[sync] 2024/11/02 #486
Merged
[sync] 2024/11/02 #486
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [@11ty/eleventy](https://github.com/11ty/eleventy) from 3.0.0-beta.2 to 3.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/11ty/eleventy/releases"><code>@11ty/eleventy</code>'s releases</a>.</em></p> <blockquote> <h2>Eleventy v3.0.0: Possums ❤️ ESM</h2> <p>We did it. After 22 pre-releases and over a year of work, Eleventy 3.0.0 is now available. You can try it out now on your project using:</p> <pre lang="js"><code>npm install @11ty/eleventy@latest </code></pre> <p><strong>If you’re upgrading from a previous version</strong> of Eleventy, use the <a href="https://v3.11ty.dev/docs/plugins/upgrade-help/">Upgrade Help plugin</a> for automated checks and help with your upgrade!</p> <p><strong><a href="https://v3.11ty.dev/#why-should-you-use-eleventy">Why should you use Eleventy?</a></strong> Eleventy is a flexible and production-ready site generator known for its zero-client JavaScript footprint, <a href="https://v3.11ty.dev/docs/performance/">speedy sites, speedy builds</a>, and <a href="https://www.youtube.com/watch?v=b4frtsT4Cgo">full control over the output</a>.</p> <p>A few numbers on the best version of Eleventy yet:</p> <table> <thead> <tr> <th>Stats</th> <th><code>v2.0.1</code></th> <th><code>v3.0.0</code></th> </tr> </thead> <tbody> <tr> <td>20% smaller</td> <td>35.2 MB</td> <td>28.1 MB</td> </tr> <tr> <td>11% fewer dependencies</td> <td>213</td> <td>189</td> </tr> <tr> <td>9% faster npm install</td> <td>4.511s*</td> <td>4.103s*</td> </tr> </tbody> </table> <p><em>*fastest time of 3 runs (bypassing local cache)</em></p> <h2>Flagship 3.0 features</h2> <ol> <li>Eleventy is now written in ESM with <strong>full</strong> support for ESM in your projects: configuration, data files, 11ty.js templates, etc. For many projects this won’t be a breaking change and we’ll continue to support CommonJS too. Every example on the docs now includes both a CommonJS and ESM version. Docs: <a href="https://v3.11ty.dev/docs/cjs-esm/">https://v3.11ty.dev/docs/cjs-esm/</a></li> </ol> <pre lang="js"><code>// ESM export default function(eleventyConfig) {} <p>// We’ll keep supporting CommonJS:<br /> module.exports = function(eleventyConfig) {}<br /> </code></pre></p> <ol start="2"> <li>Supporting more package managers and runtimes: pnpm, yarn, Deno. More examples on the docs! <a href="https://v3.11ty.dev/docs/">https://v3.11ty.dev/docs/</a></li> <li>Asynchronous configuration <a href="https://redirect.github.com/11ty/eleventy/issues/614">#614</a> Docs: <a href="https://v3.11ty.dev/docs/config/">https://v3.11ty.dev/docs/config/</a></li> </ol> <pre lang="js"><code>// ESM export default async function(eleventyConfig) {} <p>// CommonJS<br /> module.exports = async function(eleventyConfig) {}<br /> </code></pre></p> <ol start="4"> <li>For-free performance improvement to built-in <code>slugify</code>, <code>inputPathToUrl</code> universal filters (via memoization) <a href="https://redirect.github.com/11ty/eleventy/issues/840">#840</a> Docs: <a href="https://v3.11ty.dev/docs/memoize/">https://v3.11ty.dev/docs/memoize/</a></li> <li>Named <code>config</code> export improves consistency for plugins <a href="https://redirect.github.com/11ty/eleventy/issues/3246">#3246</a> and <code>set*Directory</code> configuration API methods <a href="https://redirect.github.com/11ty/eleventy/issues/1503">#1503</a> Docs: <a href="https://v3.11ty.dev/docs/config-shapes/#optional-export-config-object">https://v3.11ty.dev/docs/config-shapes/#optional-export-config-object</a> and <a href="https://v3.11ty.dev/docs/config/#configuration-options">https://v3.11ty.dev/docs/config/#configuration-options</a></li> </ol> <pre lang="js"><code>export default function(eleventyConfig) { eleventyConfig.setInputDirectory("."); </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/11ty/eleventy/commit/8675d68ec049bb683b0b09f42bd2703909eb0e53"><code>8675d68</code></a> v3.0.0</li> <li><a href="https://github.com/11ty/eleventy/commit/5960a86901bfa0c14e50232509f965afd7011d48"><code>5960a86</code></a> Update deps</li> <li><a href="https://github.com/11ty/eleventy/commit/1b9b80ecd82e6e961657b236d04aaf5c442e7afb"><code>1b9b80e</code></a> Fixes <a href="https://redirect.github.com/11ty/eleventy/issues/3468">#3468</a> by adding <code>resetConfig</code> option to addWatchTarget</li> <li><a href="https://github.com/11ty/eleventy/commit/dd28e894be529d6b6a78c2b473037834f6b5dbc3"><code>dd28e89</code></a> Add _headers to extensionless allowlist <a href="https://redirect.github.com/11ty/eleventy/issues/3399">#3399</a> <a href="https://github.com/11ty/elevent">https://github.com/11ty/elevent</a>...</li> <li><a href="https://github.com/11ty/eleventy/commit/0142b7c167e7a0cc3f9169d7a222a7f0215e53cb"><code>0142b7c</code></a> Use v3 subdomain for links from v3 codebase</li> <li><a href="https://github.com/11ty/eleventy/commit/eade9a769753e442acad0192cb8c1e7a680790f9"><code>eade9a7</code></a> Cleanup for <a href="https://redirect.github.com/11ty/eleventy/issues/3399">#3399</a></li> <li><a href="https://github.com/11ty/eleventy/commit/6fe3645b4d918ba8e76df3a5046a04ce0065be04"><code>6fe3645</code></a> Add allow-list for <a href="https://redirect.github.com/11ty/eleventy/issues/3399">#3399</a>, update URL</li> <li>See full diff in <a href="https://github.com/11ty/eleventy/compare/v3.0.0-beta.2...v3.0.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Contributes dart-lang/pub#4093 --------- Co-authored-by: Jonas Finnemann Jensen <[email protected]> Co-authored-by: Parker Lougheed <[email protected]>
These changes have been reviewed within the SDK already :)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.10 to 3.26.11. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.26.11 - 03 Oct 2024</h2> <ul> <li> <p><em>Upcoming breaking change</em>: Add support for using <code>actions/download-artifact@v4</code> to programmatically consume CodeQL Action debug artifacts.</p> <p>Starting November 30, 2024, GitHub.com customers will <a href="https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/">no longer be able to use <code>actions/download-artifact@v3</code></a>. Therefore, to avoid breakage, customers who programmatically download the CodeQL Action debug artifacts should set the <code>CODEQL_ACTION_ARTIFACT_V4_UPGRADE</code> environment variable to <code>true</code> and bump <code>actions/download-artifact@v3</code> to <code>actions/download-artifact@v4</code> in their workflows. The CodeQL Action will enable this behavior by default in early November and workflows that have not yet bumped to <code>actions/download-artifact@v3</code> to <code>actions/download-artifact@v4</code> will begin failing then.</p> <p>This change is currently unavailable for GitHub Enterprise Server customers, as <code>actions/upload-artifact@v4</code> and <code>actions/download-artifact@v4</code> are not yet compatible with GHES.</p> </li> </ul> <h2>3.26.10 - 30 Sep 2024</h2> <ul> <li>We are rolling out a feature in September/October 2024 that sets up CodeQL using a bundle compressed with <a href="http://facebook.github.io/zstd/">Zstandard</a>. Our aim is to improve the performance of setting up CodeQL. <a href="https://redirect.github.com/github/codeql-action/pull/2502">#2502</a></li> </ul> <h2>3.26.9 - 24 Sep 2024</h2> <p>No user facing changes.</p> <h2>3.26.8 - 19 Sep 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.19.0. <a href="https://redirect.github.com/github/codeql-action/pull/2483">#2483</a></li> </ul> <h2>3.26.7 - 13 Sep 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.4. <a href="https://redirect.github.com/github/codeql-action/pull/2471">#2471</a></li> </ul> <h2>3.26.6 - 29 Aug 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.3. <a href="https://redirect.github.com/github/codeql-action/pull/2449">#2449</a></li> </ul> <h2>3.26.5 - 23 Aug 2024</h2> <ul> <li>Fix an issue where the <code>csrutil</code> system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled. <a href="https://redirect.github.com/github/codeql-action/pull/2441">#2441</a></li> </ul> <h2>3.26.4 - 21 Aug 2024</h2> <ul> <li><em>Deprecation:</em> The <code>add-snippets</code> input on the <code>analyze</code> Action is deprecated and will be removed in the first release in August 2025. <a href="https://redirect.github.com/github/codeql-action/pull/2436">#2436</a></li> <li>Fix an issue where the disk usage system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled, and then surface a warning. The system call is now disabled for these machines. <a href="https://redirect.github.com/github/codeql-action/pull/2434">#2434</a></li> </ul> <h2>3.26.3 - 19 Aug 2024</h2> <ul> <li>Fix an issue where the CodeQL Action could not write diagnostic messages on Windows. This issue did not impact analysis quality. <a href="https://redirect.github.com/github/codeql-action/pull/2430">#2430</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea"><code>6db8d63</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2522">#2522</a> from github/update-v3.26.11-8aba5f2c4</li> <li><a href="https://github.com/github/codeql-action/commit/389647f39867028dcbcca5506b676e29424c612d"><code>389647f</code></a> Update changelog for v3.26.11</li> <li><a href="https://github.com/github/codeql-action/commit/8aba5f2c426ba0d5c3bb6b4b8fae38035772b3d3"><code>8aba5f2</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2516">#2516</a> from github/aeisenberg/dependabot-exclude</li> <li><a href="https://github.com/github/codeql-action/commit/ecac2c6d538a5c4520f636d89c01720ddc5c9d1b"><code>ecac2c6</code></a> Exclupde <code>eslint-plugin-import</code> updates from dependabot</li> <li><a href="https://github.com/github/codeql-action/commit/e85017e6745c22a328ab20475f48582ec2e1becd"><code>e85017e</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2514">#2514</a> from github/henrymercer/zstd-better-failure-logging</li> <li><a href="https://github.com/github/codeql-action/commit/a60db1d7fffaf34bc97db28f4d16936306e52a7c"><code>a60db1d</code></a> Add notice for dependency upgrade timeline (<a href="https://redirect.github.com/github/codeql-action/issues/2513">#2513</a>)</li> <li><a href="https://github.com/github/codeql-action/commit/28db28fc03e5652558cfae2ebfcf112a524358e1"><code>28db28f</code></a> Improve clean up if extraction fails</li> <li><a href="https://github.com/github/codeql-action/commit/3da852e107a8b010f01b468b4be62250eca45340"><code>3da852e</code></a> Capture stderr from extracting <code>.tar.zst</code></li> <li><a href="https://github.com/github/codeql-action/commit/c4d433c56218db63e3030b7eb311b4820c0aa24b"><code>c4d433c</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2510">#2510</a> from github/dependabot/npm_and_yarn/npm-13baf58ce8</li> <li><a href="https://github.com/github/codeql-action/commit/2f6cf481fd80327a14c2fccb1f6d2babc76cddc3"><code>2f6cf48</code></a> Undo <code>eslint-plugin-import</code> bump</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/e2b3eafc8d227b0241d48be5f425d47c2d750a13...6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [express](https://github.com/expressjs/express) from 4.19.2 to 4.21.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/expressjs/express/releases">express's releases</a>.</em></p> <blockquote> <h2>4.21.0</h2> <h2>What's Changed</h2> <ul> <li>Deprecate <code>"back"</code> magic string in redirects by <a href="https://github.com/blakeembrey"><code>@blakeembrey</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5935">expressjs/express#5935</a></li> <li>[email protected] by <a href="https://github.com/wesleytodd"><code>@wesleytodd</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5954">expressjs/express#5954</a></li> <li>fix(deps): [email protected] by <a href="https://github.com/wesleytodd"><code>@wesleytodd</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5951">expressjs/express#5951</a></li> <li>Upgraded dependency qs to 6.13.0 to match qs in body-parser by <a href="https://github.com/agadzinski93"><code>@agadzinski93</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5946">expressjs/express#5946</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/agadzinski93"><code>@agadzinski93</code></a> made their first contribution in <a href="https://redirect.github.com/expressjs/express/pull/5946">expressjs/express#5946</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/expressjs/express/compare/4.20.0...4.21.0">https://github.com/expressjs/express/compare/4.20.0...4.21.0</a></p> <h2>4.20.0</h2> <h2>What's Changed</h2> <h3>Important</h3> <ul> <li>IMPORTANT: The default <code>depth</code> level for parsing URL-encoded data is now <code>32</code> (previously was <code>Infinity</code>)</li> <li>Remove link renderization in html while using <code>res.redirect</code></li> </ul> <h3>Other Changes</h3> <ul> <li>4.19.2 Staging by <a href="https://github.com/wesleytodd"><code>@wesleytodd</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5561">expressjs/express#5561</a></li> <li>remove duplicate location test for data uri by <a href="https://github.com/wesleytodd"><code>@wesleytodd</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5562">expressjs/express#5562</a></li> <li>feat: document beta releases expectations by <a href="https://github.com/marco-ippolito"><code>@marco-ippolito</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5565">expressjs/express#5565</a></li> <li>Cut down on duplicated CI runs by <a href="https://github.com/jonchurch"><code>@jonchurch</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5564">expressjs/express#5564</a></li> <li>Add a Threat Model by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5526">expressjs/express#5526</a></li> <li>Assign captain of encodeurl by <a href="https://github.com/blakeembrey"><code>@blakeembrey</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5579">expressjs/express#5579</a></li> <li>Nominate jonchurch as repo captain for <code>http-errors</code>, <code>expressjs.com</code>, <code>morgan</code>, <code>cors</code>, <code>body-parser</code> by <a href="https://github.com/jonchurch"><code>@jonchurch</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5587">expressjs/express#5587</a></li> <li>docs: update Security.md by <a href="https://github.com/inigomarquinez"><code>@inigomarquinez</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5590">expressjs/express#5590</a></li> <li>docs: update triage nomination policy by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5600">expressjs/express#5600</a></li> <li>Add CodeQL (SAST) by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5433">expressjs/express#5433</a></li> <li>docs: add UlisesGascon as triage initiative captain by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5605">expressjs/express#5605</a></li> <li>deps: encodeurl@~2.0.0 by <a href="https://github.com/blakeembrey"><code>@blakeembrey</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5569">expressjs/express#5569</a></li> <li>skip QUERY method test by <a href="https://github.com/jonchurch"><code>@jonchurch</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5628">expressjs/express#5628</a></li> <li>ignore ETAG query test on 21 and 22, reuse skip util by <a href="https://github.com/jonchurch"><code>@jonchurch</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5639">expressjs/express#5639</a></li> <li>add support Node.js@22 in the CI by <a href="https://github.com/mertcanaltin"><code>@mertcanaltin</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5627">expressjs/express#5627</a></li> <li>doc: add table of contents, tc/triager lists to readme by <a href="https://github.com/mertcanaltin"><code>@mertcanaltin</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5619">expressjs/express#5619</a></li> <li>List and sort all projects, add captains by <a href="https://github.com/blakeembrey"><code>@blakeembrey</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5653">expressjs/express#5653</a></li> <li>docs: add <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> as captain for cookie-parser by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5666">expressjs/express#5666</a></li> <li>✨ bring back query tests for node 21 by <a href="https://github.com/ctcpip"><code>@ctcpip</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5690">expressjs/express#5690</a></li> <li>[v4] Deprecate <code>res.clearCookie</code> accepting <code>options.maxAge</code> and <code>options.expires</code> by <a href="https://github.com/jonchurch"><code>@jonchurch</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5672">expressjs/express#5672</a></li> <li>skip QUERY tests for Node 21 only, still not supported by <a href="https://github.com/jonchurch"><code>@jonchurch</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5695">expressjs/express#5695</a></li> <li>📝 update people, add ctcpip to TC by <a href="https://github.com/ctcpip"><code>@ctcpip</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5683">expressjs/express#5683</a></li> <li>remove minor version pinning from ci by <a href="https://github.com/jonchurch"><code>@jonchurch</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5722">expressjs/express#5722</a></li> <li>Fix link variable use in attribution section of CODE OF CONDUCT by <a href="https://github.com/IamLizu"><code>@IamLizu</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5762">expressjs/express#5762</a></li> <li>Replace Appveyor windows testing with GHA by <a href="https://github.com/jonchurch"><code>@jonchurch</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5599">expressjs/express#5599</a></li> <li>Add OSSF Scorecard badge by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5436">expressjs/express#5436</a></li> <li>update scorecard link by <a href="https://github.com/bjohansebas"><code>@bjohansebas</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5814">expressjs/express#5814</a></li> <li>Nominate <a href="https://github.com/IamLizu"><code>@IamLizu</code></a> to the triage team by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5836">expressjs/express#5836</a></li> <li>deps: [email protected] by <a href="https://github.com/blakeembrey"><code>@blakeembrey</code></a> in <a href="https://redirect.github.com/expressjs/express/pull/5603">expressjs/express#5603</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/expressjs/express/blob/4.21.0/History.md">express's changelog</a>.</em></p> <blockquote> <h1>4.21.0 / 2024-09-11</h1> <ul> <li>Deprecate <code>res.location("back")</code> and <code>res.redirect("back")</code> magic string</li> <li>deps: [email protected] <ul> <li>includes [email protected]</li> </ul> </li> <li>deps: [email protected]</li> <li>deps: [email protected]</li> </ul> <h1>4.20.0 / 2024-09-10</h1> <ul> <li>deps: [email protected] <ul> <li>Remove link renderization in html while redirecting</li> </ul> </li> <li>deps: [email protected] <ul> <li>Remove link renderization in html while redirecting</li> </ul> </li> <li>deps: [email protected] <ul> <li>add <code>depth</code> option to customize the depth level in the parser</li> <li>IMPORTANT: The default <code>depth</code> level for parsing URL-encoded data is now <code>32</code> (previously was <code>Infinity</code>)</li> </ul> </li> <li>Remove link renderization in html while using <code>res.redirect</code></li> <li>deps: [email protected] <ul> <li>Adds support for named matching groups in the routes using a regex</li> <li>Adds backtracking protection to parameters without regexes defined</li> </ul> </li> <li>deps: encodeurl@~2.0.0 <ul> <li>Removes encoding of <code>\</code>, <code>|</code>, and <code>^</code> to align better with URL spec</li> </ul> </li> <li>Deprecate passing <code>options.maxAge</code> and <code>options.expires</code> to <code>res.clearCookie</code> <ul> <li>Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/expressjs/express/commit/7e562c6d8daddff4604f8efaaf9db2cf98c6dcff"><code>7e562c6</code></a> 4.21.0</li> <li><a href="https://github.com/expressjs/express/commit/1bcde96bc87c4704df9a704271d1167064ab56bb"><code>1bcde96</code></a> fix(deps): [email protected] (<a href="https://redirect.github.com/expressjs/express/issues/5946">#5946</a>)</li> <li><a href="https://github.com/expressjs/express/commit/7d364775688be98aaa973302e066d0da9f438997"><code>7d36477</code></a> fix(deps): [email protected] (<a href="https://redirect.github.com/expressjs/express/issues/5951">#5951</a>)</li> <li><a href="https://github.com/expressjs/express/commit/40d2d8f2c882712a0f2e4603c38d166c79676b2b"><code>40d2d8f</code></a> fix(deps): [email protected]</li> <li><a href="https://github.com/expressjs/express/commit/77ada906dba57fd6e308f0d750e01653dbeaddfc"><code>77ada90</code></a> Deprecate <code>"back"</code> magic string in redirects (<a href="https://redirect.github.com/expressjs/express/issues/5935">#5935</a>)</li> <li><a href="https://github.com/expressjs/express/commit/21df421ebc7a5249bb31101da666bbf22adc3f18"><code>21df421</code></a> 4.20.0</li> <li><a href="https://github.com/expressjs/express/commit/4c9ddc1c47bf579e55c2fe837d76a952e9fd8959"><code>4c9ddc1</code></a> feat: upgrade to [email protected]</li> <li><a href="https://github.com/expressjs/express/commit/9ebe5d500d22cbb2b8aaa73446866b084c747971"><code>9ebe5d5</code></a> feat: upgrade to [email protected] (<a href="https://redirect.github.com/expressjs/express/issues/5928">#5928</a>)</li> <li><a href="https://github.com/expressjs/express/commit/ec4a01b6b8814d7b007f36a3023f4dbafdbc3d09"><code>ec4a01b</code></a> feat: upgrade to [email protected] (<a href="https://redirect.github.com/expressjs/express/issues/5926">#5926</a>)</li> <li><a href="https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"><code>54271f6</code></a> fix: don't render redirect values in anchor href</li> <li>Additional commits viewable in <a href="https://github.com/expressjs/express/compare/4.19.2...4.21.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dart-lang/site-www/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [basic-auth-connect](https://github.com/expressjs/basic-auth-connect) from 1.0.0 to 1.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/expressjs/basic-auth-connect/releases">basic-auth-connect's releases</a>.</em></p> <blockquote> <h2>1.1.0</h2> <h2>What's Changed</h2> <p><strong>Important</strong></p> <ul> <li>feat: add timing safe equal comparison <a href="https://github.com/expressjs/basic-auth-connect/commit/bac1e6a8530e1efd0028800b9b588a37adb0d203">bac1e6a</a> <ul> <li>chore: add [email protected] as dependency</li> </ul> </li> <li>Fix CVE-2024-47178. See: <a href="https://github.com/expressjs/basic-auth-connect/security/advisories/GHSA-7p89-p6hx-q4fw">Advisory: GHSA-7p89-p6hx-q4fw</a></li> </ul> <p><strong>Other</strong></p> <ul> <li>💚 GH workflow CI by <a href="https://github.com/ctcpip"><code>@ctcpip</code></a> in <a href="https://redirect.github.com/expressjs/basic-auth-connect/pull/2">expressjs/basic-auth-connect#2</a></li> <li>📄 normalize license by <a href="https://github.com/ctcpip"><code>@ctcpip</code></a> in <a href="https://redirect.github.com/expressjs/basic-auth-connect/pull/3">expressjs/basic-auth-connect#3</a></li> <li>remove redundant variable declaration by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/basic-auth-connect/pull/6">expressjs/basic-auth-connect#6</a></li> <li>Remove usage of undefined return value by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/basic-auth-connect/pull/5">expressjs/basic-auth-connect#5</a></li> <li>Release v1.1.0 by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/basic-auth-connect/pull/9">expressjs/basic-auth-connect#9</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ctcpip"><code>@ctcpip</code></a> made their first contribution in <a href="https://redirect.github.com/expressjs/basic-auth-connect/pull/2">expressjs/basic-auth-connect#2</a></li> <li><a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> made their first contribution in <a href="https://redirect.github.com/expressjs/basic-auth-connect/pull/6">expressjs/basic-auth-connect#6</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/expressjs/basic-auth-connect/compare/1.0.0...1.1.0">https://github.com/expressjs/basic-auth-connect/compare/1.0.0...1.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/expressjs/basic-auth-connect/commit/45decb39d56845cc1f122065f4496168c6173339"><code>45decb3</code></a> 1.1.0</li> <li><a href="https://github.com/expressjs/basic-auth-connect/commit/e6b376e3a11b77639ffc5003d5e0c42c79500286"><code>e6b376e</code></a> docs: improve documentation</li> <li><a href="https://github.com/expressjs/basic-auth-connect/commit/bac1e6a8530e1efd0028800b9b588a37adb0d203"><code>bac1e6a</code></a> feat: add timing safe equal comparison</li> <li><a href="https://github.com/expressjs/basic-auth-connect/commit/d3b6a633311654a5afc8102fc1c5c331a9eca684"><code>d3b6a63</code></a> chore: remove usage of undefined return value (<a href="https://redirect.github.com/expressjs/basic-auth-connect/issues/5">#5</a>)</li> <li><a href="https://github.com/expressjs/basic-auth-connect/commit/b05baf89a60d081d4223491e51a286273363ea7b"><code>b05baf8</code></a> test: remove redundant variable declaration (<a href="https://redirect.github.com/expressjs/basic-auth-connect/issues/6">#6</a>)</li> <li><a href="https://github.com/expressjs/basic-auth-connect/commit/e8f35c626cfe8704e57f8c2eca7c6ba9e9ab1fa6"><code>e8f35c6</code></a> chore: normalize license</li> <li><a href="https://github.com/expressjs/basic-auth-connect/commit/8d38a0b144eb0423a80556b4801a3c326bed9808"><code>8d38a0b</code></a> ci: migrate to GitHub Actions</li> <li><a href="https://github.com/expressjs/basic-auth-connect/commit/727b4cd6e0c1c6001fbee00a4b4007a6b7fdc212"><code>727b4cd</code></a> 💚 GH workflow CI</li> <li><a href="https://github.com/expressjs/basic-auth-connect/commit/9eed03bf5edd5fb730d07cc5af0875d4dcf8bd19"><code>9eed03b</code></a> Fixed the readme header.</li> <li>See full diff in <a href="https://github.com/expressjs/basic-auth-connect/compare/1.0.0...1.1.0">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~ulisesgascon">ulisesgascon</a>, a new releaser for basic-auth-connect since your current version.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dart-lang/site-www/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [body-parser](https://github.com/expressjs/body-parser) from 1.20.2 to 1.20.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/expressjs/body-parser/releases">body-parser's releases</a>.</em></p> <blockquote> <h2>1.20.3</h2> <h2>What's Changed</h2> <h3>Important</h3> <ul> <li>deps: [email protected]</li> <li>add <code>depth</code> option to customize the depth level in the parser</li> <li><strong>IMPORTANT:</strong> The default <code>depth</code> level for parsing URL-encoded data is now <code>32</code> (previously was <code>Infinity</code>). <a href="https://github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth">Documentation</a></li> </ul> <h3>Other changes</h3> <ul> <li>chore: add support for OSSF scorecard reporting by <a href="https://github.com/inigomarquinez"><code>@inigomarquinez</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/522">expressjs/body-parser#522</a></li> <li>ci: fix errors in ci github action for node 8 and 9 by <a href="https://github.com/inigomarquinez"><code>@inigomarquinez</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/523">expressjs/body-parser#523</a></li> <li>fix: pin to [email protected] by <a href="https://github.com/wesleytodd"><code>@wesleytodd</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/527">expressjs/body-parser#527</a></li> <li>deps: [email protected] by <a href="https://github.com/melikhov-dev"><code>@melikhov-dev</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/521">expressjs/body-parser#521</a></li> <li>Add OSSF Scorecard badge by <a href="https://github.com/bjohansebas"><code>@bjohansebas</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/531">expressjs/body-parser#531</a></li> <li>Linter by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/534">expressjs/body-parser#534</a></li> <li>Release: 1.20.3 by <a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> in <a href="https://redirect.github.com/expressjs/body-parser/pull/535">expressjs/body-parser#535</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/inigomarquinez"><code>@inigomarquinez</code></a> made their first contribution in <a href="https://redirect.github.com/expressjs/body-parser/pull/522">expressjs/body-parser#522</a></li> <li><a href="https://github.com/melikhov-dev"><code>@melikhov-dev</code></a> made their first contribution in <a href="https://redirect.github.com/expressjs/body-parser/pull/521">expressjs/body-parser#521</a></li> <li><a href="https://github.com/bjohansebas"><code>@bjohansebas</code></a> made their first contribution in <a href="https://redirect.github.com/expressjs/body-parser/pull/531">expressjs/body-parser#531</a></li> <li><a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> made their first contribution in <a href="https://redirect.github.com/expressjs/body-parser/pull/534">expressjs/body-parser#534</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3">https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/expressjs/body-parser/blob/master/HISTORY.md">body-parser's changelog</a>.</em></p> <blockquote> <h1>1.20.3 / 2024-09-10</h1> <ul> <li>deps: [email protected]</li> <li>add <code>depth</code> option to customize the depth level in the parser</li> <li>IMPORTANT: The default <code>depth</code> level for parsing URL-encoded data is now <code>32</code> (previously was <code>Infinity</code>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/expressjs/body-parser/commit/17529513673e39ba79886a7ce3363320cf1c0c50"><code>1752951</code></a> 1.20.3</li> <li><a href="https://github.com/expressjs/body-parser/commit/39744cfe2ac4fb37a19ed7c43e3a74332f428e17"><code>39744cf</code></a> chore: linter (<a href="https://redirect.github.com/expressjs/body-parser/issues/534">#534</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"><code>b2695c4</code></a> Merge commit from fork</li> <li><a href="https://github.com/expressjs/body-parser/commit/ade0f3f82f91086d6cd2ed2cb4b0aff448fbc2e5"><code>ade0f3f</code></a> add scorecard to readme (<a href="https://redirect.github.com/expressjs/body-parser/issues/531">#531</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/99a1bd62456f932004b84767d6393bc261f75d36"><code>99a1bd6</code></a> deps: [email protected] (<a href="https://redirect.github.com/expressjs/body-parser/issues/521">#521</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/947859160527c7aaaa20da79e2c3ba542baaaf66"><code>9478591</code></a> fix: pin to [email protected]</li> <li><a href="https://github.com/expressjs/body-parser/commit/83db46a1e5512135ce01ed90b9132ee16a2657a8"><code>83db46a</code></a> ci: fix errors in ci github action for node 8 and 9 (<a href="https://redirect.github.com/expressjs/body-parser/issues/523">#523</a>)</li> <li><a href="https://github.com/expressjs/body-parser/commit/9d4e2125b580b055b2a3aa140df9b8fce363af46"><code>9d4e212</code></a> chore: add support for OSSF scorecard reporting (<a href="https://redirect.github.com/expressjs/body-parser/issues/522">#522</a>)</li> <li>See full diff in <a href="https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~ulisesgascon">ulisesgascon</a>, a new releaser for body-parser since your current version.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/dart-lang/site-www/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) from 1.21.0 to 1.22.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/shikijs/shiki/releases">shiki's releases</a>.</em></p> <blockquote> <h2>v1.22.0</h2> <h3> 🚀 Features</h3> <ul> <li>Store grammar state in weakmap - by <a href="https://github.com/antfu"><code>@antfu</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/804">shikijs/shiki#804</a> <a href="https://github.com/shikijs/shiki/commit/320d7582"><!-- raw HTML omitted -->(320d7)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/shikijs/shiki/compare/v1.21.1...v1.22.0">View changes on GitHub</a></h5> <h2>v1.21.1</h2> <h3> 🚀 Features</h3> <ul> <li>Update deps - by <a href="https://github.com/antfu"><code>@antfu</code></a> <a href="https://github.com/shikijs/shiki/commit/2bdf1b89"><!-- raw HTML omitted -->(2bdf1)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/shikijs/shiki/compare/v1.21.0...v1.21.1">View changes on GitHub</a></h5> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/shikijs/shiki/commit/2d58f7ff7bd642682e93b577d9b68bede8548ef8"><code>2d58f7f</code></a> chore: release v1.22.0</li> <li><a href="https://github.com/shikijs/shiki/commit/320d75821e3f528f8dea6e4df626a82cdfb655ec"><code>320d758</code></a> feat: store grammar state in weakmap (<a href="https://github.com/shikijs/shiki/tree/HEAD/packages/shiki/issues/804">#804</a>)</li> <li><a href="https://github.com/shikijs/shiki/commit/ea4b8dd7f9f4a4b75904edf3ec5a2d59b00080a1"><code>ea4b8dd</code></a> chore: release v1.21.1</li> <li><a href="https://github.com/shikijs/shiki/commit/2bdf1b89c9f39730e8948e22c4a31a28889e89c4"><code>2bdf1b8</code></a> feat: update deps</li> <li>See full diff in <a href="https://github.com/shikijs/shiki/commits/v1.22.0/packages/shiki">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
--------- Co-authored-by: Parker Lougheed <[email protected]>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.0 to 4.4.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.4.1</h2> <h2>What's Changed</h2> <ul> <li>Add a section about hidden files by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/607">actions/upload-artifact#607</a></li> <li>Add workflow file for publishing releases to immutable action package by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/621">actions/upload-artifact#621</a></li> <li>Update <code>@actions/artifact</code> to latest version, includes symlink and timeout fixes by <a href="https://github.com/robherley"><code>@robherley</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/625">actions/upload-artifact#625</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/621">actions/upload-artifact#621</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.4.0...v4.4.1">https://github.com/actions/upload-artifact/compare/v4.4.0...v4.4.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/604373da6381bf24206979c74d06a550515601b9"><code>604373d</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/625">#625</a> from actions/robherley/artifact-2.1.10</li> <li><a href="https://github.com/actions/upload-artifact/commit/0150148bdf458be2451ee90b000ecdcca8216ed8"><code>0150148</code></a> paste right core version</li> <li><a href="https://github.com/actions/upload-artifact/commit/a009b25faa61b2b26de294984570f1371b13a895"><code>a009b25</code></a> update licenses</li> <li><a href="https://github.com/actions/upload-artifact/commit/9f6f6f402e14cb0fe462513c8fa31e6ec061e8b5"><code>9f6f6f4</code></a> update <code>@actions/core</code> and <code>@actions/artifact</code> to latest versions</li> <li><a href="https://github.com/actions/upload-artifact/commit/3eadd8b791cabf7cd572f194da82158c24125bd8"><code>3eadd8b</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/621">#621</a> from actions/Jcambass-patch-1</li> <li><a href="https://github.com/actions/upload-artifact/commit/aeba9f79615961db246aa455caf3aa63488c0ace"><code>aeba9f7</code></a> Add workflow file for publishing releases to immutable action package</li> <li><a href="https://github.com/actions/upload-artifact/commit/b18b1d32f3f31abcdc29dee3f2484801fe7822f4"><code>b18b1d3</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/607">#607</a> from actions/joshmgross/hidden-files-readme</li> <li><a href="https://github.com/actions/upload-artifact/commit/d7c12077c478ad3d03aeeb01e2f6917d1ac93c3a"><code>d7c1207</code></a> Add a section about hidden files</li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/50769540e7f4bd5e21e526ee35c689e35e0d6874...604373da6381bf24206979c74d06a550515601b9">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.11 to 3.26.12. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.26.12 - 07 Oct 2024</h2> <ul> <li> <p><em>Upcoming breaking change</em>: Add a deprecation warning for customers using CodeQL version 2.14.5 and earlier. These versions of CodeQL were discontinued on 24 September 2024 alongside GitHub Enterprise Server 3.10, and will be unsupported by CodeQL Action versions 3.27.0 and later and versions 2.27.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2520">#2520</a></p> <ul> <li> <p>If you are using one of these versions, please update to CodeQL CLI version 2.14.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</p> </li> <li> <p>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.13.5 and 2.14.5, you can replace <code>github/codeql-action/*@V3</code> by <code>github/codeql-action/*@v3.26.11</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.26.11</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</p> </li> </ul> </li> </ul> <h2>3.26.11 - 03 Oct 2024</h2> <ul> <li> <p><em>Upcoming breaking change</em>: Add support for using <code>actions/download-artifact@v4</code> to programmatically consume CodeQL Action debug artifacts.</p> <p>Starting November 30, 2024, GitHub.com customers will <a href="https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/">no longer be able to use <code>actions/download-artifact@v3</code></a>. Therefore, to avoid breakage, customers who programmatically download the CodeQL Action debug artifacts should set the <code>CODEQL_ACTION_ARTIFACT_V4_UPGRADE</code> environment variable to <code>true</code> and bump <code>actions/download-artifact@v3</code> to <code>actions/download-artifact@v4</code> in their workflows. The CodeQL Action will enable this behavior by default in early November and workflows that have not yet bumped to <code>actions/download-artifact@v3</code> to <code>actions/download-artifact@v4</code> will begin failing then.</p> <p>This change is currently unavailable for GitHub Enterprise Server customers, as <code>actions/upload-artifact@v4</code> and <code>actions/download-artifact@v4</code> are not yet compatible with GHES.</p> </li> <li> <p>Update default CodeQL bundle version to 2.19.1. <a href="https://redirect.github.com/github/codeql-action/pull/2519">#2519</a></p> </li> </ul> <h2>3.26.10 - 30 Sep 2024</h2> <ul> <li>We are rolling out a feature in September/October 2024 that sets up CodeQL using a bundle compressed with <a href="http://facebook.github.io/zstd/">Zstandard</a>. Our aim is to improve the performance of setting up CodeQL. <a href="https://redirect.github.com/github/codeql-action/pull/2502">#2502</a></li> </ul> <h2>3.26.9 - 24 Sep 2024</h2> <p>No user facing changes.</p> <h2>3.26.8 - 19 Sep 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.19.0. <a href="https://redirect.github.com/github/codeql-action/pull/2483">#2483</a></li> </ul> <h2>3.26.7 - 13 Sep 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.4. <a href="https://redirect.github.com/github/codeql-action/pull/2471">#2471</a></li> </ul> <h2>3.26.6 - 29 Aug 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.3. <a href="https://redirect.github.com/github/codeql-action/pull/2449">#2449</a></li> </ul> <h2>3.26.5 - 23 Aug 2024</h2> <ul> <li>Fix an issue where the <code>csrutil</code> system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled. <a href="https://redirect.github.com/github/codeql-action/pull/2441">#2441</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/c36620d31ac7c881962c3d9dd939c40ec9434f2b"><code>c36620d</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2529">#2529</a> from github/update-v3.26.12-c9a70ff45</li> <li><a href="https://github.com/github/codeql-action/commit/570aecb95f2b62832269f4d9ed8d228c9a1342fb"><code>570aecb</code></a> Update changelog for v3.26.12</li> <li><a href="https://github.com/github/codeql-action/commit/c9a70ff45f6a0ebf67a02cf3a09094b72f56e5cb"><code>c9a70ff</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2526">#2526</a> from github/henrymercer/check-zstd-on-path</li> <li><a href="https://github.com/github/codeql-action/commit/d65a17605a400f2b42f1e4785239bc63a91419b9"><code>d65a176</code></a> Rebuild</li> <li><a href="https://github.com/github/codeql-action/commit/bf2e624d0b3b15a9fe5c6ae1294f207a8f2ee3f1"><code>bf2e624</code></a> Update src/tar.ts</li> <li><a href="https://github.com/github/codeql-action/commit/56d197570aa047eae7fe04401603196e2f68521d"><code>56d1975</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2489">#2489</a> from github/redsun82/rust</li> <li><a href="https://github.com/github/codeql-action/commit/7cf65a5b2e089b7207c678633bc4a42884847231"><code>7cf65a5</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2518">#2518</a> from github/dependabot/npm_and_yarn/npm-88156698cd</li> <li><a href="https://github.com/github/codeql-action/commit/8a56dd2e53735063047ec88acbea334aecdd702e"><code>8a56dd2</code></a> Update to <code>@actions/core</code> 1.11.1</li> <li><a href="https://github.com/github/codeql-action/commit/153267135194d736d42c011f5c4288fd7318a484"><code>1532671</code></a> Update default bundle to 2.19.1 (<a href="https://redirect.github.com/github/codeql-action/issues/2519">#2519</a>)</li> <li><a href="https://github.com/github/codeql-action/commit/64871a860c2923a5ec7cf6cefc983b535e8fe0e7"><code>64871a8</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.19.1</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea...c36620d31ac7c881962c3d9dd939c40ec9434f2b">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.0 to 4.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.2.1</h2> <h2>What's Changed</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1919">actions/checkout#1919</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.2.0...v4.2.1">https://github.com/actions/checkout/compare/v4.2.0...v4.2.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <ul> <li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li> <li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li> <li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li> </ul> <h2>v4.1.2</h2> <ul> <li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li> </ul> <h2>v4.1.1</h2> <ul> <li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li> <li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li> </ul> <h2>v4.1.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li> </ul> <h2>v4.0.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871"><code>eef6144</code></a> Prepare 4.2.1 release (<a href="https://redirect.github.com/actions/checkout/issues/1925">#1925</a>)</li> <li><a href="https://github.com/actions/checkout/commit/6b42224f41ee5dfe5395e27c8b2746f1f9955030"><code>6b42224</code></a> Add workflow file for publishing releases to immutable action package (<a href="https://redirect.github.com/actions/checkout/issues/1919">#1919</a>)</li> <li><a href="https://github.com/actions/checkout/commit/de5a000abf73b6f4965bd1bcdf8f8d94a56ea815"><code>de5a000</code></a> Check out other refs/* by commit if provided, fall back to ref (<a href="https://redirect.github.com/actions/checkout/issues/1924">#1924</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/d632683dd7b4114ad314bca15554477dd762a938...eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
In network request code example `'` was typed instead of `;`.
Bumps [firebase-tools](https://github.com/firebase/firebase-tools) from 13.20.2 to 13.21.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/firebase/firebase-tools/releases">firebase-tools's releases</a>.</em></p> <blockquote> <h2>v13.21.0</h2> <ul> <li>Add apphosting:rollouts:create CLI command. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7687">#7687</a>)</li> <li>Updated emulator UI to version 1.14.0, which adds support for SDK defined extensions.</li> <li>Added emulator support for SDK defined extensions.</li> <li>Fixed various trigger handling issues in the Functions emualtor, including an issue where Eventarc functions would not be emulated correctly after a reload.</li> <li>Added support for generating Dart SDKs for Data Connect connectors.</li> <li>Commands now correctly default to 'default' alias when there is more than one alias listed. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7624">#7624</a>)</li> <li>Updated Data Connect emulator to v1.15.0, which includes bug fixes for <code>insertMany</code> and improved error handling.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/firebase/firebase-tools/commit/7dd671b81c0aad09b864a3de4fb3ee82b4564f2b"><code>7dd671b</code></a> 13.21.0</li> <li><a href="https://github.com/firebase/firebase-tools/commit/a2201fb9c64b0759ad5149d5947e6dddba5ceeb3"><code>a2201fb</code></a> Updated to Data connect emulator 1.5.0 (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7805">#7805</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/bfc3fd4d638be7fbdac34800ed889dbb3ef27853"><code>bfc3fd4</code></a> Use 'default' alias if there are multiple aliases (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7804">#7804</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/1085394c7c3c523323f4bdf43c38aec63c7e382c"><code>1085394</code></a> Print instructions to assist FDC Onboard Flow (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7802">#7802</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/f350d6063acec4065ed4c4bb6aa6479f2972e108"><code>f350d60</code></a> Create rollout from branch or git commit (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7687">#7687</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/158c2b572a2d8a977b617793d33cf373331b8389"><code>158c2b5</code></a> FDC SDK init use the same outputDir pattern for both CLI and VS Code (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7790">#7790</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/36ce505086124c9ed13fb2878abb8e48fa84340c"><code>36ce505</code></a> [FDC] Remove confusing prompts (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7801">#7801</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/cbc44c06cf066314444e8e6f00f623b5b292ecd2"><code>cbc44c0</code></a> Update text for SDK Configuration button (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7798">#7798</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/c43d72b9effad5f17af9ca047b144b326eaea96c"><code>c43d72b</code></a> Maintenance (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7789">#7789</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/495cb72c8e7a4270a4e9d602fddc9ee8fdca53d6"><code>495cb72</code></a> Apphosting emulator - environment variable support (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7781">#7781</a>)</li> <li>Additional commits viewable in <a href="https://github.com/firebase/firebase-tools/compare/v13.20.2...v13.21.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.1 to 4.4.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.4.2</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/artifact</code> to 2.1.11 by <a href="https://github.com/robherley"><code>@robherley</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/627">actions/upload-artifact#627</a> <ul> <li>Includes fix for relative symlinks not resolving properly</li> </ul> </li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v4.4.2">https://github.com/actions/upload-artifact/compare/v4...v4.4.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/84480863f228bb9747b473957fcc9e309aa96097"><code>8448086</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/627">#627</a> from actions/robherley/v4.4.2</li> <li><a href="https://github.com/actions/upload-artifact/commit/b1d4642b699cfe7e338a864cc36849b29ad04a75"><code>b1d4642</code></a> add explicit relative and absolute symlinks to workflow</li> <li><a href="https://github.com/actions/upload-artifact/commit/d50e66084c4d29dc5d3326b7a0e67bed9ef4bb1e"><code>d50e660</code></a> bump version</li> <li><a href="https://github.com/actions/upload-artifact/commit/aabe6f8050b860cae7a9065282dde2b3227836aa"><code>aabe6f8</code></a> build with <code>@actions/artifact</code> v2.1.11</li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/604373da6381bf24206979c74d06a550515601b9...84480863f228bb9747b473957fcc9e309aa96097">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [firebase-tools](https://github.com/firebase/firebase-tools) from 13.21.0 to 13.22.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/firebase/firebase-tools/releases">firebase-tools's releases</a>.</em></p> <blockquote> <h2>v13.22.0</h2> <ul> <li>Fixed an issue where running the CLI in IDX required immediate reauthentication.</li> <li>Added App Hosting as an option for firebase init. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7803">#7803</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/firebase/firebase-tools/commit/6ea6b3df599c73c7819f5ce569156e042f1e5b5a"><code>6ea6b3d</code></a> 13.22.0</li> <li><a href="https://github.com/firebase/firebase-tools/commit/80060cfc9be259fe69ad801482f970c6e808fa12"><code>80060cf</code></a> Centralize logs when not in a firebase directory (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7811">#7811</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/82bfe473346ba84cd236469da79183fadb16c8d4"><code>82bfe47</code></a> Always include the default template the data connect (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7810">#7810</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/60daa4dfd1e315bd41ca45bfb2f14845fee17298"><code>60daa4d</code></a> Updated requireAuth to include getting the access token (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7806">#7806</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/17aa98cb3e7e699e6a140ef92d701e0a38671002"><code>17aa98c</code></a> update to 0.10.3 (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7807">#7807</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/c3de090a3105518f0565411f3c95bcade525c6ad"><code>c3de090</code></a> Add App Hosting as an option for firebase init (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7803">#7803</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/b776cc11b6170405e3fc6375caf6f1c4928f4813"><code>b776cc1</code></a> [firebase-release] Removed change log and reset repo after 13.21.0 release</li> <li>See full diff in <a href="https://github.com/firebase/firebase-tools/compare/v13.21.0...v13.22.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Resolves dart-lang/site-www#6076 This does not discuss "doc imports"; I'd like that to be a separate addition. --------- Co-authored-by: Parker Lougheed <[email protected]>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.2 to 4.4.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.4.3</h2> <h2>What's Changed</h2> <ul> <li>Undo indirect dependency updates from <a href="https://redirect.github.com/actions/upload-artifact/issues/627">#627</a> by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/632">actions/upload-artifact#632</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.4.2...v4.4.3">https://github.com/actions/upload-artifact/compare/v4.4.2...v4.4.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882"><code>b4b15b8</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/632">#632</a> from actions/joshmgross/undo-dependency-changes</li> <li><a href="https://github.com/actions/upload-artifact/commit/92b01ebffaf2e2520c64ab2845d3f9bd5c06941a"><code>92b01eb</code></a> Undo indirect dependency updates from <a href="https://redirect.github.com/actions/upload-artifact/issues/627">#627</a></li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/84480863f228bb9747b473957fcc9e309aa96097...b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [hast-util-select](https://github.com/syntax-tree/hast-util-select) from 6.0.2 to 6.0.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/syntax-tree/hast-util-select/releases">hast-util-select's releases</a>.</em></p> <blockquote> <h2>6.0.3</h2> <h4>Miscellaneous</h4> <ul> <li>bb9649b Remove unused dependency <code>not</code> by <a href="https://github.com/remcohaszing"><code>@remcohaszing</code></a> in <a href="https://redirect.github.com/syntax-tree/hast-util-select/pull/9">syntax-tree/hast-util-select#9</a></li> </ul> <h4>Types</h4> <ul> <li>6295f8e Add declaration maps</li> <li>3b28c25 Refactor to use <code>@import</code>s</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/syntax-tree/hast-util-select/compare/6.0.2...6.0.3">https://github.com/syntax-tree/hast-util-select/compare/6.0.2...6.0.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/syntax-tree/hast-util-select/commit/7a97edbce41c8e8f913071188531e1de48a5e4c1"><code>7a97edb</code></a> 6.0.3</li> <li><a href="https://github.com/syntax-tree/hast-util-select/commit/c19b235f7bb6c2a0351568620212cad8ca101daa"><code>c19b235</code></a> Refactor <code>package.json</code></li> <li><a href="https://github.com/syntax-tree/hast-util-select/commit/530e681b1a8c5f2f9c68941cb353245eb62a3def"><code>530e681</code></a> Remove license year</li> <li><a href="https://github.com/syntax-tree/hast-util-select/commit/6295f8ed9c74bc31aaa2939ee95b70d476a9543f"><code>6295f8e</code></a> Add declaration maps</li> <li><a href="https://github.com/syntax-tree/hast-util-select/commit/123097b31a544f831f5c7dbe1a46911325e095a3"><code>123097b</code></a> Refactor <code>.editorconfig</code></li> <li><a href="https://github.com/syntax-tree/hast-util-select/commit/3b28c258ebd124b8fb000fd42301dd42fa9cbb85"><code>3b28c25</code></a> Refactor to use <code>@import</code>s</li> <li><a href="https://github.com/syntax-tree/hast-util-select/commit/bb9649be746d097bc8c4a5f9b38fe9586f4d03ff"><code>bb9649b</code></a> Remove unused dependency <code>not</code></li> <li><a href="https://github.com/syntax-tree/hast-util-select/commit/b906f0c402a87babcad43108a804393e64380465"><code>b906f0c</code></a> Update Node in Actions</li> <li><a href="https://github.com/syntax-tree/hast-util-select/commit/ab088defd638212bcdc30bf5cd6b6f478ddef620"><code>ab088de</code></a> Add <code>.tsbuildinfo</code> to <code>.gitignore</code></li> <li><a href="https://github.com/syntax-tree/hast-util-select/commit/174280999909bdc467aeb27d1a4dd5d880cea2f6"><code>1742809</code></a> Fix tests for changes in <code>css-selector-parser</code></li> <li>Additional commits viewable in <a href="https://github.com/syntax-tree/hast-util-select/compare/6.0.2...6.0.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sass](https://github.com/sass/dart-sass) from 1.79.4 to 1.79.5. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/blob/main/CHANGELOG.md">sass's changelog</a>.</em></p> <blockquote> <h2>1.79.5</h2> <ul> <li> <p>Changes to how <code>selector.unify()</code> and <code>@extend</code> combine selectors:</p> <ul> <li> <p>The relative order of pseudo-classes (like <code>:hover</code>) and pseudo-elements (like <code>::before</code>) within each original selector is now preserved when they're combined.</p> </li> <li> <p>Pseudo selectors are now consistently placed at the end of the combined selector, regardless of which selector they came from. Previously, this reordering only applied to pseudo-selectors in the second selector.</p> </li> </ul> </li> <li> <p>Tweak the color transformation matrices for OKLab and OKLCH to match the newer, more accurate values in the CSS spec.</p> </li> <li> <p>Fix a slight inaccuracy case when converting to <code>srgb-linear</code> and <code>display-p3</code>.</p> </li> <li> <p><strong>Potentially breaking bug fix:</strong> <code>math.unit()</code> now wraps multiple denominator units in parentheses. For example, <code>px/(em*em)</code> instead of <code>px/em*em</code>.</p> </li> </ul> <h3>Command-Line Interface</h3> <ul> <li>Use <code>@parcel/watcher</code> to watch the filesystem when running from JavaScript and not using <code>--poll</code>. This should mitigate more frequent failures users have been seeing since version 4.0.0 of Chokidar, our previous watching tool, was released.</li> </ul> <h3>JS API</h3> <ul> <li>Fix <code>SassColor.interpolate()</code> to allow an undefined <code>options</code> parameter, as the types indicate.</li> </ul> <h3>Embedded Sass</h3> <ul> <li>Properly pass missing color channel values to and from custom functions.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sass/dart-sass/commit/7290399fb175c491be7bfb568253cbe0fc6061fc"><code>7290399</code></a> Partially replace chokidar with <code>@parcel/watcher</code> (<a href="https://redirect.github.com/sass/dart-sass/issues/2379">#2379</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/85b467b3317d8e31a2c100eda17400fe91da2988"><code>85b467b</code></a> Update LMS matrices (<a href="https://redirect.github.com/sass/dart-sass/issues/2374">#2374</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/2c5f1e9df0285d52e4c1300a01c5d6b19b8157be"><code>2c5f1e9</code></a> Use correct notation for multiple denominator units (<a href="https://redirect.github.com/sass/dart-sass/issues/2375">#2375</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/d58e2191b67cd6d20db335c280950e641be3f0d4"><code>d58e219</code></a> Add <code>sass-parser</code> support for for the <code>@supports</code> rule (<a href="https://redirect.github.com/sass/dart-sass/issues/2378">#2378</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/5535d1f9a1272c7107bb55834ee504f11026b6c5"><code>5535d1f</code></a> Fix srgb to linear (<a href="https://redirect.github.com/sass/dart-sass/issues/2372">#2372</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/5acae8af28b01a8372570b9d69a28f2e6c496910"><code>5acae8a</code></a> Fix JS API <code>color.interpolate(color2)</code> without options (<a href="https://redirect.github.com/sass/dart-sass/issues/2369">#2369</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/4890989da3dee3e2f54f19feb48fb05d11b81cd4"><code>4890989</code></a> Add support for missing color channels to the protofier (<a href="https://redirect.github.com/sass/dart-sass/issues/2366">#2366</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/67fecff83ae67d68875da6f3f07ff79d594de5da"><code>67fecff</code></a> unifyComound() and unifyComplex() no longer move pseudo-classes across pseudo...</li> <li>See full diff in <a href="https://github.com/sass/dart-sass/compare/1.79.4...1.79.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Commit faa3ca3 moved the location of `variables.md`. This PR adjusts sources to changes. --- Signed-off-by: Emmanuel Ferdman <[email protected]>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.12 to 3.26.13. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.26.13 - 14 Oct 2024</h2> <p>No user facing changes.</p> <h2>3.26.12 - 07 Oct 2024</h2> <ul> <li> <p><em>Upcoming breaking change</em>: Add a deprecation warning for customers using CodeQL version 2.14.5 and earlier. These versions of CodeQL were discontinued on 24 September 2024 alongside GitHub Enterprise Server 3.10, and will be unsupported by CodeQL Action versions 3.27.0 and later and versions 2.27.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2520">#2520</a></p> <ul> <li> <p>If you are using one of these versions, please update to CodeQL CLI version 2.14.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</p> </li> <li> <p>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.13.5 and 2.14.5, you can replace <code>github/codeql-action/*@V3</code> by <code>github/codeql-action/*@v3.26.11</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.26.11</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</p> </li> </ul> </li> </ul> <h2>3.26.11 - 03 Oct 2024</h2> <ul> <li> <p><em>Upcoming breaking change</em>: Add support for using <code>actions/download-artifact@v4</code> to programmatically consume CodeQL Action debug artifacts.</p> <p>Starting November 30, 2024, GitHub.com customers will <a href="https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/">no longer be able to use <code>actions/download-artifact@v3</code></a>. Therefore, to avoid breakage, customers who programmatically download the CodeQL Action debug artifacts should set the <code>CODEQL_ACTION_ARTIFACT_V4_UPGRADE</code> environment variable to <code>true</code> and bump <code>actions/download-artifact@v3</code> to <code>actions/download-artifact@v4</code> in their workflows. The CodeQL Action will enable this behavior by default in early November and workflows that have not yet bumped to <code>actions/download-artifact@v3</code> to <code>actions/download-artifact@v4</code> will begin failing then.</p> <p>This change is currently unavailable for GitHub Enterprise Server customers, as <code>actions/upload-artifact@v4</code> and <code>actions/download-artifact@v4</code> are not yet compatible with GHES.</p> </li> <li> <p>Update default CodeQL bundle version to 2.19.1. <a href="https://redirect.github.com/github/codeql-action/pull/2519">#2519</a></p> </li> </ul> <h2>3.26.10 - 30 Sep 2024</h2> <ul> <li>We are rolling out a feature in September/October 2024 that sets up CodeQL using a bundle compressed with <a href="http://facebook.github.io/zstd/">Zstandard</a>. Our aim is to improve the performance of setting up CodeQL. <a href="https://redirect.github.com/github/codeql-action/pull/2502">#2502</a></li> </ul> <h2>3.26.9 - 24 Sep 2024</h2> <p>No user facing changes.</p> <h2>3.26.8 - 19 Sep 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.19.0. <a href="https://redirect.github.com/github/codeql-action/pull/2483">#2483</a></li> </ul> <h2>3.26.7 - 13 Sep 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.4. <a href="https://redirect.github.com/github/codeql-action/pull/2471">#2471</a></li> </ul> <h2>3.26.6 - 29 Aug 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.3. <a href="https://redirect.github.com/github/codeql-action/pull/2449">#2449</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/f779452ac5af1c261dce0346a8f964149f49322b"><code>f779452</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2539">#2539</a> from github/update-v3.26.13-0c3e00641</li> <li><a href="https://github.com/github/codeql-action/commit/532932479b339a320b8f0f106cf17cb6f27625ab"><code>5329324</code></a> Update CHANGELOG.md</li> <li><a href="https://github.com/github/codeql-action/commit/007ba256485136f6179e827b998b3c9125fcbcee"><code>007ba25</code></a> Update changelog for v3.26.13</li> <li><a href="https://github.com/github/codeql-action/commit/0c3e0064168c8e68650d4d5d2eaa7f5b14c2e089"><code>0c3e006</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2536">#2536</a> from yoff/python/ff-std-lib-extraction</li> <li><a href="https://github.com/github/codeql-action/commit/38469af22844c7bb1302fd0bde937f95fae05417"><code>38469af</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2537">#2537</a> from github/henrymercer/no-zstd-windows</li> <li><a href="https://github.com/github/codeql-action/commit/5b6984ee4d8d4337aa84b946951459213dd36daf"><code>5b6984e</code></a> Assert that Windows downloads gzip</li> <li><a href="https://github.com/github/codeql-action/commit/eefb943f7e5f85e6e26fff781c173475ecfe9f4f"><code>eefb943</code></a> Don't use Zstandard bundles on Windows</li> <li><a href="https://github.com/github/codeql-action/commit/201e02efe22c245c1d4fc9b579583c1ef037dfe6"><code>201e02e</code></a> rebuild the action</li> <li><a href="https://github.com/github/codeql-action/commit/ce5f900bfc4f4f7d32fd4106942380d167a1e43c"><code>ce5f900</code></a> formatting</li> <li><a href="https://github.com/github/codeql-action/commit/65dd816de1c1c6fc94d0885d009da0db1545df07"><code>65dd816</code></a> remove unused import</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/c36620d31ac7c881962c3d9dd939c40ec9434f2b...f779452ac5af1c261dce0346a8f964149f49322b">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Split repository into three workspaces to simplify setup before editing Dart files and reduce analysis time. - The root pubspec and the tooling underlying `./dash_site` in `/tool/dart_site`. - The packages in `/tool/get-dart` as they are rarely edited. - All of the examples in `/examples`, mostly used for code excerpts.
Resolves dart-lang/site-www#5254. --------- Co-authored-by: Parker Lougheed <[email protected]>
Fixes #5901 --------- Co-authored-by: Parker Lougheed <[email protected]> Co-authored-by: RikinR <[email protected]>
Accounts for a recent change in directory structure.
Bumps [firebase-tools](https://github.com/firebase/firebase-tools) from 13.22.0 to 13.22.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/firebase/firebase-tools/releases">firebase-tools's releases</a>.</em></p> <blockquote> <h2>v13.22.1</h2> <ul> <li>Updated dependencies in functions initialization template. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7809">#7809</a>)</li> <li>Fixed Flutter web apps that might require the --no-tree-shake-icons flag in order to build. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7724">#7724</a>)</li> <li>Removed outdated dependency on <code>rimraf</code>.</li> <li>Fixed an issue where the Extensions emulator would fail silently if started with a non-existant project without the <code>demo-</code> prefix. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7779">#7779</a>)</li> <li>Bumped the Firebase Data Connect local toolkit version to v1.5.1, which adds compatible mode schema migration support to the emulator and fixes an issue with the Timestamp type in Swift codegen. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7837">#7837</a>)</li> <li>Fixed an issue during functions discovery where <code>FUNCTIONS_DISCOVERY_TIMEOUT</code> wasn't respected. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/6285">#6285</a>)</li> <li>Improved handling when <code>emulators:export</code> cannot read the metadata file.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/firebase/firebase-tools/commit/0d8e546093a27847a8ebf8c2bf6b304d2a352f84"><code>0d8e546</code></a> 13.22.1</li> <li><a href="https://github.com/firebase/firebase-tools/commit/9eed361bc6391977507b32e013128dea417719da"><code>9eed361</code></a> Use FUNCTIONS_DISCOVERY_TIMEOUT when waiting for sockets (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7838">#7838</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/372d0b190a84e70c8f41cd71c6d2b9d1ef04f224"><code>372d0b1</code></a> chore: update dependencies for firebase functions template (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7809">#7809</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/1863f9148fcb32c28283f62612fc8e14157d5a46"><code>1863f91</code></a> Focus terminal for shell tasks. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7832">#7832</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/3e84ee86e98eb51df7ebb325a4b9a0572bb031df"><code>3e84ee8</code></a> Improved handling when <code>emulators:export</code> cannot read the metadata file. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7839">#7839</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/04c2296024e0c310f69628818d174df4198d5338"><code>04c2296</code></a> Bump FDC local toolkit to v1.5.1. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7837">#7837</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/e4861d213d8ffd8095a72e7245ab979705234525"><code>e4861d2</code></a> Update findOpenPort to check ipv4 (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7824">#7824</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/6fc0edbf1efd97fbe6569cf14325a40e93c14922"><code>6fc0edb</code></a> This is to change the VScode command to focus the sidebar from `sidebar.focus...</li> <li><a href="https://github.com/firebase/firebase-tools/commit/e72735752398561899204496538bdae967d49b33"><code>e727357</code></a> Replace rimraf dependencies by built-in Node APIs (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7826">#7826</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/65f30e455a76318931003b49d3ca431a0d4aab46"><code>65f30e4</code></a> Better error when incorrect project ID is used. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7827">#7827</a>)</li> <li>Additional commits viewable in <a href="https://github.com/firebase/firebase-tools/compare/v13.22.0...v13.22.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sass](https://github.com/sass/dart-sass) from 1.79.5 to 1.80.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/releases">sass's releases</a>.</em></p> <blockquote> <h2>Dart Sass 1.80.1</h2> <p>To install Sass 1.80.1, download one of the packages below and <a href="https://katiek2.github.io/path-doc/">add it to your PATH</a>, or see <a href="https://sass-lang.com/install">the Sass website</a> for full installation instructions.</p> <h1>Changes</h1> <ul> <li>Fix a bug where repeated deprecation warnings were not automatically limited.</li> </ul> <p>See the <a href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#1801">full changelog</a> for changes in earlier releases.</p> <h2>Dart Sass 1.80.0</h2> <p>To install Sass 1.80.0, download one of the packages below and <a href="https://katiek2.github.io/path-doc/">add it to your PATH</a>, or see <a href="https://sass-lang.com/install">the Sass website</a> for full installation instructions.</p> <h1>Changes</h1> <ul> <li><code>@import</code> is now officially deprecated, as are global built-in functions that are available within built-in modules. See <a href="https://sass-lang.com/blog/import-is-deprecated/">the Sass blog post</a> for more details on the deprecation process.</li> </ul> <h3>Embedded Host</h3> <ul> <li>Fix an error that would sometimes occur when deprecation warnings were emitted when using a custom importer with the legacy API.</li> </ul> <p>See the <a href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#1800">full changelog</a> for changes in earlier releases.</p> <h2>Dart Sass 1.79.6</h2> <p>To install Sass 1.79.6, download one of the packages below and <a href="https://katiek2.github.io/path-doc/">add it to your PATH</a>, or see <a href="https://sass-lang.com/install">the Sass website</a> for full installation instructions.</p> <h1>Changes</h1> <ul> <li> <p>Fix a bug where Sass would add an extra <code>*/</code> after loud comments with whitespace after an explicit <code>*/</code> in the indented syntax.</p> </li> <li> <p><strong>Potentially breaking bug fix:</strong> Adding text after an explicit <code>*/</code> in the indented syntax is now an error, rather than silently generating invalid CSS.</p> </li> </ul> <h3>Embedded Host</h3> <ul> <li>Properly export the <code>SassBoolean</code> type.</li> </ul> <p>See the <a href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#1796">full changelog</a> for changes in earlier releases.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/blob/main/CHANGELOG.md">sass's changelog</a>.</em></p> <blockquote> <h2>1.80.1</h2> <ul> <li>Fix a bug where repeated deprecation warnings were not automatically limited.</li> </ul> <h2>1.80.0</h2> <ul> <li><code>@import</code> is now officially deprecated, as are global built-in functions that are available within built-in modules. See <a href="https://sass-lang.com/blog/import-is-deprecated/">the Sass blog post</a> for more details on the deprecation process.</li> </ul> <h3>Embedded Host</h3> <ul> <li>Fix an error that would sometimes occur when deprecation warnings were emitted when using a custom importer with the legacy API.</li> </ul> <h2>1.79.6</h2> <ul> <li> <p>Fix a bug where Sass would add an extra <code>*/</code> after loud comments with whitespace after an explicit <code>*/</code> in the indented syntax.</p> </li> <li> <p><strong>Potentially breaking bug fix:</strong> Adding text after an explicit <code>*/</code> in the indented syntax is now an error, rather than silently generating invalid CSS.</p> </li> </ul> <h3>Embedded Host</h3> <ul> <li>Properly export the <code>SassBoolean</code> type.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sass/dart-sass/commit/e6391d368458235ad19f8b674cb15a405f26a2ae"><code>e6391d3</code></a> Always limit the repetition of loggers (<a href="https://redirect.github.com/sass/dart-sass/issues/2391">#2391</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/ab19f94b144ca51c62416e1a6aca6c9a90dcbd23"><code>ab19f94</code></a> Deprecate <a href="https://github.com/import"><code>@import</code></a> and global builtins (<a href="https://redirect.github.com/sass/dart-sass/issues/2282">#2282</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/f7b2e63768ec70ee0903a1a6e7fdac4fbe90fa03"><code>f7b2e63</code></a> Fix GitHub Actions config (<a href="https://redirect.github.com/sass/dart-sass/issues/2387">#2387</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/1e27aebaae6ec3a908b70747c85603a748238864"><code>1e27aeb</code></a> Add a changelog entry for <a href="https://redirect.github.com/sass/embedded-host-node/issues/338">sass/embedded-host-node#338</a> (<a href="https://redirect.github.com/sass/dart-sass/issues/2384">#2384</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/73ff9a9d352b91965ee1ee4a40da583fc52da033"><code>73ff9a9</code></a> Don't generate extra <code>*/</code>s for trailing whitespace in Sass (<a href="https://redirect.github.com/sass/dart-sass/issues/2383">#2383</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/164224fdf2377b89b25a1aad8e3ec316c7aad874"><code>164224f</code></a> Update QEMU (<a href="https://redirect.github.com/sass/dart-sass/issues/2382">#2382</a>)</li> <li>See full diff in <a href="https://github.com/sass/dart-sass/compare/1.79.5...1.80.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [liquidjs](https://github.com/harttle/liquidjs) from 10.17.0 to 10.18.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/harttle/liquidjs/releases">liquidjs's releases</a>.</em></p> <blockquote> <h2>v10.18.0</h2> <h1><a href="https://github.com/harttle/liquidjs/compare/v10.17.0...v10.18.0">10.18.0</a> (2024-10-16)</h1> <h3>Features</h3> <ul> <li>expose FilterToken to filter <code>this</code>, <a href="https://redirect.github.com/harttle/liquidjs/issues/762">#762</a> (<a href="https://github.com/harttle/liquidjs/commit/d705888c8d46d9dd95fcb41c0fb7bfbaf647eddd">d705888</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/harttle/liquidjs/blob/master/CHANGELOG.md">liquidjs's changelog</a>.</em></p> <blockquote> <h1><a href="https://github.com/harttle/liquidjs/compare/v10.17.0...v10.18.0">10.18.0</a> (2024-10-16)</h1> <h3>Features</h3> <ul> <li>expose FilterToken to filter <code>this</code>, <a href="https://redirect.github.com/harttle/liquidjs/issues/762">#762</a> (<a href="https://github.com/harttle/liquidjs/commit/d705888c8d46d9dd95fcb41c0fb7bfbaf647eddd">d705888</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/harttle/liquidjs/commit/09aca0d7b3a497879054873f426dcff9e7705803"><code>09aca0d</code></a> chore(release): 10.18.0 [skip ci]</li> <li><a href="https://github.com/harttle/liquidjs/commit/d705888c8d46d9dd95fcb41c0fb7bfbaf647eddd"><code>d705888</code></a> feat: expose FilterToken to filter <code>this</code>, <a href="https://redirect.github.com/harttle/liquidjs/issues/762">#762</a></li> <li><a href="https://github.com/harttle/liquidjs/commit/59da3fa54378a4aea1af9c31100a3f3ac084ab16"><code>59da3fa</code></a> docs: add Neamar as a contributor for doc (<a href="https://redirect.github.com/harttle/liquidjs/issues/758">#758</a>)</li> <li><a href="https://github.com/harttle/liquidjs/commit/4490e4b7898538f1eae7cf9a74849418de0fde5a"><code>4490e4b</code></a> Replace trimValue with trimOutput (<a href="https://redirect.github.com/harttle/liquidjs/issues/757">#757</a>)</li> <li>See full diff in <a href="https://github.com/harttle/liquidjs/compare/v10.17.0...v10.18.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
These docs were copied from, and therefore already reviewed in the SDK.
Bumps [sass](https://github.com/sass/dart-sass) from 1.80.1 to 1.80.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/releases">sass's releases</a>.</em></p> <blockquote> <h2>Dart Sass 1.80.2</h2> <p>To install Sass 1.80.2, download one of the packages below and <a href="https://katiek2.github.io/path-doc/">add it to your PATH</a>, or see <a href="https://sass-lang.com/install">the Sass website</a> for full installation instructions.</p> <h1>Changes</h1> <ul> <li>Fix a bug where deprecation warnings were incorrectly emitted for the plain-CSS <code>invert()</code> function.</li> </ul> <p>See the <a href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#1802">full changelog</a> for changes in earlier releases.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/blob/main/CHANGELOG.md">sass's changelog</a>.</em></p> <blockquote> <h2>1.80.2</h2> <ul> <li>Fix a bug where deprecation warnings were incorrectly emitted for the plain-CSS <code>invert()</code> function.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sass/dart-sass/commit/2ad213305b949ae5aea33574d4b90905708094c3"><code>2ad2133</code></a> Don't emit warnings for plain-CSS <code>invert()</code> (<a href="https://redirect.github.com/sass/dart-sass/issues/2394">#2394</a>)</li> <li>See full diff in <a href="https://github.com/sass/dart-sass/compare/1.80.1...1.80.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sass](https://github.com/sass/dart-sass) from 1.80.2 to 1.80.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/releases">sass's releases</a>.</em></p> <blockquote> <h2>Dart Sass 1.80.3</h2> <p>To install Sass 1.80.3, download one of the packages below and <a href="https://katiek2.github.io/path-doc/">add it to your PATH</a>, or see <a href="https://sass-lang.com/install">the Sass website</a> for full installation instructions.</p> <h1>Changes</h1> <ul> <li> <p>Fix a bug where <code>@import url("...")</code> would crash in plain CSS files.</p> </li> <li> <p>Improve consistency of how warnings are emitted by different parts of the compiler. This should result in minimal user-visible changes, but different types of warnings should now respond more reliably to flags like <code>--quiet</code>, <code>--verbose</code>, and <code>--silence-deprecation</code>.</p> </li> </ul> <p>See the <a href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#1803">full changelog</a> for changes in earlier releases.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/blob/main/CHANGELOG.md">sass's changelog</a>.</em></p> <blockquote> <h2>1.80.3</h2> <ul> <li> <p>Fix a bug where <code>@import url("...")</code> would crash in plain CSS files.</p> </li> <li> <p>Improve consistency of how warnings are emitted by different parts of the compiler. This should result in minimal user-visible changes, but different types of warnings should now respond more reliably to flags like <code>--quiet</code>, <code>--verbose</code>, and <code>--silence-deprecation</code>.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sass/dart-sass/commit/76cfd6b331be205497935a94e922b2eac26b5394"><code>76cfd6b</code></a> Fix <code>@import url("...")</code> in plain CSS (<a href="https://redirect.github.com/sass/dart-sass/issues/2398">#2398</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/60d440a60dfba602cba2d88f2f292faed8784339"><code>60d440a</code></a> Emit all warnings in the evaluator (<a href="https://redirect.github.com/sass/dart-sass/issues/2396">#2396</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/01b2a5bb75ffd7745afa691414cc1b8c191dbd75"><code>01b2a5b</code></a> Fix setup-node (<a href="https://redirect.github.com/sass/dart-sass/issues/2395">#2395</a>)</li> <li>See full diff in <a href="https://github.com/sass/dart-sass/compare/1.80.2...1.80.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Converts the site-wide glossary to be hosted in a YAML file. Initially, only a few of the fields are used: - `term` - for the header entry and default fragment - `id` - _(optional)_ to override the default fragment - `long_description` - (but will fallback to `short_description` if missing) - `related_links` - For linking to other docs A few other fields have been added for experimentation but are not yet used or surfaced. - `short_description` - A shorter description to be shown on hover - `category` - A primary category for the term - `labels` - Labels/topics that can be used for filtration - `alternate` - Alternate and related terms that should lead to this entry. Could be because they are synonyms or that term doesn't yet have a specific entry of its own, but is still relevant enough. Also new to the page: - A horizontal line between entries to help visually separate them. - A related links section after the long description. The current style of this information will likely be completely replaced as more information is surfaced and filtering is added. --- This work is roughly based on the design proposed in https://flutter.dev/go/glossary-expansion and the [Fuchsia glossary](https://fuchsia.dev/fuchsia-src/contribute/docs/glossary-entries). Resolves dart-lang/site-www#6143
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.13 to 3.27.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/releases">github/codeql-action's releases</a>.</em></p> <blockquote> <h2>v3.27.0</h2> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>3.27.0 - 22 Oct 2024</h2> <ul> <li>Bump the minimum CodeQL bundle version to 2.14.6. <a href="https://redirect.github.com/github/codeql-action/pull/2549">#2549</a></li> <li>Fix an issue where the <code>upload-sarif</code> Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by the <code>upload-sarif</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2557">#2557</a></li> <li>Update default CodeQL bundle version to 2.19.2. <a href="https://redirect.github.com/github/codeql-action/pull/2552">#2552</a></li> </ul> <p>See the full <a href="https://github.com/github/codeql-action/blob/v3.27.0/CHANGELOG.md">CHANGELOG.md</a> for more information.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.27.0 - 22 Oct 2024</h2> <ul> <li>Bump the minimum CodeQL bundle version to 2.14.6. <a href="https://redirect.github.com/github/codeql-action/pull/2549">#2549</a></li> <li>Fix an issue where the <code>upload-sarif</code> Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by the <code>upload-sarif</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2557">#2557</a></li> <li>Update default CodeQL bundle version to 2.19.2. <a href="https://redirect.github.com/github/codeql-action/pull/2552">#2552</a></li> </ul> <h2>3.26.13 - 14 Oct 2024</h2> <p>No user facing changes.</p> <h2>3.26.12 - 07 Oct 2024</h2> <ul> <li> <p><em>Upcoming breaking change</em>: Add a deprecation warning for customers using CodeQL version 2.14.5 and earlier. These versions of CodeQL were discontinued on 24 September 2024 alongside GitHub Enterprise Server 3.10, and will be unsupported by CodeQL Action versions 3.27.0 and later and versions 2.27.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2520">#2520</a></p> <ul> <li> <p>If you are using one of these versions, please update to CodeQL CLI version 2.14.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</p> </li> <li> <p>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.13.5 and 2.14.5, you can replace <code>github/codeql-action/*@V3</code> by <code>github/codeql-action/*@v3.26.11</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.26.11</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</p> </li> </ul> </li> </ul> <h2>3.26.11 - 03 Oct 2024</h2> <ul> <li> <p><em>Upcoming breaking change</em>: Add support for using <code>actions/download-artifact@v4</code> to programmatically consume CodeQL Action debug artifacts.</p> <p>Starting November 30, 2024, GitHub.com customers will <a href="https://github.blog/changelog/2024-04-16-deprecation-notice-v3-of-the-artifact-actions/">no longer be able to use <code>actions/download-artifact@v3</code></a>. Therefore, to avoid breakage, customers who programmatically download the CodeQL Action debug artifacts should set the <code>CODEQL_ACTION_ARTIFACT_V4_UPGRADE</code> environment variable to <code>true</code> and bump <code>actions/download-artifact@v3</code> to <code>actions/download-artifact@v4</code> in their workflows. The CodeQL Action will enable this behavior by default in early November and workflows that have not yet bumped to <code>actions/download-artifact@v3</code> to <code>actions/download-artifact@v4</code> will begin failing then.</p> <p>This change is currently unavailable for GitHub Enterprise Server customers, as <code>actions/upload-artifact@v4</code> and <code>actions/download-artifact@v4</code> are not yet compatible with GHES.</p> </li> <li> <p>Update default CodeQL bundle version to 2.19.1. <a href="https://redirect.github.com/github/codeql-action/pull/2519">#2519</a></p> </li> </ul> <h2>3.26.10 - 30 Sep 2024</h2> <ul> <li>We are rolling out a feature in September/October 2024 that sets up CodeQL using a bundle compressed with <a href="http://facebook.github.io/zstd/">Zstandard</a>. Our aim is to improve the performance of setting up CodeQL. <a href="https://redirect.github.com/github/codeql-action/pull/2502">#2502</a></li> </ul> <h2>3.26.9 - 24 Sep 2024</h2> <p>No user facing changes.</p> <h2>3.26.8 - 19 Sep 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.19.0. <a href="https://redirect.github.com/github/codeql-action/pull/2483">#2483</a></li> </ul> <h2>3.26.7 - 13 Sep 2024</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/github/codeql-action/commit/662472033e021d55d94146f66f6058822b0b39fd"><code>6624720</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2561">#2561</a> from github/update-v3.27.0-b35b023d9</li> <li><a href="https://github.com/github/codeql-action/commit/ce7c2b560da6747133b72eb2f33503a6c4da9c15"><code>ce7c2b5</code></a> Update changelog for v3.27.0</li> <li><a href="https://github.com/github/codeql-action/commit/b35b023d9b1296658ca1bcb95dcd0336f9d23f0b"><code>b35b023</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2552">#2552</a> from github/update-bundle/codeql-bundle-v2.19.2</li> <li><a href="https://github.com/github/codeql-action/commit/dafc762411c1755f00abee84283eaa85d438af2e"><code>dafc762</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2560">#2560</a> from github/aeisenberg/fix-required-checks</li> <li><a href="https://github.com/github/codeql-action/commit/0d1eb88b60733b6720210d591c48ebc9e961d42c"><code>0d1eb88</code></a> Remove ESLint from required checks</li> <li><a href="https://github.com/github/codeql-action/commit/0a30541440699f21b772e5ef95c912f097514855"><code>0a30541</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2558">#2558</a> from github/dependabot/npm_and_yarn/npm-6515e6e328</li> <li><a href="https://github.com/github/codeql-action/commit/2a6a6ad1c809216132b8a6a8c1f5873fff3f400a"><code>2a6a6ad</code></a> Update checked-in dependencies</li> <li><a href="https://github.com/github/codeql-action/commit/26c18c2c1f382ccd402aec5dd18d9ff6d0097891"><code>26c18c2</code></a> Bump the npm group with 3 updates</li> <li><a href="https://github.com/github/codeql-action/commit/7080a68cbca9319f3cf869f12f34acea853ad72d"><code>7080a68</code></a> Merge branch 'main' into update-bundle/codeql-bundle-v2.19.2</li> <li><a href="https://github.com/github/codeql-action/commit/63eb7bbf1f65c025536b3e7d083d89c1c161043c"><code>63eb7bb</code></a> Merge pull request <a href="https://redirect.github.com/github/codeql-action/issues/2551">#2551</a> from github/cklin/diff-informed-queries-feature</li> <li>Additional commits viewable in <a href="https://github.com/github/codeql-action/compare/f779452ac5af1c261dce0346a8f964149f49322b...662472033e021d55d94146f66f6058822b0b39fd">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sass](https://github.com/sass/dart-sass) from 1.80.3 to 1.80.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/releases">sass's releases</a>.</em></p> <blockquote> <h2>Dart Sass 1.80.4</h2> <p>To install Sass 1.80.4, download one of the packages below and <a href="https://katiek2.github.io/path-doc/">add it to your PATH</a>, or see <a href="https://sass-lang.com/install">the Sass website</a> for full installation instructions.</p> <h1>Changes</h1> <ul> <li>No user-visible changes.</li> </ul> <p>See the <a href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#1804">full changelog</a> for changes in earlier releases.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/blob/main/CHANGELOG.md">sass's changelog</a>.</em></p> <blockquote> <h2>1.80.4</h2> <ul> <li>No user-visible changes.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sass/dart-sass/commit/c907bcb57281b51efbd7b0957ac8a4d0bead8818"><code>c907bcb</code></a> Expose Expression.isCalculationSafe to sass_api (<a href="https://redirect.github.com/sass/dart-sass/issues/2404">#2404</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/37a05f97f3ee3cec8156e5a87076c0526477bdff"><code>37a05f9</code></a> Enable AOT build for android-riscv64 (<a href="https://redirect.github.com/sass/dart-sass/issues/2399">#2399</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/473ddf9100cce7b96d3ef01b8e060f8d4517a37e"><code>473ddf9</code></a> Add <code>sass-parser</code> support for the <code>@use</code> rule (<a href="https://redirect.github.com/sass/dart-sass/issues/2389">#2389</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/84e281eab82b9bb6912a9fbca5f76891d0de8eb7"><code>84e281e</code></a> Add <code>BooleanExpression</code> and <code>NumberExpression</code> to sass-parser (<a href="https://redirect.github.com/sass/dart-sass/issues/2376">#2376</a>)</li> <li>See full diff in <a href="https://github.com/sass/dart-sass/compare/1.80.3...1.80.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [firebase-tools](https://github.com/firebase/firebase-tools) from 13.22.1 to 13.23.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/firebase/firebase-tools/releases">firebase-tools's releases</a>.</em></p> <blockquote> <h2>v13.23.0</h2> <ul> <li>Add support for deploying new blocking triggers. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/6384">#6384</a>)</li> <li>Have the firestore:delete command retry on bandwidth exceeded errors. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7845">#7845</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/firebase/firebase-tools/commit/93846458f4bcc4d0b4619316d6edca31ad3240c7"><code>9384645</code></a> 13.23.0</li> <li><a href="https://github.com/firebase/firebase-tools/commit/995fab12d841434128ec0a131078ce4bb8818157"><code>995fab1</code></a> Removed console logs (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7858">#7858</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/5c53ccd5d2601db068fbd699e57d6263222ad93c"><code>5c53ccd</code></a> Have 'firebase firestore:delete' retry on bandwidth RESOURCE_EXHAUSTED errors...</li> <li><a href="https://github.com/firebase/firebase-tools/commit/2559645f59b8f7ba38d789f87c40dcf98ecc200d"><code>2559645</code></a> Set FIREBASE_BINARY as "firebasePath" user setting (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7857">#7857</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/39a5f63b032efbc4da39a0813608bc1685fdc6b8"><code>39a5f63</code></a> Cleaning up remnants of old vsce publish script (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7856">#7856</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/5649862a50bc8b9f001594b11633b40b4e8eb1c3"><code>5649862</code></a> Add support for deploying new blocking triggers (<a href="https://redirect.github.com/firebase/firebase-tools/issues/6384">#6384</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/310c7a6eec21560678d7171e04c84fc056801faf"><code>310c7a6</code></a> Start of CLI version checking (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7848">#7848</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/4a2819d2d62544eb3857e872d5e2ab33e90f9667"><code>4a2819d</code></a> Report errors in configs, and load configs from anywhere (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7650">#7650</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/4d87465b097443f9a3a5ccce25867fcd795f53bf"><code>4d87465</code></a> MVP working dataconnect:sql:shell (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7778">#7778</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/251867070ecee90676a9548476bab08ed96188e1"><code>2518670</code></a> Add a test-only GitRepoLinks create command (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7735">#7735</a>)</li> <li>Additional commits viewable in <a href="https://github.com/firebase/firebase-tools/compare/v13.22.1...v13.23.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.1 to 4.2.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.2.2</h2> <h2>What's Changed</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.2.1...v4.2.2">https://github.com/actions/checkout/compare/v4.2.1...v4.2.