Bump the npm_and_yarn group across 3 directories with 9 updates #7217

dependabot · 2024-02-09T22:58:33Z

Bumps the npm_and_yarn group with 7 updates in the /docs/website directory:

Package	From	To
@babel/traverse	`7.21.4`	`7.23.9`
@sideway/formula	`3.0.0`	`3.0.1`
http-cache-semantics	`4.1.0`	`4.1.1`
json5	`2.2.1`	`2.2.3`
postcss	`8.4.16`	`8.4.35`
semver	`5.7.1`	`5.7.2`
ua-parser-js	`0.7.31`	`0.7.37`
Bumps the npm_and_yarn group with 6 updates in the /tests/examples/source/angular directory:

Package	From	To
@babel/traverse	`7.18.8`	`7.23.9`
http-cache-semantics	`4.1.0`	`4.1.1`
json5	`2.2.1`	`2.2.3`
semver	`5.7.1`	`5.7.2`
ua-parser-js	`0.7.31`	`0.7.37`
socket.io	`4.5.1`	`4.7.4`
Bumps the npm_and_yarn group with 4 updates in the /ui directory: @babel/traverse, semver, ua-parser-js and socket.io.

Updates @babel/traverse from 7.21.4 to 7.23.9

Release notes

Sourced from @babel/traverse's releases.

v7.23.9 (2024-01-25)

🐛 Bug Fix

babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env

#16225 fix: systemjs re-traverses helpers (@liuxingbaoyu)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16226 Improve decorated private method check (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env

#16224 Properly sort core-js@3 imports (@nicolo-ribaudo)

babel-traverse

#15383 fix: Don't throw in getTypeAnnotation when using TS+inference (@liuxingbaoyu)

Other

#16210 [eslint] Fix no-use-before-define for class ref in fields (@nicolo-ribaudo)

🏠 Internal

babel-core, babel-parser, babel-template

#16222 Migrate eslint-parser to cts (@liuxingbaoyu)

babel-types

#16213 Remove @babel/types props that are not produced by the parser (@liuxingbaoyu)

🏃‍♀️ Performance

babel-parser

#16072 perf: Improve parser performance for typescript (@liuxingbaoyu)

🔬 Output optimization

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env

#16218 Improve temporary variables for decorators (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#15959 Improve output of using (@liuxingbaoyu)

Committers: 4

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

@liuxingbaoyu

v7.23.8 (2024-01-08)

🐛 Bug Fix

babel-preset-env

#16181 fix: preset-env throws exception for export * as x (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-decorators

#16201 fix: decorator binds getter/setter to ctx.access for public fields (@liuxingbaoyu)

#16199 fix: Class decorator correctly passes return value (@liuxingbaoyu)

↩️ Revert

#16202 Revert "chore: Update artifact tools (#16184)" (@JLHwung)

🔬 Output optimization

babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-parameters, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.23.9 (2024-01-25)

🐛 Bug Fix

babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env

#16225 fix: systemjs re-traverses helpers (@liuxingbaoyu)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16226 Improve decorated private method check (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env

#16224 Properly sort core-js@3 imports (@nicolo-ribaudo)

babel-traverse

#15383 fix: Don't throw in getTypeAnnotation when using TS+inference (@liuxingbaoyu)

Other

#16210 [eslint] Fix no-use-before-define for class ref in fields (@nicolo-ribaudo)

🏠 Internal

babel-core, babel-parser, babel-template

#16222 Migrate eslint-parser to cts (@liuxingbaoyu)

babel-types

#16213 Remove @babel/types props that are not produced by the parser (@liuxingbaoyu)

🏃‍♀️ Performance

babel-parser

#16072 perf: Improve parser performance for typescript (@liuxingbaoyu)

🔬 Output optimization

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env

#16218 Improve temporary variables for decorators (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#15959 Improve output of using (@liuxingbaoyu)

v7.23.8 (2024-01-08)

🐛 Bug Fix

babel-preset-env

#16181 fix: preset-env throws exception for export * as x (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-decorators

#16201 fix: decorator binds getter/setter to ctx.access for public fields (@liuxingbaoyu)

#16199 fix: Class decorator correctly passes return value (@liuxingbaoyu)

↩️ Revert

#16202 Revert "chore: Update artifact tools (#16184)" (@JLHwung)

