Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump tough-cookie and @wordpress/scripts #511

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 6, 2023

Bumps tough-cookie to 4.1.3 and updates ancestor dependency @wordpress/scripts. These dependencies need to be updated together.

Updates tough-cookie from 2.5.0 to 4.1.3

Release notes

Sourced from tough-cookie's releases.

4.1.3

Security fix for Prototype Pollution discovery in #282. This is a minor release, although output from the inspect utility is affected by this change, we felt this change was important enough to be pushed into the next patch.

4.1.2 -- Patch and Bugfix Release

What's Changed

Full Changelog: salesforce/tough-cookie@v4.1.1...v4.1.2

4.1.1

Patch Release

What's Changed

Full Changelog: salesforce/tough-cookie@v4.1.0...v4.1.1

4.1.0

v4.1.0

Minor release, focused mainly on resolving reported issues and some minor feature work.

What's Changed

... (truncated)

Commits
  • 4ff4d29 4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)
  • 12d4747 Prevent prototype pollution in cookie memstore (#283)
  • f06b72d Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...
  • b1a8898 fix: allow set cookies with localhost (#253)
  • ec70796 4.1.1 Patch -- allow special use domains by default (#250)
  • d4ac580 fix: allow special use domains by default (#249)
  • 79c2f7d 4.1.0 release to NPM (#245)
  • 4fafc17 Prepare tough-cookie 4.1 for publishing (updated GitHub actions, move Dockerf...
  • aa4396d fix: distinguish between no samesite and samesite=none (#240)
  • b8d7511 Modernize README (#234)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by awaterma, a new releaser for tough-cookie since your current version.


Updates @wordpress/scripts from 5.1.0 to 26.12.0

Release notes

Sourced from @​wordpress/scripts's releases.

16.6.0 RC1

Changelog

Features

Interactivity API

  • Add Slot and Fill directives. (53958)
  • Query block: Client-side pagination. (53812)
  • Update data-wp-bind directive logic. (54003)

Enhancements

  • Bundle ObserveTyping within the BlockList component. (53875)
  • Default appender: Hide the dashed indicator until ancestor is selected. (53761)
  • Register the block editor keyboard shortcuts automatically when using BlockEditorProvider. (53910)
  • [Commands]: Add toggle list view command in site editor. (53983)

Components

  • Bundle SlotFillProvider within BlockEditorProvider. (53940)
  • Make the Popover.Slot optional. (53889)
  • Popover: Update @floating-ui to latest version, remove custom fix for iframe positioning and scaling. (46845)
  • AlignmentMatrixControl: Replace act() with userEvent. (53703)
  • ProgressBar: Add transition to determinate indicator. (53877)

Block Library

  • Blocks: Move bootstrapped block types to Redux state. (53807)
  • Capture toolbars in navigation block. (53697)
  • Content Block: Change placeholder and end-to-end test to refer to Content block. (53902)
  • Make mid size parameter settable for Query Pagination block. (51216)

Block Editor

  • Capture toolbars in quote block. (53699)
  • Improve writing flow for lists by capturing list item toolbars. (53306)
  • RichTextValue: Typescript Adjustment. (54002)

Typography

  • Font Face: Prepare for merge into Core. (53858)
  • Renames "Fonts Library" to "Font Library". (53780)

Post Editor

  • Edit Post: Use hooks instead of HoCs in TaxonomyPanel. (53773)

List View

  • Add keyboard shortcut for duplicating blocks. (53559)

Patterns

  • Add a custom taxonomy for user created patterns. (53163)

... (truncated)

Changelog

Sourced from @​wordpress/scripts's changelog.

26.12.0 (2023-08-31)

26.11.0 (2023-08-16)

Enhancement

  • Updated npm-package-json-lint peer dependency to require v6.0.0 #53636.
  • The bundled @svgr/webpack dependency has been updated from requiring ^6.2.1 to requiring ^8.0.1 (#53630).
  • The bundled cssnano dependency has been updated from requiring ^5.07 to requiring ^6.0.1 (#53630).

Bug Fix

  • Fix prevent watch mode from aborting when encountering a block.json file that contains invalid JSON. (#51971)

26.10.0 (2023-08-10)

26.9.0 (2023-07-20)

26.8.0 (2023-07-05)

26.7.0 (2023-06-23)

26.6.0 (2023-06-07)

Enhancements

  • The bundled terser-webpack-plugin dependency has been updated from requiring ^5.1.4 to requiring ^5.3.9 (#50994).
  • Optimize updating render paths when developing blocks with the start command (#51162).

Bug Fixes

  • Ensure files listed in render field of block.json files are always copied to the build folder when using the start command (#50939).

26.5.0 (2023-05-24)

26.4.0 (2023-05-10)

26.3.0 (2023-04-26)

Enhancements

  • License check script supports conjunctive (AND) licenses (46801).

26.2.0 (2023-04-12)

26.1.0 (2023-03-29)

Enhancements

  • The bundled wp-prettier dependency has been upgraded from 2.6.2 to 2.8.5 (#49258).

... (truncated)

Commits
  • 5eac173 chore(release): publish
  • 1b79256 Update changelog files
  • 4c9455a Merge changes published in the Gutenberg plugin "release/16.6" branch
  • 78a288d chore(release): publish
  • 863e74c Update changelog files
  • a3b68ba Merge changes published in the Gutenberg plugin "release/16.5" branch
  • b898cf1 chore(release): publish
  • f8983f0 Update changelog files
  • 5e17468 Merge changes published in the Gutenberg plugin "release/16.4" branch
  • 6f14d11 chore(release): publish
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by gutenbergplugin, a new releaser for @​wordpress/scripts since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Sep 6, 2023
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/tough-cookie-and-wordpress/scripts-4.1.3 branch from bdd7c5f to 9f4708d Compare September 11, 2023 13:03
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/tough-cookie-and-wordpress/scripts-4.1.3 branch from 9f4708d to 8138ae5 Compare September 25, 2023 11:05
Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) to 4.1.3 and updates ancestor dependency [@wordpress/scripts](https://github.com/WordPress/gutenberg/tree/HEAD/packages/scripts). These dependencies need to be updated together.


Updates `tough-cookie` from 2.5.0 to 4.1.3
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v2.5.0...v4.1.3)

Updates `@wordpress/scripts` from 5.1.0 to 26.12.0
- [Release notes](https://github.com/WordPress/gutenberg/releases)
- [Changelog](https://github.com/WordPress/gutenberg/blob/trunk/packages/scripts/CHANGELOG.md)
- [Commits](https://github.com/WordPress/gutenberg/commits/@wordpress/[email protected]/packages/scripts)

---
updated-dependencies:
- dependency-name: tough-cookie
  dependency-type: indirect
- dependency-name: "@wordpress/scripts"
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/tough-cookie-and-wordpress/scripts-4.1.3 branch from 8138ae5 to da7c82a Compare September 25, 2023 11:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants