Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump tough-cookie, @angular-devkit/build-angular and ng-packagr in /angular #1111

Closed
wants to merge 1 commit into from
Closed

Bump tough-cookie, @angular-devkit/build-angular and ng-packagr in /angular #1111

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 15, 2023
edited
Loading

Bumps tough-cookie to 4.1.3 and updates ancestor dependencies tough-cookie, @angular-devkit/build-angular and ng-packagr. These dependencies need to be updated together.

Updates tough-cookie from 2.5.0 to 4.1.3

Release notes

Sourced from tough-cookie's releases.

4.1.3

Security fix for Prototype Pollution discovery in #282. This is a minor release, although output from the inspect utility is affected by this change, we felt this change was important enough to be pushed into the next patch.

4.1.2 -- Patch and Bugfix Release

What's Changed

Full Changelog: salesforce/tough-cookie@v4.1.1...v4.1.2

4.1.1

Patch Release

What's Changed

Full Changelog: salesforce/tough-cookie@v4.1.0...v4.1.1

4.1.0

v4.1.0

Minor release, focused mainly on resolving reported issues and some minor feature work.

What's Changed

... (truncated)

Commits
  • 4ff4d29 4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)
  • 12d4747 Prevent prototype pollution in cookie memstore (#283)
  • f06b72d Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...
  • b1a8898 fix: allow set cookies with localhost (#253)
  • ec70796 4.1.1 Patch -- allow special use domains by default (#250)
  • d4ac580 fix: allow special use domains by default (#249)
  • 79c2f7d 4.1.0 release to NPM (#245)
  • 4fafc17 Prepare tough-cookie 4.1 for publishing (updated GitHub actions, move Dockerf...
  • aa4396d fix: distinguish between no samesite and samesite=none (#240)
  • b8d7511 Modernize README (#234)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by awaterma, a new releaser for tough-cookie since your current version.


Updates @angular-devkit/build-angular from 0.13.10 to 16.2.2

Release notes

Sourced from @​angular-devkit/build-angular's releases.

v16.2.2

16.2.2 (2023-09-13)

@​angular-devkit/build-angular

Commit Description
fix - e3a40a49a support dev server proxy pathRewrite field in Vite-based server

v16.2.1

16.2.1 (2023-08-30)

@​angular-devkit/build-angular

Commit Description
fix - 221ab2483 display warning when using resourcesOutputPath with esbuild builder
fix - fe752ad87 encode Sass package resolve directories in importer URLs
fix - 82b0f94fd handle HMR updates of global CSS when using Vite
fix - 6a48a11b8 update vite to be able to serve app-shell and SSG pages
fix - fdb16f7cd use correct type for extraEntryPoints

v16.2.0

16.2.0 (2023-08-09)

@​angular-devkit/build-angular

Commit Description
feat - e6b377436 add ssr option in application builder
feat - c05c83be7 add initial application builder implementation
feat - 095f5aba6 add initial support for server bundle generation using esbuild
feat - cb165a75d add pre-rendering (SSG) and App-shell support generation to application builder
feat - 2a3fc6846 add preload hints based on transitive initial files
feat - 099cec758 add support for serving SSR with dev-server when using the application builder
fix - 449e21b3a correctly load dev server assets with vite 4.4.0+
fix - f42f10135 ensure preload hints for external stylesheets are marked as styles
fix - 7defb3635 ensure that server dependencies are loaded also in ssr entrypoint
fix - 05f31bd28 prevent race condition in setting up sass worker pool
fix - 5048f6e82 Set chunk names explicitly
perf - 974748cdf filter postcss usage based on content in esbuild builder
perf - 61a652d91 inject Sass import/use directive importer information when resolving
perf - a0a2c7aef only load browserslist in babel preset if needed
perf - 6bfd1800e use in-memory Sass module resolution cache

v16.2.0-rc.1

16.2.0-rc.1 (2023-08-04)

@​angular-devkit/build-angular

Commit Description
fix - 05f31bd28 prevent race condition in setting up sass worker pool
fix - 192326a8 build: update critters

... (truncated)

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

16.2.2 (2023-09-13)

@​angular-devkit/build-angular

Commit Type Description
e3a40a49a fix support dev server proxy pathRewrite field in Vite-based server

17.0.0-next.3 (2023-09-07)

Breaking Changes

@​angular-devkit/schematics

  • deprecated runExternalSchematicAsync and runSchematicAsync methods have been removed in favor of runExternalSchematic and runSchematic.

@​angular-devkit/build-angular

Commit Type Description
6b08efa6f fix account for arrow function IIFE
188a00f3e fix elide setClassMetadataAsync calls

@​angular-devkit/schematics

Commit Type Description
f600bbc97 refactor remove deprecated runExternalSchematicAsync and runSchematicAsync

@​ngtools/webpack

Commit Type Description
4fe03266a fix account for arrow function IIFE
89f21ac8c fix remove setClassMetadataAsync calls

17.0.0-next.2 (2023-09-06)

Release tooling failed part way through the publish process, some packages were not published. Do not use this version.

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by google-wombot, a new releaser for @​angular-devkit/build-angular since your current version.


Updates ng-packagr from 4.7.1 to 16.2.3

Release notes

Sourced from ng-packagr's releases.

16.2.3

Bug Fixes

  • emit .tsbuildinfo when cache mode is enabled (2a0ee90), closes #2682

16.2.2

Bug Fixes

  • watch mode not emitted transformed DTS files (a799883), closes #2664

16.2.1

Bug Fixes

16.2.0

Bug Fixes

  • no provider for InjectionToken ng.v5.defaultTsConfig (6652727)

16.2.0-next.1

Bug Fixes

  • no provider for InjectionToken ng.v5.defaultTsConfig (6652727)

16.1.0

Features

  • support TypeScript 5.1 (fcc0c6a)
  • support incremental TypeScript semantic diagnostics (d3b9488)

Bug Fixes

  • allow usages of ECMAScript Decorators (9abe6a0), closes #2625

16.1.0-next.0

Features

... (truncated)

Changelog

Sourced from ng-packagr's changelog.

16.2.3 (2023-09-07)

Bug Fixes

  • emit .tsbuildinfo when cache mode is enabled (2a0ee90), closes #2682

16.2.2 (2023-08-29)

Bug Fixes

  • watch mode not emitted transformed DTS files (a799883), closes #2664

16.2.1 (2023-08-23)

Bug Fixes

16.2.0 (2023-08-09)

16.2.0-next.1 (2023-07-11)

Bug Fixes

  • no provider for InjectionToken ng.v5.defaultTsConfig (6652727)

16.2.0-next.0 (2023-06-28)

Features

  • add support for Angular 16.2.0 (3c1072e)

16.1.0 (2023-06-13)

Features

  • support TypeScript 5.1 (fcc0c6a)
  • support incremental TypeScript semantic diagnostics (d3b9488)

Bug Fixes

  • allow usages of ECMAScript Decorators (9abe6a0), closes #2625

... (truncated)

Commits
  • 40c4082 release: cut 16.2.3
  • 2a0ee90 fix: emit .tsbuildinfo when cache mode is enabled
  • e9d8608 release: cut 16.2.2
  • a799883 fix: watch mode not emitted transformed DTS files
  • 8edb94f build: update dependency eslint to v8.48.0
  • ee4fd63 release: cut 16.2.1
  • 24fa68b fix: do not set less math option
  • 2d4638a build: update dependency eslint-plugin-import to v2.28.1
  • 7a8f711 build: update dependency cacache to v18
  • b7e9327 build: update angular to ~16.2.0
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by alan.agius4, a new releaser for ng-packagr since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Sep 15, 2023
@dependabot
Bump tough-cookie, @angular-devkit/build-angular and ng-packagr
c7f79b1 
Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) to 4.1.3 and updates ancestor dependencies [tough-cookie](https://github.com/salesforce/tough-cookie), [@angular-devkit/build-angular](https://github.com/angular/angular-cli) and [ng-packagr](https://github.com/ng-packagr/ng-packagr). These dependencies need to be updated together.


Updates `tough-cookie` from 2.5.0 to 4.1.3
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v2.5.0...v4.1.3)

Updates `@angular-devkit/build-angular` from 0.13.10 to 16.2.2
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Changelog](https://github.com/angular/angular-cli/blob/main/CHANGELOG.md)
- [Commits](https://github.com/angular/angular-cli/commits/16.2.2)

Updates `ng-packagr` from 4.7.1 to 16.2.3
- [Release notes](https://github.com/ng-packagr/ng-packagr/releases)
- [Changelog](https://github.com/ng-packagr/ng-packagr/blob/16.2.3/CHANGELOG.md)
- [Commits](ng-packagr/ng-packagr@v4.7.1...16.2.3)

---
updated-dependencies:
- dependency-name: tough-cookie
  dependency-type: indirect
- dependency-name: "@angular-devkit/build-angular"
  dependency-type: direct:development
- dependency-name: ng-packagr
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/angular/tough-cookie-and-angular-devkit/build-angular-and-ng-packagr-4.1.3 branch from 52b0d51 to c7f79b1 Compare October 12, 2023 18:15
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 18, 2024

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/npm_and_yarn/angular/tough-cookie-and-angular-devkit/build-angular-and-ng-packagr-4.1.3 branch January 18, 2024 15:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file Frontend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@LocalNewsTV