Bump the minor group across 1 directory with 16 updates #1215

dependabot · 2024-12-29T02:19:59Z

Bumps the minor group with 15 updates in the / directory:

Package	From	To
@creit.tech/stellar-wallets-kit	`1.2.5`	`1.4.0`
@stellar/stellar-sdk	`13.0.0`	`13.1.0`
@tanstack/react-query	`5.59.0`	`5.62.11`
@tanstack/react-query-devtools	`5.59.0`	`5.62.11`
dompurify	`3.1.7`	`3.2.3`
@types/dompurify	`3.0.5`	`3.2.0`
html-react-parser	`5.1.18`	`5.2.2`
tslib	`2.7.0`	`2.8.1`
zustand-querystring	`0.0.19`	`0.1.0`
@playwright/test	`1.47.2`	`1.49.1`
@types/node	`22.7.4`	`22.10.2`
lint-staged	`15.2.10`	`15.3.0`
prettier	`3.3.3`	`3.4.2`
sass	`1.79.4`	`1.83.0`
typescript	`5.6.2`	`5.7.2`

Updates @creit.tech/stellar-wallets-kit from 1.2.5 to 1.4.0

Release notes

Sourced from @creit.tech/stellar-wallets-kit's releases.

v1.4.0

1.4.0 (2024-12-20)

Add

Add Trezor wallets support

Update the returned value from the openAccountSelector method in the Ledger module.

v1.3.0

1.3.0 (2024-12-05)

Add

Add Ledger wallets support

Add new "account selector" component which can be used by wallets based on mnemonic phrases or similar (for example hardware wallets)

Merge PR #48 - Add signMessage support for Hana wallet

Changelog

Sourced from @creit.tech/stellar-wallets-kit's changelog.

1.4.0 (2024-12-20)

Add

Add Trezor wallets support

Update the returned value from the openAccountSelector method in the Ledger module.

1.3.0 (2024-12-05)

Add

Add Ledger wallets support

Add new "account selector" component which can be used by wallets based on mnemonic phrases or similar (for example hardware wallets)

Merge PR #48 - Add signMessage support for Hana wallet

Commits

2d88524 Upgrade to 1.4.0
5c127a3 Add new TrezorModule and update Ledger returned value from the `openAccountSe...
97dbed6 Upgrade to 1.3.0
25ba71f Merge branch 'feature/ledger-module'
df4b109 Merge remote-tracking branch 'origin/main'
397ed62 Add ledger module
62c9c4d Merge pull request #48 from Hana-Technology/hana-wallet-sign-message
6f460b3 Added signMessage support for Hana
See full diff in compare view

Updates @stellar/stellar-sdk from 13.0.0 to 13.1.0

Release notes

Sourced from @stellar/stellar-sdk's releases.

v13.1.0

v13.1.0

Added

Added Horizon.Server.root to obtain information from the Horizon root endpoint (#1122).

Fixed

When using a friendbot that points to a Horizon instance that has ledger metadata disabled, you can no longer extract the account sequence from the response. Instead, we hit RPC directly (#1107).

rpc.Server.getEvents() now correctly returns the cursor field at the top-level response (#1124).

Contributors

@Shaptic, @overcat

@nnsW3 made their first contribution in stellar/js-stellar-sdk#1083

Full Changelog: stellar/js-stellar-sdk@v13.0.0...v13.1.0

Changelog

Sourced from @stellar/stellar-sdk's changelog.

v13.1.0

Added

Added Horizon.Server.root to obtain information from the Horizon root endpoint (#1122).

Fixed

When using a friendbot that points to a Horizon instance that has ledger metadata disabled, you can no longer extract the account sequence from the response. Instead, we hit RPC directly (#1107).

rpc.Server.getEvents() now correctly returns the cursor field at the top-level response (#1124).

Commits

d147768 Prepare v13.1.0 for release (#1123)
548e5c3 Move the cursor field in rpc.Server.getEvents to the right place (#1124)
3988271 Added Horizon.Server.root to obtain information from the Horizon root endpo...
3304995 Fetch metadata via RPC instead of relying on the Friendbot response (#1107)
bb2e5ba Bump the minor-and-patch group across 1 directory with 4 updates (#1111)
25ff204 Fix misc. spelling issues in docs (#1083)
24c5032 Allow npm publish to be run manually (#1105)
83de316 Drop the protocol-22-beta when publishing to npm (#1104)
See full diff in compare view

Updates @tanstack/react-query from 5.59.0 to 5.62.11

Release notes

Sourced from @tanstack/react-query's releases.

v5.62.11

Version 5.62.11 - 12/27/24, 1:15 PM

Changes

Fix

handle react-native resolver (#8478) (7ade233) by @hosseinmd

Packages

@tanstack/react-query@5.62.11

@tanstack/react-query-devtools@5.62.11

@tanstack/react-query-persist-client@5.62.11

@tanstack/react-query-next-experimental@5.62.11

v5.62.10

Version 5.62.10 - 12/24/24, 12:05 PM

Changes

Fix

solid-query: solid query options default error type (#8472) (287848b) by Muhammad Ilham Mubarak

Chore

react-query: update devDeps (#8427) (ee628e1) by Jonghyeon Ko

Docs

contributing: update pnpm version (#8473) (3bc3147) by Muhammad Ilham Mubarak

Packages

@tanstack/react-query@5.62.10

@tanstack/react-query-devtools@5.62.10

@tanstack/react-query-persist-client@5.62.10

@tanstack/react-query-next-experimental@5.62.10

@tanstack/solid-query@5.62.10

@tanstack/solid-query-devtools@5.62.10

@tanstack/solid-query-persist-client@5.62.10

v5.62.9

Version 5.62.9 - 12/23/24, 4:51 PM

Changes

Fix

... (truncated)

Commits

8f72f59 release: v5.62.11
7ade233 fix: handle react-native resolver (#8478)
4f90639 release: v5.62.10
ee628e1 chore(react-query): update devDeps (#8427)
e41ea5a release: v5.62.9
5be3872 chore: update dependencies (#8464)
8a0eb6a release: v5.62.8
4989399 fix(types): fix issues with queryOptions factory method types (#8394)
94e2c77 chore(deps): use stable @types/react version (#8437)
1eebfc9 release: v5.62.7
Additional commits viewable in compare view

Updates @tanstack/react-query-devtools from 5.59.0 to 5.62.11

Release notes

Sourced from @tanstack/react-query-devtools's releases.

v5.62.11

Version 5.62.11 - 12/27/24, 1:15 PM

Changes

Fix

handle react-native resolver (#8478) (7ade233) by @hosseinmd

Packages

@tanstack/react-query@5.62.11

@tanstack/react-query-devtools@5.62.11

@tanstack/react-query-persist-client@5.62.11

@tanstack/react-query-next-experimental@5.62.11

v5.62.10

Version 5.62.10 - 12/24/24, 12:05 PM

Changes

Fix

solid-query: solid query options default error type (#8472) (287848b) by Muhammad Ilham Mubarak

Chore

react-query: update devDeps (#8427) (ee628e1) by Jonghyeon Ko

Docs

contributing: update pnpm version (#8473) (3bc3147) by Muhammad Ilham Mubarak

Packages

@tanstack/react-query@5.62.10

@tanstack/react-query-devtools@5.62.10

@tanstack/react-query-persist-client@5.62.10

@tanstack/react-query-next-experimental@5.62.10

@tanstack/solid-query@5.62.10

@tanstack/solid-query-devtools@5.62.10

@tanstack/solid-query-persist-client@5.62.10

v5.62.9

Version 5.62.9 - 12/23/24, 4:51 PM

Changes

Fix

... (truncated)

Commits

8f72f59 release: v5.62.11
4f90639 release: v5.62.10
ee628e1 chore(react-query): update devDeps (#8427)
e41ea5a release: v5.62.9
5be3872 chore: update dependencies (#8464)
8a0eb6a release: v5.62.8
94e2c77 chore(deps): use stable @types/react version (#8437)
1eebfc9 release: v5.62.7
27ce0b6 chore: examples to react19 (#8408)
d3073c8 release: v5.62.3
Additional commits viewable in compare view

Updates @trezor/connect-web from 9.4.4 to 9.4.7

Commits

See full diff in compare view

Updates dompurify from 3.1.7 to 3.2.3

Release notes

Sourced from dompurify's releases.

DOMPurify 3.2.3

Fixed two conditional sanitizer bypasses discovered by @parrot409 and @Slonser

Updated the attribute clobbering checks to prevent future bypasses, thanks @parrot409

DOMPurify 3.2.2

Fixed a possible bypass in case a rather specific config for custom elements is set, thanks @yaniv-git

Fixed several minor issues with the type definitions, thanks again @reduckted

Fixed a minor issue with the types reference for trusted types, thanks @reduckted

Fixed a minor problem with the template detection regex on some systems, thanks @svdb99

DOMPurify 3.2.1

Fixed several minor issues with the type definitions, thanks @reduckted @ghiscoding @asamuzaK @MiniDigger

Fixed an issue with non-minified dist files and order of imports, thanks @reduckted

DOMPurify 3.2.0

Added type declarations, thanks @reduckted , @philmayfield, @aloisklink, @ssi02014 and others

Fixed a minor issue with the handling of hooks, thanks @kevin-mizu

Commits

f1106aa chore: Preparing 3.2.3 release
9c71e04 fix: Added clobbering check for sanitizeAttribute to prevent an error
c183cd6 fix: Fixed a config-dependent bypass caused by skipped attribute checks, than...
6e76ece fix: Fixed a config-dependent bypass relating to data-attributes, thanks @Slo...
c3879a5 Merge pull request #1041 from CoryHrycko/patch-1
0e1c724 Update tags.ts
8513afd Update README.md
b883b9e Update README.md
3b4b5e9 Merge pull request #1037 from svdb99/main
b9e9087 Fix #1033
Additional commits viewable in compare view

Updates @types/dompurify from 3.0.5 to 3.2.0

Commits

See full diff in compare view

Updates html-react-parser from 5.1.18 to 5.2.2

Release notes

Sourced from html-react-parser's releases.

v5.2.2

5.2.2 (2024-12-25)

Build System

deps: bump html-dom-parser from 5.0.12 to 5.0.13 (#1652) (ff0b897)

v5.2.1

5.2.1 (2024-12-16)

Bug Fixes

package: bump html-dom-parser to 5.0.12 so that \\r isn't escaped (#1642) (a1ef928), closes #1634

v5.2.0

5.2.0 (2024-12-06)

Features

package: add react 19 to package.json peerDependencies (8b6506c), closes #1455 #1501

v5.1.19

5.1.19 (2024-12-04)

Bug Fixes

deps: bump html-dom-parser from 5.0.10 to 5.0.11 (#1623) (f11fa35), closes #864 #1617

Changelog

Sourced from html-react-parser's changelog.

5.2.2 (2024-12-25)

Build System

deps: bump html-dom-parser from 5.0.12 to 5.0.13 (#1652) (ff0b897)

5.2.1 (2024-12-16)

Bug Fixes

package: bump html-dom-parser to 5.0.12 so that \\r isn't escaped (#1642) (a1ef928), closes #1634

5.2.0 (2024-12-06)

Features

package: add react 19 to package.json peerDependencies (8b6506c), closes #1455 #1501

5.1.19 (2024-12-04)

Bug Fixes

deps: bump html-dom-parser from 5.0.10 to 5.0.11 (#1623) (f11fa35), closes #864 #1617

Commits

9e89abc Merge pull request #1653 from remarkablemark/release-please--branches--master...
df83051 chore(master): release 5.2.2
ff0b897 build(deps): bump html-dom-parser from 5.0.12 to 5.0.13 (#1652)
1987ef5 build(deps-dev): bump the typescript-eslint group with 2 updates (#1651)
b551806 build(deps-dev): bump rollup from 4.28.1 to 4.29.1 (#1650)
b362004 build(deps-dev): bump preact from 10.25.2 to 10.25.3 (#1646)
525aef2 build(deps-dev): bump globals from 15.13.0 to 15.14.0 (#1647)
df4408f build(deps-dev): bump the typescript-eslint group with 2 updates (#1645)
2360c28 build(package): correct repository url error
ad1812d Merge pull request #1644 from remarkablemark/release-please--branches--master...
Additional commits viewable in compare view

Updates tslib from 2.7.0 to 2.8.1

Release notes

Sourced from tslib's releases.

v2.8.1

What's Changed

Fix publish workflow by @andrewbranch in microsoft/tslib#271

Include non-enumerable keys in __importStar helper by @rbuckton in microsoft/tslib#272

Remove use of ES2015 syntax by @andrewbranch in microsoft/tslib#275

Full Changelog: microsoft/tslib@v2.8.0...v2.8.1

v2.8.0

What's Changed

Validate export structure of every entrypoint by @andrewbranch in microsoft/tslib#269

Add rewriteRelativeImportExtension helper by @andrewbranch in microsoft/tslib#270

Full Changelog: microsoft/tslib@v2.7.0...v2.8.0

Commits

d72d6f7 2.8.1
11fa982 Merge pull request #275 from microsoft/bug/es5-compat
3c532eb Remove use of ES2015 syntax
b0076c4 Include non-enumerable keys in __importStar helper (#272)
7c11588 Add missing registry-url parameter
1fec667 Merge pull request #271 from microsoft/fix-publish
097e99e Fix publish workflow
ca5f7fb 2.8.0
2334267 Merge pull request #270 from microsoft/rewriteRelativeImportExtension
c4cde74 Missed update
Additional commits viewable in compare view

Updates zustand-querystring from 0.0.19 to 0.1.0

Release notes

Sourced from zustand-querystring's releases.

0.1.0, new URL encoding

0.1.0 is a breaking change. The URL encoding and decoding is simplified. Before 0.1.0, zustand-querystring used a proprietary format to encode the state in the URL. While this made the URL more readable and short, it could cause unexpected issues when other tools/libraries tried to parse it. In this new version, encoding and decoding is handled by encodeURIComponent and decodeURIComponent. This makes the state in the URL unreadable, but should be more compatible with third-party tools.

Commits

68a9dac chore: release v0.1.0
983c6f0 simplify implementation, use plain encodeURIComponent
b604a2b chore: release v0.0.20-beta.0
b6e7342 fix url encoding
See full diff in compare view

Updates @playwright/test from 1.47.2 to 1.49.1

Release notes

Sourced from @playwright/test's releases.

v1.49.1

Highlights

microsoft/playwright#33802 - [Bug]: Codegen's Clear button doesn't work if not recording microsoft/playwright#33806 - [Bug]: playwright hangs while waiting for pending navigations microsoft/playwright#33787 - [Bug]: VSC extension isn't capturing all entered text microsoft/playwright#33788 - [Regression]: Double clicking the steps in trace viewer doesn't filter actions microsoft/playwright#33772 - [Bug]: aria_snapshot generates invalid yaml when combined with an aria-label attribut microsoft/playwright#33791 - [Bug]: text input with number value raises "container is not iterable" with to_match_aria_snapshot microsoft/playwright#33644 - [Bug]: getByRole can't find element with the accessible name from label element when aria-labelledby is not valid microsoft/playwright#33660 - [Regression]: Unable to open Playwright UI in Dark Mode

Browser Versions

Chromium 131.0.6778.33

Mozilla Firefox 132.0

WebKit 18.2

This version was also tested against the following stable channels:

Google Chrome 130

Microsoft Edge 130

v1.49.0

Aria snapshots

New assertion expect(locator).toMatchAriaSnapshot() verifies page structure by comparing to an expected accessibility tree, represented as YAML.
await page.goto('https://playwright.dev');
await expect(page.locator('body')).toMatchAriaSnapshot(`
  - banner:
    - heading /Playwright enables reliable/ [level=1]
    - link "Get started"
    - link "Star microsoft/playwright on GitHub"
  - main:
    - img "Browsers (Chromium, Firefox, WebKit)"
    - heading "Any browser • Any platform • One API"
`);
You can generate this assertion with Test Generator and update the expected snapshot with --update-snapshots command line flag.

Learn more in the aria snapshots guide.

Test runner

New option testConfig.tsconfig allows to specify a single tsconfig to be used for all tests.

New method test.fail.only() to focus on a failing test.

Options testConfig.globalSetup and testConfig.globalTeardown now support multiple setups/teardowns.

New value 'on-first-failure' for testOptions.screenshot.

Added "previous" and "next" buttons to the HTML report to quickly switch between test cases.

... (truncated)

Commits

88bc8af chore: mark v1.49.1 (#33921)
9e855d5 cherry-pick(#33821): fix(recorder): allow clearing when recording is disabled...
9365eb5 cherry-pick(#33834): fix: do not stall waiting for pending navigations after ...
f92b233 cherry-pick(#33822): fix(codegen): do not reset current tool upon clearing hi...
008722b cherry-pick(#33797): fix(trace): in indexTree check isVisible before addi...
1dc8b3c cherry-pick(#33746): chore: pin typescript while vue-tsc is broken
fbc770c cherry-pick(#33793): fix(aria): escape even more yaml (#33795)
1046fe0 cherry-pick(#33753): docs: update extensions doc for new headless
1781bf3 cherry-pick(#33706): docs: release notes for languages v1.49
b52a210 cherry-pick(#33712): docs(python): add LocatorAssertions.NotToMatchAriaSnapshot
Additional commits viewable in compare view

Updates @types/dompurify from 3.0.5 to 3.2.0

Commits

See full diff in compare view

Updates @types/node from 22.7.4 to 22.10.2

Commits

See full diff in compare view

Updates lint-staged from 15.2.10 to 15.3.0

Release notes

Sourced from lint-staged's releases.

v15.3.0

Minor Changes
#1495 e69da9e Thanks @iiroj! - Added more info to the debug logs so that "environment" info doesn't need to be added separately to GitHub issues.
#1493 fa0fe98 Thanks @iiroj! - Added more help messages around the automatic git stash that lint-staged creates as a backup (by default). The console output also displays the short git hash of the stash so that it's easier to recover lost files in case some fatal errors are encountered, or the process is killed before completing.

For example:
% npx lint-staged
✔ Backed up original state in git stash (20addf8)
✔ Running tasks for staged files...
✔ Applying modifications from tasks...
✔ Cleaning up temporary files...
where the backup can be seen with git show 20addf8, or git stash list:
% git stash list
stash@{0}: lint-staged automatic backup (20addf8)
v15.2.11

Patch Changes

#1484 bcfe309 Thanks @wormsik! - Escape paths containing spaces when using the "shell" option.

#1487 7dd8caa Thanks @iiroj! - Do not treat submodule root paths as "staged files". This caused lint-staged to fail to a Git error when only updating the revision of a submodule.

Changelog

Sourced from lint-staged's changelog.

15.3.0

Minor Changes
#1495 e69da9e Thanks @iiroj! - Added more info to the debug logs so that "environment" info doesn't need to be added separately to GitHub issues.
#1493 fa0fe98 Thanks @iiroj! - Added more help messages around the automatic git stash that lint-staged creates as a backup (by default). The console output also displays the short git hash of the stash so that it's easier to recover lost files in case some fatal errors are encountered, or the process is killed before completing.

For example:
% npx lint-staged
✔ Backed up original state in git stash (20addf8)
✔ Running tasks for staged files...
✔ Applying modifications from tasks...
✔ Cleaning up temporary files...
where the backup can be seen with git show 20addf8, or git stash list:
% git stash list
stash@{0}: lint-staged automatic backup (20addf8)
15.2.11

Patch Changes

#1484 bcfe309 Thanks @wormsik! - Escape paths containing spaces when using the "shell" option.

#1487 7dd8caa Thanks @iiroj! - Do not treat submodule root paths as "staged files". This caused lint-staged to fail to a Git error when only updating the revision of a submodule.

Commits

703002a chore(changeset): release
4cee7d8 build(dependencies): update dependencies
ef9b02d Merge pull request #1495 from lint-staged/debug-info
e69da9e feat: add more info to debug logs, remove "environment" requirement from issu...
1b36f55 docs: combine changesets
6c9ab40 Merge pull request #1493 from lint-staged/help-messages
22fe89d feat: add unique hash to backup stash message
c52cc92 docs: add a caution message about git stash
fa0fe98 feat: update first task message based on backup status
7bd0447 feat: display "git stash list" message when restoring original state is skipped
Additional commits viewable in compare view

Updates prettier from 3.3.3 to 3.4.2

Release notes

Sourced from prettier's releases.

3.4.2

🔗 Changelog

3.4.1

🔗 Changelog

3.4.0

diff

🔗 Release note

Changelog

Sourced from prettier's changelog.

3.4.2

diff

Treat U+30A0 & U+30FB in Katakana Block as CJK (#16796 by @tats-u)

Prettier doesn't treat U+30A0 & U+30FB as Japanese. U+30FB is commonly used in Japanese to represent the delimitation of first and last names of non-Japanese people or “and”. The following “C言語・C++・Go・Rust” means “C language & C++ & Go & Rust” in Japanese.

C言
語
・
C++
・
Go
・
Rust

C言語・ C++ ・ Go ・ Rust

C言語・C++・Go・Rust
U+30A0 can be used as the replacement of the - in non-Japanese names (e.g. “Saint-Saëns” (Charles Camille Saint-Saëns) can be represented as “サン゠サーンス” in Japanese), but substituted by ASCII hyphen (U+002D) or U+FF1D (full width hyphen) in many cases (e.g. “サン=サーンス” or “サン＝サーンス”).

Fix comments print on class methods with decorators (#16891 by @fisker)
// Input
class A {
  @decorator
  /** 
   * The method description
   *
  */
  async method(foo: Foo, bar: Bar) {
    console.log(foo);
  }
}
// Prettier 3.4.1
class A {
@decorator
async /**
</tr></table>

... (truncated)

Commits

cca9461 Release 3.4.2
572bebe Fix comments on class methods with decorators (#16891)
359c4f0 chore(deps): update dependency @angular/compiler to v19.0.1 (#16903)
6470996 chore(deps): update dependency @glimmer/syntax to v0.93.1 (#16904)
e13614f Correct fit() for fill() (#16899)
10db357 Remove check on TSImportType.isTypeOf (#16892)
ac46a4f Treat U+30A0 & U+30FB in Katakana Block as CJK (#16796)
d52e905 Add test for #16207 (#16890)
a1e354d Clean changelog_unreleased
99875da Bump Prettier dependency to 3.4.1
Additional commits viewable in compare view

Updates sass from 1.79.4 to 1.83.0

Release notes

Sourced from sass's releases.

Dart Sass 1.83.0

To install Sass 1.83.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

Allow trailing commas in all argument and parameter lists.

See the full changelog for changes in earlier releases.

Dart Sass 1.82.0

To install Sass 1.82.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

Command-Line Interface

Improve --watch mode reliability when making multiple changes at once, such as checking out a different Git branch.

Parse the calc-size() function as a calculation now that it's supported in some browsers.

Dart API

Add a SassCalculation.calcSize() function.

See the full changelog for changes in earlier releases.

Dart Sass 1.81.1

To install Sass 1.81.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

No user-visible changes.

See the full changelog for changes in earlier releases.

Dart Sass 1.81.0

To install Sass 1.81.0, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

... (truncated)

Changelog

Sourced from sass's changelog.

1.83.0

Allow trailing commas in all argument and parameter lists.

1.82.0

Command-Line Interface

Improve --watch mode reliability when making multiple changes at once, such as checking out a different Git branch.

Parse the calc-size() function as a calculation now that it's supported in some browsers.

Dart API

Add a SassCalculation.calcSize() function.

1.81.1

No user-visible changes.

1.81.0

Fix a few cases where deprecation warnings weren't being emitted for global built-in functions whose names overlap with CSS calculations.

Add support for the CSS round() calculation with a single argument, as long as that argument might be a unitless number.

1.80.7

Embedded Host

Don't treat 0 as undefined for the green and blue channels in the LegacyColor constructor.

1.80.6

Command-Line Interface

Make @parcel/watcher an optional dependency so this can still be installed on operating systems where it's unavailable.

1.80.5

Embedded Host

Don't produce phantom @import deprecations when using an importer with the legacy API.

... (truncated)

Commits

f38dbb0 Merge pull request #2464 from sass/rest-param-comma
0230ccf Update pkg/sass_api/CHANGELOG.md
dd9b106 Rename ArgumentInvocation and ArgumentDeclaration
c45bc70 Allow a trailing comma after rest parameters and arguments
219fe67 Fix static analysis issues for dart 3.6 (#2462)
f9eef81 Fix links to importers in the internal documentation (#2458)
1b3c7de Represent rest parameters as properties on Parameter (#2454)
7a6722c Fix the declaration of ReturnRule._returnExpression (#2455)
1536dc0 Merge pull request #2453 from sass/return
a74f9c3 Enable useDefineForClassFields and fix affected TS files. (#2447)
Additional commits viewable in compare vi...
Description has been truncated

Bumps the minor group with 15 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@creit.tech/stellar-wallets-kit](https://github.com/Creit-Tech/Stellar-Wallets-Kit) | `1.2.5` | `1.4.0` | | [@stellar/stellar-sdk](https://github.com/stellar/js-stellar-sdk) | `13.0.0` | `13.1.0` | | [@tanstack/react-query](https://github.com/TanStack/query/tree/HEAD/packages/react-query) | `5.59.0` | `5.62.11` | | [@tanstack/react-query-devtools](https://github.com/TanStack/query/tree/HEAD/packages/react-query-devtools) | `5.59.0` | `5.62.11` | | [dompurify](https://github.com/cure53/DOMPurify) | `3.1.7` | `3.2.3` | | [@types/dompurify](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/dompurify) | `3.0.5` | `3.2.0` | | [html-react-parser](https://github.com/remarkablemark/html-react-parser) | `5.1.18` | `5.2.2` | | [tslib](https://github.com/Microsoft/tslib) | `2.7.0` | `2.8.1` | | [zustand-querystring](https://github.com/nitedani/zustand-querystring) | `0.0.19` | `0.1.0` | | [@playwright/test](https://github.com/microsoft/playwright) | `1.47.2` | `1.49.1` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `22.7.4` | `22.10.2` | | [lint-staged](https://github.com/lint-staged/lint-staged) | `15.2.10` | `15.3.0` | | [prettier](https://github.com/prettier/prettier) | `3.3.3` | `3.4.2` | | [sass](https://github.com/sass/dart-sass) | `1.79.4` | `1.83.0` | | [typescript](https://github.com/microsoft/TypeScript) | `5.6.2` | `5.7.2` | Updates `@creit.tech/stellar-wallets-kit` from 1.2.5 to 1.4.0 - [Release notes](https://github.com/Creit-Tech/Stellar-Wallets-Kit/releases) - [Changelog](https://github.com/Creit-Tech/Stellar-Wallets-Kit/blob/main/CHANGELOG.md) - [Commits](Creit-Tech/Stellar-Wallets-Kit@v1.2.5...v1.4.0) Updates `@stellar/stellar-sdk` from 13.0.0 to 13.1.0 - [Release notes](https://github.com/stellar/js-stellar-sdk/releases) - [Changelog](https://github.com/stellar/js-stellar-sdk/blob/master/CHANGELOG.md) - [Commits](stellar/js-stellar-sdk@v13.0.0...v13.1.0) Updates `@tanstack/react-query` from 5.59.0 to 5.62.11 - [Release notes](https://github.com/TanStack/query/releases) - [Commits](https://github.com/TanStack/query/commits/v5.62.11/packages/react-query) Updates `@tanstack/react-query-devtools` from 5.59.0 to 5.62.11 - [Release notes](https://github.com/TanStack/query/releases) - [Commits](https://github.com/TanStack/query/commits/v5.62.11/packages/react-query-devtools) Updates `@trezor/connect-web` from 9.4.4 to 9.4.7 - [Release notes](https://github.com/trezor/trezor-suite/releases) - [Changelog](https://github.com/trezor/trezor-suite/blob/develop/CHANGELOG.md) - [Commits](https://github.com/trezor/trezor-suite/commits) Updates `dompurify` from 3.1.7 to 3.2.3 - [Release notes](https://github.com/cure53/DOMPurify/releases) - [Commits](cure53/DOMPurify@3.1.7...3.2.3) Updates `@types/dompurify` from 3.0.5 to 3.2.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/dompurify) Updates `html-react-parser` from 5.1.18 to 5.2.2 - [Release notes](https://github.com/remarkablemark/html-react-parser/releases) - [Changelog](https://github.com/remarkablemark/html-react-parser/blob/master/CHANGELOG.md) - [Commits](remarkablemark/html-react-parser@v5.1.18...v5.2.2) Updates `tslib` from 2.7.0 to 2.8.1 - [Release notes](https://github.com/Microsoft/tslib/releases) - [Commits](microsoft/tslib@v2.7.0...v2.8.1) Updates `zustand-querystring` from 0.0.19 to 0.1.0 - [Release notes](https://github.com/nitedani/zustand-querystring/releases) - [Commits](nitedani/zustand-querystring@v0.0.19...v0.1.0) Updates `@playwright/test` from 1.47.2 to 1.49.1 - [Release notes](https://github.com/microsoft/playwright/releases) - [Commits](microsoft/playwright@v1.47.2...v1.49.1) Updates `@types/dompurify` from 3.0.5 to 3.2.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/dompurify) Updates `@types/node` from 22.7.4 to 22.10.2 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `lint-staged` from 15.2.10 to 15.3.0 - [Release notes](https://github.com/lint-staged/lint-staged/releases) - [Changelog](https://github.com/lint-staged/lint-staged/blob/master/CHANGELOG.md) - [Commits](lint-staged/lint-staged@v15.2.10...v15.3.0) Updates `prettier` from 3.3.3 to 3.4.2 - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@3.3.3...3.4.2) Updates `sass` from 1.79.4 to 1.83.0 - [Release notes](https://github.com/sass/dart-sass/releases) - [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md) - [Commits](sass/dart-sass@1.79.4...1.83.0) Updates `typescript` from 5.6.2 to 5.7.2 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](microsoft/TypeScript@v5.6.2...v5.7.2) --- updated-dependencies: - dependency-name: "@creit.tech/stellar-wallets-kit" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor - dependency-name: "@stellar/stellar-sdk" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor - dependency-name: "@tanstack/react-query" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor - dependency-name: "@tanstack/react-query-devtools" dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor - dependency-name: "@trezor/connect-web" dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor - dependency-name: dompurify dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor - dependency-name: "@types/dompurify" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor - dependency-name: html-react-parser dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor - dependency-name: tslib dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor - dependency-name: zustand-querystring dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor - dependency-name: "@playwright/test" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor - dependency-name: "@types/dompurify" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor - dependency-name: lint-staged dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor - dependency-name: prettier dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor - dependency-name: sass dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor ... Signed-off-by: dependabot[bot] <[email protected]>

socket-security · 2024-12-29T02:21:11Z

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@babel/[email protected]	None	`0`	246 kB	nicolo-ribaudo
npm/@creit.tech/[email protected]	network	`0`	512 kB	earrietadev
npm/@playwright/[email protected]	None	`0`	25.4 kB	yurys
npm/@solana-program/[email protected]	environment	`0`	1.12 MB	lorisleiva
npm/@solana/[email protected]	None	`0`	167 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	198 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	51.4 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	495 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	756 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	246 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	208 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	18.4 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	1.35 MB	lorisleiva
npm/@solana/[email protected]	None	`0`	43.1 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	33.1 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	85.8 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	118 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	147 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	18.5 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	59.6 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	256 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	21.9 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	111 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	72.1 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	146 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	82.5 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	197 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	263 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	227 kB	lorisleiva
npm/@solana/[email protected]	environment, network	`+1`	205 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	170 kB	lorisleiva
npm/@solana/[email protected]	environment	`0`	129 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	399 kB	lorisleiva
npm/@solana/[email protected]	environment	`0`	126 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	340 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	224 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	735 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	152 kB	lorisleiva
npm/@solana/[email protected]	None	`0`	1.67 MB	lorisleiva
npm/@stellar/[email protected]	None	`0`	14.9 MB	stellar-npm-ci
npm/@tanstack/[email protected]	None	`0`	1.93 MB	nksaraf, tannerlinsley
npm/@tanstack/[email protected]	None	`0`	2.47 MB	nksaraf, tannerlinsley
npm/@tanstack/[email protected]	environment	`0`	95.4 kB	tannerlinsley
npm/@tanstack/[email protected]	environment	`0`	710 kB	tannerlinsley
npm/@trezor/[email protected]	network	`+1`	84.2 kB	trezor-ci
npm/@trezor/[email protected]	None	`0`	60 kB	trezor-ci
npm/@trezor/[email protected]	network	`0`	59.9 kB	trezor-ci
npm/@trezor/[email protected]	None	`0`	219 kB	trezor-ci
npm/@trezor/[email protected]	environment	`0`	5.52 kB	trezor-ci
npm/@trezor/[email protected]	None	`0`	202 kB	trezor-ci
npm/@trezor/[email protected]	None	`+1`	170 kB	trezor-ci
npm/@trezor/[email protected]	filesystem	`0`	1.48 MB	trezor-ci
npm/@trezor/[email protected]	None	`0`	1.01 MB	trezor-ci
npm/@trezor/[email protected]	network	`0`	168 kB	trezor-ci
npm/@trezor/[email protected]	None	`0`	28.1 kB	trezor-ci
npm/@trezor/[email protected]	None	`0`	237 kB	trezor-ci
npm/@types/[email protected]	None	`0`	1.74 kB	types
npm/[email protected]	network	`0`	2.13 MB	jasonsaayman
npm/[email protected]	None	`0`	44.2 kB	sindresorhus
npm/[email protected]	None	`0`	306 kB	cure53
npm/[email protected]	None	`0`	167 kB	feedic
npm/[email protected]	None	`0`	540 kB	feedic
npm/[email protected]	network	`0`	57.1 kB	divyamsingh234
npm/[email protected]	None	`0`	132 kB	remarkablemark
npm/[email protected]	None	`0`	468 kB	remarkablemark
npm/[email protected]	None	`0`	489 kB	feedic
npm/[email protected]	None	`0`	687 kB	leebyron
npm/[email protected]	filesystem	`0`	18 kB	antonk52
npm/[email protected]	None	`0`	124 kB	okonet
npm/[email protected]	environment	`+2`	305 kB	cenk1cenk2
npm/[email protected]	environment, eval, filesystem, network, shell, unsafe	`0`	7.97 MB	yurys
npm/[email protected]	None	`+1`	3.31 MB	yurys
npm/[email protected]	None	`0`	7.83 MB	prettier-bot
npm/[email protected]	Transitive: environment, filesystem	`+2`	289 kB
npm/[email protected]	None	`0`	90.4 kB	typescript-bot
npm/[email protected]	None	`0`	22.7 MB	typescript-bot
npm/[email protected]	None	`0`	83.3 kB	matteo.collina
npm/[email protected]	environment	`0`	682 kB	eemeli
npm/[email protected]	None	`0`	21.4 kB	nitedani

View full report↗︎

socket-security · 2024-12-29T02:21:13Z

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Deprecated	npm/@types/[email protected]	Reason: This is a stub types definition. dompurify provides its own type definitions, so you do not need this installed.	`package.json` `yarn.lock`	⚠︎

View full report↗︎

Next steps

What is a deprecated package?

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

@SocketSecurity ignore npm/@types/[email protected]

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Dec 29, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the minor group across 1 directory with 16 updates #1215

Bump the minor group across 1 directory with 16 updates #1215

dependabot bot commented on behalf of github Dec 29, 2024

socket-security bot commented Dec 29, 2024

socket-security bot commented Dec 29, 2024

Bump the minor group across 1 directory with 16 updates #1215

Are you sure you want to change the base?

Bump the minor group across 1 directory with 16 updates #1215

Conversation

dependabot bot commented on behalf of github Dec 29, 2024

v1.4.0

1.4.0 (2024-12-20)

Add

v1.3.0

1.3.0 (2024-12-05)

Add

1.4.0 (2024-12-20)

Add

1.3.0 (2024-12-05)

Add

v13.1.0

v13.1.0

Added

Fixed

Contributors

v13.1.0

Added

Fixed

v5.62.11

Changes

Fix

Packages

v5.62.10

Changes

Fix

Chore

Docs

Packages

v5.62.9

Changes

Fix

v5.62.11

Changes

Fix

Packages

v5.62.10

Changes

Fix

Chore

Docs

Packages

v5.62.9

Changes

Fix

DOMPurify 3.2.3

DOMPurify 3.2.2

DOMPurify 3.2.1

DOMPurify 3.2.0

v5.2.2

5.2.2 (2024-12-25)

Build System

v5.2.1

5.2.1 (2024-12-16)

Bug Fixes

v5.2.0

5.2.0 (2024-12-06)

Features

v5.1.19

5.1.19 (2024-12-04)

Bug Fixes

5.2.2 (2024-12-25)

Build System

5.2.1 (2024-12-16)

Bug Fixes

5.2.0 (2024-12-06)

Features

5.1.19 (2024-12-04)

Bug Fixes

v2.8.1

What's Changed

v2.8.0

What's Changed

0.1.0, new URL encoding

v1.49.1

Highlights

Treat U+30A0 & U+30FB in Katakana Block as CJK (#16796 by `@tats-u`)

Fix comments print on class methods with decorators (#16891 by `@fisker`)