Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm_and_yarn group across 1 directory with 8 updates #8699

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

Bump the npm_and_yarn group across 1 directory with 8 updates #8699

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 13, 2024

Bumps the npm_and_yarn group with 8 updates in the / directory:

Package From To
node-fetch 2.6.8 2.6.9
postcss 8.4.31 8.4.32
tough-cookie 2.5.0 4.1.4
jsdom 16.5.0 16.7.0
jest-puppeteer 4.4.0 10.0.1
webpack-dev-middleware 3.7.3 removed
@storybook/addon-storyshots 6.5.16 7.6.17
@storybook/react 6.5.14 8.0.10

Updates node-fetch from 2.6.8 to 2.6.9

Release notes

Sourced from node-fetch's releases.

v2.6.9

2.6.9 (2023-01-30)

Bug Fixes

Commits

Updates postcss from 8.4.31 to 8.4.32

Release notes

Sourced from postcss's releases.

8.4.32

Changelog

Sourced from postcss's changelog.

8.4.32

  • Fixed postcss().process() types (by Andrew Ferreira).
Commits

Updates tough-cookie from 2.5.0 to 4.1.4

Release notes

Sourced from tough-cookie's releases.

v4.1.4

https://www.npmjs.com/package/tough-cookie/v/4.1.4

What's Changed

New Contributors

Full Changelog: salesforce/tough-cookie@v4.1.3...v4.1.4

4.1.3

Security fix for Prototype Pollution discovery in #282. This is a minor release, although output from the inspect utility is affected by this change, we felt this change was important enough to be pushed into the next patch.

4.1.2 -- Patch and Bugfix Release

What's Changed

Full Changelog: salesforce/tough-cookie@v4.1.1...v4.1.2

4.1.1

Patch Release

What's Changed

Full Changelog: salesforce/tough-cookie@v4.1.0...v4.1.1

4.1.0

v4.1.0

Minor release, focused mainly on resolving reported issues and some minor feature work.

What's Changed

... (truncated)

Commits
  • cacbc37 Bump version to 4.1.4
  • a48fb3a Add tests for url validation
  • 50e69bf Merge pull request #261 from postmanlabs/fix/url-string-validation
  • 1253d58 Merge pull request #409 from corvidism/validators-to-string
  • 238367e Add local alias for toString
  • 4ff4d29 4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)
  • 12d4747 Prevent prototype pollution in cookie memstore (#283)
  • f06b72d Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...
  • cf6debd Fix incorrect string validation for URL
  • b1a8898 fix: allow set cookies with localhost (#253)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ccasey, a new releaser for tough-cookie since your current version.


Updates jsdom from 16.5.0 to 16.7.0

Release notes

Sourced from jsdom's releases.

Version 16.7.0

  • Added AbortSignal.abort(). (ninevra)
  • Added dummy x and y properties to the return value of getBoundingClientRect(). (eiko)
  • Implemented wrapping for textareaEl.value if the wrap="" attribute is specified. (ninevra)
  • Changed newline normalization in <textarea>s according to recent HTML Standard updates. (ninevra)
  • Fixed some bad cascade computation in getComputedStyle(). (romain-trotard)

Version 16.6.0

  • Added parentNode.replaceChildren(). (@​ninevra)
  • Fixed jsdom's handling of when code running inside the jsdom throws null or undefined as an exception. (@​mbest)
  • Removed the dependency on the deprecated request package, in the process fixing several issues with the XMLHttpRequest implementation around header processing. Thanks go to @​tobyhinloopen, @​andrewaylett, and especially @​vegardbb, for completing this months-long effort!

Version 16.5.3

  • Fixed infinite recursion when using MutationObservers to observe elements inside a MutationObserver callback.

Version 16.5.2

  • Fixed Access-Control-Allow-Headers: * to work with XMLHttpRequest. (silviot)
  • Fixed xhr.response to strip any leading BOM when xhr.responseType is "json".
  • Fixed new Text() and new Comment() constructors to properly set the resulting node's ownerDocument.
  • Fixed customElements.whenDefined() to resolve its returned promise with the custom element constructor, per recent spec updates. (ExE-Boss)
  • Fixed parsing to ensure that <svg>\<template></template></svg> does not throw an exception, but instead correctly produces a SVG-namespace \<template> element.
  • Fixed domParser.parseFromString() to treat <noscript> elements appropriately.
  • Fixed form control validity checking when the control was outside the <form> element and instead associated using the form="" attribute.
  • Fixed legendEl.form to return the correct result based on its parent <fieldset>.
  • Fixed optionEl.text to exclude <script> descendants.
  • Fixed radio buttons and checkboxes to not fire input and change events when disconnected.
  • Fixed inputEl.indeterminate to reset to its previous value when canceling a click event on a checkbox or radio button.
  • Fixed the behavior of event handler attributes (e.g. onclick="...code...") when there were global variables named element or formOwner. (ExE-Boss)
  • On Node.js v14.6.0+ where WeakRefs are available, fixed NodeIterator to no longer stop working when more than ten NodeIterator instances are created, and to use less memory due to inactive NodeIterators sticking around. (ExE-Boss)

Version 16.5.1

  • Fixed a regression that broke customElements.get() in v16.5.0. (fdesforges)
  • Fixed window.event to have a setter which overwrites the window.event property with the given value, per the specification. This fixes an issue where after upgrading to jsdom v16.5.0 you would no longer be able to set a global variable named event in the jsdom context.
Changelog

Sourced from jsdom's changelog.

16.7.0

  • Added AbortSignal.abort(). (ninevra)
  • Added dummy x and y properties to the return value of getBoundingClientRect(). (eiko)
  • Implemented wrapping for textareaEl.value if the wrap="" attribute is specified. (ninevra)
  • Changed newline normalization in <textarea>s according to recent HTML Standard updates. (ninevra)
  • Fixed some bad cascade computation in getComputedStyle(). (romain-trotard)

16.6.0

  • Added parentNode.replaceChildren(). (ninevra)
  • Fixed jsdom's handling of when code running inside the jsdom throws null or undefined as an exception. (mbest)
  • Removed the dependency on the deprecated request package, in the process fixing several issues with the XMLHttpRequest implementation around header processing. Special thanks to vegardbb for completing this months-long effort!

16.5.3

  • Fixed infinite recursion when using MutationObservers to observe elements inside a MutationObserver callback.

16.5.2

  • Fixed Access-Control-Allow-Headers: * to work with XMLHttpRequest. (silviot)
  • Fixed xhr.response to strip any leading BOM when xhr.responseType is "json".
  • Fixed new Text() and new Comment() constructors to properly set the resulting node's ownerDocument.
  • Fixed customElements.whenDefined() to resolve its returned promise with the custom element constructor, per recent spec updates. (ExE-Boss)
  • Fixed parsing to ensure that <svg>\<template></template></svg> does not throw an exception, but instead correctly produces a SVG-namespace \<template> element.
  • Fixed domParser.parseFromString() to treat <noscript> elements appropriately.
  • Fixed form control validity checking when the control was outside the <form> element and instead associated using the form="" attribute.
  • Fixed legendEl.form to return the correct result based on its parent <fieldset>.
  • Fixed optionEl.text to exclude <script> descendants.
  • Fixed radio buttons and checkboxes to not fire input and change events when disconnected.
  • Fixed inputEl.indeterminate to reset to its previous value when canceling a click event on a checkbox or radio button.
  • Fixed the behavior of event handler attributes (e.g. onclick="...code...") when there were global variables named element or formOwner. (ExE-Boss)
  • On Node.js v14.6.0+ where WeakRefs are available, fixed NodeIterator to no longer stop working when more than ten NodeIterator instances are created, and to use less memory due to inactive NodeIterators sticking around. (ExE-Boss)

16.5.1

  • Fixed a regression that broke customElements.get() in v16.5.0. (fdesforges)
  • Fixed window.event to have a setter which overwrites the window.event property with the given value, per the specification. This fixes an issue where after upgrading to jsdom v16.5.0 you would no longer be able to set a global variable named event in the jsdom context.
Commits

Updates jest-puppeteer from 4.4.0 to 10.0.1

Release notes

Sourced from jest-puppeteer's releases.

v10.0.1

Bug Fixes

v10.0.0

Features

BREAKING CHANGES

  • Drop Node.js v16 support.

v9.0.2

Bug Fixes

v9.0.1

Bug Fixes

  • fix compatibility with Puppeteer v21 (#566) (5cfee1f)

v9.0.0

Bug Fixes

  • expect-puppeteer: fix addSnapshotSerializer usage (826fd31), closes #552
  • jest-dev-server: no default host (c35e403)
  • jest-dev-server: properly detect if port is used, using both config.port and config.host options. (351720a), closes #555
  • types: fix environment global types (fb691f7)
  • types: fix missing jestPuppeteer global before setup (37e2294)

Features

  • drop Node.js v14 support (d7d9833)

... (truncated)

Changelog

Sourced from jest-puppeteer's changelog.

10.0.1 (2024-02-15)

Note: Version bump only for package jest-puppeteer

10.0.0 (2024-02-10)

Note: Version bump only for package jest-puppeteer

9.0.2 (2023-12-06)

Note: Version bump only for package jest-puppeteer

9.0.1 (2023-10-01)

Bug Fixes

  • fix compatibility with Puppeteer v21 (#566) (5cfee1f)

9.0.0 (2023-05-24)

Features

  • drop Node.js v14 support (d7d9833)

BREAKING CHANGES

  • drop Node.js v14 support

... (truncated)

Commits

Removes webpack-dev-middleware

Updates @storybook/addon-storyshots from 6.5.16 to 7.6.17

Release notes

Sourced from @​storybook/addon-storyshots's releases.

v7.6.17

7.6.17

v7.6.16

7.6.16

  • Addon Themes: Make type generic less strict - #26042, thanks @​yannbf!
  • Interaction: Make sure that adding spies doesn't cause infinite loops with self referencing args #26019, thanks @​kasperpeulen!

v7.6.15

7.6.15

  • Interaction: Make sure that adding spies doesn't cause infinite loops with self referencing args #26019, thanks @​kasperpeulen!

v7.6.14

7.6.14

v7.6.13

7.6.13

v7.6.12

7.6.12

  • CLI: Fix upgrade detecting the wrong version of existing Storybooks - #25752, thanks @​JReinhold!

v7.6.11

7.6.11

v7.6.10

7.6.10

v7.6.9

7.6.9

... (truncated)

Changelog

Sourced from @​storybook/addon-storyshots's changelog.

7.6.17

7.6.16

  • Addon Themes: Make type generic less strict - #26042, thanks @​yannbf!
  • Interaction: Make sure that adding spies doesn't cause infinite loops with self referencing args #26019, thanks @​kasperpeulen!

7.6.15

This release accidentally didn't contain anything.

7.6.14

7.6.13

7.6.12

  • CLI: Fix upgrade detecting the wrong version of existing Storybooks - #25752, thanks @​JReinhold!

7.6.11

7.6.10

7.6.9

7.6.8

... (truncated)

Commits
  • 60bf2b5 Bump version from "7.6.16" to "7.6.17" [skip ci]
  • 287300b Bump version from "7.6.15" to "7.6.16" [skip ci]
  • 8bcc3b4 Bump version from "7.6.14" to "7.6.15" [skip ci]
  • 8d42c55 Bump version from "7.6.13" to "7.6.14" [skip ci]
  • 95ed703 Bump version from "7.6.12" to "7.6.13" [skip ci]
  • cebb1a7 Bump version from "7.6.11" to "7.6.12" [skip ci]
  • a8b5861 Bump version from "7.6.10" to "7.6.11" [skip ci]
  • 0a8f25a Bump version from "7.6.9" to "7.6.10" [skip ci]
  • fbb29c1 Bump version from "7.6.8" to "7.6.9" [skip ci]
  • 2eded2e Bump version from "7.6.7" to "7.6.8" [skip ci]
  • Additional commits viewable in compare view

Updates @storybook/react from 6.5.14 to 8.0.10

Release notes

Sourced from @​storybook/react's releases.

v8.0.10

8.0.10

v8.0.9

8.0.9

v8.0.8

8.0.8

v8.0.7

8.0.7

v8.0.6

8.0.6

v8.0.5

8.0.5

v8.0.4

... (truncated)

Changelog

Sourced from @​storybook/react's changelog.

