A Vue.js wrapper for the beautiful date-range picker made by the Baremetrics team.

Last update: Oct 18, 2022

Related tags

Overview

Vue Baremetrics Calendar

A Vue.js wrapper for the beautiful date-range picker made by the Baremetrics team.

The Vue-Baremetrics date range picker is a simplified solution for selecting both date ranges and single dates all from a single calender view. With a revamped minimalistic redesign.

Redesigned and Wrapped for Vue.js by Divyansh Tripathi

View a demo

NPM Package

Installation

npm i --save vue2-baremetrics-calendar

Usage

Global Usage

Global Registeration via Vue.use() method.

h(App) }).$mount("#app");">

// main.js
import Vue from "vue";
import App from "./App.vue";
import router from "./router";
// import the plugin
import Calendar from "vue2-baremetrics-calendar";

Vue.config.productionTip = false;

// use the plugin
Vue.use(Calendar);

new Vue({
  router,
  render: h => h(App)
}).$mount("#app");

Once registered you can use the component in its default settings with as follows:-

<Calendar
  type="double"
  @rangeEdit="processDateRange()"
  elementName="doubleRangePicker"
/>

<Calendar
  type="single"
  @dateEdit="processDate()"
  elementName="singleRangePicker"
/>

REMEMBER elementName is the only required prop and it should be different for each datepicker in your component

<template>
  <div id="app">
    <Calendar
      @rangeEdit="processOutput"
      type="double"
      elementName="otherRangePicker"
    />

    <Calendar
      @dateEdit="processOutput"
      type="single"
      elementName="primaryRangePicker"
    />
  div>
template>

<script>
  import Calendar from "./components/Calendar";
  export default {
    components: {
      Calendar
    },
    methods: {
      processOutput(output) {
        console.log(output);
      }
    }
  };
script>

Events Emitted -

Name	Type	Output	Description
`dateEdit`	double	[Timestamp(begin), Timestamp(end)]	Array of start date and end date
`dateEdit`	single	Timestamp	Selected date Timestamp

Base Calendar Props

elementName *required [string]
- DOM object of the calendar div you're working on
earliest_date [date YYYY-MM-DD]
- The earliest date to show in the calendar
latest_date [date YYYY-MM-DD]
- The latest date to show in the calendar

format [object]

Object containing formatting strings for.. you guessed it.. formatting your dates

  format: {
    input: 'MMMM D, YYYY', // Format for the input fields
    jump_month: 'MMMM', // Format for the month switcher
    jump_year: 'YYYY' // Format for the year switcher
  }

days_array [array]
- Array of the 7 strings you'd like to represent your days in the calendar
```
days_array: ["S", "M", "T", "W", "T", "F", "S"];
```

Single Calendar Props

current_date [date YYYY-MM-DD]
- The date to start the calendar on
required [boolean]
- Toggle if this field must have always have a valid selected date
placeholder [string]
- Set placeholder text (note this will only apply if the required key is set to false). The default will be whatever moment date format you're using. (i.e. 'M/D/YYYY')

Double Calendar Props

start_date [date YYYY-MM-DD]
- The date to start the selection on for the calendar
end_date [date YYYY-MM-DD]
- The date to end the selection on for the calendar
same_day_range [boolean]
- Allow a range selection of a single day
format [preset key in format object] // see above
- The double calendar adds the preset key to the format object for formatting the preset dates in the preset dropdown

presets [boolean] or [object]

If you don't want to show the preset link just set this to false otherwise the default is true which will just give you a basic preset of.. yep.. presets. BOOM!
Otherwise, if you want to customize it up you can include an array of preset objects. Something like:

presets: [
  {
    label: "Last month",
    start: moment()
      .subtract(1, "month")
      .startOf("month"),
    end: moment()
      .subtract(1, "month")
      .endOf("month")
  },
  {
    label: "Last year",
    start: moment()
      .subtract(1, "year")
      .startOf("year"),
    end: moment()
      .subtract(1, "year")
      .endOf("year")
  }
];

Comments

start_date and end_date not working on double picker

I am using the props start_date and end_date on a double picker but it still only shows the default selected range. I can see using Vue Dev Tools that the prop is set, but it's also set in the data function to the default range. Any ideas how I can overcome this?

opened by karlmonson 2
Bump moment from 2.24.0 to 2.29.2
Bumps moment from 2.24.0 to 2.29.2.

Changelog

Sourced from moment's changelog.

2.29.2 See full changelog

Release Apr 3 2022

Address https://github.com/advisories/GHSA-8hfj-j24r-96c4

2.29.1 See full changelog

Release Oct 6, 2020

Updated deprecation message, bugfix in hi locale

2.29.0 See full changelog

Release Sept 22, 2020

New locales (es-mx, bn-bd). Minor bugfixes and locale improvements. More tests. Moment is in maintenance mode. Read more at this link: https://momentjs.com/docs/#/-project-status/

2.28.0 See full changelog

Release Sept 13, 2020

Fix bug where .format() modifies original instance, and locale updates

2.27.0 See full changelog

Release June 18, 2020

Added Turkmen locale, other locale improvements, slight TypeScript fixes

2.26.0 See full changelog

Release May 19, 2020

TypeScript fixes and many locale improvements

2.25.3

Release May 4, 2020

Remove package.json module property. It looks like webpack behaves differently for modules loaded via module vs jsnext:main.

2.25.2

Release May 4, 2020

... (truncated)

Commits

75e2ac5 Build 2.29.2

5a29877 Bump version to 2.29.2

4fd847b Update changelog for 2.29.2

4211bfc [bugfix] Avoid loading path-looking locales from fs

f2a813a [misc] Fix indentation (according to prettier)

7a10de8 [test] Avoid hours around DST

e968092 [locale] ar-ly: fix locale name (#5828)

53d7ee6 [misc] fix builds (#5836)

52019f1 [misc] Specify length of toArray return type (#5766)

0dcaaa6 [locale] tr: update translation of Monday and Saturday (#5756)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 1
Bump url-parse from 1.4.7 to 1.5.7
Bumps url-parse from 1.4.7 to 1.5.7.

Commits

8b3f5f2 1.5.7

ef45a13 [fix] Readd the empty userinfo to url.href (#226)

88df234 [doc] Add soft deprecation notice

78e9f2f [security] Fix nits

e6fa434 [security] Add credits for incorrect handling of userinfo vulnerability

4c9fa23 1.5.6

7b0b8a6 Merge pull request #223 from unshiftio/fix/at-sign-handling-in-userinfo

e4a5807 1.5.5

193b44b [minor] Simplify whitespace regex

319851b [fix] Remove CR, HT, and LF

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 1
Bump follow-redirects from 1.9.0 to 1.14.7
Bumps follow-redirects from 1.9.0 to 1.14.7.

Commits

2ede36d Release version 1.14.7 of the npm package.

8b347cb Drop Cookie header across domains.

6f5029a Release version 1.14.6 of the npm package.

af706be Ignore null headers.

d01ab7a Release version 1.14.5 of the npm package.

40052ea Make compatible with Node 17.

86f7572 Fix: clear internal timer on request abort to avoid leakage

2e1eaf0 Keep Authorization header on subdomain redirects.

2ad9e82 Carry over Host header on relative redirects (#172)

77e2a58 Release version 1.14.4 of the npm package.

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 1
Bump url-parse from 1.4.7 to 1.5.3
Bumps url-parse from 1.4.7 to 1.5.3.

Commits

ad44493 [dist] 1.5.3

c798461 [fix] Fix host parsing for file URLs (#210)

201034b [dist] 1.5.2

2d9ac2c [fix] Sanitize only special URLs (#209)

fb128af [fix] Use 'null' as origin for non special URLs

fed6d9e [fix] Add a leading slash only if the URL is special

94872e7 [fix] Do not incorrectly set the slashes property to true

81ab967 [fix] Ignore slashes after the protocol for special URLs

ee22050 [ci] Use GitHub Actions

d2979b5 [fix] Special case the file: protocol (#204)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 1
Bump url-parse from 1.4.7 to 1.5.1
Bumps url-parse from 1.4.7 to 1.5.1.

