Merge branch 'main' into cell-placeholder

.github/workflows/dependency-review.yml

@@ -0,0 +1,17 @@
+name: 'Dependency Review'
+on: [pull_request]
+
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Checkout Repository'
+        uses: actions/checkout@v4
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@v4
+        with:
+          comment-summary-in-pr: on-failure

.github/workflows/main.yml

@@ -58,11 +58,6 @@ jobs:
       # only informational so swallow error codes
       - run: npm outdated || exit 0
 
-      # Audit
-      - run: npm audit --only=prod
-      # https://github.com/ni/nimble/issues/801
-      # - run: npm audit --audit-level=critical
-
       # Build
       - run: npm run build
 

CONTRIBUTING.md

@@ -79,9 +79,9 @@ When generating a change file, follow these guidelines:
 2. Write a brief but useful description with Nimble clients in mind. If making a major (breaking) change, explain what clients need to do to adopt it. The description can be plain text or [markdown](https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax), with newlines specified via `\n` if needed.
 3. If you prefer not to expose your email address to the world, [configure GitHub to "Keep my email address private"](https://github.com/settings/emails) before generating the change file.
 
-### NPM audit
+### Dependency Review
 
-The repository runs [`npm audit`](https://docs.npmjs.com/cli/v8/commands/npm-audit) to prevent submissions if any dependencies have known vulnerabilities. This can occur during on a PR that introduces a new dependency version or on an unrelated PR if a vulnerability was recently reported on an existing dependency. If this check fails, our options include:
+The repository runs the [Dependency Review](https://github.com/actions/dependency-review-action) action to prevent submissions if any dependencies have known vulnerabilities. This can occur during on a PR that introduces a new dependency version or on an unrelated PR if a vulnerability was recently reported on an existing dependency. If this check fails, our options include:
 
 #### Vulnerabilities with fixes available
 
@@ -93,7 +93,7 @@ The repository runs [`npm audit`](https://docs.npmjs.com/cli/v8/commands/npm-aud
 If a fix for the vulnerability isn't available or if it isn't practical to uptake the fix, our options include:
 
 1. Remove the vulnerable dependency and find a different way to achieve the same functionality.
-2. Temporarily use a more lenient [audit level](https://docs.npmjs.com/cli/v8/commands/npm-audit#audit-level) for this repository (e.g. allowing `low` or `moderate` vulnerabilities). We should ensure there is an issue on the dependency's repository asking them to fix the vulnerability and also file an issue against this repository to track fixing the vulnerability and restoring strict auditing.
+2. Dismiss the alert in the [GitHub Security - Dependabot](https://github.com/ni/nimble/security/dependabot) dashboard, and document your rationale for doing so. We should ensure there is an issue on the dependency's repository asking them to fix the vulnerability and also file an issue against this repository to track fixing the vulnerability and restoring strict auditing.
 
 
 ### Chromatic visual component tests

angular-workspace/package.json

@@ -58,7 +58,7 @@
     "karma-jasmine": "^5.1.0",
     "karma-jasmine-html-reporter": "^2.0.0",
     "ng-packagr": "^15.2.2",
-    "playwright": "1.40.0",
+    "playwright": "1.42.0",
     "rollup": "^4.12.0",
     "typescript": "~4.9.5"
   }

angular-workspace/projects/ni/nimble-angular/CHANGELOG.json

@@ -1,6 +1,21 @@
 {
   "name": "@ni/nimble-angular",
   "entries": [
+    {
+      "date": "Mon, 25 Mar 2024 17:03:11 GMT",
+      "version": "20.5.3",
+      "tag": "@ni/nimble-angular_v20.5.3",
+      "comments": {
+        "patch": [
+          {
+            "author": "beachball",
+            "package": "@ni/nimble-angular",
+            "comment": "Bump @ni/nimble-components to v23.0.1",
+            "commit": "not available"
+          }
+        ]
+      }
+    },
     {
       "date": "Thu, 21 Mar 2024 17:13:38 GMT",
       "version": "20.5.2",

angular-workspace/projects/ni/nimble-angular/CHANGELOG.md

@@ -1,9 +1,17 @@
 # Change Log - @ni/nimble-angular
 
-This log was last generated on Thu, 21 Mar 2024 17:13:38 GMT and should not be manually modified.
+This log was last generated on Mon, 25 Mar 2024 17:03:11 GMT and should not be manually modified.
 
 <!-- Start content -->
 
+## 20.5.3
+
+Mon, 25 Mar 2024 17:03:11 GMT
+
+### Patches
+
+- Bump @ni/nimble-components to v23.0.1
+
 ## 20.5.2
 
 Thu, 21 Mar 2024 17:13:38 GMT

angular-workspace/projects/ni/nimble-angular/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ni/nimble-angular",
-  "version": "20.5.2",
+  "version": "20.5.3",
   "description": "Angular components for the NI Nimble Design System",
   "scripts": {
     "invoke-publish": "cd ../../../ && npm run build:library && cd dist/ni/nimble-angular && npm publish"
@@ -31,7 +31,7 @@
     "@angular/forms": "^15.2.10",
     "@angular/localize": "^15.2.10",
     "@angular/router": "^15.2.10",
-    "@ni/nimble-components": "^23.0.0"
+    "@ni/nimble-components": "^23.0.1"
   },
   "dependencies": {
     "tslib": "^2.2.0"

package.json

@@ -47,6 +47,6 @@
     "beachball": "^2.31.0",
     "cross-env": "^7.0.3",
     "patch-package": "^8.0.0",
-    "playwright": "1.40.0"
+    "playwright": "1.42.0"
   }
 }

packages/jasmine-parameterized/CHANGELOG.json

@@ -1,6 +1,21 @@
 {
   "name": "@ni/jasmine-parameterized",
   "entries": [
+    {
+      "date": "Fri, 22 Mar 2024 16:18:25 GMT",
+      "version": "0.2.3",
+      "tag": "@ni/jasmine-parameterized_v0.2.3",
+      "comments": {
+        "none": [
+          {
+            "author": "jattasNI@users.noreply.github.com",
+            "package": "@ni/jasmine-parameterized",
+            "commit": "559c12f4b5eaae8fdbd18c6c0d2ecff097b699d5",
+            "comment": "Update Playwright dev dependency to 1.42.0"
+          }
+        ]
+      }
+    },
     {
       "date": "Tue, 12 Mar 2024 21:01:53 GMT",
       "version": "0.2.3",

packages/jasmine-parameterized/package.json

@@ -51,7 +51,7 @@
     "karma-jasmine": "^5.1.0",
     "karma-jasmine-html-reporter": "^2.0.0",
     "karma-spec-reporter": "^0.0.36",
-    "playwright": "1.40.0",
+    "playwright": "1.42.0",
     "typescript": "~4.9.5"
   }
 }

packages/nimble-blazor/CHANGELOG.json

@@ -1,6 +1,21 @@
 {
   "name": "@ni/nimble-blazor",
   "entries": [
+    {
+      "date": "Fri, 22 Mar 2024 16:18:25 GMT",
+      "version": "14.5.2",
+      "tag": "@ni/nimble-blazor_v14.5.2",
+      "comments": {
+        "none": [
+          {
+            "author": "jattasNI@users.noreply.github.com",
+            "package": "@ni/nimble-blazor",
+            "commit": "559c12f4b5eaae8fdbd18c6c0d2ecff097b699d5",
+            "comment": "Update Playwright dev dependency to 1.42.0"
+          }
+        ]
+      }
+    },
     {
       "date": "Mon, 18 Mar 2024 17:12:34 GMT",
       "version": "14.5.0",

packages/nimble-blazor/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ni/nimble-blazor",
-  "version": "14.5.2",
+  "version": "14.5.3",
   "description": "Blazor components for the NI Nimble Design System",
   "scripts": {
     "postinstall": "node build/generate-playwright-version-properties/source/index.js",
@@ -48,7 +48,7 @@
     "@rollup/plugin-node-resolve": "^15.0.1",
     "cross-env": "^7.0.3",
     "glob": "^10.3.10",
-    "playwright": "1.40.0",
+    "playwright": "1.42.0",
     "rimraf": "^5.0.5",
     "rollup": "^4.12.0"
   }

packages/nimble-components/CHANGELOG.json

@@ -1,6 +1,36 @@
 {
   "name": "@ni/nimble-components",
   "entries": [
+    {
+      "date": "Mon, 25 Mar 2024 17:03:11 GMT",
+      "version": "23.0.1",
+      "tag": "@ni/nimble-components_v23.0.1",
+      "comments": {
+        "patch": [
+          {
+            "author": "33986780+munteannatan@users.noreply.github.com",
+            "package": "@ni/nimble-components",
+            "commit": "f56b73b45161a55b967dc03bbdd094a6527c814c",
+            "comment": "Created new hover event for the new diesTable api and changed the zoom event"
+          }
+        ]
+      }
+    },
+    {
+      "date": "Fri, 22 Mar 2024 16:18:25 GMT",
+      "version": "23.0.0",
+      "tag": "@ni/nimble-components_v23.0.0",
+      "comments": {
+        "none": [
+          {
+            "author": "jattasNI@users.noreply.github.com",
+            "package": "@ni/nimble-components",
+            "commit": "559c12f4b5eaae8fdbd18c6c0d2ecff097b699d5",
+            "comment": "Update Playwright dev dependency to 1.42.0"
+          }
+        ]
+      }
+    },
     {
       "date": "Thu, 21 Mar 2024 17:13:38 GMT",
       "version": "23.0.0",

packages/nimble-components/CHANGELOG.md

@@ -1,9 +1,17 @@
 # Change Log - @ni/nimble-components
 
-This log was last generated on Thu, 21 Mar 2024 17:13:38 GMT and should not be manually modified.
+This log was last generated on Mon, 25 Mar 2024 17:03:11 GMT and should not be manually modified.
 
 <!-- Start content -->
 
+## 23.0.1
+
+Mon, 25 Mar 2024 17:03:11 GMT
+
+### Patches
+
+- Created new hover event for the new diesTable api and changed the zoom event ([ni/nimble@f56b73b](https://github.com/ni/nimble/commit/f56b73b45161a55b967dc03bbdd094a6527c814c))
+
 ## 23.0.0
 
 Thu, 21 Mar 2024 17:13:38 GMT

packages/nimble-components/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ni/nimble-components",
-  "version": "23.0.0",
+  "version": "23.0.1",
   "description": "Styled web components for the NI Nimble Design System",
   "scripts": {
     "build": "npm run generate-icons && npm run generate-workers && npm run build-components && npm run bundle-components && npm run generate-scss && npm run build-storybook",
@@ -151,7 +151,7 @@
     "karma-spec-reporter": "^0.0.36",
     "karma-webkit-launcher": "^2.1.0",
     "karma-webpack": "^5.0.0",
-    "playwright": "1.40.0",
+    "playwright": "1.42.0",
     "prettier-eslint": "^16.3.0",
     "prettier-eslint-cli": "^8.0.1",
     "remark-gfm": "^3.0.1",