Skip to content

npm: bump js-cookie from 2.2.1 to 3.0.1 in /dashboard #830

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 30, 2021
Merged

npm: bump js-cookie from 2.2.1 to 3.0.1 in /dashboard #830

merged 2 commits into from
Nov 30, 2021

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 30, 2021

Bumps js-cookie from 2.2.1 to 3.0.1.

Release notes

Sourced from js-cookie's releases.

v3.0.1

  • Make package.json accessible in export - #727

v3.0.0

  • Removed defaults in favor of a builder: now to supply an api instance with particular predefined (cookie) attributes there's Cookies.withAttributes(), e.g.:
const api = Cookies.withAttributes({
  path: '/',
  secure: true
})
api.set('key', 'value') // writes cookie with path: '/' and secure: true...
  • The attributes that an api instance is configured with are exposed as attributes property; it's an immutable object and unlike defaults cannot be changed to configure the api.
  • The mechanism to fall back to the standard, internal converter by returning a falsy value in a custom read converter has been removed. Instead the default converters are now exposed as Cookies.converter, which allows for implementing self-contained custom converters providing the same behavior:
const customReadConverter = (value, name) => {
  if (name === 'special') {
    return unescape(value)
  }
  return Cookies.converter.read(value)
}
  • withConverter() no longer accepts a function as argument to be turned into a read converter. It is now required to always pass an object with the explicit type(s) of converter(s):
const api = Cookies.withConverter({
  read: (value, name) => unescape(value)
})
  • The converter(s) that an api instance is configured with are exposed as converter property; it's an immutable object and cannot be changed to configure the api.
  • Started providing library as ES module, in addition to UMD module. The module field in package.json points to an ES module variant of the library.
  • Started using browser field instead of main in package.json (for the UMD variant of the library).
  • Dropped support for IE < 10.
  • Removed built-in JSON support, i.e. getJSON() and automatic stringifying in set(): use Cookies.set('foo', JSON.stringify({ ... })) and JSON.parse(Cookies.get('foo')) instead.
  • Removed support for Bower.
  • Added minified versions to package - #501
  • Improved support for url encoded cookie values (support case insensitive encoding) - #466, #530
  • Expose default path via API - #541
  • Handle falsy arguments passed to getters - #399
  • No longer support Node < 12 when building (LTS versions only)

v3.0.0-rc.4

Reverted changes introduced in rc2, which caused a mayor breaking change in the case of requesting the library via jsdelivr CDN with a particular file name. This breaking change was not intentional.

The problem was that we've been advertising the following link in the readme on the master branch:

https://cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js

while the respective change had changed that file name in the distribution to js.cookie.umd.min.js.

Nonetheless, we advise to always use the latest stable version in production environments.

... (truncated)

Commits
  • 0ba7714 Craft v3.0.1 release
  • 2a8d172 export package.json
  • a6345f0 Let dependabot ignore patch updates
  • fee39fc Move RFC 6265 related functionality to converter
  • 9e45d88 Use decodeURIComponent() for decoding key
  • 0790074 Remove unnecessary assignment
  • f06749c Remove iPhone 8 from BrowserStack setup
  • 750a2d8 Update overlooked references after releasing
  • ea3239a Craft v3.0.0 release
  • 1711eb2 Bump eslint-plugin-promise from 4.3.1 to 5.1.0
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
npm: bump js-cookie from 2.2.1 to 3.0.1 in /dashboard
5dc376f 
Bumps [js-cookie](https://github.com/js-cookie/js-cookie) from 2.2.1 to 3.0.1.
- [Release notes](https://github.com/js-cookie/js-cookie/releases)
- [Changelog](https://github.com/js-cookie/js-cookie/blob/master/.release-it.json)
- [Commits](js-cookie/js-cookie@v2.2.1...v3.0.1)

---
updated-dependencies:
- dependency-name: js-cookie
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Nov 30, 2021
@dependabot dependabot bot requested a review from abhinavsingh November 30, 2021 04:00
@abhinavsingh abhinavsingh merged commit 9782f6c into develop Nov 30, 2021
@abhinavsingh abhinavsingh deleted the dependabot/npm_and_yarn/dashboard/js-cookie-3.0.1 branch November 30, 2021 22:21
abhinavsingh added a commit that referenced this pull request Dec 1, 2021
@abhinavsingh @dependabot
@pre-commit-ci @webknjaz
v2.4.0rc2 (#838)
e473eb1 
* Merge pull request #825 from abhinavsingh/dependabot/pip/pylint-2.12.1

pip prod(deps): bump pylint from 2.11.1 to 2.12.1

* Bump ncipollo/release-action from 1.8.10 to 1.9.0 (#826)

Bumps [ncipollo/release-action](https://github.com/ncipollo/release-action) from 1.8.10 to 1.9.0.
- [Release notes](https://github.com/ncipollo/release-action/releases)
- [Commits](ncipollo/release-action@v1.8.10...v1.9.0)

---
updated-dependencies:
- dependency-name: ncipollo/release-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Abhinav Singh <[email protected]>

* npm: bump rollup-plugin-copy from 3.3.0 to 3.4.0 in /dashboard (#824)

Bumps [rollup-plugin-copy](https://github.com/vladshcherbin/rollup-plugin-copy) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/vladshcherbin/rollup-plugin-copy/releases)
- [Commits](vladshcherbin/rollup-plugin-copy@3.3.0...3.4.0)

---
updated-dependencies:
- dependency-name: rollup-plugin-copy
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Abhinav Singh <[email protected]>

* Add benchmarks comparison for `proxy.py`, `tornado`, `aiohttp`, `flask` (#827)

* Add benchmarks for `proxy.py`, `tornado`, `aiohttp`, `flask`

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

* Lint happy

* Disable W0223 for tornado

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>

* Integrate Towncrier configuration (#823)

* Move changelog out of README into a separate file

* Expose the changelog to Sphinx

* Integrate Towncrier configuration into the repo

* Include the change fragment docs in Sphinx

* Add a config for the Chronographer GitHub App

* Add a change note for PR #823

* Update CHANGELOG.md

Co-authored-by: Abhinav Singh <[email protected]>

* Add `benchmark` results to `README.md` (#828)

* Add benchmark results to top-level README

* mypy

* Push down WIP example

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

* Spelling

* Link rtfd within `Internal Documentation` for now

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>

* pip prod(deps): bump types-paramiko from 2.8.1 to 2.8.2 (#831)

Bumps [types-paramiko](https://github.com/python/typeshed) from 2.8.1 to 2.8.2.
- [Release notes](https://github.com/python/typeshed/releases)
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-paramiko
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* npm: bump js-cookie from 2.2.1 to 3.0.1 in /dashboard (#830)

Bumps [js-cookie](https://github.com/js-cookie/js-cookie) from 2.2.1 to 3.0.1.
- [Release notes](https://github.com/js-cookie/js-cookie/releases)
- [Changelog](https://github.com/js-cookie/js-cookie/blob/master/.release-it.json)
- [Commits](js-cookie/js-cookie@v2.2.1...v3.0.1)

---
updated-dependencies:
- dependency-name: js-cookie
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Abhinav Singh <[email protected]>

* Optimizations & Update Benchmark Results (#832)

* Bail out of lock earlier

* Avoid calling `get_events` for unfinished work tasks.  Use `cached_property` for `HttpParser` optimization

* Add `type: ignore[no-any-return]`, odd scenario

* We dont have to rebuild response packet repeatedly within `WebServerPlugin`

* Parse line and header in one invocation

* Minor optimizations and update benchmark to use `oha` instead of `hey`

* Remove `flask` from benchmark, only benchmark `asgi` or `async` based libraries.  Use `uvicorn` and 10 workers for `blacksheep`.  Use `oha` instead of `hey`

* Add benchmark for `starlette`

* [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci

* Add missing dep

* pre-commit

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>

* [ProxyPoolPlugin] Avoid remote proxy of private IP requests (#833)

* Avoid proxy of requests to private IP within `ProxyPoolPlugin`

* Fix tests

* spell fix

* No content length or chunked case can occur with `HTTP/1.1` too (#834)

* No content length or chunked case can occur with `HTTP/1.1` too

* `WPS331` false-positive

* npm: bump eslint-plugin-standard from 4.1.0 to 5.0.0 in /dashboard (#835)

Bumps [eslint-plugin-standard](https://github.com/standard/eslint-plugin-standard) from 4.1.0 to 5.0.0.
- [Release notes](https://github.com/standard/eslint-plugin-standard/releases)
- [Commits](standard/eslint-plugin-standard@v4.1.0...v5.0.0)

---
updated-dependencies:
- dependency-name: eslint-plugin-standard
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* pip prod(deps): bump twine from 3.5.0 to 3.6.0 (#836)

Bumps [twine](https://github.com/pypa/twine) from 3.5.0 to 3.6.0.
- [Release notes](https://github.com/pypa/twine/releases)
- [Changelog](https://github.com/pypa/twine/blob/main/docs/changelog.rst)
- [Commits](pypa/twine@3.5.0...3.6.0)

---
updated-dependencies:
- dependency-name: twine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* `task.result` can throw (#837)

* `task.result` can raise exception

* Remove redundant `except`

* Fix doc spell.  We need to fix it well, currently strategy feels dumb and PITA

* Move common words within `spelling_wordlist.txt`

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: Sviatoslav Sydorenko <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@abhinavsingh abhinavsingh Awaiting requested review from abhinavsingh

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@abhinavsingh