🔬 Output optimization

babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-parameters, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16194 Improve output of super() (@liuxingbaoyu)

v7.23.7 (2023-12-29)

🐛 Bug Fix

babel-traverse

#16191 fix: Crash when removing without Program (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-decorators

... (truncated)

Commits

a0dd614 v7.23.9
1200542 fix: Don't throw in getTypeAnnotation when using TS+inference (#15383)
e428a6d v7.23.7
d292822 fix: Crash when removing without Program (#16191)
d02c1f7 v7.23.6
cce807f Bump debug to ^4.3.1 (#16164)
8479012 v7.23.5
da7dc40 Do not remove bindings when removing assignment expression path (#16131)
fadc081 fix: Unexpected duplication of comments (#16110)
13a5c83 v7.23.4
Additional commits viewable in compare view

Updates @sideway/formula from 3.0.0 to 3.0.1

Commits

5b44c1b 3.0.1
9fbc20a chore: better number regex
41ae98e Cleanup
c59f35e Move to Sideway
See full diff in compare view

Maintainer changes

This version was pushed to npm by marsup, a new releaser for @sideway/formula since your current version.

Updates http-cache-semantics from 4.1.0 to 4.1.1

Commits

2449650 Update mocha
560b2d8 Don't use regex to trim whitespace
b1bdb92 Remove linting package zoo
c20dc7e Cache 308
See full diff in compare view

Updates json5 from 2.2.1 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

Commits

c3a7524 2.2.3
94fd06d docs: update CHANGELOG for v2.2.3
3b8cebf docs(security): use GitHub security advisories
f0fd9e1 docs: publish a security policy
6a91a05 docs(template): bug -> bug report
14f8cb1 2.2.2
10cc7ca docs: update CHANGELOG for v2.2.2
7774c10 fix: add proto to objects and arrays
edde30a Readme: slight tweak to intro
97286f8 Improve example in readme
Additional commits viewable in compare view

Updates postcss from 8.4.16 to 8.4.35

Release notes

Sourced from postcss's releases.

8.4.35

Avoid ! in node.parent.nodes type.

Allow to pass undefined to node adding method to simplify types.

8.4.34

Fixed AtRule#nodes type (by @tim-we).

Cleaned up code (by @DrKiraDmitry).

8.4.33

Fixed NoWorkResult behavior difference with normal mode (by @romainmenke).

Fixed NoWorkResult usage conditions (by @ahmdammarr).

8.4.32

Fixed postcss().process() types (by @ferreira-tb).

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by @romainmenke).

8.4.29

Fixed Node#source.offset (by @idoros).

Fixed docs (by @coliff).

8.4.28

Fixed Root.source.end for better source map (by @romainmenke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by @romainmenke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

8.4.23

Fixed warnings in TypeDoc.

8.4.22

Fixed TypeScript support with node16 (by @remcohaszing).

8.4.21

Fixed Input#error types (by @hudochenkov).

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.35

Avoid ! in node.parent.nodes type.

Allow to pass undefined to node adding method to simplify types.

8.4.34

Fixed AtRule#nodes type (by Tim Weißenfels).

Cleaned up code (by Dmitry Kirillov).

8.4.33

Fixed NoWorkResult behavior difference with normal mode (by Romain Menke).

Fixed NoWorkResult usage conditions (by @ahmdammarr).

8.4.32

Fixed postcss().process() types (by Andrew Ferreira).

8.4.31

Fixed \r parsing to fix CVE-2023-44270.

8.4.30

Improved source map performance (by Romain Menke).

8.4.29

Fixed Node#source.offset (by Ido Rosenthal).

Fixed docs (by Christian Oliff).

8.4.28

Fixed Root.source.end for better source map (by Romain Menke).

Fixed Result.root types when process() has no parser.

8.4.27

Fixed Container clone methods types.

8.4.26

Fixed clone methods types.

8.4.25

Improve stringify performance (by Romain Menke).

Fixed docs (by @vikaskaliramna07).

8.4.24

Fixed Plugin types.

8.4.23

Fixed warnings in TypeDoc.

8.4.22

Fixed TypeScript support with node16 (by Remco Haszing).

8.4.21

Fixed Input#error types (by Aleks Hudochenkov).

... (truncated)

Commits

edda95e Release 8.4.35 version
612f360 Merge pull request #1924 from postcss/refactor/types
5e7449f Fix node.parent.nodes type
65075df Allow to pass undefined to adding methods to simplify type check
477b3bb Release 8.4.34 version
25af117 Update dependencies
bb0314a Merge pull request #1922 from tim-we/improve-at-rule-types
9dd5a93 Fix at-rule test
8322d11 Fix visitor test
ee7fcd4 Fix Document#nodes
Additional commits viewable in compare view

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

5.7

Add minVersion method

5.6

Move boolean loose param to an options object, with backwards-compatibility protection.

Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

Add version coercion capabilities

5.4

Add intersection checking

5.3

Add minSatisfying method

5.2

Add prerelease(v) that returns prerelease components

5.1

Add Backus-Naur for ranges

Remove excessively cute inspection methods

5.0

Remove AMD/Browserified build artifacts

Fix ltr and gtr when using the * range

Fix for range * with a prerelease identifier

Commits

f8cc313 chore: release 5.7.2
2f8fd41 fix: better handling of whitespace (#585)
deb5ad5 chore: @npmcli/template-oss@4.16.0
See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates ua-parser-js from 0.7.31 to 0.7.37

Release notes

Sourced from ua-parser-js's releases.

v0.7.37

Version 0.7.37

Fix misidentified WebView token as device model

Increase UA_MAX_LENGTH to 500

Add new browser: Alipay, Klarna, Smart Lenovo Browser, Vivo Browser

Add new device: Ulefone

Improve device detection: Realme, Xiaomi Redmi

Rename browser: Avant, Baidu, Samsung Internet, Sogou Explorer, Sogou Mobile, WeChat

Changelog

Sourced from ua-parser-js's changelog.

Version 0.7.37

Fix misidentified WebView token as device model

Increase UA_MAX_LENGTH to 500

Add new browser: Alipay, Klarna, Smart Lenovo Browser, Vivo Browser

Add new device: Ulefone

Improve device detection: Realme, Xiaomi Redmi

Rename browser: Avant, Baidu, Samsung Internet, Sogou Explorer, Sogou Mobile, WeChat

Version 0.7.36 / 1.0.36

Add new browser: Snapchat

Add new devices: Infinix, Tecno

Improve device detection: Amazon Fire TV, Xiaomi POCO

Improve OS detection: iOS

Version 0.7.35 / 1.0.35

Fix result from user-supplied user-agent being altered

Add new browser: Heytap, TikTok

Add new engine: LibWeb

Add new OS: SerenityOS

Improve browser detection: Yandex

Improve device detection: iPhone, Amazon Echo

Improve OS detection: iOS

Version 0.7.34 / 1.0.34

Fix Sharp Mobile detected as Huawei Tablet

Fix IE8 bug

Add new devices : Kobo e-Reader, Apple Watch, and some new SmartTV devices

Add new OS : watchOS

Improve browser detection : Kakao, Naver, Brave

Improve device detection : Oculus, iPad

Improve OS detection : Chrome OS

Using navigator.userAgentData as fallback for device.type & os.name

Version 0.7.33 / 1.0.33

Add new browser : Cobalt

Identify Macintosh as an Apple device

Fix ReDoS vulnerability

Version 0.7.32 / 1.0.32

Add new browser : DuckDuckGo, Huawei Browser, LinkedIn

Add new OS : HarmonyOS

Add some Huawei models

Add Sharp Aquos TV

Improve detection Xiaomi Mi CC9

Fix Sony Xperia 1 III misidentified as Acer tablet

Fix Detect Sony BRAVIA as SmartTV

Fix Detect Xiaomi Mi TV as SmartTV

... (truncated)

Commits

d30ad46 Bump version 0.7.37
5302e2d Update changelog
f3de7b7 Backport - Improve browser detection: WeChat (cherry picked from commit 17f0c...
c41100e Backport - Improve browser detection: unified name for Baidu (cherry picked f...
23c5d77 Backport - Improve browser detection: remove unnecessary extra space in "Avan...
e3d5f76 Backport - Improve browser detection: rename "Samsung Browser" to "Samsung In...
02af42f Backport - Fix #682 - Add new browser: Smart Lenovo Browser (cherry picked fr...
57d1ac0 Backport - Fix #683 - change MetaSr into Sogou Explorer (+add Sogou Mobile) (...
ea2c829 Backport - Fix misidentified WebView token as device model - found in #681 (c...
3b896d5 Backport - Fix #681 - Add new browser: Vivo Browser (cherry picked from commi...
Additional commits viewable in compare view

Updates @babel/traverse from 7.18.8 to 7.23.9

Release notes

Sourced from @babel/traverse's releases.

v7.23.9 (2024-01-25)

🐛 Bug Fix

babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env

#16225 fix: systemjs re-traverses helpers (@liuxingbaoyu)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16226 Improve decorated private method check (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env

#16224 Properly sort core-js@3 imports (@nicolo-ribaudo)

babel-traverse

#15383 fix: Don't throw in getTypeAnnotation when using TS+inference (@liuxingbaoyu)

Other

#16210 [eslint] Fix no-use-before-define for class ref in fields (@nicolo-ribaudo)

🏠 Internal

babel-core, babel-parser, babel-template

#16222 Migrate eslint-parser to cts (@liuxingbaoyu)

babel-types

#16213 Remove @babel/types props that are not produced by the parser (@liuxingbaoyu)

🏃‍♀️ Performance

babel-parser

#16072 perf: Improve parser performance for typescript (@liuxingbaoyu)

🔬 Output optimization

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env

#16218 Improve temporary variables for decorators (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#15959 Improve output of using (@liuxingbaoyu)

Committers: 4

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

Nicolò Ribaudo (@nicolo-ribaudo)

@liuxingbaoyu

v7.23.8 (2024-01-08)

🐛 Bug Fix

babel-preset-env

#16181 fix: preset-env throws exception for export * as x (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-decorators

#16201 fix: decorator binds getter/setter to ctx.access for public fields (@liuxingbaoyu)

#16199 fix: Class decorator correctly passes return value (@liuxingbaoyu)

↩️ Revert

#16202 Revert "chore: Update artifact tools (#16184)" (@JLHwung)

🔬 Output optimization

babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-parameters, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

... (truncated)

Changelog

Sourced from @babel/traverse's changelog.

v7.23.9 (2024-01-25)

🐛 Bug Fix

babel-helper-transform-fixture-test-runner, babel-plugin-transform-function-name, babel-plugin-transform-modules-systemjs, babel-preset-env

#16225 fix: systemjs re-traverses helpers (@liuxingbaoyu)

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators

#16226 Improve decorated private method check (@JLHwung)

babel-plugin-proposal-decorators, babel-plugin-transform-async-generator-functions, babel-plugin-transform-runtime, babel-preset-env

#16224 Properly sort core-js@3 imports (@nicolo-ribaudo)

babel-traverse

#15383 fix: Don't throw in getTypeAnnotation when using TS+inference (@liuxingbaoyu)

Other

#16210 [eslint] Fix no-use-before-define for class ref in fields (@nicolo-ribaudo)

🏠 Internal

babel-core, babel-parser, babel-template

#16222 Migrate eslint-parser to cts (@liuxingbaoyu)

babel-types

#16213 Remove @babel/types props that are not produced by the parser (@liuxingbaoyu)

🏃‍♀️ Performance

babel-parser

#16072 perf: Improve parser performance for typescript (@liuxingbaoyu)

🔬 Output optimization

babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-destructuring-private, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties, babel-plugin-transform-class-static-block, babel-plugin-transform-new-target, babel-plugin-transform-parameters, babel-plugin-transform-private-methods, babel-preset-env

#16218 Improve temporary variables for decorators (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#15959 Improve output of using (@liuxingbaoyu)

v7.23.8 (2024-01-08)

🐛 Bug Fix

babel-preset-env

#16181 fix: preset-env throws exception for export * as x (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-decorators

#16201 fix: decorator binds getter/setter to ctx.access for public fields (@liuxingbaoyu)

#16199 fix: Class decorator correctly passes return value (@liuxingbaoyu)

↩️ Revert

#16202 Revert "chore: Update artifact tools (#16184)" (@JLHwung)

🔬 Output optimization

babel-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-parameters, babel-plugin-transform-react-jsx, babel-plugin-transform-runtime, babel-plugin-transform-spread, babel-plugin-transform-typescript, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime

#16194 Improve output of super() (@liuxingbaoyu)

v7.23.7 (2023-12-29)

🐛 Bug Fix

babel-traverse

#16191 fix: Crash when removing without Program (@liuxingbaoyu)

babel-helpers, babel-plugin-proposal-decorators

... (truncated)

Commits

a0dd614 v7.23.9
1200542 fix: Don't throw in getTypeAnnotation when using TS+inference (#15383)
e428a6d v7.23.7
d292822 fix: Crash when removing without Program (#16191)
d02c1f7 v7.23.6
cce807f Bump debug to ^4.3.1 (#16164)
8479012 v7.23.5
da7dc40 Do not remove bindings when removing assignment expression path (#16131)
fadc081 fix: Unexpected duplication of comments (#16110)
13a5c83 v7.23.4
Additional commits viewable in compare view

Updates http-cache-semantics from 4.1.0 to 4.1.1

Commits

2449650 Update mocha
560b2d8 Don't use regex to trim whitespace
b1bdb92 Remove linting package zoo
c20dc7e Cache 308
See full diff in compare view

Updates json5 from 2.2.1 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

Commits

c3a7524 2.2.3
94fd06d docs: update CHANGELOG for v2.2.3
3b8cebf docs(security): use GitHub security advisories
f0fd9e1 docs: publish a security policy
6a91a05 docs(template): bug -> bug report
14f8cb1 2.2.2
10cc7ca docs: update CHANGELOG for v2.2.2
7774c10 fix: add proto to objects and arrays
edde30a Readme: slight tweak to intro
97286f8 Improve example in readme
Additional commits viewable in compare view

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

2f8fd41 #585 better handling of whitespace (#585) (@joaomoreno, @lukekarrys)

5.7

Add minVersion method

5.6

Move boolean loose param to an options object, with backwards-compatibility protection.

Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

Add version coercion capabilities

5.4

Add intersection checking

5.3

Add minSatisfying method

5.2

Add prerelease(v) that returns prerelease components

5.1

Add Backus-Naur for ranges

Remove excessively cute inspection methods

5.0

Remove AMD/Browserified build artifacts

Fix ltr and gtr when using the * range

Fix for range * with a prerelease identifier

Commits

f8cc313 chore: release 5.7.2
2f8fd41 fix: better handling of whitespace (#585)
deb5ad5 chore: @npmcli/template-oss@4.16.0
See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates ua-parser-js from 0.7.31 to 0.7.37

Release notes

Sourced from ua-parser-js's releases.

v0.7.37

Version 0.7.37

Fix misidentified WebView token as device model

Increase UA_MAX_LENGTH to 500

Add new browser: Alipay, Klarna, Smart Lenovo Browser, Vivo Browser

Add new device: Ulefone

Improve device detection: Realme, Xiaomi Redmi

Rename browser: Avant, Baidu, Samsung Internet, Sogou Explorer, Sogou Mobile, WeChat

Changelog

Sourced from ua-parser-js's changelog.

Version 0.7.37

Fix misidentified WebView token as device model

Increase UA_MAX_LENGTH to 500

Add new browser: Alipay, Klarna, Smart Lenovo Browser, Vivo Browser

Add new device: Ulefone

Improve device detection: Realme, Xiaomi Redmi

Rename browser: Avant, Baidu, Samsung Internet, Sogou Explorer, Sogou Mobile, WeChat

Version 0.7.36 / 1.0.36

Add new browser: Snapchat

Add new devices: Infinix, Tecno

Improve device detection: Amazon Fire TV, Xiaomi POCO

Improve OS detection: iOS

Version 0.7.35 / 1.0.35

Fix result from user-supplied user-agent being altered

Add new browser: Heytap, TikTok

Add new engine: LibWeb

Add new OS: SerenityOS

Improve browser detection: Yandex

Improve device detection: iPhone, Amazon Echo

Improve OS detection: iOS

Version 0.7.34 / 1.0.34

Fix Sharp Mobile detected as Huawei Tablet

Fix IE8 bug

Add new devices : Kobo e-Reader, Apple Watch, and some new SmartTV devices

Add new OS : watchOS

Improve browser detection : Kakao, Naver, Brave

Improve device detection : Oculus, iPad

Improve OS detection : Chrome OS

Using navigator.userAgentData as fallback for device.type & os.name

Version 0.7.33 / 1.0.33

Add new browser : Cobalt

Identify Macintosh as an Apple device

Fix ReDoS vulnerability

Version 0.7.32 / 1.0.32

Add new browser : DuckDuckGo, Huawei Browser, LinkedIn

Add new OS : HarmonyOS

Add some Huawei models

Add Sharp Aquos TV

Improve detection Xiaomi Mi CC9

Fix Sony Xperia 1 III misidentified as Acer tablet

Fix Detect Sony BRAVIA as SmartTV

Fix Detect Xiaomi Mi TV as SmartTV

... (truncated)

Commits

d30ad46 Bump version 0.7.37
5302e2d Update changelog
f3de7b7 Backport - Improve browser detection: WeChat (cherry picked from commit 17f0c...
c41100e Backport - Improve browser detection: unified name for Baidu (cherry picked f...
23c5d77 Backport - Improve browser detection: remove unnecessary extra space in "Avan...
e3d5f76 Backport - Improve browser detection: rename "Samsung Browser" to "Samsung In...

Bumps the npm_and_yarn group with 7 updates in the /docs/website directory: | Package | From | To | | --- | --- | --- | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.21.4` | `7.23.9` | | [@sideway/formula](https://github.com/sideway/formula) | `3.0.0` | `3.0.1` | | [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) | `4.1.0` | `4.1.1` | | [json5](https://github.com/json5/json5) | `2.2.1` | `2.2.3` | | [postcss](https://github.com/postcss/postcss) | `8.4.16` | `8.4.35` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [ua-parser-js](https://github.com/faisalman/ua-parser-js) | `0.7.31` | `0.7.37` | Bumps the npm_and_yarn group with 6 updates in the /tests/examples/source/angular directory: | Package | From | To | | --- | --- | --- | | [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) | `7.18.8` | `7.23.9` | | [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) | `4.1.0` | `4.1.1` | | [json5](https://github.com/json5/json5) | `2.2.1` | `2.2.3` | | [semver](https://github.com/npm/node-semver) | `5.7.1` | `5.7.2` | | [ua-parser-js](https://github.com/faisalman/ua-parser-js) | `0.7.31` | `0.7.37` | | [socket.io](https://github.com/socketio/socket.io) | `4.5.1` | `4.7.4` | Bumps the npm_and_yarn group with 4 updates in the /ui directory: [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse), [semver](https://github.com/npm/node-semver), [ua-parser-js](https://github.com/faisalman/ua-parser-js) and [socket.io](https://github.com/socketio/socket.io). Updates `@babel/traverse` from 7.21.4 to 7.23.9 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.9/packages/babel-traverse) Updates `@sideway/formula` from 3.0.0 to 3.0.1 - [Commits](hapijs/formula@v3.0.0...v3.0.1) Updates `http-cache-semantics` from 4.1.0 to 4.1.1 - [Commits](kornelski/http-cache-semantics@v4.1.0...v4.1.1) Updates `json5` from 2.2.1 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.1...v2.2.3) Updates `postcss` from 8.4.16 to 8.4.35 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.16...8.4.35) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `ua-parser-js` from 0.7.31 to 0.7.37 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/CHANGELOG.md) - [Commits](faisalman/ua-parser-js@0.7.31...0.7.37) Updates `@babel/traverse` from 7.18.8 to 7.23.9 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.9/packages/babel-traverse) Updates `http-cache-semantics` from 4.1.0 to 4.1.1 - [Commits](kornelski/http-cache-semantics@v4.1.0...v4.1.1) Updates `json5` from 2.2.1 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.1...v2.2.3) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `ua-parser-js` from 0.7.31 to 0.7.37 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/CHANGELOG.md) - [Commits](faisalman/ua-parser-js@0.7.31...0.7.37) Updates `socket.io` from 4.5.1 to 4.7.4 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io@4.5.1...4.7.4) Updates `socket.io-parser` from 4.0.5 to 4.2.4 - [Release notes](https://github.com/socketio/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io-parser@4.0.5...4.2.4) Updates `@babel/traverse` from 7.21.2 to 7.23.9 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.9/packages/babel-traverse) Updates `semver` from 5.7.1 to 5.7.2 - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](npm/node-semver@v5.7.1...v5.7.2) Updates `ua-parser-js` from 0.7.34 to 0.7.37 - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/CHANGELOG.md) - [Commits](faisalman/ua-parser-js@0.7.31...0.7.37) Updates `socket.io` from 4.6.1 to 4.7.4 - [Release notes](https://github.com/socketio/socket.io/releases) - [Changelog](https://github.com/socketio/socket.io/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io@4.5.1...4.7.4) Updates `socket.io-parser` from 4.2.2 to 4.2.4 - [Release notes](https://github.com/socketio/socket.io-parser/releases) - [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md) - [Commits](socketio/socket.io-parser@4.0.5...4.2.4) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: "@sideway/formula" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: http-cache-semantics dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: postcss dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: http-cache-semantics dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: json5 dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: socket.io dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: "@babel/traverse" dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: semver dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: ua-parser-js dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: socket.io dependency-type: indirect dependency-group: npm_and_yarn-security-group - dependency-name: socket.io-parser dependency-type: indirect dependency-group: npm_and_yarn-security-group ... Signed-off-by: dependabot[bot] <[email protected]>

openshift-ci · 2024-02-09T22:58:46Z

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a redhat-developer member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

netlify · 2024-02-09T22:58:52Z

✅ Deploy Preview for odo-docusaurus-preview canceled.

Name	Link
🔨 Latest commit	`d7fb6cd`
🔍 Latest deploy log	https://app.netlify.com/sites/odo-docusaurus-preview/deploys/65c6ae1c1606c100081e3bbd

sonarcloud · 2024-02-09T22:59:07Z

Quality Gate passed

Issues
0 New issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

dependabot · 2024-02-10T08:00:01Z

Superseded by #7219.

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 9, 2024

dependabot bot mentioned this pull request Feb 9, 2024

Bump the npm_and_yarn group across 3 directories with 9 updates #7216

Closed

dependabot bot requested review from kadel and rm3l February 9, 2024 22:58

openshift-ci bot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. Required by Prow. label Feb 9, 2024

dependabot bot closed this Feb 10, 2024

dependabot bot deleted the dependabot/npm_and_yarn/docs/website/npm_and_yarn-security-group-7913e39f85 branch February 10, 2024 08:00

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the npm_and_yarn group across 3 directories with 9 updates #7217

Bump the npm_and_yarn group across 3 directories with 9 updates #7217

dependabot bot commented on behalf of github Feb 9, 2024

openshift-ci bot commented Feb 9, 2024

netlify bot commented Feb 9, 2024 •

edited

Loading

sonarcloud bot commented Feb 9, 2024

dependabot bot commented on behalf of github Feb 10, 2024

Bump the npm_and_yarn group across 3 directories with 9 updates #7217

Bump the npm_and_yarn group across 3 directories with 9 updates #7217

Conversation

dependabot bot commented on behalf of github Feb 9, 2024

v7.23.9 (2024-01-25)

🐛 Bug Fix

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

Committers: 4

v7.23.8 (2024-01-08)

🐛 Bug Fix

↩️ Revert

🔬 Output optimization

v7.23.9 (2024-01-25)

🐛 Bug Fix

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

v7.23.8 (2024-01-08)

🐛 Bug Fix

↩️ Revert

🔬 Output optimization

v7.23.7 (2023-12-29)

🐛 Bug Fix

v2.2.3

v2.2.2

v2.2.3 [code, diff]

v2.2.2 [code, diff]

8.4.35

8.4.34

8.4.33

8.4.32

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

8.4.23

8.4.22

8.4.21

8.4.35

8.4.34

8.4.33

8.4.32

8.4.31

8.4.30

8.4.29

8.4.28

8.4.27

8.4.26

8.4.25

8.4.24

8.4.23

8.4.22

8.4.21

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

5.7.2 (2023-07-10)

Bug Fixes

5.7

5.6

5.5

5.4

5.3

5.2

5.1

5.0

v0.7.37

Version 0.7.37

Version 0.7.37

Version 0.7.36 / 1.0.36

Version 0.7.35 / 1.0.35

Version 0.7.34 / 1.0.34

Version 0.7.33 / 1.0.33

Version 0.7.32 / 1.0.32

netlify bot commented Feb 9, 2024 •

edited

Loading