search

simpliko / wpadverts

WordPress Classifieds Plugin
https://wpadverts.com/
GNU General Public License v2.0
20 stars 11 forks source link

Bump json5 and @wordpress/scripts #174

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 1 year ago

Bumps json5 to 2.2.3 and updates ancestor dependency @wordpress/scripts. These dependencies need to be updated together.

Updates json5 from 2.2.0 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

  • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

  • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
Commits
  • c3a7524 2.2.3
  • 94fd06d docs: update CHANGELOG for v2.2.3
  • 3b8cebf docs(security): use GitHub security advisories
  • f0fd9e1 docs: publish a security policy
  • 6a91a05 docs(template): bug -> bug report
  • 14f8cb1 2.2.2
  • 10cc7ca docs: update CHANGELOG for v2.2.2
  • 7774c10 fix: add proto to objects and arrays
  • edde30a Readme: slight tweak to intro
  • 97286f8 Improve example in readme
  • Additional commits viewable in compare view


Updates @wordpress/scripts from 14.0.1 to 25.1.0

Release notes

Sourced from @​wordpress/scripts's releases.

14.9.0 RC1

Changelog

Features

Global Styles

  • Site Editor: Add new 'Push changes to Global Styles' button. (46446)

Patterns

  • Add: Template types to the patterns API. (45814)

Enhancements

  • Move wordcount to the top of the outline. (46648)
  • Update: Remove need for template prefix in gutenberg_get_template_hierarchy. (46257)
  • Update: Use offsite navigation editor on the navigation inspector sidebar. (46440)

Site Editor

  • Add the template title and type to the site hub. (46736)
  • Increase the width of the site editor sidebar. (46769)
  • Move the edit button in the site editor sidebar to a contextual widget. (46700)

Block Library

  • Adds page list as child of submenu. (46414)
  • Bring back the heading and the menu selector in the ellipsis menu. (46622)
  • Template Parts: Add an option to import widgets from the sidebars. (45509)

Design Tools

  • Page List: Add typography supports. (43316)
  • Style Engine: Add support for text columns (column-count). (46566)

CSS & Styling

  • Edit-post site logo: Fix focus style. (46733)

Components

  • TextareaControl: Add new opt-in prop. (46559)

Colors

  • Remove clearable from link ColorPanel item. (46507)

Global Styles

  • Fluid typography: Add configurable settings for minimum font size to theme.json. (42489)

Bug Fixes

  • DOM: Fix findNext/Previous tabbable if target is not in findFocusable list. (46580)

... (truncated)

Changelog

Sourced from @​wordpress/scripts's changelog.

25.1.0 (2023-01-02)

25.0.0 (2022-12-14)

Breaking Changes

  • Updated dependencies to require React 18 (45235)

24.6.0 (2022-11-16)

24.5.0 (2022-11-02)

24.4.0 (2022-10-19)

24.3.0 (2022-10-05)

24.2.0 (2022-09-21)

24.1.0 (2022-09-13)

New Features

  • Update the default webpack config to allow webp image format (#43880).
  • Update webpack configuration for the build and start commands to automatically copy PHP files listed in the render field of block.json files from the source to the build folder (#43917).

24.0.0 (2022-08-24)

Breaking Change

  • Increase the minimum Node.js version to 14 and minimum npm version to 6.14.4 (#43141).
  • The bundled @wordpress/eslint-plugin package got updated to the new major version and the default linting for Jest unit tests is now handled in the default config in this package (#43272).

Bug Fix

  • Packages: Replace is-plain-obj with is-plain-object (#43511).

23.7.2 (2022-08-17)

Bug Fix

  • Jest Preset: Improve is-plain-obj transformation ignore (#43271).

23.7.1 (2022-08-12)

Bug Fix

  • Jest Preset: Ignore is-plain-obj transformation (#43179).

23.6.0 (2022-07-27)

... (truncated)

Commits
  • 200bee7 chore(release): publish
  • 54dbc81 Update changelog files
  • 7b578b1 Merge changes published in the Gutenberg plugin "release/14.9" branch
  • 1eb65aa chore(release): publish
  • bcb7752 Update changelog files
  • b0e6e34 Merge changes published in the Gutenberg plugin "release/14.8" branch
  • 7ac04f4 chore(release): publish
  • 640566e Update changelog files
  • 511f4cc chore(release): publish
  • 76b1b0e Update changelog files
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by gutenbergplugin, a new releaser for @​wordpress/scripts since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/simpliko/wpadverts/network/alerts).
dependabot[bot] commented 4 months ago

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.