search

spierala / mini-rx-store

MiniRx - The reactive state management platform
https://mini-rx.io
Other
170 stars 9 forks source link

chore(deps): bump json5, babel-loader, @angular-devkit/build-angular and @nrwl/web #161

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps json5 to 2.2.3 and updates ancestor dependencies json5, babel-loader, @angular-devkit/build-angular and @nrwl/web. These dependencies need to be updated together.

Updates json5 from 2.2.0 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

  • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

  • Fix: json5@2.2.3 is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

  • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

  • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
Commits
  • c3a7524 2.2.3
  • 94fd06d docs: update CHANGELOG for v2.2.3
  • 3b8cebf docs(security): use GitHub security advisories
  • f0fd9e1 docs: publish a security policy
  • 6a91a05 docs(template): bug -> bug report
  • 14f8cb1 2.2.2
  • 10cc7ca docs: update CHANGELOG for v2.2.2
  • 7774c10 fix: add proto to objects and arrays
  • edde30a Readme: slight tweak to intro
  • 97286f8 Improve example in readme
  • Additional commits viewable in compare view


Updates babel-loader from 8.2.3 to 8.2.5

Release notes

Sourced from babel-loader's releases.

v8.2.5

What's Changed

New Contributors

Full Changelog: https://github.com/babel/babel-loader/compare/v8.2.4...v8.2.5

v8.2.4

What's Changed

Thanks @​loveDstyle, @​stianjensen and @​pathmapper for your first PRs!

Commits


Updates @angular-devkit/build-angular from 13.2.2 to 13.3.10

Release notes

Sourced from @​angular-devkit/build-angular's releases.

v13.3.10

13.3.10 (2022-11-17)

@​angular-devkit/build-angular

Commit Description
fix - f298ebbd5 update loader-utils to 3.2.1

Special Thanks

Alan Agius

v13.3.9

13.3.9 (2022-07-20)

@​angular-devkit/build-angular

Commit Description
fix - 0d62716ae update terser to address CVE-2022-25858

Special Thanks

Alan Agius and Charles Lyding

v13.3.8

13.3.8 (2022-06-15)

@​angular/pwa

Commit Description
fix - c7f994f88 add peer dependency on Angular CLI

Special Thanks

Alan Agius

v13.3.7

13.3.7 (2022-05-25)

@​angular-devkit/build-angular

Commit Description
fix - a54018d8f add debugging and timing information in JavaScript and CSS optimization plugins

Special Thanks

Alan Agius and Joey Perrott

v13.3.6

13.3.6 (2022-05-18)

@​angular/cli

Commit Description
fix - e20964c43 resolve relative schematic from angular.json instead of current working directory

@​angular-devkit/build-angular

Commit Description

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

13.3.10 (2022-11-17)

@​angular-devkit/build-angular

Commit Type Description
f298ebbd5 fix update loader-utils to 3.2.1

Special Thanks

Alan Agius

14.2.9 (2022-11-09)

@​angular-devkit/architect

Commit Type Description
e3e787767 fix default to failure if no builder result is provided

@​angular-devkit/build-angular

Commit Type Description
12b2dc5a2 fix isolate zone.js usage when rendering server bundles

Special Thanks

Alan Agius and Charles Lyding

14.2.8 (2022-11-02)

@​schematics/angular

Commit Type Description
4b0ee8ad1 fix guard schematics should include all guards (CanMatch)

Special Thanks

Andrew Scott

... (truncated)

Commits
  • bc78fcd release: cut the v13.3.10 release
  • 7eac5a4 test(@​angular/cli): fix version specifier test
  • e8824b0 test(@​angular/cli): update the update test to address node.js incompatability...
  • 2fbeb04 ci: replace scheduled jobs with scheduled pipelines
  • f298ebb fix(@​angular-devkit/build-angular): update loader-utils to 3.2.1
  • d091bb0 release: cut the v13.3.9 release
  • 0d62716 fix(@​angular-devkit/build-angular): update terser to address CVE-2022-25858
  • 0bb875d build: mark external only bazel rules
  • 62f46c8 release: cut the v13.3.8 release
  • d27fc7e test: always install a compatible version of @angular/material-moment-adapter
  • Additional commits viewable in compare view


Updates @nrwl/web from 13.9.5 to 15.4.2

Release notes

Sourced from @​nrwl/web's releases.

15.4.2

15.4.2 (2022-12-27)

Bug Fixes

  • bundling: update rollup-plugin-typescript2 to fix typechecking ... (#14020) (95a3bbf)
  • core: adding @​nrwl/vite to packageGroup (d3ef0ea)
  • core: fix the parsing of projects and targets (c3f0cef)
  • js: node executor address already in use (#14023) (4c5a139)
  • testing: change ignoreTestFiles to excludeSpecPattern for cy10+ (#13942) (e91179e)

Features

  • react: expose setupTailwindGenerator from @​nrwl/react (#14029) (1380ddf)

15.4.1

15.4.1 (2022-12-23)

Bug Fixes

  • core: special case projects for lerna users (f0d67b5)

15.4.0

15.4.0 (2022-12-22)

Bug Fixes

  • angular: cache server build (#13933) (2614669)
  • angular: handle not provided path when generating a component without the project option (#13877) (4e54b1a)
  • angular: missing remotes form mf config should not break mf server (#13901) (dc4a123)
  • angular: support target-less projects in update-15-2-0 (#13755) (9ac9491)
  • bundling: pass --force option to vite dev-server (#13905) (49fa93b)
  • bundling: support custom outExtension for ESM and CJS (e.g. .mjs) (#13985) (98ed2ea)
  • core: additional null check when hashing lockfile (#13803) (efa6ef0)
  • core: consult root package.json when resolving peer deps on package generation (#13949) (f3465a9)
  • core: ensure yarn patch and path versions are correct when pruning (#13847) (03be42e)
  • core: fix lock file pruning multiple versions of dependencies (#13915) (c51c178)
  • core: fix lock file pruning optional dependencies (#13830) (a2adf50)
  • core: fix pruning of pnpm lockfiles with github packages (#13875) (20c4782)
  • core: handle local workspace projects in package.json for affected locator (#13728) (65ecd9c)
  • core: ignore angular.json projects if @​nrwl/angular is not insta… (#13827) (92d33f9)
  • core: local plugins should work on windows (#13801) (75c34c3)
  • core: move generator should work if there are comments in tsconfig #13740 (#13866) (4f98e37)
  • core: reduce likelihood of ENAMETOOLONG error on windows (#13850) (5eabd6c)
  • core: skip npm nested lockfile key mismatch (#13872) (bbfc0fb)
  • devkit: do not move properties when nx.json doesn't exist (#13825) (3fd1841)

... (truncated)

Commits
  • 6c6fd7c fix(vite): improve vite configuration (#13978)
  • 82fbb98 feat(misc): dont generate defaultProject for non standalone workspaces
  • 61d7d74 fix(misc): fix tsconfig file includes
  • 67c7822 fix(react): add missing style preprocessors when using Vite (#13600)
  • dbc673d fix(testing): remove jest.config.ts from vitest setups (#13586)
  • 3a39f95 cleanup(core): create a shared add-babel-input function (#13538)
  • fe062f4 fix(core): deduce layout directory
  • 19a6da3 fix(bundling): place files in the right folders for Web Vite apps (#13464)
  • f0f60fb fix(testing): web and react application fixes for vitest's insourceTests (#13...
  • a63a25d feat(react): add Vite bundler option for buildable libraries (#13382)
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/spierala/mini-rx-store/network/alerts).
dependabot[bot] commented 1 year ago

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.