dependabot[bot]
d75df039bd
build(deps): bump ws from 8.16.0 to 8.17.1 in the npm_and_yarn group across 1 directory ( #3984 )
...
Bumps the npm_and_yarn group with 1 update in the / directory:
[ws](https://github.com/websockets/ws ).
Updates `ws` from 8.16.0 to 8.17.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/websockets/ws/releases ">ws's
releases</a>.</em></p>
<blockquote>
<h2>8.17.1</h2>
<h1>Bug fixes</h1>
<ul>
<li>Fixed a DoS vulnerability (<a
href="https://redirect.github.com/websockets/ws/issues/2231 ">#2231</a>).</li>
</ul>
<p>A request with a number of headers exceeding
the[<code>server.maxHeadersCount</code>][]
threshold could be used to crash a ws server.</p>
<pre lang="js"><code>const http = require('http');
const WebSocket = require('ws');
<p>const wss = new WebSocket.Server({ port: 0 }, function () {
const chars =
"!#$%&'*+-.0123456789abcdefghijklmnopqrstuvwxyz^_`|~".split('');
const headers = {};
let count = 0;</p>
<p>for (let i = 0; i < chars.length; i++) {
if (count === 2000) break;</p>
<pre><code>for (let j = 0; j &lt; chars.length; j++) {
const key = chars[i] + chars[j];
headers[key] = 'x';
if (++count === 2000) break;
}
</code></pre>
<p>}</p>
<p>headers.Connection = 'Upgrade';
headers.Upgrade = 'websocket';
headers['Sec-WebSocket-Key'] = 'dGhlIHNhbXBsZSBub25jZQ==';
headers['Sec-WebSocket-Version'] = '13';</p>
<p>const request = http.request({
headers: headers,
host: '127.0.0.1',
port: wss.address().port
});</p>
<p>request.end();
});
</code></pre></p>
<p>The vulnerability was reported by <a
href="https://github.com/rrlapointe ">Ryan LaPointe</a> in <a
href="https://redirect.github.com/websockets/ws/issues/2230 ">websockets/ws#2230</a>.</p>
<p>In vulnerable versions of ws, the issue can be mitigated in the
following ways:</p>
<ol>
<li>Reduce the maximum allowed length of the request headers using the
[<code>--max-http-header-size=size</code>][] and/or the
[<code>maxHeaderSize</code>][] options so
that no more headers than the <code>server.maxHeadersCount</code> limit
can be sent.</li>
</ol>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3c56601092
"><code>3c56601</code></a>
[dist] 8.17.1</li>
<li><a
href="e55e5106f1
"><code>e55e510</code></a>
[security] Fix crash when the Upgrade header cannot be read (<a
href="https://redirect.github.com/websockets/ws/issues/2231 ">#2231</a>)</li>
<li><a
href="6a00029edd
"><code>6a00029</code></a>
[test] Increase code coverage</li>
<li><a
href="ddfe4a804d
"><code>ddfe4a8</code></a>
[perf] Reduce the amount of <code>crypto.randomFillSync()</code>
calls</li>
<li><a
href="b73b11828d
"><code>b73b118</code></a>
[dist] 8.17.0</li>
<li><a
href="29694a5905
"><code>29694a5</code></a>
[test] Use the <code>highWaterMark</code> variable</li>
<li><a
href="934c9d6b93
"><code>934c9d6</code></a>
[ci] Test on node 22</li>
<li><a
href="1817bac06e
"><code>1817bac</code></a>
[ci] Do not test on node 21</li>
<li><a
href="96c9b3dedd
"><code>96c9b3d</code></a>
[major] Flip the default value of <code>allowSynchronousEvents</code>
(<a
href="https://redirect.github.com/websockets/ws/issues/2221 ">#2221</a>)</li>
<li><a
href="e5f32c7e1e
"><code>e5f32c7</code></a>
[fix] Emit at most one event per event loop iteration (<a
href="https://redirect.github.com/websockets/ws/issues/2218 ">#2218</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/websockets/ws/compare/8.16.0...8.17.1 ">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ws&package-manager=npm_and_yarn&previous-version=8.16.0&new-version=8.17.1 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/tldraw/tldraw/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-20 13:05:55 +00:00
Mitja Bezenšek
1bcc16d15a
Move from unpkg to our own cdn. ( #3923 )
...
Switches from unpkg to our own cdn files.
### Change Type
<!-- ❗ Please select a 'Scope' label ❗ ️ -->
- [x] `sdk` — Changes the tldraw SDK
- [ ] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [ ] `internal` — Does not affect user-facing stuff
<!-- ❗ Please select a 'Type' label ❗ ️ -->
- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [x] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
### Release Notes
- Start using our own cdn instead of unpkg.
2024-06-17 13:13:46 +00:00
Mime Čuvalo
735161c4a8
assets: store in indexedDB, not as base64 ( #3836 )
...
this is take #2 of this PR https://github.com/tldraw/tldraw/pull/3745
As I look at LOD holistically and whether we have multiple sources when
working locally, I learned that our system used base64 encoding of
assets directly. Issue https://github.com/tldraw/tldraw/issues/3728
<img width="1350" alt="assetstore"
src="https://github.com/tldraw/tldraw/assets/469604/e7b41e29-6656-4d9b-b462-72d43b98f3f7 ">
The motivations and benefits are:
- store size: not having a huge base64 blobs injected in room data
- perf on loading snapshot: this helps with loading the room data more
quickly
- multiple sources: furthermore, if we do decide to have multiple
sources locally (for each asset), then we won't get a multiplicative
effect of even larger JSON blobs that have lots of base64 data in them
- encoding/decoding perf: this also saves the (slow) step of having to
base64 encode/decode our assets, we can just strictly with work with
blobs.
Todo:
- [x] decodes video and images
- [x] make sure it syncs to other tabs
- [x] make sure it syncs to other multiplayer room
- [x] fix tests
### Change Type
<!-- ❗ Please select a 'Scope' label ❗ ️ -->
- [x] `sdk` — Changes the tldraw SDK
- [ ] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [ ] `internal` — Does not affect user-facing stuff
<!-- ❗ Please select a 'Type' label ❗ ️ -->
- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [x] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
### Test Plan
1. Test the shit out of uploading/downloading video/image assets,
locally+multiplayer.
- [ ] Need to fix current tests and write new ones
### Release Notes
- Assets: store as reference to blob in indexedDB instead of storing
directly as base64 in the snapshot.
2024-06-14 10:23:52 +00:00
Mime Čuvalo
3adae06d9c
security: enforce use of our fetch function and its default referrerpolicy ( #3884 )
...
followup to https://github.com/tldraw/tldraw/pull/3881 to enforce this
in the codebase
Describe what your pull request does. If appropriate, add GIFs or images
showing the before and after.
### Change Type
<!-- ❗ Please select a 'Scope' label ❗ ️ -->
- [x] `sdk` — Changes the tldraw SDK
- [x] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [ ] `internal` — Does not affect user-facing stuff
<!-- ❗ Please select a 'Type' label ❗ ️ -->
- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [x] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
2024-06-11 13:59:25 +00:00
dependabot[bot]
5de0229626
Bump the npm_and_yarn group across 3 directories with 4 updates ( #3920 )
...
Bumps the npm_and_yarn group with 2 updates in the / directory:
[tar](https://github.com/isaacs/node-tar ) and
[braces](https://github.com/micromatch/braces ).
Bumps the npm_and_yarn group with 1 update in the /templates/nextjs
directory: [braces](https://github.com/micromatch/braces ).
Bumps the npm_and_yarn group with 3 updates in the /templates/vite
directory: [semver](https://github.com/npm/node-semver ),
[braces](https://github.com/micromatch/braces ) and
[debug](https://github.com/debug-js/debug ).
Updates `tar` from 7.1.0 to 7.2.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md ">tar's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>7.2</h2>
<ul>
<li>DRY the command definitions into a single <code>makeCommand</code>
method,
and update the type signatures to more appropriately infer the
return type from the options and arguments provided.</li>
</ul>
<h2>7.1</h2>
<ul>
<li>Update minipass to v7.1.0</li>
<li>Update the type definitions of <code>write()</code> and
<code>end()</code> methods on
<code>Unpack</code> and <code>Parser</code> classes to be compatible
with the
NodeJS.WritableStream type in the latest versions of
<code>@types/node</code>.</li>
</ul>
<h2>7.0</h2>
<ul>
<li>Rewrite in TypeScript, provide ESM and CommonJS hybrid
interface</li>
<li>Add tree-shake friendly exports, like
<code>import('tar/create')</code>
and <code>import('tar/read-entry')</code> to get individual functions or
classes.</li>
<li>Add <code>chmod</code> option that defaults to false, and deprecate
<code>noChmod</code>. That is, reverse the default option regarding
explicitly setting file system modes to match tar entry
settings.</li>
<li>Add <code>processUmask</code> option to avoid having to call
<code>process.umask()</code> when <code>chmod: true</code> (or
<code>noChmod: false</code>) is
set.</li>
</ul>
<h2>6.2</h2>
<ul>
<li>Add support for brotli compression</li>
<li>Add <code>maxDepth</code> option to prevent extraction into
excessively
deep folders.</li>
</ul>
<h2>6.1</h2>
<ul>
<li>remove dead link to benchmarks (<a
href="https://redirect.github.com/isaacs/node-tar/issues/313 ">#313</a>)
(<a href="https://github.com/yetzt "><code>@yetzt</code></a>)</li>
<li>add examples/explanation of using tar.t (<a
href="https://github.com/isaacs "><code>@isaacs</code></a>)</li>
<li>ensure close event is emited after stream has ended (<a
href="https://github.com/webark "><code>@webark</code></a>)</li>
<li>replace deprecated String.prototype.substr() (<a
href="https://github.com/CommanderRoot "><code>@CommanderRoot</code></a>,
<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
</ul>
<h2>6.0</h2>
<ul>
<li>Drop support for node 6 and 8</li>
<li>fix symlinks and hardlinks on windows being packed with
<code>\</code>-style path targets</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ed17f588f2
"><code>ed17f58</code></a>
7.2.0</li>
<li><a
href="83e97f62d8
"><code>83e97f6</code></a>
changelog 7.2</li>
<li><a
href="3062616846
"><code>3062616</code></a>
DRY all commands, correct overload signature types</li>
<li>See full diff in <a
href="https://github.com/isaacs/node-tar/compare/v7.1.0...v7.2.0 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `braces` from 3.0.2 to 3.0.3
<details>
<summary>Commits</summary>
<ul>
<li><a
href="74b2db2938
"><code>74b2db2</code></a>
3.0.3</li>
<li><a
href="88f1429a0f
"><code>88f1429</code></a>
update eslint. lint, fix unit tests.</li>
<li><a
href="415d660c30
"><code>415d660</code></a>
Snyk js braces 6838727 (<a
href="https://redirect.github.com/micromatch/braces/issues/40 ">#40</a>)</li>
<li><a
href="190510f79d
"><code>190510f</code></a>
fix tests, skip 1 test in test/braces.expand</li>
<li><a
href="716eb9f12d
"><code>716eb9f</code></a>
readme bump</li>
<li><a
href="a5851e57f4
"><code>a5851e5</code></a>
Merge pull request <a
href="https://redirect.github.com/micromatch/braces/issues/37 ">#37</a>
from coderaiser/fix/vulnerability</li>
<li><a
href="2092bd1fb1
"><code>2092bd1</code></a>
feature: braces: add maxSymbols (<a
href="https://github.com/micromatch/braces/issues/ ">https://github.com/micromatch/braces/issues/ </a>...</li>
<li><a
href="9f5b4cf473
"><code>9f5b4cf</code></a>
fix: vulnerability (<a
href="https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727 ">https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727 </a>)</li>
<li><a
href="98414f9f1f
"><code>98414f9</code></a>
remove funding file</li>
<li><a
href="665ab5d561
"><code>665ab5d</code></a>
update keepEscaping doc (<a
href="https://redirect.github.com/micromatch/braces/issues/27 ">#27</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/micromatch/braces/compare/3.0.2...3.0.3 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `braces` from 3.0.2 to 3.0.3
<details>
<summary>Commits</summary>
<ul>
<li><a
href="74b2db2938
"><code>74b2db2</code></a>
3.0.3</li>
<li><a
href="88f1429a0f
"><code>88f1429</code></a>
update eslint. lint, fix unit tests.</li>
<li><a
href="415d660c30
"><code>415d660</code></a>
Snyk js braces 6838727 (<a
href="https://redirect.github.com/micromatch/braces/issues/40 ">#40</a>)</li>
<li><a
href="190510f79d
"><code>190510f</code></a>
fix tests, skip 1 test in test/braces.expand</li>
<li><a
href="716eb9f12d
"><code>716eb9f</code></a>
readme bump</li>
<li><a
href="a5851e57f4
"><code>a5851e5</code></a>
Merge pull request <a
href="https://redirect.github.com/micromatch/braces/issues/37 ">#37</a>
from coderaiser/fix/vulnerability</li>
<li><a
href="2092bd1fb1
"><code>2092bd1</code></a>
feature: braces: add maxSymbols (<a
href="https://github.com/micromatch/braces/issues/ ">https://github.com/micromatch/braces/issues/ </a>...</li>
<li><a
href="9f5b4cf473
"><code>9f5b4cf</code></a>
fix: vulnerability (<a
href="https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727 ">https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727 </a>)</li>
<li><a
href="98414f9f1f
"><code>98414f9</code></a>
remove funding file</li>
<li><a
href="665ab5d561
"><code>665ab5d</code></a>
update keepEscaping doc (<a
href="https://redirect.github.com/micromatch/braces/issues/27 ">#27</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/micromatch/braces/compare/3.0.2...3.0.3 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `semver` from 7.6.1 to 7.6.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/releases ">semver's
releases</a>.</em></p>
<blockquote>
<h2>v7.6.2</h2>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.6.1...v7.6.2 ">7.6.2</a>
(2024-05-09)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="6466ba9b54
"><code>6466ba9</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/713 ">#713</a>
lru: use map.delete() directly (<a
href="https://redirect.github.com/npm/node-semver/issues/713 ">#713</a>)
(<a href="https://github.com/negezor "><code>@negezor</code></a>, <a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/blob/main/CHANGELOG.md ">semver's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.6.1...v7.6.2 ">7.6.2</a>
(2024-05-09)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="6466ba9b54
"><code>6466ba9</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/713 ">#713</a>
lru: use map.delete() directly (<a
href="https://redirect.github.com/npm/node-semver/issues/713 ">#713</a>)
(<a href="https://github.com/negezor "><code>@negezor</code></a>, <a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="eb1380b1ec
"><code>eb1380b</code></a>
chore: release 7.6.2 (<a
href="https://redirect.github.com/npm/node-semver/issues/714 ">#714</a>)</li>
<li><a
href="6466ba9b54
"><code>6466ba9</code></a>
fix(lru): use map.delete() directly (<a
href="https://redirect.github.com/npm/node-semver/issues/713 ">#713</a>)</li>
<li>See full diff in <a
href="https://github.com/npm/node-semver/compare/v7.6.1...v7.6.2 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `braces` from 3.0.2 to 3.0.3
<details>
<summary>Commits</summary>
<ul>
<li><a
href="74b2db2938
"><code>74b2db2</code></a>
3.0.3</li>
<li><a
href="88f1429a0f
"><code>88f1429</code></a>
update eslint. lint, fix unit tests.</li>
<li><a
href="415d660c30
"><code>415d660</code></a>
Snyk js braces 6838727 (<a
href="https://redirect.github.com/micromatch/braces/issues/40 ">#40</a>)</li>
<li><a
href="190510f79d
"><code>190510f</code></a>
fix tests, skip 1 test in test/braces.expand</li>
<li><a
href="716eb9f12d
"><code>716eb9f</code></a>
readme bump</li>
<li><a
href="a5851e57f4
"><code>a5851e5</code></a>
Merge pull request <a
href="https://redirect.github.com/micromatch/braces/issues/37 ">#37</a>
from coderaiser/fix/vulnerability</li>
<li><a
href="2092bd1fb1
"><code>2092bd1</code></a>
feature: braces: add maxSymbols (<a
href="https://github.com/micromatch/braces/issues/ ">https://github.com/micromatch/braces/issues/ </a>...</li>
<li><a
href="9f5b4cf473
"><code>9f5b4cf</code></a>
fix: vulnerability (<a
href="https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727 ">https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727 </a>)</li>
<li><a
href="98414f9f1f
"><code>98414f9</code></a>
remove funding file</li>
<li><a
href="665ab5d561
"><code>665ab5d</code></a>
update keepEscaping doc (<a
href="https://redirect.github.com/micromatch/braces/issues/27 ">#27</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/micromatch/braces/compare/3.0.2...3.0.3 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `debug` from 4.3.4 to 4.3.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/debug-js/debug/releases ">debug's
releases</a>.</em></p>
<blockquote>
<h2>4.3.5</h2>
<h1>Patch</h1>
<ul>
<li>cac39b1c5b018b0fe93a53a05f084eee543d17f5 Fix/debug depth (<a
href="https://redirect.github.com/debug-js/debug/issues/926 ">#926</a>)</li>
</ul>
<p>Thank you <a
href="https://github.com/calvintwr "><code>@calvintwr</code></a> for the
fix.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5464bdddbc
"><code>5464bdd</code></a>
4.3.5</li>
<li><a
href="f244ada2e9
"><code>f244ada</code></a>
update authorship contact info</li>
<li><a
href="cac39b1c5b
"><code>cac39b1</code></a>
Fix/debug depth (<a
href="https://redirect.github.com/debug-js/debug/issues/926 ">#926</a>)</li>
<li><a
href="f66cb2d9f7
"><code>f66cb2d</code></a>
remove .github folder (and the outdated issue templates)</li>
<li><a
href="d1616622e4
"><code>d161662</code></a>
Update ISSUE_TEMPLATE.md</li>
<li><a
href="12c1ad04db
"><code>12c1ad0</code></a>
Update ISSUE_TEMPLATE.md</li>
<li>See full diff in <a
href="https://github.com/debug-js/debug/compare/4.3.4...4.3.5 ">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/tldraw/tldraw/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-11 13:33:44 +00:00
Mime Čuvalo
ccb6b918c5
bookmark: fix up double request and rework extractor ( #3856 )
...
This code has started to bitrot a bit and this freshens it up a bit.
- there's a double request happening for every bookmark paste at the
moment, yikes! One request originates from the paste logic, and the
other originates from the `onBeforeCreate` in `BookmarkShapeUtil`. They
both see that an asset is missing and race to make the request at the
same time. It _seems_ like we don't need the `onBeforeCreate` anymore.
But, if I'm mistaken on some edge case here lemme know and we can
address this in a different way.
- the extractor is really crusty (the grabity code is from 5 yrs ago and
hasn't been updated) and we don't have control over it. i've worked on
unfurling stuff before with Paper and my other projects and this reworks
things to use Cheerio, which is a more robust library.
- this adds `favicon` to the response request which should usually
default to the apple-touch-icon. this helps with some better bookmark
displays (e.g. like Wikipedia if an image is empty)
In general, this'll start to make this more maintainable and improvable
on our end.
Double request:
<img width="1496" alt="Screenshot 2024-05-31 at 17 54 49"
src="https://github.com/tldraw/tldraw/assets/469604/22033170-caaa-4fd2-854f-f19b61611978 ">
Before:
<img width="355" alt="Screenshot 2024-05-31 at 17 55 02"
src="https://github.com/tldraw/tldraw/assets/469604/fd272669-ee52-4cc7-bed7-72a8ed8d53a0 ">
After:
<img width="351" alt="Screenshot 2024-05-31 at 17 55 44"
src="https://github.com/tldraw/tldraw/assets/469604/87d27342-0d49-4cfc-a811-356370562d19 ">
### Change Type
<!-- ❗ Please select a 'Scope' label ❗ ️ -->
- [ ] `sdk` — Changes the tldraw SDK
- [x] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [ ] `internal` — Does not affect user-facing stuff
<!-- ❗ Please select a 'Type' label ❗ ️ -->
- [x] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [x] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
### Test Plan
1. Test pasting links in, and pasting again.
### Release Notes
- Bookmarks: fix up double request and rework extractor code.
---------
Co-authored-by: Steve Ruiz <steveruizok@gmail.com>
2024-06-10 10:50:49 +00:00
CodeTorso
38c573aacc
Add editor notes to the docs ( #3832 )
...
People just don't know that they need to put the components using
useEditor inside the <tldraw> component as a children
Either it is defined somewhere else or not defined at all, so it will
really help those.
Describe what your pull request does. If appropriate, add GIFs or images
showing the before and after.
### Change Type
<!-- ❗ Please select a 'Scope' label ❗ ️ -->
- [ ] `sdk` — Changes the tldraw SDK
- [ ] `dotcom` — Changes the tldraw.com web app
- [X] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [ ] `internal` — Does not affect user-facing stuff
<!-- ❗ Please select a 'Type' label ❗ ️ -->
- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [X] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
### Test Plan [No need]
1. Add a step-by-step description of how to test your PR here.
2.
- [ ] Unit Tests
- [ ] End to end tests
### Release Notes [No need]
- Add a brief release note for your PR here.
---------
Co-authored-by: Steve Ruiz <steveruizok@gmail.com>
2024-06-04 12:01:10 +00:00
alex
2b2778b4f9
Fix markdown list rendering on docs site ( #3813 )
...
We write our API docs in markdown embedded in tsdocs comments. vscode's
hover preview of these docs renders them as expected, but api-extract
treats whitespace as insignificant and strips out most newlines, which
breaks markdown lists. See https://github.com/microsoft/tsdoc/issues/178
for details.
This PR patches tsdoc's emitter so that it preserves newlines. That way,
we can write markdown lists and have them picked up as expected by the
docs site markdown parser. I don't expect this to introduce other issues
with previously ignored line breaks and markdown is only sensitive to
linebreaks in certain scenarios (like lists) anyway.
(Extracted from bindings docs - #3812 )
Before:
<img width="740" alt="Screenshot 2024-05-22 at 15 00 43"
src="https://github.com/tldraw/tldraw/assets/1489520/846f88b1-9480-48a6-9795-6a9f27ca242a ">
After:
<img width="708" alt="Screenshot 2024-05-22 at 14 51 28"
src="https://github.com/tldraw/tldraw/assets/1489520/80c54b8e-4f74-45e7-9cba-0287175e9f97 ">
### Change Type
- [x] `docs` — Changes to the documentation, examples, or templates.
- [x] `bugfix` — Bug fix
2024-05-23 13:00:22 +00:00
Mime Čuvalo
9ffd7f15ee
google meet: add hardware whiteboard integration ( #3765 )
...
pushing out my changes but this is a draft. we need to do look into this
more:
- [ ] we might need to reach out to Google support and request to be put
on their "start a whiteboard" whitelist/partner list? it's actually
pretty unclear how to get on that list. I don't see any permissions/API
scopes that is meant to enable that 🤔
- [ ] but maybe this is something that you @steveruizok as Google
Workspace admin see on your end? let's look together when you get back.
I initially tried doing a bundle (using esbuild (and i tried
parcel/rollup too)) but it didn't feel like the right path, and also it
didn't work when loading it in the Apps Scripts.
So then I went the route of just doing an iframe and I think that feels
much better. This means though that we do want our iframe protector to
let through this usecase. But also, we could maybe just redirect always
to a new room? I'm not sure yet.
The build script helps either build the prod or staging version
depending on what you want.
Once we do find that the staging version works, then we'll go through
the process of:
- [x] applied for https://developers.google.com/workspace/preview
(already did this to get access to new Google Meet APIs just in case)
- [x] added to google analytics (already done)
- [ ] turn off testing mode for oauth and submit for review
- [ ] continue publishing process to Create a store listing for our prod
app: https://developers.google.com/workspace/marketplace/how-to-publish
### Change Type
<!-- ❗ Please select a 'Scope' label ❗ ️ -->
- [ ] `sdk` — Changes the tldraw SDK
- [ ] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [x] `internal` — Does not affect user-facing stuff
<!-- ❗ Please select a 'Type' label ❗ ️ -->
- [ ] `bugfix` — Bug fix
- [x] `feature` — New feature
- [ ] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
### Release Notes
- Google Meet: add hardware whiteboard integration
2024-05-20 14:52:05 +00:00
dependabot[bot]
3dcd2a851c
Bump the npm_and_yarn group across 2 directories with 4 updates ( #3731 )
...
Bumps the npm_and_yarn group with 3 updates in the / directory:
[next](https://github.com/vercel/next.js ),
[semver](https://github.com/npm/node-semver ) and
[zod](https://github.com/colinhacks/zod ).
Bumps the npm_and_yarn group with 1 update in the /templates/nextjs
directory: [next](https://github.com/vercel/next.js ).
Updates `next` from 14.1.3 to 14.2.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vercel/next.js/releases ">next's
releases</a>.</em></p>
<blockquote>
<h2>v14.2.3</h2>
<blockquote>
<p>[!NOTE]<br />
This release is backporting bug fixes. It does <strong>not</strong>
include all pending features/changes on canary.</p>
</blockquote>
<h3>Core Changes</h3>
<ul>
<li>Fix: resolve mixed re-exports module as cjs (<a
href="https://redirect.github.com/vercel/next.js/issues/64681 ">#64681</a>)</li>
<li>fix: mixing namespace import and named import client components (<a
href="https://redirect.github.com/vercel/next.js/issues/64809 ">#64809</a>)</li>
<li>Fix mixed exports in server component with barrel optimization (<a
href="https://redirect.github.com/vercel/next.js/issues/64894 ">#64894</a>)</li>
<li>Fix next/image usage in mdx(<a
href="https://redirect.github.com/vercel/next.js/issues/64875 ">#64875</a>)</li>
<li>fix(fetch-cache): fix additional typo, add type & data
validation (<a
href="https://redirect.github.com/vercel/next.js/issues/64799 ">#64799</a>)</li>
<li>prevent erroneous route interception during lazy fetch (<a
href="https://redirect.github.com/vercel/next.js/issues/64692 ">#64692</a>)</li>
<li>fix root page revalidation when redirecting in a server action (<a
href="https://redirect.github.com/vercel/next.js/issues/64730 ">#64730</a>)</li>
<li>fix: remove traceparent from cachekey should not remove traceparent
from original object (<a
href="https://redirect.github.com/vercel/next.js/issues/64727 ">#64727</a>)</li>
<li>Clean-up fetch metrics tracking (<a
href="https://redirect.github.com/vercel/next.js/issues/64746 ">#64746</a>)</li>
</ul>
<h3>Credits</h3>
<p>Huge thanks to <a
href="https://github.com/huozhi "><code>@huozhi</code></a>, <a
href="https://github.com/samcx "><code>@samcx</code></a>, <a
href="https://github.com/ztanner "><code>@ztanner</code></a>, <a
href="https://github.com/Jeffrey-Zutt "><code>@Jeffrey-Zutt</code></a>,
and <a href="https://github.com/ijjk "><code>@ijjk</code></a> for
helping!</p>
<h2>v14.2.2</h2>
<blockquote>
<p>[!NOTE]<br />
This release is backporting bug fixes. It does <strong>not</strong>
include all pending features/changes on canary.</p>
</blockquote>
<h3>Core Changes</h3>
<ul>
<li>Fix Server Action error logs for unhandled POST requests (<a
href="https://redirect.github.com/vercel/next.js/issues/64315 ">#64315</a>)</li>
<li>Improve rendering performance (<a
href="https://redirect.github.com/vercel/next.js/issues/64408 ">#64408</a>)</li>
<li>Fix the method prop case in Server Actions transform (<a
href="https://redirect.github.com/vercel/next.js/issues/64398 ">#64398</a>)</li>
<li>fix(next-lint): update option --report-unused-disable-directives to
--report-unused-disable-directives-severity (<a
href="https://redirect.github.com/vercel/next.js/issues/64405 ">#64405</a>)</li>
<li>tweak test for Azure (<a
href="https://redirect.github.com/vercel/next.js/issues/64424 ">#64424</a>)</li>
<li>router restore should take priority over pending actions (<a
href="https://redirect.github.com/vercel/next.js/issues/64449 ">#64449</a>)</li>
<li>Fix client boundary inheritance for barrel optimization (<a
href="https://redirect.github.com/vercel/next.js/issues/64467 ">#64467</a>)</li>
<li>improve turborepo caching (<a
href="https://redirect.github.com/vercel/next.js/issues/64493 ">#64493</a>)</li>
<li>feat: strip traceparent header from cachekey (<a
href="https://redirect.github.com/vercel/next.js/issues/64499 ">#64499</a>)</li>
<li>Fix more Turbopack build tests</li>
<li>Update lockfile for compatibility with turbo (<a
href="https://redirect.github.com/vercel/next.js/issues/64360 ">#64360</a>)</li>
<li>Fix typo in dynamic-rendering.ts (<a
href="https://redirect.github.com/vercel/next.js/issues/64365 ">#64365</a>)</li>
<li>Fix DynamicServerError not being thrown in fetch (<a
href="https://redirect.github.com/vercel/next.js/issues/64511 ">#64511</a>)</li>
<li>fix(next): Metadata.openGraph values not resolving basic values when
type is set (<a
href="https://redirect.github.com/vercel/next.js/issues/63620 ">#63620</a>)</li>
<li>disable production chunking in dev (<a
href="https://redirect.github.com/vercel/next.js/issues/64488 ">#64488</a>)</li>
<li>Fix cjs client components tree-shaking (<a
href="https://redirect.github.com/vercel/next.js/issues/64558 ">#64558</a>)</li>
<li>fix refresh behavior for discarded actions (<a
href="https://redirect.github.com/vercel/next.js/issues/64532 ">#64532</a>)</li>
<li>fix: filter out middleware requests in logging (<a
href="https://redirect.github.com/vercel/next.js/issues/64549 ">#64549</a>)</li>
<li>Turbopack: Allow client components to be imported in app routes (<a
href="https://redirect.github.com/vercel/next.js/issues/64520 ">#64520</a>)</li>
<li>Fix ASL bundling for dynamic css (<a
href="https://redirect.github.com/vercel/next.js/issues/64451 ">#64451</a>)</li>
<li>add pathname normalizer for actions (<a
href="https://redirect.github.com/vercel/next.js/issues/64592 ">#64592</a>)</li>
<li>fix incorrect refresh request when basePath is set (<a
href="https://redirect.github.com/vercel/next.js/issues/64589 ">#64589</a>)</li>
<li>test: skip turbopack build test (<a
href="https://redirect.github.com/vercel/next.js/issues/64356 ">#64356</a>)</li>
<li>hotfix(turbopack): Update with patch for postcss.config.js path
resolution on Windows (<a
href="https://redirect.github.com/vercel/next.js/issues/64677 ">#64677</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2e7a96a1e8
"><code>2e7a96a</code></a>
v14.2.3</li>
<li><a
href="a230be4867
"><code>a230be4</code></a>
Clean-up fetch metrics tracking (<a
href="https://redirect.github.com/vercel/next.js/issues/64746 ">#64746</a>)</li>
<li><a
href="73c2d634b1
"><code>73c2d63</code></a>
fix: remove traceparent from cachekey should not remove traceparent from
orig...</li>
<li><a
href="dd44191118
"><code>dd44191</code></a>
fix root page revalidation when redirecting in a server action (<a
href="https://redirect.github.com/vercel/next.js/issues/64730 ">#64730</a>)</li>
<li><a
href="8b4c234740
"><code>8b4c234</code></a>
prevent erroneous route interception during lazy fetch (<a
href="https://redirect.github.com/vercel/next.js/issues/64692 ">#64692</a>)</li>
<li><a
href="d6a7ca0e8d
"><code>d6a7ca0</code></a>
fix(fetch-cache): fix additional typo, add type & data validation
(<a
href="https://redirect.github.com/vercel/next.js/issues/64799 ">#64799</a>)</li>
<li><a
href="4a6b511ca0
"><code>4a6b511</code></a>
Fix next/image usage in mdx (<a
href="https://redirect.github.com/vercel/next.js/issues/64875 ">#64875</a>)</li>
<li><a
href="04cc13c0a3
"><code>04cc13c</code></a>
Fix mixed exports in server component with barrel optimization (<a
href="https://redirect.github.com/vercel/next.js/issues/64894 ">#64894</a>)</li>
<li><a
href="8d01d496fe
"><code>8d01d49</code></a>
fix: mixing namespace import and named import client components (<a
href="https://redirect.github.com/vercel/next.js/issues/64809 ">#64809</a>)</li>
<li><a
href="de84e3ae70
"><code>de84e3a</code></a>
Fix: resolve mixed re-exports module as cjs (<a
href="https://redirect.github.com/vercel/next.js/issues/64681 ">#64681</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vercel/next.js/compare/v14.1.3...v14.2.3 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `semver` from 7.6.1 to 7.6.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/releases ">semver's
releases</a>.</em></p>
<blockquote>
<h2>v7.6.2</h2>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.6.1...v7.6.2 ">7.6.2</a>
(2024-05-09)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="6466ba9b54
"><code>6466ba9</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/713 ">#713</a>
lru: use map.delete() directly (<a
href="https://redirect.github.com/npm/node-semver/issues/713 ">#713</a>)
(<a href="https://github.com/negezor "><code>@negezor</code></a>, <a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/blob/main/CHANGELOG.md ">semver's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.6.1...v7.6.2 ">7.6.2</a>
(2024-05-09)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="6466ba9b54
"><code>6466ba9</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/713 ">#713</a>
lru: use map.delete() directly (<a
href="https://redirect.github.com/npm/node-semver/issues/713 ">#713</a>)
(<a href="https://github.com/negezor "><code>@negezor</code></a>, <a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="eb1380b1ec
"><code>eb1380b</code></a>
chore: release 7.6.2 (<a
href="https://redirect.github.com/npm/node-semver/issues/714 ">#714</a>)</li>
<li><a
href="6466ba9b54
"><code>6466ba9</code></a>
fix(lru): use map.delete() directly (<a
href="https://redirect.github.com/npm/node-semver/issues/713 ">#713</a>)</li>
<li>See full diff in <a
href="https://github.com/npm/node-semver/compare/v7.6.1...v7.6.2 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `zod` from 3.23.7 to 3.23.8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/colinhacks/zod/releases ">zod's
releases</a>.</em></p>
<blockquote>
<h2>v3.23.8</h2>
<h2>Commits:</h2>
<ul>
<li>0f4d403558ae0490c711e4c2bfcf6c200bd14e11 Add Bronze logos (<a
href="https://redirect.github.com/colinhacks/zod/issues/3470 ">#3470</a>)</li>
<li>19687315b5b24bbd1ff6c346bfc2975700221748 Tweak tiers (<a
href="https://redirect.github.com/colinhacks/zod/issues/3471 ">#3471</a>)</li>
<li>eda7df314399929f7ed737423868a5a0780cd944 Change RefinementCtx to
interface</li>
<li>ca42965df46b2f7e2747db29c40a26bcb32a51d5 v3.23.8</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ca42965df4
"><code>ca42965</code></a>
v3.23.8</li>
<li><a
href="eda7df3143
"><code>eda7df3</code></a>
Change RefinementCtx to interface</li>
<li><a
href="19687315b5
"><code>1968731</code></a>
Tweak tiers (<a
href="https://redirect.github.com/colinhacks/zod/issues/3471 ">#3471</a>)</li>
<li><a
href="0f4d403558
"><code>0f4d403</code></a>
Add Bronze logos (<a
href="https://redirect.github.com/colinhacks/zod/issues/3470 ">#3470</a>)</li>
<li>See full diff in <a
href="https://github.com/colinhacks/zod/compare/v3.23.7...v3.23.8 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `next` from 13.5.0 to 14.1.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vercel/next.js/releases ">next's
releases</a>.</em></p>
<blockquote>
<h2>v14.2.3</h2>
<blockquote>
<p>[!NOTE]<br />
This release is backporting bug fixes. It does <strong>not</strong>
include all pending features/changes on canary.</p>
</blockquote>
<h3>Core Changes</h3>
<ul>
<li>Fix: resolve mixed re-exports module as cjs (<a
href="https://redirect.github.com/vercel/next.js/issues/64681 ">#64681</a>)</li>
<li>fix: mixing namespace import and named import client components (<a
href="https://redirect.github.com/vercel/next.js/issues/64809 ">#64809</a>)</li>
<li>Fix mixed exports in server component with barrel optimization (<a
href="https://redirect.github.com/vercel/next.js/issues/64894 ">#64894</a>)</li>
<li>Fix next/image usage in mdx(<a
href="https://redirect.github.com/vercel/next.js/issues/64875 ">#64875</a>)</li>
<li>fix(fetch-cache): fix additional typo, add type & data
validation (<a
href="https://redirect.github.com/vercel/next.js/issues/64799 ">#64799</a>)</li>
<li>prevent erroneous route interception during lazy fetch (<a
href="https://redirect.github.com/vercel/next.js/issues/64692 ">#64692</a>)</li>
<li>fix root page revalidation when redirecting in a server action (<a
href="https://redirect.github.com/vercel/next.js/issues/64730 ">#64730</a>)</li>
<li>fix: remove traceparent from cachekey should not remove traceparent
from original object (<a
href="https://redirect.github.com/vercel/next.js/issues/64727 ">#64727</a>)</li>
<li>Clean-up fetch metrics tracking (<a
href="https://redirect.github.com/vercel/next.js/issues/64746 ">#64746</a>)</li>
</ul>
<h3>Credits</h3>
<p>Huge thanks to <a
href="https://github.com/huozhi "><code>@huozhi</code></a>, <a
href="https://github.com/samcx "><code>@samcx</code></a>, <a
href="https://github.com/ztanner "><code>@ztanner</code></a>, <a
href="https://github.com/Jeffrey-Zutt "><code>@Jeffrey-Zutt</code></a>,
and <a href="https://github.com/ijjk "><code>@ijjk</code></a> for
helping!</p>
<h2>v14.2.2</h2>
<blockquote>
<p>[!NOTE]<br />
This release is backporting bug fixes. It does <strong>not</strong>
include all pending features/changes on canary.</p>
</blockquote>
<h3>Core Changes</h3>
<ul>
<li>Fix Server Action error logs for unhandled POST requests (<a
href="https://redirect.github.com/vercel/next.js/issues/64315 ">#64315</a>)</li>
<li>Improve rendering performance (<a
href="https://redirect.github.com/vercel/next.js/issues/64408 ">#64408</a>)</li>
<li>Fix the method prop case in Server Actions transform (<a
href="https://redirect.github.com/vercel/next.js/issues/64398 ">#64398</a>)</li>
<li>fix(next-lint): update option --report-unused-disable-directives to
--report-unused-disable-directives-severity (<a
href="https://redirect.github.com/vercel/next.js/issues/64405 ">#64405</a>)</li>
<li>tweak test for Azure (<a
href="https://redirect.github.com/vercel/next.js/issues/64424 ">#64424</a>)</li>
<li>router restore should take priority over pending actions (<a
href="https://redirect.github.com/vercel/next.js/issues/64449 ">#64449</a>)</li>
<li>Fix client boundary inheritance for barrel optimization (<a
href="https://redirect.github.com/vercel/next.js/issues/64467 ">#64467</a>)</li>
<li>improve turborepo caching (<a
href="https://redirect.github.com/vercel/next.js/issues/64493 ">#64493</a>)</li>
<li>feat: strip traceparent header from cachekey (<a
href="https://redirect.github.com/vercel/next.js/issues/64499 ">#64499</a>)</li>
<li>Fix more Turbopack build tests</li>
<li>Update lockfile for compatibility with turbo (<a
href="https://redirect.github.com/vercel/next.js/issues/64360 ">#64360</a>)</li>
<li>Fix typo in dynamic-rendering.ts (<a
href="https://redirect.github.com/vercel/next.js/issues/64365 ">#64365</a>)</li>
<li>Fix DynamicServerError not being thrown in fetch (<a
href="https://redirect.github.com/vercel/next.js/issues/64511 ">#64511</a>)</li>
<li>fix(next): Metadata.openGraph values not resolving basic values when
type is set (<a
href="https://redirect.github.com/vercel/next.js/issues/63620 ">#63620</a>)</li>
<li>disable production chunking in dev (<a
href="https://redirect.github.com/vercel/next.js/issues/64488 ">#64488</a>)</li>
<li>Fix cjs client components tree-shaking (<a
href="https://redirect.github.com/vercel/next.js/issues/64558 ">#64558</a>)</li>
<li>fix refresh behavior for discarded actions (<a
href="https://redirect.github.com/vercel/next.js/issues/64532 ">#64532</a>)</li>
<li>fix: filter out middleware requests in logging (<a
href="https://redirect.github.com/vercel/next.js/issues/64549 ">#64549</a>)</li>
<li>Turbopack: Allow client components to be imported in app routes (<a
href="https://redirect.github.com/vercel/next.js/issues/64520 ">#64520</a>)</li>
<li>Fix ASL bundling for dynamic css (<a
href="https://redirect.github.com/vercel/next.js/issues/64451 ">#64451</a>)</li>
<li>add pathname normalizer for actions (<a
href="https://redirect.github.com/vercel/next.js/issues/64592 ">#64592</a>)</li>
<li>fix incorrect refresh request when basePath is set (<a
href="https://redirect.github.com/vercel/next.js/issues/64589 ">#64589</a>)</li>
<li>test: skip turbopack build test (<a
href="https://redirect.github.com/vercel/next.js/issues/64356 ">#64356</a>)</li>
<li>hotfix(turbopack): Update with patch for postcss.config.js path
resolution on Windows (<a
href="https://redirect.github.com/vercel/next.js/issues/64677 ">#64677</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2e7a96a1e8
"><code>2e7a96a</code></a>
v14.2.3</li>
<li><a
href="a230be4867
"><code>a230be4</code></a>
Clean-up fetch metrics tracking (<a
href="https://redirect.github.com/vercel/next.js/issues/64746 ">#64746</a>)</li>
<li><a
href="73c2d634b1
"><code>73c2d63</code></a>
fix: remove traceparent from cachekey should not remove traceparent from
orig...</li>
<li><a
href="dd44191118
"><code>dd44191</code></a>
fix root page revalidation when redirecting in a server action (<a
href="https://redirect.github.com/vercel/next.js/issues/64730 ">#64730</a>)</li>
<li><a
href="8b4c234740
"><code>8b4c234</code></a>
prevent erroneous route interception during lazy fetch (<a
href="https://redirect.github.com/vercel/next.js/issues/64692 ">#64692</a>)</li>
<li><a
href="d6a7ca0e8d
"><code>d6a7ca0</code></a>
fix(fetch-cache): fix additional typo, add type & data validation
(<a
href="https://redirect.github.com/vercel/next.js/issues/64799 ">#64799</a>)</li>
<li><a
href="4a6b511ca0
"><code>4a6b511</code></a>
Fix next/image usage in mdx (<a
href="https://redirect.github.com/vercel/next.js/issues/64875 ">#64875</a>)</li>
<li><a
href="04cc13c0a3
"><code>04cc13c</code></a>
Fix mixed exports in server component with barrel optimization (<a
href="https://redirect.github.com/vercel/next.js/issues/64894 ">#64894</a>)</li>
<li><a
href="8d01d496fe
"><code>8d01d49</code></a>
fix: mixing namespace import and named import client components (<a
href="https://redirect.github.com/vercel/next.js/issues/64809 ">#64809</a>)</li>
<li><a
href="de84e3ae70
"><code>de84e3a</code></a>
Fix: resolve mixed re-exports module as cjs (<a
href="https://redirect.github.com/vercel/next.js/issues/64681 ">#64681</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vercel/next.js/compare/v14.1.3...v14.2.3 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `postcss` from 8.4.14 to 8.4.31
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/releases ">postcss's
releases</a>.</em></p>
<blockquote>
<h2>8.4.31</h2>
<ul>
<li>Fixed <code>\r</code> parsing to fix CVE-2023-44270.</li>
</ul>
<h2>8.4.30</h2>
<ul>
<li>Improved source map performance (by <a
href="https://github.com/romainmenke "><code>@romainmenke</code></a>).</li>
</ul>
<h2>8.4.29</h2>
<ul>
<li>Fixed <code>Node#source.offset</code> (by <a
href="https://github.com/idoros "><code>@idoros</code></a>).</li>
<li>Fixed docs (by <a
href="https://github.com/coliff "><code>@coliff</code></a>).</li>
</ul>
<h2>8.4.28</h2>
<ul>
<li>Fixed <code>Root.source.end</code> for better source map (by <a
href="https://github.com/romainmenke "><code>@romainmenke</code></a>).</li>
<li>Fixed <code>Result.root</code> types when <code>process()</code> has
no parser.</li>
</ul>
<h2>8.4.27</h2>
<ul>
<li>Fixed <code>Container</code> clone methods types.</li>
</ul>
<h2>8.4.26</h2>
<ul>
<li>Fixed clone methods types.</li>
</ul>
<h2>8.4.25</h2>
<ul>
<li>Improve stringify performance (by <a
href="https://github.com/romainmenke "><code>@romainmenke</code></a>).</li>
<li>Fixed docs (by <a
href="https://github.com/vikaskaliramna07 "><code>@vikaskaliramna07</code></a>).</li>
</ul>
<h2>8.4.24</h2>
<ul>
<li>Fixed <code>Plugin</code> types.</li>
</ul>
<h2>8.4.23</h2>
<ul>
<li>Fixed warnings in TypeDoc.</li>
</ul>
<h2>8.4.22</h2>
<ul>
<li>Fixed TypeScript support with <code>node16</code> (by <a
href="https://github.com/remcohaszing "><code>@remcohaszing</code></a>).</li>
</ul>
<h2>8.4.21</h2>
<ul>
<li>Fixed <code>Input#error</code> types (by <a
href="https://github.com/hudochenkov "><code>@hudochenkov</code></a>).</li>
</ul>
<h2>8.4.20</h2>
<ul>
<li>Fixed source map generation for childless at-rules like
<code>@layer</code>.</li>
</ul>
<h2>8.4.19</h2>
<ul>
<li>Fixed whitespace preserving after AST transformations (by <a
href="https://github.com/romainmenke "><code>@romainmenke</code></a>).</li>
</ul>
<h2>8.4.18</h2>
<ul>
<li>Fixed an error on <code>absolute: true</code> with empty
<code>sourceContent</code> (by <a
href="https://github.com/KingSora "><code>@KingSora</code></a>).</li>
</ul>
<h2>8.4.17</h2>
<ul>
<li>Fixed <code>Node.before()</code> unexpected behavior (by <a
href="https://github.com/romainmenke "><code>@romainmenke</code></a>).</li>
<li>Added TOC to docs (by <a
href="https://github.com/muddv "><code>@muddv</code></a>).</li>
</ul>
<h2>8.4.16</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md ">postcss's
changelog</a>.</em></p>
<blockquote>
<h2>8.4.31</h2>
<ul>
<li>Fixed <code>\r</code> parsing to fix CVE-2023-44270.</li>
</ul>
<h2>8.4.30</h2>
<ul>
<li>Improved source map performance (by Romain Menke).</li>
</ul>
<h2>8.4.29</h2>
<ul>
<li>Fixed <code>Node#source.offset</code> (by Ido Rosenthal).</li>
<li>Fixed docs (by Christian Oliff).</li>
</ul>
<h2>8.4.28</h2>
<ul>
<li>Fixed <code>Root.source.end</code> for better source map (by Romain
Menke).</li>
<li>Fixed <code>Result.root</code> types when <code>process()</code> has
no parser.</li>
</ul>
<h2>8.4.27</h2>
<ul>
<li>Fixed <code>Container</code> clone methods types.</li>
</ul>
<h2>8.4.26</h2>
<ul>
<li>Fixed clone methods types.</li>
</ul>
<h2>8.4.25</h2>
<ul>
<li>Improve stringify performance (by Romain Menke).</li>
<li>Fixed docs (by <a
href="https://github.com/vikaskaliramna07 "><code>@vikaskaliramna07</code></a>).</li>
</ul>
<h2>8.4.24</h2>
<ul>
<li>Fixed <code>Plugin</code> types.</li>
</ul>
<h2>8.4.23</h2>
<ul>
<li>Fixed warnings in TypeDoc.</li>
</ul>
<h2>8.4.22</h2>
<ul>
<li>Fixed TypeScript support with <code>node16</code> (by Remco
Haszing).</li>
</ul>
<h2>8.4.21</h2>
<ul>
<li>Fixed <code>Input#error</code> types (by Aleks Hudochenkov).</li>
</ul>
<h2>8.4.20</h2>
<ul>
<li>Fixed source map generation for childless at-rules like
<code>@layer</code>.</li>
</ul>
<h2>8.4.19</h2>
<ul>
<li>Fixed whitespace preserving after AST transformations (by Romain
Menke).</li>
</ul>
<h2>8.4.18</h2>
<ul>
<li>Fixed an error on <code>absolute: true</code> with empty
<code>sourceContent</code> (by Rene Haas).</li>
</ul>
<h2>8.4.17</h2>
<ul>
<li>Fixed <code>Node.before()</code> unexpected behavior (by Romain
Menke).</li>
<li>Added TOC to docs (by Mikhail Dedov).</li>
</ul>
<h2>8.4.16</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="90208de880
"><code>90208de</code></a>
Release 8.4.31 version</li>
<li><a
href="58cc860b4c
"><code>58cc860</code></a>
Fix carrier return parsing</li>
<li><a
href="4fff8e4cdc
"><code>4fff8e4</code></a>
Improve pnpm test output</li>
<li><a
href="cd43ed1232
"><code>cd43ed1</code></a>
Update dependencies</li>
<li><a
href="caa916bdcb
"><code>caa916b</code></a>
Update dependencies</li>
<li><a
href="8972f76923
"><code>8972f76</code></a>
Typo</li>
<li><a
href="11a5286f78
"><code>11a5286</code></a>
Typo</li>
<li><a
href="45c5501777
"><code>45c5501</code></a>
Release 8.4.30 version</li>
<li><a
href="bc3c341f58
"><code>bc3c341</code></a>
Update linter</li>
<li><a
href="b2be58a2eb
"><code>b2be58a</code></a>
Merge pull request <a
href="https://redirect.github.com/postcss/postcss/issues/1881 ">#1881</a>
from romainmenke/improve-sourcemap-performance--phil...</li>
<li>Additional commits viewable in <a
href="https://github.com/postcss/postcss/compare/8.4.14...8.4.31 ">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/tldraw/tldraw/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mime Čuvalo <mimecuvalo@gmail.com>
2024-05-13 10:54:02 +00:00
dependabot[bot]
0a7816e34d
Bump the npm_and_yarn group across 2 directories with 4 updates ( #3719 )
...
Bumps the npm_and_yarn group with 3 updates in the / directory:
[pdfjs-dist](https://github.com/mozilla/pdfjs-dist ),
[semver](https://github.com/npm/node-semver ) and
[zod](https://github.com/colinhacks/zod ).
Bumps the npm_and_yarn group with 2 updates in the /templates/vite
directory:
[vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite ) and
[semver](https://github.com/npm/node-semver ).
Updates `pdfjs-dist` from 4.0.379 to 4.2.67
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/mozilla/pdfjs-dist/commits ">compare
view</a></li>
</ul>
</details>
<br />
Updates `semver` from 7.6.0 to 7.6.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/releases ">semver's
releases</a>.</em></p>
<blockquote>
<h2>v7.6.1</h2>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.6.0...v7.6.1 ">7.6.1</a>
(2024-05-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="c570a348ff
"><code>c570a34</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/704 ">#704</a>
linting: no-unused-vars (<a
href="https://github.com/wraithgar "><code>@wraithgar</code></a>)</li>
<li><a
href="ad8ff11dd2
"><code>ad8ff11</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/704 ">#704</a>
use internal cache implementation (<a
href="https://github.com/mbtools "><code>@mbtools</code></a>)</li>
<li><a
href="ac9b35769a
"><code>ac9b357</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/682 ">#682</a>
typo in compareBuild debug message (<a
href="https://redirect.github.com/npm/node-semver/issues/682 ">#682</a>)
(<a href="https://github.com/mbtools "><code>@mbtools</code></a>)</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="988a8deb3e
"><code>988a8de</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/709 ">#709</a>
uninstall <code>lru-cache</code> (<a
href="https://redirect.github.com/npm/node-semver/issues/709 ">#709</a>)</li>
<li><a
href="3fabe4dbfb
"><code>3fabe4d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/704 ">#704</a>
remove lru-cache</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="dd09b60da1
"><code>dd09b60</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/705 ">#705</a>
bump <code>@npmcli/template-oss</code> to 4.22.0 (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="ec49cdcece
"><code>ec49cdc</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/701 ">#701</a>
chore: chore: postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="b236c3d2f3
"><code>b236c3d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/696 ">#696</a>
add benchmarks (<a
href="https://redirect.github.com/npm/node-semver/issues/696 ">#696</a>)
(<a href="https://github.com/H4ad "><code>@H4ad</code></a>)</li>
<li><a
href="692451bd6f
"><code>692451b</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/688 ">#688</a>
various improvements to README (<a
href="https://redirect.github.com/npm/node-semver/issues/688 ">#688</a>)
(<a href="https://github.com/mbtools "><code>@mbtools</code></a>)</li>
<li><a
href="5feeb7f4f6
"><code>5feeb7f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/705 ">#705</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="074156f64f
"><code>074156f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/701 ">#701</a>
bump <code>@npmcli/template-oss</code> from 4.21.3 to 4.21.4 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/blob/main/CHANGELOG.md ">semver's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.6.0...v7.6.1 ">7.6.1</a>
(2024-05-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="c570a348ff
"><code>c570a34</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/704 ">#704</a>
linting: no-unused-vars (<a
href="https://github.com/wraithgar "><code>@wraithgar</code></a>)</li>
<li><a
href="ad8ff11dd2
"><code>ad8ff11</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/704 ">#704</a>
use internal cache implementation (<a
href="https://github.com/mbtools "><code>@mbtools</code></a>)</li>
<li><a
href="ac9b35769a
"><code>ac9b357</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/682 ">#682</a>
typo in compareBuild debug message (<a
href="https://redirect.github.com/npm/node-semver/issues/682 ">#682</a>)
(<a href="https://github.com/mbtools "><code>@mbtools</code></a>)</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="988a8deb3e
"><code>988a8de</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/709 ">#709</a>
uninstall <code>lru-cache</code> (<a
href="https://redirect.github.com/npm/node-semver/issues/709 ">#709</a>)</li>
<li><a
href="3fabe4dbfb
"><code>3fabe4d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/704 ">#704</a>
remove lru-cache</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="dd09b60da1
"><code>dd09b60</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/705 ">#705</a>
bump <code>@npmcli/template-oss</code> to 4.22.0 (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="ec49cdcece
"><code>ec49cdc</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/701 ">#701</a>
chore: chore: postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="b236c3d2f3
"><code>b236c3d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/696 ">#696</a>
add benchmarks (<a
href="https://redirect.github.com/npm/node-semver/issues/696 ">#696</a>)
(<a href="https://github.com/H4ad "><code>@H4ad</code></a>)</li>
<li><a
href="692451bd6f
"><code>692451b</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/688 ">#688</a>
various improvements to README (<a
href="https://redirect.github.com/npm/node-semver/issues/688 ">#688</a>)
(<a href="https://github.com/mbtools "><code>@mbtools</code></a>)</li>
<li><a
href="5feeb7f4f6
"><code>5feeb7f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/705 ">#705</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="074156f64f
"><code>074156f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/701 ">#701</a>
bump <code>@npmcli/template-oss</code> from 4.21.3 to 4.21.4 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d777418116
"><code>d777418</code></a>
chore: release 7.6.1 (<a
href="https://redirect.github.com/npm/node-semver/issues/706 ">#706</a>)</li>
<li><a
href="988a8deb3e
"><code>988a8de</code></a>
deps: uninstall <code>lru-cache</code> (<a
href="https://redirect.github.com/npm/node-semver/issues/709 ">#709</a>)</li>
<li><a
href="5feeb7f4f6
"><code>5feeb7f</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li><a
href="dd09b60da1
"><code>dd09b60</code></a>
chore: bump <code>@npmcli/template-oss</code> to 4.22.0</li>
<li><a
href="c570a348ff
"><code>c570a34</code></a>
fix(linting): no-unused-vars</li>
<li><a
href="ad8ff11dd2
"><code>ad8ff11</code></a>
fix: use internal cache implementation</li>
<li><a
href="3fabe4dbfb
"><code>3fabe4d</code></a>
deps: remove lru-cache</li>
<li><a
href="ec49cdcece
"><code>ec49cdc</code></a>
chore: chore: chore: postinstall for dependabot template-oss PR</li>
<li><a
href="074156f64f
"><code>074156f</code></a>
chore: bump <code>@npmcli/template-oss</code> from 4.21.3 to
4.21.4</li>
<li><a
href="b236c3d2f3
"><code>b236c3d</code></a>
chore: add benchmarks (<a
href="https://redirect.github.com/npm/node-semver/issues/696 ">#696</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/npm/node-semver/compare/v7.6.0...v7.6.1 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `zod` from 3.23.6 to 3.23.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/colinhacks/zod/releases ">zod's
releases</a>.</em></p>
<blockquote>
<h2>v3.23.7</h2>
<h2>Commits:</h2>
<ul>
<li>29d2ea2a15f0b1ac4b89138041f786a3dafc490b Add copper</li>
<li>d969423266fccee56ef769da6744cc8bacb04550 Fix <a
href="https://redirect.github.com/colinhacks/zod/issues/3437 ">#3437</a>:
extendShape erases JSDoc property documentation (<a
href="https://redirect.github.com/colinhacks/zod/issues/3463 ">#3463</a>)</li>
<li>2239ff3ccc9af4d28bee27bd6fb2a5632844480b Add social crow</li>
<li>f985b5b922cb357dbf4b25bb43814d19f838e046 3.23.7</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f985b5b922
"><code>f985b5b</code></a>
3.23.7</li>
<li><a
href="2239ff3ccc
"><code>2239ff3</code></a>
Add social crow</li>
<li><a
href="d969423266
"><code>d969423</code></a>
Fix <a
href="https://redirect.github.com/colinhacks/zod/issues/3437 ">#3437</a>:
extendShape erases JSDoc property documentation (<a
href="https://redirect.github.com/colinhacks/zod/issues/3463 ">#3463</a>)</li>
<li><a
href="29d2ea2a15
"><code>29d2ea2</code></a>
Add copper</li>
<li>See full diff in <a
href="https://github.com/colinhacks/zod/compare/v3.23.6...v3.23.7 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `vite` from 4.5.3 to 5.2.11
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases ">vite's
releases</a>.</em></p>
<blockquote>
<h2>create-vite@5.2.3</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/create-vite@5.2.3/packages/create-vite/CHANGELOG.md ">CHANGELOG.md</a>
for details.</p>
<h2>create-vite@5.2.2</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/create-vite@5.2.2/packages/create-vite/CHANGELOG.md ">CHANGELOG.md</a>
for details.</p>
<h2>create-vite@5.2.1</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/create-vite@5.2.1/packages/create-vite/CHANGELOG.md ">CHANGELOG.md</a>
for details.</p>
<h2>create-vite@5.2.0</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/create-vite@5.2.0/packages/create-vite/CHANGELOG.md ">CHANGELOG.md</a>
for details.</p>
<h2>create-vite@5.1.0</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/create-vite@5.1.0/packages/create-vite/CHANGELOG.md ">CHANGELOG.md</a>
for details.</p>
<h2>create-vite@5.0.0</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/create-vite@5.0.0/packages/create-vite/CHANGELOG.md ">CHANGELOG.md</a>
for details.</p>
<h2>create-vite@5.0.0-beta.1</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/create-vite@5.0.0-beta.1/packages/create-vite/CHANGELOG.md ">CHANGELOG.md</a>
for details.</p>
<h2>create-vite@5.0.0-beta.0</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/create-vite@5.0.0-beta.0/packages/create-vite/CHANGELOG.md ">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md ">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->5.2.11 (2024-05-02)<!-- raw HTML omitted
--></h2>
<ul>
<li>feat: improve dynamic import variable failure error message (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16519 ">#16519</a>)
(<a href="https://github.com/vitejs/vite/commit/f8feeea ">f8feeea</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16519 ">#16519</a></li>
<li>fix: dynamic-import-vars plugin normalize path issue (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16518 ">#16518</a>)
(<a href="https://github.com/vitejs/vite/commit/f71ba5b ">f71ba5b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16518 ">#16518</a></li>
<li>fix: scripts and styles were missing from built HTML on Windows (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16421 ">#16421</a>)
(<a href="https://github.com/vitejs/vite/commit/0e93f58 ">0e93f58</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16421 ">#16421</a></li>
<li>fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16488 ">#16488</a>)
(<a href="https://github.com/vitejs/vite/commit/2d50be2 ">2d50be2</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16488 ">#16488</a></li>
<li>fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16549 ">#16549</a>)
(<a href="https://github.com/vitejs/vite/commit/2d6a13b ">2d6a13b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16549 ">#16549</a></li>
<li>fix(dev): watch publicDir explicitly to include it outside the root
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16502 ">#16502</a>)
(<a href="https://github.com/vitejs/vite/commit/4d83eb5 ">4d83eb5</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16502 ">#16502</a></li>
<li>fix(preload): skip preload for non-static urls (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16556 ">#16556</a>)
(<a href="https://github.com/vitejs/vite/commit/bb79c9b ">bb79c9b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16556 ">#16556</a></li>
<li>fix(ssr): handle class declaration and expression name scoping (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16569 ">#16569</a>)
(<a href="https://github.com/vitejs/vite/commit/c071eb3 ">c071eb3</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16569 ">#16569</a></li>
<li>fix(ssr): handle function expression name scoping (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16563 ">#16563</a>)
(<a href="https://github.com/vitejs/vite/commit/02db947 ">02db947</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16563 ">#16563</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.2.10 (2024-04-20)<!-- raw HTML omitted
--></h2>
<ul>
<li>revert: perf: use workspace root for fs cache (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15712 ">#15712</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16476 ">#16476</a>)
(<a href="https://github.com/vitejs/vite/commit/77e7359 ">77e7359</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15712 ">#15712</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/16476 ">#16476</a></li>
<li>fix: add base to virtual html (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16442 ">#16442</a>)
(<a href="https://github.com/vitejs/vite/commit/721f94d ">721f94d</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16442 ">#16442</a></li>
<li>fix: adjust esm syntax judgment logic (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16436 ">#16436</a>)
(<a href="https://github.com/vitejs/vite/commit/af72eab ">af72eab</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16436 ">#16436</a></li>
<li>fix: don't add outDirs to watch.ignored if emptyOutDir is false (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16453 ">#16453</a>)
(<a href="https://github.com/vitejs/vite/commit/6a127d6 ">6a127d6</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16453 ">#16453</a></li>
<li>fix(cspNonce): don't overwrite existing nonce values (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16415 ">#16415</a>)
(<a href="https://github.com/vitejs/vite/commit/b872635 ">b872635</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16415 ">#16415</a></li>
<li>feat: show warning if root is in build.outDir (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16454 ">#16454</a>)
(<a href="https://github.com/vitejs/vite/commit/11444dc ">11444dc</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16454 ">#16454</a></li>
<li>feat: write cspNonce to style tags (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16419 ">#16419</a>)
(<a href="https://github.com/vitejs/vite/commit/8e54bbd ">8e54bbd</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16419 ">#16419</a></li>
<li>chore(deps): update dependency eslint-plugin-n to v17 (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16381 ">#16381</a>)
(<a href="https://github.com/vitejs/vite/commit/6cccef7 ">6cccef7</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16381 ">#16381</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.2.9 (2024-04-15)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: <code>fsp.rm</code> removing files does not take effect (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16032 ">#16032</a>)
(<a href="https://github.com/vitejs/vite/commit/b05c405 ">b05c405</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16032 ">#16032</a></li>
<li>fix: fix accumulated stacks in error overlay (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16393 ">#16393</a>)
(<a href="https://github.com/vitejs/vite/commit/102c2fd ">102c2fd</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16393 ">#16393</a></li>
<li>fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16376 ">#16376</a>)
(<a href="https://github.com/vitejs/vite/commit/58a2938 ">58a2938</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16376 ">#16376</a></li>
<li>chore: update region comment (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16380 ">#16380</a>)
(<a href="https://github.com/vitejs/vite/commit/77562c3 ">77562c3</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16380 ">#16380</a></li>
<li>perf: reduce size of injected __vite__mapDeps code (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16184 ">#16184</a>)
(<a href="https://github.com/vitejs/vite/commit/c0ec6be ">c0ec6be</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16184 ">#16184</a></li>
<li>perf(css): only replace empty chunk if imported (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16349 ">#16349</a>)
(<a href="https://github.com/vitejs/vite/commit/e2658ad ">e2658ad</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16349 ">#16349</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.2.8 (2024-04-03)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: csp nonce injection when no closing tag (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16281 ">#16281</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16282 ">#16282</a>)
(<a href="https://github.com/vitejs/vite/commit/3c85c6b ">3c85c6b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16281 ">#16281</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/16282 ">#16282</a></li>
<li>fix: do not access document in <code>/@vite/client</code> when not
defined (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16318 ">#16318</a>)
(<a href="https://github.com/vitejs/vite/commit/646319c ">646319c</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16318 ">#16318</a></li>
<li>fix: fix sourcemap when using object as <code>define</code> value
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15805 ">#15805</a>)
(<a href="https://github.com/vitejs/vite/commit/445c4f2 ">445c4f2</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15805 ">#15805</a></li>
<li>fix(css): unknown file error happened with lightningcss (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16306 ">#16306</a>)
(<a href="https://github.com/vitejs/vite/commit/01af308 ">01af308</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16306 ">#16306</a></li>
<li>fix(hmr): multiple updates happened when invalidate is called while
multiple tabs open (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16307 ">#16307</a>)
(<a href="https://github.com/vitejs/vite/commit/21cc10b ">21cc10b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16307 ">#16307</a></li>
<li>fix(scanner): duplicate modules for same id if glob is used in
html-like types (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16305 ">#16305</a>)
(<a href="https://github.com/vitejs/vite/commit/eca68fa ">eca68fa</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16305 ">#16305</a></li>
<li>chore(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16325 ">#16325</a>)
(<a href="https://github.com/vitejs/vite/commit/a78e265 ">a78e265</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16325 ">#16325</a></li>
<li>refactor: use types from sass instead of <code>@types/sass</code>
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16340 ">#16340</a>)
(<a href="https://github.com/vitejs/vite/commit/4581e83 ">4581e83</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16340 ">#16340</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2bc5d3de87
"><code>2bc5d3d</code></a>
release: v5.2.11</li>
<li><a
href="f8feeea41c
"><code>f8feeea</code></a>
feat: improve dynamic import variable failure error message (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16519 ">#16519</a>)</li>
<li><a
href="c071eb3822
"><code>c071eb3</code></a>
fix(ssr): handle class declaration and expression name scoping (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16569 ">#16569</a>)</li>
<li><a
href="02db9479ac
"><code>02db947</code></a>
fix(ssr): handle function expression name scoping (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16563 ">#16563</a>)</li>
<li><a
href="2d6a13b0aa
"><code>2d6a13b</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16549 ">#16549</a>)</li>
<li><a
href="0e93f588b9
"><code>0e93f58</code></a>
fix: scripts and styles were missing from built HTML on Windows (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16421 ">#16421</a>)</li>
<li><a
href="bb79c9b653
"><code>bb79c9b</code></a>
fix(preload): skip preload for non-static urls (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16556 ">#16556</a>)</li>
<li><a
href="f71ba5b94a
"><code>f71ba5b</code></a>
fix: dynamic-import-vars plugin normalize path issue (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16518 ">#16518</a>)</li>
<li><a
href="2d50be2a54
"><code>2d50be2</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16488 ">#16488</a>)</li>
<li><a
href="4d83eb58cd
"><code>4d83eb5</code></a>
fix(dev): watch publicDir explicitly to include it outside the root (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16502 ">#16502</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vitejs/vite/commits/v5.2.11/packages/vite ">compare
view</a></li>
</ul>
</details>
<br />
Updates `semver` from 7.6.0 to 7.6.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/releases ">semver's
releases</a>.</em></p>
<blockquote>
<h2>v7.6.1</h2>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.6.0...v7.6.1 ">7.6.1</a>
(2024-05-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="c570a348ff
"><code>c570a34</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/704 ">#704</a>
linting: no-unused-vars (<a
href="https://github.com/wraithgar "><code>@wraithgar</code></a>)</li>
<li><a
href="ad8ff11dd2
"><code>ad8ff11</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/704 ">#704</a>
use internal cache implementation (<a
href="https://github.com/mbtools "><code>@mbtools</code></a>)</li>
<li><a
href="ac9b35769a
"><code>ac9b357</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/682 ">#682</a>
typo in compareBuild debug message (<a
href="https://redirect.github.com/npm/node-semver/issues/682 ">#682</a>)
(<a href="https://github.com/mbtools "><code>@mbtools</code></a>)</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="988a8deb3e
"><code>988a8de</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/709 ">#709</a>
uninstall <code>lru-cache</code> (<a
href="https://redirect.github.com/npm/node-semver/issues/709 ">#709</a>)</li>
<li><a
href="3fabe4dbfb
"><code>3fabe4d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/704 ">#704</a>
remove lru-cache</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="dd09b60da1
"><code>dd09b60</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/705 ">#705</a>
bump <code>@npmcli/template-oss</code> to 4.22.0 (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="ec49cdcece
"><code>ec49cdc</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/701 ">#701</a>
chore: chore: postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="b236c3d2f3
"><code>b236c3d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/696 ">#696</a>
add benchmarks (<a
href="https://redirect.github.com/npm/node-semver/issues/696 ">#696</a>)
(<a href="https://github.com/H4ad "><code>@H4ad</code></a>)</li>
<li><a
href="692451bd6f
"><code>692451b</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/688 ">#688</a>
various improvements to README (<a
href="https://redirect.github.com/npm/node-semver/issues/688 ">#688</a>)
(<a href="https://github.com/mbtools "><code>@mbtools</code></a>)</li>
<li><a
href="5feeb7f4f6
"><code>5feeb7f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/705 ">#705</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="074156f64f
"><code>074156f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/701 ">#701</a>
bump <code>@npmcli/template-oss</code> from 4.21.3 to 4.21.4 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/blob/main/CHANGELOG.md ">semver's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.6.0...v7.6.1 ">7.6.1</a>
(2024-05-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="c570a348ff
"><code>c570a34</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/704 ">#704</a>
linting: no-unused-vars (<a
href="https://github.com/wraithgar "><code>@wraithgar</code></a>)</li>
<li><a
href="ad8ff11dd2
"><code>ad8ff11</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/704 ">#704</a>
use internal cache implementation (<a
href="https://github.com/mbtools "><code>@mbtools</code></a>)</li>
<li><a
href="ac9b35769a
"><code>ac9b357</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/682 ">#682</a>
typo in compareBuild debug message (<a
href="https://redirect.github.com/npm/node-semver/issues/682 ">#682</a>)
(<a href="https://github.com/mbtools "><code>@mbtools</code></a>)</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="988a8deb3e
"><code>988a8de</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/709 ">#709</a>
uninstall <code>lru-cache</code> (<a
href="https://redirect.github.com/npm/node-semver/issues/709 ">#709</a>)</li>
<li><a
href="3fabe4dbfb
"><code>3fabe4d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/704 ">#704</a>
remove lru-cache</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="dd09b60da1
"><code>dd09b60</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/705 ">#705</a>
bump <code>@npmcli/template-oss</code> to 4.22.0 (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="ec49cdcece
"><code>ec49cdc</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/701 ">#701</a>
chore: chore: postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="b236c3d2f3
"><code>b236c3d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/696 ">#696</a>
add benchmarks (<a
href="https://redirect.github.com/npm/node-semver/issues/696 ">#696</a>)
(<a href="https://github.com/H4ad "><code>@H4ad</code></a>)</li>
<li><a
href="692451bd6f
"><code>692451b</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/688 ">#688</a>
various improvements to README (<a
href="https://redirect.github.com/npm/node-semver/issues/688 ">#688</a>)
(<a href="https://github.com/mbtools "><code>@mbtools</code></a>)</li>
<li><a
href="5feeb7f4f6
"><code>5feeb7f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/705 ">#705</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="074156f64f
"><code>074156f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/701 ">#701</a>
bump <code>@npmcli/template-oss</code> from 4.21.3 to 4.21.4 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d777418116
"><code>d777418</code></a>
chore: release 7.6.1 (<a
href="https://redirect.github.com/npm/node-semver/issues/706 ">#706</a>)</li>
<li><a
href="988a8deb3e
"><code>988a8de</code></a>
deps: uninstall <code>lru-cache</code> (<a
href="https://redirect.github.com/npm/node-semver/issues/709 ">#709</a>)</li>
<li><a
href="5feeb7f4f6
"><code>5feeb7f</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li><a
href="dd09b60da1
"><code>dd09b60</code></a>
chore: bump <code>@npmcli/template-oss</code> to 4.22.0</li>
<li><a
href="c570a348ff
"><code>c570a34</code></a>
fix(linting): no-unused-vars</li>
<li><a
href="ad8ff11dd2
"><code>ad8ff11</code></a>
fix: use internal cache implementation</li>
<li><a
href="3fabe4dbfb
"><code>3fabe4d</code></a>
deps: remove lru-cache</li>
<li><a
href="ec49cdcece
"><code>ec49cdc</code></a>
chore: chore: chore: postinstall for dependabot template-oss PR</li>
<li><a
href="074156f64f
"><code>074156f</code></a>
chore: bump <code>@npmcli/template-oss</code> from 4.21.3 to
4.21.4</li>
<li><a
href="b236c3d2f3
"><code>b236c3d</code></a>
chore: add benchmarks (<a
href="https://redirect.github.com/npm/node-semver/issues/696 ">#696</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/npm/node-semver/compare/v7.6.0...v7.6.1 ">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/tldraw/tldraw/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-08 10:12:27 +00:00
dependabot[bot]
a2f4d35579
Bump the npm_and_yarn group across 2 directories with 6 updates ( #3712 )
...
Bumps the npm_and_yarn group with 3 updates in the / directory:
[vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite ),
[tar](https://github.com/isaacs/node-tar ) and
[zod](https://github.com/colinhacks/zod ).
Bumps the npm_and_yarn group with 4 updates in the /templates/vite
directory:
[vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite ),
[tar](https://github.com/isaacs/node-tar ),
[semver](https://github.com/npm/node-semver ) and
[word-wrap](https://github.com/jonschlinkert/word-wrap ).
Updates `vite` from 5.2.9 to 5.2.11
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md ">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->5.2.11 (2024-05-02)<!-- raw HTML omitted
--></h2>
<ul>
<li>feat: improve dynamic import variable failure error message (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16519 ">#16519</a>)
(<a href="https://github.com/vitejs/vite/commit/f8feeea ">f8feeea</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16519 ">#16519</a></li>
<li>fix: dynamic-import-vars plugin normalize path issue (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16518 ">#16518</a>)
(<a href="https://github.com/vitejs/vite/commit/f71ba5b ">f71ba5b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16518 ">#16518</a></li>
<li>fix: scripts and styles were missing from built HTML on Windows (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16421 ">#16421</a>)
(<a href="https://github.com/vitejs/vite/commit/0e93f58 ">0e93f58</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16421 ">#16421</a></li>
<li>fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16488 ">#16488</a>)
(<a href="https://github.com/vitejs/vite/commit/2d50be2 ">2d50be2</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16488 ">#16488</a></li>
<li>fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16549 ">#16549</a>)
(<a href="https://github.com/vitejs/vite/commit/2d6a13b ">2d6a13b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16549 ">#16549</a></li>
<li>fix(dev): watch publicDir explicitly to include it outside the root
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16502 ">#16502</a>)
(<a href="https://github.com/vitejs/vite/commit/4d83eb5 ">4d83eb5</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16502 ">#16502</a></li>
<li>fix(preload): skip preload for non-static urls (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16556 ">#16556</a>)
(<a href="https://github.com/vitejs/vite/commit/bb79c9b ">bb79c9b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16556 ">#16556</a></li>
<li>fix(ssr): handle class declaration and expression name scoping (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16569 ">#16569</a>)
(<a href="https://github.com/vitejs/vite/commit/c071eb3 ">c071eb3</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16569 ">#16569</a></li>
<li>fix(ssr): handle function expression name scoping (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16563 ">#16563</a>)
(<a href="https://github.com/vitejs/vite/commit/02db947 ">02db947</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16563 ">#16563</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.2.10 (2024-04-20)<!-- raw HTML omitted
--></h2>
<ul>
<li>revert: perf: use workspace root for fs cache (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15712 ">#15712</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16476 ">#16476</a>)
(<a href="https://github.com/vitejs/vite/commit/77e7359 ">77e7359</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15712 ">#15712</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/16476 ">#16476</a></li>
<li>fix: add base to virtual html (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16442 ">#16442</a>)
(<a href="https://github.com/vitejs/vite/commit/721f94d ">721f94d</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16442 ">#16442</a></li>
<li>fix: adjust esm syntax judgment logic (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16436 ">#16436</a>)
(<a href="https://github.com/vitejs/vite/commit/af72eab ">af72eab</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16436 ">#16436</a></li>
<li>fix: don't add outDirs to watch.ignored if emptyOutDir is false (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16453 ">#16453</a>)
(<a href="https://github.com/vitejs/vite/commit/6a127d6 ">6a127d6</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16453 ">#16453</a></li>
<li>fix(cspNonce): don't overwrite existing nonce values (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16415 ">#16415</a>)
(<a href="https://github.com/vitejs/vite/commit/b872635 ">b872635</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16415 ">#16415</a></li>
<li>feat: show warning if root is in build.outDir (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16454 ">#16454</a>)
(<a href="https://github.com/vitejs/vite/commit/11444dc ">11444dc</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16454 ">#16454</a></li>
<li>feat: write cspNonce to style tags (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16419 ">#16419</a>)
(<a href="https://github.com/vitejs/vite/commit/8e54bbd ">8e54bbd</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16419 ">#16419</a></li>
<li>chore(deps): update dependency eslint-plugin-n to v17 (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16381 ">#16381</a>)
(<a href="https://github.com/vitejs/vite/commit/6cccef7 ">6cccef7</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16381 ">#16381</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2bc5d3de87
"><code>2bc5d3d</code></a>
release: v5.2.11</li>
<li><a
href="f8feeea41c
"><code>f8feeea</code></a>
feat: improve dynamic import variable failure error message (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16519 ">#16519</a>)</li>
<li><a
href="c071eb3822
"><code>c071eb3</code></a>
fix(ssr): handle class declaration and expression name scoping (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16569 ">#16569</a>)</li>
<li><a
href="02db9479ac
"><code>02db947</code></a>
fix(ssr): handle function expression name scoping (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16563 ">#16563</a>)</li>
<li><a
href="2d6a13b0aa
"><code>2d6a13b</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16549 ">#16549</a>)</li>
<li><a
href="0e93f588b9
"><code>0e93f58</code></a>
fix: scripts and styles were missing from built HTML on Windows (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16421 ">#16421</a>)</li>
<li><a
href="bb79c9b653
"><code>bb79c9b</code></a>
fix(preload): skip preload for non-static urls (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16556 ">#16556</a>)</li>
<li><a
href="f71ba5b94a
"><code>f71ba5b</code></a>
fix: dynamic-import-vars plugin normalize path issue (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16518 ">#16518</a>)</li>
<li><a
href="2d50be2a54
"><code>2d50be2</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16488 ">#16488</a>)</li>
<li><a
href="4d83eb58cd
"><code>4d83eb5</code></a>
fix(dev): watch publicDir explicitly to include it outside the root (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16502 ">#16502</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vitejs/vite/commits/v5.2.11/packages/vite ">compare
view</a></li>
</ul>
</details>
<br />
Updates `tar` from 7.0.1 to 7.1.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md ">tar's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>7.1</h2>
<ul>
<li>Update minipass to v7.1.0</li>
<li>Update the type definitions of <code>write()</code> and
<code>end()</code> methods on
<code>Unpack</code> and <code>Parser</code> classes to be compatible
with the
NodeJS.WritableStream type in the latest versions of
<code>@types/node</code>.</li>
</ul>
<h2>7.0</h2>
<ul>
<li>Rewrite in TypeScript, provide ESM and CommonJS hybrid
interface</li>
<li>Add tree-shake friendly exports, like
<code>import('tar/create')</code>
and <code>import('tar/read-entry')</code> to get individual functions or
classes.</li>
<li>Add <code>chmod</code> option that defaults to false, and deprecate
<code>noChmod</code>. That is, reverse the default option regarding
explicitly setting file system modes to match tar entry
