Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update all non-major dependencies #15959

Merged
merged 2 commits into from
Feb 20, 2024
Merged

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Feb 19, 2024

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence Type Update
@builder.io/qwik (source) ^1.4.4 -> ^1.4.5 age adoption passing confidence dependencies patch
@types/node (source) ^20.11.17 -> ^20.11.19 age adoption passing confidence devDependencies patch
@types/react (source) ^18.2.55 -> ^18.2.56 age adoption passing confidence devDependencies patch
@vue/shared (source) ^3.4.18 -> ^3.4.19 age adoption passing confidence dependencies patch
browserslist ^4.22.3 -> ^4.23.0 age adoption passing confidence dependencies minor
core-js (source) ^3.35.1 -> ^3.36.0 age adoption passing confidence dependencies minor
dotenv ^16.4.2 -> ^16.4.4 age adoption passing confidence devDependencies patch
dotenv-expand ^11.0.3 -> ^11.0.6 age adoption passing confidence devDependencies patch
miniflare (source) ^3.20240129.1 -> ^3.20240129.3 age adoption passing confidence devDependencies patch
pnpm (source) 8.15.1 -> 8.15.3 age adoption passing confidence packageManager patch
postcss-import ^16.0.0 -> ^16.0.1 age adoption passing confidence devDependencies patch
preact (source) ^10.19.4 -> ^10.19.5 age adoption passing confidence dependencies patch
sass ^1.70.0 -> ^1.71.0 age adoption passing confidence devDependencies minor
solid-js (source) ^1.8.14 -> ^1.8.15 age adoption passing confidence dependencies patch
svelte (source) ^4.2.10 -> ^4.2.11 age adoption passing confidence devDependencies patch
terser (source) ^5.27.0 -> ^5.27.1 age adoption passing confidence devDependencies patch
tj-actions/changed-files v42.0.2 -> v42.0.4 age adoption passing confidence action patch
vite (source) ^5.1.1 -> ^5.1.3 age adoption passing confidence devDependencies patch
vite-plugin-solid ^2.9.1 -> ^2.10.1 age adoption passing confidence devDependencies minor
vitepress (source) 1.0.0-rc.42 -> 1.0.0-rc.43 age adoption passing confidence devDependencies patch
vitest (source) ^1.2.2 -> ^1.3.0 age adoption passing confidence devDependencies minor
vue (source) ^3.4.18 -> ^3.4.19 age adoption passing confidence dependencies patch
vue (source) ^3.4.18 -> ^3.4.19 age adoption passing confidence devDependencies patch

Release Notes

BuilderIO/qwik (@​builder.io/qwik)

v1.4.5

Compare Source

What's Changed
New Contributors

Full Changelog: QwikDev/qwik@v1.4.4...v1.4.5

vuejs/core (@​vue/shared)

v3.4.19

Compare Source

Bug Fixes
Features

Note: this warning is categorized as a feature but released in a patch because it does not affect public APIs.

Performance Improvements
browserslist/browserslist (browserslist)

v4.23.0

Compare Source

zloirock/core-js (core-js)

v3.36.0

Compare Source

motdotla/dotenv (dotenv)

v16.4.4

Compare Source

Changed
  • 🐞 Replaced chaining operator ?. with old school && (fixing node 12 failures) #​812

v16.4.3

Compare Source

Changed
  • Fixed processing of multiple files in options.path #​805
motdotla/dotenv-expand (dotenv-expand)

v11.0.6

Compare Source

Changed
  • Fix .nyc_output in .npmignore

v11.0.5

Compare Source

Changed
  • 🐞 fix recursive expansion when expansion key is sourced from process.env (#​121)

v11.0.4

Compare Source

Changed
  • 🐞 fix recursive expansion when expansion keys in reverse order (#​118)
cloudflare/workers-sdk (miniflare)

v3.20240129.3

Compare Source

Minor Changes
  • #​4795 027f9719 Thanks @​mrbbot! - feat: pass Miniflare instance as argument to custom service binding handlers

    This change adds a new Miniflare-typed parameter to function-valued service binding handlers. This provides easy access to the correct bindings when re-using service functions across instances.

    import assert from "node:assert";
    import { Miniflare, Response } from "miniflare";
    
    const mf = new Miniflare({
    	serviceBindings: {
    		SERVICE(request, instance) {
    			assert(instance === mf);
    			return new Response();
    		},
    	},
    });
  • #​4795 027f9719 Thanks @​mrbbot! - feat: allow URLs to be passed in hyperdrives

    Previously, the hyperdrives option only accepted strings as connection strings. This change allows URL objects to be passed too.

