/vuetifyjs/vuetify/issues/17554) - **VInput:** chips margin as part of min-height calculation ([#17412](https://togithub.com/vuetifyjs/vuetify/issues/17412)) ([edcc168](https://togithub.com/vuetifyjs/vuetify/commit/edcc168abeed214b72f45867c92bff9406bed907)), closes [#17405](https://togithub.com/vuetifyjs/vuetify/issues/17405) - **VSelect, VAutocomplete:** modelValue respects \[null] ([#16547](https://togithub.com/vuetifyjs/vuetify/issues/16547)) ([c36fe94](https://togithub.com/vuetifyjs/vuetify/commit/c36fe9461da0dcbbf1ffe7b842bd692a29f93773)), closes [#16442](https://togithub.com/vuetifyjs/vuetify/issues/16442) - **VTab:** remove firefox invalid keyframe property ([#17495](https://togithub.com/vuetifyjs/vuetify/issues/17495)) ([df17ddd](https://togithub.com/vuetifyjs/vuetify/commit/df17ddd9fed37808adfea8060657f7476c55f703)), closes [#16258](https://togithub.com/vuetifyjs/vuetify/issues/16258) ##### :test_tube: Labs - **VDataTable:** show-select not reactive ([6987695](https://togithub.com/vuetifyjs/vuetify/commit/6987695f2ee6045712ee47e829c20100611aa406)), closes [#17557](https://togithub.com/vuetifyjs/vuetify/issues/17557) - **VDataTableVirtual:** move slot inside VVirtualScrollItem ([#17572](https://togithub.com/vuetifyjs/vuetify/issues/17572)) ([acad22f](https://togithub.com/vuetifyjs/vuetify/commit/acad22f14e3f2931506350ad1796c7b034fd42ba)) - **VDatePicker:** port to v3 ([#16234](https://togithub.com/vuetifyjs/vuetify/issues/16234)) ([faab332](https://togithub.com/vuetifyjs/vuetify/commit/faab3326272d54ed9535d53fe0099e72372f03e8))Configuration
📅 Schedule: Branch creation - "after 12pm on Thursday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.