settings.</li>
<li>Add <code>processUmask</code> option to avoid having to call
<code>process.umask()</code> when <code>chmod: true</code> (or
<code>noChmod: false</code>) is
set.</li>
</ul>
<h2>6.2</h2>
<ul>
<li>Add support for brotli compression</li>
<li>Add <code>maxDepth</code> option to prevent extraction into
excessively
deep folders.</li>
</ul>
<h2>6.1</h2>
<ul>
<li>remove dead link to benchmarks (<a
href="https://redirect.github.com/isaacs/node-tar/issues/313 ">#313</a>)
(<a href="https://github.com/yetzt "><code>@yetzt</code></a>)</li>
<li>add examples/explanation of using tar.t (<a
href="https://github.com/isaacs "><code>@isaacs</code></a>)</li>
<li>ensure close event is emited after stream has ended (<a
href="https://github.com/webark "><code>@webark</code></a>)</li>
<li>replace deprecated String.prototype.substr() (<a
href="https://github.com/CommanderRoot "><code>@CommanderRoot</code></a>,
<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
</ul>
<h2>6.0</h2>
<ul>
<li>Drop support for node 6 and 8</li>
<li>fix symlinks and hardlinks on windows being packed with
<code>\</code>-style path targets</li>
</ul>
<h2>5.0</h2>
<ul>
<li>Address unpack race conditions using path reservations</li>
<li>Change large-numbers errors from TypeError to Error</li>
<li>Add <code>TAR_*</code> error codes</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ce612d0aa8
"><code>ce612d0</code></a>
7.1.0</li>
<li><a
href="6b61030dac
"><code>6b61030</code></a>
update types to comply with NodeJS.WritableStream</li>
<li><a
href="79a5c30d7b
"><code>79a5c30</code></a>
update minipass</li>
<li><a
href="bead873b5c
"><code>bead873</code></a>
remove more cruft, format codes</li>
<li><a
href="faf9359ca7
"><code>faf9359</code></a>
remove temlate-oss stuff</li>
<li>See full diff in <a
href="https://github.com/isaacs/node-tar/compare/v7.0.1...v7.1.0 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `zod` from 3.22.4 to 3.23.6
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/colinhacks/zod/releases ">zod's
releases</a>.</em></p>
<blockquote>
<h2>v3.23.6</h2>
<h2>Commits:</h2>
<ul>
<li>bc0095aab9e7254deb18701adc63de128ca2c742 Test on latest node</li>
<li>6e5699a30373cc22879f2bcb6902fc138518c980 Lint on latest node</li>
<li>1f466d9d00f446d7bed1962990e7a1ce813ab0d4 describe how one can
protect from cyclical objects starting an infini… (<a
href="https://redirect.github.com/colinhacks/zod/issues/3447 ">#3447</a>)</li>
<li>3fed6f21e0ea7adc91aa0cc44f75bcf4e526d98e Add zod playground link (<a
href="https://redirect.github.com/colinhacks/zod/issues/3454 ">#3454</a>)</li>
<li>04e1f379f6989d23dd45660fcabc78f76d7834f8 Fixed freezing async
ZodReadonly results (<a
href="https://redirect.github.com/colinhacks/zod/issues/3457 ">#3457</a>)</li>
<li>b87e59d0e4bbb4403bf27243afdcda9fcdeec258 Update sponsor tiers (<a
href="https://redirect.github.com/colinhacks/zod/issues/3453 ">#3453</a>)</li>
<li>143886151bba3930bdcc10d34a1cff4bf9103ba8 Add copper tier (<a
href="https://redirect.github.com/colinhacks/zod/issues/3460 ">#3460</a>)</li>
<li>ce3711e1384952d255769b9495f9bfadfb327291 add VSCode dev container
support and documenation</li>
<li>93b480b12ec3466cbd3b4182f7ce292e5c61528c v3.23.6</li>
</ul>
<h2>v3.23.5</h2>
<h2>Commits:</h2>
<ul>
<li>110b8211f991b3e060ab2da4fec7b63d600439ad Update README_ZH.md (<a
href="https://redirect.github.com/colinhacks/zod/issues/3433 ">#3433</a>)</li>
<li>c1910bdfc98709b8f14231e2cefc5a3be401e3ee Made ZodEnum take readonly
string array (<a
href="https://redirect.github.com/colinhacks/zod/issues/3444 ">#3444</a>)</li>
<li>541a862e978f96eb391849a6bf16be84231aa1b3 3.23.5</li>
</ul>
<h2>v3.23.4</h2>
<h2>Commits:</h2>
<ul>
<li>157b18d742c86d85b26a8421af46ad6d6d6b6ea7 Add 3.23 announcement</li>
<li>aedf93f1435a29463d915c3be45b4dcbeefa8cc1 Revert change to default
Input</li>
<li>45107f7a7230fe48ee24dc37e621422c9dc64ec4 v3.23.4</li>
</ul>
<h2>v3.23.3</h2>
<h2>Commits:</h2>
<ul>
<li>103d2436f85872ca0e0e6247652989cc93d46a39 3.23.3</li>
</ul>
<h2>v3.23.2</h2>
<h2>Commits:</h2>
<ul>
<li>c340558d14f5222a2ca177e0591463c06cc5edc3 Update protocol</li>
<li>ef588d036f3e98b832796e9a681dbaf097631ea0 Fix t3env</li>
<li>9df70dd71195df951c43f180fbe5e64ea1f835df 3.23.2</li>
</ul>
<h2>v3.23.1</h2>
<p>This changes the default generics back to <code>any</code> to prevent
breakages with common packager like
<code>@hookform/resolvers</code>:</p>
<pre lang="diff"><code>- class ZodType<Output = unknown, Def extends
ZodTypeDef = ZodTypeDef, Input = unknown> {}
+ class ZodType<Output = any, Def extends ZodTypeDef = ZodTypeDef,
Input = any> {}
</code></pre>
<h2>Commits:</h2>
<ul>
<li>59f48723d36c423d9e10b3bd52325a7998314230 Change unknown -> any
for ZodType defaults</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="93b480b12e
"><code>93b480b</code></a>
v3.23.6</li>
<li><a
href="ce3711e138
"><code>ce3711e</code></a>
add VSCode dev container support and documenation</li>
<li><a
href="143886151b
"><code>1438861</code></a>
Add copper tier (<a
href="https://redirect.github.com/colinhacks/zod/issues/3460 ">#3460</a>)</li>
<li><a
href="b87e59d0e4
"><code>b87e59d</code></a>
Update sponsor tiers (<a
href="https://redirect.github.com/colinhacks/zod/issues/3453 ">#3453</a>)</li>
<li><a
href="04e1f379f6
"><code>04e1f37</code></a>
Fixed freezing async ZodReadonly results (<a
href="https://redirect.github.com/colinhacks/zod/issues/3457 ">#3457</a>)</li>
<li><a
href="3fed6f21e0
"><code>3fed6f2</code></a>
Add zod playground link (<a
href="https://redirect.github.com/colinhacks/zod/issues/3454 ">#3454</a>)</li>
<li><a
href="1f466d9d00
"><code>1f466d9</code></a>
describe how one can protect from cyclical objects starting an infini…
(<a
href="https://redirect.github.com/colinhacks/zod/issues/3447 ">#3447</a>)</li>
<li><a
href="6e5699a303
"><code>6e5699a</code></a>
Lint on latest node</li>
<li><a
href="bc0095aab9
"><code>bc0095a</code></a>
Test on latest node</li>
<li><a
href="541a862e97
"><code>541a862</code></a>
3.23.5</li>
<li>Additional commits viewable in <a
href="https://github.com/colinhacks/zod/compare/v3.22.4...v3.23.6 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `vite` from 4.3.9 to 4.5.3
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md ">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->5.2.11 (2024-05-02)<!-- raw HTML omitted
--></h2>
<ul>
<li>feat: improve dynamic import variable failure error message (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16519 ">#16519</a>)
(<a href="https://github.com/vitejs/vite/commit/f8feeea ">f8feeea</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16519 ">#16519</a></li>
<li>fix: dynamic-import-vars plugin normalize path issue (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16518 ">#16518</a>)
(<a href="https://github.com/vitejs/vite/commit/f71ba5b ">f71ba5b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16518 ">#16518</a></li>
<li>fix: scripts and styles were missing from built HTML on Windows (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16421 ">#16421</a>)
(<a href="https://github.com/vitejs/vite/commit/0e93f58 ">0e93f58</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16421 ">#16421</a></li>
<li>fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16488 ">#16488</a>)
(<a href="https://github.com/vitejs/vite/commit/2d50be2 ">2d50be2</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16488 ">#16488</a></li>
<li>fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16549 ">#16549</a>)
(<a href="https://github.com/vitejs/vite/commit/2d6a13b ">2d6a13b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16549 ">#16549</a></li>
<li>fix(dev): watch publicDir explicitly to include it outside the root
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16502 ">#16502</a>)
(<a href="https://github.com/vitejs/vite/commit/4d83eb5 ">4d83eb5</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16502 ">#16502</a></li>
<li>fix(preload): skip preload for non-static urls (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16556 ">#16556</a>)
(<a href="https://github.com/vitejs/vite/commit/bb79c9b ">bb79c9b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16556 ">#16556</a></li>
<li>fix(ssr): handle class declaration and expression name scoping (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16569 ">#16569</a>)
(<a href="https://github.com/vitejs/vite/commit/c071eb3 ">c071eb3</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16569 ">#16569</a></li>
<li>fix(ssr): handle function expression name scoping (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16563 ">#16563</a>)
(<a href="https://github.com/vitejs/vite/commit/02db947 ">02db947</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16563 ">#16563</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.2.10 (2024-04-20)<!-- raw HTML omitted
--></h2>
<ul>
<li>revert: perf: use workspace root for fs cache (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15712 ">#15712</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16476 ">#16476</a>)
(<a href="https://github.com/vitejs/vite/commit/77e7359 ">77e7359</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15712 ">#15712</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/16476 ">#16476</a></li>
<li>fix: add base to virtual html (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16442 ">#16442</a>)
(<a href="https://github.com/vitejs/vite/commit/721f94d ">721f94d</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16442 ">#16442</a></li>
<li>fix: adjust esm syntax judgment logic (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16436 ">#16436</a>)
(<a href="https://github.com/vitejs/vite/commit/af72eab ">af72eab</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16436 ">#16436</a></li>
<li>fix: don't add outDirs to watch.ignored if emptyOutDir is false (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16453 ">#16453</a>)
(<a href="https://github.com/vitejs/vite/commit/6a127d6 ">6a127d6</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16453 ">#16453</a></li>
<li>fix(cspNonce): don't overwrite existing nonce values (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16415 ">#16415</a>)
(<a href="https://github.com/vitejs/vite/commit/b872635 ">b872635</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16415 ">#16415</a></li>
<li>feat: show warning if root is in build.outDir (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16454 ">#16454</a>)
(<a href="https://github.com/vitejs/vite/commit/11444dc ">11444dc</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16454 ">#16454</a></li>
<li>feat: write cspNonce to style tags (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16419 ">#16419</a>)
(<a href="https://github.com/vitejs/vite/commit/8e54bbd ">8e54bbd</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16419 ">#16419</a></li>
<li>chore(deps): update dependency eslint-plugin-n to v17 (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16381 ">#16381</a>)
(<a href="https://github.com/vitejs/vite/commit/6cccef7 ">6cccef7</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16381 ">#16381</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2bc5d3de87
"><code>2bc5d3d</code></a>
release: v5.2.11</li>
<li><a
href="f8feeea41c
"><code>f8feeea</code></a>
feat: improve dynamic import variable failure error message (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16519 ">#16519</a>)</li>
<li><a
href="c071eb3822
"><code>c071eb3</code></a>
fix(ssr): handle class declaration and expression name scoping (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16569 ">#16569</a>)</li>
<li><a
href="02db9479ac
"><code>02db947</code></a>
fix(ssr): handle function expression name scoping (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16563 ">#16563</a>)</li>
<li><a
href="2d6a13b0aa
"><code>2d6a13b</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16549 ">#16549</a>)</li>
<li><a
href="0e93f588b9
"><code>0e93f58</code></a>
fix: scripts and styles were missing from built HTML on Windows (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16421 ">#16421</a>)</li>
<li><a
href="bb79c9b653
"><code>bb79c9b</code></a>
fix(preload): skip preload for non-static urls (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16556 ">#16556</a>)</li>
<li><a
href="f71ba5b94a
"><code>f71ba5b</code></a>
fix: dynamic-import-vars plugin normalize path issue (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16518 ">#16518</a>)</li>
<li><a
href="2d50be2a54
"><code>2d50be2</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16488 ">#16488</a>)</li>
<li><a
href="4d83eb58cd
"><code>4d83eb5</code></a>
fix(dev): watch publicDir explicitly to include it outside the root (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16502 ">#16502</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vitejs/vite/commits/v5.2.11/packages/vite ">compare
view</a></li>
</ul>
</details>
<br />
Updates `tar` from 6.2.0 to 6.2.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md ">tar's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>7.1</h2>
<ul>
<li>Update minipass to v7.1.0</li>
<li>Update the type definitions of <code>write()</code> and
<code>end()</code> methods on
<code>Unpack</code> and <code>Parser</code> classes to be compatible
with the
NodeJS.WritableStream type in the latest versions of
<code>@types/node</code>.</li>
</ul>
<h2>7.0</h2>
<ul>
<li>Rewrite in TypeScript, provide ESM and CommonJS hybrid
interface</li>
<li>Add tree-shake friendly exports, like
<code>import('tar/create')</code>
and <code>import('tar/read-entry')</code> to get individual functions or
classes.</li>
<li>Add <code>chmod</code> option that defaults to false, and deprecate
<code>noChmod</code>. That is, reverse the default option regarding
explicitly setting file system modes to match tar entry
settings.</li>
<li>Add <code>processUmask</code> option to avoid having to call
<code>process.umask()</code> when <code>chmod: true</code> (or
<code>noChmod: false</code>) is
set.</li>
</ul>
<h2>6.2</h2>
<ul>
<li>Add support for brotli compression</li>
<li>Add <code>maxDepth</code> option to prevent extraction into
excessively
deep folders.</li>
</ul>
<h2>6.1</h2>
<ul>
<li>remove dead link to benchmarks (<a
href="https://redirect.github.com/isaacs/node-tar/issues/313 ">#313</a>)
(<a href="https://github.com/yetzt "><code>@yetzt</code></a>)</li>
<li>add examples/explanation of using tar.t (<a
href="https://github.com/isaacs "><code>@isaacs</code></a>)</li>
<li>ensure close event is emited after stream has ended (<a
href="https://github.com/webark "><code>@webark</code></a>)</li>
<li>replace deprecated String.prototype.substr() (<a
href="https://github.com/CommanderRoot "><code>@CommanderRoot</code></a>,
<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
</ul>
<h2>6.0</h2>
<ul>
<li>Drop support for node 6 and 8</li>
<li>fix symlinks and hardlinks on windows being packed with
<code>\</code>-style path targets</li>
</ul>
<h2>5.0</h2>
<ul>
<li>Address unpack race conditions using path reservations</li>
<li>Change large-numbers errors from TypeError to Error</li>
<li>Add <code>TAR_*</code> error codes</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ce612d0aa8
"><code>ce612d0</code></a>
7.1.0</li>
<li><a
href="6b61030dac
"><code>6b61030</code></a>
update types to comply with NodeJS.WritableStream</li>
<li><a
href="79a5c30d7b
"><code>79a5c30</code></a>
update minipass</li>
<li><a
href="bead873b5c
"><code>bead873</code></a>
remove more cruft, format codes</li>
<li><a
href="faf9359ca7
"><code>faf9359</code></a>
remove temlate-oss stuff</li>
<li>See full diff in <a
href="https://github.com/isaacs/node-tar/compare/v7.0.1...v7.1.0 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `semver` from 7.5.2 to 7.6.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/releases ">semver's
releases</a>.</em></p>
<blockquote>
<h2>v7.6.0</h2>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0 ">7.6.0</a>
(2024-01-31)</h2>
<h3>Features</h3>
<ul>
<li><a
href="a7ab13a462
"><code>a7ab13a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/671 ">#671</a>
preserve pre-release and build parts of a version on coerce (<a
href="https://redirect.github.com/npm/node-semver/issues/671 ">#671</a>)
(<a href="https://github.com/madtisa "><code>@madtisa</code></a>,
madtisa, <a
href="https://github.com/wraithgar "><code>@wraithgar</code></a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="816c7b2cbf
"><code>816c7b2</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667 ">#667</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="0bd24d943c
"><code>0bd24d9</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667 ">#667</a>
bump <code>@npmcli/template-oss</code> from 4.21.1 to 4.21.3 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="e521932f11
"><code>e521932</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652 ">#652</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="8873991808
"><code>8873991</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652 ">#652</a>
chore: chore: postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="f317dc8689
"><code>f317dc8</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652 ">#652</a>
bump <code>@npmcli/template-oss</code> from 4.19.0 to 4.21.0 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="7303db1fe5
"><code>7303db1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/658 ">#658</a>
add clean() test for build metadata (<a
href="https://redirect.github.com/npm/node-semver/issues/658 ">#658</a>)
(<a
href="https://github.com/jethrodaniel "><code>@jethrodaniel</code></a>)</li>
<li><a
href="6240d75a7c
"><code>6240d75</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/656 ">#656</a>
add missing quotes in README.md (<a
href="https://redirect.github.com/npm/node-semver/issues/656 ">#656</a>)
(<a href="https://github.com/zyxkad "><code>@zyxkad</code></a>)</li>
<li><a
href="14d263faa1
"><code>14d263f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625 ">#625</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="7c34e1ac1b
"><code>7c34e1a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625 ">#625</a>
bump <code>@npmcli/template-oss</code> from 4.18.1 to 4.19.0 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="123e0b0328
"><code>123e0b0</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622 ">#622</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="737d5e1cf1
"><code>737d5e1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622 ">#622</a>
bump <code>@npmcli/template-oss</code> from 4.18.0 to 4.18.1 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="cce61804ba
"><code>cce6180</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598 ">#598</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="b914a3d0d2
"><code>b914a3d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598 ">#598</a>
bump <code>@npmcli/template-oss</code> from 4.17.0 to 4.18.0 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
</ul>
<h2>v7.5.4</h2>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.3...v7.5.4 ">7.5.4</a>
(2023-07-07)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="cc6fde2d34
"><code>cc6fde2</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/588 ">#588</a>
trim each range set before parsing (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="99d8287516
"><code>99d8287</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/583 ">#583</a>
correctly parse long build ids as valid (<a
href="https://redirect.github.com/npm/node-semver/issues/583 ">#583</a>)
(<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
</ul>
<h2>v7.5.3</h2>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.2...v7.5.3 ">7.5.3</a>
(2023-06-22)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="abdd93d554
"><code>abdd93d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/571 ">#571</a>
set max lengths in regex for numeric and build identifiers (<a
href="https://redirect.github.com/npm/node-semver/issues/571 ">#571</a>)
(<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li><a
href="bf53dd8da1
"><code>bf53dd8</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/569 ">#569</a>
add example for <code>></code> comparator (<a
href="https://redirect.github.com/npm/node-semver/issues/569 ">#569</a>)
(<a href="https://github.com/mbtools "><code>@mbtools</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/blob/main/CHANGELOG.md ">semver's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0 ">7.6.0</a>
(2024-01-31)</h2>
<h3>Features</h3>
<ul>
<li><a
href="a7ab13a462
"><code>a7ab13a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/671 ">#671</a>
preserve pre-release and build parts of a version on coerce (<a
href="https://redirect.github.com/npm/node-semver/issues/671 ">#671</a>)
(<a href="https://github.com/madtisa "><code>@madtisa</code></a>,
madtisa, <a
href="https://github.com/wraithgar "><code>@wraithgar</code></a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="816c7b2cbf
"><code>816c7b2</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667 ">#667</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="0bd24d943c
"><code>0bd24d9</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667 ">#667</a>
bump <code>@npmcli/template-oss</code> from 4.21.1 to 4.21.3 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="e521932f11
"><code>e521932</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652 ">#652</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="8873991808
"><code>8873991</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652 ">#652</a>
chore: chore: postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="f317dc8689
"><code>f317dc8</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652 ">#652</a>
bump <code>@npmcli/template-oss</code> from 4.19.0 to 4.21.0 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="7303db1fe5
"><code>7303db1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/658 ">#658</a>
add clean() test for build metadata (<a
href="https://redirect.github.com/npm/node-semver/issues/658 ">#658</a>)
(<a
href="https://github.com/jethrodaniel "><code>@jethrodaniel</code></a>)</li>
<li><a
href="6240d75a7c
"><code>6240d75</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/656 ">#656</a>
add missing quotes in README.md (<a
href="https://redirect.github.com/npm/node-semver/issues/656 ">#656</a>)
(<a href="https://github.com/zyxkad "><code>@zyxkad</code></a>)</li>
<li><a
href="14d263faa1
"><code>14d263f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625 ">#625</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="7c34e1ac1b
"><code>7c34e1a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625 ">#625</a>
bump <code>@npmcli/template-oss</code> from 4.18.1 to 4.19.0 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="123e0b0328
"><code>123e0b0</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622 ">#622</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="737d5e1cf1
"><code>737d5e1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622 ">#622</a>
bump <code>@npmcli/template-oss</code> from 4.18.0 to 4.18.1 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="cce61804ba
"><code>cce6180</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598 ">#598</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="b914a3d0d2
"><code>b914a3d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598 ">#598</a>
bump <code>@npmcli/template-oss</code> from 4.17.0 to 4.18.0 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
</ul>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.3...v7.5.4 ">7.5.4</a>
(2023-07-07)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="cc6fde2d34
"><code>cc6fde2</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/588 ">#588</a>
trim each range set before parsing (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="99d8287516
"><code>99d8287</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/583 ">#583</a>
correctly parse long build ids as valid (<a
href="https://redirect.github.com/npm/node-semver/issues/583 ">#583</a>)
(<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
</ul>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.2...v7.5.3 ">7.5.3</a>
(2023-06-22)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="abdd93d554
"><code>abdd93d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/571 ">#571</a>
set max lengths in regex for numeric and build identifiers (<a
href="https://redirect.github.com/npm/node-semver/issues/571 ">#571</a>)
(<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li><a
href="bf53dd8da1
"><code>bf53dd8</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/569 ">#569</a>
add example for <code>></code> comparator (<a
href="https://redirect.github.com/npm/node-semver/issues/569 ">#569</a>)
(<a href="https://github.com/mbtools "><code>@mbtools</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="377f709718
"><code>377f709</code></a>
chore: release 7.6.0 (<a
href="https://redirect.github.com/npm/node-semver/issues/661 ">#661</a>)</li>
<li><a
href="a7ab13a462
"><code>a7ab13a</code></a>
feat: preserve pre-release and build parts of a version on coerce (<a
href="https://redirect.github.com/npm/node-semver/issues/671 ">#671</a>)</li>
<li><a
href="816c7b2cbf
"><code>816c7b2</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li><a
href="0bd24d943c
"><code>0bd24d9</code></a>
chore: bump <code>@npmcli/template-oss</code> from 4.21.1 to
4.21.3</li>
<li><a
href="e521932f11
"><code>e521932</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li><a
href="8873991808
"><code>8873991</code></a>
chore: chore: chore: postinstall for dependabot template-oss PR</li>
<li><a
href="f317dc8689
"><code>f317dc8</code></a>
chore: bump <code>@npmcli/template-oss</code> from 4.19.0 to
4.21.0</li>
<li><a
href="7303db1fe5
"><code>7303db1</code></a>
chore: add clean() test for build metadata (<a
href="https://redirect.github.com/npm/node-semver/issues/658 ">#658</a>)</li>
<li><a
href="6240d75a7c
"><code>6240d75</code></a>
chore: add missing quotes in README.md (<a
href="https://redirect.github.com/npm/node-semver/issues/656 ">#656</a>)</li>
<li><a
href="14d263faa1
"><code>14d263f</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li>Additional commits viewable in <a
href="https://github.com/npm/node-semver/compare/v7.5.2...v7.6.0 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `postcss` from 8.4.24 to 8.4.38
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/releases ">postcss's
releases</a>.</em></p>
<blockquote>
<h2>8.4.38</h2>
<ul>
<li>Fixed <code>endIndex: 0</code> in errors and warnings (by <a
href="https://github.com/romainmenke "><code>@romainmenke</code></a>).</li>
</ul>
<h2>8.4.37</h2>
<ul>
<li>Fixed <code>original.column are not numbers</code> error in another
case.</li>
</ul>
<h2>8.4.36</h2>
<ul>
<li>Fixed <code>original.column are not numbers</code> error on broken
previous source map.</li>
</ul>
<h2>8.4.35</h2>
<ul>
<li>Avoid <code>!</code> in <code>node.parent.nodes</code> type.</li>
<li>Allow to pass <code>undefined</code> to node adding method to
simplify types.</li>
</ul>
<h2>8.4.34</h2>
<ul>
<li>Fixed <code>AtRule#nodes</code> type (by <a
href="https://github.com/tim-we "><code>@tim-we</code></a>).</li>
<li>Cleaned up code (by <a
href="https://github.com/DrKiraDmitry "><code>@DrKiraDmitry</code></a>).</li>
</ul>
<h2>8.4.33</h2>
<ul>
<li>Fixed <code>NoWorkResult</code> behavior difference with normal mode
(by <a
href="https://github.com/romainmenke "><code>@romainmenke</code></a>).</li>
<li>Fixed <code>NoWorkResult</code> usage conditions (by <a
href="https://github.com/ahmdammarr "><code>@ahmdammarr</code></a>).</li>
</ul>
<h2>8.4.32</h2>
<ul>
<li>Fixed <code>postcss().process()</code> types (by <a
href="https://github.com/ferreira-tb "><code>@ferreira-tb</code></a>).</li>
</ul>
<h2>8.4.31</h2>
<ul>
<li>Fixed <code>\r</code> parsing to fix CVE-2023-44270.</li>
</ul>
<h2>8.4.30</h2>
<ul>
<li>Improved source map performance (by <a
href="https://github.com/romainmenke "><code>@romainmenke</code></a>).</li>
</ul>
<h2>8.4.29</h2>
<ul>
<li>Fixed <code>Node#source.offset</code> (by <a
href="https://github.com/idoros "><code>@idoros</code></a>).</li>
<li>Fixed docs (by <a
href="https://github.com/coliff "><code>@coliff</code></a>).</li>
</ul>
<h2>8.4.28</h2>
<ul>
<li>Fixed <code>Root.source.end</code> for better source map (by <a
href="https://github.com/romainmenke "><code>@romainmenke</code></a>).</li>
<li>Fixed <code>Result.root</code> types when <code>process()</code> has
no parser.</li>
</ul>
<h2>8.4.27</h2>
<ul>
<li>Fixed <code>Container</code> clone methods types.</li>
</ul>
<h2>8.4.26</h2>
<ul>
<li>Fixed clone methods types.</li>
</ul>
<h2>8.4.25</h2>
<ul>
<li>Improve stringify performance (by <a
href="https://github.com/romainmenke "><code>@romainmenke</code></a>).</li>
<li>Fixed docs (by <a
href="https://github.com/vikaskaliramna07 "><code>@vikaskaliramna07</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md ">postcss's
changelog</a>.</em></p>
<blockquote>
<h2>8.4.38</h2>
<ul>
<li>Fixed <code>endIndex: 0</code> in errors and warnings (by <a
href="https://github.com/romainmenke "><code>@romainmenke</code></a>).</li>
</ul>
<h2>8.4.37</h2>
<ul>
<li>Fixed <code>original.column are not numbers</code> error in another
case.</li>
</ul>
<h2>8.4.36</h2>
<ul>
<li>Fixed <code>original.column are not numbers</code> error on broken
previous source map.</li>
</ul>
<h2>8.4.35</h2>
<ul>
<li>Avoid <code>!</code> in <code>node.parent.nodes</code> type.</li>
<li>Allow to pass <code>undefined</code> to node adding method to
simplify types.</li>
</ul>
<h2>8.4.34</h2>
<ul>
<li>Fixed <code>AtRule#nodes</code> type (by Tim Weißenfels).</li>
<li>Cleaned up code (by Dmitry Kirillov).</li>
</ul>
<h2>8.4.33</h2>
<ul>
<li>Fixed <code>NoWorkResult</code> behavior difference with normal mode
(by Romain Menke).</li>
<li>Fixed <code>NoWorkResult</code> usage conditions (by <a
href="https://github.com/ahmdammarr "><code>@ahmdammarr</code></a>).</li>
</ul>
<h2>8.4.32</h2>
<ul>
<li>Fixed <code>postcss().process()</code> types (by Andrew
Ferreira).</li>
</ul>
<h2>8.4.31</h2>
<ul>
<li>Fixed <code>\r</code> parsing to fix CVE-2023-44270.</li>
</ul>
<h2>8.4.30</h2>
<ul>
<li>Improved source map performance (by Romain Menke).</li>
</ul>
<h2>8.4.29</h2>
<ul>
<li>Fixed <code>Node#source.offset</code> (by Ido Rosenthal).</li>
<li>Fixed docs (by Christian Oliff).</li>
</ul>
<h2>8.4.28</h2>
<ul>
<li>Fixed <code>Root.source.end</code> for better source map (by Romain
Menke).</li>
<li>Fixed <code>Result.root</code> types when <code>process()</code> has
no parser.</li>
</ul>
<h2>8.4.27</h2>
<ul>
<li>Fixed <code>Container</code> clone methods types.</li>
</ul>
<h2>8.4.26</h2>
<ul>
<li>Fixed clone methods types.</li>
</ul>
<h2>8.4.25</h2>
<ul>
<li>Improve stringify performance (by Romain Menke).</li>
<li>Fixed docs (by <a
href="https://github.com/vikaskaliramna07 "><code>@vikaskaliramna07</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a69d45ecae
"><code>a69d45e</code></a>
Release 8.4.38 version</li>
<li><a
href="64e35d952c
"><code>64e35d9</code></a>
Update dependencies</li>
<li><a
href="c1ad8fb402
"><code>c1ad8fb</code></a>
Merge pull request <a
href="https://redirect.github.com/postcss/postcss/issues/1932 ">#1932</a>
from romainmenke/fix-warning-end-index--inventive-nu...</li>
<li><a
href="b45e7e9159
"><code>b45e7e9</code></a>
fix endIndex</li>
<li><a
href="1bea2466db
"><code>1bea246</code></a>
failing test: for endIndex 0 in rangeBy</li>
<li><a
href="0fd1d86f2d
"><code>0fd1d86</code></a>
Add changelog auto release on Github</li>
<li><a
href="49c906ebc0
"><code>49c906e</code></a>
Release 8.4.37 version</li>
<li><a
href="b5bd92ca41
"><code>b5bd92c</code></a>
Fix another broken prev source map issue</li>
<li><a
href="28820396e1
"><code>2882039</code></a>
Update dependencies</li>
<li><a
href="e5ad9394da
"><code>e5ad939</code></a>
Release 8.4.36 version</li>
<li>Additional commits viewable in <a
href="https://github.com/postcss/postcss/compare/8.4.24...8.4.38 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `word-wrap` from 1.2.3 to 1.2.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jonschlinkert/word-wrap/releases ">word-wrap's
releases</a>.</em></p>
<blockquote>
<h2>1.2.5</h2>
<p><strong>Changes</strong>:</p>
<p>Reverts default value for <code>options.indent</code> to two spaces
<code>' '</code>.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/jonschlinkert/word-wrap/compare/1.2.4...1.2.5 ">https://github.com/jonschlinkert/word-wrap/compare/1.2.4...1.2.5 </a></p>
<h2>1.2.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Remove default indent by <a
href="https://github.com/mohd-akram "><code>@mohd-akram</code></a> in <a
href="https://redirect.github.com/jonschlinkert/word-wrap/pull/24 ">jonschlinkert/word-wrap#24</a></li>
<li>🔒 fix: CVE 2023 26115 (2) by <a
href="https://github.com/OlafConijn "><code>@OlafConijn</code></a> in <a
href="https://redirect.github.com/jonschlinkert/word-wrap/pull/41 ">jonschlinkert/word-wrap#41</a></li>
<li>🔒 fix: CVE-2023-26115 by <a
href="https://github.com/aashutoshrathi "><code>@aashutoshrathi</code></a>
in <a
href="https://redirect.github.com/jonschlinkert/word-wrap/pull/33 ">jonschlinkert/word-wrap#33</a></li>
<li>chore: publish workflow by <a
href="https://github.com/OlafConijn "><code>@OlafConijn</code></a> in <a
href="https://redirect.github.com/jonschlinkert/word-wrap/pull/42 ">jonschlinkert/word-wrap#42</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/mohd-akram "><code>@mohd-akram</code></a> made
their first contribution in <a
href="https://redirect.github.com/jonschlinkert/word-wrap/pull/24 ">jonschlinkert/word-wrap#24</a></li>
<li><a
href="https://github.com/OlafConijn "><code>@OlafConijn</code></a> made
their first contribution in <a
href="https://redirect.github.com/jonschlinkert/word-wrap/pull/41 ">jonschlinkert/word-wrap#41</a></li>
<li><a
href="https://github.com/aashutoshrathi "><code>@aashutoshrathi</code></a>
made their first contribution in <a
href="https://redirect.github.com/jonschlinkert/word-wrap/pull/33 ">jonschlinkert/word-wrap#33</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4 ">https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="207044ebda
"><code>207044e</code></a>
1.2.5</li>
<li><a
href="9894315485
"><code>9894315</code></a>
revert default indent</li>
<li><a
href="f64b188c72
"><code>f64b188</code></a>
run verb to generate README</li>
<li><a
href="03ea08256b
"><code>03ea082</code></a>
Merge pull request <a
href="https://redirect.github.com/jonschlinkert/word-wrap/issues/42 ">#42</a>
from jonschlinkert/chore/publish-workflow</li>
<li><a
href="420dce9a24
"><code>420dce9</code></a>
Merge pull request <a
href="https://redirect.github.com/jonschlinkert/word-wrap/issues/41 ">#41</a>
from jonschlinkert/fix/CVE-2023-26115-2</li>
<li><a
href="bfa694edf5
"><code>bfa694e</code></a>
Update .github/workflows/publish.yml</li>
<li><a
href="ace0b3c78f
"><code>ace0b3c</code></a>
chore: bump version to 1.2.4</li>
<li><a
href="6fd7275946
"><code>6fd7275</code></a>
chore: add publish workflow</li>
<li><a
href="30d6daf60f
"><code>30d6daf</code></a>
chore: fix test</li>
<li><a
href="655929cabe
"><code>655929c</code></a>
chore: remove package-lock</li>
<li>Additional commits viewable in <a
href="https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.5 ">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/tldraw/tldraw/network/alerts ).
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Mime Čuvalo <mimecuvalo@gmail.com>
2024-05-07 14:54:56 +00:00
Steve Ruiz
ebc892a1a6
Camera options followups ( #3701 )
...
This PR adds a slideshow example (similar to @TodePond's slides but more
on rails) as a way to put some pressure on camera controls.
Along the way, it fixes some issues I found with animations and the new
camera controls.
- forced changes will continue to force through animations
- animations no longer set unnecessary additional listeners
- animations end correctly
- updating camera options does not immediately update the camera (to
allow for animations, etc.)
It also changes the location of the "in front of the canvas" element so
that it is not hidden by the hit test blocking element.
### Change Type
- [x] `sdk` — Changes the tldraw SDK
- [x] `improvement` — Improving existing features
2024-05-07 10:06:35 +00:00
Mitja Bezenšek
15dd56a75e
Readonly / room creation omnibus ( #3192 )
...
Reworks how the readonly urls work. Till now we just used a simple
function that would scramble the slugs. Now we use a proper key value
mapping between regular and readonly slugs:
- We use two KV stores. One is for going from a slug to a readonly slug
and the other one for going the other way around. They are populated at
the same time.
- We separate preview KV stores (dev, preview, staging) from production
one. I've already created these on Cloudflare. [My understanding is
](https://developers.cloudflare.com/kv/reference/data-security/#encryption-at-rest )that
ids [can be
public](https://community.cloudflare.com/t/is-it-safe-to-keep-kv-ids-in-a-public-git-repo/517387/4 )
since we can only access KV from our worker. Happy to move them to env
variables though.
- [x] Disable creating new rooms when tldraw is embedded inside iframes
on other websites (we check the referrer and if it's not the same as the
iframe's origin we don't allow it)
- [x] Fork a project when inside an iframe now opens the forked project
on tldraw.com and not inside iframe.
- [x] We allow embeding of iframes, but we now track the where they are
used via the referrer. We send this to Vercel analytics.
- [x] Improved UX of the share menu to make it less confusing. Toggle is
gone.
- [x] `/new` and `/r` routes not redirect to `/`.
- [x] This introduces a new `/ro` route for readonly rooms. Legacy rooms
still live on `/v`.
- [x] Brought back `dotcom-shared` project to share code between BE and
FE. Mostly types.
- [x] Prevent creating of rooms by entering `/r/non-existing-slug`.
- [x] Handle getting a readonly slug for old rooms. Added a comment
about it
[here](https://github.com/tldraw/tldraw/pull/3192/files#diff-c0954b3dc71bb7097c39656441175f3238ed60cf5cee64077c06e21da82182cbR17-R18 ).
- [x] We no longer expose editor on the window object for readonly
rooms. Prevents the users disabling readonly rooms manually.
### Change Type
<!-- ❗ Please select a 'Scope' label ❗ ️ -->
- [ ] `sdk` — Changes the tldraw SDK
- [x] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [ ] `internal` — Does not affect user-facing stuff
<!-- ❗ Please select a 'Type' label ❗ ️ -->
- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [x] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
### Test Plan
1. Make sure old readonly rooms still work.
2. Creating a readonly link from an existing room should still use `/v`
path.
3. Newly created rooms should use `/ro` path for readonly rooms. Make
sure these work as well.
4. `/r` room was disabled and redirects to `/`
5. `/new` should still work when not inside iframes.
- [x] Unit Tests
- [ ] End to end tests
### Release Notes
1. This adds new functionality for readonly rooms:
- We have a new route `/ro` for newly created readonly rooms. These
rooms no longer use the scrambling logic to create readonly slugs.
Instead we now use KV storage from cloudflare to track the mapping for
slugs -> readonly slug and readonly slug -> slug.
- The old route `/v` is preserved, so that the old room still work as
they did before.
- For old rooms we will keep on generating the old readonly slugs, but
for new rooms we'll start using the new logic.
2. We no longer prevent embedding of tldraw inside iframes.
3. We do prevent generating new rooms from inside the iframes though.
`/r`, `/new`, `/r/non-existing-id` should not allow creation of new
rooms inside iframes. Only `/new` still works when not inside iframes.
4. Forking a project from inside an iframe now opens it on tldraw.com
5. Slight copy change on the sharing menu. We no longer have a toggle
between readonly and non-readonly links.
6. `editor` and `app` are no longer exposed on the window object for
readonly rooms. Prevents users from using the `updateInstanceState` to
escape readonly rooms.
---------
Co-authored-by: Mime Čuvalo <mimecuvalo@gmail.com>
2024-04-25 14:10:40 +00:00
Mitja Bezenšek
4245fd55b2
Fix deploy script ( #3550 )
...
Seems like `tar` is moving to `ts` in version 7 and this caused some
issues with imports.
Saw this issue on [readonly
PR](https://github.com/tldraw/tldraw/actions/runs/8783569356/job/24099998235?pr=3192#step:6:684 ),
looks like a result of a [dependabot
PR](https://github.com/tldraw/tldraw/pull/3505 ).
### Change Type
<!-- ❗ Please select a 'Scope' label ❗ ️ -->
- [ ] `sdk` — Changes the tldraw SDK
- [ ] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [x] `internal` — Does not affect user-facing stuff
<!-- ❗ Please select a 'Type' label ❗ ️ -->
- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [ ] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [x] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
2024-04-22 15:33:25 +00:00
dependabot[bot]
4507ce6378
Bump the npm_and_yarn group across 1 directory with 2 updates ( #3505 )
...
Bumps the npm_and_yarn group with 2 updates in the / directory:
[vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite ) and
[tar](https://github.com/isaacs/node-tar ).
Updates `vite` from 5.2.8 to 5.2.9
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md ">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->5.2.9 (2024-04-15)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: <code>fsp.rm</code> removing files does not take effect (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16032 ">#16032</a>)
(<a href="https://github.com/vitejs/vite/commit/b05c405 ">b05c405</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16032 ">#16032</a></li>
<li>fix: fix accumulated stacks in error overlay (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16393 ">#16393</a>)
(<a href="https://github.com/vitejs/vite/commit/102c2fd ">102c2fd</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16393 ">#16393</a></li>
<li>fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16376 ">#16376</a>)
(<a href="https://github.com/vitejs/vite/commit/58a2938 ">58a2938</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16376 ">#16376</a></li>
<li>chore: update region comment (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16380 ">#16380</a>)
(<a href="https://github.com/vitejs/vite/commit/77562c3 ">77562c3</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16380 ">#16380</a></li>
<li>perf: reduce size of injected __vite__mapDeps code (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16184 ">#16184</a>)
(<a href="https://github.com/vitejs/vite/commit/c0ec6be ">c0ec6be</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16184 ">#16184</a></li>
<li>perf(css): only replace empty chunk if imported (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16349 ">#16349</a>)
(<a href="https://github.com/vitejs/vite/commit/e2658ad ">e2658ad</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16349 ">#16349</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a77707d69c
"><code>a77707d</code></a>
release: v5.2.9</li>
<li><a
href="102c2fd5ad
"><code>102c2fd</code></a>
fix: fix accumulated stacks in error overlay (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16393 ">#16393</a>)</li>
<li><a
href="58a2938a97
"><code>58a2938</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16376 ">#16376</a>)</li>
<li><a
href="77562c3ff2
"><code>77562c3</code></a>
chore: update region comment (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16380 ">#16380</a>)</li>
<li><a
href="b05c405f68
"><code>b05c405</code></a>
fix: <code>fsp.rm</code> removing files does not take effect (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16032 ">#16032</a>)</li>
<li><a
href="e2658ad6fe
"><code>e2658ad</code></a>
perf(css): only replace empty chunk if imported (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16349 ">#16349</a>)</li>
<li><a
href="c0ec6bea69
"><code>c0ec6be</code></a>
perf: reduce size of injected __vite__mapDeps code (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16184 ">#16184</a>)</li>
<li>See full diff in <a
href="https://github.com/vitejs/vite/commits/v5.2.9/packages/vite ">compare
view</a></li>
</ul>
</details>
<br />
Updates `tar` from 6.2.1 to 7.0.1
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md ">tar's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>7.0</h2>
<ul>
<li>Rewrite in TypeScript, provide ESM and CommonJS hybrid
interface</li>
<li>Add tree-shake friendly exports, like
<code>import('tar/create')</code>
and <code>import('tar/read-entry')</code> to get individual functions or
classes.</li>
<li>Add <code>chmod</code> option that defaults to false, and deprecate
<code>noChmod</code>. That is, reverse the default option regarding
explicitly setting file system modes to match tar entry
settings.</li>
<li>Add <code>processUmask</code> option to avoid having to call
<code>process.umask()</code> when <code>chmod: true</code> (or
<code>noChmod: false</code>) is
set.</li>
</ul>
<h2>6.2</h2>
<ul>
<li>Add support for brotli compression</li>
<li>Add <code>maxDepth</code> option to prevent extraction into
excessively
deep folders.</li>
</ul>
<h2>6.1</h2>
<ul>
<li>remove dead link to benchmarks (<a
href="https://redirect.github.com/isaacs/node-tar/issues/313 ">#313</a>)
(<a href="https://github.com/yetzt "><code>@yetzt</code></a>)</li>
<li>add examples/explanation of using tar.t (<a
href="https://github.com/isaacs "><code>@isaacs</code></a>)</li>
<li>ensure close event is emited after stream has ended (<a
href="https://github.com/webark "><code>@webark</code></a>)</li>
<li>replace deprecated String.prototype.substr() (<a
href="https://github.com/CommanderRoot "><code>@CommanderRoot</code></a>,
<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
</ul>
<h2>6.0</h2>
<ul>
<li>Drop support for node 6 and 8</li>
<li>fix symlinks and hardlinks on windows being packed with
<code>\</code>-style path targets</li>
</ul>
<h2>5.0</h2>
<ul>
<li>Address unpack race conditions using path reservations</li>
<li>Change large-numbers errors from TypeError to Error</li>
<li>Add <code>TAR_*</code> error codes</li>
<li>Raise <code>TAR_BAD_ARCHIVE</code> warning/error when there are no
valid
entries found in an archive</li>
<li>do not treat ignored entries as an invalid archive</li>
<li>drop support for node v4</li>
<li>unpack: conditionally use a file mapping to write files on
Windows</li>
<li>Set more portable 'mode' value in portable mode</li>
<li>Set <code>portable</code> gzip option in portable mode</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d99fce38eb
"><code>d99fce3</code></a>
7.0.1</li>
<li><a
href="af043922c0
"><code>af04392</code></a>
Do not apply linkpath,global from global pax header</li>
<li><a
href="b0fbdea463
"><code>b0fbdea</code></a>
7.0.0</li>
<li><a
href="957da7506c
"><code>957da75</code></a>
remove old lib folder</li>
<li><a
href="9a260c2dba
"><code>9a260c2</code></a>
test verifying <a
href="https://redirect.github.com/isaacs/node-tar/issues/398 ">#398</a>
is fixed</li>
<li><a
href="2d89a4edc3
"><code>2d89a4e</code></a>
Properly handle long linkpath in PaxHeader</li>
<li><a
href="314ec7e642
"><code>314ec7e</code></a>
list: close file even if no error thrown</li>
<li><a
href="b3afdbb264
"><code>b3afdbb</code></a>
unpack test: use modern tap features</li>
<li><a
href="2330416081
"><code>2330416</code></a>
test: code style, prefer () to _ for empty fns</li>
<li><a
href="ae9ce7ec2a
"><code>ae9ce7e</code></a>
test: fix normalize-unicode coverage on linux</li>
<li>Additional commits viewable in <a
href="https://github.com/isaacs/node-tar/compare/v6.2.1...v7.0.1 ">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/tldraw/tldraw/network/alerts ).
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mime Čuvalo <mimecuvalo@gmail.com>
Co-authored-by: Steve Ruiz <steveruizok@gmail.com>
2024-04-21 12:39:38 +00:00
Mitja Bezenšek
88ee4e9993
Revert "RBush again? ( #3439 )" ( #3481 )
...
This reverts commit 45dffd1af6
.
Revert rbush. There's issues with shapes that have computed bounds
(arrows, groups).
### Change Type
<!-- ❗ Please select a 'Scope' label ❗ ️ -->
- [ ] `sdk` — Changes the tldraw SDK
- [ ] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [x] `internal` — Does not affect user-facing stuff
<!-- ❗ Please select a 'Type' label ❗ ️ -->
- [x] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [ ] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
- Add a brief release note for your PR here.
2024-04-16 10:56:35 +00:00
Mitja Bezenšek
45dffd1af6
RBush again? ( #3439 )
...
Adds RBush to handle spatial querying. We use it for:
- Culling. Helps a lot with panning as we don't have to compute the
culled shapes from scratch. Instead we just query rbush again. It makes
culling quite granular: spatial index updates when shapes change
(additions, removals, changes to bounds), visible shapes depends on
that, but also updates when the viewport page bound change, culled
shapes then depend on that but also change with selections changes. The
api stayed the same, which is great since the fuzz tests can stay as
they are.
- Brushing
- Erasing
- Scribble brushing
- Getting shapes at point (for example, when updating the hover id)
This improves performance of all of those operations. I might have
missed some places where this might also be useful.
### Erasing before (Test on my old ipad)
https://github.com/tldraw/tldraw/assets/2523721/edb9c004-a44a-4779-b2d0-98617b057314
### Erasing after
https://github.com/tldraw/tldraw/assets/2523721/8f8367fd-fa8e-4963-ba13-720c5f0c2da5
### Creating an arrow before
https://github.com/tldraw/tldraw/assets/2523721/4068f8b7-f7b8-4826-83f2-083b1f3783bc
### After (much better, but still bad)
https://github.com/tldraw/tldraw/assets/2523721/11af6be6-01d8-4740-bf15-896e2dd31dd6
### Change Type
<!-- ❗ Please select a 'Scope' label ❗ ️ -->
- [ ] `sdk` — Changes the tldraw SDK
- [ ] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [x] `internal` — Does not affect user-facing stuff
<!-- ❗ Please select a 'Type' label ❗ ️ -->
- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [x] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
---------
Co-authored-by: Steve Ruiz <steveruizok@gmail.com>
2024-04-15 16:28:18 +00:00
David Sheldrick
4f70a4f4e8
New migrations again ( #3220 )
...
Describe what your pull request does. If appropriate, add GIFs or images
showing the before and after.
### Change Type
- [x] `sdk` — Changes the tldraw SDK
- [x] `galaxy brain` — Architectural changes
### Test Plan
1. Add a step-by-step description of how to test your PR here.
2.
- [ ] Unit Tests
- [ ] End to end tests
### Release Notes
#### BREAKING CHANGES
- The `Migrations` type is now called `LegacyMigrations`.
- The serialized schema format (e.g. returned by
`StoreSchema.serialize()` and `Store.getSnapshot()`) has changed. You
don't need to do anything about it unless you were reading data directly
from the schema for some reason. In which case it'd be best to avoid
that in the future! We have no plans to change the schema format again
(this time was traumatic enough) but you never know.
- `compareRecordVersions` and the `RecordVersion` type have both
disappeared. There is no replacement. These were public by mistake
anyway, so hopefully nobody had been using it.
- `compareSchemas` is a bit less useful now. Our migrations system has
become a little fuzzy to allow for simpler UX when adding/removing
custom extensions and 3rd party dependencies, and as a result we can no
longer compare serialized schemas in any rigorous manner. You can rely
on this function to return `0` if the schemas are the same. Otherwise it
will return `-1` if the schema on the right _seems_ to be newer than the
schema on the left, but it cannot guarantee that in situations where
migration sequences have been removed over time (e.g. if you remove one
of the builtin tldraw shapes).
Generally speaking, the best way to check schema compatibility now is to
call `store.schema.getMigrationsSince(persistedSchema)`. This will throw
an error if there is no upgrade path from the `persistedSchema` to the
current version.
- `defineMigrations` has been deprecated and will be removed in a future
release. For upgrade instructions see
https://tldraw.dev/docs/persistence#Updating-legacy-shape-migrations-defineMigrations
- `migrate` has been removed. Nobody should have been using this but if
you were you'll need to find an alternative. For migrating tldraw data,
you should stick to using `schema.migrateStoreSnapshot` and, if you are
building a nuanced sync engine that supports some amount of backwards
compatibility, also feel free to use `schema.migratePersistedRecord`.
- the `Migration` type has changed. If you need the old one for some
reason it has been renamed to `LegacyMigration`. It will be removed in a
future release.
- the `Migrations` type has been renamed to `LegacyMigrations` and will
be removed in a future release.
- the `SerializedSchema` type has been augmented. If you need the old
version specifically you can use `SerializedSchemaV1`
---------
Co-authored-by: Steve Ruiz <steveruizok@gmail.com>
2024-04-15 12:53:42 +00:00
dependabot[bot]
8c02dab5fb
Bump the npm_and_yarn group across 1 directory with 2 updates ( #3443 )
...
Bumps the npm_and_yarn group with 2 updates in the / directory:
[tar](https://github.com/isaacs/node-tar ) and
[undici](https://github.com/nodejs/undici ).
Updates `tar` from 6.2.0 to 6.2.1
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bef7b1e4ff
"><code>bef7b1e</code></a>
6.2.1</li>
<li><a
href="fe8cd57da5
"><code>fe8cd57</code></a>
prevent extraction in excessively deep subfolders</li>
<li><a
href="fe7ebfdced
"><code>fe7ebfd</code></a>
remove security.md</li>
<li>See full diff in <a
href="https://github.com/isaacs/node-tar/compare/v6.2.0...v6.2.1 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `undici` from 5.28.3 to 5.28.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nodejs/undici/releases ">undici's
releases</a>.</em></p>
<blockquote>
<h2>v5.28.4</h2>
<h2>⚠️ Security Release ⚠️ </h2>
<ul>
<li>Fixes <a
href="https://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7 ">https://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7 </a>
CVE-2024-30260</li>
<li>Fixes <a
href="https://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672 ">https://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672 </a>
CVE-2024-30261</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4 ">https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fb98306907
"><code>fb98306</code></a>
Bumped v5.28.4</li>
<li><a
href="2b39440bd9
"><code>2b39440</code></a>
Merge pull request from GHSA-9qxr-qj54-h672</li>
<li><a
href="64e3402da4
"><code>64e3402</code></a>
Merge pull request from GHSA-m4v8-wqvr-p9f7</li>
<li><a
href="723c4e7280
"><code>723c4e7</code></a>
Revert "build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 (<a
href="https://redirect.github.com/nodejs/undici/issues/2389 ">#2389</a>)"</li>
<li><a
href="0e9d54b2c2
"><code>0e9d54b</code></a>
skip failing test due to Node.js changes</li>
<li>See full diff in <a
href="https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4 ">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/tldraw/tldraw/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-15 11:37:33 +00:00
dependabot[bot]
0161ec796e
Bump the npm_and_yarn group across 1 directory with 1 update ( #3348 )
...
Bumps the npm_and_yarn group with 1 update in the / directory:
[vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite ).
Updates `vite` from 5.2.7 to 5.2.8
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md ">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->5.2.8 (2024-04-03)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: csp nonce injection when no closing tag (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16281 ">#16281</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16282 ">#16282</a>)
(<a href="https://github.com/vitejs/vite/commit/3c85c6b ">3c85c6b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16281 ">#16281</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/16282 ">#16282</a></li>
<li>fix: do not access document in <code>/@vite/client</code> when not
defined (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16318 ">#16318</a>)
(<a href="https://github.com/vitejs/vite/commit/646319c ">646319c</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16318 ">#16318</a></li>
<li>fix: fix sourcemap when using object as <code>define</code> value
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15805 ">#15805</a>)
(<a href="https://github.com/vitejs/vite/commit/445c4f2 ">445c4f2</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15805 ">#15805</a></li>
<li>fix(css): unknown file error happened with lightningcss (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16306 ">#16306</a>)
(<a href="https://github.com/vitejs/vite/commit/01af308 ">01af308</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16306 ">#16306</a></li>
<li>fix(hmr): multiple updates happened when invalidate is called while
multiple tabs open (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16307 ">#16307</a>)
(<a href="https://github.com/vitejs/vite/commit/21cc10b ">21cc10b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16307 ">#16307</a></li>
<li>fix(scanner): duplicate modules for same id if glob is used in
html-like types (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16305 ">#16305</a>)
(<a href="https://github.com/vitejs/vite/commit/eca68fa ">eca68fa</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16305 ">#16305</a></li>
<li>chore(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16325 ">#16325</a>)
(<a href="https://github.com/vitejs/vite/commit/a78e265 ">a78e265</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16325 ">#16325</a></li>
<li>refactor: use types from sass instead of <code>@types/sass</code>
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16340 ">#16340</a>)
(<a href="https://github.com/vitejs/vite/commit/4581e83 ">4581e83</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16340 ">#16340</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8b8d4024fb
"><code>8b8d402</code></a>
release: v5.2.8</li>
<li><a
href="646319cc84
"><code>646319c</code></a>
fix: do not access document in <code>/@vite/client</code> when not
defined (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16318 ">#16318</a>)</li>
<li><a
href="445c4f2158
"><code>445c4f2</code></a>
fix: fix sourcemap when using object as <code>define</code> value (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15805 ">#15805</a>)</li>
<li><a
href="a78e265822
"><code>a78e265</code></a>
chore(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16325 ">#16325</a>)</li>
<li><a
href="4581e8371d
"><code>4581e83</code></a>
refactor: use types from sass instead of <code>@types/sass</code> (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16340 ">#16340</a>)</li>
<li><a
href="3c85c6b52e
"><code>3c85c6b</code></a>
fix: csp nonce injection when no closing tag (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16281 ">#16281</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16282 ">#16282</a>)</li>
<li><a
href="21cc10bfda
"><code>21cc10b</code></a>
fix(hmr): multiple updates happened when invalidate is called while
multiple ...</li>
<li><a
href="01af308dfd
"><code>01af308</code></a>
fix(css): unknown file error happened with lightningcss (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16306 ">#16306</a>)</li>
<li><a
href="eca68fa942
"><code>eca68fa</code></a>
fix(scanner): duplicate modules for same id if glob is used in html-like
type...</li>
<li>See full diff in <a
href="https://github.com/vitejs/vite/commits/v5.2.8/packages/vite ">compare
view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vite&package-manager=npm_and_yarn&previous-version=5.2.7&new-version=5.2.8 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/tldraw/tldraw/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-04 07:34:07 +00:00
David Sheldrick
5557f6be5b
Revert "squish sync data events before sending them out" ( #3331 )
...
Reverts tldraw/tldraw#3118
2024-04-03 10:31:28 +01:00
Dan Groshev
b42a222c88
squish sync data events before sending them out ( #3118 )
...
Recently (https://github.com/tldraw/tldraw/pull/3012 ), we started
aggregating data messages before sending them out. However, local
testing shows that we generate *many* redundant messages (see the test
file for an example of a real buffer captured during local testing with
just two users). This PR adds a function to squish those updates
together, reducing the amount of data we need to transfer and load on
the client that won't need to process those redundant messages.
The function is checked with [fast-check](https://fast-check.dev/ ), a JS
property test framework, to make sure that squished deltas result in
exactly the same state as the original ones.
### Change Type
- [x] `minor` — New feature
### Test Plan
1. Needs a group smoke test
- [x] End to end tests
2024-04-02 08:57:58 +00:00
Steve Ruiz
3df866a86f
[internal] Add license report scripts ( #2751 )
...
This PR adds scripts that allow us to generate reports on our
dependencies.
### Change Type
- [x] `internal` — Any other changes that don't affect the published
package[^2]
2024-04-01 13:36:40 +00:00
dependabot[bot]
1db0c271a6
Bump the npm_and_yarn group across 1 directory with 2 updates ( #3304 )
...
Bumps the npm_and_yarn group with 2 updates in the / directory:
[vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite ) and
[express](https://github.com/expressjs/express ).
Updates `vite` from 5.1.6 to 5.2.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases ">vite's
releases</a>.</em></p>
<blockquote>
<h2>create-vite@5.2.3</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/create-vite@5.2.3/packages/create-vite/CHANGELOG.md ">CHANGELOG.md</a>
for details.</p>
<h2>create-vite@5.2.2</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/create-vite@5.2.2/packages/create-vite/CHANGELOG.md ">CHANGELOG.md</a>
for details.</p>
<h2>create-vite@5.2.1</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/create-vite@5.2.1/packages/create-vite/CHANGELOG.md ">CHANGELOG.md</a>
for details.</p>
<h2>create-vite@5.2.0</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/create-vite@5.2.0/packages/create-vite/CHANGELOG.md ">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md ">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->5.2.7 (2024-03-29)<!-- raw HTML omitted
--></h2>
<ul>
<li>chore: deprecate splitVendorChunkPlugin (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16274 ">#16274</a>)
(<a href="https://github.com/vitejs/vite/commit/45a06da ">45a06da</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16274 ">#16274</a></li>
<li>fix: skip injecting <code>__vite__mapDeps</code> when it's not used
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16271 ">#16271</a>)
(<a href="https://github.com/vitejs/vite/commit/890538a ">890538a</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16271 ">#16271</a></li>
<li>fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16258 ">#16258</a>)
(<a href="https://github.com/vitejs/vite/commit/7caef42 ">7caef42</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16258 ">#16258</a></li>
<li>fix(hmr): don't mutate module graph when collecting modules (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16302 ">#16302</a>)
(<a href="https://github.com/vitejs/vite/commit/dfffea1 ">dfffea1</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16302 ">#16302</a></li>
<li>fix(hmr): trigger hmr for missing file import errored module after
file creation (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16303 ">#16303</a>)
(<a href="https://github.com/vitejs/vite/commit/ffedc06 ">ffedc06</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16303 ">#16303</a></li>
<li>fix(sourcemap): don't warn even if the sourcesContent is an empty
string (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16273 ">#16273</a>)
(<a href="https://github.com/vitejs/vite/commit/24e376a ">24e376a</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16273 ">#16273</a></li>
<li>feat(hmr): reload when HTML file is created/deleted (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16288 ">#16288</a>)
(<a href="https://github.com/vitejs/vite/commit/1f53796 ">1f53796</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16288 ">#16288</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.2.6 (2024-03-24)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: <code>fs.deny</code> with globs with directories (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16250 ">#16250</a>)
(<a href="https://github.com/vitejs/vite/commit/ba5269c ">ba5269c</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16250 ">#16250</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.2.5 (2024-03-24)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: avoid SSR requests in waitForRequestIdle (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16246 ">#16246</a>)
(<a href="https://github.com/vitejs/vite/commit/7093f77 ">7093f77</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16246 ">#16246</a></li>
<li>docs: clarify enforce vs hook.order (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16226 ">#16226</a>)
(<a href="https://github.com/vitejs/vite/commit/3a73e48 ">3a73e48</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16226 ">#16226</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.2.4 (2024-03-23)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: dont resolve imports with malformed URI (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16244 ">#16244</a>)
(<a href="https://github.com/vitejs/vite/commit/fbf69d5 ">fbf69d5</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16244 ">#16244</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.2.3 (2024-03-22)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: handle warmup request error correctly (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16223 ">#16223</a>)
(<a href="https://github.com/vitejs/vite/commit/d7c5256 ">d7c5256</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16223 ">#16223</a></li>
<li>fix: skip encode if is data uri (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16233 ">#16233</a>)
(<a href="https://github.com/vitejs/vite/commit/8617e76 ">8617e76</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16233 ">#16233</a></li>
<li>fix(optimizer): fix <code>optimizeDeps.include</code> glob syntax
for <code>./*</code> exports (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16230 ">#16230</a>)
(<a href="https://github.com/vitejs/vite/commit/f184c80 ">f184c80</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16230 ">#16230</a></li>
<li>fix(runtime): fix sourcemap with <code>prepareStackTrace</code> (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16220 ">#16220</a>)
(<a href="https://github.com/vitejs/vite/commit/dad7f4f ">dad7f4f</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16220 ">#16220</a></li>
<li>chore: <code>utf8</code> replaced with <code>utf-8</code> (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16232 ">#16232</a>)
(<a href="https://github.com/vitejs/vite/commit/9800c73 ">9800c73</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16232 ">#16232</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.2.2 (2024-03-20)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix(importAnalysis): skip encode in ssr (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16213 ">#16213</a>)
(<a href="https://github.com/vitejs/vite/commit/e4d2d60 ">e4d2d60</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16213 ">#16213</a></li>
</ul>
<h2><!-- raw HTML omitted -->5.2.1 (2024-03-20)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: encode path uri only (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16212 ">#16212</a>)
(<a href="https://github.com/vitejs/vite/commit/0b2e40b ">0b2e40b</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16212 ">#16212</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ad246da989
"><code>ad246da</code></a>
release: v5.2.7</li>
<li><a
href="45a06daac8
"><code>45a06da</code></a>
chore: deprecate splitVendorChunkPlugin (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16274 ">#16274</a>)</li>
<li><a
href="ffedc06cab
"><code>ffedc06</code></a>
fix(hmr): trigger hmr for missing file import errored module after file
creat...</li>
<li><a
href="dfffea1f43
"><code>dfffea1</code></a>
fix(hmr): don't mutate module graph when collecting modules (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16302 ">#16302</a>)</li>
<li><a
href="1f5379601e
"><code>1f53796</code></a>
feat(hmr): reload when HTML file is created/deleted (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16288 ">#16288</a>)</li>
<li><a
href="24e376ad86
"><code>24e376a</code></a>
fix(sourcemap): don't warn even if the sourcesContent is an empty string
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16 ">#16</a>...</li>
<li><a
href="7caef4216e
"><code>7caef42</code></a>
fix(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16258 ">#16258</a>)</li>
<li><a
href="890538a694
"><code>890538a</code></a>
fix: skip injecting <code>__vite__mapDeps</code> when it's not used (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16271 ">#16271</a>)</li>
<li><a
href="7369016d8a
"><code>7369016</code></a>
release: v5.2.6</li>
<li><a
href="ba5269cca8
"><code>ba5269c</code></a>
fix: <code>fs.deny</code> with globs with directories (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16250 ">#16250</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vitejs/vite/commits/v5.2.7/packages/vite ">compare
view</a></li>
</ul>
</details>
<br />
Updates `express` from 4.18.2 to 4.19.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/releases ">express's
releases</a>.</em></p>
<blockquote>
<h2>4.19.2</h2>
<h2>What's Changed</h2>
<ul>
<li><a
href="0b746953c4
">Improved
fix for open redirect allow list bypass</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/express/compare/4.19.1...4.19.2 ">https://github.com/expressjs/express/compare/4.19.1...4.19.2 </a></p>
<h2>4.19.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix ci after location patch by <a
href="https://github.com/wesleytodd "><code>@wesleytodd</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5552 ">expressjs/express#5552</a></li>
<li>fixed un-edited version in history.md for 4.19.0 by <a
href="https://github.com/wesleytodd "><code>@wesleytodd</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5556 ">expressjs/express#5556</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/express/compare/4.19.0...4.19.1 ">https://github.com/expressjs/express/compare/4.19.0...4.19.1 </a></p>
<h2>4.19.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix typo in release date by <a
href="https://github.com/UlisesGascon "><code>@UlisesGascon</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/5527 ">expressjs/express#5527</a></li>
<li>docs: nominating <a
href="https://github.com/wesleytodd "><code>@wesleytodd</code></a> to be
project captian by <a
href="https://github.com/wesleytodd "><code>@wesleytodd</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5511 ">expressjs/express#5511</a></li>
<li>docs: loosen TC activity rules by <a
href="https://github.com/wesleytodd "><code>@wesleytodd</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5510 ">expressjs/express#5510</a></li>
<li>Add note on how to update docs for new release by <a
href="https://github.com/crandmck "><code>@crandmck</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5541 ">expressjs/express#5541</a></li>
<li><a
href="660ccf5fa3
">Prevent
open redirect allow list bypass due to encodeurl</a></li>
<li>Release 4.19.0 by <a
href="https://github.com/wesleytodd "><code>@wesleytodd</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5551 ">expressjs/express#5551</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/crandmck "><code>@crandmck</code></a>
made their first contribution in <a
href="https://redirect.github.com/expressjs/express/pull/5541 ">expressjs/express#5541</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/express/compare/4.18.3...4.19.0 ">https://github.com/expressjs/express/compare/4.18.3...4.19.0 </a></p>
<h2>4.18.3</h2>
<h2>Main Changes</h2>
<ul>
<li>Fix routing requests without method</li>
<li>deps: body-parser@1.20.2
<ul>
<li>Fix strict json error message on Node.js 19+</li>
<li>deps: content-type@~1.0.5</li>
<li>deps: raw-body@2.5.2</li>
</ul>
</li>
</ul>
<h2>Other Changes</h2>
<ul>
<li>Use https: protocol instead of deprecated git: protocol by <a
href="https://github.com/vcsjones "><code>@vcsjones</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5032 ">expressjs/express#5032</a></li>
<li>build: Node.js@16.18 and Node.js@18.12 by <a
href="https://github.com/abenhamdine "><code>@abenhamdine</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/5034 ">expressjs/express#5034</a></li>
<li>ci: update actions/checkout to v3 by <a
href="https://github.com/armujahid "><code>@armujahid</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5027 ">expressjs/express#5027</a></li>
<li>test: remove unused function arguments in params by <a
href="https://github.com/raksbisht "><code>@raksbisht</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5124 ">expressjs/express#5124</a></li>
<li>Remove unused originalIndex from acceptParams by <a
href="https://github.com/raksbisht "><code>@raksbisht</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5119 ">expressjs/express#5119</a></li>
<li>Fixed typos by <a
href="https://github.com/raksbisht "><code>@raksbisht</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5117 ">expressjs/express#5117</a></li>
<li>examples: remove unused params by <a
href="https://github.com/raksbisht "><code>@raksbisht</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5113 ">expressjs/express#5113</a></li>
<li>fix: parameter str is not described in JSDoc by <a
href="https://github.com/raksbisht "><code>@raksbisht</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5130 ">expressjs/express#5130</a></li>
<li>fix: typos in History.md by <a
href="https://github.com/raksbisht "><code>@raksbisht</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5131 ">expressjs/express#5131</a></li>
<li>build : add Node.js@19.7 by <a
href="https://github.com/abenhamdine "><code>@abenhamdine</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/5028 ">expressjs/express#5028</a></li>
<li>test: remove unused function arguments in params by <a
href="https://github.com/raksbisht "><code>@raksbisht</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/5137 ">expressjs/express#5137</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/blob/master/History.md ">express's
changelog</a>.</em></p>
<blockquote>
<h1>4.19.2 / 2024-03-25</h1>
<ul>
<li>Improved fix for open redirect allow list bypass</li>
</ul>
<h1>4.19.1 / 2024-03-20</h1>
<ul>
<li>Allow passing non-strings to res.location with new encoding handling
checks</li>
</ul>
<h1>4.19.0 / 2024-03-20</h1>
<ul>
<li>Prevent open redirect allow list bypass due to encodeurl</li>
<li>deps: cookie@0.6.0</li>
</ul>
<h1>4.18.3 / 2024-02-29</h1>
<ul>
<li>Fix routing requests without method</li>
<li>deps: body-parser@1.20.2
<ul>
<li>Fix strict json error message on Node.js 19+</li>
<li>deps: content-type@~1.0.5</li>
<li>deps: raw-body@2.5.2</li>
</ul>
</li>
<li>deps: cookie@0.6.0
<ul>
<li>Add <code>partitioned</code> option</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="04bc62787b
"><code>04bc627</code></a>
4.19.2</li>
<li><a
href="da4d763ff6
"><code>da4d763</code></a>
Improved fix for open redirect allow list bypass</li>
<li><a
href="4f0f6cc67d
"><code>4f0f6cc</code></a>
4.19.1</li>
<li><a
href="a003cfab03
"><code>a003cfa</code></a>
Allow passing non-strings to res.location with new encoding handling
checks f...</li>
<li><a
href="a1fa90fcea
"><code>a1fa90f</code></a>
fixed un-edited version in history.md for 4.19.0</li>
<li><a
href="11f2b1db22
"><code>11f2b1d</code></a>
build: fix build due to inconsistent supertest behavior in older
versions</li>
<li><a
href="084e36506a
"><code>084e365</code></a>
4.19.0</li>
<li><a
href="0867302ddb
"><code>0867302</code></a>
Prevent open redirect allow list bypass due to encodeurl</li>
<li><a
href="567c9c665d
"><code>567c9c6</code></a>
Add note on how to update docs for new release (<a
href="https://redirect.github.com/expressjs/express/issues/5541 ">#5541</a>)</li>
<li><a
href="69a4cf2819
"><code>69a4cf2</code></a>
deps: cookie@0.6.0</li>
<li>Additional commits viewable in <a
href="https://github.com/expressjs/express/compare/4.18.2...4.19.2 ">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~wesleytodd ">wesleytodd</a>, a new releaser
for express since your current version.</p>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/tldraw/tldraw/network/alerts ).
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Mitja Bezenšek <mitja.bezensek@gmail.com>
2024-03-29 16:23:34 +00:00
Steve Ruiz
1fe74ecaa4
[chore] Bump browser-fs-access. ( #3277 )
...
This PR bumps browser-fs-access to the latest version.
### Change Type
<!-- ❗ Please select a 'Scope' label ❗ ️ -->
- [ ] `sdk` — Changes the tldraw SDK
- [ ] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [x] `internal` — Does not affect user-facing stuff
<!-- ❗ Please select a 'Type' label ❗ ️ -->
- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [ ] `improvement` — Improving existing features
- [x] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
2024-03-29 10:56:30 +00:00
Mitja Bezenšek
cd02d03d06
Revert perf changes ( #3217 )
...
Step 1 of the master plan 😂
![CleanShot 2024-03-19 at 16 05
08](https://github.com/tldraw/tldraw/assets/2523721/7d2afed9-7b69-4fdb-8b9f-54a48c61258f )
This:
- Reverts #3186
- Reverts #3160 (there were some conflicting changes so it's not a
straight revert)
- Reverts most of #2977
### Change Type
<!-- ❗ Please select a 'Scope' label ❗ ️ -->
- [ ] `sdk` — Changes the tldraw SDK
- [ ] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [x] `internal` — Does not affect user-facing stuff
<!-- ❗ Please select a 'Type' label ❗ ️ -->
- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [ ] `improvement` — Improving existing features
- [x] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
2024-03-21 10:05:44 +00:00
alex
4c5c3daa51
PDF editor example ( #3159 )
...
This diff adds a PDF editor example. It's pretty similar to the image
annotator, but is a better way to demo longer axis-locked scrolling.
There are some pretty big drawbacks to it at the moment (see the TODO
list on `PdfEditor.tsx`)
I'm going to land as-is for now, and we can iterate on it in the future.
### Change Type
- [x] `docs` — Changes to the documentation, examples, or templates.
- [x] `feature` — New feature
2024-03-19 11:55:21 +00:00
Dan Groshev
d7b80baa31
use native structuredClone on node, cloudflare workers, and in tests ( #3166 )
...
Currently, we only use native `structuredClone` in the browser, falling
back to `JSON.parse(JSON.stringify(...))` elsewhere, despite Node
supporting `structuredClone` [since
v17](https://developer.mozilla.org/en-US/docs/Web/API/structuredClone )
and Cloudflare Workers supporting it [since
2022](https://blog.cloudflare.com/standards-compliant-workers-api/ ).
This PR adjusts our shim to use the native `structuredClone` on all
platforms, if available.
Additionally, `jsdom` doesn't implement `structuredClone`, a bug [open
since 2022](https://github.com/jsdom/jsdom/issues/3363 ). This PR patches
`jsdom` environment in all packages/apps that use it for tests.
Also includes a driveby removal of `deepCopy`, a function that is
strictly inferior to `structuredClone`.
### Change Type
<!-- ❗ Please select a 'Scope' label ❗ ️ -->
- [x] `sdk` — Changes the tldraw SDK
- [x] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [ ] `internal` — Does not affect user-facing stuff
<!-- ❗ Please select a 'Type' label ❗ ️ -->
- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [x] `improvement` — Improving existing features
- [x] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
### Test Plan
1. A smoke test would be enough
- [ ] Unit Tests
- [x] End to end tests
2024-03-18 17:16:09 +00:00
dependabot[bot]
afd024f898
Bump the npm_and_yarn group across 1 directory with 2 updates ( #3165 )
...
Bumps the npm_and_yarn group with 2 updates in the / directory:
[vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite ) and
[follow-redirects](https://github.com/follow-redirects/follow-redirects ).
Updates `vite` from 5.1.5 to 5.1.6
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md ">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->5.1.6 (2024-03-11)<!-- raw HTML omitted
--></h2>
<ul>
<li>chore(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16131 ">#16131</a>)
(<a href="https://github.com/vitejs/vite/commit/a862ecb ">a862ecb</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16131 ">#16131</a></li>
<li>fix: check for publicDir before checking if it is a parent directory
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16046 ">#16046</a>)
(<a href="https://github.com/vitejs/vite/commit/b6fb323 ">b6fb323</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16046 ">#16046</a></li>
<li>fix: escape single quote when relative base is used (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16060 ">#16060</a>)
(<a href="https://github.com/vitejs/vite/commit/8f74ce4 ">8f74ce4</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16060 ">#16060</a></li>
<li>fix: handle function property extension in namespace import (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16113 ">#16113</a>)
(<a href="https://github.com/vitejs/vite/commit/f699194 ">f699194</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16113 ">#16113</a></li>
<li>fix: server middleware mode resolve (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16122 ">#16122</a>)
(<a href="https://github.com/vitejs/vite/commit/8403546 ">8403546</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16122 ">#16122</a></li>
<li>fix(esbuild): update tsconfck to fix bug that could cause a deadlock
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16124 ">#16124</a>)
(<a href="https://github.com/vitejs/vite/commit/fd9de04 ">fd9de04</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16124 ">#16124</a></li>
<li>fix(worker): hide "The emitted file overwrites" warning if
the content is same (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16094 ">#16094</a>)
(<a href="https://github.com/vitejs/vite/commit/60dfa9e ">60dfa9e</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16094 ">#16094</a></li>
<li>fix(worker): throw error when circular worker import is detected and
support self referencing worker (<a
href="https://github.com/vitejs/vite/commit/eef9da1 ">eef9da1</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16103 ">#16103</a></li>
<li>style(utils): remove null check (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16112 ">#16112</a>)
(<a href="https://github.com/vitejs/vite/commit/0d2df52 ">0d2df52</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16112 ">#16112</a></li>
<li>refactor(runtime): share more code between runtime and main bundle
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16063 ">#16063</a>)
(<a href="https://github.com/vitejs/vite/commit/93be84e ">93be84e</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16063 ">#16063</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6f7466e621
"><code>6f7466e</code></a>
release: v5.1.6</li>
<li><a
href="a862ecb941
"><code>a862ecb</code></a>
chore(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16131 ">#16131</a>)</li>
<li><a
href="840354601a
"><code>8403546</code></a>
fix: server middleware mode resolve (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16122 ">#16122</a>)</li>
<li><a
href="b6fb3235c3
"><code>b6fb323</code></a>
fix: check for publicDir before checking if it is a parent directory (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16046 ">#16046</a>)</li>
<li><a
href="fd9de0473e
"><code>fd9de04</code></a>
fix(esbuild): update tsconfck to fix bug that could cause a deadlock (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16124 ">#16124</a>)</li>
<li><a
href="f6991948f5
"><code>f699194</code></a>
fix: handle function property extension in namespace import (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16113 ">#16113</a>)</li>
<li><a
href="0d2df52716
"><code>0d2df52</code></a>
style(utils): remove null check (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16112 ">#16112</a>)</li>
<li><a
href="eef9da13d0
"><code>eef9da1</code></a>
fix(worker): throw error when circular worker import is detected and
support ...</li>
<li><a
href="60dfa9e15c
"><code>60dfa9e</code></a>
fix(worker): hide "The emitted file overwrites" warning if the
content is sam...</li>
<li><a
href="93be84eccd
"><code>93be84e</code></a>
refactor(runtime): share more code between runtime and main bundle (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16063 ">#16063</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vitejs/vite/commits/v5.1.6/packages/vite ">compare
view</a></li>
</ul>
</details>
<br />
Updates `follow-redirects` from 1.15.5 to 1.15.6
<details>
<summary>Commits</summary>
<ul>
<li><a
href="35a517c586
"><code>35a517c</code></a>
Release version 1.15.6 of the npm package.</li>
<li><a
href="c4f847f851
"><code>c4f847f</code></a>
Drop Proxy-Authorization across hosts.</li>
<li><a
href="8526b4a1b2
"><code>8526b4a</code></a>
Use GitHub for disclosure.</li>
<li>See full diff in <a
href="https://github.com/follow-redirects/follow-redirects/compare/v1.15.5...v1.15.6 ">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/tldraw/tldraw/network/alerts ).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-17 13:28:02 +00:00
David Sheldrick
8e23a253fc
[perf] Reinstate render throttling ( #3160 )
...
Follow up to #3129
### Change Type
<!-- ❗ Please select a 'Scope' label ❗ ️ -->
- [x] `sdk` — Changes the tldraw SDK
- [x] `improvement` — Improving existing features
### Test Plan
1. Add a step-by-step description of how to test your PR here.
2.
- [ ] Unit Tests
- [ ] End to end tests
### Release Notes
- Add a brief release note for your PR here.
2024-03-15 16:18:23 +00:00
David Sheldrick
44a3ea7363
[docs] Sync docs deploy with npm deploy ( #3153 )
...
This PR makes it so that our docs deployment process is tied to, and
mirrors, the npm deployment process.
From here on:
- Commits to main get deployed to staging.tldraw.dev
- Commits to a special protected branch called `docs-production` get
deployed to www.tldraw.dev
- Whenever we create a new npm 'latest' release we reset the HEAD of
docs-production to point to the tagged commit for that release.
- If we make a docs change that we want to appear on tldraw.dev ASAP
without waiting for the next npm release, we'll have to follow the same
process as for creating a patch release i.e merge a cherry-pick PR
targeting the latest release branch e.g. `v2.0.x`. This will not cause
another npm patch release unless the cherry-picked changes touch source
files, e.g. updating TSDoc comments.
### Change Type
- [x] `docs` — Changes to the documentation, examples, or templates.
- [x] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
2024-03-14 14:43:32 +00:00
David Sheldrick
b9547c2e6b
[DX] PR labels revamp ( #3112 )
...
This PR switches up how PR labels are validated to allow for more
freeform label tweaking in the future. Basically **huppy will now only
check that your PR is labelled, it doesn't care how it's labelled**. I
also updated the PR template with a new labelling scheme that we can
tweak over time.
So before Huppy bot had to know about the specific set of allowed
labels, and now as long as the label exists you're allowed to add it.
So to add a new label to the PR template, just create the label and then
add an option for it in the .md file.
### Change Type
- [ ] `patch` — Bug fix
- [ ] `minor` — New feature
- [ ] `major` — Breaking change
- [ ] `dependencies` — Changes to package dependencies[^1]
- [ ] `documentation` — Changes to the documentation only[^2]
- [ ] `tests` — Changes to any test code only[^2]
- [x] `internal` — Any other changes that don't affect the published
package[^2]
- [ ] I don't know
2024-03-12 14:53:57 +00:00
Mitja Bezenšek
26e1e98366
Revert throttling of useValue and useStateTracking. ( #3129 )
...
Reverts the changes to the `state` package that were made in #2977 .
Should fix the issue with shape jittering discovered during QA.
### Change Type
- [x] `patch` — Bug fix
- [ ] `minor` — New feature
- [ ] `major` — Breaking change
- [ ] `dependencies` — Changes to package dependencies[^1]
- [ ] `documentation` — Changes to the documentation only[^2]
- [ ] `tests` — Changes to any test code only[^2]
- [ ] `internal` — Any other changes that don't affect the published
package[^2]
- [ ] I don't know
[^1]: publishes a `patch` release, for devDependencies use `internal`
[^2]: will not publish a new version
### Test Plan
1. Create some shapes (draw shapes work well).
2. Open the same room in a second browser.
3. Resize shapes (using option / alt makes it more obvious).
4. The shapes should not jitter in any of the screens.
2024-03-12 13:57:53 +00:00
Mitja Bezenšek
b5aff00c89
Performance improvements ( #2977 )
...
This PR does a few things to help with performance:
1. Instead of doing changes on raf we now do them 60 times per second.
This limits the number of updates on high refresh rate screens like the
iPad. With the current code this only applied to the history updates (so
when you subscribed to the updates), but the next point takes this a bit
futher.
2. We now trigger react updates 60 times per second. This is a change in
`useValue` and `useStateTracking` hooks.
3. We now throttle the inputs (like the `pointerMove`) in state nodes.
This means we batch multiple inputs and only apply them at most 60 times
per second.
We had to adjust our own tests to pass after this change so I marked
this as major as it might require the users of the library to do the
same.
Few observations:
- The browser calls the raf callbacks when it can. If it gets
overwhelmed it will call them further and further apart. As things call
down it will start calling them more frequently again. You can clearly
see this in the drawing example. When fps gets to a certain level we
start to get fewer updates, then fps can recover a bit. This makes the
experience quite janky. The updates can be kinda ok one second (dropping
frames, but consistently) and then they can completely stop and you have
to let go of the mouse to make them happen again. With the new logic it
seems everything is a lot more consistent.
- We might look into variable refresh rates to prevent this overtaxing
of the browser. Like when we see that the times between our updates are
getting higher we could make the updates less frequent. If we then see
that they are happening more often we could ramp them back up. I had an
[experiment for this
here](4834863966 (diff-318e71563d7c47173f89ec084ca44417cf70fc72faac85b96f48b856a8aec466L30-L35)
).
Few tests below. Used 6x slowdown for these.
# Resizing
### Before
https://github.com/tldraw/tldraw/assets/2523721/798a033f-5dfa-419e-9a2d-fd8908272ba0
### After
https://github.com/tldraw/tldraw/assets/2523721/45870a0c-c310-4be0-b63c-6c92c20ca037
# Drawing
Comparison is not 100% fair, we don't store the intermediate inputs
right now. That said, tick should still only produce once update so I do
think we can get a sense of the differences.
### Before
https://github.com/tldraw/tldraw/assets/2523721/2e8ac8c5-bbdf-484b-bb0c-70c967f4541c
### After
https://github.com/tldraw/tldraw/assets/2523721/8f54b7a8-9a0e-4a39-b168-482caceb0149
### Change Type
- [ ] `patch` — Bug fix
- [ ] `minor` — New feature
- [x] `major` — Breaking change
- [ ] `dependencies` — Changes to package dependencies[^1]
- [ ] `documentation` — Changes to the documentation only[^2]
- [ ] `tests` — Changes to any test code only[^2]
- [ ] `internal` — Any other changes that don't affect the published
package[^2]
- [ ] I don't know
[^1]: publishes a `patch` release, for devDependencies use `internal`
[^2]: will not publish a new version
### Release Notes
- Improves the performance of rendering.
---------
Co-authored-by: Steve Ruiz <steveruizok@gmail.com>
2024-03-11 13:17:31 +00:00
dependabot[bot]
47420d7476
Bump the npm_and_yarn group across 3 directories with 3 updates ( #3087 )
...
Bumps the npm_and_yarn group with 3 updates in the / directory:
[next](https://github.com/vercel/next.js ),
[vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite ) and
[jose](https://github.com/panva/jose ).
Bumps the npm_and_yarn group with 1 update in the /templates/nextjs
directory: [next](https://github.com/vercel/next.js ).
Updates `next` from 14.0.4 to 14.1.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vercel/next.js/releases ">next's
releases</a>.</em></p>
<blockquote>
<h2>v14.1.2</h2>
<p><em>Note: this is a backport release for critical bug fixes -- this
does not include all pending features/changes on canary</em></p>
<h3>Core Changes</h3>
<ul>
<li>Fix sitemap generateSitemaps support for string id (<a
href="https://redirect.github.com/vercel/next.js/issues/61088 ">#61088</a>)</li>
<li>Fix: generateSitemaps in production giving 404 (<a
href="https://redirect.github.com/vercel/next.js/issues/62212 ">#62212</a>)</li>
<li>Fix redirect under suspense boundary with basePath (<a
href="https://redirect.github.com/vercel/next.js/issues/62597 ">#62597</a>)</li>
<li>Fix: Add stricter check for "use server" exports (<a
href="https://redirect.github.com/vercel/next.js/issues/62821 ">#62821</a>)</li>
<li>ensure server action errors notify rejection handlers (<a
href="https://redirect.github.com/vercel/next.js/issues/61588 ">#61588</a>)</li>
<li>make router restore action resilient to a missing tree (<a
href="https://redirect.github.com/vercel/next.js/issues/62098 ">#62098</a>)</li>
<li>build: remove sentry from the externals list <a
href="https://redirect.github.com/vercel/next.js/issues/61194 ">#61194</a></li>
<li>Reduce memory/cache overhead from over loader processing <a
href="https://redirect.github.com/vercel/next.js/issues/62005 ">#62005</a></li>
</ul>
<h3>Credits</h3>
<p>Huge thanks to <a
href="https://github.com/huozhi "><code>@huozhi</code></a>, <a
href="https://github.com/shuding "><code>@shuding</code></a>, <a
href="https://github.com/Ethan-Arrowood "><code>@Ethan-Arrowood</code></a>,
<a href="https://github.com/styfle "><code>@styfle</code></a>, <a
href="https://github.com/ijjk "><code>@ijjk</code></a>, <a
href="https://github.com/ztanner "><code>@ztanner</code></a>, <a
href="https://github.com/balazsorban44 "><code>@balazsorban44</code></a>,
<a href="https://github.com/kdy1 "><code>@kdy1</code></a>, and <a
href="https://github.com/williamli "><code>@williamli</code></a> for
helping!</p>
<h2>v14.1.2-canary.7</h2>
<h3>Core Changes</h3>
<ul>
<li>remove reducer unit tests: <a
href="https://redirect.github.com/vercel/next.js/issues/62766 ">#62766</a></li>
</ul>
<h3>Documentation Changes</h3>
<ul>
<li>Update sitemap.mdx: <a
href="https://redirect.github.com/vercel/next.js/issues/62809 ">#62809</a></li>
</ul>
<h3>Credits</h3>
<p>Huge thanks to <a
href="https://github.com/ztanner "><code>@ztanner</code></a> and <a
href="https://github.com/devr77 "><code>@devr77</code></a> for
helping!</p>
<h2>v14.1.2-canary.6</h2>
<h3>Core Changes</h3>
<ul>
<li>fix: Add stricter check for "use server" exports: <a
href="https://redirect.github.com/vercel/next.js/issues/62821 ">#62821</a></li>
<li>fix(next-core): throw on invalid metadata handler: <a
href="https://redirect.github.com/vercel/next.js/issues/62829 ">#62829</a></li>
<li>Revert "Add experimental config for navigation raf test (<a
href="https://redirect.github.com/vercel/next.js/issues/62668 ">#62668</a>)":
<a
href="https://redirect.github.com/vercel/next.js/issues/62834 ">#62834</a></li>
<li>Revert "refactor(analysis): rust based page-static-info,
deprecate js parse interface in next-swc": <a
href="https://redirect.github.com/vercel/next.js/issues/62838 ">#62838</a></li>
</ul>
<h3>Example Changes</h3>
<ul>
<li>Fix with-supertokens example: <a
href="https://redirect.github.com/vercel/next.js/issues/62817 ">#62817</a></li>
</ul>
<h3>Credits</h3>
<p>Huge thanks to <a
href="https://github.com/shuding "><code>@shuding</code></a>, <a
href="https://github.com/kwonoj "><code>@kwonoj</code></a>, <a
href="https://github.com/ijjk "><code>@ijjk</code></a>, and <a
href="https://github.com/timneutkens "><code>@timneutkens</code></a> for
helping!</p>
<h2>v14.1.2-canary.5</h2>
<h3>Core Changes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fc38ee190c
"><code>fc38ee1</code></a>
v14.1.3</li>
<li><a
href="85a5c4d1ee
"><code>85a5c4d</code></a>
fix type</li>
<li><a
href="4b059bc042
"><code>4b059bc</code></a>
Upgrade to latest <a
href="https://github.com/edge-runtime "><code>@edge-runtime</code></a>
packages (<a
href="https://redirect.github.com/vercel/next.js/issues/62955 ">#62955</a>)</li>
<li><a
href="b10a6105a9
"><code>b10a610</code></a>
Fix output: export with custom distDir (<a
href="https://redirect.github.com/vercel/next.js/issues/62064 ">#62064</a>)</li>
<li><a
href="960b738b8a
"><code>960b738</code></a>
Migrate locale redirect handling to router-server (<a
href="https://redirect.github.com/vercel/next.js/issues/62606 ">#62606</a>)</li>
<li><a
href="2f210d448a
"><code>2f210d4</code></a>
update release workflow</li>
<li><a
href="f564deef86
"><code>f564dee</code></a>
v14.1.2</li>
<li><a
href="a85519e715
"><code>a85519e</code></a>
Fix sitemap generateSitemaps support for string id (<a
href="https://redirect.github.com/vercel/next.js/issues/61088 ">#61088</a>)</li>
<li><a
href="0a2d7754ed
"><code>0a2d775</code></a>
Fix: generateSitemaps in production giving 404 (<a
href="https://redirect.github.com/vercel/next.js/issues/62212 ">#62212</a>)</li>
<li><a
href="400b57cf22
"><code>400b57c</code></a>
Fix redirect under suspense boundary with basePath (<a
href="https://redirect.github.com/vercel/next.js/issues/62597 ">#62597</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vercel/next.js/compare/v14.0.4...v14.1.3 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `vite` from 5.1.4 to 5.1.5
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md ">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->5.1.5 (2024-03-04)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: <code>__vite__mapDeps</code> code injection (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15732 ">#15732</a>)
(<a href="https://github.com/vitejs/vite/commit/aff54e1 ">aff54e1</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15732 ">#15732</a></li>
<li>fix: analysing build chunk without dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15469 ">#15469</a>)
(<a href="https://github.com/vitejs/vite/commit/bd52283 ">bd52283</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15469 ">#15469</a></li>
<li>fix: import with query with imports field (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16085 ">#16085</a>)
(<a href="https://github.com/vitejs/vite/commit/ab823ab ">ab823ab</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16085 ">#16085</a></li>
<li>fix: normalize literal-only entry pattern (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16010 ">#16010</a>)
(<a href="https://github.com/vitejs/vite/commit/1dccc37 ">1dccc37</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16010 ">#16010</a></li>
<li>fix: optimizeDeps.entries with literal-only pattern(s) (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15853 ">#15853</a>)
(<a href="https://github.com/vitejs/vite/commit/49300b3 ">49300b3</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15853 ">#15853</a></li>
<li>fix: output correct error for empty import specifier (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16055 ">#16055</a>)
(<a href="https://github.com/vitejs/vite/commit/a9112eb ">a9112eb</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16055 ">#16055</a></li>
<li>fix: upgrade esbuild to 0.20.x (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16062 ">#16062</a>)
(<a href="https://github.com/vitejs/vite/commit/899d9b1 ">899d9b1</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16062 ">#16062</a></li>
<li>fix(runtime): runtime HMR affects only imported files (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15898 ">#15898</a>)
(<a href="https://github.com/vitejs/vite/commit/57463fc ">57463fc</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15898 ">#15898</a></li>
<li>fix(scanner): respect <code>experimentalDecorators: true</code> (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15206 ">#15206</a>)
(<a href="https://github.com/vitejs/vite/commit/4144781 ">4144781</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15206 ">#15206</a></li>
<li>revert: "fix: upgrade esbuild to 0.20.x" (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16072 ">#16072</a>)
(<a href="https://github.com/vitejs/vite/commit/11cceea ">11cceea</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16072 ">#16072</a></li>
<li>refactor: share code with vite runtime (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15907 ">#15907</a>)
(<a href="https://github.com/vitejs/vite/commit/b20d542 ">b20d542</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15907 ">#15907</a></li>
<li>refactor(runtime): use functions from <code>pathe</code> (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16061 ">#16061</a>)
(<a href="https://github.com/vitejs/vite/commit/aac2ef7 ">aac2ef7</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16061 ">#16061</a></li>
<li>chore(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16028 ">#16028</a>)
(<a href="https://github.com/vitejs/vite/commit/7cfe80d ">7cfe80d</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/16028 ">#16028</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2af1ae807d
"><code>2af1ae8</code></a>
release: v5.1.5</li>
<li><a
href="bd52283a70
"><code>bd52283</code></a>
fix: analysing build chunk without dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15469 ">#15469</a>)</li>
<li><a
href="ab823ab618
"><code>ab823ab</code></a>
fix: import with query with imports field (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16085 ">#16085</a>)</li>
<li><a
href="11cceeab39
"><code>11cceea</code></a>
revert: "fix: upgrade esbuild to 0.20.x" (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16072 ">#16072</a>)</li>
<li><a
href="899d9b1d27
"><code>899d9b1</code></a>
fix: upgrade esbuild to 0.20.x (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16062 ">#16062</a>)</li>
<li><a
href="aac2ef7752
"><code>aac2ef7</code></a>
refactor(runtime): use functions from <code>pathe</code> (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16061 ">#16061</a>)</li>
<li><a
href="a9112ebb21
"><code>a9112eb</code></a>
fix: output correct error for empty import specifier (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16055 ">#16055</a>)</li>
<li><a
href="1dccc3713a
"><code>1dccc37</code></a>
fix: normalize literal-only entry pattern (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16010 ">#16010</a>)</li>
<li><a
href="7cfe80d0df
"><code>7cfe80d</code></a>
chore(deps): update all non-major dependencies (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/16028 ">#16028</a>)</li>
<li><a
href="b20d54257e
"><code>b20d542</code></a>
refactor: share code with vite runtime (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15907 ">#15907</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vitejs/vite/commits/v5.1.5/packages/vite ">compare
view</a></li>
</ul>
</details>
<br />
Updates `jose` from 4.15.4 to 4.15.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/panva/jose/releases ">jose's
releases</a>.</em></p>
<blockquote>
<h2>v4.15.5</h2>
<h3>Fixes</h3>
<ul>
<li>add a maxOutputLength option to zlib inflate (<a
href="1b91d88d2f
">1b91d88</a>),
fixes <a
href="https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q ">CVE-2024-28176</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/panva/jose/blob/v4.15.5/CHANGELOG.md ">jose's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/panva/jose/compare/v4.15.4...v4.15.5 ">4.15.5</a>
(2024-03-07)</h2>
<h3>Fixes</h3>
<ul>
<li>add a maxOutputLength option to zlib inflate (<a
href="1b91d88d2f
">1b91d88</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="765aafd226
"><code>765aafd</code></a>
chore(release): 4.15.5</li>
<li><a
href="b36e45e008
"><code>b36e45e</code></a>
test: add export check to x509 pem import tests</li>
<li><a
href="e839ecbd79
"><code>e839ecb</code></a>
test: stop testing JWE RSA1_5 Algorithm</li>
<li><a
href="1b91d88d2f
"><code>1b91d88</code></a>
fix: add a maxOutputLength option to zlib inflate</li>
<li><a
href="9ca2b2427d
"><code>9ca2b24</code></a>
build: remove release action</li>
<li><a
href="f3035d8897
"><code>f3035d8</code></a>
chore: cleanup after release</li>
<li>See full diff in <a
href="https://github.com/panva/jose/compare/v4.15.4...v4.15.5 ">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~panva ">panva</a>, a new releaser for jose
since your current version.</p>
</details>
<br />
Updates `next` from 13.4.6 to 13.5.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vercel/next.js/releases ">next's
releases</a>.</em></p>
<blockquote>
<h2>v14.1.2</h2>
<p><em>Note: this is a backport release for critical bug fixes -- this
does not include all pending features/changes on canary</em></p>
<h3>Core Changes</h3>
<ul>
<li>Fix sitemap generateSitemaps support for string id (<a
href="https://redirect.github.com/vercel/next.js/issues/61088 ">#61088</a>)</li>
<li>Fix: generateSitemaps in production giving 404 (<a
href="https://redirect.github.com/vercel/next.js/issues/62212 ">#62212</a>)</li>
<li>Fix redirect under suspense boundary with basePath (<a
href="https://redirect.github.com/vercel/next.js/issues/62597 ">#62597</a>)</li>
<li>Fix: Add stricter check for "use server" exports (<a
href="https://redirect.github.com/vercel/next.js/issues/62821 ">#62821</a>)</li>
<li>ensure server action errors notify rejection handlers (<a
href="https://redirect.github.com/vercel/next.js/issues/61588 ">#61588</a>)</li>
<li>make router restore action resilient to a missing tree (<a
href="https://redirect.github.com/vercel/next.js/issues/62098 ">#62098</a>)</li>
<li>build: remove sentry from the externals list <a
href="https://redirect.github.com/vercel/next.js/issues/61194 ">#61194</a></li>
<li>Reduce memory/cache overhead from over loader processing <a
href="https://redirect.github.com/vercel/next.js/issues/62005 ">#62005</a></li>
</ul>
<h3>Credits</h3>
<p>Huge thanks to <a
href="https://github.com/huozhi "><code>@huozhi</code></a>, <a
href="https://github.com/shuding "><code>@shuding</code></a>, <a
href="https://github.com/Ethan-Arrowood "><code>@Ethan-Arrowood</code></a>,
<a href="https://github.com/styfle "><code>@styfle</code></a>, <a
href="https://github.com/ijjk "><code>@ijjk</code></a>, <a
href="https://github.com/ztanner "><code>@ztanner</code></a>, <a
href="https://github.com/balazsorban44 "><code>@balazsorban44</code></a>,
<a href="https://github.com/kdy1 "><code>@kdy1</code></a>, and <a
href="https://github.com/williamli "><code>@williamli</code></a> for
helping!</p>
<h2>v14.1.2-canary.7</h2>
<h3>Core Changes</h3>
<ul>
<li>remove reducer unit tests: <a
href="https://redirect.github.com/vercel/next.js/issues/62766 ">#62766</a></li>
</ul>
<h3>Documentation Changes</h3>
<ul>
<li>Update sitemap.mdx: <a
href="https://redirect.github.com/vercel/next.js/issues/62809 ">#62809</a></li>
</ul>
<h3>Credits</h3>
<p>Huge thanks to <a
href="https://github.com/ztanner "><code>@ztanner</code></a> and <a
href="https://github.com/devr77 "><code>@devr77</code></a> for
helping!</p>
<h2>v14.1.2-canary.6</h2>
<h3>Core Changes</h3>
<ul>
<li>fix: Add stricter check for "use server" exports: <a
href="https://redirect.github.com/vercel/next.js/issues/62821 ">#62821</a></li>
<li>fix(next-core): throw on invalid metadata handler: <a
href="https://redirect.github.com/vercel/next.js/issues/62829 ">#62829</a></li>
<li>Revert "Add experimental config for navigation raf test (<a
href="https://redirect.github.com/vercel/next.js/issues/62668 ">#62668</a>)":
<a
href="https://redirect.github.com/vercel/next.js/issues/62834 ">#62834</a></li>
<li>Revert "refactor(analysis): rust based page-static-info,
deprecate js parse interface in next-swc": <a
href="https://redirect.github.com/vercel/next.js/issues/62838 ">#62838</a></li>
</ul>
<h3>Example Changes</h3>
<ul>
<li>Fix with-supertokens example: <a
href="https://redirect.github.com/vercel/next.js/issues/62817 ">#62817</a></li>
</ul>
<h3>Credits</h3>
<p>Huge thanks to <a
href="https://github.com/shuding "><code>@shuding</code></a>, <a
href="https://github.com/kwonoj "><code>@kwonoj</code></a>, <a
href="https://github.com/ijjk "><code>@ijjk</code></a>, and <a
href="https://github.com/timneutkens "><code>@timneutkens</code></a> for
helping!</p>
<h2>v14.1.2-canary.5</h2>
<h3>Core Changes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fc38ee190c
"><code>fc38ee1</code></a>
v14.1.3</li>
<li><a
href="85a5c4d1ee
"><code>85a5c4d</code></a>
fix type</li>
<li><a
href="4b059bc042
"><code>4b059bc</code></a>
Upgrade to latest <a
href="https://github.com/edge-runtime "><code>@edge-runtime</code></a>
packages (<a
href="https://redirect.github.com/vercel/next.js/issues/62955 ">#62955</a>)</li>
<li><a
href="b10a6105a9
"><code>b10a610</code></a>
Fix output: export with custom distDir (<a
href="https://redirect.github.com/vercel/next.js/issues/62064 ">#62064</a>)</li>
<li><a
href="960b738b8a
"><code>960b738</code></a>
Migrate locale redirect handling to router-server (<a
href="https://redirect.github.com/vercel/next.js/issues/62606 ">#62606</a>)</li>
<li><a
href="2f210d448a
"><code>2f210d4</code></a>
update release workflow</li>
<li><a
href="f564deef86
"><code>f564dee</code></a>
v14.1.2</li>
<li><a
href="a85519e715
"><code>a85519e</code></a>
Fix sitemap generateSitemaps support for string id (<a
href="https://redirect.github.com/vercel/next.js/issues/61088 ">#61088</a>)</li>
<li><a
href="0a2d7754ed
"><code>0a2d775</code></a>
Fix: generateSitemaps in production giving 404 (<a
href="https://redirect.github.com/vercel/next.js/issues/62212 ">#62212</a>)</li>
<li><a
href="400b57cf22
"><code>400b57c</code></a>
Fix redirect under suspense boundary with basePath (<a
href="https://redirect.github.com/vercel/next.js/issues/62597 ">#62597</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vercel/next.js/compare/v14.0.4...v14.1.3 ">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/tldraw/tldraw/network/alerts ).
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Mitja Bezenšek <mitja.bezensek@gmail.com>
2024-03-11 12:16:46 +00:00
Dan Groshev
c3e8628680
Better websocket reconnection handling ( #2960 )
...
Right now it's fairly easy to encounter a situation when a tab coming
online wouldn't recognise that the connection can now be reestablished
for a while. This PR cleans up reconnection logic, reenables tests, and
makes sure we get online as robustly as possible.
### Change Type
- [x] `patch` — Bug fix
### Test Plan
1. Check that reconnection works as expected
- [x] End to end tests
---------
Co-authored-by: David Sheldrick <d.j.sheldrick@gmail.com>
2024-03-04 16:48:14 +00:00
alex
8adaaf8e22
Revert "Protect local storage calls ( #3043 )" ( #3063 )
...
This reverts commit 2f28d7c6f8
.
### Change Type
- [x] `patch` — Bug fix
2024-03-04 15:48:31 +00:00
Steve Ruiz
2f28d7c6f8
Protect local storage calls ( #3043 )
...
This PR provides some safe wrappers for local storage calls. Local
storage is not available in all environments (for example, a React
Native web view). The PR also adds an eslint rule preventing direct
calls to local / session storage.
### Change Type
- [x] `patch` — Bug fix
### Release Notes
- Fixes a bug that could cause crashes in React Native webviews.
2024-03-04 13:37:09 +00:00
dependabot[bot]
c3f0fd5f1e
Bump the npm_and_yarn group group with 7 updates ( #2982 )
...
Bumps the npm_and_yarn group group with 7 updates:
| Package | From | To |
| --- | --- | --- |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite ) |
`5.0.11` | `5.0.12` |
|
[wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler )
| `3.16.0` | `3.19.0` |
| [semver](https://github.com/npm/node-semver ) | `7.5.4` | `7.6.0` |
| [es5-ext](https://github.com/medikoo/es5-ext ) | `0.10.62` | `0.10.64`
|
| [ip](https://github.com/indutny/node-ip ) | `1.1.8` | `1.1.9` |
|
[miniflare](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare )
| `3.20231030.0` | `3.20231030.3` |
| [undici](https://github.com/nodejs/undici ) | `5.28.2` | `5.28.3` |
Updates `vite` from 5.0.11 to 5.0.12
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v5.0.12/packages/vite/CHANGELOG.md ">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->5.0.12 (2024-01-19)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: await <code>configResolved</code> hooks of worker plugins (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15597 ">#15597</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15605 ">#15605</a>)
(<a href="https://github.com/vitejs/vite/commit/ef89f80 ">ef89f80</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15597 ">#15597</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/15605 ">#15605</a></li>
<li>fix: fs deny for case insensitive systems (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15653 ">#15653</a>)
(<a href="https://github.com/vitejs/vite/commit/91641c4 ">91641c4</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15653 ">#15653</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ee81e19676
"><code>ee81e19</code></a>
release: v5.0.12</li>
<li><a
href="91641c4da0
"><code>91641c4</code></a>
fix: fs deny for case insensitive systems (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15653 ">#15653</a>)</li>
<li><a
href="ef89f8092f
"><code>ef89f80</code></a>
fix: await <code>configResolved</code> hooks of worker plugins (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15597 ">#15597</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15605 ">#15605</a>)</li>
<li>See full diff in <a
href="https://github.com/vitejs/vite/commits/v5.0.12/packages/vite ">compare
view</a></li>
</ul>
</details>
<br />
Updates `wrangler` from 3.16.0 to 3.19.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cloudflare/workers-sdk/releases ">wrangler's
releases</a>.</em></p>
<blockquote>
<h2>wrangler@3.19.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4547 ">#4547</a>
<a
href="86c81ff0d5
"><code>86c81ff0</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
fix: listen on IPv4 loopback only by default on Windows</p>
<p>Due to a <a
href="https://redirect.github.com/cloudflare/workerd/issues/1408 ">known
issue</a>, <code>workerd</code> will only listen on the IPv4 loopback
address <code>127.0.0.1</code> when it's asked to listen on
<code>localhost</code>. On Node.js > 17, <code>localhost</code> will
resolve to the IPv6 loopback address, meaning requests to
<code>workerd</code> would fail. This change switches to using the IPv4
loopback address throughout Wrangler on Windows, while <a
href="https://redirect.github.com/cloudflare/workerd/issues/1408 ">workerd#1408</a>
gets fixed.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4535 ">#4535</a>
<a
href="29df8e1754
"><code>29df8e17</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
Reintroduces some internal refactorings of wrangler dev servers
(including <code>wrangler dev</code>, <code>wrangler dev
--remote</code>, and <code>unstable_dev()</code>).</p>
<p>These changes were released in 3.13.0 and reverted in 3.13.1 -- we
believe the changes are now more stable and ready for release again.</p>
<p>There are no changes required for developers to opt-in. Improvements
include:</p>
<ul>
<li>fewer 'address in use' errors upon reloads</li>
<li>upon config/source file changes, requests are buffered to guarantee
the response is from the new version of the Worker</li>
</ul>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4521 ">#4521</a>
<a
href="6c5bc704c5
"><code>6c5bc704</code></a>
Thanks <a href="https://github.com/zebp "><code>@zebp</code></a>! - fix:
init from dash specifying explicit usage model in wrangler.toml for
standard users</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550 ">#4550</a>
<a
href="63708a94fb
"><code>63708a94</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
fix: validate <code>Host</code> and <code>Orgin</code> headers where
appropriate</p>
<p><code>Host</code> and <code>Origin</code> headers are now checked
when connecting to the inspector and Miniflare's magic proxy. If these
don't match what's expected, the request will fail.</p>
</li>
<li>
<p>Updated dependencies [<a
href="71fb0b86cf
"><code>71fb0b86</code></a>,
<a
href="63708a94fb
"><code>63708a94</code></a>]:</p>
<ul>
<li>miniflare@3.20231030.3</li>
</ul>
</li>
</ul>
<h2>wrangler@3.18.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4532 ">#4532</a>
<a
href="311ffbd506
"><code>311ffbd5</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
fix: change <code>wrangler (pages) dev</code> to listen on
<code>localhost</code> by default</p>
<p>Previously, Wrangler listened on all interfaces (<code>*</code>) by
default. This change switches <code>wrangler (pages) dev</code> to just
listen on local interfaces. Whilst this is technically a breaking
change, we've decided the security benefits outweigh the potential
disruption caused. If you need to access your dev server from another
device on your network, you can use <code>wrangler (pages) dev --ip
*</code> to restore the previous behaviour.</p>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [<a
href="1b34878287
"><code>1b348782</code></a>]:
<ul>
<li>miniflare@3.20231030.2</li>
</ul>
</li>
</ul>
<h2>wrangler@3.17.1</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4474 ">#4474</a>
<a
href="382ef8f580
"><code>382ef8f5</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
fix: open browser to correct url pressing <code>b</code> in
<code>--remote</code> mode</p>
<p>This change ensures Wrangler doesn't try to open
<code>http://*</code> when <code>*</code> is used as the dev server's
hostname. Instead, Wrangler will now open
<code>http://127.0.0.1 </code>.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4488 ">#4488</a>
<a
href="3bd5723852
"><code>3bd57238</code></a>
Thanks <a
href="https://github.com/RamIdeas "><code>@RamIdeas</code></a>! -
Changes the default directory for log files to workaround frameworks
that are watching the entire <code>.wrangler</code> directory in the
project root for changes</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/cloudflare/workers-sdk/blob/main/packages/wrangler/CHANGELOG.md ">wrangler's
changelog</a>.</em></p>
<blockquote>
<h2>3.19.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4547 ">#4547</a>
<a
href="86c81ff0d5
"><code>86c81ff0</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
fix: listen on IPv4 loopback only by default on Windows</p>
<p>Due to a <a
href="https://redirect.github.com/cloudflare/workerd/issues/1408 ">known
issue</a>, <code>workerd</code> will only listen on the IPv4 loopback
address <code>127.0.0.1</code> when it's asked to listen on
<code>localhost</code>. On Node.js > 17, <code>localhost</code> will
resolve to the IPv6 loopback address, meaning requests to
<code>workerd</code> would fail. This change switches to using the IPv4
loopback address throughout Wrangler on Windows, while <a
href="https://redirect.github.com/cloudflare/workerd/issues/1408 ">workerd#1408</a>
gets fixed.</p>
</li>
</ul>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4535 ">#4535</a>
<a
href="29df8e1754
"><code>29df8e17</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
Reintroduces some internal refactorings of wrangler dev servers
(including <code>wrangler dev</code>, <code>wrangler dev
--remote</code>, and <code>unstable_dev()</code>).</p>
<p>These changes were released in 3.13.0 and reverted in 3.13.1 -- we
believe the changes are now more stable and ready for release again.</p>
<p>There are no changes required for developers to opt-in. Improvements
include:</p>
<ul>
<li>fewer 'address in use' errors upon reloads</li>
<li>upon config/source file changes, requests are buffered to guarantee
the response is from the new version of the Worker</li>
</ul>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4521 ">#4521</a>
<a
href="6c5bc704c5
"><code>6c5bc704</code></a>
Thanks <a href="https://github.com/zebp "><code>@zebp</code></a>! - fix:
init from dash specifying explicit usage model in wrangler.toml for
standard users</li>
</ul>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550 ">#4550</a>
<a
href="63708a94fb
"><code>63708a94</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
fix: validate <code>Host</code> and <code>Orgin</code> headers where
appropriate</p>
<p><code>Host</code> and <code>Origin</code> headers are now checked
when connecting to the inspector and Miniflare's magic proxy. If these
don't match what's expected, the request will fail.</p>
</li>
<li>
<p>Updated dependencies [<a
href="71fb0b86cf
"><code>71fb0b86</code></a>,
<a
href="63708a94fb
"><code>63708a94</code></a>]:</p>
<ul>
<li>miniflare@3.20231030.3</li>
</ul>
</li>
</ul>
<h2>3.18.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4532 ">#4532</a>
<a
href="311ffbd506
"><code>311ffbd5</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
fix: change <code>wrangler (pages) dev</code> to listen on
<code>localhost</code> by default</p>
<p>Previously, Wrangler listened on all interfaces (<code>*</code>) by
default. This change switches <code>wrangler (pages) dev</code> to just
listen on local interfaces. Whilst this is technically a breaking
change, we've decided the security benefits outweigh the potential
disruption caused. If you need to access your dev server from another
device on your network, you can use <code>wrangler (pages) dev --ip
*</code> to restore the previous behaviour.</p>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [<a
href="1b34878287
"><code>1b348782</code></a>]:
<ul>
<li>miniflare@3.20231030.2</li>
</ul>
</li>
</ul>
<h2>3.17.1</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4474 ">#4474</a>
<a
href="382ef8f580
"><code>382ef8f5</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
fix: open browser to correct url pressing <code>b</code> in
<code>--remote</code> mode</p>
<p>This change ensures Wrangler doesn't try to open
<code>http://*</code> when <code>*</code> is used as the dev server's
hostname. Instead, Wrangler will now open
<code>http://127.0.0.1 </code>.</p>
</li>
</ul>
<ul>
<li><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4488 ">#4488</a>
<a
href="3bd5723852
"><code>3bd57238</code></a>
Thanks <a
href="https://github.com/RamIdeas "><code>@RamIdeas</code></a>! -
Changes the default directory for log files to workaround frameworks
that are watching the entire <code>.wrangler</code> directory in the
project root for changes</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5e67ea176a
"><code>5e67ea1</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4536 ">#4536</a>)</li>
<li><a
href="63708a94fb
"><code>63708a9</code></a>
fix: validate <code>Host</code>/<code>Origin</code> headers in magic
proxy and `InspectorProxyWorke...</li>
<li><a
href="86c81ff0d5
"><code>86c81ff</code></a>
fix: listen on IPv4 loopback only by default on Windows (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4547 ">#4547</a>)</li>
<li><a
href="6c5bc704c5
"><code>6c5bc70</code></a>
fix: init from dash using explicit usage model for standard accounts (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4521 ">#4521</a>)</li>
<li><a
href="29df8e1754
"><code>29df8e1</code></a>
Revert "Revert "startDevWorker - Milestone 1 (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4497 ">#4497</a>)"
(<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4531 ">#4531</a>)"
(<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4535 ">#4535</a>)</li>
<li><a
href="97727de053
"><code>97727de</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4495 ">#4495</a>)</li>
<li><a
href="311ffbd506
"><code>311ffbd</code></a>
[wrangler] fix: change <code>wrangler (pages) dev</code> to listen on
<code>localhost</code> by def...</li>
<li><a
href="310281a48a
"><code>310281a</code></a>
Revert "startDevWorker - Milestone 1 (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4497 ">#4497</a>)"
(<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4531 ">#4531</a>)</li>
<li><a
href="01eda78025
"><code>01eda78</code></a>
startDevWorker - Milestone 1 (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4497 ">#4497</a>)</li>
<li><a
href="961c8eaaf3
"><code>961c8ea</code></a>
remove unused npx-import dependency (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4477 ">#4477</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cloudflare/workers-sdk/commits/wrangler@3.19.0/packages/wrangler ">compare
view</a></li>
</ul>
</details>
<br />
Updates `semver` from 7.5.4 to 7.6.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/releases ">semver's
releases</a>.</em></p>
<blockquote>
<h2>v7.6.0</h2>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0 ">7.6.0</a>
(2024-01-31)</h2>
<h3>Features</h3>
<ul>
<li><a
href="a7ab13a462
"><code>a7ab13a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/671 ">#671</a>
preserve pre-release and build parts of a version on coerce (<a
href="https://redirect.github.com/npm/node-semver/issues/671 ">#671</a>)
(<a href="https://github.com/madtisa "><code>@madtisa</code></a>,
madtisa, <a
href="https://github.com/wraithgar "><code>@wraithgar</code></a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="816c7b2cbf
"><code>816c7b2</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667 ">#667</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="0bd24d943c
"><code>0bd24d9</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667 ">#667</a>
bump <code>@npmcli/template-oss</code> from 4.21.1 to 4.21.3 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="e521932f11
"><code>e521932</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652 ">#652</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="8873991808
"><code>8873991</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652 ">#652</a>
chore: chore: postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="f317dc8689
"><code>f317dc8</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652 ">#652</a>
bump <code>@npmcli/template-oss</code> from 4.19.0 to 4.21.0 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="7303db1fe5
"><code>7303db1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/658 ">#658</a>
add clean() test for build metadata (<a
href="https://redirect.github.com/npm/node-semver/issues/658 ">#658</a>)
(<a
href="https://github.com/jethrodaniel "><code>@jethrodaniel</code></a>)</li>
<li><a
href="6240d75a7c
"><code>6240d75</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/656 ">#656</a>
add missing quotes in README.md (<a
href="https://redirect.github.com/npm/node-semver/issues/656 ">#656</a>)
(<a href="https://github.com/zyxkad "><code>@zyxkad</code></a>)</li>
<li><a
href="14d263faa1
"><code>14d263f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625 ">#625</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="7c34e1ac1b
"><code>7c34e1a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625 ">#625</a>
bump <code>@npmcli/template-oss</code> from 4.18.1 to 4.19.0 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="123e0b0328
"><code>123e0b0</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622 ">#622</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="737d5e1cf1
"><code>737d5e1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622 ">#622</a>
bump <code>@npmcli/template-oss</code> from 4.18.0 to 4.18.1 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="cce61804ba
"><code>cce6180</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598 ">#598</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="b914a3d0d2
"><code>b914a3d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598 ">#598</a>
bump <code>@npmcli/template-oss</code> from 4.17.0 to 4.18.0 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/blob/main/CHANGELOG.md ">semver's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0 ">7.6.0</a>
(2024-01-31)</h2>
<h3>Features</h3>
<ul>
<li><a
href="a7ab13a462
"><code>a7ab13a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/671 ">#671</a>
preserve pre-release and build parts of a version on coerce (<a
href="https://redirect.github.com/npm/node-semver/issues/671 ">#671</a>)
(<a href="https://github.com/madtisa "><code>@madtisa</code></a>,
madtisa, <a
href="https://github.com/wraithgar "><code>@wraithgar</code></a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="816c7b2cbf
"><code>816c7b2</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667 ">#667</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="0bd24d943c
"><code>0bd24d9</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667 ">#667</a>
bump <code>@npmcli/template-oss</code> from 4.21.1 to 4.21.3 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="e521932f11
"><code>e521932</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652 ">#652</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="8873991808
"><code>8873991</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652 ">#652</a>
chore: chore: postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="f317dc8689
"><code>f317dc8</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652 ">#652</a>
bump <code>@npmcli/template-oss</code> from 4.19.0 to 4.21.0 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="7303db1fe5
"><code>7303db1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/658 ">#658</a>
add clean() test for build metadata (<a
href="https://redirect.github.com/npm/node-semver/issues/658 ">#658</a>)
(<a
href="https://github.com/jethrodaniel "><code>@jethrodaniel</code></a>)</li>
<li><a
href="6240d75a7c
"><code>6240d75</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/656 ">#656</a>
add missing quotes in README.md (<a
href="https://redirect.github.com/npm/node-semver/issues/656 ">#656</a>)
(<a href="https://github.com/zyxkad "><code>@zyxkad</code></a>)</li>
<li><a
href="14d263faa1
"><code>14d263f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625 ">#625</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="7c34e1ac1b
"><code>7c34e1a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625 ">#625</a>
bump <code>@npmcli/template-oss</code> from 4.18.1 to 4.19.0 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="123e0b0328
"><code>123e0b0</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622 ">#622</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="737d5e1cf1
"><code>737d5e1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622 ">#622</a>
bump <code>@npmcli/template-oss</code> from 4.18.0 to 4.18.1 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
<li><a
href="cce61804ba
"><code>cce6180</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598 ">#598</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys "><code>@lukekarrys</code></a>)</li>
<li><a
href="b914a3d0d2
"><code>b914a3d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598 ">#598</a>
bump <code>@npmcli/template-oss</code> from 4.17.0 to 4.18.0 (<a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot])</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="377f709718
"><code>377f709</code></a>
chore: release 7.6.0 (<a
href="https://redirect.github.com/npm/node-semver/issues/661 ">#661</a>)</li>
<li><a
href="a7ab13a462
"><code>a7ab13a</code></a>
feat: preserve pre-release and build parts of a version on coerce (<a
href="https://redirect.github.com/npm/node-semver/issues/671 ">#671</a>)</li>
<li><a
href="816c7b2cbf
"><code>816c7b2</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li><a
href="0bd24d943c
"><code>0bd24d9</code></a>
chore: bump <code>@npmcli/template-oss</code> from 4.21.1 to
4.21.3</li>
<li><a
href="e521932f11
"><code>e521932</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li><a
href="8873991808
"><code>8873991</code></a>
chore: chore: chore: postinstall for dependabot template-oss PR</li>
<li><a
href="f317dc8689
"><code>f317dc8</code></a>
chore: bump <code>@npmcli/template-oss</code> from 4.19.0 to
4.21.0</li>
<li><a
href="7303db1fe5
"><code>7303db1</code></a>
chore: add clean() test for build metadata (<a
href="https://redirect.github.com/npm/node-semver/issues/658 ">#658</a>)</li>
<li><a
href="6240d75a7c
"><code>6240d75</code></a>
chore: add missing quotes in README.md (<a
href="https://redirect.github.com/npm/node-semver/issues/656 ">#656</a>)</li>
<li><a
href="14d263faa1
"><code>14d263f</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li>Additional commits viewable in <a
href="https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `es5-ext` from 0.10.62 to 0.10.64
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/medikoo/es5-ext/releases ">es5-ext's
releases</a>.</em></p>
<blockquote>
<h2>0.10.64 (2024-02-27)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Revert update to postinstall script meant to fix Powershell issue,
as it's a regression for some Linux terminals (<a
href="c2e2bb90c2
">c2e2bb9</a>)</li>
</ul>
<hr />
<p><a
href="https://github.com/medikoo/es5-ext/compare/v0.10.63...v0.10.64 ">Comparison
since last release</a></p>
<h2>0.10.63 (2024-02-23)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Do not rely on problematic regex (<a
href="3551cdd7b2
">3551cdd</a>),
addresses <a
href="https://redirect.github.com/medikoo/es5-ext/issues/201 ">#201</a></li>
<li>Support ES2015+ function definitions in
<code>function#toStringTokens()</code> (<a
href="a52e957366
">a52e957</a>),
addresses <a
href="https://redirect.github.com/medikoo/es5-ext/issues/021 ">#021</a></li>
<li>Ensure postinstall script does not crash on Windows, fixes <a
href="https://redirect.github.com/medikoo/es5-ext/issues/181 ">#181</a>
(<a
href="bf8ed799d5
">bf8ed79</a>)</li>
</ul>
<h3>Maintenance Improvements</h3>
<ul>
<li>Simplify the manifest message (<a
href="7855319f41
">7855319</a>)</li>
</ul>
<hr />
<p><a
href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.63 ">Comparison
since last release</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md ">es5-ext's
changelog</a>.</em></p>
<blockquote>
<h3><a
href="https://github.com/medikoo/es5-ext/compare/v0.10.63...v0.10.64 ">0.10.64</a>
(2024-02-27)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>Revert update to postinstall script meant to fix Powershell issue,
as it's a regression for some Linux terminals (<a
href="c2e2bb90c2
">c2e2bb9</a>)</li>
</ul>
<h3><a
href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.63 ">0.10.63</a>
(2024-02-23)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>Do not rely on problematic regex (<a
href="3551cdd7b2
">3551cdd</a>),
addresses <a
href="https://redirect.github.com/medikoo/es5-ext/issues/201 ">#201</a></li>
<li>Support ES2015+ function definitions in
<code>function#toStringTokens()</code> (<a
href="a52e957366
">a52e957</a>),
addresses <a
href="https://redirect.github.com/medikoo/es5-ext/issues/021 ">#021</a></li>
<li>Ensure postinstall script does not crash on Windows, fixes <a
href="https://redirect.github.com/medikoo/es5-ext/issues/181 ">#181</a>
(<a
href="bf8ed799d5
">bf8ed79</a>)</li>
</ul>
<h3>Maintenance Improvements</h3>
<ul>
<li>Simplify the manifest message (<a
href="7855319f41
">7855319</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f76b03d8c4
"><code>f76b03d</code></a>
chore: Release v0.10.64</li>
<li><a
href="2881acda50
"><code>2881acd</code></a>
chore: Bump dependencies</li>
<li><a
href="c2e2bb90c2
"><code>c2e2bb9</code></a>
fix: Revert update meant to fix Powershell issue, as it's a
regression</li>
<li><a
href="16f2b7253d
"><code>16f2b72</code></a>
docs: Fix date in the changelog</li>
<li><a
href="de4e03c477
"><code>de4e03c</code></a>
chore: Release v0.10.63</li>
<li><a
href="3fd53b755e
"><code>3fd53b7</code></a>
chore: Upgrade<code> lint-staged</code> to v13</li>
<li><a
href="bf8ed799d5
"><code>bf8ed79</code></a>
chore: Ensure postinstall script does not crash on Windows</li>
<li><a
href="2cbbb0717b
"><code>2cbbb07</code></a>
chore: Bump dependencies</li>
<li><a
href="22d0416ea1
"><code>22d0416</code></a>
chore: Bump LICENSE year</li>
<li><a
href="a52e957366
"><code>a52e957</code></a>
fix: Support ES2015+ function definitions in
<code>function#toStringTokens()</code></li>
<li>Additional commits viewable in <a
href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.64 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `ip` from 1.1.8 to 1.1.9
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1ecbf2fd8c
"><code>1ecbf2f</code></a>
1.1.9</li>
<li><a
href="6a3ada9b47
"><code>6a3ada9</code></a>
lib: fixed CVE-2023-42282 and added unit test</li>
<li>See full diff in <a
href="https://github.com/indutny/node-ip/compare/v1.1.8...v1.1.9 ">compare
view</a></li>
</ul>
</details>
<br />
Updates `miniflare` from 3.20231030.0 to 3.20231030.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cloudflare/workers-sdk/releases ">miniflare's
releases</a>.</em></p>
<blockquote>
<h2>miniflare@3.20231030.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4466 ">#4466</a>
<a
href="71fb0b86cf
"><code>71fb0b86</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
fix: ensure unused KV and Cache blobs cleaned up</p>
<p>When storing data in KV, Cache and R2, Miniflare uses both an SQL
database and separate blob store. When writing a key/value pair, a blob
is created for the new value and the old blob for the previous value (if
any) is deleted. A few months ago, we introduced a change that prevented
old blobs being deleted for KV and Cache. R2 was unaffected. This
shouldn't have caused any problems, but could lead to persistence
directories growing unnecessarily as they filled up with garbage blobs.
This change ensures garbage blobs are deleted.</p>
<p>Note existing garbage will not be cleaned up. If you'd like to do
this, download this Node script (<a
href="https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076 ">https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076 </a>).
If you're using the default Wrangler persistence directory, run
<code>node gc.mjs kv .wrangler/state/v3/kv <namespace_id_1>
<namespace_id_2> ...</code> and <code>node gc.mjs cache
.wrangler/state/v3/cache default named:<cache_name_1>
named:<cache_name_2> ...</code> with each of your KV namespace IDs
(not binding names) and named caches.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550 ">#4550</a>
<a
href="63708a94fb
"><code>63708a94</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
fix: validate <code>Host</code> and <code>Orgin</code> headers where
appropriate</p>
<p><code>Host</code> and <code>Origin</code> headers are now checked
when connecting to the inspector and Miniflare's magic proxy. If these
don't match what's expected, the request will fail.</p>
</li>
</ul>
<h2>miniflare@3.20231030.2</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4505 ">#4505</a>
<a
href="1b34878287
"><code>1b348782</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
fix: remove <code>__STATIC_CONTENT_MANIFEST</code> from module worker
<code>env</code></p>
<p>When using Workers Sites with a module worker, the asset manifest
must be imported from the <code>__STATIC_CONTENT_MANIFEST</code> virtual
module. Miniflare provided this module, but also erroneously added
<code>__STATIC_CONTENT_MANIFEST</code> to the <code>env</code> object
too. Whilst this didn't break anything locally, it could cause users to
develop Workers that ran locally, but not when deployed. This change
ensures <code>env</code> doesn't contain
<code>__STATIC_CONTENT_MANIFEST</code>.</p>
</li>
</ul>
<h2>miniflare@3.20231030.1</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4348 ">#4348</a>
<a
href="be2b9cf5a9
"><code>be2b9cf5</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
feat: add support for wrapped bindings</p>
<p>This change adds a new <code>wrappedBindings</code> worker option for
configuring
<code>workerd</code>'s <a
href="bfcef2d850/src/workerd/server/workerd.capnp (L469-L487)
">wrapped
bindings</a>.
These allow custom bindings to be written as JavaScript functions
accepting an
<code>env</code> parameter of "inner bindings" and returning
the value to bind. For more
details, refer to the <a
href="https://github.com/cloudflare/workers-sdk/blob/main/packages/miniflare/README.md#core ">API
docs</a>.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4341 ">#4341</a>
<a
href="d990874338
"><code>d9908743</code></a>
Thanks <a
href="https://github.com/RamIdeas "><code>@RamIdeas</code></a>! - Added
a <code>handleRuntimeStdio</code> which enables wrangler (or any other
direct use of Miniflare) to handle the <code>stdout</code> and
<code>stderr</code> streams from the workerd child process. By default,
if this option is not provided, the previous behaviour is retained which
splits the streams into lines and calls
<code>console.log</code>/<code>console.error</code>.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/cloudflare/workers-sdk/blob/main/packages/miniflare/CHANGELOG.md ">miniflare's
changelog</a>.</em></p>
<blockquote>
<h2>3.20231030.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4466 ">#4466</a>
<a
href="71fb0b86cf
"><code>71fb0b86</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
fix: ensure unused KV and Cache blobs cleaned up</p>
<p>When storing data in KV, Cache and R2, Miniflare uses both an SQL
database and separate blob store. When writing a key/value pair, a blob
is created for the new value and the old blob for the previous value (if
any) is deleted. A few months ago, we introduced a change that prevented
old blobs being deleted for KV and Cache. R2 was unaffected. This
shouldn't have caused any problems, but could lead to persistence
directories growing unnecessarily as they filled up with garbage blobs.
This change ensures garbage blobs are deleted.</p>
<p>Note existing garbage will not be cleaned up. If you'd like to do
this, download this Node script (<a
href="https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076 ">https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076 </a>).
If you're using the default Wrangler persistence directory, run
<code>node gc.mjs kv .wrangler/state/v3/kv <namespace_id_1>
<namespace_id_2> ...</code> and <code>node gc.mjs cache
.wrangler/state/v3/cache default named:<cache_name_1>
named:<cache_name_2> ...</code> with each of your KV namespace IDs
(not binding names) and named caches.</p>
</li>
</ul>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550 ">#4550</a>
<a
href="63708a94fb
"><code>63708a94</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
fix: validate <code>Host</code> and <code>Orgin</code> headers where
appropriate</p>
<p><code>Host</code> and <code>Origin</code> headers are now checked
when connecting to the inspector and Miniflare's magic proxy. If these
don't match what's expected, the request will fail.</p>
</li>
</ul>
<h2>3.20231030.2</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4505 ">#4505</a>
<a
href="1b34878287
"><code>1b348782</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
fix: remove <code>__STATIC_CONTENT_MANIFEST</code> from module worker
<code>env</code></p>
<p>When using Workers Sites with a module worker, the asset manifest
must be imported from the <code>__STATIC_CONTENT_MANIFEST</code> virtual
module. Miniflare provided this module, but also erroneously added
<code>__STATIC_CONTENT_MANIFEST</code> to the <code>env</code> object
too. Whilst this didn't break anything locally, it could cause users to
develop Workers that ran locally, but not when deployed. This change
ensures <code>env</code> doesn't contain
<code>__STATIC_CONTENT_MANIFEST</code>.</p>
</li>
</ul>
<h2>3.20231030.1</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4348 ">#4348</a>
<a
href="be2b9cf5a9
"><code>be2b9cf5</code></a>
Thanks <a href="https://github.com/mrbbot "><code>@mrbbot</code></a>! -
feat: add support for wrapped bindings</p>
<p>This change adds a new <code>wrappedBindings</code> worker option for
configuring
<code>workerd</code>'s <a
href="bfcef2d850/src/workerd/server/workerd.capnp (L469-L487)
">wrapped
bindings</a>.
These allow custom bindings to be written as JavaScript functions
accepting an
<code>env</code> parameter of "inner bindings" and returning
the value to bind. For more
details, refer to the <a
href="https://github.com/cloudflare/workers-sdk/blob/main/packages/miniflare/README.md#core ">API
docs</a>.</p>
</li>
</ul>
<ul>
<li><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4341 ">#4341</a>
<a
href="d990874338
"><code>d9908743</code></a>
Thanks <a
href="https://github.com/RamIdeas "><code>@RamIdeas</code></a>! - Added
a <code>handleRuntimeStdio</code> which enables wrangler (or any other
direct use of Miniflare) to handle the <code>stdout</code> and
<code>stderr</code> streams from the workerd child process. By default,
if this option is not provided, the previous behaviour is retained which
splits the streams into lines and calls
<code>console.log</code>/<code>console.error</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5e67ea176a
"><code>5e67ea1</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4536 ">#4536</a>)</li>
<li><a
href="63708a94fb
"><code>63708a9</code></a>
fix: validate <code>Host</code>/<code>Origin</code> headers in magic
proxy and `InspectorProxyWorke...</li>
<li><a
href="71fb0b86cf
"><code>71fb0b8</code></a>
fix: ensure unused KV and Cache blobs cleaned up (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4466 ">#4466</a>)</li>
<li><a
href="97727de053
"><code>97727de</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4495 ">#4495</a>)</li>
<li><a
href="311ffbd506
"><code>311ffbd</code></a>
[wrangler] fix: change <code>wrangler (pages) dev</code> to listen on
<code>localhost</code> by def...</li>
<li><a
href="1b34878287
"><code>1b34878</code></a>
fix: remove <code>__STATIC_CONTENT_MANIFEST</code> from module worker
<code>env</code> (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4505 ">#4505</a>)</li>
<li><a
href="f728503bd3
"><code>f728503</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4463 ">#4463</a>)</li>
<li><a
href="be2b9cf5a9
"><code>be2b9cf</code></a>
feat: add support for wrapped bindings (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4348 ">#4348</a>)</li>
<li><a
href="d990874338
"><code>d990874</code></a>
Intercept workerd logs + write all debug logs to a hidden file (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4341 ">#4341</a>)</li>
<li>See full diff in <a
href="https://github.com/cloudflare/workers-sdk/commits/miniflare@3.20231030.3/packages/miniflare ">compare
view</a></li>
</ul>
</details>
<br />
Updates `undici` from 5.28.2 to 5.28.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nodejs/undici/releases ">undici's
releases</a>.</em></p>
<blockquote>
<h2>v5.28.3</h2>
<h2>⚠️ Security Release ⚠️ </h2>
<p>Fixes:</p>
<ul>
<li><a
href="https://github.com/nodejs/undici/security/advisories/GHSA-3787-6prv-h9w3 ">CVE-2024-24758
Proxy-Authorization header not cleared on cross-origin redirect in
fetch</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3 ">https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e71cb4c88f
"><code>e71cb4c</code></a>
Bumped v5.28.3</li>
<li><a
href="20c65b89f4
"><code>20c65b8</code></a>
Fix tests for Node.js v20.11.0 (<a
href="https://redirect.github.com/nodejs/undici/issues/2618 ">#2618</a>)</li>
<li><a
href="8ec52cde66
"><code>8ec52cd</code></a>
Fix tests for Node.js v21 (<a
href="https://redirect.github.com/nodejs/undici/issues/2609 ">#2609</a>)</li>
<li><a
href="d3aa574b12
"><code>d3aa574</code></a>
Merge pull request from GHSA-3787-6prv-h9w3</li>
<li>See full diff in <a
href="https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3 ">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/tldraw/tldraw/network/alerts ).
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mitja Bezenšek <mitja.bezensek@gmail.com>
2024-03-04 12:20:23 +00:00
Steve Ruiz
9a6f4e8c4b
[docs] design shuffle ( #2951 )
...
This PR incorporates design tweaks from #2922 without the home page or
content changes.
These are:
- Replacing all `hello@tldraw.com` with `sales@tldraw.com`
- Fix mailto links.
- Showing the first item in a section on direct routes to the section
- Splitting the article page for human-written content from article page
for generated content
- Splitting the layout for the landing page from the rest of the site
(temporarily identical to the regular content)
- Removing headings from left sidebar
- Restoring headings in right sidebar for human-written pages with > 1
heading link
- Styling block quote
- Adjusting section link appearance / layout in header / menu
- Changing the order of search results to preference docs over examples
- Updating copy on events
- Removing copy on user interface menus
- Adding hero as prop to all articles
- Updated icon
- Fixing a few broken links
- Replaces the sandpack code blocks with hljs code blocks, except in
examples.
### Change Type
- [x] `documentation` — Changes to the documentation only[^2]
2024-02-29 16:28:45 +00:00
alex
a0628f9cb2
tldraw_final_v6_final(old version).docx.pdf ( #2998 )
...
Rename `@tldraw/tldraw` to just `tldraw`! `@tldraw/tldraw` still exists
as an alias to `tldraw` for folks who are still using that.
### Test Plan
- [x] Unit Tests
- [ ] End to end tests
### Release Notes
- The `@tldraw/tldraw` package has been renamed to `tldraw`. You can
keep using the old version if you want though!
2024-02-29 16:06:19 +00:00
David Sheldrick
6d4b46e6d6
Implement new package publish process ( #2996 )
...
Gonna merge in a sneaky dry run mode to test the args parsing etc
### Change Type
- [ ] `patch` — Bug fix
- [ ] `minor` — New feature
- [ ] `major` — Breaking change
- [ ] `dependencies` — Changes to package dependencies[^1]
- [ ] `documentation` — Changes to the documentation only[^2]
- [ ] `tests` — Changes to any test code only[^2]
- [x] `internal` — Any other changes that don't affect the published
package[^2]
- [ ] I don't know
[^1]: publishes a `patch` release, for devDependencies use `internal`
[^2]: will not publish a new version
### Test Plan
1. Add a step-by-step description of how to test your PR here.
2.
- [ ] Unit Tests
- [ ] End to end tests
### Release Notes
- Add a brief release note for your PR here.
2024-02-29 12:21:11 +00:00
David Sheldrick
f19b12c42e
[dx] Derive vercel routes from react-router config ( #2937 )
...
I had some free time at the end of the week so I investigated the idea
of deriving the vercel routing config from the react-router config, then
storing the derived vercel route info in a jest snapshot, and then
loading the jest snapshot during the build script.
Seems to work well!
### Change Type
- [x] `internal` — Any other changes that don't affect the published
package[^2]
2024-02-26 12:30:35 +00:00
David Sheldrick
f3eae3c398
Update auto ( #2952 )
...
Auto merged this PR https://github.com/intuit/auto/pull/2420/files
So we can get rid of our patch file
### Change Type
- [x] `internal`
2024-02-26 10:06:23 +00:00
Steve Ruiz
2211ca0063
bump typescript / api-extractor ( #2949 )
...
This PR bumps TypeScript to 5.3.3 and API extractor. We started getting
some weird behavior in CI due to different versions of the two
libraries, ie where the CI api.jsons would differ from those built
locally.
### Change Type
- [x] `dependencies` — Changes to package dependencies[^1]
2024-02-25 11:43:17 +00:00
Mitja Bezenšek
303c8782e3
Fix an issue with publishing canary ( #2931 )
...
Our canary builds are broken right now, see
https://github.com/tldraw/tldraw/actions/runs/8018554530/job/21904677162#step:4:13
Looks like `auto@11.0.5` solves this
https://github.com/intuit/auto/issues/2425
### Change Type
- [ ] `patch` — Bug fix
- [ ] `minor` — New feature
- [ ] `major` — Breaking change
- [ ] `dependencies` — Changes to package dependencies[^1]
- [ ] `documentation` — Changes to the documentation only[^2]
- [ ] `tests` — Changes to any test code only[^2]
- [x] `internal` — Any other changes that don't affect the published
package[^2]
- [ ] I don't know
2024-02-23 12:27:37 +00:00
Dan Groshev
a8999aa0a0
Make Vercel URL rewrites precise ( #2913 )
...
### The problem
Right now we use a catchall path in Vercel routing config to rewrite all
requests that don't match existing assets to `/index.html`, which is
needed for client side routing to work. This, however, messes up 404
errors for truly non-existing files which won't be handled by the SPA,
because they get redirected to index.html.
Even worse, this interacts very poorly with caching. Normally if we
request a non-existent file, then put the file in place, and request the
file again, we'll get 404 the first time and the actual file the second
time. However, in our case we instead return `/index.html` after the
first attempt and cache that response, making it impossible to correct a
missing file without cache flush.
### The solution
One way to fix this is to make the regex in Vercel config precise, so
that they only match our SPA routes. However, it can be dangerous,
because this means we'll need to manually update the config with new SPA
routes every time we add any. This PR tests that regexes we're using in
Vercel match all routes that we set in the SPA router.
### Potential future improvements
It's very possible to generate Vercel's config from React Router routing
objects, but at the moment it's not done because that would require
importing most of dotcom during the build phase, which seem to cause
errors.
### Change Type
- [x] `internal` — Any other changes that don't affect the published
package[^2]
### Test Plan
1. Might need a light smoke test after deployment to dotcom.
- [x] End to end tests
2024-02-22 18:25:45 +00:00
David Sheldrick
4a2040f92c
Faster validations + record reference stability at the same time ( #2848 )
...
This PR adds a validation mode whereby previous known-to-be-valid values
can be used to speed up the validation process itself. At the same time
it enables us to do fine-grained equality checking on records much more
quickly than by using something like lodash isEqual, and using that we
can prevent triggering effects for record updates that don't actually
alter any values in the store.
Here's some preliminary perf testing of average time spent in
`store.put()` during some common interactions
| task | before (ms) | after (ms) |
| ---- | ---- | ---- |
| drawing lines | 0.0403 | 0.0214 |
| drawing boxes | 0.0408 | 0.0348 |
| translating lines | 0.0352 | 0.0042 |
| translating boxes | 0.0051 | 0.0032 |
| rotating lines | 0.0312 | 0.0065 |
| rotating boxes | 0.0053 | 0.0035 |
| brush selecting boxes | 0.0200 | 0.0232 |
| traversal with shapes | 0.0130 | 0.0108 |
| traversal without shapes | 0.0201 | 0.0173 |
**traversal** means moving the camera and pointer around the canvas
#### Discussion
At the scale of hundredths of a millisecond these .put operations are so
fast that even if they became literally instantaneous the change would
not be human perceptible. That said, there is an overall marked
improvement here. Especially for dealing with draw shapes.
These figures are also mostly in line with expectations, aside from a
couple of things:
- I don't understand why the `brush selecting boxes` task got slower
after the change.
- I don't understand why the `traversal` tasks are slower than the
`translating boxes` task, both before and after. I would expect that
.putting shape records would be much slower than .putting pointer/camera
records (since the latter have fewer and simpler properties)
### Change Type
- [x] `patch` — Bug fix
### Test Plan
1. Add a step-by-step description of how to test your PR here.
2.
- [ ] Unit Tests
- [ ] End to end tests
### Release Notes
- Add a brief release note for your PR here.
2024-02-20 12:35:25 +00:00
Dan Groshev
5cf2fe9583
Revert "emojis! 🧑🎨 🎨 ✏️ ( #2814 )" ( #2822 )
...
Reverting accidental merge of #2814
### Change Type
- [x] `internal` — Any other changes that don't affect the published
package
2024-02-13 14:59:59 +00:00