  • #​4795 027f9719 Thanks @​mrbbot! - feat: add support for custom root paths

    Miniflare has lots of file-path-valued options (e.g. scriptPath, kvPersist, textBlobBindings). Previously, these were always resolved relative to the current working directory before being used. This change adds a new rootPath shared, and per-worker option for customising this behaviour. Instead of resolving relative to the current working directory, Miniflare will now resolve path-valued options relative to the closest rootPath option. Paths are still resolved relative to the current working directory if no rootPaths are defined. Worker-level rootPaths are themselves resolved relative to the shared rootPath if defined.

    import { Miniflare } from "miniflare";
    
    const mf1 = new Miniflare({
    	scriptPath: "index.mjs",
    });
    
    const mf2 = new Miniflare({
    	rootPath: "a/b",
    	scriptPath: "c/index.mjs",
    });
    
    const mf3 = new Miniflare({
    	rootPath: "/a/b",
    	workers: [
    		{
    			name: "1",
    			rootPath: "c",
    			scriptPath: "index.mjs",
    		},
    		{
    			name: "2",
    			scriptPath: "index.mjs",
    		},
    	],
    });
  • #​4795 027f9719 Thanks @​mrbbot! - feat: allow easy binding to current worker

    Previously, if you wanted to create a service binding to the current Worker, you'd need to know the Worker's name. This is usually possible, but can get tricky when dealing with many Workers. This change adds a new kCurrentWorker symbol that can be used instead of a Worker name in serviceBindings. kCurrentWorker always points to the Worker with the binding.

    import { kCurrentWorker, Miniflare } from "miniflare";
    
    const mf = new Miniflare({
    	serviceBindings: {
    		SELF: kCurrentWorker,
    	},
    	modules: true,
    	script: `export default {
        fetch(request, env, ctx) {
          const { pathname } = new URL(request.url);
          if (pathname === "/recurse") {
            return env.SELF.fetch("http://placeholder");
          }
          return new Response("body");
        }
      }`,
    });
    
    const response = await mf.dispatchFetch("http://placeholder/recurse");
    console.log(await response.text()); // body
Patch Changes
  • #​4954 7723ac17 Thanks @​mrbbot! - fix: allow relative scriptPath/modulesRoots to break out of current working directory

    Previously, Miniflare would resolve relative scriptPaths against moduleRoot multiple times resulting in incorrect paths and module names. This would lead to can't use ".." to break out of starting directory workerd errors. This change ensures Miniflare uses scriptPath as is, and only resolves it relative to modulesRoot when computing module names. Note this bug didn't affect service workers. This allows you to reference a modules scriptPath outside the working directory with something like:

    const mf = new Miniflare({
    	modules: true,
    	modulesRoot: "..",
    	scriptPath: "../worker.mjs",
    });

    Fixes #​4721

  • #​4795 027f9719 Thanks @​mrbbot! - fix: return non-WebSocket responses for failed WebSocket upgrading fetch()es

    Previously, Miniflare's fetch() would throw an error if the Upgrade: websocket header was set, and a non-WebSocket response was returned from the origin. This change ensures the non-WebSocket response is returned from fetch() instead, with webSocket set to null. This allows the caller to handle the response as they see fit.

  • #​4795 027f9719 Thanks @​mrbbot! - fix: ensure MiniflareOptions, WorkerOptions, and SharedOptions types are correct

    Miniflare uses Zod for validating options. Previously, Miniflare inferred *Options from the output types of its Zod schemas, rather than the input types. In most cases, these were the same. However, the hyperdrives option has different input/output types, preventing these from being type checked correctly.

v3.20240129.2

Compare Source

Patch Changes
  • #​4950 05360e43 Thanks @​petebacondarwin! - fix: ensure we do not rewrite external Origin headers in wrangler dev

    In https://github.com/cloudflare/workers-sdk/pull/4812 we tried to fix the Origin headers to match the Host header but were overzealous and rewrote Origin headers for external origins (outside of the proxy server's origin).

    This is now fixed, and moreover we rewrite any headers that refer to the proxy server on the request with the configured host and vice versa on the response.

    This should ensure that CORS is not broken in browsers when a different host is being simulated based on routes in the Wrangler configuration.

pnpm/pnpm (pnpm)

v8.15.3

Compare Source

Patch Changes

  • Remove vulnerable "ip" package from the dependencies #​7652.

Platinum Sponsors

Gold Sponsors

Our Silver Sponsors

v8.15.2

Compare Source

Patch Changes

  • When purging multiple node_modules directories, pnpm will no longer print multiple prompts simultaneously.
  • Don't print an unnecessary warning when adding new dependencies to a project that uses hoisted node_modules.
  • Linking globally the command of a package that has no name in package.json #​4761.
  • Installation should work with lockfile created by pnpm v9.0.0-alpha.4

Platinum Sponsors

Gold Sponsors

Our Silver Sponsors

postcss/postcss-import (postcss-import)

v16.0.1

Compare Source

  • Fix crash when handling some @imports with media conditions (#​557, #​558)
preactjs/preact (preact)

v10.19.5

Compare Source

Fixes
Types
sass/dart-sass (sass)

v1.71.0

Compare Source

For more information about pkg: importers, see the
announcement
on the Sass blog.

Command-Line Interface
  • Add a --pkg-importer flag to enable built-in pkg: importers. Currently
    this only supports the Node.js package resolution algorithm, via
    --pkg-importer=node. For example, @use "pkg:bootstrap" will load
    node_modules/bootstrap/scss/bootstrap.scss.
JavaScript API
  • Add a NodePackageImporter importer that can be passed to the importers
    option. This loads files using the pkg: URL scheme according to the Node.js
    package resolution algorithm. For example, @use "pkg:bootstrap" will load
    node_modules/bootstrap/scss/bootstrap.scss. The constructor takes a single
    optional argument, which indicates the base directory to use when locating
    node_modules directories. It defaults to
    path.dirname(require.main.filename).
Dart API
  • Add a NodePackageImporter importer that can be passed to the importers
    option. This loads files using the pkg: URL scheme according to the Node.js
    package resolution algorithm. For example, @use "pkg:bootstrap" will load
    node_modules/bootstrap/scss/bootstrap.scss. The constructor takes a single
    argument, which indicates the base directory to use when locating
    node_modules directories.
sveltejs/svelte (svelte)

v4.2.11

Compare Source

Patch Changes
  • fix: check that component wasn't instantiated in connectedCallback (#​10466)
terser/terser (terser)

v5.27.1

Compare Source

  • Fixed case where collapse_vars inlines await expressions into non-async functions.
tj-actions/changed-files (tj-actions/changed-files)

v42.0.4

Compare Source

What's Changed

Full Changelog: tj-actions/changed-files@v42...v42.0.4

v42.0.3

Compare Source

What's Changed


Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Feb 19, 2024
Copy link

stackblitz bot commented Feb 19, 2024

Review PR in StackBlitz Codeflow Run & review this pull request in StackBlitz Codeflow.

@patak-dev
Copy link
Member

Pushed a bump to the max bundle size (+10kb, from 165kb to 175kb) as we are hitting the limit after this PR.

Copy link
Contributor Author

renovate bot commented Feb 19, 2024

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

Warning: custom changes will be lost.

@sapphi-red sapphi-red merged commit 571a3fd into main Feb 20, 2024
10 checks passed
@sapphi-red sapphi-red deleted the renovate/all-minor-patch branch February 20, 2024 07:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants