xnhe
xnhe copied to clipboard
Bump json5, react-scripts, babel-loader and css-loader
Bumps json5 to 2.2.2 and updates ancestor dependencies json5, react-scripts, babel-loader and css-loader. These dependencies need to be updated together.
Updates json5
from 0.5.1 to 2.2.2
Release notes
Sourced from json5's releases.
v2.2.2
- Fix: Properties with the name
__proto__
are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).v2.2.1
- Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
v2.2.0
- New: Accurate and documented TypeScript declarations are now included. There is no need to install
@types/json5
. (#236, #244)v2.1.3 [code, diff]
v2.1.2
- Fix: Bump
minimist
tov1.2.5
. (#222)v2.1.1
- New:
package.json
andpackage.json5
include amodule
property so bundlers like webpack, rollup and parcel can take advantage of the ES Module build. (#208)- Fix:
stringify
outputs\0
as\\x00
when followed by a digit. (#210)- Fix: Spelling mistakes have been fixed. (#196)
v2.1.0
- New: The
index.mjs
andindex.min.mjs
browser builds in thedist
directory support ES6 modules. (#187)v2.0.1
- Fix: The browser builds in the
dist
directory support ES5. (#182)v2.0.0
Major: JSON5 officially supports Node.js v6 and later. Support for Node.js v4 has been dropped. Since Node.js v6 supports ES5 features, the code has been rewritten in native ES5, and the dependence on Babel has been eliminated.
New: Support for Unicode 10 has been added.
New: The test framework has been migrated from Mocha to Tap.
New: The browser build at
dist/index.js
is no longer minified by default. A minified version is available atdist/index.min.js
. (#181)Fix: The warning has been made clearer when line and paragraph separators are used in strings.
Fix:
package.json5
has been restored, and it is automatically generated and
... (truncated)
Changelog
Sourced from json5's changelog.
v2.2.2 [code, diff]
- Fix: Properties with the name
__proto__
are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).v2.2.1 [code, diff]
- Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)
v2.2.0 [code, diff]
- New: Accurate and documented TypeScript declarations are now included. There is no need to install
@types/json5
. (#236, #244)v2.1.3 [code, diff]
v2.1.2 [code, diff]
- Fix: Bump
minimist
tov1.2.5
. (#222)v2.1.1 [code, diff]
... (truncated)
Commits
14f8cb1
2.2.210cc7ca
docs: update CHANGELOG for v2.2.27774c10
fix: add proto to objects and arraysedde30a
Readme: slight tweak to intro97286f8
Improve example in readmed720b4f
Improve readme (e.g. explain JSON5 better!) (#291)910ce25
docs: fix spelling of Aseem2aab4dd
test: require tap as t in cli tests6d42686
test: remove mocha syntax from tests4798b9d
docs: update installation and usage for modules- Additional commits viewable in compare view
Updates react-scripts
from 1.0.17 to 5.0.1
Changelog
Sourced from react-scripts's changelog.
2.0.3 and Newer Versions
Please refer to CHANGELOG-2.x.md for the 2.x range, and https://github.com/facebook/create-react-app/blob/main/CHANGELOG.md for the newer versions.
1.1.5 (August 24, 2018)
react-scripts
- Update the
webpack-dev-server
dependency
react-dev-utils
Committers: 1
- Andrew Clark (acdlite)
Migrating from 1.1.4 to 1.1.5
Inside any created project that has not been ejected, run:
npm install --save --save-exact [email protected]
or
yarn add --exact [email protected]
1.1.4 (April 3, 2018)
:bug: Bug Fix
Committers: 1
- Joe Haddad (Timer)
Migrating from 1.1.3 to 1.1.4
Inside any created project that has not been ejected, run:
</tr></table>
... (truncated)
Commits
19fa58d
Publish9802941
fix: webpack noise printed only if error or warning (#12245)2eef1d0
Update templates to use React 18createRoot
(#12220)221e511
Publish5614c87
Add support for Tailwind (#11717)20edab4
fix(webpackDevServer): disable overlay for warnings (#11413)3afbbc0
Update all dependencies (#11624)f5467d5
feat(eslint-config-react-app): support ESLint 8.x (#11375)c7627ce
Update webpack and dev server (#11646)544befe
Update package.json (#11597)- Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by iansu, a new releaser for react-scripts since your current version.
Updates babel-loader
from 7.1.2 to 9.1.0
Release notes
Sourced from babel-loader's releases.
v9.1.0
New features
- Pass external dependencies from Babel to Webpack by
@nicolo-ribaudo
in babel/babel-loader#971Full Changelog: https://github.com/babel/babel-loader/compare/v9.0.1...v9.1.0
v9.0.1
Bug Fixes
- remove "node:" builtin prefix by
@JLHwung
in babel/babel-loader#970Full Changelog: https://github.com/babel/babel-loader/compare/v9.0.0...v9.0.1
v9.0.0
What's Changed
- update hash method mechanism so it doesn't fail on a fips enabled machine by
@darmbrust
in babel/babel-loader#939- Require babel ^7.12.0 and Node.js >= 14.15.0 versions by
@JLHwung
in babel/babel-loader#956- Remove dependency on loader-utils and drop webpack 4 support by
@nied
in babel/babel-loader#942New Contributors
@darmbrust
made their first contribution in babel/babel-loader#939@nied
made their first contribution in babel/babel-loader#942Full Changelog: https://github.com/babel/babel-loader/compare/v8.2.5...v9.0.0
v8.3.0
New features
- Pass external dependencies from Babel to Webpack by
@nicolo-ribaudo
in babel/babel-loader#971Full Changelog: https://github.com/babel/babel-loader/compare/v8.2.5...v8.3.0
v8.2.5
What's Changed
- fix: respect
inputSourceMap
loader option by@alan-agius4
in babel/babel-loader#896New Contributors
@alan-agius4
made their first contribution in babel/babel-loader#896Full Changelog: https://github.com/babel/babel-loader/compare/v8.2.4...v8.2.5
v8.2.4
What's Changed
- doc(README.md): fix a broken markdown link by
@loveDstyle
in babel/babel-loader#919- Bump loader-utils to 2.x by
@stianjensen
in babel/babel-loader#931- Use md5 hashing for OpenSSL 3 by
@pathmapper
in babel/babel-loader#924Thanks
@loveDstyle
,@stianjensen
and@pathmapper
for your first PRs!8.2.3
... (truncated)
Commits
15fbacf
9.1.06348e1c
Pass external dependencies from Babel to Webpack (#971)457b9ad
Update webpackf42ac9b
9.0.14f9c0bf
remove "node:" builtin prefix (#970)9ff288f
9.0.0006a3dc
Update README.mddaed88a
Update README.md0ed5fd6
Bump ini from 1.3.5 to 1.3.8 (#968)b1749e3
Bump y18n from 4.0.0 to 4.0.3 (#967)- Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by nicolo-ribaudo, a new releaser for babel-loader since your current version.
Updates css-loader
from 0.28.7 to 6.7.3
Release notes
Sourced from css-loader's releases.
v6.7.3
6.7.3 (2022-12-14)
Bug Fixes
v6.7.2
6.7.2 (2022-11-13)
Bug Fixes
v6.7.1
6.7.1 (2022-03-08)
Bug Fixes
v6.7.0
6.7.0 (2022-03-04)
Features
v6.6.0
6.6.0 (2022-02-02)
Features
- added the
hashStrategy
option (ca4abce)v6.5.1
6.5.1 (2021-11-03)
Bug Fixes
v6.5.0
... (truncated)
Changelog
Sourced from css-loader's changelog.
6.7.3 (2022-12-14)
Bug Fixes
6.7.2 (2022-11-13)
Bug Fixes
6.7.1 (2022-03-08)
Bug Fixes
6.7.0 (2022-03-04)
Features
6.6.0 (2022-02-02)
Features
- added the
hashStrategy
option (ca4abce)6.5.1 (2021-11-03)
Bug Fixes
6.5.0 (2021-10-26)
Features
... (truncated)
Commits
ef749f2
chore(release): 6.7.336fb945
chore: fix cspell962924c
fix: removesourceURL
from emitted CSS (#1487)3f3f302
chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2 (#1486)04ca713
chore: update dependencies to the latest version (#1485)9449827
chore: update styfle/cancel-workflow-action (#1484)6c67af8
chore: add cSpell to check spelling issues (#1482)239b9ac
chore(deps): bump loader-utils from 2.0.3 to 2.0.4 (#1481)394d200
chore(release): 6.7.22f4c273
fix: css modules generation with inline syntax (#1480)- Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by evilebottnawi, a new releaser for css-loader since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -
@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language -
@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language -
@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language -
@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.