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <ul> <li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li> <li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li> <li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li> </ul> <h2>v4.1.2</h2> <ul> <li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li> </ul> <h2>v4.1.1</h2> <ul> <li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li> <li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li> </ul> <h2>v4.1.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/11bd71901bbe5b1630ceea73d27597364c9af683"><code>11bd719</code></a> Prepare 4.2.2 Release (<a href="https://redirect.github.com/actions/checkout/issues/1953">#1953</a>)</li> <li><a href="https://github.com/actions/checkout/commit/e3d2460bbb42d7710191569f88069044cfb9d8cf"><code>e3d2460</code></a> Expand unit test coverage (<a href="https://redirect.github.com/actions/checkout/issues/1946">#1946</a>)</li> <li><a href="https://github.com/actions/checkout/commit/163217dfcd28294438ea1c1c149cfaf66eec283e"><code>163217d</code></a> <code>url-helper.ts</code> now leverages well-known environment variables. (<a href="https://redirect.github.com/actions/checkout/issues/1941">#1941</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871...11bd71901bbe5b1630ceea73d27597364c9af683">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) from 1.22.0 to 1.22.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/shikijs/shiki/releases">shiki's releases</a>.</em></p> <blockquote> <h2>v1.22.1</h2> <h3> 🚀 Features</h3> <ul> <li>Update deps and themes, close <a href="https://github.com/shikijs/shiki/tree/HEAD/packages/shiki/issues/810">#810</a> - by <a href="https://github.com/antfu"><code>@antfu</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/810">shikijs/shiki#810</a> <a href="https://github.com/shikijs/shiki/commit/2b513987"><!-- raw HTML omitted -->(2b513)<!-- raw HTML omitted --></a></li> </ul> <h3> 🐞 Bug Fixes</h3> <ul> <li><strong>rehype</strong>: Support special languages - by <a href="https://github.com/fuma-nama"><code>@fuma-nama</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/808">shikijs/shiki#808</a> <a href="https://github.com/shikijs/shiki/commit/b8471aa7"><!-- raw HTML omitted -->(b8471)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/shikijs/shiki/compare/v1.22.0...v1.22.1">View changes on GitHub</a></h5> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/shikijs/shiki/commit/cea19737bdd24c10bbd66e50e018927ba41db571"><code>cea1973</code></a> chore: release v1.22.1</li> <li><a href="https://github.com/shikijs/shiki/commit/2b5139870b14402fe3bc1120f2db72012ea40897"><code>2b51398</code></a> feat: update deps and themes, close <a href="https://github.com/shikijs/shiki/tree/HEAD/packages/shiki/issues/810">#810</a></li> <li>See full diff in <a href="https://github.com/shikijs/shiki/commits/v1.22.1/packages/shiki">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 4.0.4 to 4.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-node/releases">actions/setup-node's releases</a>.</em></p> <blockquote> <h2>v4.1.0</h2> <h2>What's Changed</h2> <ul> <li>Resolve High Security Alerts by upgrading Dependencies by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-node/pull/1132">actions/setup-node#1132</a></li> <li>Upgrade IA Publish by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/setup-node/pull/1134">actions/setup-node#1134</a></li> <li>Revise <code>isGhes</code> logic by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/setup-node/pull/1148">actions/setup-node#1148</a></li> <li>Add architecture to cache key by <a href="https://github.com/pengx17"><code>@pengx17</code></a> in <a href="https://redirect.github.com/actions/setup-node/pull/843">actions/setup-node#843</a> This addresses issues with caching by adding the architecture (arch) to the cache key, ensuring that cache keys are accurate to prevent conflicts. Note: This change may break previous cache keys as they will no longer be compatible with the new format.</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/jww3"><code>@jww3</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-node/pull/1148">actions/setup-node#1148</a></li> <li><a href="https://github.com/pengx17"><code>@pengx17</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-node/pull/843">actions/setup-node#843</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-node/compare/v4...v4.1.0">https://github.com/actions/setup-node/compare/v4...v4.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-node/commit/39370e3970a6d050c480ffad4ff0ed4d3fdee5af"><code>39370e3</code></a> fix: add arch to cached path (<a href="https://redirect.github.com/actions/setup-node/issues/843">#843</a>)</li> <li><a href="https://github.com/actions/setup-node/commit/abb238b1313d8ef4d3e3a96d204e08329cafbf85"><code>abb238b</code></a> Revise <code>isGhes</code> logic (<a href="https://redirect.github.com/actions/setup-node/issues/1148">#1148</a>)</li> <li><a href="https://github.com/actions/setup-node/commit/aca7b64a59c0063db8564e0ffdadd3887f1cbae5"><code>aca7b64</code></a> Merge pull request <a href="https://redirect.github.com/actions/setup-node/issues/1134">#1134</a> from actions/Jcambass-patch-1</li> <li><a href="https://github.com/actions/setup-node/commit/88de2a3d99c13aa734c49200e8bc673fb0a80ab8"><code>88de2a3</code></a> Resolve High Security Alerts by upgrading Dependencies (<a href="https://redirect.github.com/actions/setup-node/issues/1132">#1132</a>)</li> <li><a href="https://github.com/actions/setup-node/commit/d6ebc7b438e9cf1b22a3c440a164b179ed0e37d6"><code>d6ebc7b</code></a> Upgrade IA Publish</li> <li>See full diff in <a href="https://github.com/actions/setup-node/compare/0a44ba7841725637a19e28fa30b79a866c81b0a6...39370e3970a6d050c480ffad4ff0ed4d3fdee5af">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
I originally felt like the separation was useful, but it quickly became murky as I began to add more entries that fit well into multiple categories. We don't use these yet, but let's keep it simple and have one field. If we want to surface some predetermined "categories" to filter by, we can separately specify important labels. This PR also adds an extra new line between each entry for some visual separation while editing.
Bumps [sass](https://github.com/sass/dart-sass) from 1.80.4 to 1.80.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/releases">sass's releases</a>.</em></p> <blockquote> <h2>Dart Sass 1.80.5</h2> <p>To install Sass 1.80.5, download one of the packages below and <a href="https://katiek2.github.io/path-doc/">add it to your PATH</a>, or see <a href="https://sass-lang.com/install">the Sass website</a> for full installation instructions.</p> <h1>Changes</h1> <h3>Embedded Host</h3> <ul> <li>Don't produce phantom <code>@import</code> deprecations when using an importer with the legacy API.</li> </ul> <p>See the <a href="https://github.com/sass/dart-sass/blob/master/CHANGELOG.md#1805">full changelog</a> for changes in earlier releases.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sass/dart-sass/blob/main/CHANGELOG.md">sass's changelog</a>.</em></p> <blockquote> <h2>1.80.5</h2> <h3>Embedded Host</h3> <ul> <li>Don't produce phantom <code>@import</code> deprecations when using an importer with the legacy API.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sass/dart-sass/commit/d14ea754e96861c9d7cb7f2b4bc75a40364eaf31"><code>d14ea75</code></a> Cut a release for <a href="https://redirect.github.com/sass/embedded-host-node/issues/342">sass/embedded-host-node#342</a> (<a href="https://redirect.github.com/sass/dart-sass/issues/2407">#2407</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/7129352416784039902fbea8848c5b54f957e05b"><code>7129352</code></a> Fix dart analyze warnings (<a href="https://redirect.github.com/sass/dart-sass/issues/2412">#2412</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/5c63839328b19782bc9a434a77f6028561906b96"><code>5c63839</code></a> Bump the sass_api dependency along with package versions (<a href="https://redirect.github.com/sass/dart-sass/issues/2408">#2408</a>)</li> <li><a href="https://github.com/sass/dart-sass/commit/477b596e0527f004205dbbdf6b6433c2907799ce"><code>477b596</code></a> Merge pull request <a href="https://redirect.github.com/sass/dart-sass/issues/2403">#2403</a> from sass/parser-variable</li> <li><a href="https://github.com/sass/dart-sass/commit/fd5cff0e7908d73d48de6a8484dde888079cbb44"><code>fd5cff0</code></a> Add sass-parser support for the <code>@warn</code> rule</li> <li><a href="https://github.com/sass/dart-sass/commit/251c75714331728b1336d72710c490068de2bfef"><code>251c757</code></a> Add sass-parser support for variable declarations</li> <li><a href="https://github.com/sass/dart-sass/commit/20397efa740929f95f3e18db996af84b81a0fd6f"><code>20397ef</code></a> Add grinder tasks to bump package versions (<a href="https://redirect.github.com/sass/dart-sass/issues/2405">#2405</a>)</li> <li>See full diff in <a href="https://github.com/sass/dart-sass/compare/1.80.4...1.80.5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [shiki](https://github.com/shikijs/shiki/tree/HEAD/packages/shiki) from 1.22.1 to 1.22.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/shikijs/shiki/releases">shiki's releases</a>.</em></p> <blockquote> <h2>v1.22.2</h2> <h3> 🐞 Bug Fixes</h3> <ul> <li><strong>cli</strong>: Multiple fontStyle - by <a href="https://github.com/antfu"><code>@antfu</code></a> <a href="https://github.com/shikijs/shiki/commit/c9acd17b"><!-- raw HTML omitted -->(c9acd)<!-- raw HTML omitted --></a></li> <li><strong>core</strong>: <code>createdBundledHighlighter</code> cause wasm engine to be loaded - by <a href="https://github.com/fuma-nama"><code>@fuma-nama</code></a> in <a href="https://redirect.github.com/shikijs/shiki/issues/819">shikijs/shiki#819</a> <a href="https://github.com/shikijs/shiki/commit/e26920a5"><!-- raw HTML omitted -->(e2692)<!-- raw HTML omitted --></a></li> </ul> <h5> <a href="https://github.com/shikijs/shiki/compare/v1.22.1...v1.22.2">View changes on GitHub</a></h5> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/shikijs/shiki/commit/e4d9a7a1013630127ce405c9a7f84c7df6c2de07"><code>e4d9a7a</code></a> chore: release v1.22.2</li> <li>See full diff in <a href="https://github.com/shikijs/shiki/commits/v1.22.2/packages/shiki">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Resolves dart-lang/site-www#6181 I'll open an issue on the SDK about avoiding this. **Edit:** dart-lang/sdk#56999
This page seems orphaned in the sidenav making discovery hard. Adding it here.
Bumps [firebase-tools](https://github.com/firebase/firebase-tools) from 13.23.0 to 13.23.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/firebase/firebase-tools/releases">firebase-tools's releases</a>.</em></p> <blockquote> <h2>v13.23.1</h2> <ul> <li>Check that billing is enabled and move App Hosting next to Hosting in init list (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7871">#7871</a>).</li> <li>Fix rollouts:create to handle backend regionality & other fixes. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7862">#7862</a>)</li> <li>Fixed Next.js issue with PPR routes not rendering correctly. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7625">#7625</a>)</li> <li>Bump the Firebase Data Connect local toolkit version to v1.6.0, which adds support for <code>upsertMany</code>, introduces <code>vars</code> as a shorthand for <code>request.variables</code> in <code>@auth</code> expressions, adds new methods to <code>GeneratedConnector</code> and <code>GeneratedOperation</code> implementations in Kotlin codegen (requires the v16.0.0-beta03 SDK), and fixes the use of Timestamp with optional types in Dart codegen (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7888">#7888</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/firebase/firebase-tools/commit/03be6d4bd87aa2eccbf26e729ee365a038b2980c"><code>03be6d4</code></a> 13.23.1</li> <li><a href="https://github.com/firebase/firebase-tools/commit/6cf8b0f1e8d43c1f85d40fe836e4dc26d36e2693"><code>6cf8b0f</code></a> feat: track autocomplete events (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7859">#7859</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/cb8936353e804a42119e1696f6e52e15f34faf74"><code>cb89363</code></a> Bump FDC local toolkit to v1.6.0. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7888">#7888</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/20ddd15dc34e5dd86f6254745fbf14fc60d2de94"><code>20ddd15</code></a> Check billing during App Hosting init and move App Hosting option next to Hos...</li> <li><a href="https://github.com/firebase/firebase-tools/commit/df2f682086a25aaa7cb85380fe9ec78b68c285b6"><code>df2f682</code></a> Improve detection for outdated standalone CLI versions. (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7885">#7885</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/ec559476d92fb31f7891fdfa9bb4b5d98e076d24"><code>ec55947</code></a> Fix rollouts:create to handle backend regionality & other fixes (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7862">#7862</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/137434284553f7e85007acecc0fbba777866b9cf"><code>1374342</code></a> New e2e tests (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7738">#7738</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/ddfefd81733b19a2624609b4f6e375522ccda263"><code>ddfefd8</code></a> Fix the extension overwriting the .firebase RC file when manually changed (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7">#7</a>...</li> <li><a href="https://github.com/firebase/firebase-tools/commit/e3b60df1eed0cfdec03839c0743f7413a74498ea"><code>e3b60df</code></a> replace strip-ansi with stripVTControlCharacters from node:util (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7860">#7860</a>)</li> <li><a href="https://github.com/firebase/firebase-tools/commit/71f2f2edd4a05bfe80cc5774b575964f3550bc23"><code>71f2f2e</code></a> Clarify Java compatibility requirements (<a href="https://redirect.github.com/firebase/firebase-tools/issues/7866">#7866</a>)</li> <li>Additional commits viewable in <a href="https://github.com/firebase/firebase-tools/compare/v13.23.0...v13.23.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AlexV525
approved these changes
Nov 2, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
ref #123