You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Please don't delete this checklist! Before submitting the PR, please make sure you do the following:
It's really useful if your PR references an issue where it is discussed ahead of time. In many cases, features are absent for a reason. For large changes, please create an RFC: https://github.com/sveltejs/rfcs
This message body should clearly illustrate what problems it solves.
Ideally, include a test that fails without this PR but passes with it.
Tests
Run the tests with pnpm test and lint the project with pnpm lint and pnpm check
Changesets
If your PR makes a change that should be noted in one or more packages' changelogs, generate a changeset by running pnpm changeset and following the prompts. Changesets that add features should be minor and those that fix bugs should be patch. Please prefix changeset messages with feat:, fix:, or chore:.
Edits
Please ensure that 'Allow edits from maintainers' is checked. PRs without this option may be closed.
Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.
This PR includes no changesets
When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types
This would be a breaking change requiring a new major since it would force people to upgrade the version of wrangler they're using. I wonder if we should consider something like #12452 instead
This would be a breaking change requiring a new major since it would force people to upgrade the version of wrangler they're using. I wonder if we should consider something like #12452 instead
Definitely in favour of the optional dependency 👍🏼. I’ll close this one
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Upgrading
wranglershould resolve https://github.com/sveltejs/kit/security/dependabot/20 as it is the sole package relying on[email protected]. The latest version ofwrangleruses[email protected]which no longer has this vulnerability.Not sure about the changeset though. Is this a patch fix if
wrangleris updated to a new minor?EDIT: unfortunately this does not resolve https://github.com/sveltejs/kit/security/dependabot/24 where the latest
wranglerstill relies on[email protected]through[email protected]cc: @dario-piotrowicz @jamesopstad
Please don't delete this checklist! Before submitting the PR, please make sure you do the following:
Tests
pnpm testand lint the project withpnpm lintandpnpm checkChangesets
pnpm changesetand following the prompts. Changesets that add features should beminorand those that fix bugs should bepatch. Please prefix changeset messages withfeat:,fix:, orchore:.Edits