Commits

eb6d9f5 [dist] 1.5.1

750d8e8 [fix] Fixes relative path resolving #199 #200 (#201)

3ac7774 [test] Make test consistent for browser testing

267a0c6 [dist] 1.5.0

d1e7e88 [security] More backslash fixes (#197)

d99bf4c [ignore] Remove npm-debug.log from .gitignore

422c8b5 [pkg] Replace nyc with c8

933809d [pkg] Move coveralls to dev dependencies

190b216 [pkg] Add .npmrc

ce3783f [test] Do not test on all available versions of Edge and Safari

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 1
Bump highlight.js from 9.15.10 to 9.18.5
Bumps highlight.js from 9.15.10 to 9.18.5.

Release notes

Sourced from highlight.js's releases.

10.3.2 - Oops, "Javascript".

Tiny tiny release, just to fix the website incorrectly not listing Javascript in the list of languages you could choose for a custom build. NPM and CDN build should not have been affected so 10.3.1 is effectively the same as 10.3.2 for those builds.

If you made a custom build from the website with 10.3 or 10.3.1 you may want to check and make sure it includes Javascript, and if not, build it again.

9.18.1 - Brrrrr, it’s freezing.

Quick release to resolve #2375

Changelog

Sourced from highlight.js's changelog.

Release v9.18.5

Version 9 has reached end-of-support and will not receive future updates or fixes.

Please see VERSION_10_UPGRADE.md and perhaps SECURITY.md.

enh: Post-install script can be disabled with HLJS_HIDE_UPGRADE_WARNING=yes

fix: Deprecation notice logged at library startup a console.log vs console.warn.

Notice only shown if actually highlighting code, not just requiring the library.

Node.js treats warn the same as error and that was problematic.

You (or perhaps your indirect dependency) may disable the notice with the hideUpgradeWarningAcceptNoSupportOrSecurityUpdates option

You can also set HLJS_HIDE_UPGRADE_WARNING=yes in your envionment to disable the warning

Example:

hljs.configure({ hideUpgradeWarningAcceptNoSupportOrSecurityUpdates: true })

Reference: highlightjs/highlight.js#2877

Release v9.18.4

Version 9 has reached end-of-support and will not receive future updates or fixes.

Please see VERSION_10_UPGRADE.md and perhaps SECURITY.md.

fix(livescript) fix potential catastrophic backtracking (#2852) [commit]

Version 9.18.3

fix(parser) Freezing issue with illegal 0 width illegals (#2524)

backported from v10.x

Version 9.18.2

Fixes:

fix(night) Prevent object prototype values from being returned by getLanguage (#2636) night

... (truncated)

Commits

f54e96c 9.18.5

c34318b fix the link since i saw it

d2e9bdd include date of last release

f5e0645 typos and tweaks

2e0e8ee changelog

dc45f7c fix(livescript) fix potential catastrophic backtracking

0a2624a update readme

d571b23 add warning

ec0bfd5 9.18.4

2a04835 bump v9.18.3

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump http-proxy from 1.17.0 to 1.18.1
Bumps http-proxy from 1.17.0 to 1.18.1.

Changelog

Sourced from http-proxy's changelog.

v1.18.1 - 2020-05-17

Merged

Skip sending the proxyReq event when the expect header is present [#1447](https://github.com/http-party/node-http-proxy/issues/1447)

Remove node6 support, add node12 to build [#1397](https://github.com/http-party/node-http-proxy/issues/1397)

1.18.0 - 2019-09-18

Merged

Added in auto-changelog module set to keepachangelog format [#1373](https://github.com/http-party/node-http-proxy/issues/1373)

fix 'Modify Response' readme section to avoid unnecessary array copying [#1300](https://github.com/http-party/node-http-proxy/issues/1300)

Fix incorrect target name for reverse proxy example [#1135](https://github.com/http-party/node-http-proxy/issues/1135)

Fix modify response middleware example [#1139](https://github.com/http-party/node-http-proxy/issues/1139)

[dist] Update dependency async to v3 [#1359](https://github.com/http-party/node-http-proxy/issues/1359)

Fix path to local http-proxy in examples. [#1072](https://github.com/http-party/node-http-proxy/issues/1072)

fix reverse-proxy example require path [#1067](https://github.com/http-party/node-http-proxy/issues/1067)

Update README.md [#970](https://github.com/http-party/node-http-proxy/issues/970)

[dist] Update dependency request to ~2.88.0 [SECURITY] [#1357](https://github.com/http-party/node-http-proxy/issues/1357)

[dist] Update dependency eventemitter3 to v4 [#1365](https://github.com/http-party/node-http-proxy/issues/1365)

[dist] Update dependency colors to v1 [#1360](https://github.com/http-party/node-http-proxy/issues/1360)

[dist] Update all non-major dependencies [#1356](https://github.com/http-party/node-http-proxy/issues/1356)

[dist] Update dependency agentkeepalive to v4 [#1358](https://github.com/http-party/node-http-proxy/issues/1358)

[dist] Update dependency nyc to v14 [#1367](https://github.com/http-party/node-http-proxy/issues/1367)

[dist] Update dependency concat-stream to v2 [#1363](https://github.com/http-party/node-http-proxy/issues/1363)

x-forwarded-host overwrite for mutli level proxies [#1267](https://github.com/http-party/node-http-proxy/issues/1267)

[refactor doc] Complete rename to http-party org. [#1362](https://github.com/http-party/node-http-proxy/issues/1362)

Highlight correct lines for createProxyServer [#1117](https://github.com/http-party/node-http-proxy/issues/1117)

Fix docs for rewrite options - 201 also handled [#1147](https://github.com/http-party/node-http-proxy/issues/1147)

Update .nyc_output [#1339](https://github.com/http-party/node-http-proxy/issues/1339)

Configure Renovate [#1355](https://github.com/http-party/node-http-proxy/issues/1355)

[examples] Restream body before proxying, support for Content-Type of application/x-www-form-urlencoded [#1264](https://github.com/http-party/node-http-proxy/issues/1264)

Commits

[dist] New test fixtures. 7e4a0e5

[dist] End of an era. a9b09cc

[dist] Version bump. 1.18.0 9bbe486

[fix] Latest versions. 59c4403

[fix test] Update tests. dd1d08b

[dist] Update dependency ws to v3 [SECURITY] b00911c

[dist] .gitattributes all the things. fc93520

[dist] Regenerate package-lock.json. 16d4f8a

Commits

9b96cd7 1.18.1

335aeeb Skip sending the proxyReq event when the expect header is present (#1447)

dba3966 Remove node6 support, add node12 to build (#1397)

9bbe486 [dist] Version bump. 1.18.0

6e4bef4 Added in auto-changelog module set to keepachangelog format (#1373)

d056241 fix 'Modify Response' readme section to avoid unnecessary array copying (#1300)

244303b Fix incorrect target name for reverse proxy example (#1135)

b4028ba Fix modify response middleware example (#1139)

77a9815 [dist] Update dependency async to v3 (#1359)

c662f9e Fix path to local http-proxy in examples. (#1072)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0

Bump node-sass from 4.12.0 to 4.13.1

Bumps node-sass from 4.12.0 to 4.13.1.

Release notes

Sourced from node-sass's releases.

v4.13.1

Community

Fix render example syntax (@ZoranPandovski , #2787)

Fix sourceMap option inconsistencies (@saper , #2394)

Fix possible crash in customer importer (@xzyfer, #2816)

Supported Environments

OS Architecture Node

Windows x86 & x64 0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13

OSX x64 0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13

Linux* x86 & x64 0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8**, 9**, 10**^, 11**^, 12**^, 13**^

Alpine Linux x64 6, 8, 10, 11, 12, 13

FreeBSD i386 amd64 8, 10, 12, 13

*Linux support refers to Ubuntu, Debian, and CentOS 5+ ** Not available on CentOS 5 ^ Only available on x64

v4.13.0

Features

Node 13 support (@saper, #2766 #2767)

Community

Fix broken link to NodeJS docs in README.md (@schwigri, #2753)

Assorted typo fixes (@XhmikosR , #2726)

Remove PR template (@nschonni)

Remove sudo settings from .travis.yml (@abetomo, #2673)

Add note in PR template about node-gyp 4.0 (@nschonni)

Change note about Node 12 support (@nschonni)

Dependencies

[email protected]^4.17.15 (@kessenich, #2574)

Supported Environments

OS Architecture Node

Windows x86 & x64 0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13

OSX x64 0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13

Linux* x86 & x64 0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8**, 9**, 10**^, 11**^, 12**^, 13**^

Alpine Linux x64 6, 8, 10, 11, 12, 13

FreeBSD i386 amd64 6, 8, 10, 12, 13

*Linux support refers to Ubuntu, Debian, and CentOS 5+

OS	Architecture	Node
Windows	x86 & x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13
OSX	x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13
Linux*	x86 & x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10^, 11^, 12^, 13^
Alpine Linux	x64	6, 8, 10, 11, 12, 13
FreeBSD	i386 amd64	8, 10, 12, 13

OS	Architecture	Node
Windows	x86 & x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13
OSX	x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13
Linux*	x86 & x64	0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10^, 11^, 12^, 13^
Alpine Linux	x64	6, 8, 10, 11, 12, 13
FreeBSD	i386 amd64	6, 8, 10, 12, 13

Changelog

Sourced from node-sass's changelog.

v4.13.1

https://github.com/sass/node-sass/releases/tag/v4.13.1

v4.13.0

https://github.com/sass/node-sass/releases/tag/v4.13.0

Commits

01db051 4.13.1
338fd7a Merge pull request from GHSA-f6rp-gv58-9cw3
c6f2e5a doc: README example fix (#2787)
fbc9ff5 Merge pull request #2754 from saper/no-map-if-not-requested
60fad5f 4.13.0
43db915 Merge pull request #2768 from sass/release-4-13
0c8d308 Update references for v4.13 release
f1cc0d3 Use GCC 6 for Node 12 binaries (#2767)
3838eae Use GCC 6 for Node 12 binaries
e84c6a9 Merge pull request #2766 from saper/node-modules-79
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies

opened by dependabot[bot] 0

Bump elliptic from 6.5.1 to 6.5.3
Bumps elliptic from 6.5.1 to 6.5.3.

Commits

8647803 6.5.3

856fe4d signature: prevent malleability and overflows

6048941 6.5.2

9984964 package: bump dependencies

ec735ed utils: leak less information in getNAF()

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump lodash from 4.17.15 to 4.17.19
⚠️ Dependabot is rebasing this PR ⚠️

If you make any changes to it yourself then they will take precedence over the rebase.

Bumps lodash from 4.17.15 to 4.17.19.

Release notes

Sourced from lodash's releases.

4.17.16

Commits

d7fbc52 Bump to v4.17.19

2e1c0f2 Add npm-package

1b6c282 Bump to v4.17.18

a370ac8 Bump to v4.17.17

1144918 Rebuild lodash and docs

3a3b0fd Bump to v4.17.16

c84fe82 fix(zipObjectDeep): prototype pollution (#4759)

e7b28ea Sanitize sourceURL so it cannot affect evaled code (#4518)

0cec225 Fix lodash.isEqual for circular references (#4320) (#4515)

94c3a81 Document matches* shorthands for over* methods (#4510) (#4514)

Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by mathias, a new releaser for lodash since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump express from 4.17.1 to 4.18.2
Bumps express from 4.17.1 to 4.18.2.

Release notes

Sourced from express's releases.

4.18.2

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1

Fix hanging on large stack of sync routes

4.18.0

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

Invoke default with same arguments as types in res.format

Support proper 205 responses using res.send

Use http-errors for res.format error

deps: [email protected]

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

Add priority option

Fix expires option to reject invalid dates

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

Remove set content headers that break response

deps: [email protected]

deps: [email protected]

deps: [email protected]

Prevent loss of async hooks context

deps: [email protected]

deps: [email protected]

Fix emitted 416 error missing headers property

Limit the headers removed for 304 response

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

... (truncated)

Changelog

Sourced from express's changelog.

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1 / 2022-04-29

Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

Invoke default with same arguments as types in res.format

Support proper 205 responses using res.send

Use http-errors for res.format error

deps: [email protected]

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

Add priority option

Fix expires option to reject invalid dates

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

Remove set content headers that break response

deps: [email protected]

deps: [email protected]

deps: [email protected]

Prevent loss of async hooks context

deps: [email protected]

deps: [email protected]

... (truncated)

Commits

8368dc1 4.18.2

61f4049 docs: replace Freenode with Libera Chat

bb7907b build: [email protected]

f56ce73 build: [email protected]

24b3dc5 deps: [email protected]

689d175 deps: [email protected]

340be0f build: [email protected]

33e8dc3 docs: use Node.js name style

644f646 build: [email protected]

ecd7572 build: [email protected]

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump qs from 6.5.2 to 6.5.3
Bumps qs from 6.5.2 to 6.5.3.

Changelog

Sourced from qs's changelog.

6.5.3

[Fix] parse: ignore __proto__ keys (#428)

[Fix] utils.merge: avoid a crash with a null target and a truthy non-array source

[Fix] correctly parse nested arrays

[Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)

[Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided

[Fix] when parseArrays is false, properly handle keys ending in []

[Fix] fix for an impossible situation: when the formatter is called with a non-string value

[Fix] utils.merge: avoid a crash with a null target and an array source

[Refactor] utils: reduce observable [[Get]]s

[Refactor] use cached Array.isArray

[Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)

[Refactor] parse: only need to reassign the var once

[Robustness] stringify: avoid relying on a global undefined (#427)

[readme] remove travis badge; add github actions/codecov badges; update URLs

[Docs] Clean up license text so it’s properly detected as BSD-3-Clause

[Docs] Clarify the need for "arrayLimit" option

[meta] fix README.md (#399)

[meta] add FUNDING.yml

[actions] backport actions from main

[Tests] always use String(x) over x.toString()

[Tests] remove nonexistent tape option

[Dev Deps] backport from main

Commits

298bfa5 v6.5.3

ed0f5dc [Fix] parse: ignore __proto__ keys (#428)

691e739 [Robustness] stringify: avoid relying on a global undefined (#427)

1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs

12ac1c4 [meta] fix README.md (#399)

0338716 [actions] backport actions from main

5639c20 Clean up license text so it’s properly detected as BSD-3-Clause

51b8a0b add FUNDING.yml

45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...

f814a7f [Dev Deps] backport from main

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump decode-uri-component from 0.2.0 to 0.2.2
Bumps decode-uri-component from 0.2.0 to 0.2.2.

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

Prevent overwriting previously decoded tokens 980e0bf

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

v0.2.1

Switch to GitHub workflows 76abc93

Fix issue where decode throws - fixes #6 746ca5d

Update license (#1) 486d7e2

Tidelift tasks a650457

Meta tweaks 66e1c28

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

Commits

a0eea46 0.2.2

980e0bf Prevent overwriting previously decoded tokens

3c8a373 0.2.1

76abc93 Switch to GitHub workflows

746ca5d Fix issue where decode throws - fixes #6

486d7e2 Update license (#1)

a650457 Tidelift tasks

66e1c28 Meta tweaks

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump loader-utils and @vue/cli-service
Bumps loader-utils to 1.4.2 and updates ancestor dependency @vue/cli-service. These dependencies need to be updated together.

Updates loader-utils from 1.2.3 to 1.4.2

Release notes

Sourced from loader-utils's releases.

v1.4.2

1.4.2 (2022-11-11)

Bug Fixes

ReDoS problem (#226) (17cbf8f)

v1.4.1

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

v1.4.0

1.4.0 (2020-02-19)

Features

the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

v1.3.0

1.3.0 (2020-02-19)

Features

support the [query] template for the interpolatedName method (#162) (469eeba)

Changelog

Sourced from loader-utils's changelog.

1.4.2 (2022-11-11)

Bug Fixes

ReDoS problem (#226) (17cbf8f)

1.4.1 (2022-11-07)

Bug Fixes

security problem (#220) (4504e34)

1.4.0 (2020-02-19)

Features

the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

1.3.0 (2020-02-19)

Features

support the [query] template for the interpolatedName method (#162) (469eeba)

Commits

331ad50 chore(release): 1.4.2

17cbf8f fix: ReDoS problem (#226)

8f082b3 chore(release): 1.4.1

4504e34 fix: security problem (#220)

d95b8b5 chore(release): 1.4.0

cd0e428 feat: the resourceQuery is passed to the interpolateName method (#163)

06d36cf chore(release): 1.3.0

469eeba feat: support the [query] template for the interpolatedName method (#162)

909c99d chore: funding.yml config and CI fix (#159)

b5b74f0 Set up CI with Azure Pipelines

Additional commits viewable in compare view

Updates @vue/cli-service from 3.11.0 to 5.0.8

Release notes

Sourced from @vue/cli-service's releases.

v5.0.8

:bug: Bug Fix

@vue/cli-service

0260e4d fix: add devServer.server.type to useHttps judgement (vuejs/vue-cli#7222)

@vue/cli-ui

07052c4 fix: Vue CLI UI graphql subscription server error, fixes vuejs/vue-cli#7221

v5.0.7

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

v5.0.6

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

v5.0.5

:bug: Bug Fix

@vue/cli

#7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

@vue/cli-plugin-e2e-cypress

[697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

v5.0.4

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

Andrei (@AndreiSoroka)

Haoqun Jiang (@sodatea)

v5.0.3

... (truncated)

Changelog

Sourced from @vue/cli-service's changelog.

5.0.7 (2022-07-05)

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

5.0.6 (2022-06-16)

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

5.0.5 (2022-06-16)

:bug: Bug Fix

@vue/cli

#7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

5.0.4 (2022-03-22)

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

... (truncated)

Commits

b154dbd v5.0.8

0260e4d fix: add devServer.server.type to useHttps judgement (#7222)

4a0655f v5.0.7

beffe8a fix: allow disabling progress plugin via devServer.client.progress

558dea2 fix: support devServer.server option, avoid deprecation warning

bddd64d fix: optimize the judgment on whether HTTPS has been set in options (#7202)

ef08a08 v5.0.6

fcf27e3 fixup! fix: compatibility with Vue 2.7

a648958 fix: compatibility with Vue 2.7

98c66c9 v5.0.5

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump @hapi/hoek from 8.2.4 to 8.5.1
Bumps @hapi/hoek from 8.2.4 to 8.5.1.

Commits

5bd73f6 8.5.1

4d0804b Backport #352. Closes #353

4ae5f53 8.5.0

83019b8 Add isPromise(). Closes #346

b9aa286 Add declaration

5dcbb9c 8.4.0

d898b06 Add TS utils. Closes #345

ea1741d 8.3.2

f6eb28d Improve clone() performance. Closes #344

8fa5664 8.3.1

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump terser from 4.3.1 to 4.8.1
Bumps terser from 4.3.1 to 4.8.1.

Changelog

Sourced from terser's changelog.

v4.8.1 (backport)

Security fix for RegExps that should not be evaluated (regexp DDOS)

v4.8.0

Support for numeric separators (million = 1_000_000) was added.

Assigning properties to a class is now assumed to be pure.

Fixed bug where yield wasn't considered a valid property key in generators.

v4.7.0

A bug was fixed where an arrow function would have the wrong size

arguments object is now considered safe to retrieve properties from (useful for length, or 0) even when pure_getters is not set.

Fixed erroneous const declarations without value (which is invalid) in some corner cases when using collapse_vars.

v4.6.13

Fixed issue where ES5 object properties were being turned into ES6 object properties due to more lax unicode rules.

Fixed parsing of BigInt with lowercase e in them.

v4.6.12

Fixed subtree comparison code, making it see that [1,[2, 3]] is different from [1, 2, [3]]

Printing of unicode identifiers has been improved

v4.6.11

Read unused classes' properties and method keys, to figure out if they use other variables.

Prevent inlining into block scopes when there are name collisions

Functions are no longer inlined into parameter defaults, because they live in their own special scope.

When inlining identity functions, take into account the fact they may be used to drop this in function calls.

Nullish coalescing operator (x ?? y), plus basic optimization for it.

Template literals in binary expressions such as + have been further optimized

v4.6.10

Do not use reduce_vars when classes are present

v4.6.9

Check if block scopes actually exist in blocks

v4.6.8

Take into account "executed bits" of classes like static properties or computed keys, when checking if a class evaluation might throw or have side effects.

v4.6.7

Some new performance gains through a AST_Node.size() method which measures a node's source code length without printing it to a string first.

... (truncated)

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0