epicchain icon indicating copy to clipboard operation
epicchain copied to clipboard
Published 1 month ago verified publisher icon epicchainlabs

Bump the npm_and_yarn group across 1 directory with 23 updates

Open dependabot[bot] opened this issue 1 year ago • 1 comments

Bumps the npm_and_yarn group with 21 updates in the /src/EpicChain-GUI/epicchain-gui/epicchain-gui/ClientApp directory:

Package From To
axios 1.1.3 1.6.0
postcss 8.4.18 8.4.41
resolve-url-loader 4.0.0 5.0.0
webpack 5.74.0 5.93.0
electron 21.1.1 31.3.1
@adobe/css-tools 4.0.1 4.4.0
@babel/traverse 7.19.4 7.25.3
app-builder-lib 23.6.0 24.13.3
electron-builder 23.6.0 24.13.3
braces 3.0.2 3.0.3
minimatch 3.0.4 3.1.2
recursive-readdir 2.2.2 2.2.3
ejs 3.1.8 3.1.10
express 4.18.2 4.19.2
follow-redirects 1.15.2 1.15.6
json5 1.0.1 1.0.2
nth-check 1.0.2 2.1.1
@svgr/webpack 5.5.0 8.1.0
tough-cookie 4.1.2 4.1.4
webpack-dev-middleware 5.3.3 5.3.4
word-wrap 1.2.3 1.2.5

Updates axios from 1.1.3 to 1.6.0

Release notes

Sourced from axios's releases.

Release v1.6.0

Release notes:

Bug Fixes

  • CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028) (96ee232)
  • dns: fixed lookup function decorator to work properly in node v20; (#6011) (5aaff53)
  • types: fix AxiosHeaders types; (#5931) (a1c8ad0)

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Contributors to this release

Release v1.5.1

Release notes:

Bug Fixes

  • adapters: improved adapters loading logic to have clear error messages; (#5919) (e410779)
  • formdata: fixed automatic addition of the Content-Type header for FormData in non-browser environments; (#5917) (bc9af51)
  • headers: allow content-encoding header to handle case-insensitive values (#5890) (#5892) (4c89f25)
  • types: removed duplicated code (9e62056)

Contributors to this release

Release v1.5.0

Release notes:

Bug Fixes

  • adapter: make adapter loading error more clear by using platform-specific adapters explicitly (#5837) (9a414bb)
  • dns: fixed cacheable-lookup integration; (#5836) (b3e327d)
  • headers: added support for setting header names that overlap with class methods; (#5831) (d8b4ca0)
  • headers: fixed common Content-Type header merging; (#5832) (8fda276)

Features

... (truncated)

Changelog

Sourced from axios's changelog.

1.6.0 (2023-10-26)

Bug Fixes

  • CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028) (96ee232)
  • dns: fixed lookup function decorator to work properly in node v20; (#6011) (5aaff53)
  • types: fix AxiosHeaders types; (#5931) (a1c8ad0)

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Contributors to this release

1.5.1 (2023-09-26)

Bug Fixes

  • adapters: improved adapters loading logic to have clear error messages; (#5919) (e410779)
  • formdata: fixed automatic addition of the Content-Type header for FormData in non-browser environments; (#5917) (bc9af51)
  • headers: allow content-encoding header to handle case-insensitive values (#5890) (#5892) (4c89f25)
  • types: removed duplicated code (9e62056)

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.5.0 (2023-08-26)

... (truncated)

Commits
  • f7adacd chore(release): v1.6.0 (#6031)
  • 9917e67 chore(ci): fix release-it arg; (#6032)
  • 96ee232 fix(CSRF): fixed CSRF vulnerability CVE-2023-45857 (#6028)
  • 7d45ab2 chore(tests): fixed tests to pass in node v19 and v20 with keep-alive enabl...
  • 5aaff53 fix(dns): fixed lookup function decorator to work properly in node v20; (#6011)
  • a48a63a chore(docs): added AxiosHeaders docs; (#5932)
  • a1c8ad0 fix(types): fix AxiosHeaders types; (#5931)
  • 2ac731d chore(docs): update readme.md (#5889)
  • 88fb52b chore(release): v1.5.1 (#5920)
  • e410779 fix(adapters): improved adapters loading logic to have clear error messages; ...
  • Additional commits viewable in compare view

Updates postcss from 8.4.18 to 8.4.41

Release notes

Sourced from postcss's releases.

8.4.41

8.4.40

  • Moved to getter/setter in nodes types to help Sass team (by @​nex3).

8.4.39

8.4.38

8.4.37

  • Fixed original.column are not numbers error in another case.

8.4.36

  • Fixed original.column are not numbers error on broken previous source map.

8.4.35

  • Avoid ! in node.parent.nodes type.
  • Allow to pass undefined to node adding method to simplify types.

8.4.34

8.4.33

8.4.32

8.4.31

  • Fixed \r parsing to fix CVE-2023-44270.

8.4.30

8.4.29

8.4.28

  • Fixed Root.source.end for better source map (by @​romainmenke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

... (truncated)

Changelog

Sourced from postcss's changelog.

8.4.41

8.4.40

  • Moved to getter/setter in nodes types to help Sass team (by @​nex3).

8.4.39

8.4.38

8.4.37

  • Fixed original.column are not numbers error in another case.

8.4.36

  • Fixed original.column are not numbers error on broken previous source map.

8.4.35

  • Avoid ! in node.parent.nodes type.
  • Allow to pass undefined to node adding method to simplify types.

8.4.34

  • Fixed AtRule#nodes type (by Tim Weißenfels).
  • Cleaned up code (by Dmitry Kirillov).

8.4.33

  • Fixed NoWorkResult behavior difference with normal mode (by Romain Menke).
  • Fixed NoWorkResult usage conditions (by @​ahmdammarr).

8.4.32

  • Fixed postcss().process() types (by Andrew Ferreira).

8.4.31

  • Fixed \r parsing to fix CVE-2023-44270.

8.4.30

  • Improved source map performance (by Romain Menke).

8.4.29

  • Fixed Node#source.offset (by Ido Rosenthal).
  • Fixed docs (by Christian Oliff).

8.4.28

  • Fixed Root.source.end for better source map (by Romain Menke).
  • Fixed Result.root types when process() has no parser.

8.4.27

  • Fixed Container clone methods types.

... (truncated)

Commits

Updates resolve-url-loader from 4.0.0 to 5.0.0

Release notes

Sourced from resolve-url-loader's releases.

5.0.0

Breaking changes

  • Require node>=12.
  • Support only webpack>=4.
  • Update to postcss@^8.
  • Remove rework engine (which was deprecated in V4).

Bugfixes

  • Fix log messages not correctly normalising absolute paths to posix style on Windows platform
  • Fixes to end-to-end tests and test framework.

5.0.0-beta.1

Breaking changes

  • Require node>=12.
  • Support only webpack>=4.
  • Update to postcss@^8.
  • Remove rework engine (which was deprecated in V4).

Bugfixes

  • Fix log messages not correctly normalising absolute paths to posix style on Windows platform
  • Fixes to end-to-end tests and test framework.

5.0.0-alpha.1

Breaking changes

  • Require node>=12.
  • Support only webpack>=4.
  • Update to postcss@^8.
  • Remove rework engine (which was deprecated in V4).

Bugfixes

  • Fix log messages not correctly normalising absolute paths to posix style on Windows platform
Changelog

Sourced from resolve-url-loader's changelog.

resolve-url-loader

Version 5

Features

  • Update postcss and completely remove rework parser.

Breaking Changes

  • Require node@>=12.
  • Support webpack@>=4 (no longer tested for earlier versions).
  • The engine option has been removed.

Migrating

Remove the engine option if you are using it.

Version 4

Features

  • Better resolution of the original source location - You can more successfully use url() in variables and mixins.
  • Dependencies now accept a wider range and explicit dependency on rework and rework-visit has been removed.

Breaking Changes

  • The engine option is deprecated which means the old rework engine is deprecated.
  • The keepQuery behaviour is now the default, the keepQuery option has been removed.
  • The removeCR option defaults to true when executing on Windows OS.
  • The absolute option has been removed.
  • The join option has changed.

Migrating

Remove the engine option if you are using it - the default "postcss" engine is much more reliable. The "rework" engine will still work for now but will be removed in the next major version.

Remove the keepQuery option if you are using it.

Remove the absolute option, webpack should work fine without it. If you have a specific need to rebase url() then you should use a separate loader.

If you use a custom join function then you will need to refactor it to the new API. Refer to the advanced usage documentation.

If you wish to still use engine: "rework" then note that rework and rework-visit packages are now peerDependencies that must be explicitly installed by you.

Version 3

Features

  • Use postcss parser by default. This is long overdue as the old rework parser doesn't cope with modern css.

... (truncated)

Commits
  • bf01da9 5.0.0
  • 78393f6 update branch references to v5
  • 6787839 github actions for CI
  • 1457038 update changelog and readme
  • a01faf9 5.0.0-beta.1
  • fb09fae remove the engine option harder, ensure deprecation warning is tested
  • 5654fa4 remove the engine option and related tests, use getOptions from loader where ...
  • 10f9cdb 5.0.0-alpha.1
  • b168dd3 adjust deprecation message for engine option
  • 29e142a normalise windows absolute paths to posix format in log messages
  • Additional commits viewable in compare view

Updates webpack from 5.74.0 to 5.93.0

Release notes

Sourced from webpack's releases.

v5.93.0

Bug Fixes

  • Generate correct relative path to runtime chunks
  • Makes DefinePlugin quieter under default log level
  • Fixed mangle destructuring default in namespace import
  • Fixed consumption of eager shared modules for module federation
  • Strip slash for pretty regexp
  • Calculate correct contenthash for CSS generator options

New Features

  • Added the binary generator option for asset modules to explicitly keep source maps produced by loaders
  • Added the modern-module library value for tree shakable output
  • Added the overrideStrict option to override strict or non-strict mode for javascript modules

v5.92.1

Bug Fixes

  • Doesn't crash with an error when the css experiment is enabled and contenthash is used

v5.92.0

Bug Fixes

  • Correct tidle range's comutation for module federation
  • Consider runtime for pure expression dependency update hash
  • Return value in the subtractRuntime function for runtime logic
  • Fixed failed to resolve promise when eager import a dynamic cjs
  • Avoid generation extra code for external modules when remapping is not required
  • The css/global type now handles the exports name
  • Avoid hashing for @keyframe and @property at-rules in css/global type
  • Fixed mangle with destructuring for JSON modules
  • The stats.hasWarnings() method now respects the ignoreWarnings option
  • Fixed ArrayQueue iterator
  • Correct behavior of __webpack_exports_info__.a.b.canMangle
  • Changed to the correct plugin name for the CommonJsChunkFormatPlugin plugin
  • Set the chunkLoading option to the import when environment is unknown and output is module
  • Fixed when runtimeChunk has no exports when module chunkFormat used
  • [CSS] Fixed parsing minimized CSS import
  • [CSS] URLs in CSS files now have correct public path
  • [CSS] The css module type should not allow parser to switch mode
  • [Types] Improved context module types

New Features

  • Added platform target properties to compiler
  • Improved multi compiler cache location and validating it
  • Support import attributes spec (with keyword)
  • Support node: prefix for Node.js core modules in runtime code
  • Support prefetch/preload for module chunk format

... (truncated)

Commits
  • 277460b chore(release): 5.93.0
  • 76ab754 fix: relative path to runtime chunks
  • 40b1a77 test: added
  • 080e54f fix: relative path to runtime chunks
  • 7764e38 chore(deps-dev): bump eslint from 9.5.0 to 9.6.0
  • 22738f3 chore(deps-dev): bump eslint from 9.5.0 to 9.6.0
  • 1a27b9e fix: contenthash for css generator options
  • e716d44 chore(deps-dev): bump @​eslint/js from 9.5.0 to 9.6.0
  • 7a34330 chore(deps-dev): bump typescript from 5.5.2 to 5.5.3
  • 974752f chore(deps-dev): bump globals from 15.6.0 to 15.8.0
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for webpack since your current version.


Updates electron from 21.1.1 to 31.3.1

Release notes

Sourced from electron's releases.

electron v31.3.1

Release Notes for v31.3.1

Fixes

  • Fixed an issue where calling desktopCapturer.getSources on macOS running 14.4 or later would make non-resizable windows resizable. #43044 (Also in 32)
  • Fixed the resource leak when using Node.js readable streams as the response body for a custom protocol handler. #43071 (Also in 30, 32)

Other Changes

  • Fixed a potential crash when removing notifications on Windows. #43061 (Also in 30, 32)
  • Updated Chromium to 126.0.6478.185. #43027

electron v31.3.0

Release Notes for v31.3.0

Features

  • Added DownloadItem.getCurrentBytesPerSecond(), DownloadItem.getPercentComplete(), DownloadItem.getEndTime(). #42915 (Also in 30, 32)
  • Aligned failure pathway in File System Access API with upstream when attempting to open a file or directory in a blocked path. #42994 (Also in 32)

Fixes

  • Fixed a potential crash when using off screen rendering. #42941 (Also in 30, 32)
  • Fixed an issue where navigator.mediaDevices.getUserMedia and navigator.getUserMedia should reject with a NotAllowedError if microphone or camera permissions have been denied at the system level on macOS. #42937 (Also in 30, 32)
  • Fixed an issue where calling BrowserWindow.setBackgroundColor with some level of transparency could cause a crash. #42928 (Also in 32)

Other Changes

  • Fix: fixed the npm run lint not working on Windows. #42906 (Also in 32)
  • Updated Chromium to 126.0.6478.183. #42942
  • Updated Node.js to v20.15.1. #42839

electron v31.2.1

Release Notes for v31.2.1

Fixes

  • Fixed a potential error when calling webContents.close() on a BrowserView. #42810 (Also in 32)
  • Fixed an issue where High Contrast Mode didn't apply to webContents on Windows. #42859 (Also in 32)
  • Fixed an issue where sources returned by the desktopCapturer API and screen.getAllDisplays() no longer matched on Windows. #42861 (Also in 32)
  • Fixed an issue where sources returned by the desktopCapturer API and screen.getAllDisplays() no longer matched on Windows. #42890 (Also in 32)
  • Fixed an issue where the File System Access API did not remember the user's last picked directory as expected. #42893 (Also in 32)
  • Fixed crash when resolving proxy with session.resolveProxy api. #42897 (Also in 32)

electron v31.2.0

Release Notes for v31.2.0

Features

  • Enabled the Windows Control Overlay API on Linux. #42682 (Also in 30, 32)

Fixes

... (truncated)

Commits
  • 6322c32 fix: always terminate active Node Streams (#43071)
  • b6e19c5 chore: avoid crash while notification removal (#43061)
  • 871136b refactor: move safe_storage functions into anonymous namespace (#43051)
  • 9438173 fix: File System API permissions should reset on WebContents destruction (#43...
  • ca9027b chore: bump chromium to 126.0.6478.185 (31-x-y) (#43027)
  • 139abe7 fix: desktopCapturer breaks BrowserWindow resizable on macOS (#43044)
  • 097a3e9 chore: use v8::Local<>, not v8::Handle<> (#43037)
  • 9e14f8d feat: emit an event when accessing restricted path in File System Access API ...
  • f797f92 docs: note macOS fullscreen events in fullscreen query (#43016)
  • 7f6eab8 docs: improve desktop capture example (#43005)
  • Additional commits viewable in compare view

Updates @adobe/css-tools from 4.0.1 to 4.4.0

Changelog

Sourced from @​adobe/css-tools's changelog.

4.4.0 / 2024-06-05

4.3.3 / 2024-01-24

  • Update export property #271

4.3.2 / 2023-11-28

  • Fix redos vulnerability with specific crafted css string - CVE-2023-48631
  • Fix Problem parsing with :is() and nested :nth-child() #211

4.3.1 / 2023-03-14

  • Fix redos vulnerability with specific crafted css string - CVE-2023-26364

4.3.0 / 2023-03-07

  • Update build tools
  • Update exports path and files

4.2.0 / 2023-02-21

4.1.0 / 2023-01-25

  • Support ESM Modules

4.0.2 / 2023-01-12

  • #71 : @​import does not work if url contains ';'
  • #77 : Regression in selector parsing: Attribute selectors not parsed correctly
Commits

Updates @babel/traverse from 7.19.4 to 7.25.3

Release notes

Sourced from @​babel/traverse's releases.

v7.25.3 (2024-07-31)

:bug: Bug Fix

  • babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-traverse

:house: Internal

Committers: 2

v7.25.2 (2024-07-30)

:bug: Bug Fix

Committers: 2

v7.25.1 (2024-07-28)

:bug: Bug Fix

  • babel-plugin-transform-function-name
  • babel-plugin-transform-react-constant-elements
    • #16582 fix plugin-transform-react-constant-elements transform JSXFrament but not add JSXExpressionContainer (@​keiseiTi)
  • babel-traverse

:house: Internal

Committers: 4

v7.25.0 (2024-07-26)

Thanks @​davidtaylorhq and @​slatereax for your first PR!

You can find the release blog post with some highlights at https://babeljs.io/blog/2024/07/26/7.25.0.

:eyeglasses: Spec Compliance

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.25.3 (2024-07-31)

:bug: Bug Fix

  • babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-traverse

:house: Internal

v7.25.2 (2024-07-30)

:bug: Bug Fix

v7.25.1 (2024-07-28)

:bug: Bug Fix

  • babel-plugin-transform-function-name
  • babel-plugin-transform-react-constant-elements
    • #16582 fix plugin-transform-react-constant-elements transform JSXFrament but not add JSXExpressionContainer (@​keiseiTi)
  • babel-traverse

:house: Internal

v7.25.0 (2024-07-26)

:eyeglasses: Spec Compliance

  • babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3
  • babel-plugin-transform-typescript
    • #16602 Ensure enum members syntactically determinable to be strings do not get reverse mappings (@​liuxingbaoyu)

:rocket: New Feature

  • babel-helper-create-class-features-plugin, babel-helper-function-name, babel-helper-plugin-utils, babel-helper-wrap-function, babel-plugin-bugfix-safari-class-field-initializer-scope, babel-plugin-bugfix-safari-id-destructuring-collision-in-function-expression, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-preset-env, babel-traverse, babel-types
  • babel-helper-hoist-variables, babel-helper-plugin-utils, babel-plugin-proposal-async-do-expressions, babel-plugin-transform-modules-systemjs, babel-traverse
  • babel-helper-create-class-features-plugin, babel-helper-module-transforms, babel-helper-plugin-utils, babel-helper-split-export-declaration, babel-plugin-transform-classes, babel-traverse, babel-types
  • babel-helper-create-class-features-plugin, babel-helper-environment-visitor, babel-helper-module-transforms, babel-helper-plugin-utils, babel-helper-remap-async-to-generator, babel-helper-replace-supers, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-plugin-bugfix-v8-static-class-fields-redefine-readonly, babel-plugin-transform-async-generator-functions, babel-plugin-transform-classes, babel-traverse
  • babel-core, babel-parser
  • babel-compat-data, babel-plugin-bugfix-safari-class-field-initializer-scope, babel-preset-env
  • babel-plugin-transform-block-scoping, babel-traverse, babel-types
  • babel-helper-import-to-platform-api, babel-plugin-proposal-json-modules

... (truncated)

Commits

Updates app-builder-lib from 23.6.0 to 24.13.3

Release notes

Sourced from app-builder-lib's releases.

v24.13.3

What's Changed

New Contributors

Full Changelog: https://github.com/electron-userland/electron-builder/compare/v24.13.2...v24.13.3

v24.13.2

What's Changed

Full Changelog: https://github.com/electron-userland/electron-builder/compare/v24.13.1...v24.13.2

v24.13.1

What's Changed

Full Changelog: https://github.com/electron-userland/electron-builder/compare/v24.13.0...v24.13.1

v24.13.0

What's Changed

dependabot[bot] avatar Aug 10 '24 18:08 dependabot[bot]

Dependabot couldn't find a package.json. Because of this, Dependabot cannot update this pull request.

dependabot[bot] avatar Sep 05 '24 12:09 dependabot[bot]