Bump loader-utils and @grafana/toolkit

[dependabot[bot]]

Bumps loader-utils to 2.0.4 and updates ancestor dependency @grafana/toolkit. These dependencies need to be updated together.

Updates loader-utils from 0.2.17 to 2.0.4

Release notes

Sourced from loader-utils's releases.

v2.0.4

2.0.4 (2022-11-11)

Bug Fixes

• ReDoS problem (#225) (ac09944)

v2.0.3

2.0.3 (2022-10-20)

Bug Fixes

• security: prototype pollution exploit (#217) (a93cf6f)

v2.0.2

2.0.2 (2021-11-04)

Bug Fixes

• base64 generation and unicode characters (#197) (8c2d24e)

v2.0.1

2.0.1 (2021-10-29)

Bug Fixes

• md4 support on Node.js v17 (#193) (1069f61)

v2.0.0

2.0.0 (2020-03-17)

⚠ BREAKING CHANGES

• minimum required Node.js version is 8.9.0 (#166) (c937e8c)
• the getOptions method returns empty object on empty query (#167) (b595cfb)
• Use md4 by default

v1.4.2

1.4.2 (2022-11-11)

Bug Fixes

• ReDoS problem (#226) (17cbf8f)

... (truncated)

Changelog

Sourced from loader-utils's changelog.

2.0.4 (2022-11-11)

Bug Fixes

• ReDoS problem (#225) (ac09944)

2.0.3 (2022-10-20)

Bug Fixes

• security: prototype pollution exploit (#217) (a93cf6f)

2.0.2 (2021-11-04)

Bug Fixes

• base64 generation and unicode characters (#197) (8c2d24e)

2.0.1 (2021-10-29)

Bug Fixes

• md4 support on Node.js v17 (#193) (1069f61)

2.0.0 (2020-03-17)

⚠ BREAKING CHANGES

• minimum required Node.js version is 8.9.0 (#166) (c937e8c)
• the getOptions method returns empty object on empty query (#167) (b595cfb)
• Use md4 by default

1.4.0 (2020-02-19)

Features

• the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

1.3.0 (2020-02-19)

... (truncated)

Commits

• 6688b50 chore(release): 2.0.4
• ac09944 fix: ReDoS problem (#225)
• 7162619 chore(release): 2.0.3
• a93cf6f fix(security): prototype polution exploit (#217)
• 90c7c4b chore(release): 2.0.2
• 8c2d24e fix: base64 generation and unicode characters (#197)
• 5fb5562 chore(release): 2.0.1
• 1069f61 fix: md4 support on Node.js v17 (#193)
• d9f4e23 chore(release): 2.0.0
• 865dc03 refactor: switch to md4 by default (#168)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by evilebottnawi, a new releaser for loader-utils since your current version.

Updates @grafana/toolkit from 7.3.5 to 9.2.4

Release notes

Sourced from @​grafana/toolkit's releases.

9.2.4 (2022-11-07)

Download page What's new highlights

Features and enhancements

• Access Control: Add an endpoint for setting several managed resource permissions. #57893, @​IevaVasiljeva
• Accessibility: Increase Select placeholder contrast to be WCAG AA compliant. #58034, @​ashharrison90
• Alerting: Append org ID to alert notification URLs. #57123, @​neel1996
• Alerting: Make the Grouped view the default one for Rules. #58271, @​VikaCep
• Build: Remove unnecessary alpine package updates. #58005, @​DanCech
• Chore: Upgrade Go to 1.19.3. #58052, @​sakjur
• Google Cloud Monitoring: Set frame interval to draw null values. #57768, @​andresmgot
• Instrumentation: Expose when the binary was built as a gauge. #57951, @​bergquist
• Loki: Preserve X-ID-Token header. #57878, @​siiimooon
• Search: Reduce requests in folder view. #55876, @​mvsousa
• TimeSeries: More thorough detection of negative values for auto-stacking direction. #57863, @​leeoniya

Bug fixes

• Alerting: Attempt to preserve UID from migrated legacy channel. #57639, @​alexweav
• Alerting: Fix response is not returned for invalid Duration in Provisioning API. #58046, @​grobinson-grafana
• Alerting: Fix screenshot is not taken for stale series. #57982, @​grobinson-grafana
• Auth: Fix admins not seeing pending invites. #58217, @​joshhunt
• MSSQL/Postgres: Fix visual query editor filter disappearing. #58248, @​zoltanbedi
• Tempo: Fix dropdown issue on tag field focus. #57616, @​xiyu95
• Timeseries: Fix null pointer when matching fill below to field. #58030, @​mdvictor

Plugin development fixes & changes

• Toolkit: Fix Webpack less-loader config. #57950, @​dessen-xu

9.2.3 (2022-10-31)

Download page What's new highlights

Features and enhancements

• Docs: Add information about DB version support to upgrade guide. #57643, @​joeblubaugh
• Footer: Update footer release notes link to Github changelog. #57871, @​joshhunt
• Prometheus: Do not drop errors in streaming parser. #57698, @​kylebrandt
• Prometheus: Flavor/version configuration. #57554, @​gtk-grafana
• Prometheus: Provide label values match parameter API when supported prometheus instance is configured. #57553, @​gtk-grafana
• Security: Upgrade x/text to version unaffected by CVE-2022-32149. #57797, @​yong-jie-gong

... (truncated)

Changelog

Sourced from @​grafana/toolkit's changelog.

9.2.4 (2022-11-07)

Features and enhancements

• Access Control: Add an endpoint for setting several managed resource permissions. #57893, @​IevaVasiljeva
• Accessibility: Increase Select placeholder contrast to be WCAG AA compliant. #58034, @​ashharrison90
• Alerting: Append org ID to alert notification URLs. #57123, @​neel1996
• Alerting: Make the Grouped view the default one for Rules. #58271, @​VikaCep
• Build: Remove unnecessary alpine package updates. #58005, @​DanCech
• Chore: Upgrade Go to 1.19.3. #58052, @​sakjur
• Google Cloud Monitoring: Set frame interval to draw null values. #57768, @​andresmgot
• Instrumentation: Expose when the binary was built as a gauge. #57951, @​bergquist
• Loki: Preserve X-ID-Token header. #57878, @​siiimooon
• Search: Reduce requests in folder view. #55876, @​mvsousa
• TimeSeries: More thorough detection of negative values for auto-stacking direction. #57863, @​leeoniya

Bug fixes

• Alerting: Attempt to preserve UID from migrated legacy channel. #57639, @​alexweav
• Alerting: Fix response is not returned for invalid Duration in Provisioning API. #58046, @​grobinson-grafana
• Alerting: Fix screenshot is not taken for stale series. #57982, @​grobinson-grafana
• Auth: Fix admins not seeing pending invites. #58217, @​joshhunt
• MSSQL/Postgres: Fix visual query editor filter disappearing. #58248, @​zoltanbedi
• Tempo: Fix dropdown issue on tag field focus. #57616, @​xiyu95
• Timeseries: Fix null pointer when matching fill below to field. #58030, @​mdvictor

Plugin development fixes & changes

• Toolkit: Fix Webpack less-loader config. #57950, @​dessen-xu

9.2.3 (2022-10-31)

Features and enhancements

• Docs: Add information about DB version support to upgrade guide. #57643, @​joeblubaugh
• Footer: Update footer release notes link to Github changelog. #57871, @​joshhunt
• Prometheus: Do not drop errors in streaming parser. #57698, @​kylebrandt
• Prometheus: Flavor/version configuration. #57554, @​gtk-grafana
• Prometheus: Provide label values match parameter API when supported prometheus instance is configured. #57553, @​gtk-grafana
• Security: Upgrade x/text to version unaffected by CVE-2022-32149. #57797, @​yong-jie-gong

Bug fixes

• Access control: Fix a bug with argument order for data source managed permission updates. (Enterprise)
• Auth: Fix GF_AUTH_JWT_URL_LOGIN env variable doesn't work. #57689, @​Jguer
• Live: Explicitly reply with http 200. #57428, @​sh0rez
• Prometheus: Fix builder operation mode changing multiselect to single select behaviour. #57780, @​itsmylife

... (truncated)

Commits

• 7ca5c22 Toolkit: Fix Webpack less-loader config (#57950) (#58175)
• 6c027cc "Release: Updated versions in package to 9.2.4" (#57958)
• e0e74ea [v9.2.x] Chore: Fix vulnerabilities in webpack loader-utils (#57753)
• b3a4621 "Release: Updated versions in package to 9.2.3" (#57605)
• 02b1030 "Release: Updated versions in package to 9.2.2" (#57181)
• 98dfb42 Toolkit: Fix Cannot use "import statement outside" error in tests (#57071) (#...
• 020494f Toolkit: Put back publishConfig access public (#55983) (#55986)
• 50a5930 Toolkit: Fix script failures due to missing import paths (#55857) (#55981)
• 3931787 "Release: Updated versions in package to 9.2.0-beta.1" (#55787)
• 4c7732a Chore: Upgrade Typescript to 4.8.2 (#54901)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.