Bump the npm_and_yarn group across 1 directory with 3 updates #1335
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the npm_and_yarn group with 3 updates in the /frontend directory: svelte, vite and happy-dom.
Updates
svelte
from 4.2.19 to 5.15.0Release notes
Sourced from svelte's releases.
... (truncated)
Changelog
Sourced from svelte's changelog.
... (truncated)
Commits
1d773ef
Version Packages (#14782)72b7bc7
feat: add "worker" exports condition (#14779)2086c19
Version Packages (#14776)999b92d
fix: intellisense DX for $props, $inspect, $bindable, and $host (#14777)5bc4033
fix: treeshake$inspect.trace
code if unused in modules (#14774)69d198e
Version Packages (#14764)7c6379a
fix: bump esrap dependency (#14765)d0f156c
fix: ensure $inspect.trace code is treeshaken out if unused (#14770)8705d44
fix: ensure svg namespace for\<a>
elements is correct (#14756)bfa0b34
add self-closing-tags info (#14758)Updates
vite
from 5.4.9 to 6.0.4Release notes
Sourced from vite's releases.
... (truncated)
Changelog
Sourced from vite's changelog.
... (truncated)
Commits
11cd5a4
release: v6.0.43734f80
fix(css): escape double quotes inurl()
when lightningcss is used (#18997)2b4f115
fix(deps): update all non-major dependencies (#18996)12b612d
fix: fallback terser to main thread when function options are used (#18987)d88d000
fix(deps): update all non-major dependencies (#18967)21680bd
fix(css): skip non css in custom sass importer (#18970)62fad6d
chore(deps): update dependency@rollup/plugin-node-resolve
to v16 (#18968)8a6bb4e
fix(optimizer): keep NODE_ENV as-is when keepProcessEnv istrue
(#18899)7d6dd5d
fix(ssr): recreate ssrCompatModuleRunner on restart (#18973)c4b532c
fix(css): root relative import in sass modern API on Windows (#18945)Updates
happy-dom
from 15.7.4 to 15.10.2Release notes
Sourced from happy-dom's releases.
... (truncated)
Commits
d23834c
fix: #1585 Fixes a security vulnerability that allowed for server side code...5ee0b16
fix: #1585 Fixes security vulnerability that allowed for server side code t...a20dba9
chore: #1542 Adds SECURITY.md file (#1584)1625d40
feat: #1553 Adds setting disableSameOriginPolicy, to make it possible to by...a78cd8f
feat: #1147 Adds support for aspect-ratio to CSSStyleDeclaration (#1537)e6f8b13
fix: #1581 Fixes bug where Node.getRootNode() returned null when it was wi...38ab960
fix: #1578 Fixes bug where child nodes of HTMLSelectElement and HTMLFormEle...8f74989
fix: #1534 Toggle open attribute on HTMLDetailsElement when dispatching a c...7f57469
fix: #1546 UseglobalThis
instead ofglobal
to make Happy DOM work in o...759b4fb
fix: #1538 Always return Promise<Blob> from ClipboardItem.getType() (#1539)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.