8.0.10

8.0.9

8.0.8

8.0.7

8.0.6

8.0.5

8.0.4

  • Addon Docs: Support Stencil based display names in source snippets - #26592, thanks @​yannbf!
  • CLI: Instruct the correct auto-migration command - #26515, thanks @​ndelangen!
  • CLI: Throw an error when running upgrade command in incorrect cwd - #26585, thanks @​yannbf!

8.0.3

... (truncated)

Commits
  • 85705aa Bump version from "8.0.9" to "8.0.10" [skip ci]
  • 3c598bd Bump version from "8.0.8" to "8.0.9" [skip ci]
  • 8fd4633 Merge pull request #26824 from storybookjs/kasper/update-csf
  • b96b670 Bump version from "8.0.7" to "8.0.8" [skip ci]
  • b7c50bb Bump version from "8.0.6" to "8.0.7" [skip ci]
  • 6cf8ae4 Bump version from "8.0.5" to "8.0.6" [skip ci]
  • 75565ed Bump version from "8.0.4" to "8.0.5" [skip ci]
  • b66dfe0 Bump version from "8.0.3" to "8.0.4" [skip ci]
  • eac115d Merge pull request #26592 from storybookjs/yann/fix-forward-ref-docgen-usecase
  • f30d120 Bump version from "8.0.2" to "8.0.3" [skip ci]
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group across 1 directory with 8 updates
60f37ed 
Bumps the npm_and_yarn group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [node-fetch](https://github.com/node-fetch/node-fetch) | `2.6.8` | `2.6.9` |
| [postcss](https://github.com/postcss/postcss) | `8.4.31` | `8.4.32` |
| [tough-cookie](https://github.com/salesforce/tough-cookie) | `2.5.0` | `4.1.4` |
| [jsdom](https://github.com/jsdom/jsdom) | `16.5.0` | `16.7.0` |
| [jest-puppeteer](https://github.com/argos-ci/jest-puppeteer/tree/HEAD/packages/jest-puppeteer) | `4.4.0` | `10.0.1` |
| [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) | `3.7.3` | `removed` |
| [@storybook/addon-storyshots](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/storyshots-core) | `6.5.16` | `7.6.17` |
| [@storybook/react](https://github.com/storybookjs/storybook/tree/HEAD/code/renderers/react) | `6.5.14` | `8.0.10` |



Updates `node-fetch` from 2.6.8 to 2.6.9
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](node-fetch/node-fetch@v2.6.8...v2.6.9)

Updates `postcss` from 8.4.31 to 8.4.32
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](postcss/postcss@8.4.31...8.4.32)

Updates `tough-cookie` from 2.5.0 to 4.1.4
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v2.5.0...v4.1.4)

Updates `jsdom` from 16.5.0 to 16.7.0
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/main/Changelog.md)
- [Commits](jsdom/jsdom@16.5.0...16.7.0)

Updates `jest-puppeteer` from 4.4.0 to 10.0.1
- [Release notes](https://github.com/argos-ci/jest-puppeteer/releases)
- [Changelog](https://github.com/argos-ci/jest-puppeteer/blob/main/packages/jest-puppeteer/CHANGELOG.md)
- [Commits](https://github.com/argos-ci/jest-puppeteer/commits/v10.0.1/packages/jest-puppeteer)

Removes `webpack-dev-middleware`

Updates `@storybook/addon-storyshots` from 6.5.16 to 7.6.17
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/v7.6.17/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v7.6.17/code/addons/storyshots-core)

Updates `@storybook/react` from 6.5.14 to 8.0.10
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v8.0.10/code/renderers/react)

---
updated-dependencies:
- dependency-name: node-fetch
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: postcss
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: tough-cookie
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: jsdom
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: jest-puppeteer
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: webpack-dev-middleware
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@storybook/addon-storyshots"
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@storybook/react"
  dependency-type: direct:development
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 13, 2024
@dependabot dependabot bot mentioned this pull request May 13, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants