Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm_and_yarn group across 2 directories with 5 updates #49

Closed
wants to merge 1 commit into from
Closed

Bump the npm_and_yarn group across 2 directories with 5 updates #49

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 16, 2024

Bumps the npm_and_yarn group with 2 updates in the /. directory: axios and vite.
Bumps the npm_and_yarn group with 2 updates in the /cf-tsdocs-worker directory: miniflare and wrangler.

Updates axios from 1.6.5 to 1.6.6

Release notes

Sourced from axios's releases.

Release v1.6.6

Release notes:

Bug Fixes

  • fixed missed dispatchBeforeRedirect argument (#5778) (a1938ff)
  • wrap errors to improve async stack trace (#5987) (123f354)

Contributors to this release

Changelog

Sourced from axios's changelog.

1.6.6 (2024-01-24)

Bug Fixes

  • fixed missed dispatchBeforeRedirect argument (#5778) (a1938ff)
  • wrap errors to improve async stack trace (#5987) (123f354)

Contributors to this release

Commits

Updates vite from 5.0.10 to 5.0.12

Changelog

Sourced from vite's changelog.

5.0.12 (2024-01-19)

5.0.11 (2024-01-05)

Commits
  • ee81e19 release: v5.0.12
  • 91641c4 fix: fs deny for case insensitive systems (#15653)
  • ef89f80 fix: await configResolved hooks of worker plugins (#15597) (#15605)
  • b44c493 release: v5.0.11
  • d2aa096 fix: inject __vite__mapDeps code before sourcemap file comment (#15483)
  • 2a540ee chore(deps): update tj-actions/changed-files action to v41 (#15476)
  • 5ea9edb fix(html): handle offset magic-string slice error (#15435)
  • 49d21fe chore(deps): update dependency strip-literal to v2 (#15475)
  • 8de7bd2 fix(assets): avoid splitting , inside base64 value of srcset attribute (#...
  • 19e3c9a fix: don't pretransform classic script links (#15361)
  • See full diff in compare view

Updates miniflare from 3.20231025.0 to 3.20240129.2

Release notes

Sourced from miniflare's releases.

miniflare@3.20240129.2

Patch Changes

  • #4950 05360e43 Thanks @​petebacondarwin! - fix: ensure we do not rewrite external Origin headers in wrangler dev

    In cloudflare/workers-sdk#4812 we tried to fix the Origin headers to match the Host header but were overzealous and rewrote Origin headers for external origins (outside of the proxy server's origin).

    This is now fixed, and moreover we rewrite any headers that refer to the proxy server on the request with the configured host and vice versa on the response.

    This should ensure that CORS is not broken in browsers when a different host is being simulated based on routes in the Wrangler configuration.

miniflare@3.20240129.1

Minor Changes

  • #4905 148feff6 Thanks @​dario-piotrowicz! - feature: add a getCf method to Miniflare instances

    add a new getCf method attached to instances of Miniflare, this getCf returns the cf object that the Miniflare instance provides to the actual workers and it depends of the core option of the same name

    Example:

    import { Miniflare } from "miniflare";
const mf = new Miniflare({ ... });
const cf = await mf.getCf();
console.log(country = ${cf.country} ; colo = ${cf.colo}); // logs 'country = GB ; colo = LHR'

miniflare@3.20240129.0

Minor Changes

  • #4873 1e424ff2 Thanks @​dom96! - feature: implemented basic Python support

    Here is an example showing how to construct a MiniFlare instance with a Python module:

    const mf = new Miniflare({
	modules: [
		{
			type: "PythonModule",
			path: "index",
			contents:
				"from js import Response;\ndef fetch(request):\n  return Response.new('hello')",
		},
	],
	compatibilityFlags: ["experimental"],

... (truncated)

Changelog

Sourced from miniflare's changelog.

3.20240129.2

Patch Changes

  • #4950 05360e43 Thanks @​petebacondarwin! - fix: ensure we do not rewrite external Origin headers in wrangler dev

    In cloudflare/workers-sdk#4812 we tried to fix the Origin headers to match the Host header but were overzealous and rewrote Origin headers for external origins (outside of the proxy server's origin).

    This is now fixed, and moreover we rewrite any headers that refer to the proxy server on the request with the configured host and vice versa on the response.

    This should ensure that CORS is not broken in browsers when a different host is being simulated based on routes in the Wrangler configuration.

3.20240129.1

Minor Changes

  • #4905 148feff6 Thanks @​dario-piotrowicz! - feature: add a getCf method to Miniflare instances

    add a new getCf method attached to instances of Miniflare, this getCf returns the cf object that the Miniflare instance provides to the actual workers and it depends of the core option of the same name

    Example:

    import { Miniflare } from "miniflare";
const mf = new Miniflare({ ... });
const cf = await mf.getCf();
console.log(country = ${cf.country} ; colo = ${cf.colo}); // logs 'country = GB ; colo = LHR'

3.20240129.0

Minor Changes

  • #4873 1e424ff2 Thanks @​dom96! - feature: implemented basic Python support

    Here is an example showing how to construct a MiniFlare instance with a Python module:

    const mf = new Miniflare({
	modules: [
		{
			type: "PythonModule",
			path: "index",
			contents:
				"from js import Response;\ndef fetch(request):\n  return Response.new('hello')",

... (truncated)

Commits

Updates wrangler from 3.15.0 to 3.28.2

Release notes

Sourced from wrangler's releases.

wrangler@3.28.2

Patch Changes

  • #4950 05360e43 Thanks @​petebacondarwin! - fix: ensure we do not rewrite external Origin headers in wrangler dev

    In cloudflare/workers-sdk#4812 we tried to fix the Origin headers to match the Host header but were overzealous and rewrote Origin headers for external origins (outside of the proxy server's origin).

    This is now fixed, and moreover we rewrite any headers that refer to the proxy server on the request with the configured host and vice versa on the response.

    This should ensure that CORS is not broken in browsers when a different host is being simulated based on routes in the Wrangler configuration.

  • #4997 bfeefe27 Thanks @​dario-piotrowicz! - chore: add missing defineNavigatorUserAgent dependency to useEsbuild hook

  • #4966 36692326 Thanks @​penalosa! - fix: Report Custom Build failures as UserErrors

  • #5002 315a651b Thanks @​dario-piotrowicz! - chore: rename getBindingsProxy to getPlatformProxy

    initially getBindingsProxy was supposed to only provide proxies for bindings, the utility has however grown, including now cf, ctx and caches, to clarify the increased scope the utility is getting renamed to getPlatformProxy and its bindings field is getting renamed env

    note: getBindingProxy with its signature is still kept available, making this a non breaking change

  • Updated dependencies [05360e43]:

    • miniflare@3.20240129.2

wrangler@3.28.1

Patch Changes

  • #4962 d6585178 Thanks @​mrbbot! - fix: ensure wrangler dev can reload without crashing when importing node:* modules

    The previous Wrangler release introduced a regression that caused reloads to fail when importing node:* modules. This change fixes that, and ensures these modules can always be resolved.

  • #4951 ffafe8ad Thanks @​nora-soderlund! - fix: D1 batch splitting to handle CASE as compound statement starts

wrangler@3.28.0

Minor Changes

  • #4499 cf9c029b Thanks @​penalosa! - feat: Support runtime-agnostic polyfills

    Previously, Wrangler treated any imports of node:* modules as build-time errors (unless one of the two Node.js compatibility modes was enabled). This is sometimes overly aggressive, since those imports are often not hit at runtime (for instance, it was impossible to write a library that worked across Node.JS and Workers, using Node packages only when running in Node). Here's an example of a function that would cause Wrangler to fail to build:

    export function randomBytes(length: number) {

... (truncated)

Changelog

Sourced from wrangler's changelog.

3.28.2

Patch Changes

  • #4950 05360e43 Thanks @​petebacondarwin! - fix: ensure we do not rewrite external Origin headers in wrangler dev

    In cloudflare/workers-sdk#4812 we tried to fix the Origin headers to match the Host header but were overzealous and rewrote Origin headers for external origins (outside of the proxy server's origin).

    This is now fixed, and moreover we rewrite any headers that refer to the proxy server on the request with the configured host and vice versa on the response.

    This should ensure that CORS is not broken in browsers when a different host is being simulated based on routes in the Wrangler configuration.

  • #5002 315a651b Thanks @​dario-piotrowicz! - chore: rename getBindingsProxy to getPlatformProxy

    initially getBindingsProxy was supposed to only provide proxies for bindings, the utility has however grown, including now cf, ctx and caches, to clarify the increased scope the utility is getting renamed to getPlatformProxy and its bindings field is getting renamed env

    note: getBindingProxy with its signature is still kept available, making this a non breaking change

  • Updated dependencies [05360e43]:

    • miniflare@3.20240129.2

3.28.1

Patch Changes

  • #4962 d6585178 Thanks @​mrbbot! - fix: ensure wrangler dev can reload without crashing when importing node:* modules

    The previous Wrangler release introduced a regression that caused reloads to fail when importing node:* modules. This change fixes that, and ensures these modules can always be resolved.

3.28.0

Minor Changes

  • #4499 cf9c029b Thanks @​penalosa! - feat: Support runtime-agnostic polyfills

    Previously, Wrangler treated any imports of node:* modules as build-time errors (unless one of the two Node.js compatibility modes was enabled). This is sometimes overly aggressive, since those imports are often not hit at runtime (for instance, it was impossible to write a library that worked across Node.JS and Workers, using Node packages only when running in Node). Here's an example of a function that would cause Wrangler to fail to build:

    export function randomBytes(length: number) {
	if (navigator.userAgent !== "Cloudflare-Workers") {

... (truncated)

Commits
  • 96b18a7 Version Packages (#4964)
  • 315a651 chore: rename getBindingsProxy to getPlatformProxy (#5002)
  • 7ad8ddd chore: bump vite and vitest to latest versions (#4899)
  • bfeefe2 chore: add missing defineNavigatorUserAgent dependency to useEsbuild hook (...
  • 3669232 Ensure custom build failures are marked as user errors (#4966)
  • 593c3aa Update prefixes for e2e tests to cleanup all e2e workers (#4955)
  • 05f8acb Acclimatize kv-asset-handler with workers-sdk
  • 05360e4 fix: ensure we do not rewrite external Origin headers in wrangler dev (#4950)
  • 96c8cfb Version Packages (#4961)
  • d658517 fix: ensure worker reloads when importing node:* modules (#4962)
  • Additional commits viewable in compare view

Updates undici from 5.27.0 to 5.28.3

Release notes

Sourced from undici's releases.

v5.28.3

⚠️ Security Release ⚠️

Fixes:

Full Changelog: nodejs/undici@v5.28.2...v5.28.3

v5.28.2

What's Changed

New Contributors

Full Changelog: nodejs/undici@v5.28.1...v5.28.2

v5.28.1

What's Changed

Full Changelog: nodejs/undici@v5.28.0...v5.28.1

v5.28.0

What's Changed

... (truncated)

Commits

Updates wrangler from 3.15.0 to 3.28.2

Release notes

Sourced from wrangler's releases.

wrangler@3.28.2

Patch Changes

  • #4950 05360e43 Thanks @​petebacondarwin! - fix: ensure we do not rewrite external Origin headers in wrangler dev

    In cloudflare/workers-sdk#4812 we tried to fix the Origin headers to match the Host header but were overzealous and rewrote Origin headers for external origins (outside of the proxy server's origin).

    This is now fixed, and moreover we rewrite any headers that refer to the proxy server on the request with the configured host and vice versa on the response.

    This should ensure that CORS is not broken in browsers when a different host is being simulated based on routes in the Wrangler configuration.

  • #4997 bfeefe27 Thanks @​dario-piotrowicz! - chore: add missing defineNavigatorUserAgent dependency to useEsbuild hook

  • #4966 36692326 Thanks @​penalosa! - fix: Report Custom Build failures as UserErrors

  • #5002 315a651b Thanks @​dario-piotrowicz! - chore: rename getBindingsProxy to getPlatformProxy

    initially getBindingsProxy was supposed to only provide proxies for bindings, the utility has however grown, including now cf, ctx and caches, to clarify the increased scope the utility is getting renamed to getPlatformProxy and its bindings field is getting renamed env

    note: getBindingProxy with its signature is still kept available, making this a non breaking change

  • Updated dependencies [05360e43]:

    • miniflare@3.20240129.2

wrangler@3.28.1

Patch Changes

  • #4962 d6585178 Thanks @​mrbbot! - fix: ensure wrangler dev can reload without crashing when importing node:* modules

    The previous Wrangler release introduced a regression that caused reloads to fail when importing node:* modules. This change fixes that, and ensures these modules can always be resolved.

  • #4951 ffafe8ad Thanks @​nora-soderlund! - fix: D1 batch splitting to handle CASE as compound statement starts

wrangler@3.28.0

Minor Changes

  • #4499 cf9c029b Thanks @​penalosa! - feat: Support runtime-agnostic polyfills

    Previously, Wrangler treated any imports of node:* modules as build-time errors (unless one of the two Node.js compatibility modes was enabled). This is sometimes overly aggressive, since those imports are often not hit at runtime (for instance, it was impossible to write a library that worked across Node.JS and Workers, using Node packages only when running in Node). Here's an example of a function that would cause Wrangler to fail to build:

    export function randomBytes(length: number) {

... (truncated)

Changelog

Sourced from wrangler's changelog.

3.28.2

Patch Changes

  • #4950 05360e43 Thanks @​petebacondarwin! - fix: ensure we do not rewrite external Origin headers in wrangler dev

    In cloudflare/workers-sdk#4812 we tried to fix the Origin headers to match the Host header but were overzealous and rewrote Origin headers for external origins (outside of the proxy server's origin).

    This is now fixed, and moreover we rewrite any headers that refer to the proxy server on the request with the configured host and vice versa on the response.

    This should ensure that CORS is not broken in browsers when a different host is being simulated based on routes in the Wrangler configuration.

  • #5002 315a651b Thanks @​dario-piotrowicz! - chore: rename getBindingsProxy to getPlatformProxy

    initially getBindingsProxy was supposed to only provide proxies for bindings, the utility has however grown, including now cf, ctx and caches, to clarify the increased scope the utility is getting renamed to getPlatformProxy and its bindings field is getting renamed env

    note: getBindingProxy with its signature is still kept available, making this a non breaking change

  • Updated dependencies [05360e43]:

    • miniflare@3.20240129.2

3.28.1

Patch Changes

  • #4962 d6585178 Thanks @​mrbbot! - fix: ensure wrangler dev can reload without crashing when importing node:* modules

    The previous Wrangler release introduced a regression that caused reloads to fail when importing node:* modules. This change fixes that, and ensures these modules can always be resolved.

3.28.0

Minor Changes

  • #4499 cf9c029b Thanks @​penalosa! - feat: Support runtime-agnostic polyfills

    Previously, Wrangler treated any imports of node:* modules as build-time errors (unless one of the two Node.js compatibility modes was enabled). This is sometimes overly aggressive, since those imports are often not hit at runtime (for instance, it was impossible to write a library that worked across Node.JS and Workers, using Node packages only when running in Node). Here's an example of a function that would cause Wrangler to fail to build:

    export function randomBytes(length: number) {
	if (navigator.userAgent !== "Cloudflare-Workers") {

... (truncated)

Commits
  • 96b18a7 Version Packages (#4964)
  • 315a651 chore: rename getBindingsProxy to getPlatformProxy (#5002)
  • 7ad8ddd chore: bump vite and vitest to latest versions (#4899)
  • bfeefe2 chore: add missing defineNavigatorUserAgent dependency to useEsbuild hook (...
  • 3669232 Ensure custom build failures are marked as user errors (#4966)
  • 593c3aa Update prefixes for e2e tests to cleanup all e2e workers (#4955)
  • 05f8acb Acclimatize kv-asset-handler with workers-sdk
  • 05360e4 fix: ensure we do not rewrite external Origin headers in wrangler dev (#4950)
  • 96c8cfb Version Packages (#4961)
  • d658517 fix: ensure worker reloads when importing node:* modules (#4962)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group across 2 directories with 5 updates
659e370 
Bumps the npm_and_yarn group with 2 updates in the /. directory: [axios](https://github.com/axios/axios) and [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).
Bumps the npm_and_yarn group with 2 updates in the /cf-tsdocs-worker directory: [miniflare](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare) and [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler).


Updates `axios` from 1.6.5 to 1.6.6
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.6.5...v1.6.6)

Updates `vite` from 5.0.10 to 5.0.12
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v5.0.12/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.0.12/packages/vite)

Updates `miniflare` from 3.20231025.0 to 3.20240129.2
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Changelog](https://github.com/cloudflare/workers-sdk/blob/main/packages/miniflare/CHANGELOG.md)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/miniflare@3.20240129.2/packages/miniflare)

Updates `wrangler` from 3.15.0 to 3.28.2
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Changelog](https://github.com/cloudflare/workers-sdk/blob/main/packages/wrangler/CHANGELOG.md)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@3.28.2/packages/wrangler)

Updates `undici` from 5.27.0 to 5.28.3
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v5.27.0...v5.28.3)

Updates `wrangler` from 3.15.0 to 3.28.2
- [Release notes](https://github.com/cloudflare/workers-sdk/releases)
- [Changelog](https://github.com/cloudflare/workers-sdk/blob/main/packages/wrangler/CHANGELOG.md)
- [Commits](https://github.com/cloudflare/workers-sdk/commits/wrangler@3.28.2/packages/wrangler)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: vite
  dependency-type: direct:production
  dependency-group: npm_and_yarn-security-group
- dependency-name: miniflare
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: wrangler
  dependency-type: direct:development
  dependency-group: npm_and_yarn-security-group
- dependency-name: undici
  dependency-type: indirect
  dependency-group: npm_and_yarn-security-group
- dependency-name: wrangler
  dependency-type: direct:development
  dependency-group: npm_and_yarn-security-group
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 16, 2024
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 21, 2024

Superseded by #51.

@dependabot dependabot bot closed this Feb 21, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/npm_and_yarn-security-group-4051e28328 branch February 21, 2024 15:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants