tldraw/apps/dotcom-worker/package.json

57 lines
1.6 KiB
JSON
Raw Normal View History

{
"name": "@tldraw/dotcom-worker",
"description": "A tiny little drawing app (merge server).",
"version": "2.0.0-alpha.11",
"private": true,
"author": {
"name": "tldraw GB Ltd.",
"email": "hello@tldraw.com"
},
"main": "./src/lib/worker.ts",
"/* GOTCHA */": "files will include ./dist and index.d.ts by default, add any others you want to include in here",
"files": [],
"scripts": {
"dev": "concurrently --kill-others yarn:dev-cron yarn:dev-wrangler yarn:report-size",
"dev-cron": "yarn run -T tsx ./scripts/cron.ts",
"dev-wrangler": "yarn run -T tsx ./scripts/dev-wrap.ts",
"report-size": "node scripts/report-size.js",
"test-ci": "lazy inherit",
"test": "yarn run -T jest",
"test-coverage": "lazy inherit",
"lint": "yarn run -T tsx ../../scripts/lint.ts"
},
"dependencies": {
"@supabase/auth-helpers-remix": "^0.2.2",
"@supabase/supabase-js": "^2.33.2",
Readonly / room creation omnibus (#3192) Reworks how the readonly urls work. Till now we just used a simple function that would scramble the slugs. Now we use a proper key value mapping between regular and readonly slugs: - We use two KV stores. One is for going from a slug to a readonly slug and the other one for going the other way around. They are populated at the same time. - We separate preview KV stores (dev, preview, staging) from production one. I've already created these on Cloudflare. [My understanding is ](https://developers.cloudflare.com/kv/reference/data-security/#encryption-at-rest)that ids [can be public](https://community.cloudflare.com/t/is-it-safe-to-keep-kv-ids-in-a-public-git-repo/517387/4) since we can only access KV from our worker. Happy to move them to env variables though. - [x] Disable creating new rooms when tldraw is embedded inside iframes on other websites (we check the referrer and if it's not the same as the iframe's origin we don't allow it) - [x] Fork a project when inside an iframe now opens the forked project on tldraw.com and not inside iframe. - [x] We allow embeding of iframes, but we now track the where they are used via the referrer. We send this to Vercel analytics. - [x] Improved UX of the share menu to make it less confusing. Toggle is gone. - [x] `/new` and `/r` routes not redirect to `/`. - [x] This introduces a new `/ro` route for readonly rooms. Legacy rooms still live on `/v`. - [x] Brought back `dotcom-shared` project to share code between BE and FE. Mostly types. - [x] Prevent creating of rooms by entering `/r/non-existing-slug`. - [x] Handle getting a readonly slug for old rooms. Added a comment about it [here](https://github.com/tldraw/tldraw/pull/3192/files#diff-c0954b3dc71bb7097c39656441175f3238ed60cf5cee64077c06e21da82182cbR17-R18). - [x] We no longer expose editor on the window object for readonly rooms. Prevents the users disabling readonly rooms manually. ### Change Type <!-- ❗ Please select a 'Scope' label ❗️ --> - [ ] `sdk` — Changes the tldraw SDK - [x] `dotcom` — Changes the tldraw.com web app - [ ] `docs` — Changes to the documentation, examples, or templates. - [ ] `vs code` — Changes to the vscode plugin - [ ] `internal` — Does not affect user-facing stuff <!-- ❗ Please select a 'Type' label ❗️ --> - [ ] `bugfix` — Bug fix - [ ] `feature` — New feature - [x] `improvement` — Improving existing features - [ ] `chore` — Updating dependencies, other boring stuff - [ ] `galaxy brain` — Architectural changes - [ ] `tests` — Changes to any test code - [ ] `tools` — Changes to infrastructure, CI, internal scripts, debugging tools, etc. - [ ] `dunno` — I don't know ### Test Plan 1. Make sure old readonly rooms still work. 2. Creating a readonly link from an existing room should still use `/v` path. 3. Newly created rooms should use `/ro` path for readonly rooms. Make sure these work as well. 4. `/r` room was disabled and redirects to `/` 5. `/new` should still work when not inside iframes. - [x] Unit Tests - [ ] End to end tests ### Release Notes 1. This adds new functionality for readonly rooms: - We have a new route `/ro` for newly created readonly rooms. These rooms no longer use the scrambling logic to create readonly slugs. Instead we now use KV storage from cloudflare to track the mapping for slugs -> readonly slug and readonly slug -> slug. - The old route `/v` is preserved, so that the old room still work as they did before. - For old rooms we will keep on generating the old readonly slugs, but for new rooms we'll start using the new logic. 2. We no longer prevent embedding of tldraw inside iframes. 3. We do prevent generating new rooms from inside the iframes though. `/r`, `/new`, `/r/non-existing-id` should not allow creation of new rooms inside iframes. Only `/new` still works when not inside iframes. 4. Forking a project from inside an iframe now opens it on tldraw.com 5. Slight copy change on the sharing menu. We no longer have a toggle between readonly and non-readonly links. 6. `editor` and `app` are no longer exposed on the window object for readonly rooms. Prevents users from using the `updateInstanceState` to escape readonly rooms. --------- Co-authored-by: Mime Čuvalo <mimecuvalo@gmail.com>
2024-04-25 14:10:40 +00:00
"@tldraw/dotcom-shared": "workspace:*",
"@tldraw/store": "workspace:*",
"@tldraw/tlschema": "workspace:*",
"@tldraw/tlsync": "workspace:*",
"@tldraw/utils": "workspace:*",
"esbuild": "^0.18.4",
"itty-router": "^4.0.13",
"nanoid": "4.0.2",
"react": "^18.2.0",
"react-dom": "^18.2.0",
"strip-ansi": "^7.1.0",
"toucan-js": "^2.7.0"
},
"devDependencies": {
"@cloudflare/workers-types": "^4.20230821.0",
Bump Yarn to 4.0.2 and add version constraints (#2481) This PR bumps Yarn to 4.0.2, adds version constraints and fixes reported problems. Current constraints (per @ds300): 1. all dependencies (both prod and dev) should have consistent versions across the project 2. only the root `package.json` should have `packageManager` set Removed 54 packages due to deduplication. ### Change Type - [ ] `patch` — Bug fix - [ ] `minor` — New feature - [ ] `major` — Breaking change - [x] `dependencies` — Changes to package dependencies[^1] - [ ] `documentation` — Changes to the documentation only[^2] - [ ] `tests` — Changes to any test code only[^2] - [ ] `internal` — Any other changes that don't affect the published package[^2] - [ ] I don't know [^1]: publishes a `patch` release, for devDependencies use `internal` [^2]: will not publish a new version <details> <summary>An example of a report with a bunch of problems</summary> ``` ❯ yarn constraints ➤ Errors prefixed by '⚙' can be fixed by running yarn constraints --fix ├─ @tldraw/monorepo@workspace:. │ ├─ Conflict detected in constraint targeting devDependencies["@types/react"]; conflicting values are: │ │ ├─ '^18.2.47' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^18.2.33' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["@typescript-eslint/eslint-plugin"]; conflicting values are: │ │ ├─ '^5.57.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^5.10.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["@typescript-eslint/parser"]; conflicting values are: │ │ ├─ '^5.57.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^5.10.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["eslint"]; conflicting values are: │ │ ├─ '^8.37.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '8.36.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["eslint-config-prettier"]; conflicting values are: │ │ ├─ '^8.8.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^8.3.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["eslint-plugin-react"]; conflicting values are: │ │ ├─ '^7.32.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '7.28.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["prettier-plugin-organize-imports"]; conflicting values are: │ │ ├─ '^3.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^3.2.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["tsx"]; conflicting values are: │ │ ├─ '^3.12.7' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^4.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ Conflict detected in constraint targeting devDependencies["typescript"]; conflicting values are: │ ├─ '^5.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ '^5.0.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ @tldraw/docs@workspace:apps/docs │ ├─ Conflict detected in constraint targeting dependencies["@types/ws"]; conflicting values are: │ │ ├─ '^8.5.9' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^8.5.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["@vercel/analytics"]; conflicting values are: │ │ ├─ '^1.1.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^1.0.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["concurrently"]; conflicting values are: │ │ ├─ '^8.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ ├─ '^8.2.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '7.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["dotenv"]; conflicting values are: │ │ ├─ '^16.3.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^16.0.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["eslint"]; conflicting values are: │ │ ├─ '^8.37.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '8.36.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["eslint-config-next"]; conflicting values are: │ │ ├─ '13.2.4' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '12.2.5' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["next"]; conflicting values are: │ │ ├─ '^14.0.4' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^13.2.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["prettier-plugin-organize-imports"]; conflicting values are: │ │ ├─ '^3.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^3.2.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["react"]; conflicting values are: │ │ ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["react-dom"]; conflicting values are: │ │ ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["tsx"]; conflicting values are: │ │ ├─ '^3.12.7' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^4.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["typescript"]; conflicting values are: │ │ ├─ '^5.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^5.0.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["ws"]; conflicting values are: │ │ ├─ '^8.14.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ ├─ '^8.13.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^8.16.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ dotcom@workspace:apps/dotcom │ ├─ Conflict detected in constraint targeting dependencies["@radix-ui/react-popover"]; conflicting values are: │ │ ├─ '1.0.6-rc.5' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^1.0.7' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["@vercel/analytics"]; conflicting values are: │ │ ├─ '^1.1.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^1.0.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["react"]; conflicting values are: │ │ ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["react-dom"]; conflicting values are: │ │ ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["react-router-dom"]; conflicting values are: │ │ ├─ '^6.17.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^6.9.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["@types/react"]; conflicting values are: │ │ ├─ '^18.2.47' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^18.2.33' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["dotenv"]; conflicting values are: │ │ ├─ '^16.3.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^16.0.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["vite"]; conflicting values are: │ │ ├─ '^5.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^4.3.4' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["ws"]; conflicting values are: │ │ ├─ '^8.14.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ ├─ '^8.13.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^8.16.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ dotcom-asset-upload@workspace:apps/dotcom-asset-upload │ ├─ Conflict detected in constraint targeting dependencies["itty-router"]; conflicting values are: │ │ ├─ '^2.6.6' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^4.0.13' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["@types/ws"]; conflicting values are: │ │ ├─ '^8.5.9' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^8.5.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ @tldraw/bookmark-extractor@workspace:apps/dotcom-bookmark-extractor │ ├─ Conflict detected in constraint targeting dependencies["tslib"]; conflicting values are: │ │ ├─ '^2.6.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^2.4.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["typescript"]; conflicting values are: │ │ ├─ '^5.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^5.0.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ @tldraw/dotcom-worker@workspace:apps/dotcom-worker │ ├─ Conflict detected in constraint targeting dependencies["itty-router"]; conflicting values are: │ │ ├─ '^2.6.6' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^4.0.13' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["concurrently"]; conflicting values are: │ │ ├─ '^8.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ ├─ '^8.2.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '7.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["typescript"]; conflicting values are: │ │ ├─ '^5.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^5.0.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ examples.tldraw.com@workspace:apps/examples │ ├─ Conflict detected in constraint targeting dependencies["@vercel/analytics"]; conflicting values are: │ │ ├─ '^1.1.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^1.0.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["react"]; conflicting values are: │ │ ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["react-dom"]; conflicting values are: │ │ ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["react-router-dom"]; conflicting values are: │ │ ├─ '^6.17.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^6.9.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["vite"]; conflicting values are: │ │ ├─ '^5.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^4.3.4' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["dotenv"]; conflicting values are: │ │ ├─ '^16.3.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^16.0.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ huppy@workspace:apps/huppy │ ├─ Conflict detected in constraint targeting dependencies["next"]; conflicting values are: │ │ ├─ '^14.0.4' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^13.2.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["react"]; conflicting values are: │ │ ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["react-dom"]; conflicting values are: │ │ ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["eslint-config-next"]; conflicting values are: │ │ ├─ '13.2.4' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '12.2.5' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ @tldraw/vscode-editor@workspace:apps/vscode/editor │ ├─ Conflict detected in constraint targeting devDependencies["@types/react"]; conflicting values are: │ │ ├─ '^18.2.47' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^18.2.33' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["concurrently"]; conflicting values are: │ │ ├─ '^8.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ ├─ '^8.2.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '7.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["dotenv"]; conflicting values are: │ │ ├─ '^16.3.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^16.0.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["react"]; conflicting values are: │ │ ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["react-dom"]; conflicting values are: │ │ ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["tslib"]; conflicting values are: │ │ ├─ '^2.6.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^2.4.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ tldraw-vscode@workspace:apps/vscode/extension │ ├─ Conflict detected in constraint targeting devDependencies["@typescript-eslint/eslint-plugin"]; conflicting values are: │ │ ├─ '^5.57.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^5.10.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["@typescript-eslint/parser"]; conflicting values are: │ │ ├─ '^5.57.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^5.10.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["tslib"]; conflicting values are: │ │ ├─ '^2.6.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^2.4.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["tsx"]; conflicting values are: │ │ ├─ '^3.12.7' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^4.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ config@workspace:config │ ├─ Conflict detected in constraint targeting dependencies["eslint-config-prettier"]; conflicting values are: │ │ ├─ '^8.8.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^8.3.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting dependencies["eslint-plugin-react"]; conflicting values are: │ │ ├─ '^7.32.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '7.28.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ ⚙ Missing field packageManager; expected null │ ├─ @tldraw/assets@workspace:packages/assets │ └─ ⚙ Missing field packageManager; expected null │ ├─ @tldraw/editor@workspace:packages/editor │ ├─ Conflict detected in constraint targeting devDependencies["@testing-library/jest-dom"]; conflicting values are: │ │ ├─ '^5.16.5' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^5.14.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["jest-canvas-mock"]; conflicting values are: │ │ ├─ '^2.5.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^2.5.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["jest-environment-jsdom"]; conflicting values are: │ │ ├─ '^29.4.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^28.1.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ @tldraw/state@workspace:packages/state │ ├─ Conflict detected in constraint targeting devDependencies["@types/react"]; conflicting values are: │ │ ├─ '^18.2.47' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^18.2.33' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ @tldraw/store@workspace:packages/store │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ @tldraw/tldraw@workspace:packages/tldraw │ ├─ Conflict detected in constraint targeting dependencies["@radix-ui/react-popover"]; conflicting values are: │ │ ├─ '1.0.6-rc.5' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^1.0.7' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["@testing-library/jest-dom"]; conflicting values are: │ │ ├─ '^5.16.5' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^5.14.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["jest-canvas-mock"]; conflicting values are: │ │ ├─ '^2.5.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^2.5.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["jest-environment-jsdom"]; conflicting values are: │ │ ├─ '^29.4.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^28.1.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ @tldraw/tlschema@workspace:packages/tlschema │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ @tldraw/tlsync@workspace:packages/tlsync │ ├─ Conflict detected in constraint targeting dependencies["ws"]; conflicting values are: │ │ ├─ '^8.14.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ ├─ '^8.13.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^8.16.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ ├─ Conflict detected in constraint targeting devDependencies["typescript"]; conflicting values are: │ │ ├─ '^5.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ │ └─ '^5.0.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ @tldraw/utils@workspace:packages/utils │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ ├─ @tldraw/validate@workspace:packages/validate │ └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' │ └─ @tldraw/scripts@workspace:scripts ├─ Conflict detected in constraint targeting devDependencies["typescript"]; conflicting values are: │ ├─ '^5.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) │ └─ '^5.0.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15) └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0' ``` </details>
2024-01-18 11:09:17 +00:00
"concurrently": "^8.2.2",
"lazyrepo": "0.0.0-alpha.27",
"picocolors": "^1.0.0",
"typescript": "^5.3.3",
Bump the npm_and_yarn group group with 7 updates (#2982) Bumps the npm_and_yarn group group with 7 updates: | Package | From | To | | --- | --- | --- | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `5.0.11` | `5.0.12` | | [wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler) | `3.16.0` | `3.19.0` | | [semver](https://github.com/npm/node-semver) | `7.5.4` | `7.6.0` | | [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.62` | `0.10.64` | | [ip](https://github.com/indutny/node-ip) | `1.1.8` | `1.1.9` | | [miniflare](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare) | `3.20231030.0` | `3.20231030.3` | | [undici](https://github.com/nodejs/undici) | `5.28.2` | `5.28.3` | Updates `vite` from 5.0.11 to 5.0.12 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/blob/v5.0.12/packages/vite/CHANGELOG.md">vite's changelog</a>.</em></p> <blockquote> <h2><!-- raw HTML omitted -->5.0.12 (2024-01-19)<!-- raw HTML omitted --></h2> <ul> <li>fix: await <code>configResolved</code> hooks of worker plugins (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15597">#15597</a>) (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15605">#15605</a>) (<a href="https://github.com/vitejs/vite/commit/ef89f80">ef89f80</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/15597">#15597</a> <a href="https://redirect.github.com/vitejs/vite/issues/15605">#15605</a></li> <li>fix: fs deny for case insensitive systems (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15653">#15653</a>) (<a href="https://github.com/vitejs/vite/commit/91641c4">91641c4</a>), closes <a href="https://redirect.github.com/vitejs/vite/issues/15653">#15653</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vitejs/vite/commit/ee81e196769c102a6b1bf30f8444ccde236e71d5"><code>ee81e19</code></a> release: v5.0.12</li> <li><a href="https://github.com/vitejs/vite/commit/91641c4da0a011d4c5352e88fc68389d4e1289a5"><code>91641c4</code></a> fix: fs deny for case insensitive systems (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15653">#15653</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/ef89f8092f0eb1d8fd7d21256e6af8c4e64fe9b2"><code>ef89f80</code></a> fix: await <code>configResolved</code> hooks of worker plugins (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15597">#15597</a>) (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15605">#15605</a>)</li> <li>See full diff in <a href="https://github.com/vitejs/vite/commits/v5.0.12/packages/vite">compare view</a></li> </ul> </details> <br /> Updates `wrangler` from 3.16.0 to 3.19.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cloudflare/workers-sdk/releases">wrangler's releases</a>.</em></p> <blockquote> <h2>wrangler@3.19.0</h2> <h3>Minor Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4547">#4547</a> <a href="https://github.com/cloudflare/workers-sdk/commit/86c81ff0d59e79d2d33f176f69a7c2d1dcd91e02"><code>86c81ff0</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - fix: listen on IPv4 loopback only by default on Windows</p> <p>Due to a <a href="https://redirect.github.com/cloudflare/workerd/issues/1408">known issue</a>, <code>workerd</code> will only listen on the IPv4 loopback address <code>127.0.0.1</code> when it's asked to listen on <code>localhost</code>. On Node.js &gt; 17, <code>localhost</code> will resolve to the IPv6 loopback address, meaning requests to <code>workerd</code> would fail. This change switches to using the IPv4 loopback address throughout Wrangler on Windows, while <a href="https://redirect.github.com/cloudflare/workerd/issues/1408">workerd#1408</a> gets fixed.</p> </li> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4535">#4535</a> <a href="https://github.com/cloudflare/workers-sdk/commit/29df8e17545bf3926b6d61678b596be809d40c6d"><code>29df8e17</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - Reintroduces some internal refactorings of wrangler dev servers (including <code>wrangler dev</code>, <code>wrangler dev --remote</code>, and <code>unstable_dev()</code>).</p> <p>These changes were released in 3.13.0 and reverted in 3.13.1 -- we believe the changes are now more stable and ready for release again.</p> <p>There are no changes required for developers to opt-in. Improvements include:</p> <ul> <li>fewer 'address in use' errors upon reloads</li> <li>upon config/source file changes, requests are buffered to guarantee the response is from the new version of the Worker</li> </ul> </li> </ul> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4521">#4521</a> <a href="https://github.com/cloudflare/workers-sdk/commit/6c5bc704c5a13aab58b765c57b700204bc0830bf"><code>6c5bc704</code></a> Thanks <a href="https://github.com/zebp"><code>@​zebp</code></a>! - fix: init from dash specifying explicit usage model in wrangler.toml for standard users</p> </li> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550">#4550</a> <a href="https://github.com/cloudflare/workers-sdk/commit/63708a94fb7a055bf15fa963f2d598b47b11d3c0"><code>63708a94</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - fix: validate <code>Host</code> and <code>Orgin</code> headers where appropriate</p> <p><code>Host</code> and <code>Origin</code> headers are now checked when connecting to the inspector and Miniflare's magic proxy. If these don't match what's expected, the request will fail.</p> </li> <li> <p>Updated dependencies [<a href="https://github.com/cloudflare/workers-sdk/commit/71fb0b86cf0ed81cc29ad71792edbba3a79ba87c"><code>71fb0b86</code></a>, <a href="https://github.com/cloudflare/workers-sdk/commit/63708a94fb7a055bf15fa963f2d598b47b11d3c0"><code>63708a94</code></a>]:</p> <ul> <li>miniflare@3.20231030.3</li> </ul> </li> </ul> <h2>wrangler@3.18.0</h2> <h3>Minor Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4532">#4532</a> <a href="https://github.com/cloudflare/workers-sdk/commit/311ffbd5064f8301ac6f0311bbe5630897923b93"><code>311ffbd5</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - fix: change <code>wrangler (pages) dev</code> to listen on <code>localhost</code> by default</p> <p>Previously, Wrangler listened on all interfaces (<code>*</code>) by default. This change switches <code>wrangler (pages) dev</code> to just listen on local interfaces. Whilst this is technically a breaking change, we've decided the security benefits outweigh the potential disruption caused. If you need to access your dev server from another device on your network, you can use <code>wrangler (pages) dev --ip *</code> to restore the previous behaviour.</p> </li> </ul> <h3>Patch Changes</h3> <ul> <li>Updated dependencies [<a href="https://github.com/cloudflare/workers-sdk/commit/1b34878287e3c98e8743e0a9c30b860107d4fcbe"><code>1b348782</code></a>]: <ul> <li>miniflare@3.20231030.2</li> </ul> </li> </ul> <h2>wrangler@3.17.1</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4474">#4474</a> <a href="https://github.com/cloudflare/workers-sdk/commit/382ef8f580ab755d2706692e865b619953ef5671"><code>382ef8f5</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - fix: open browser to correct url pressing <code>b</code> in <code>--remote</code> mode</p> <p>This change ensures Wrangler doesn't try to open <code>http://*</code> when <code>*</code> is used as the dev server's hostname. Instead, Wrangler will now open <code>http://127.0.0.1</code>.</p> </li> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4488">#4488</a> <a href="https://github.com/cloudflare/workers-sdk/commit/3bd5723852c8340d04930e056ef1e8f97dc316ae"><code>3bd57238</code></a> Thanks <a href="https://github.com/RamIdeas"><code>@​RamIdeas</code></a>! - Changes the default directory for log files to workaround frameworks that are watching the entire <code>.wrangler</code> directory in the project root for changes</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/cloudflare/workers-sdk/blob/main/packages/wrangler/CHANGELOG.md">wrangler's changelog</a>.</em></p> <blockquote> <h2>3.19.0</h2> <h3>Minor Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4547">#4547</a> <a href="https://github.com/cloudflare/workers-sdk/commit/86c81ff0d59e79d2d33f176f69a7c2d1dcd91e02"><code>86c81ff0</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - fix: listen on IPv4 loopback only by default on Windows</p> <p>Due to a <a href="https://redirect.github.com/cloudflare/workerd/issues/1408">known issue</a>, <code>workerd</code> will only listen on the IPv4 loopback address <code>127.0.0.1</code> when it's asked to listen on <code>localhost</code>. On Node.js &gt; 17, <code>localhost</code> will resolve to the IPv6 loopback address, meaning requests to <code>workerd</code> would fail. This change switches to using the IPv4 loopback address throughout Wrangler on Windows, while <a href="https://redirect.github.com/cloudflare/workerd/issues/1408">workerd#1408</a> gets fixed.</p> </li> </ul> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4535">#4535</a> <a href="https://github.com/cloudflare/workers-sdk/commit/29df8e17545bf3926b6d61678b596be809d40c6d"><code>29df8e17</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - Reintroduces some internal refactorings of wrangler dev servers (including <code>wrangler dev</code>, <code>wrangler dev --remote</code>, and <code>unstable_dev()</code>).</p> <p>These changes were released in 3.13.0 and reverted in 3.13.1 -- we believe the changes are now more stable and ready for release again.</p> <p>There are no changes required for developers to opt-in. Improvements include:</p> <ul> <li>fewer 'address in use' errors upon reloads</li> <li>upon config/source file changes, requests are buffered to guarantee the response is from the new version of the Worker</li> </ul> </li> </ul> <h3>Patch Changes</h3> <ul> <li><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4521">#4521</a> <a href="https://github.com/cloudflare/workers-sdk/commit/6c5bc704c5a13aab58b765c57b700204bc0830bf"><code>6c5bc704</code></a> Thanks <a href="https://github.com/zebp"><code>@​zebp</code></a>! - fix: init from dash specifying explicit usage model in wrangler.toml for standard users</li> </ul> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550">#4550</a> <a href="https://github.com/cloudflare/workers-sdk/commit/63708a94fb7a055bf15fa963f2d598b47b11d3c0"><code>63708a94</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - fix: validate <code>Host</code> and <code>Orgin</code> headers where appropriate</p> <p><code>Host</code> and <code>Origin</code> headers are now checked when connecting to the inspector and Miniflare's magic proxy. If these don't match what's expected, the request will fail.</p> </li> <li> <p>Updated dependencies [<a href="https://github.com/cloudflare/workers-sdk/commit/71fb0b86cf0ed81cc29ad71792edbba3a79ba87c"><code>71fb0b86</code></a>, <a href="https://github.com/cloudflare/workers-sdk/commit/63708a94fb7a055bf15fa963f2d598b47b11d3c0"><code>63708a94</code></a>]:</p> <ul> <li>miniflare@3.20231030.3</li> </ul> </li> </ul> <h2>3.18.0</h2> <h3>Minor Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4532">#4532</a> <a href="https://github.com/cloudflare/workers-sdk/commit/311ffbd5064f8301ac6f0311bbe5630897923b93"><code>311ffbd5</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - fix: change <code>wrangler (pages) dev</code> to listen on <code>localhost</code> by default</p> <p>Previously, Wrangler listened on all interfaces (<code>*</code>) by default. This change switches <code>wrangler (pages) dev</code> to just listen on local interfaces. Whilst this is technically a breaking change, we've decided the security benefits outweigh the potential disruption caused. If you need to access your dev server from another device on your network, you can use <code>wrangler (pages) dev --ip *</code> to restore the previous behaviour.</p> </li> </ul> <h3>Patch Changes</h3> <ul> <li>Updated dependencies [<a href="https://github.com/cloudflare/workers-sdk/commit/1b34878287e3c98e8743e0a9c30b860107d4fcbe"><code>1b348782</code></a>]: <ul> <li>miniflare@3.20231030.2</li> </ul> </li> </ul> <h2>3.17.1</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4474">#4474</a> <a href="https://github.com/cloudflare/workers-sdk/commit/382ef8f580ab755d2706692e865b619953ef5671"><code>382ef8f5</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - fix: open browser to correct url pressing <code>b</code> in <code>--remote</code> mode</p> <p>This change ensures Wrangler doesn't try to open <code>http://*</code> when <code>*</code> is used as the dev server's hostname. Instead, Wrangler will now open <code>http://127.0.0.1</code>.</p> </li> </ul> <ul> <li><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4488">#4488</a> <a href="https://github.com/cloudflare/workers-sdk/commit/3bd5723852c8340d04930e056ef1e8f97dc316ae"><code>3bd57238</code></a> Thanks <a href="https://github.com/RamIdeas"><code>@​RamIdeas</code></a>! - Changes the default directory for log files to workaround frameworks that are watching the entire <code>.wrangler</code> directory in the project root for changes</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/cloudflare/workers-sdk/commit/5e67ea176ac03718061b49bce6311ce169a355bd"><code>5e67ea1</code></a> Version Packages (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4536">#4536</a>)</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/63708a94fb7a055bf15fa963f2d598b47b11d3c0"><code>63708a9</code></a> fix: validate <code>Host</code>/<code>Origin</code> headers in magic proxy and `InspectorProxyWorke...</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/86c81ff0d59e79d2d33f176f69a7c2d1dcd91e02"><code>86c81ff</code></a> fix: listen on IPv4 loopback only by default on Windows (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4547">#4547</a>)</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/6c5bc704c5a13aab58b765c57b700204bc0830bf"><code>6c5bc70</code></a> fix: init from dash using explicit usage model for standard accounts (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4521">#4521</a>)</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/29df8e17545bf3926b6d61678b596be809d40c6d"><code>29df8e1</code></a> Revert &quot;Revert &quot;startDevWorker - Milestone 1 (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4497">#4497</a>)&quot; (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4531">#4531</a>)&quot; (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4535">#4535</a>)</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/97727de0537dd7f9d162693dd58cbc90054916bc"><code>97727de</code></a> Version Packages (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4495">#4495</a>)</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/311ffbd5064f8301ac6f0311bbe5630897923b93"><code>311ffbd</code></a> [wrangler] fix: change <code>wrangler (pages) dev</code> to listen on <code>localhost</code> by def...</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/310281a48a1de2997b1c055711f4ad47f3aa29e1"><code>310281a</code></a> Revert &quot;startDevWorker - Milestone 1 (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4497">#4497</a>)&quot; (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4531">#4531</a>)</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/01eda780253cb0b4b5b56c7295f1761d17c9909a"><code>01eda78</code></a> startDevWorker - Milestone 1 (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4497">#4497</a>)</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/961c8eaaf38066afc3f16a6107a20b23050902d9"><code>961c8ea</code></a> remove unused npx-import dependency (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4477">#4477</a>)</li> <li>Additional commits viewable in <a href="https://github.com/cloudflare/workers-sdk/commits/wrangler@3.19.0/packages/wrangler">compare view</a></li> </ul> </details> <br /> Updates `semver` from 7.5.4 to 7.6.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/npm/node-semver/releases">semver's releases</a>.</em></p> <blockquote> <h2>v7.6.0</h2> <h2><a href="https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0">7.6.0</a> (2024-01-31)</h2> <h3>Features</h3> <ul> <li><a href="https://github.com/npm/node-semver/commit/a7ab13a46201e342d34e84a989632b380f755baf"><code>a7ab13a</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/671">#671</a> preserve pre-release and build parts of a version on coerce (<a href="https://redirect.github.com/npm/node-semver/issues/671">#671</a>) (<a href="https://github.com/madtisa"><code>@​madtisa</code></a>, madtisa, <a href="https://github.com/wraithgar"><code>@​wraithgar</code></a>)</li> </ul> <h3>Chores</h3> <ul> <li><a href="https://github.com/npm/node-semver/commit/816c7b2cbfcb1986958a290f941eddfd0441139e"><code>816c7b2</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/667">#667</a> postinstall for dependabot template-oss PR (<a href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/0bd24d943cbd1a7f6a2b8d384590bfa98559e1de"><code>0bd24d9</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/667">#667</a> bump <code>@​npmcli/template-oss</code> from 4.21.1 to 4.21.3 (<a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li> <li><a href="https://github.com/npm/node-semver/commit/e521932f115a81030f4e7c34e8631cdd3c6a108b"><code>e521932</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a> postinstall for dependabot template-oss PR (<a href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/88739918080debeb239aae840b35c07436148e50"><code>8873991</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a> chore: chore: postinstall for dependabot template-oss PR (<a href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/f317dc8689781bcfd98e2c32b46157276acdd47c"><code>f317dc8</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a> bump <code>@​npmcli/template-oss</code> from 4.19.0 to 4.21.0 (<a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li> <li><a href="https://github.com/npm/node-semver/commit/7303db1fe54d6905b23ccb0162878e37d73535ef"><code>7303db1</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/658">#658</a> add clean() test for build metadata (<a href="https://redirect.github.com/npm/node-semver/issues/658">#658</a>) (<a href="https://github.com/jethrodaniel"><code>@​jethrodaniel</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/6240d75a7c620b0a222f05969a91fdc3dc2be0fb"><code>6240d75</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/656">#656</a> add missing quotes in README.md (<a href="https://redirect.github.com/npm/node-semver/issues/656">#656</a>) (<a href="https://github.com/zyxkad"><code>@​zyxkad</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/14d263faa156e408a033b9b12a2f87735c2df42c"><code>14d263f</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/625">#625</a> postinstall for dependabot template-oss PR (<a href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/7c34e1ac1bcc0bc6579b30745c96075c69bd0332"><code>7c34e1a</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/625">#625</a> bump <code>@​npmcli/template-oss</code> from 4.18.1 to 4.19.0 (<a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li> <li><a href="https://github.com/npm/node-semver/commit/123e0b03287e1af295ef82d55f55c16805596f35"><code>123e0b0</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/622">#622</a> postinstall for dependabot template-oss PR (<a href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/737d5e1cf10e631bab8a28594aa2d5c9d4090814"><code>737d5e1</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/622">#622</a> bump <code>@​npmcli/template-oss</code> from 4.18.0 to 4.18.1 (<a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li> <li><a href="https://github.com/npm/node-semver/commit/cce61804ba6f997225a1267135c06676fe0524d2"><code>cce6180</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/598">#598</a> postinstall for dependabot template-oss PR (<a href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/b914a3d0d26ca27d2685053d7d390af4e02eedd9"><code>b914a3d</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/598">#598</a> bump <code>@​npmcli/template-oss</code> from 4.17.0 to 4.18.0 (<a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/npm/node-semver/blob/main/CHANGELOG.md">semver's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0">7.6.0</a> (2024-01-31)</h2> <h3>Features</h3> <ul> <li><a href="https://github.com/npm/node-semver/commit/a7ab13a46201e342d34e84a989632b380f755baf"><code>a7ab13a</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/671">#671</a> preserve pre-release and build parts of a version on coerce (<a href="https://redirect.github.com/npm/node-semver/issues/671">#671</a>) (<a href="https://github.com/madtisa"><code>@​madtisa</code></a>, madtisa, <a href="https://github.com/wraithgar"><code>@​wraithgar</code></a>)</li> </ul> <h3>Chores</h3> <ul> <li><a href="https://github.com/npm/node-semver/commit/816c7b2cbfcb1986958a290f941eddfd0441139e"><code>816c7b2</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/667">#667</a> postinstall for dependabot template-oss PR (<a href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/0bd24d943cbd1a7f6a2b8d384590bfa98559e1de"><code>0bd24d9</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/667">#667</a> bump <code>@​npmcli/template-oss</code> from 4.21.1 to 4.21.3 (<a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li> <li><a href="https://github.com/npm/node-semver/commit/e521932f115a81030f4e7c34e8631cdd3c6a108b"><code>e521932</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a> postinstall for dependabot template-oss PR (<a href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/88739918080debeb239aae840b35c07436148e50"><code>8873991</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a> chore: chore: postinstall for dependabot template-oss PR (<a href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/f317dc8689781bcfd98e2c32b46157276acdd47c"><code>f317dc8</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a> bump <code>@​npmcli/template-oss</code> from 4.19.0 to 4.21.0 (<a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li> <li><a href="https://github.com/npm/node-semver/commit/7303db1fe54d6905b23ccb0162878e37d73535ef"><code>7303db1</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/658">#658</a> add clean() test for build metadata (<a href="https://redirect.github.com/npm/node-semver/issues/658">#658</a>) (<a href="https://github.com/jethrodaniel"><code>@​jethrodaniel</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/6240d75a7c620b0a222f05969a91fdc3dc2be0fb"><code>6240d75</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/656">#656</a> add missing quotes in README.md (<a href="https://redirect.github.com/npm/node-semver/issues/656">#656</a>) (<a href="https://github.com/zyxkad"><code>@​zyxkad</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/14d263faa156e408a033b9b12a2f87735c2df42c"><code>14d263f</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/625">#625</a> postinstall for dependabot template-oss PR (<a href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/7c34e1ac1bcc0bc6579b30745c96075c69bd0332"><code>7c34e1a</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/625">#625</a> bump <code>@​npmcli/template-oss</code> from 4.18.1 to 4.19.0 (<a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li> <li><a href="https://github.com/npm/node-semver/commit/123e0b03287e1af295ef82d55f55c16805596f35"><code>123e0b0</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/622">#622</a> postinstall for dependabot template-oss PR (<a href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/737d5e1cf10e631bab8a28594aa2d5c9d4090814"><code>737d5e1</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/622">#622</a> bump <code>@​npmcli/template-oss</code> from 4.18.0 to 4.18.1 (<a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li> <li><a href="https://github.com/npm/node-semver/commit/cce61804ba6f997225a1267135c06676fe0524d2"><code>cce6180</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/598">#598</a> postinstall for dependabot template-oss PR (<a href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li> <li><a href="https://github.com/npm/node-semver/commit/b914a3d0d26ca27d2685053d7d390af4e02eedd9"><code>b914a3d</code></a> <a href="https://redirect.github.com/npm/node-semver/pull/598">#598</a> bump <code>@​npmcli/template-oss</code> from 4.17.0 to 4.18.0 (<a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/npm/node-semver/commit/377f709718053a477ed717089c4403c4fec332a1"><code>377f709</code></a> chore: release 7.6.0 (<a href="https://redirect.github.com/npm/node-semver/issues/661">#661</a>)</li> <li><a href="https://github.com/npm/node-semver/commit/a7ab13a46201e342d34e84a989632b380f755baf"><code>a7ab13a</code></a> feat: preserve pre-release and build parts of a version on coerce (<a href="https://redirect.github.com/npm/node-semver/issues/671">#671</a>)</li> <li><a href="https://github.com/npm/node-semver/commit/816c7b2cbfcb1986958a290f941eddfd0441139e"><code>816c7b2</code></a> chore: postinstall for dependabot template-oss PR</li> <li><a href="https://github.com/npm/node-semver/commit/0bd24d943cbd1a7f6a2b8d384590bfa98559e1de"><code>0bd24d9</code></a> chore: bump <code>@​npmcli/template-oss</code> from 4.21.1 to 4.21.3</li> <li><a href="https://github.com/npm/node-semver/commit/e521932f115a81030f4e7c34e8631cdd3c6a108b"><code>e521932</code></a> chore: postinstall for dependabot template-oss PR</li> <li><a href="https://github.com/npm/node-semver/commit/88739918080debeb239aae840b35c07436148e50"><code>8873991</code></a> chore: chore: chore: postinstall for dependabot template-oss PR</li> <li><a href="https://github.com/npm/node-semver/commit/f317dc8689781bcfd98e2c32b46157276acdd47c"><code>f317dc8</code></a> chore: bump <code>@​npmcli/template-oss</code> from 4.19.0 to 4.21.0</li> <li><a href="https://github.com/npm/node-semver/commit/7303db1fe54d6905b23ccb0162878e37d73535ef"><code>7303db1</code></a> chore: add clean() test for build metadata (<a href="https://redirect.github.com/npm/node-semver/issues/658">#658</a>)</li> <li><a href="https://github.com/npm/node-semver/commit/6240d75a7c620b0a222f05969a91fdc3dc2be0fb"><code>6240d75</code></a> chore: add missing quotes in README.md (<a href="https://redirect.github.com/npm/node-semver/issues/656">#656</a>)</li> <li><a href="https://github.com/npm/node-semver/commit/14d263faa156e408a033b9b12a2f87735c2df42c"><code>14d263f</code></a> chore: postinstall for dependabot template-oss PR</li> <li>Additional commits viewable in <a href="https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0">compare view</a></li> </ul> </details> <br /> Updates `es5-ext` from 0.10.62 to 0.10.64 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/medikoo/es5-ext/releases">es5-ext's releases</a>.</em></p> <blockquote> <h2>0.10.64 (2024-02-27)</h2> <h3>Bug Fixes</h3> <ul> <li>Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (<a href="https://github.com/medikoo/es5-ext/commit/c2e2bb90c295c4c582445a6f03b2a3ad0b22550a">c2e2bb9</a>)</li> </ul> <hr /> <p><a href="https://github.com/medikoo/es5-ext/compare/v0.10.63...v0.10.64">Comparison since last release</a></p> <h2>0.10.63 (2024-02-23)</h2> <h3>Bug Fixes</h3> <ul> <li>Do not rely on problematic regex (<a href="https://github.com/medikoo/es5-ext/commit/3551cdd7b2db08b1632841f819d008757d28e8e2">3551cdd</a>), addresses <a href="https://redirect.github.com/medikoo/es5-ext/issues/201">#201</a></li> <li>Support ES2015+ function definitions in <code>function#toStringTokens()</code> (<a href="https://github.com/medikoo/es5-ext/commit/a52e95736690ad1d465ebcd9791d54570e294602">a52e957</a>), addresses <a href="https://redirect.github.com/medikoo/es5-ext/issues/021">#021</a></li> <li>Ensure postinstall script does not crash on Windows, fixes <a href="https://redirect.github.com/medikoo/es5-ext/issues/181">#181</a> (<a href="https://github.com/medikoo/es5-ext/commit/bf8ed799d57df53096da9d908ff577f305e1366f">bf8ed79</a>)</li> </ul> <h3>Maintenance Improvements</h3> <ul> <li>Simplify the manifest message (<a href="https://github.com/medikoo/es5-ext/commit/7855319f41b9736639cf4555bd2c419f17addf55">7855319</a>)</li> </ul> <hr /> <p><a href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.63">Comparison since last release</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md">es5-ext's changelog</a>.</em></p> <blockquote> <h3><a href="https://github.com/medikoo/es5-ext/compare/v0.10.63...v0.10.64">0.10.64</a> (2024-02-27)</h3> <h3>Bug Fixes</h3> <ul> <li>Revert update to postinstall script meant to fix Powershell issue, as it's a regression for some Linux terminals (<a href="https://github.com/medikoo/es5-ext/commit/c2e2bb90c295c4c582445a6f03b2a3ad0b22550a">c2e2bb9</a>)</li> </ul> <h3><a href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.63">0.10.63</a> (2024-02-23)</h3> <h3>Bug Fixes</h3> <ul> <li>Do not rely on problematic regex (<a href="https://github.com/medikoo/es5-ext/commit/3551cdd7b2db08b1632841f819d008757d28e8e2">3551cdd</a>), addresses <a href="https://redirect.github.com/medikoo/es5-ext/issues/201">#201</a></li> <li>Support ES2015+ function definitions in <code>function#toStringTokens()</code> (<a href="https://github.com/medikoo/es5-ext/commit/a52e95736690ad1d465ebcd9791d54570e294602">a52e957</a>), addresses <a href="https://redirect.github.com/medikoo/es5-ext/issues/021">#021</a></li> <li>Ensure postinstall script does not crash on Windows, fixes <a href="https://redirect.github.com/medikoo/es5-ext/issues/181">#181</a> (<a href="https://github.com/medikoo/es5-ext/commit/bf8ed799d57df53096da9d908ff577f305e1366f">bf8ed79</a>)</li> </ul> <h3>Maintenance Improvements</h3> <ul> <li>Simplify the manifest message (<a href="https://github.com/medikoo/es5-ext/commit/7855319f41b9736639cf4555bd2c419f17addf55">7855319</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/medikoo/es5-ext/commit/f76b03d8c49ce4871f37f428c0e1d3ee6637fcc4"><code>f76b03d</code></a> chore: Release v0.10.64</li> <li><a href="https://github.com/medikoo/es5-ext/commit/2881acda50de0848b456690769919ed4b86be489"><code>2881acd</code></a> chore: Bump dependencies</li> <li><a href="https://github.com/medikoo/es5-ext/commit/c2e2bb90c295c4c582445a6f03b2a3ad0b22550a"><code>c2e2bb9</code></a> fix: Revert update meant to fix Powershell issue, as it's a regression</li> <li><a href="https://github.com/medikoo/es5-ext/commit/16f2b7253d3d8d499d8cf1d3ca76c585da7f08d3"><code>16f2b72</code></a> docs: Fix date in the changelog</li> <li><a href="https://github.com/medikoo/es5-ext/commit/de4e03c4776a303284142f73f3f181a070615817"><code>de4e03c</code></a> chore: Release v0.10.63</li> <li><a href="https://github.com/medikoo/es5-ext/commit/3fd53b755ec883be8f119c747f0b04130741e456"><code>3fd53b7</code></a> chore: Upgrade<code> lint-staged</code> to v13</li> <li><a href="https://github.com/medikoo/es5-ext/commit/bf8ed799d57df53096da9d908ff577f305e1366f"><code>bf8ed79</code></a> chore: Ensure postinstall script does not crash on Windows</li> <li><a href="https://github.com/medikoo/es5-ext/commit/2cbbb0717bd8de6e38fcba1f0d45bc876e7a1951"><code>2cbbb07</code></a> chore: Bump dependencies</li> <li><a href="https://github.com/medikoo/es5-ext/commit/22d0416ea170000a115609f22a560dfa9193ebb0"><code>22d0416</code></a> chore: Bump LICENSE year</li> <li><a href="https://github.com/medikoo/es5-ext/commit/a52e95736690ad1d465ebcd9791d54570e294602"><code>a52e957</code></a> fix: Support ES2015+ function definitions in <code>function#toStringTokens()</code></li> <li>Additional commits viewable in <a href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.64">compare view</a></li> </ul> </details> <br /> Updates `ip` from 1.1.8 to 1.1.9 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indutny/node-ip/commit/1ecbf2fd8c0cc85e44c3b587d2de641f50dc0217"><code>1ecbf2f</code></a> 1.1.9</li> <li><a href="https://github.com/indutny/node-ip/commit/6a3ada9b471b09d5f0f5be264911ab564bf67894"><code>6a3ada9</code></a> lib: fixed CVE-2023-42282 and added unit test</li> <li>See full diff in <a href="https://github.com/indutny/node-ip/compare/v1.1.8...v1.1.9">compare view</a></li> </ul> </details> <br /> Updates `miniflare` from 3.20231030.0 to 3.20231030.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cloudflare/workers-sdk/releases">miniflare's releases</a>.</em></p> <blockquote> <h2>miniflare@3.20231030.3</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4466">#4466</a> <a href="https://github.com/cloudflare/workers-sdk/commit/71fb0b86cf0ed81cc29ad71792edbba3a79ba87c"><code>71fb0b86</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - fix: ensure unused KV and Cache blobs cleaned up</p> <p>When storing data in KV, Cache and R2, Miniflare uses both an SQL database and separate blob store. When writing a key/value pair, a blob is created for the new value and the old blob for the previous value (if any) is deleted. A few months ago, we introduced a change that prevented old blobs being deleted for KV and Cache. R2 was unaffected. This shouldn't have caused any problems, but could lead to persistence directories growing unnecessarily as they filled up with garbage blobs. This change ensures garbage blobs are deleted.</p> <p>Note existing garbage will not be cleaned up. If you'd like to do this, download this Node script (<a href="https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076">https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076</a>). If you're using the default Wrangler persistence directory, run <code>node gc.mjs kv .wrangler/state/v3/kv &lt;namespace_id_1&gt; &lt;namespace_id_2&gt; ...</code> and <code>node gc.mjs cache .wrangler/state/v3/cache default named:&lt;cache_name_1&gt; named:&lt;cache_name_2&gt; ...</code> with each of your KV namespace IDs (not binding names) and named caches.</p> </li> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550">#4550</a> <a href="https://github.com/cloudflare/workers-sdk/commit/63708a94fb7a055bf15fa963f2d598b47b11d3c0"><code>63708a94</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - fix: validate <code>Host</code> and <code>Orgin</code> headers where appropriate</p> <p><code>Host</code> and <code>Origin</code> headers are now checked when connecting to the inspector and Miniflare's magic proxy. If these don't match what's expected, the request will fail.</p> </li> </ul> <h2>miniflare@3.20231030.2</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4505">#4505</a> <a href="https://github.com/cloudflare/workers-sdk/commit/1b34878287e3c98e8743e0a9c30b860107d4fcbe"><code>1b348782</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - fix: remove <code>__STATIC_CONTENT_MANIFEST</code> from module worker <code>env</code></p> <p>When using Workers Sites with a module worker, the asset manifest must be imported from the <code>__STATIC_CONTENT_MANIFEST</code> virtual module. Miniflare provided this module, but also erroneously added <code>__STATIC_CONTENT_MANIFEST</code> to the <code>env</code> object too. Whilst this didn't break anything locally, it could cause users to develop Workers that ran locally, but not when deployed. This change ensures <code>env</code> doesn't contain <code>__STATIC_CONTENT_MANIFEST</code>.</p> </li> </ul> <h2>miniflare@3.20231030.1</h2> <h3>Minor Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4348">#4348</a> <a href="https://github.com/cloudflare/workers-sdk/commit/be2b9cf5a9395cf7385f59d2e1ec3131dae3d87f"><code>be2b9cf5</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - feat: add support for wrapped bindings</p> <p>This change adds a new <code>wrappedBindings</code> worker option for configuring <code>workerd</code>'s <a href="https://github.com/cloudflare/workerd/blob/bfcef2d850514c569c039cb84c43bc046af4ffb9/src/workerd/server/workerd.capnp#L469-L487">wrapped bindings</a>. These allow custom bindings to be written as JavaScript functions accepting an <code>env</code> parameter of &quot;inner bindings&quot; and returning the value to bind. For more details, refer to the <a href="https://github.com/cloudflare/workers-sdk/blob/main/packages/miniflare/README.md#core">API docs</a>.</p> </li> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4341">#4341</a> <a href="https://github.com/cloudflare/workers-sdk/commit/d99087433814e4f1fb98cd61b03b6e2f606b1a15"><code>d9908743</code></a> Thanks <a href="https://github.com/RamIdeas"><code>@​RamIdeas</code></a>! - Added a <code>handleRuntimeStdio</code> which enables wrangler (or any other direct use of Miniflare) to handle the <code>stdout</code> and <code>stderr</code> streams from the workerd child process. By default, if this option is not provided, the previous behaviour is retained which splits the streams into lines and calls <code>console.log</code>/<code>console.error</code>.</p> </li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/cloudflare/workers-sdk/blob/main/packages/miniflare/CHANGELOG.md">miniflare's changelog</a>.</em></p> <blockquote> <h2>3.20231030.3</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4466">#4466</a> <a href="https://github.com/cloudflare/workers-sdk/commit/71fb0b86cf0ed81cc29ad71792edbba3a79ba87c"><code>71fb0b86</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - fix: ensure unused KV and Cache blobs cleaned up</p> <p>When storing data in KV, Cache and R2, Miniflare uses both an SQL database and separate blob store. When writing a key/value pair, a blob is created for the new value and the old blob for the previous value (if any) is deleted. A few months ago, we introduced a change that prevented old blobs being deleted for KV and Cache. R2 was unaffected. This shouldn't have caused any problems, but could lead to persistence directories growing unnecessarily as they filled up with garbage blobs. This change ensures garbage blobs are deleted.</p> <p>Note existing garbage will not be cleaned up. If you'd like to do this, download this Node script (<a href="https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076">https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076</a>). If you're using the default Wrangler persistence directory, run <code>node gc.mjs kv .wrangler/state/v3/kv &lt;namespace_id_1&gt; &lt;namespace_id_2&gt; ...</code> and <code>node gc.mjs cache .wrangler/state/v3/cache default named:&lt;cache_name_1&gt; named:&lt;cache_name_2&gt; ...</code> with each of your KV namespace IDs (not binding names) and named caches.</p> </li> </ul> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550">#4550</a> <a href="https://github.com/cloudflare/workers-sdk/commit/63708a94fb7a055bf15fa963f2d598b47b11d3c0"><code>63708a94</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - fix: validate <code>Host</code> and <code>Orgin</code> headers where appropriate</p> <p><code>Host</code> and <code>Origin</code> headers are now checked when connecting to the inspector and Miniflare's magic proxy. If these don't match what's expected, the request will fail.</p> </li> </ul> <h2>3.20231030.2</h2> <h3>Patch Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4505">#4505</a> <a href="https://github.com/cloudflare/workers-sdk/commit/1b34878287e3c98e8743e0a9c30b860107d4fcbe"><code>1b348782</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - fix: remove <code>__STATIC_CONTENT_MANIFEST</code> from module worker <code>env</code></p> <p>When using Workers Sites with a module worker, the asset manifest must be imported from the <code>__STATIC_CONTENT_MANIFEST</code> virtual module. Miniflare provided this module, but also erroneously added <code>__STATIC_CONTENT_MANIFEST</code> to the <code>env</code> object too. Whilst this didn't break anything locally, it could cause users to develop Workers that ran locally, but not when deployed. This change ensures <code>env</code> doesn't contain <code>__STATIC_CONTENT_MANIFEST</code>.</p> </li> </ul> <h2>3.20231030.1</h2> <h3>Minor Changes</h3> <ul> <li> <p><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4348">#4348</a> <a href="https://github.com/cloudflare/workers-sdk/commit/be2b9cf5a9395cf7385f59d2e1ec3131dae3d87f"><code>be2b9cf5</code></a> Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! - feat: add support for wrapped bindings</p> <p>This change adds a new <code>wrappedBindings</code> worker option for configuring <code>workerd</code>'s <a href="https://github.com/cloudflare/workerd/blob/bfcef2d850514c569c039cb84c43bc046af4ffb9/src/workerd/server/workerd.capnp#L469-L487">wrapped bindings</a>. These allow custom bindings to be written as JavaScript functions accepting an <code>env</code> parameter of &quot;inner bindings&quot; and returning the value to bind. For more details, refer to the <a href="https://github.com/cloudflare/workers-sdk/blob/main/packages/miniflare/README.md#core">API docs</a>.</p> </li> </ul> <ul> <li><a href="https://redirect.github.com/cloudflare/workers-sdk/pull/4341">#4341</a> <a href="https://github.com/cloudflare/workers-sdk/commit/d99087433814e4f1fb98cd61b03b6e2f606b1a15"><code>d9908743</code></a> Thanks <a href="https://github.com/RamIdeas"><code>@​RamIdeas</code></a>! - Added a <code>handleRuntimeStdio</code> which enables wrangler (or any other direct use of Miniflare) to handle the <code>stdout</code> and <code>stderr</code> streams from the workerd child process. By default, if this option is not provided, the previous behaviour is retained which splits the streams into lines and calls <code>console.log</code>/<code>console.error</code>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/cloudflare/workers-sdk/commit/5e67ea176ac03718061b49bce6311ce169a355bd"><code>5e67ea1</code></a> Version Packages (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4536">#4536</a>)</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/63708a94fb7a055bf15fa963f2d598b47b11d3c0"><code>63708a9</code></a> fix: validate <code>Host</code>/<code>Origin</code> headers in magic proxy and `InspectorProxyWorke...</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/71fb0b86cf0ed81cc29ad71792edbba3a79ba87c"><code>71fb0b8</code></a> fix: ensure unused KV and Cache blobs cleaned up (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4466">#4466</a>)</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/97727de0537dd7f9d162693dd58cbc90054916bc"><code>97727de</code></a> Version Packages (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4495">#4495</a>)</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/311ffbd5064f8301ac6f0311bbe5630897923b93"><code>311ffbd</code></a> [wrangler] fix: change <code>wrangler (pages) dev</code> to listen on <code>localhost</code> by def...</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/1b34878287e3c98e8743e0a9c30b860107d4fcbe"><code>1b34878</code></a> fix: remove <code>__STATIC_CONTENT_MANIFEST</code> from module worker <code>env</code> (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4505">#4505</a>)</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/f728503bd363b6421c35346c30d2d3e77025d49f"><code>f728503</code></a> Version Packages (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4463">#4463</a>)</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/be2b9cf5a9395cf7385f59d2e1ec3131dae3d87f"><code>be2b9cf</code></a> feat: add support for wrapped bindings (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4348">#4348</a>)</li> <li><a href="https://github.com/cloudflare/workers-sdk/commit/d99087433814e4f1fb98cd61b03b6e2f606b1a15"><code>d990874</code></a> Intercept workerd logs + write all debug logs to a hidden file (<a href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4341">#4341</a>)</li> <li>See full diff in <a href="https://github.com/cloudflare/workers-sdk/commits/miniflare@3.20231030.3/packages/miniflare">compare view</a></li> </ul> </details> <br /> Updates `undici` from 5.28.2 to 5.28.3 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nodejs/undici/releases">undici's releases</a>.</em></p> <blockquote> <h2>v5.28.3</h2> <h2>⚠️ Security Release ⚠️</h2> <p>Fixes:</p> <ul> <li><a href="https://github.com/nodejs/undici/security/advisories/GHSA-3787-6prv-h9w3">CVE-2024-24758 Proxy-Authorization header not cleared on cross-origin redirect in fetch</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3">https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodejs/undici/commit/e71cb4c88faae5670a129fde5552266afc2dbc39"><code>e71cb4c</code></a> Bumped v5.28.3</li> <li><a href="https://github.com/nodejs/undici/commit/20c65b89f4fda588ebb3f2abf51c55726880820e"><code>20c65b8</code></a> Fix tests for Node.js v20.11.0 (<a href="https://redirect.github.com/nodejs/undici/issues/2618">#2618</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/8ec52cde66e288ea98f9f801c29e6e845bf4c5f1"><code>8ec52cd</code></a> Fix tests for Node.js v21 (<a href="https://redirect.github.com/nodejs/undici/issues/2609">#2609</a>)</li> <li><a href="https://github.com/nodejs/undici/commit/d3aa574b1259c1d8d329a0f0f495ee82882b1458"><code>d3aa574</code></a> Merge pull request from GHSA-3787-6prv-h9w3</li> <li>See full diff in <a href="https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/tldraw/tldraw/network/alerts). </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Mitja Bezenšek <mitja.bezensek@gmail.com>
2024-03-04 12:20:23 +00:00
"wrangler": "3.19.0"
},
"jest": {
"preset": "config/jest/node",
"moduleNameMapper": {
"^~(.*)": "<rootDir>/src/$1"
},
"transformIgnorePatterns": [
"node_modules/(?!(nanoid|escape-string-regexp)/)"
]
}
}