[Snyk] Upgrade: , , govuk-frontend, , applicationinsights, axios, joi, prom-client, redis #291
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
@azure/msal-common
from 14.13.0 to 14.14.1 | 3 versions ahead of your current version | a month ago
on 2024-08-13
@azure/msal-node
from 2.10.0 to 2.13.0 | 4 versions ahead of your current version | a month ago
on 2024-08-13
govuk-frontend
from 5.2.0 to 5.5.0 | 5 versions ahead of your current version | a month ago
on 2024-08-09
@ministryofjustice/frontend
from 2.1.1 to 2.2.0 | 3 versions ahead of your current version | 2 months ago
on 2024-07-31
applicationinsights
from 2.9.5 to 2.9.6 | 1 version ahead of your current version | a month ago
on 2024-08-15
axios
from 1.7.4 to 1.7.5 | 1 version ahead of your current version | a month ago
on 2024-08-23
joi
from 17.13.0 to 17.13.3 | 3 versions ahead of your current version | 3 months ago
on 2024-06-19
prom-client
from 15.1.0 to 15.1.3 | 3 versions ahead of your current version | 3 months ago
on 2024-06-27
redis
from 4.6.13 to 4.7.0 | 3 versions ahead of your current version | 2 months ago
on 2024-07-29
Release notes
Package name: @azure/msal-common
14.14.1
Tue, 13 Aug 2024 23:25:08 GMT
Patches
14.14.0
Tue, 23 Jul 2024 14:19:34 GMT
Minor changes
Package name: @azure/msal-node
2.13.0
Tue, 13 Aug 2024 23:25:05 GMT
Minor changes
Patches
2.12.0
Tue, 23 Jul 2024 14:19:34 GMT
Minor changes
Package name: govuk-frontend
This release includes an updated list of organisations and brand colours. We’ve also added a new feature to stop long words from ‘breaking out’ of components.
To install this version with npm, run
npm install [email protected]
. You can also find more information about how to stay up to date in our documentation.New features
We've updated the list of organisations and brand colours included in Frontend
We've overhauled the list of organisations and organisation brand colours that are shipped with GOV.UK Frontend.
The previous list was outdated and had not kept up with changes to the machinery of government. We’ve updated the list to:
To enable these changes, set the feature flag variable
$govuk-new-organisation-colours
totrue
before you import GOV.UK Frontend in your Sass files:You can also silence warnings about defunct organisations by adding
organisation-colours
to the$govuk-suppressed-warnings
setting.We introduced this change in pull request #3407: Update organisation colours.
Stop long words breaking out of components with
govuk-!-text-break-word
We've added a new override class to help display long words with no obvious break points when the space is too narrow to display them on one line. An example of a long word might be an email address entered by a user.
Wrapping the content with the
govuk-!-text-break-word
class forces words that are too long for the parent element to break onto a new line.Sass users can also use the
govuk-text-break-word
mixin.We introduced this change in pull request #5159: Add break-word typography helper.
Recommended changes
Update the
$websafe
parameter on thegovuk-organisation-colour
functionThe
govuk-organisation-colour
Sass function's$websafe
parameter has been renamed to$contrast-safe
.This is to more accurately describe the functionality of the parameter.
The old parameter name will stop working in the next major version of GOV.UK Frontend.
We introduced this change in pull request #3407: Update organisation colours.
Fixes
We've made fixes to GOV.UK Frontend in the following pull requests:
href
andtext
for falsy valuesTo install this version with npm, run
npm install [email protected]
. You can also find more information about how to stay up to date in our documentation.Recommended changes
Update Breadcrumbs to use
nav
andaria-label
We've made changes to the Breadcrumbs component to improve how it appears to screen readers.
We've changed the wrapping element to use the
nav
tag to expose it as a navigational landmark, and added anaria-label
attribute to differentiate it as breadcrumb navigation.This change was introduced in pull request #4995: Update Breadcrumb component to improve screen reader accessibility.
Fixes
We've made fixes to GOV.UK Frontend in the following pull requests:
To install this version with npm, run
npm install [email protected]
. You can also find more information about how to stay up to date in our documentation.This release includes new features to help you include only the components your service uses. Doing this can help reduce the size of the JavaScript and CSS files sent to users, improving their experience.
New features
Create individual components with
createAll
We've added a new
createAll
function that lets you initialise specific components in the same way thatinitAll
does.The
createAll
function will:data-module
attributecreateAll(Button)
createAll(Checkboxes)
You can also pass a config object and a scope within which to search for elements.
You can find out more about how to use the
createAll
function in our documentation.This change was introduced in pull request #4975: Add
createAll
function to initialise individual components.Use tabular numbers easily with
govuk-!-font-tabular-numbers
We've added a new override class for tabular number styling:
govuk-!-font-tabular-numbers
.Using tabular numbers can make it easier for users to read numbers intended for comparison to one another, or for numbers that dynamically update.
It was previously only possible to use tabular numbers by using the
govuk-font-tabular-numbers
Sass mixin.This change was introduced in pull request #4973: Add override class for tabular numbers.
Deprecated features
Importing layers using
all
filesYou'll see a warning when compiling your Sass if you import any of our layers using the
all
file. Importing using theall
files is deprecated, and we’ll remove them in the next major release.In your import statements, use a trailing
/index
rather than/all
to load GOV.UK Frontend's files.For example:
@ import "govuk/index";
instead of@ import "govuk/all";
;@ import "govuk/<PATH>/index";
instead of@ import "govuk/<PATH>/all";
;You do not need
/index
at the end of each import path if you’re using Dart Sass, LibSass 3.6.0 or higher, or Ruby Sass 3.6.0 or higher.This change was introduced in pull request #4955: Rename
all
files toindex
for our Sass entry points.Fixes
We've made fixes to GOV.UK Frontend in the following pull requests:
errorMessage
argument for the password input component - thanks to Tim South for contributing this changegovuk-frontend
errorList
is providedTo install this version with npm, run
npm install [email protected]
. You can also find more information about how to stay up to date in our documentation.Fixes
We've made fixes to GOV.UK Frontend in the following pull requests:
attributes
option ignoring values passed from thesafe
filterTo install this version with npm, run
npm install [email protected]
. You can also find more information about how to stay up to date in our documentation.New features
Use the Password input component to help users accessibly enter passwords
The Password input component allows users to choose:
This helps users use longer and more complex passwords without needing to remember what they've already typed.
This change was introduced in pull request #4442: Create password input component. Thanks to @ andysellick for the original contribution.
Recommended changes
Update the HTML for the Character count component
We've updated the HTML for the Character count component. The component wrapper
data-module="govuk-character-count"
and its form groupclass="govuk-form-group"
are now combined as the same<div>
. The hint text used as the count message now appears directly after the<textarea>
.If you're not using Nunjucks macros, then you should:
<div>
to the component wrapper<div>
<div>
and closing</div>
tags used by the form group<textarea>
The following example shows some HTML and the difference once it’s updated.
HTML before:
HTML after:
Check your changes against the Character count example in the Design System to make sure you’ve correctly implemented them.
This change was introduced in pull request #4566: Use Character count
formGroup
as module wrapper.Remove redundant
role
attributes from elementsWe've made minor changes to the HTML of the page template, as well as the header, footer and pagination components.
You can update your HTML to remove the
role
attribute from some elements. These include the:main
role on themain
element in the templatebanner
role on theheader
element in the Header componentcontentinfo
role on thefooter
element in the Footer componentnavigation
role on thenav
element in the Pagination componentThese roles were present to support legacy browsers, such as older versions of Internet Explorer. GOV.UK Frontend no longer supports these browsers, so you can now remove these roles.
You do not need to change anything if you're using the Nunjucks versions of the page template or these components,
This change was introduced in pull request #4854: Remove redundant
role
attributes.Fixes
We've fixed an upstream issue in the cssnano npm package that caused elements with transparency to render incorrectly in Internet Explorer 11. This affected the pre-compiled CSS files in the GOV.UK Frontend npm package and GitHub releases for versions 5.0, 5.1 and 5.2. This was fixed in:
We've made fixes to GOV.UK Frontend in the following pull requests:
KeyboardEvent.key
over deprecatedKeyboardEvent.keyCode
in the Tabs componentKeyboardEvent.key
over deprecatedKeyboardEvent.keyCode
in the Button componentKeyboardEvent
properties from the Exit this Page componentIn this release, we’ve adjusted our responsive type scale, which is available behind a feature flag. The type scale change is to make text easier to read on smaller screens. We’ve also deprecated the
useTudorCrown
parameter.To install this version with npm, run
npm install [email protected]
. You can also find more information about how to stay up to date in our documentation.New features
We've adjusted our responsive type scale
We've made the following adjustments to our responsive type scale:
To enable these changes, set the feature flag variable
$govuk-new-typography-scale
totrue
before you import GOV.UK Frontend in your Sass files:If your service uses custom elements made using GOV.UK Frontend, test your service against the new typography scale to assess if you need to make any adjustments.
You can read more on upgrading your service to the new type scale in our upgrade guide.
This change was introduced in pull request #2421: Adjust the responsive type scale
Insert custom HTML into component form group wrappers
You can now insert custom HTML into form group wrappers for all components with form fields.
This change was introduced in pull request #4567: Add
beforeInput(s)
andbeforeInput(s)
options to form groups.Deprecated features
Stop using the
useTudorCrown
parameter in the Heading componentThe rollout for the revised GOV.UK logo has started and the Tudor crown logo is now shown by default. We’ve deprecated the
useTudorCrown
parameter and will remove it in the next major release.You can now remove the
useTudorCrown
parameter, along with any other adjustments made to display the Tudor crown logo in your service.This change was introduced in pull request #4740: Make Tudor Crown logo the default
Fixes
We've made fixes to GOV.UK Frontend in the following pull requests:
calc()
compatibility in Radios and CheckboxesPackage name: @ministryofjustice/frontend
2.2.0 (2024-07-31)
You can find out how to stay up-to-date with new releases.
New feature: use the date picker component to help users select dates
The date picker component enables users to:
2.1.3 (2024-05-07)
Bug Fixes
2.1.2 (2024-03-13)
Bug Fixes
2.1.1 (2024-02-19)
Bug Fixes
Package name: axios
Release notes:
Bug Fixes
ReferenceError: navigator is not defined
for custom environments; (#6567) (fed1a4b)Contributors to this release
Release notes:
Bug Fixes
Contributors to this release
Package name: joi
17.13.3
17.13.2
17.13.1
17.13.0
Package name: prom-client
What's Changed
New Contributors
Full Changelog: v15.1.2...v15.1.3
What's Changed
bun.js
by catchingNotImplemented
errorby @ owlcode in #624Registry.PROMETHEUS_CONTENT_TYPE
andRegistry.OPENMETRICS_CONTENT_TYPE
constants to the TypeScript types by @ SimenB in #626contentType
top level export by @ SimenB in #625New Contributors
Full Changelog: v15.1.1...v15.1.2
What's Changed
New Contributors
Full Changelog: v15.1.0...v15.1.1
Changed
osMemoryHeapLinux
hashObject
by using pre-sorted array of label namescollectDefaultMetrics.metricsList
Added
histogram.startTime()
to be used with exemplars.New Contributors
Full Changelog: v15.0.0...v15.1.0
Package name: redis
Enhancements
@ redis/client
from1.5.16
to1.6.0
@ redis/json
from1.0.6
to1.0.7
@ redis/search
from1.1.6
to1.2.0
@ redis/time-series
from1.0.5
to1.1.0
Enhancements
@ redis/client
from1.5.16
to1.5.17
Enhancements
@ redis/client
from1.5.14
to1.5.16
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: