Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm_and_yarn group across 1 directory with 2 updates #12199

Closed
wants to merge 1 commit into from
Closed

Bump the npm_and_yarn group across 1 directory with 2 updates #12199

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 3, 2024

Bumps the npm_and_yarn group with 2 updates in the /polaris.shopify.com directory: next and sharp.

Updates next from 13.5.6 to 14.2.3

Release notes

Sourced from next's releases.

v14.2.3

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • Fix: resolve mixed re-exports module as cjs (#64681)
  • fix: mixing namespace import and named import client components (#64809)
  • Fix mixed exports in server component with barrel optimization (#64894)
  • Fix next/image usage in mdx(#64875)
  • fix(fetch-cache): fix additional typo, add type & data validation (#64799)
  • prevent erroneous route interception during lazy fetch (#64692)
  • fix root page revalidation when redirecting in a server action (#64730)
  • fix: remove traceparent from cachekey should not remove traceparent from original object (#64727)
  • Clean-up fetch metrics tracking (#64746)

Credits

Huge thanks to @​huozhi, @​samcx, @​ztanner, @​Jeffrey-Zutt, and @​ijjk for helping!

v14.2.2

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • Fix Server Action error logs for unhandled POST requests (#64315)
  • Improve rendering performance (#64408)
  • Fix the method prop case in Server Actions transform (#64398)
  • fix(next-lint): update option --report-unused-disable-directives to --report-unused-disable-directives-severity (#64405)
  • tweak test for Azure (#64424)
  • router restore should take priority over pending actions (#64449)
  • Fix client boundary inheritance for barrel optimization (#64467)
  • improve turborepo caching (#64493)
  • feat: strip traceparent header from cachekey (#64499)
  • Fix more Turbopack build tests
  • Update lockfile for compatibility with turbo (#64360)
  • Fix typo in dynamic-rendering.ts (#64365)
  • Fix DynamicServerError not being thrown in fetch (#64511)
  • fix(next): Metadata.openGraph values not resolving basic values when type is set (#63620)
  • disable production chunking in dev (#64488)
  • Fix cjs client components tree-shaking (#64558)
  • fix refresh behavior for discarded actions (#64532)
  • fix: filter out middleware requests in logging (#64549)
  • Turbopack: Allow client components to be imported in app routes (#64520)
  • Fix ASL bundling for dynamic css (#64451)
  • add pathname normalizer for actions (#64592)
  • fix incorrect refresh request when basePath is set (#64589)
  • test: skip turbopack build test (#64356)
  • hotfix(turbopack): Update with patch for postcss.config.js path resolution on Windows (#64677)

... (truncated)

Commits
  • 2e7a96a v14.2.3
  • a230be4 Clean-up fetch metrics tracking (#64746)
  • 73c2d63 fix: remove traceparent from cachekey should not remove traceparent from orig...
  • dd44191 fix root page revalidation when redirecting in a server action (#64730)
  • 8b4c234 prevent erroneous route interception during lazy fetch (#64692)
  • d6a7ca0 fix(fetch-cache): fix additional typo, add type & data validation (#64799)
  • 4a6b511 Fix next/image usage in mdx (#64875)
  • 04cc13c Fix mixed exports in server component with barrel optimization (#64894)
  • 8d01d49 fix: mixing namespace import and named import client components (#64809)
  • de84e3a Fix: resolve mixed re-exports module as cjs (#64681)
  • Additional commits viewable in compare view

Updates sharp from 0.31.3 to 0.33.4

Changelog

Sourced from sharp's changelog.

v0.33.4 - 16th May 2024

  • Remove experimental status from pipelineColourspace.

  • Reduce default concurrency when musl thread over-subscription detected.

  • TypeScript: add missing definitions for OverlayOptions. #4048 @​ike-gg

  • Install: add advanced option to force use of a globally-installed libvips. #4060

  • Expose bilinear resizing kernel (and interpolator). #4061

  • Ensure extend operation stays sequential for multi-page TIFF (regression in 0.32.0). #4069

  • Tighten validation of constructor text integer properties. #4071

  • Simplify internal StaySequential logic. #4074 @​kleisauke

  • Ensure negate operation occurs after profile conversion. #4096 @​adriaanmeuris

v0.33.3 - 23rd March 2024

  • Upgrade to libvips v8.15.2 for upstream bug fixes.

  • Ensure keepIccProfile retains P3 and CMYK input profiles. #3906 #4008

  • Ensure text.wrap property can accept word-char as value. #4028 @​yolopunk

  • Ensure clone takes a deep copy of existing options. #4029

  • Add bitdepth option to heif output (prebuilt binaries support 8-bit only). #4036 @​mertalev

v0.33.2 - 12th January 2024

... (truncated)

Commits
  • 19d0e27 Release v0.33.4
  • 16b764f Prerelease v0.33.4-rc.0
  • 1593ee3 Bump devDeps
  • 668b5ba Docs: changelog and credit for #4096
  • 29336f4 Ensure negate op occurs after profile conversion (#4096)
  • b5fddd7 Install: log node-addon-api version if available
  • da655a1 Reduce default concurrency for musl thread over-subscription
  • 93c615d Bump devDeps
  • f325dc3 Refactor to use C++ boolean literals rather than macros
  • 0fde71c Ensure all contributor email addresses are valid (#4088)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group across 1 directory with 2 updates
b3b5742 
Bumps the npm_and_yarn group with 2 updates in the /polaris.shopify.com directory: [next](https://github.com/vercel/next.js) and [sharp](https://github.com/lovell/sharp).


Updates `next` from 13.5.6 to 14.2.3
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v13.5.6...v14.2.3)

Updates `sharp` from 0.31.3 to 0.33.4
- [Release notes](https://github.com/lovell/sharp/releases)
- [Changelog](https://github.com/lovell/sharp/blob/main/docs/changelog.md)
- [Commits](lovell/sharp@v0.31.3...v0.33.4)

---
updated-dependencies:
- dependency-name: next
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: sharp
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jun 3, 2024
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Jun 16, 2024

Superseded by #12270.

@dependabot dependabot bot closed this Jun 16, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/polaris.shopify.com/npm_and_yarn-f64dd6b5bb branch June 16, 2024 05:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants