build(deps-dev): bump the development-dependencies group with 3 updates #85

dependabot · 2023-12-01T10:56:42Z

Bumps the development-dependencies group with 3 updates: esbuild, undici and yaml.

Updates esbuild from 0.19.5 to 0.19.8

Release notes

v0.19.8
Add a treemap chart to esbuild's bundle analyzer (#2848)

The bundler analyzer on esbuild's website (https://esbuild.github.io/analyze/) now has a treemap chart type in addition to the two existing chart types (sunburst and flame). This should be more familiar for people coming from other similar tools, as well as make better use of large screens.
Allow decorators after the export keyword (#104)

Previously esbuild's decorator parser followed the original behavior of TypeScript's experimental decorators feature, which only allowed decorators to come before the export keyword. However, the upcoming JavaScript decorators feature also allows decorators to come after the export keyword. And with TypeScript 5.0, TypeScript now also allows experimental decorators to come after the export keyword too. So esbuild now allows this as well:
// This old syntax has always been permitted:
@decorator export class Foo {}
@decorator export default class Foo {}
// This new syntax is now permitted too:
export @decorator class Foo {}
export default @decorator class Foo {}
In addition, esbuild's decorator parser has been rewritten to fix several subtle and likely unimportant edge cases with esbuild's parsing of exports and decorators in TypeScript (e.g. TypeScript apparently does automatic semicolon insertion after interface and export interface but not after export default interface).
Pretty-print decorators using the same whitespace as the original

When printing code containing decorators, esbuild will now try to respect whether the original code contained newlines after the decorator or not. This can make generated code containing many decorators much more compact to read:
// Original code
class Foo {
  @a @b @c abc
  @x @y @z xyz
}
// Old output
class Foo {
@a
@b
@c
abc;
@x
@y
@z
xyz;
}
// New output
class Foo {
@a @b @c abc;
@x @y @z xyz;
}

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.19.8
Add a treemap chart to esbuild's bundle analyzer (#2848)

The bundler analyzer on esbuild's website (https://esbuild.github.io/analyze/) now has a treemap chart type in addition to the two existing chart types (sunburst and flame). This should be more familiar for people coming from other similar tools, as well as make better use of large screens.
Allow decorators after the export keyword (#104)

Previously esbuild's decorator parser followed the original behavior of TypeScript's experimental decorators feature, which only allowed decorators to come before the export keyword. However, the upcoming JavaScript decorators feature also allows decorators to come after the export keyword. And with TypeScript 5.0, TypeScript now also allows experimental decorators to come after the export keyword too. So esbuild now allows this as well:
// This old syntax has always been permitted:
@decorator export class Foo {}
@decorator export default class Foo {}
// This new syntax is now permitted too:
export @decorator class Foo {}
export default @decorator class Foo {}
In addition, esbuild's decorator parser has been rewritten to fix several subtle and likely unimportant edge cases with esbuild's parsing of exports and decorators in TypeScript (e.g. TypeScript apparently does automatic semicolon insertion after interface and export interface but not after export default interface).
Pretty-print decorators using the same whitespace as the original

When printing code containing decorators, esbuild will now try to respect whether the original code contained newlines after the decorator or not. This can make generated code containing many decorators much more compact to read:
// Original code
class Foo {
  @a @b @c abc
  @x @y @z xyz
}
// Old output
class Foo {
@a
@b
@c
abc;
@x
@y
@z
xyz;
}
// New output
class Foo {
@a @b @c abc;
@x @y @z xyz;
}

... (truncated)

Commits

e97bd67 publish 0.19.8 to npm
65b3058 mention the treemap in the release notes (#2848)
16883d4 add whitespace change to release notes
7383d0d decorators: printing preserves newline-tail status
7edc83d reword an experimental decorators error message
f3d5352 remove a now-unused field
e755189 ts: forbid regular decorators on declare fields
69c9e7f allow decorators to come after export (#104)
7baefdb fix a panic with "export default interface\n"
a8313d2 use "check" for decorator validation, not "guess"
Additional commits viewable in compare view

Updates undici from 5.27.0 to 5.28.2

Release notes

Sourced from undici's releases.

v5.28.2

What's Changed

fix: remove optional chainning for compatible with Nodejs12 and below by @bugb in nodejs/undici#2470

fix: remove node: prefix by @tsctx in nodejs/undici#2471

perf: avoid Headers initialization by @tsctx in nodejs/undici#2468

fix: handle SharedArrayBuffer correctly by @tsctx in nodejs/undici#2466

fix: Add null type to signal in RequestInit by @gebsh in nodejs/undici#2455

fix: correctly handle data URL with hashes. by @tsctx in nodejs/undici#2475

fix: check response for timinginfo allow flag by @ToshB in nodejs/undici#2477

Make call to onBodySent conditional in RetryHandler by @MzUgM in nodejs/undici#2478

refactor: better integrity check by @tsctx in nodejs/undici#2462

fix: Added support for inline URL username:password proxy auth by @matt-way in nodejs/undici#2473

build(deps-dev): bump jsdom from 22.1.0 to 23.0.0 by @dependabot in nodejs/undici#2472

build(deps-dev): bump sinon from 16.1.3 to 17.0.1 by @dependabot in nodejs/undici#2405

build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.1 by @dependabot in nodejs/undici#2396

build(deps): bump actions/setup-node from 3.8.1 to 4.0.0 by @dependabot in nodejs/undici#2395

build(deps): bump step-security/harden-runner from 2.5.0 to 2.6.0 by @dependabot in nodejs/undici#2392

build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 by @dependabot in nodejs/undici#2389

build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in nodejs/undici#2302

New Contributors

@bugb made their first contribution in nodejs/undici#2470

@gebsh made their first contribution in nodejs/undici#2455

@ToshB made their first contribution in nodejs/undici#2477

@MzUgM made their first contribution in nodejs/undici#2478

@matt-way made their first contribution in nodejs/undici#2473

Full Changelog: nodejs/undici@v5.28.1...v5.28.2

v5.28.1

What's Changed

perf: Improve normalizeMethod by @tsctx in nodejs/undici#2456

fix: dispatch error handling by @ronag in nodejs/undici#2459

perf(request): optimize if headers are given by @tsctx in nodejs/undici#2454

Full Changelog: nodejs/undici@v5.28.0...v5.28.1

v5.28.0

What's Changed

fix(parseHeaders): util.parseHeaders handle correctly array of buffer… by @mdoria12 in nodejs/undici#2398

docs: add license to undici-types by @dancastillo in nodejs/undici#2401

perf: optimize Readable.dump by @ronag in nodejs/undici#2402

perf(headers): Improve Headers by @tsctx in nodejs/undici#2397

test: re-enable conditional WPT Report for websockets by @panva in nodejs/undici#2407

fix: delay abort on 'close' by @ronag in nodejs/undici#2408

refactor: use substring instead of substr by @tsctx in nodejs/undici#2411

add additional http2 test with fetch by @KhafraDev in nodejs/undici#2419

fix: HTTPToken check by @tsctx in nodejs/undici#2410

perf: optimize HeadersList.get by @tsctx in nodejs/undici#2420

... (truncated)

Commits

9a14e5f Bumped v5.28.2
fcdfe87 build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 (#2302)
169c157 build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 (#2389)
9788177 build(deps): bump step-security/harden-runner from 2.5.0 to 2.6.0 (#2392)
1f6d159 build(deps): bump actions/setup-node from 3.8.1 to 4.0.0 (#2395)
a393a86 build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.1 (#2396)
ea2f606 build(deps-dev): bump sinon from 16.1.3 to 17.0.1 (#2405)
80979ed build(deps-dev): bump jsdom from 22.1.0 to 23.0.0 (#2472)
08183ea fix: Added support for inline URL username:password proxy auth (#2473)
28759f4 refactor: better integrity check (#2462)
Additional commits viewable in compare view

Updates yaml from 2.3.3 to 2.3.4

Release notes

Sourced from yaml's releases.

v2.3.4

Do not throw for carriage return in tag shorthand (#501)

Commits

b7696fc 2.3.4
4af7419 fix: Carriage return in tag shorthand (#501)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the development-dependencies group with 3 updates: [esbuild](https://github.com/evanw/esbuild), [undici](https://github.com/nodejs/undici) and [yaml](https://github.com/eemeli/yaml). Updates `esbuild` from 0.19.5 to 0.19.8 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](evanw/esbuild@v0.19.5...v0.19.8) Updates `undici` from 5.27.0 to 5.28.2 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v5.27.0...v5.28.2) Updates `yaml` from 2.3.3 to 2.3.4 - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](eemeli/yaml@v2.3.3...v2.3.4) --- updated-dependencies: - dependency-name: esbuild dependency-type: direct:development update-type: version-update:semver-patch dependency-group: development-dependencies - dependency-name: undici dependency-type: direct:development update-type: version-update:semver-minor dependency-group: development-dependencies - dependency-name: yaml dependency-type: direct:development update-type: version-update:semver-patch dependency-group: development-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

create-app-token-action-releaser · 2023-12-01T18:27:52Z

🎉 This PR is included in version 1.6.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

dependabot bot requested review from gr2m, parkerbxyz and a team as code owners December 1, 2023 10:56

dependabot bot added dependencies Pull requests that update a dependency file javascript labels Dec 1, 2023

gr2m approved these changes Dec 1, 2023

View reviewed changes

gr2m merged commit 2e5cc74 into main Dec 1, 2023
3 checks passed

gr2m deleted the dependabot/npm_and_yarn/development-dependencies-83fb277893 branch December 1, 2023 18:27

create-app-token-action-releaser bot added the released label Dec 1, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps-dev): bump the development-dependencies group with 3 updates #85

build(deps-dev): bump the development-dependencies group with 3 updates #85

dependabot bot commented on behalf of github Dec 1, 2023

create-app-token-action-releaser bot commented Dec 1, 2023

build(deps-dev): bump the development-dependencies group with 3 updates #85

build(deps-dev): bump the development-dependencies group with 3 updates #85

Conversation

dependabot bot commented on behalf of github Dec 1, 2023

v0.19.8

0.19.8

v5.28.2

What's Changed

New Contributors

v5.28.1

What's Changed

v5.28.0

What's Changed

v2.3.4

create-app-token-action-releaser bot commented Dec 1, 2023