Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump the npm-dependencies group with 9 updates #102

Closed
wants to merge 1 commit into from
Closed

build(deps): bump the npm-dependencies group with 9 updates #102

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 13, 2023
edited
Loading

Bumps the npm-dependencies group with 9 updates:

Package From To
@sentry/vue 7.75.1 7.80.0
axios 1.5.1 1.6.1
core-js 3.33.1 3.33.2
esp-web-tools 9.4.0 9.4.1
vue 3.3.7 3.3.8
@babel/core 7.23.2 7.23.3
@babel/preset-env 7.23.2 7.23.3
sass 1.69.4 1.69.5
vue-loader 17.3.0 17.3.1

Updates @sentry/vue from 7.75.1 to 7.80.0

Release notes

Sourced from @​sentry/vue's releases.

7.80.0

  • feat(astro): Add distributed tracing via <meta> tags (#9483)
  • feat(node): Capture internal server errors in trpc middleware (#9482)
  • feat(remix): Export a type to use for MetaFunction parameters (#9493)
  • fix(astro): Mark SDK package as Astro-external (#9509)
  • ref(nextjs): Don't initialize Server SDK during build (#9503)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 65.25 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 55.49 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 30.98 KB
@​sentry/browser - Webpack (gzipped) 21.3 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 61.83 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 29.1 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 21.24 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 194.91 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 88.32 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 63.3 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 31.81 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 65.61 KB
@​sentry/react - Webpack (gzipped) 21.34 KB
@​sentry/nextjs Client (incl. Tracing, Replay) - Webpack (gzipped) 82.35 KB
@​sentry/nextjs Client - Webpack (gzipped) 48.13 KB
@​sentry-internal/feedback - Webpack (gzipped) 15.98 KB

7.79.0

  • feat(tracing): Add span origin to trace context (#9472)
  • fix(deno): Emit .mjs files (#9485)
  • fix(nextjs): Flush servercomponent events for edge (#9487)

Bundle size 📦

Path Size
@​sentry/browser (incl. Tracing, Replay) - Webpack (gzipped) 65.24 KB
@​sentry/browser (incl. Tracing, Replay) - Webpack with treeshaking flags (gzipped) 55.49 KB
@​sentry/browser (incl. Tracing) - Webpack (gzipped) 30.98 KB
@​sentry/browser - Webpack (gzipped) 21.3 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (gzipped) 61.82 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (gzipped) 29.09 KB
@​sentry/browser - ES6 CDN Bundle (gzipped) 21.23 KB
@​sentry/browser (incl. Tracing, Replay) - ES6 CDN Bundle (minified & uncompressed) 194.89 KB
@​sentry/browser (incl. Tracing) - ES6 CDN Bundle (minified & uncompressed) 88.3 KB
@​sentry/browser - ES6 CDN Bundle (minified & uncompressed) 63.28 KB
@​sentry/browser (incl. Tracing) - ES5 CDN Bundle (gzipped) 31.8 KB
@​sentry/react (incl. Tracing, Replay) - Webpack (gzipped) 65.61 KB
@​sentry/react - Webpack (gzipped) 21.34 KB

... (truncated)

Changelog

Sourced from @​sentry/vue's changelog.

7.80.0

  • feat(astro): Add distributed tracing via <meta> tags (#9483)
  • feat(node): Capture internal server errors in trpc middleware (#9482)
  • feat(remix): Export a type to use for MetaFunction parameters (#9493)
  • fix(astro): Mark SDK package as Astro-external (#9509)
  • ref(nextjs): Don't initialize Server SDK during build (#9503)

7.79.0

  • feat(tracing): Add span origin to trace context (#9472)
  • fix(deno): Emit .mjs files (#9485)
  • fix(nextjs): Flush servercomponent events for edge (#9487)

7.78.0

Important Changes

  • Replay Bundle Size improvements

We've dramatically decreased the bundle size of our Replay package, reducing the minified & gzipped bundle size by ~20 KB! This was possible by extensive use of tree shaking and a host of small changes to reduce our footprint:

  • feat(replay): Update rrweb to 2.2.0 (#9414)
  • ref(replay): Use fflate instead of pako for compression (#9436)

By using tree shaking it is possible to shave up to 10 additional KB off the bundle.

Other Changes

  • feat(astro): Add Sentry middleware (#9445)
  • feat(feedback): Add "outline focus" and "foreground hover" vars (#9462)
  • feat(feedback): Add openDialog and closeDialog onto integration interface (#9464)
  • feat(feedback): Implement new user feedback embeddable widget (#9217)
  • feat(nextjs): Add automatic sourcemapping for edge part of the SDK (#9454)
  • feat(nextjs): Add client routing instrumentation for app router (#9446)
  • feat(node-experimental): Add hapi tracing support (#9449)
  • feat(replay): Allow to configure beforeErrorSampling (#9470)
  • feat(replay): Stop fixing truncated JSONs in SDK (#9437)
  • fix(nextjs): Fix sourcemaps resolving for local dev when basePath is set (#9457)
  • fix(nextjs): Only inject basepath in dev mode (#9465)
  • fix(replay): Ensure we stop for rate limit headers (#9420)
  • ref(feedback): Add treeshaking for logger statements (#9475)
  • ref(replay): Use rrweb for slow click detection (#9408)
  • build(polyfills): Remove output format specific logic (#9467)

7.77.0

Security Fixes

... (truncated)

Commits
  • c9fd9ca release: 7.80.0
  • 2789420 Merge pull request #9510 from getsentry/prepare-release/7.80.0
  • e0a9d58 meta: Update changelog for 7.80.0
  • 4fc2e7e feat(astro): Add distributed tracing via \<meta> tags (#9483)
  • ab39b26 fix(astro): Mark SDK package as Astro-external (#9509)
  • 061fe5a ref(nextjs): Don't initialize Server SDK during build (#9503)
  • b531549 feat(remix): Export a type to use for MetaFunction parameters (#9493)
  • 8b84905 feat(node): Capture internal server errors in trpc middleware (#9482)
  • be44a21 test(e2e): Increase polling timeout from 30 to 90 seconds (#9491)
  • db5ce41 doc(astro): Update middleware documentation (#9502)
  • Additional commits viewable in compare view

Updates axios from 1.5.1 to 1.6.1

Release notes

Sourced from axios's releases.

Release v1.6.1

Release notes:

Bug Fixes

  • formdata: fixed content-type header normalization for non-standard browser environments; (#6056) (dd465ab)
  • platform: fixed emulated browser detection in node.js environment; (#6055) (3dc8369)

Contributors to this release

Release v1.6.0

Release notes:

Bug Fixes

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Contributors to this release

Changelog

Sourced from axios's changelog.

1.6.1 (2023-11-08)

Bug Fixes

  • formdata: fixed content-type header normalization for non-standard browser environments; (#6056) (dd465ab)
  • platform: fixed emulated browser detection in node.js environment; (#6055) (3dc8369)

Contributors to this release

1.6.0 (2023-10-26)

Bug Fixes

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Contributors to this release

Commits
  • f6d2cf9 chore(ci): fix publish action content permission; (#6061)
  • a22f4b9 chore(release): v1.6.1 (#6060)
  • cb8bb2b chore(ci): Publish to NPM with provenance (#5835)
  • 37cbf92 chore(ci): added labeling and notification for published PRs; (#6059)
  • dd465ab fix(formdata): fixed content-type header normalization for non-standard brows...
  • 3dc8369 fix(platform): fixed emulated browser detection in node.js environment; (#6055)
  • f7adacd chore(release): v1.6.0 (#6031)
  • 9917e67 chore(ci): fix release-it arg; (#6032)
  • 96ee232 fix(CSRF): fixed CSRF vulnerability CVE-2023-45857 (#6028)
  • 7d45ab2 chore(tests): fixed tests to pass in node v19 and v20 with keep-alive enabl...
  • Additional commits viewable in compare view

Updates core-js from 3.33.1 to 3.33.2

Changelog

Sourced from core-js's changelog.

3.33.2 - 2023.10.31
  • Simplified structuredClone polyfill, avoided second tree pass in cases of transferring
  • Added support of SuppressedError to structuredClone polyfill
  • Removed unspecified unnecessary ArrayBuffer and DataView dependencies of structuredClone lack of which could cause errors in some entries in IE10-
  • Fixed handling of fractional number part in Number.fromString
  • Compat data improvements:
Commits
  • 7cbd6b5 3.33.2
  • ffc6984 temporarily drop unspecified special cases from Number.fromString before cl...
  • f7b095e fix handling of fractional number part and some special cases in `Number.from...
  • 55cd424 adapt get-built-in-prototype-method helper for some future use cases
  • effda0c drop an extra method name
  • d6f71d1 add support of SuppressedError to structuredClone polyfill and simplify it
  • c6ea9f7 simplify structuredClone polyfill, avoid second tree pass in cases of trans...
  • 65e9213 remove unspecified unnecessary ArrayBuffer and DataView dependencies of `...
  • See full diff in compare view

Updates esp-web-tools from 9.4.0 to 9.4.1

Release notes

Sourced from esp-web-tools's releases.

9.4.1

What's Changed

Dependencies

Commits

Updates vue from 3.3.7 to 3.3.8

Release notes

Sourced from vue's releases.

v3.3.8

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vue's changelog.

3.3.8 (2023-11-06)

Bug Fixes

  • compile-sfc: support Error type in defineProps (#5955) (a989345)
  • compiler-core: known global should be shadowed by local variables in expression rewrite (#9492) (a75d1c5), closes #9482
  • compiler-sfc: fix dynamic directive arguments usage check for slots (#9495) (b39fa1f), closes #9493
  • deps: update dependency @​vue/repl to ^2.6.2 (#9536) (5cef325)
  • deps: update dependency @​vue/repl to ^2.6.3 (#9540) (176d590)
  • hydration: fix tagName access eeror on comment/text node hydration mismatch (dd8a0cf), closes #9531
  • types: avoid exposing lru-cache types in generated dts (462aeb3), closes #9521
  • warn: avoid warning on empty children with Suspense (#3962) (405f345)
Commits
  • bc58469 release: v3.3.8
  • 2f8c769 chore: delete unrelated test case
  • dd8a0cf fix(hydration): fix tagName access eeror on comment/text node hydration mismatch
  • 405f345 fix(warn): avoid warning on empty children with Suspense (#3962)
  • b39fa1f fix(compiler-sfc): fix dynamic directive arguments usage check for slots (#9495)
  • 462aeb3 fix(types): avoid exposing lru-cache types in generated dts
  • 32bdc5d chore: typo [skip ci]
  • 176d590 fix(deps): update dependency @​vue/repl to ^2.6.3 (#9540)
  • 4a88b71 chore: add maintenance handbook
  • 5cef325 fix(deps): update dependency @​vue/repl to ^2.6.2 (#9536)
  • Additional commits viewable in compare view

Updates @babel/core from 7.23.2 to 7.23.3

Release notes

Sourced from @​babel/core's releases.

v7.23.3 (2023-11-09)

🐛 Bug Fix

  • babel-plugin-transform-typescript
  • babel-generator
  • babel-compat-data, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-preset-env
  • babel-plugin-transform-object-super
  • babel-helper-module-transforms, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

  • babel-plugin-transform-computed-properties

Committers: 9

Changelog

Sourced from @​babel/core's changelog.

v7.23.3 (2023-11-09)

🐛 Bug Fix

  • babel-plugin-transform-typescript
  • babel-generator
  • babel-compat-data, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-preset-env
  • babel-plugin-transform-object-super
  • babel-helper-module-transforms, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

  • babel-plugin-transform-computed-properties
Commits

Updates @babel/preset-env from 7.23.2 to 7.23.3

Release notes

Sourced from @​babel/preset-env's releases.

v7.23.3 (2023-11-09)

🐛 Bug Fix

  • babel-plugin-transform-typescript
  • babel-generator
  • babel-compat-data, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-preset-env
  • babel-plugin-transform-object-super
  • babel-helper-module-transforms, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

  • babel-plugin-transform-computed-properties

Committers: 9

Changelog

Sourced from @​babel/preset-env's changelog.

v7.23.3 (2023-11-09)

🐛 Bug Fix

  • babel-plugin-transform-typescript
  • babel-generator
  • babel-compat-data, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-preset-env
  • babel-plugin-transform-object-super
  • babel-helper-module-transforms, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

🔬 Output optimization

  • babel-plugin-transform-computed-properties
Commits

Updates sass from 1.69.4 to 1.69.5

Release notes

Sourced from sass's releases.

Dart Sass 1.69.5

To install Sass 1.69.5, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

JS API

  • Compatibility with Node.js 21.0.0.

See the full changelog for changes in earlier releases.

Changelog

Sourced from sass's changelog.

1.69.5

JS API

  • Compatibility with Node.js 21.0.0.
Commits

Updates vue-loader from 17.3.0 to 17.3.1

Release notes

Sourced from vue-loader's releases.

v17.3.1

Bug Fixes

  • do not skip style post loader for v-bind() in non-scoped CSS (d7071bb), closes #2061
Changelog

Sourced from vue-loader's changelog.

17.3.1 (2023-10-31)

Bug Fixes

  • do not skip style post loader for v-bind() in CSS (d7071bb), closes #2061
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the npm-dependencies group with 9 updates
6304532 
Bumps the npm-dependencies group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [@sentry/vue](https://github.com/getsentry/sentry-javascript) | `7.75.1` | `7.80.0` |
| [axios](https://github.com/axios/axios) | `1.5.1` | `1.6.1` |
| [core-js](https://github.com/zloirock/core-js/tree/HEAD/packages/core-js) | `3.33.1` | `3.33.2` |
| [esp-web-tools](https://github.com/esphome/esp-web-tools) | `9.4.0` | `9.4.1` |
| [vue](https://github.com/vuejs/core) | `3.3.7` | `3.3.8` |
| [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) | `7.23.2` | `7.23.3` |
| [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) | `7.23.2` | `7.23.3` |
| [sass](https://github.com/sass/dart-sass) | `1.69.4` | `1.69.5` |
| [vue-loader](https://github.com/vuejs/vue-loader) | `17.3.0` | `17.3.1` |


Updates `@sentry/vue` from 7.75.1 to 7.80.0
- [Release notes](https://github.com/getsentry/sentry-javascript/releases)
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md)
- [Commits](getsentry/sentry-javascript@7.75.1...7.80.0)

Updates `axios` from 1.5.1 to 1.6.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.5.1...v1.6.1)

Updates `core-js` from 3.33.1 to 3.33.2
- [Release notes](https://github.com/zloirock/core-js/releases)
- [Changelog](https://github.com/zloirock/core-js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zloirock/core-js/commits/v3.33.2/packages/core-js)

Updates `esp-web-tools` from 9.4.0 to 9.4.1
- [Release notes](https://github.com/esphome/esp-web-tools/releases)
- [Commits](esphome/esp-web-tools@9.4.0...9.4.1)

Updates `vue` from 3.3.7 to 3.3.8
- [Release notes](https://github.com/vuejs/core/releases)
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md)
- [Commits](vuejs/core@v3.3.7...v3.3.8)

Updates `@babel/core` from 7.23.2 to 7.23.3
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.3/packages/babel-core)

Updates `@babel/preset-env` from 7.23.2 to 7.23.3
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.3/packages/babel-preset-env)

Updates `sass` from 1.69.4 to 1.69.5
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](sass/dart-sass@1.69.4...1.69.5)

Updates `vue-loader` from 17.3.0 to 17.3.1
- [Release notes](https://github.com/vuejs/vue-loader/releases)
- [Changelog](https://github.com/vuejs/vue-loader/blob/main/CHANGELOG.md)
- [Commits](vuejs/vue-loader@v17.3.0...v17.3.1)

---
updated-dependencies:
- dependency-name: "@sentry/vue"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
- dependency-name: core-js
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: esp-web-tools
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: vue
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@babel/core"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@babel/preset-env"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: sass
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: vue-loader
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Nov 13, 2023
This was referenced Nov 13, 2023
Closed
Closed
Closed
Closed
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 20, 2023

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Nov 20, 2023
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/npm-dependencies-e98bce7422 branch November 20, 2023 07:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants