From e4768aca1b58b8cd547bffccc948a6618b3457bb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Oct 2024 15:38:16 -0400 Subject: [PATCH 01/17] chore(deps-dev): Bump webpack from 5.91.0 to 5.94.0 (#7435) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [webpack](https://github.com/webpack/webpack) from 5.91.0 to 5.94.0.
Release notes

Sourced from webpack's releases.

v5.94.0

Bug Fixes

New Features

Security

v5.93.0

Bug Fixes

New Features

v5.92.1

Bug Fixes

v5.92.0

Bug Fixes

... (truncated)

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=webpack&package-manager=npm_and_yarn&previous-version=5.91.0&new-version=5.94.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/microsoft/accessibility-insights-web/network/alerts).
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 59 +++++++++++++++++++++------------------------------- 2 files changed, 25 insertions(+), 36 deletions(-) diff --git a/package.json b/package.json index 46d77921cbf..90753340725 100644 --- a/package.json +++ b/package.json @@ -147,7 +147,7 @@ "typed-scss-modules": "^8.0.0", "typemoq": "^2.1.0", "typescript": "^5.4.5", - "webpack": "^5.91.0", + "webpack": "^5.94.0", "webpack-cli": "^5.1.4", "webpack-node-externals": "^3.0.0" }, diff --git a/yarn.lock b/yarn.lock index 5f938e2ec01..cf0cb8ad505 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2263,27 +2263,7 @@ __metadata: languageName: node linkType: hard -"@types/eslint-scope@npm:^3.7.3": - version: 3.7.7 - resolution: "@types/eslint-scope@npm:3.7.7" - dependencies: - "@types/eslint": "*" - "@types/estree": "*" - checksum: e2889a124aaab0b89af1bab5959847c5bec09809209255de0e63b9f54c629a94781daa04adb66bffcdd742f5e25a17614fb933965093c0eea64aacda4309380e - languageName: node - linkType: hard - -"@types/eslint@npm:*": - version: 8.56.10 - resolution: "@types/eslint@npm:8.56.10" - dependencies: - "@types/estree": "*" - "@types/json-schema": "*" - checksum: fb7137dd263ce1130b42d14452bdd0266ef81f52cb55ba1a5e9750e65da1f0596dc598c88bffc7e415458b6cb611a876dcc132bcf40ea48701c6d05b40c57be5 - languageName: node - linkType: hard - -"@types/estree@npm:*, @types/estree@npm:^1.0.5": +"@types/estree@npm:^1.0.5": version: 1.0.5 resolution: "@types/estree@npm:1.0.5" checksum: dd8b5bed28e6213b7acd0fb665a84e693554d850b0df423ac8076cc3ad5823a6bc26b0251d080bdc545af83179ede51dd3f6fa78cad2c46ed1f29624ddf3e41a @@ -2403,7 +2383,7 @@ __metadata: languageName: node linkType: hard -"@types/json-schema@npm:*, @types/json-schema@npm:^7.0.8, @types/json-schema@npm:^7.0.9": +"@types/json-schema@npm:^7.0.8, @types/json-schema@npm:^7.0.9": version: 7.0.15 resolution: "@types/json-schema@npm:7.0.15" checksum: 97ed0cb44d4070aecea772b7b2e2ed971e10c81ec87dd4ecc160322ffa55ff330dace1793489540e3e318d90942064bb697cc0f8989391797792d919737b3b98 @@ -3177,7 +3157,7 @@ __metadata: ua-parser-js: ^1.0.37 uuid: ^9.0.1 webextension-polyfill: ^0.12.0 - webpack: ^5.91.0 + webpack: ^5.94.0 webpack-cli: ^5.1.4 webpack-node-externals: ^3.0.0 languageName: unknown @@ -3193,12 +3173,12 @@ __metadata: languageName: node linkType: hard -"acorn-import-assertions@npm:^1.9.0": - version: 1.9.0 - resolution: "acorn-import-assertions@npm:1.9.0" +"acorn-import-attributes@npm:^1.9.5": + version: 1.9.5 + resolution: "acorn-import-attributes@npm:1.9.5" peerDependencies: acorn: ^8 - checksum: 944fb2659d0845c467066bdcda2e20c05abe3aaf11972116df457ce2627628a81764d800dd55031ba19de513ee0d43bb771bc679cc0eda66dc8b4fade143bc0c + checksum: 1c0c49b6a244503964ae46ae850baccf306e84caf99bc2010ed6103c69a423987b07b520a6c619f075d215388bd4923eccac995886a54309eda049ab78a4be95 languageName: node linkType: hard @@ -4846,7 +4826,7 @@ __metadata: languageName: node linkType: hard -"enhanced-resolve@npm:^5.0.0, enhanced-resolve@npm:^5.16.0": +"enhanced-resolve@npm:^5.0.0": version: 5.16.1 resolution: "enhanced-resolve@npm:5.16.1" dependencies: @@ -4856,6 +4836,16 @@ __metadata: languageName: node linkType: hard +"enhanced-resolve@npm:^5.17.1": + version: 5.17.1 + resolution: "enhanced-resolve@npm:5.17.1" + dependencies: + graceful-fs: ^4.2.4 + tapable: ^2.2.0 + checksum: 4bc38cf1cea96456f97503db7280394177d1bc46f8f87c267297d04f795ac5efa81e48115a2f5b6273c781027b5b6bfc5f62b54df629e4d25fa7001a86624f59 + languageName: node + linkType: hard + "entities@npm:^4.4.0": version: 4.5.0 resolution: "entities@npm:4.5.0" @@ -12329,20 +12319,19 @@ __metadata: languageName: node linkType: hard -"webpack@npm:^5.91.0": - version: 5.91.0 - resolution: "webpack@npm:5.91.0" +"webpack@npm:^5.94.0": + version: 5.94.0 + resolution: "webpack@npm:5.94.0" dependencies: - "@types/eslint-scope": ^3.7.3 "@types/estree": ^1.0.5 "@webassemblyjs/ast": ^1.12.1 "@webassemblyjs/wasm-edit": ^1.12.1 "@webassemblyjs/wasm-parser": ^1.12.1 acorn: ^8.7.1 - acorn-import-assertions: ^1.9.0 + acorn-import-attributes: ^1.9.5 browserslist: ^4.21.10 chrome-trace-event: ^1.0.2 - enhanced-resolve: ^5.16.0 + enhanced-resolve: ^5.17.1 es-module-lexer: ^1.2.1 eslint-scope: 5.1.1 events: ^3.2.0 @@ -12362,7 +12351,7 @@ __metadata: optional: true bin: webpack: bin/webpack.js - checksum: f1073715dbb1ed5c070affef293d800a867708bcbc5aba4d8baee87660e0cf53c55966a6f36fab078d1d6c9567cdcd0a9086bdfb607cab87ea68c6449791b9a3 + checksum: 6a3d667be304a69cd6dcb8d676bc29f47642c0d389af514cfcd646eaaa809961bc6989fc4b2621a717dfc461130f29c6e20006d62a32e012dafaa9517813a4e6 languageName: node linkType: hard From e2d04c00de6f538b84b251a757533789bdfabddc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Oct 2024 15:39:56 -0400 Subject: [PATCH 02/17] chore(deps): Bump micromatch from 4.0.5 to 4.0.8 (#7436) Bumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5 to 4.0.8.
Release notes

Sourced from micromatch's releases.

4.0.8

Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.

Changelog

Sourced from micromatch's changelog.

[4.0.8] - 2024-08-22

  • backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch

[4.0.7] - 2024-05-22

  • this is basically v4.0.5, with some README updates
  • it is vulnerable to CVE-2024-4067
  • Updated braces to v3.0.3 to avoid CVE-2024-4068
  • does NOT break API compatibility

[4.0.6] - 2024-05-21

  • Added hasBraces to check if a pattern contains braces.
  • Fixes CVE-2024-4067
  • BREAKS API COMPATIBILITY
  • Should be labeled as a major release, but it's not.
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=micromatch&package-manager=npm_and_yarn&previous-version=4.0.5&new-version=4.0.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/microsoft/accessibility-insights-web/network/alerts).
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- yarn.lock | 20 +++++--------------- 1 file changed, 5 insertions(+), 15 deletions(-) diff --git a/yarn.lock b/yarn.lock index cf0cb8ad505..69e1647d224 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3766,7 +3766,7 @@ __metadata: languageName: node linkType: hard -"braces@npm:^3.0.2, braces@npm:^3.0.3, braces@npm:~3.0.2": +"braces@npm:^3.0.3, braces@npm:~3.0.2": version: 3.0.3 resolution: "braces@npm:3.0.3" dependencies: @@ -8699,23 +8699,13 @@ __metadata: languageName: node linkType: hard -"micromatch@npm:^4.0.0, micromatch@npm:^4.0.2, micromatch@npm:^4.0.4, micromatch@npm:^4.0.5": - version: 4.0.5 - resolution: "micromatch@npm:4.0.5" - dependencies: - braces: ^3.0.2 - picomatch: ^2.3.1 - checksum: 02a17b671c06e8fefeeb6ef996119c1e597c942e632a21ef589154f23898c9c6a9858526246abb14f8bca6e77734aa9dcf65476fca47cedfb80d9577d52843fc - languageName: node - linkType: hard - -"micromatch@npm:^4.0.7": - version: 4.0.7 - resolution: "micromatch@npm:4.0.7" +"micromatch@npm:^4.0.0, micromatch@npm:^4.0.2, micromatch@npm:^4.0.4, micromatch@npm:^4.0.5, micromatch@npm:^4.0.7": + version: 4.0.8 + resolution: "micromatch@npm:4.0.8" dependencies: braces: ^3.0.3 picomatch: ^2.3.1 - checksum: 3cde047d70ad80cf60c787b77198d680db3b8c25b23feb01de5e2652205d9c19f43bd81882f69a0fd1f0cde6a7a122d774998aad3271ddb1b8accf8a0f480cf7 + checksum: 79920eb634e6f400b464a954fcfa589c4e7c7143209488e44baf627f9affc8b1e306f41f4f0deedde97e69cb725920879462d3e750ab3bd3c1aed675bb3a8966 languageName: node linkType: hard From 53c9600806e83e704dbf392216199d2a4993ed31 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 8 Oct 2024 14:02:04 -0400 Subject: [PATCH 03/17] chore(deps-dev): Bump prettier from 3.2.5 to 3.3.3 (#7419) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [prettier](https://github.com/prettier/prettier) from 3.2.5 to 3.3.3.
Release notes

Sourced from prettier's releases.

3.3.3

đź”— Changelog

3.3.2

đź”— Changelog

3.3.1

đź”— Changelog

3.3.0

diff

đź”— Release note

Changelog

Sourced from prettier's changelog.

3.3.3

diff

Add parentheses for nullish coalescing in ternary (#16391 by @​cdignam-segment)

This change adds clarity to operator precedence.

// Input
foo ? bar ?? foo : baz;
foo ?? bar ? a : b;
a ? b : foo ?? bar;

// Prettier 3.3.2

foo ? bar ?? foo : baz;

foo ?? bar ? a : b;

a ? b : foo ?? bar;


// Prettier 3.3.3

foo ? (bar ?? foo) : baz;

(foo ?? bar) ? a : b;

a ? b : (foo ?? bar);

Add parentheses for decorator expressions (#16458 by @​y-schneider)

Prevent parentheses around member expressions or tagged template literals from being removed to follow the stricter parsing rules of TypeScript 5.5.

// Input
@(foo`tagged template`)
class X {}

// Prettier 3.3.2

@​footagged
template

class X {}


// Prettier 3.3.3

@(footagged template)

class X {}

Support @let declaration syntax (#16474 by @​sosukesuzuki)

Adds support for Angular v18 @let declaration syntax.

Please see the following code example. The @let declaration allows you to define local variables within the template:

... (truncated)

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=prettier&package-manager=npm_and_yarn&previous-version=3.2.5&new-version=3.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Prachi Naigaonkar --- package.json | 2 +- packages/report-e2e-tests/package.json | 2 +- src/DetailsView/components/issues-table.tsx | 2 +- src/views/content/content-page.tsx | 2 +- yarn.lock | 12 ++++++------ 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/package.json b/package.json index 90753340725..f4cb633164c 100644 --- a/package.json +++ b/package.json @@ -133,7 +133,7 @@ "playwright": "^1.45.3", "postcss": "^8.4.41", "postcss-modules": "^6.0.0", - "prettier": "^3.2.5", + "prettier": "^3.3.3", "regenerator-runtime": "^0.14.1", "sass": "^1.69.7", "sass-loader": "^13.3.3", diff --git a/packages/report-e2e-tests/package.json b/packages/report-e2e-tests/package.json index f9179cb0950..404aef5092a 100644 --- a/packages/report-e2e-tests/package.json +++ b/packages/report-e2e-tests/package.json @@ -23,7 +23,7 @@ "jest": "^29.7.0", "jest-file-snapshot": "^0.5.0", "jest-junit": "^16.0.0", - "prettier": "^3.2.5", + "prettier": "^3.3.3", "typescript": "^5.4.5" } } diff --git a/src/DetailsView/components/issues-table.tsx b/src/DetailsView/components/issues-table.tsx index fc04947643f..e50b9e70e83 100644 --- a/src/DetailsView/components/issues-table.tsx +++ b/src/DetailsView/components/issues-table.tsx @@ -94,7 +94,7 @@ export class IssuesTable extends React.Component { return (

{this.props.title} - {this.props.includeStepsText ?? true ? ` ${this.props.stepsText}` : null} + {(this.props.includeStepsText ?? true) ? ` ${this.props.stepsText}` : null}

); } diff --git a/src/views/content/content-page.tsx b/src/views/content/content-page.tsx index 1f489022710..c2ef83f455d 100644 --- a/src/views/content/content-page.tsx +++ b/src/views/content/content-page.tsx @@ -127,7 +127,7 @@ export function ContentProvider(root: ContentTree): ContentProvider { const contentFromReference = (reference?: ContentReference) => isContentPageComponent(reference) ? reference : getPage(reference); const pathFromReference = (reference?: ContentReference) => - isContentPageComponent(reference) ? pathTo(reference) : reference ?? null; + isContentPageComponent(reference) ? pathTo(reference) : (reference ?? null); return { getPage, allPaths, pathTo, contentFromReference, pathFromReference }; } diff --git a/yarn.lock b/yarn.lock index 69e1647d224..0a9d1bde1e4 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3025,7 +3025,7 @@ __metadata: jest: ^29.7.0 jest-file-snapshot: ^0.5.0 jest-junit: ^16.0.0 - prettier: ^3.2.5 + prettier: ^3.3.3 typescript: ^5.4.5 languageName: unknown linkType: soft @@ -3134,7 +3134,7 @@ __metadata: playwright: ^1.45.3 postcss: ^8.4.41 postcss-modules: ^6.0.0 - prettier: ^3.2.5 + prettier: ^3.3.3 react: ^18.3.1 react-dom: ^18.3.1 react-helmet-async: ^2.0.5 @@ -9840,12 +9840,12 @@ __metadata: languageName: node linkType: hard -"prettier@npm:^3.2.5": - version: 3.2.5 - resolution: "prettier@npm:3.2.5" +"prettier@npm:^3.3.3": + version: 3.3.3 + resolution: "prettier@npm:3.3.3" bin: prettier: bin/prettier.cjs - checksum: 2ee4e1417572372afb7a13bb446b34f20f1bf1747db77cf6ccaf57a9be005f2f15c40f903d41a6b79eec3f57fff14d32a20fb6dee1f126da48908926fe43c311 + checksum: bc8604354805acfdde6106852d14b045bb20827ad76a5ffc2455b71a8257f94de93f17f14e463fe844808d2ccc87248364a5691488a3304f1031326e62d9276e languageName: node linkType: hard From 663914dcd59b713b1a8f54458b05cc311e414695 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 8 Oct 2024 14:02:57 -0400 Subject: [PATCH 04/17] chore(deps): Bump playwright from v1.45.3-focal to v1.46.1-focal (#7424) Bumps playwright from v1.45.3-focal to v1.46.1-focal. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=playwright&package-manager=docker&previous-version=v1.45.3-focal&new-version=v1.46.1-focal)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
--------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Anjali Singh --- .github/workflows/ci.yml | 2 +- Dockerfile | 2 +- package.json | 2 +- yarn.lock | 20 ++++++++++---------- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3306fed18bf..ab5833ff62c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -133,7 +133,7 @@ jobs: name: e2e-web-tests (${{ matrix.shard-index }}/${{ strategy.job-total }}) runs-on: ubuntu-20.04 # We need to update this each time we update playwright - container: mcr.microsoft.com/playwright:v1.45.3-focal + container: mcr.microsoft.com/playwright:v1.46.1-focal strategy: fail-fast: false matrix: diff --git a/Dockerfile b/Dockerfile index e82377dd91d..738fee541c6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ # reference: https://stackoverflow.com/a/51683309/3711475 # reference: https://github.com/GoogleChrome/puppeteer/blob/master/docs/troubleshooting.md#running-puppeteer-in-docker -FROM mcr.microsoft.com/playwright:v1.45.3-focal AS setup +FROM mcr.microsoft.com/playwright:v1.46.1-focal AS setup USER root diff --git a/package.json b/package.json index f4cb633164c..2161fb46619 100644 --- a/package.json +++ b/package.json @@ -130,7 +130,7 @@ "license-check-and-add": "^4.0.5", "mini-css-extract-plugin": "2.9.0", "npm-run-all": "^4.1.5", - "playwright": "^1.45.3", + "playwright": "^1.46.1", "postcss": "^8.4.41", "postcss-modules": "^6.0.0", "prettier": "^3.3.3", diff --git a/yarn.lock b/yarn.lock index 0a9d1bde1e4..d378ea889c7 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3131,7 +3131,7 @@ __metadata: luxon: ^3.5.0 mini-css-extract-plugin: 2.9.0 npm-run-all: ^4.1.5 - playwright: ^1.45.3 + playwright: ^1.46.1 postcss: ^8.4.41 postcss-modules: ^6.0.0 prettier: ^3.3.3 @@ -9660,27 +9660,27 @@ __metadata: languageName: node linkType: hard -"playwright-core@npm:1.45.3": - version: 1.45.3 - resolution: "playwright-core@npm:1.45.3" +"playwright-core@npm:1.46.1": + version: 1.46.1 + resolution: "playwright-core@npm:1.46.1" bin: playwright-core: cli.js - checksum: cecb58877b2c643403d7a72c24a7aa0fdd087a3c7f9a5ea5403851336ea831d8e304b1f159aacbbabd12e5c47eaac054333746c9e5431ec07b13d64dbf3b50ec + checksum: 99a03f97d76af02b0565aa09758eb03427e13497ef7e9e9044fd1184a5f050e7545a517dd7ad8988a68b3ea76e2ba0d411f81e410b1cb29f5ac9161c49689822 languageName: node linkType: hard -"playwright@npm:^1.45.3": - version: 1.45.3 - resolution: "playwright@npm:1.45.3" +"playwright@npm:^1.46.1": + version: 1.46.1 + resolution: "playwright@npm:1.46.1" dependencies: fsevents: 2.3.2 - playwright-core: 1.45.3 + playwright-core: 1.46.1 dependenciesMeta: fsevents: optional: true bin: playwright: cli.js - checksum: d9d23b155ccd001553214f710561b01e48eb409676102f8ab94c0b4aa5ac5f398becc1a96528b0554944e07e34189503d891913e0e0a4aa58ad36b9c08747983 + checksum: 9e721cb27f919cd92ea8c7461f4a8e97e32eade9da036baa4747f483549e33a8d77585f51e228d6639a1e28a76b0c1d59ca0a05dbd07aa3cfe427be7aaeb9ec8 languageName: node linkType: hard From 2f571cba9ac852e34721b011bc06065d586af9f7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 8 Oct 2024 16:14:45 -0400 Subject: [PATCH 05/17] chore(deps-dev): Bump serve-static from 1.15.0 to 1.16.0 (#7444) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [serve-static](https://github.com/expressjs/serve-static) from 1.15.0 to 1.16.0.
Release notes

Sourced from serve-static's releases.

1.16.0

What's Changed

New Contributors

Full Changelog: https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0

Changelog

Sourced from serve-static's changelog.

1.16.0 / 2024-09-10

  • Remove link renderization in html while redirecting
Commits
Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for serve-static since your current version.


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serve-static&package-manager=npm_and_yarn&previous-version=1.15.0&new-version=1.16.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/microsoft/accessibility-insights-web/network/alerts).
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 44 ++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 43 insertions(+), 3 deletions(-) diff --git a/package.json b/package.json index 2161fb46619..79b888d6273 100644 --- a/package.json +++ b/package.json @@ -137,7 +137,7 @@ "regenerator-runtime": "^0.14.1", "sass": "^1.69.7", "sass-loader": "^13.3.3", - "serve-static": "^1.15.0", + "serve-static": "^1.16.0", "simple-git": "^3.22.0", "stylelint": "^15.11.0", "stylelint-config-prettier-scss": "^1.0.0", diff --git a/yarn.lock b/yarn.lock index d378ea889c7..1e723e9728e 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3143,7 +3143,7 @@ __metadata: regenerator-runtime: ^0.14.1 sass: ^1.69.7 sass-loader: ^13.3.3 - serve-static: ^1.15.0 + serve-static: ^1.16.0 simple-git: ^3.22.0 stylelint: ^15.11.0 stylelint-config-prettier-scss: ^1.0.0 @@ -4808,6 +4808,13 @@ __metadata: languageName: node linkType: hard +"encodeurl@npm:~2.0.0": + version: 2.0.0 + resolution: "encodeurl@npm:2.0.0" + checksum: abf5cd51b78082cf8af7be6785813c33b6df2068ce5191a40ca8b1afe6a86f9230af9a9ce694a5ce4665955e5c1120871826df9c128a642e09c58d592e2807fe + languageName: node + linkType: hard + "encoding@npm:^0.1.13": version: 0.1.13 resolution: "encoding@npm:0.1.13" @@ -10711,6 +10718,27 @@ __metadata: languageName: node linkType: hard +"send@npm:0.19.0": + version: 0.19.0 + resolution: "send@npm:0.19.0" + dependencies: + debug: 2.6.9 + depd: 2.0.0 + destroy: 1.2.0 + encodeurl: ~1.0.2 + escape-html: ~1.0.3 + etag: ~1.8.1 + fresh: 0.5.2 + http-errors: 2.0.0 + mime: 1.6.0 + ms: 2.1.3 + on-finished: 2.4.1 + range-parser: ~1.2.1 + statuses: 2.0.1 + checksum: 5ae11bd900c1c2575525e2aa622e856804e2f96a09281ec1e39610d089f53aa69e13fd8db84b52f001d0318cf4bb0b3b904ad532fc4c0014eb90d32db0cff55f + languageName: node + linkType: hard + "sentence-case@npm:^3.0.4": version: 3.0.4 resolution: "sentence-case@npm:3.0.4" @@ -10731,7 +10759,7 @@ __metadata: languageName: node linkType: hard -"serve-static@npm:1.15.0, serve-static@npm:^1.15.0": +"serve-static@npm:1.15.0": version: 1.15.0 resolution: "serve-static@npm:1.15.0" dependencies: @@ -10743,6 +10771,18 @@ __metadata: languageName: node linkType: hard +"serve-static@npm:^1.16.0": + version: 1.16.2 + resolution: "serve-static@npm:1.16.2" + dependencies: + encodeurl: ~2.0.0 + escape-html: ~1.0.3 + parseurl: ~1.3.3 + send: 0.19.0 + checksum: dffc52feb4cc5c68e66d0c7f3c1824d4e989f71050aefc9bd5f822a42c54c9b814f595fc5f2b717f4c7cc05396145f3e90422af31186a93f76cf15f707019759 + languageName: node + linkType: hard + "set-blocking@npm:^2.0.0": version: 2.0.0 resolution: "set-blocking@npm:2.0.0" From 632e61444fd7aafd2318de4165f906cd8f58ec73 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 9 Oct 2024 12:27:08 -0400 Subject: [PATCH 06/17] chore(deps-dev): Bump express from 4.19.2 to 4.20.0 (#7448) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [express](https://github.com/expressjs/express) from 4.19.2 to 4.20.0.
Release notes

Sourced from express's releases.

4.20.0

What's Changed

Important

  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect

Other Changes

New Contributors

Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.20.0

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

  • deps: serve-static@0.16.0
    • Remove link renderization in html while redirecting
  • deps: send@0.19.0
    • Remove link renderization in html while redirecting
  • deps: body-parser@0.6.0
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: path-to-regexp@0.1.10
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=express&package-manager=npm_and_yarn&previous-version=4.19.2&new-version=4.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/microsoft/accessibility-insights-web/network/alerts).
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 117 ++++++++++++++++++--------------------------------- 2 files changed, 43 insertions(+), 76 deletions(-) diff --git a/package.json b/package.json index 79b888d6273..98cae987bb9 100644 --- a/package.json +++ b/package.json @@ -108,7 +108,7 @@ "eslint-plugin-import": "^2.29.1", "eslint-plugin-react": "^7.34.4", "eslint-plugin-security": "^1.7.1", - "express": "^4.19.2", + "express": "^4.20.0", "extract-zip": "^2.0.1", "fake-indexeddb": "^4.0.2", "fork-ts-checker-webpack-plugin": "^9.0.2", diff --git a/yarn.lock b/yarn.lock index 1e723e9728e..62293c8d70d 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3106,7 +3106,7 @@ __metadata: eslint-plugin-import: ^2.29.1 eslint-plugin-react: ^7.34.4 eslint-plugin-security: ^1.7.1 - express: ^4.19.2 + express: ^4.20.0 extract-zip: ^2.0.1 fake-indexeddb: ^4.0.2 fork-ts-checker-webpack-plugin: ^9.0.2 @@ -3715,9 +3715,9 @@ __metadata: languageName: node linkType: hard -"body-parser@npm:1.20.2": - version: 1.20.2 - resolution: "body-parser@npm:1.20.2" +"body-parser@npm:1.20.3": + version: 1.20.3 + resolution: "body-parser@npm:1.20.3" dependencies: bytes: 3.1.2 content-type: ~1.0.5 @@ -3727,11 +3727,11 @@ __metadata: http-errors: 2.0.0 iconv-lite: 0.4.24 on-finished: 2.4.1 - qs: 6.11.0 + qs: 6.13.0 raw-body: 2.5.2 type-is: ~1.6.18 unpipe: 1.0.0 - checksum: 14d37ec638ab5c93f6099ecaed7f28f890d222c650c69306872e00b9efa081ff6c596cd9afb9930656aae4d6c4e1c17537bea12bb73c87a217cb3cfea8896737 + checksum: 1a35c59a6be8d852b00946330141c4f142c6af0f970faa87f10ad74f1ee7118078056706a05ae3093c54dabca9cd3770fa62a170a85801da1a4324f04381167d languageName: node linkType: hard @@ -4284,10 +4284,10 @@ __metadata: languageName: node linkType: hard -"cookie@npm:0.6.0": - version: 0.6.0 - resolution: "cookie@npm:0.6.0" - checksum: f56a7d32a07db5458e79c726b77e3c2eff655c36792f2b6c58d351fb5f61531e5b1ab7f46987150136e366c65213cbe31729e02a3eaed630c3bf7334635fb410 +"cookie@npm:0.7.1": + version: 0.7.1 + resolution: "cookie@npm:0.7.1" + checksum: cec5e425549b3650eb5c3498a9ba3cde0b9cd419e3b36e4b92739d30b4d89e0b678b98c1ddc209ce7cf958cd3215671fd6ac47aec21f10c2a0cc68abd399d8a7 languageName: node linkType: hard @@ -5684,42 +5684,42 @@ __metadata: languageName: node linkType: hard -"express@npm:^4.19.2": - version: 4.19.2 - resolution: "express@npm:4.19.2" +"express@npm:^4.20.0": + version: 4.21.1 + resolution: "express@npm:4.21.1" dependencies: accepts: ~1.3.8 array-flatten: 1.1.1 - body-parser: 1.20.2 + body-parser: 1.20.3 content-disposition: 0.5.4 content-type: ~1.0.4 - cookie: 0.6.0 + cookie: 0.7.1 cookie-signature: 1.0.6 debug: 2.6.9 depd: 2.0.0 - encodeurl: ~1.0.2 + encodeurl: ~2.0.0 escape-html: ~1.0.3 etag: ~1.8.1 - finalhandler: 1.2.0 + finalhandler: 1.3.1 fresh: 0.5.2 http-errors: 2.0.0 - merge-descriptors: 1.0.1 + merge-descriptors: 1.0.3 methods: ~1.1.2 on-finished: 2.4.1 parseurl: ~1.3.3 - path-to-regexp: 0.1.7 + path-to-regexp: 0.1.10 proxy-addr: ~2.0.7 - qs: 6.11.0 + qs: 6.13.0 range-parser: ~1.2.1 safe-buffer: 5.2.1 - send: 0.18.0 - serve-static: 1.15.0 + send: 0.19.0 + serve-static: 1.16.2 setprototypeof: 1.2.0 statuses: 2.0.1 type-is: ~1.6.18 utils-merge: 1.0.1 vary: ~1.1.2 - checksum: 212dbd6c2c222a96a61bc927639c95970a53b06257080bb9e2838adb3bffdb966856551fdad1ab5dd654a217c35db94f987d0aa88d48fb04d306340f5f34dca5 + checksum: 5ac2b26d8aeddda5564fc0907227d29c100f90c0ead2ead9d474dc5108e8fb306c2de2083c4e3ba326e0906466f2b73417dbac16961f4075ff9f03785fd940fe languageName: node linkType: hard @@ -5894,18 +5894,18 @@ __metadata: languageName: node linkType: hard -"finalhandler@npm:1.2.0": - version: 1.2.0 - resolution: "finalhandler@npm:1.2.0" +"finalhandler@npm:1.3.1": + version: 1.3.1 + resolution: "finalhandler@npm:1.3.1" dependencies: debug: 2.6.9 - encodeurl: ~1.0.2 + encodeurl: ~2.0.0 escape-html: ~1.0.3 on-finished: 2.4.1 parseurl: ~1.3.3 statuses: 2.0.1 unpipe: ~1.0.0 - checksum: 92effbfd32e22a7dff2994acedbd9bcc3aa646a3e919ea6a53238090e87097f8ef07cced90aa2cc421abdf993aefbdd5b00104d55c7c5479a8d00ed105b45716 + checksum: a8c58cd97c9cd47679a870f6833a7b417043f5a288cd6af6d0f49b476c874a506100303a128b6d3b654c3d74fa4ff2ffed68a48a27e8630cda5c918f2977dcf4 languageName: node linkType: hard @@ -8678,10 +8678,10 @@ __metadata: languageName: node linkType: hard -"merge-descriptors@npm:1.0.1": - version: 1.0.1 - resolution: "merge-descriptors@npm:1.0.1" - checksum: 5abc259d2ae25bb06d19ce2b94a21632583c74e2a9109ee1ba7fd147aa7362b380d971e0251069f8b3eb7d48c21ac839e21fa177b335e82c76ec172e30c31a26 +"merge-descriptors@npm:1.0.3": + version: 1.0.3 + resolution: "merge-descriptors@npm:1.0.3" + checksum: 52117adbe0313d5defa771c9993fe081e2d2df9b840597e966aadafde04ae8d0e3da46bac7ca4efc37d4d2b839436582659cd49c6a43eacb3fe3050896a105d1 languageName: node linkType: hard @@ -9575,10 +9575,10 @@ __metadata: languageName: node linkType: hard -"path-to-regexp@npm:0.1.7": - version: 0.1.7 - resolution: "path-to-regexp@npm:0.1.7" - checksum: 69a14ea24db543e8b0f4353305c5eac6907917031340e5a8b37df688e52accd09e3cebfe1660b70d76b6bd89152f52183f28c74813dbf454ba1a01c82a38abce +"path-to-regexp@npm:0.1.10": + version: 0.1.10 + resolution: "path-to-regexp@npm:0.1.10" + checksum: ab7a3b7a0b914476d44030340b0a65d69851af2a0f33427df1476100ccb87d409c39e2182837a96b98fb38c4ef2ba6b87bdad62bb70a2c153876b8061760583c languageName: node linkType: hard @@ -10011,12 +10011,12 @@ __metadata: languageName: node linkType: hard -"qs@npm:6.11.0": - version: 6.11.0 - resolution: "qs@npm:6.11.0" +"qs@npm:6.13.0": + version: 6.13.0 + resolution: "qs@npm:6.13.0" dependencies: - side-channel: ^1.0.4 - checksum: 6e1f29dd5385f7488ec74ac7b6c92f4d09a90408882d0c208414a34dd33badc1a621019d4c799a3df15ab9b1d0292f97c1dd71dc7c045e69f81a8064e5af7297 + side-channel: ^1.0.6 + checksum: e9404dc0fc2849245107108ce9ec2766cde3be1b271de0bf1021d049dc5b98d1a2901e67b431ac5509f865420a7ed80b7acb3980099fe1c118a1c5d2e1432ad8 languageName: node linkType: hard @@ -10697,27 +10697,6 @@ __metadata: languageName: node linkType: hard -"send@npm:0.18.0": - version: 0.18.0 - resolution: "send@npm:0.18.0" - dependencies: - debug: 2.6.9 - depd: 2.0.0 - destroy: 1.2.0 - encodeurl: ~1.0.2 - escape-html: ~1.0.3 - etag: ~1.8.1 - fresh: 0.5.2 - http-errors: 2.0.0 - mime: 1.6.0 - ms: 2.1.3 - on-finished: 2.4.1 - range-parser: ~1.2.1 - statuses: 2.0.1 - checksum: 74fc07ebb58566b87b078ec63e5a3e41ecd987e4272ba67b7467e86c6ad51bc6b0b0154133b6d8b08a2ddda360464f71382f7ef864700f34844a76c8027817a8 - languageName: node - linkType: hard - "send@npm:0.19.0": version: 0.19.0 resolution: "send@npm:0.19.0" @@ -10759,19 +10738,7 @@ __metadata: languageName: node linkType: hard -"serve-static@npm:1.15.0": - version: 1.15.0 - resolution: "serve-static@npm:1.15.0" - dependencies: - encodeurl: ~1.0.2 - escape-html: ~1.0.3 - parseurl: ~1.3.3 - send: 0.18.0 - checksum: af57fc13be40d90a12562e98c0b7855cf6e8bd4c107fe9a45c212bf023058d54a1871b1c89511c3958f70626fff47faeb795f5d83f8cf88514dbaeb2b724464d - languageName: node - linkType: hard - -"serve-static@npm:^1.16.0": +"serve-static@npm:1.16.2, serve-static@npm:^1.16.0": version: 1.16.2 resolution: "serve-static@npm:1.16.2" dependencies: From 14b5d1b9a84bdd3ab5cb40e45a887527082d4df8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 9 Oct 2024 15:39:20 -0400 Subject: [PATCH 07/17] chore(deps-dev): Bump webpack from 5.91.0 to 5.95.0 (#7456) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [webpack](https://github.com/webpack/webpack) from 5.91.0 to 5.95.0.
Release notes

Sourced from webpack's releases.

v5.95.0

Bug Fixes

  • Fixed hanging when attempting to read a symlink-like file that it can't read
  • Handle default for import context element dependency
  • Merge duplicate chunks call after split chunks
  • Generate correctly code for dynamically importing the same file twice and destructuring
  • Use content hash as [base] and [name] for extracted DataURI's
  • Distinguish module and import in module-import for externals import's
  • [Types] Make EnvironmentPlugin default values types less strict
  • [Types] Typescript 5.6 compatibility

New Features

  • Add new optimization.entryIife option (true by default for the production mode)
  • Pass output.hash* options to loader context

Performance

  • Avoid unneeded re-visit in build chunk graph

v5.94.0

Bug Fixes

  • Added runtime condition for harmony reexport checked
  • Handle properly data/http/https protocols in source maps
  • Make bigint optimistic when browserslist not found
  • Move @​types/eslint-scope to dev deps
  • Related in asset stats is now always an array when no related found
  • Handle ASI for export declarations
  • Mangle destruction incorrect with export named default properly
  • Fixed unexpected asi generation with sequence expression
  • Fixed a lot of types

New Features

  • Added new external type "module-import"
  • Support webpackIgnore for new URL() construction
  • [CSS] @import pathinfo support

Security

  • Fixed DOM clobbering in auto public path

v5.93.0

Bug Fixes

  • Generate correct relative path to runtime chunks
  • Makes DefinePlugin quieter under default log level
  • Fixed mangle destructuring default in namespace import

... (truncated)

Commits
  • e20fd63 chore(release): 5.95.0
  • 4866b0d feat: added new optimization.entryIife option
  • d90f692 fix: merge duplicate chunks after split chunks
  • 90dec30 fix(externals): distinguish “module” and “import” in “module-import”
  • c1a0a46 fix(externals): distinguish “module” and “import” in “module-import”
  • 14d8fa8 fix: all tests cases
  • dae16ad feat: pass output.hash* options to loader context
  • 75d185d feat: pass output.hash* options to loader context
  • 46e0b9c test: update
  • 8e62f9f test
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=webpack&package-manager=npm_and_yarn&previous-version=5.91.0&new-version=5.95.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package.json b/package.json index 98cae987bb9..36357b4ab8a 100644 --- a/package.json +++ b/package.json @@ -147,7 +147,7 @@ "typed-scss-modules": "^8.0.0", "typemoq": "^2.1.0", "typescript": "^5.4.5", - "webpack": "^5.94.0", + "webpack": "^5.95.0", "webpack-cli": "^5.1.4", "webpack-node-externals": "^3.0.0" }, diff --git a/yarn.lock b/yarn.lock index 62293c8d70d..314d2a2d03e 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3157,7 +3157,7 @@ __metadata: ua-parser-js: ^1.0.37 uuid: ^9.0.1 webextension-polyfill: ^0.12.0 - webpack: ^5.94.0 + webpack: ^5.95.0 webpack-cli: ^5.1.4 webpack-node-externals: ^3.0.0 languageName: unknown @@ -12316,9 +12316,9 @@ __metadata: languageName: node linkType: hard -"webpack@npm:^5.94.0": - version: 5.94.0 - resolution: "webpack@npm:5.94.0" +"webpack@npm:^5.95.0": + version: 5.95.0 + resolution: "webpack@npm:5.95.0" dependencies: "@types/estree": ^1.0.5 "@webassemblyjs/ast": ^1.12.1 @@ -12348,7 +12348,7 @@ __metadata: optional: true bin: webpack: bin/webpack.js - checksum: 6a3d667be304a69cd6dcb8d676bc29f47642c0d389af514cfcd646eaaa809961bc6989fc4b2621a717dfc461130f29c6e20006d62a32e012dafaa9517813a4e6 + checksum: 0c3dfe288de4d62f8f3dc25478a618894883cab739121330763b7847e43304630ea2815ae2351a5f8ff6ab7c9642caf530d503d89bda261fe2cd220e524dd5d1 languageName: node linkType: hard From 96a4e072160c09c5d0e1768a8f22d080d0cb5752 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 24 Oct 2024 12:00:26 -0400 Subject: [PATCH 08/17] chore(deps): Bump actions/checkout from 4.1.7 to 4.2.2 (#7476) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.2.
Release notes

Sourced from actions/checkout's releases.

v4.2.2

What's Changed

Full Changelog: https://github.com/actions/checkout/compare/v4.2.1...v4.2.2

v4.2.1

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v4.2.0...v4.2.1

v4.2.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v4.1.7...v4.2.0

Changelog

Sourced from actions/checkout's changelog.

v4.2.2

v4.2.1

v4.2.0

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.7&new-version=4.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ab5833ff62c..5672bc3cd05 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-20.04 env: { PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1 } steps: - - uses: actions/checkout@v4.1.7 + - uses: actions/checkout@v4.2.2 timeout-minutes: 2 - uses: actions/setup-node@v4 @@ -52,7 +52,7 @@ jobs: shard-index: [1, 2] steps: - - uses: actions/checkout@v4.1.7 + - uses: actions/checkout@v4.2.2 timeout-minutes: 2 - uses: actions/setup-node@v4 @@ -83,7 +83,7 @@ jobs: runs-on: ubuntu-20.04 env: { PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1 } steps: - - uses: actions/checkout@v4.1.7 + - uses: actions/checkout@v4.2.2 timeout-minutes: 2 - uses: actions/setup-node@v4 @@ -117,7 +117,7 @@ jobs: codeql: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v4.1.7 + - uses: actions/checkout@v4.2.2 timeout-minutes: 2 - uses: github/codeql-action/init@v3 @@ -140,7 +140,7 @@ jobs: shard-index: [1, 2] steps: - - uses: actions/checkout@v4.1.7 + - uses: actions/checkout@v4.2.2 timeout-minutes: 2 - uses: actions/setup-node@v4 @@ -190,7 +190,7 @@ jobs: runs-on: ubuntu-20.04 env: { PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1 } steps: - - uses: actions/checkout@v4.1.7 + - uses: actions/checkout@v4.2.2 timeout-minutes: 2 - uses: actions/setup-node@v4 @@ -219,7 +219,7 @@ jobs: check-clearly-defined: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v4.1.7 + - uses: actions/checkout@v4.2.2 timeout-minutes: 2 - name: Check ClearlyDefined for dependabot PR's From 8c12821b8fb5f6f4eecd6976ef20eb94b1a26a90 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Nov 2024 12:37:24 -0500 Subject: [PATCH 09/17] chore(deps-dev): Bump @testing-library/react from 16.0.0 to 16.0.1 (#7466) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library) from 16.0.0 to 16.0.1.
Release notes

Sourced from @​testing-library/react's releases.

v16.0.1

16.0.1 (2024-08-29)

Bug Fixes

  • Add support for exactOptionalPropertyTypes in TypeScript (#1351) (3dcd8a9)
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@testing-library/react&package-manager=npm_and_yarn&previous-version=16.0.0&new-version=16.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- yarn.lock | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package.json b/package.json index 36357b4ab8a..328aa9a1ef9 100644 --- a/package.json +++ b/package.json @@ -80,7 +80,7 @@ "@swc/jest": "^0.2.36", "@testing-library/dom": "^10.3.1", "@testing-library/jest-dom": "^6.4.2", - "@testing-library/react": "^16.0.0", + "@testing-library/react": "^16.0.1", "@types/chrome": "0.0.260", "@types/jest": "^29.5.11", "@types/jsdom": "^21.1.6", diff --git a/yarn.lock b/yarn.lock index 314d2a2d03e..9641520409a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2162,9 +2162,9 @@ __metadata: languageName: node linkType: hard -"@testing-library/react@npm:^16.0.0": - version: 16.0.0 - resolution: "@testing-library/react@npm:16.0.0" +"@testing-library/react@npm:^16.0.1": + version: 16.0.1 + resolution: "@testing-library/react@npm:16.0.1" dependencies: "@babel/runtime": ^7.12.5 peerDependencies: @@ -2178,7 +2178,7 @@ __metadata: optional: true "@types/react-dom": optional: true - checksum: 45a35f0b5f34b5a7f4dcefdd3f1d202d5421692e5cc7a491c9bc71e6ed9dd5872a182b80b4dfefb4a56d9c1df35e50f6fa2917bcf657cc26b4bc0d2259df0027 + checksum: 1837db473ea018cf2b5d0cbfffb7a30d0d759e5a7f23aad431441c77bcc3d2533250cd003a61878fd908267df47404cedcb5914f12d79e413002c659652b37fd languageName: node linkType: hard @@ -3074,7 +3074,7 @@ __metadata: "@swc/jest": ^0.2.36 "@testing-library/dom": ^10.3.1 "@testing-library/jest-dom": ^6.4.2 - "@testing-library/react": ^16.0.0 + "@testing-library/react": ^16.0.1 "@testing-library/user-event": ^14.5.2 "@types/chrome": 0.0.260 "@types/jest": ^29.5.11 From 734b37adde4c00d851ea0a51e6b664ef7cf932dd Mon Sep 17 00:00:00 2001 From: v-rakeshsh <155614445+v-rakeshsh@users.noreply.github.com> Date: Wed, 6 Nov 2024 10:45:33 +0530 Subject: [PATCH 10/17] chore: Update axe core version to 4.10.2 (#7482) #### Details This PR upgrades axe-core to 4.10.2 ##### Motivation Updating axe-core version from 4.9.1 to 4.10.2 ##### Context #### Pull request checklist - [ ] Addresses an existing issue: #0000 - [x] PR title *AND* final merge commit title both start with a semantic tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See `CONTRIBUTING.md`. --- package.json | 2 +- packages/report/package.json | 2 +- .../tests/popup/__snapshots__/launchpad.test.ts.snap | 4 ++-- .../__snapshots__/get-rule-inclusions.test.ts.snap | 3 +++ yarn.lock | 11 +++++++++-- 5 files changed, 16 insertions(+), 6 deletions(-) diff --git a/package.json b/package.json index 328aa9a1ef9..583f5b7bcd7 100644 --- a/package.json +++ b/package.json @@ -156,7 +156,7 @@ "@microsoft/applicationinsights-web": "^2.8.15", "@testing-library/user-event": "^14.5.2", "ajv": "^8.12.0", - "axe-core": "4.9.1", + "axe-core": "4.10.2", "classnames": "^2.5.1", "idb-keyval": "^6.2.1", "lodash": "^4.17.21", diff --git a/packages/report/package.json b/packages/report/package.json index d803e1219d4..a19d9b779ae 100644 --- a/packages/report/package.json +++ b/packages/report/package.json @@ -19,7 +19,7 @@ }, "dependencies": { "@fluentui/react": "^8.118.1", - "axe-core": "4.9.1", + "axe-core": "4.10.2", "classnames": "^2.5.1", "lodash": "^4.17.21", "luxon": "^3.5.0", diff --git a/src/tests/end-to-end/tests/popup/__snapshots__/launchpad.test.ts.snap b/src/tests/end-to-end/tests/popup/__snapshots__/launchpad.test.ts.snap index 91634f1f106..2f90d0a2097 100644 --- a/src/tests/end-to-end/tests/popup/__snapshots__/launchpad.test.ts.snap +++ b/src/tests/end-to-end/tests/popup/__snapshots__/launchpad.test.ts.snap @@ -289,7 +289,7 @@ exports[`Popup -> Launch Pad content should match snapshot when quick assess fea Navigate to axe-core npm page - 4.9.1 + 4.10.2 @@ -587,7 +587,7 @@ exports[`Popup -> Launch Pad content should match snapshot when quick assess fea Navigate to axe-core npm page - 4.9.1 + 4.10.2 diff --git a/src/tests/unit/tests/scanner/__snapshots__/get-rule-inclusions.test.ts.snap b/src/tests/unit/tests/scanner/__snapshots__/get-rule-inclusions.test.ts.snap index ce3d359781a..c0b1a075c6d 100644 --- a/src/tests/unit/tests/scanner/__snapshots__/get-rule-inclusions.test.ts.snap +++ b/src/tests/unit/tests/scanner/__snapshots__/get-rule-inclusions.test.ts.snap @@ -323,6 +323,9 @@ exports[`getRuleInclusions getRuleInclusions matches snapshotted list of product "reason": "rule is tagged best-practice", "status": "excluded", }, + "summary-name": { + "status": "included", + }, "svg-img-alt": { "status": "included", }, diff --git a/yarn.lock b/yarn.lock index 9641520409a..0a045704876 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3035,7 +3035,7 @@ __metadata: resolution: "accessibility-insights-report@workspace:packages/report" dependencies: "@fluentui/react": ^8.118.1 - axe-core: 4.9.1 + axe-core: 4.10.2 classnames: ^2.5.1 lodash: ^4.17.21 luxon: ^3.5.0 @@ -3093,7 +3093,7 @@ __metadata: "@typescript-eslint/eslint-plugin": ^5.61.0 "@typescript-eslint/parser": ^6.18.1 ajv: ^8.12.0 - axe-core: 4.9.1 + axe-core: 4.10.2 case-sensitive-paths-webpack-plugin: ^2.4.0 classnames: ^2.5.1 codecov: ^3.8.3 @@ -3604,6 +3604,13 @@ __metadata: languageName: node linkType: hard +"axe-core@npm:4.10.2": + version: 4.10.2 + resolution: "axe-core@npm:4.10.2" + checksum: 2b9b1c93ea73ea9f206604e4e17bd771d2d835f077bde54517d73028b8865c69b209460e73d5b109968cbdb39ab3d28943efa5695189bd79e16421ce1706719e + languageName: node + linkType: hard + "axe-core@npm:4.9.1": version: 4.9.1 resolution: "axe-core@npm:4.9.1" From 1813f30cd701c52f484a45bb2b9042d48d4ac62a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 8 Nov 2024 11:55:37 +0530 Subject: [PATCH 11/17] chore(deps): Bump playwright from v1.46.1-focal to v1.48.1-focal (#7470) Bumps playwright from v1.46.1-focal to v1.48.1-focal. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=playwright&package-manager=docker&previous-version=v1.46.1-focal&new-version=v1.48.1-focal)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
--------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: v-sharmachir --- .github/workflows/ci.yml | 2 +- Dockerfile | 2 +- package.json | 2 +- yarn.lock | 20 ++++++++++---------- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5672bc3cd05..9514a5e7595 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -133,7 +133,7 @@ jobs: name: e2e-web-tests (${{ matrix.shard-index }}/${{ strategy.job-total }}) runs-on: ubuntu-20.04 # We need to update this each time we update playwright - container: mcr.microsoft.com/playwright:v1.46.1-focal + container: mcr.microsoft.com/playwright:v1.48.1-focal strategy: fail-fast: false matrix: diff --git a/Dockerfile b/Dockerfile index 738fee541c6..7db673c856f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ # reference: https://stackoverflow.com/a/51683309/3711475 # reference: https://github.com/GoogleChrome/puppeteer/blob/master/docs/troubleshooting.md#running-puppeteer-in-docker -FROM mcr.microsoft.com/playwright:v1.46.1-focal AS setup +FROM mcr.microsoft.com/playwright:v1.48.1-focal AS setup USER root diff --git a/package.json b/package.json index 583f5b7bcd7..5af699b5ee9 100644 --- a/package.json +++ b/package.json @@ -130,7 +130,7 @@ "license-check-and-add": "^4.0.5", "mini-css-extract-plugin": "2.9.0", "npm-run-all": "^4.1.5", - "playwright": "^1.46.1", + "playwright": "^1.48.1", "postcss": "^8.4.41", "postcss-modules": "^6.0.0", "prettier": "^3.3.3", diff --git a/yarn.lock b/yarn.lock index 0a045704876..36669bda924 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3131,7 +3131,7 @@ __metadata: luxon: ^3.5.0 mini-css-extract-plugin: 2.9.0 npm-run-all: ^4.1.5 - playwright: ^1.46.1 + playwright: ^1.48.1 postcss: ^8.4.41 postcss-modules: ^6.0.0 prettier: ^3.3.3 @@ -9674,27 +9674,27 @@ __metadata: languageName: node linkType: hard -"playwright-core@npm:1.46.1": - version: 1.46.1 - resolution: "playwright-core@npm:1.46.1" +"playwright-core@npm:1.48.1": + version: 1.48.1 + resolution: "playwright-core@npm:1.48.1" bin: playwright-core: cli.js - checksum: 99a03f97d76af02b0565aa09758eb03427e13497ef7e9e9044fd1184a5f050e7545a517dd7ad8988a68b3ea76e2ba0d411f81e410b1cb29f5ac9161c49689822 + checksum: adf5b43e054e49bcc712d70e71dedab92c362ea76a45a767bdf3d928d3c810a42f6f1c49382f3d44ed005986048001f75cb568605031215dc89a3e56d99d2976 languageName: node linkType: hard -"playwright@npm:^1.46.1": - version: 1.46.1 - resolution: "playwright@npm:1.46.1" +"playwright@npm:^1.48.1": + version: 1.48.1 + resolution: "playwright@npm:1.48.1" dependencies: fsevents: 2.3.2 - playwright-core: 1.46.1 + playwright-core: 1.48.1 dependenciesMeta: fsevents: optional: true bin: playwright: cli.js - checksum: 9e721cb27f919cd92ea8c7461f4a8e97e32eade9da036baa4747f483549e33a8d77585f51e228d6639a1e28a76b0c1d59ca0a05dbd07aa3cfe427be7aaeb9ec8 + checksum: 81ca13392ad5e5ca87a226d0f5ff2da958c4e06a01dd6b56b4e4e5b4fec45ef8a8f7f0563ef0f4c725814265b931984d0c841e8524362b24480bcd527aa0c054 languageName: node linkType: hard From 6d8f8ba94473daf23e6658f1e8812e5746b5386b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 8 Nov 2024 11:58:36 +0530 Subject: [PATCH 12/17] chore(deps-dev): Bump @types/lodash from 4.17.1 to 4.17.12 (#7473) Bumps [@types/lodash](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/lodash) from 4.17.1 to 4.17.12.
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@types/lodash&package-manager=npm_and_yarn&previous-version=4.17.1&new-version=4.17.12)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
--------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Rakesh Shivapooja --- package.json | 2 +- .../components/left-nav/left-nav-link-builder.tsx | 2 +- yarn.lock | 10 +++++----- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/package.json b/package.json index 5af699b5ee9..3c43c3bb20c 100644 --- a/package.json +++ b/package.json @@ -84,7 +84,7 @@ "@types/chrome": "0.0.260", "@types/jest": "^29.5.11", "@types/jsdom": "^21.1.6", - "@types/lodash": "^4.14.202", + "@types/lodash": "^4.17.12", "@types/luxon": "^3.4.2", "@types/node": "^16.11.7", "@types/react": "^18.3.1", diff --git a/src/DetailsView/components/left-nav/left-nav-link-builder.tsx b/src/DetailsView/components/left-nav/left-nav-link-builder.tsx index a19133f4bde..93af95152a2 100644 --- a/src/DetailsView/components/left-nav/left-nav-link-builder.tsx +++ b/src/DetailsView/components/left-nav/left-nav-link-builder.tsx @@ -207,7 +207,7 @@ export class LeftNavLinkBuilder { return test; }); - return allTestLinks; + return allTestLinks as unknown as BaseLeftNavLink[]; } private buildNoncollapsibleAssessmentLink = ( diff --git a/yarn.lock b/yarn.lock index 36669bda924..a9bb4612df2 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2397,10 +2397,10 @@ __metadata: languageName: node linkType: hard -"@types/lodash@npm:^4.14.202": - version: 4.17.1 - resolution: "@types/lodash@npm:4.17.1" - checksum: 01984d5b44c09ef45258f8ac6d0cf926900624064722d51a020ba179e5d4a293da0068fb278d87dc695586afe7ebd3362ec57f5c0e7c4f6c1fab9d04a80e77f5 +"@types/lodash@npm:^4.17.12": + version: 4.17.12 + resolution: "@types/lodash@npm:4.17.12" + checksum: 7b564e4114f09ce5ae31a2e9493592baf20bb498507f3705c5d91cf838c2298b4f6a06f2d6c8dc608fcac63e210a2b7b13388c7a5e220e15688f813521030127 languageName: node linkType: hard @@ -3079,7 +3079,7 @@ __metadata: "@types/chrome": 0.0.260 "@types/jest": ^29.5.11 "@types/jsdom": ^21.1.6 - "@types/lodash": ^4.14.202 + "@types/lodash": ^4.17.12 "@types/luxon": ^3.4.2 "@types/node": ^16.11.7 "@types/react": ^18.3.1 From 0b4b14220f8d2bb0c9c1e35e939d434117f5ee69 Mon Sep 17 00:00:00 2001 From: v-rakeshsh <155614445+v-rakeshsh@users.noreply.github.com> Date: Fri, 8 Nov 2024 11:59:41 +0530 Subject: [PATCH 13/17] feat: Update report package to 5.2.0 as new version of axe-core is updated to latest version (#7487) #### Details Updating report package to new version as axe-core latest version is merged. #### Pull request checklist - [ ] Addresses an existing issue: #0000 - [x] Ran `yarn fastpass` --- packages/report/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/report/package.json b/packages/report/package.json index a19d9b779ae..04fb9a57f56 100644 --- a/packages/report/package.json +++ b/packages/report/package.json @@ -1,6 +1,6 @@ { "name": "accessibility-insights-report", - "version": "5.1.0", + "version": "5.2.0", "description": "Accessibility Insights Report", "license": "MIT", "files": [ From f70315a78165915479214ccbc65989ab1f808282 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 21 Nov 2024 19:17:44 -0500 Subject: [PATCH 14/17] chore(deps): Bump cross-spawn from 6.0.5 to 6.0.6 (#7493) Bumps [cross-spawn](https://github.com/moxystudio/node-cross-spawn) from 6.0.5 to 6.0.6.
Changelog

Sourced from cross-spawn's changelog.

6.0.6 (2024-11-18)

Bug Fixes

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cross-spawn&package-manager=npm_and_yarn&previous-version=6.0.5&new-version=6.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/microsoft/accessibility-insights-web/network/alerts).
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- yarn.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/yarn.lock b/yarn.lock index a9bb4612df2..0e95b0facca 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4359,15 +4359,15 @@ __metadata: linkType: hard "cross-spawn@npm:^6.0.5": - version: 6.0.5 - resolution: "cross-spawn@npm:6.0.5" + version: 6.0.6 + resolution: "cross-spawn@npm:6.0.6" dependencies: nice-try: ^1.0.4 path-key: ^2.0.1 semver: ^5.5.0 shebang-command: ^1.2.0 which: ^1.2.9 - checksum: f893bb0d96cd3d5751d04e67145bdddf25f99449531a72e82dcbbd42796bbc8268c1076c6b3ea51d4d455839902804b94bc45dfb37ecbb32ea8e54a6741c3ab9 + checksum: a6e2e5b04a0e0f806c1df45f92cd079b65f95fbe5a7650ee1ab60318c33a6c156a8a2f8b6898f57764f7363ec599a0625e9855dfa78d52d2d73dbd32eb11c25e languageName: node linkType: hard From d474a7eac9adb74079b365432e0b6c6c79893316 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 21 Nov 2024 20:19:45 -0500 Subject: [PATCH 15/17] chore(deps-dev): Bump typescript from 5.4.5 to 5.6.3 (#7486) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [typescript](https://github.com/microsoft/TypeScript) from 5.4.5 to 5.6.3.
Release notes

Sourced from typescript's releases.

TypeScript 5.6.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.6

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.6 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.6 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

... (truncated)

Commits
  • d48a5cf Bump version to 5.6.3 and LKG
  • fefa70a 🤖 Pick PR #60083 (Don't issue implicit any when obtai...) into release-5.6 (#...
  • ff71692 [release-5.6] Remove tsbuildInfo specification error now that we need it for ...
  • 1f44dcf 🤖 Pick PR #60157 (fix automatic type acquisition) into release-5.6 (#60169)
  • a7e3374 Bump version to 5.6.2 and LKG
  • 2063357 🤖 Pick PR #59708 (LEGO: Pull request from lego/hb_537...) into release-5.6 (#...
  • 4fe7e41 🤖 Pick PR #59670 (fix(59649): ts Move to a new file d...) into release-5.6 (#...
  • 1a03e53 🤖 Pick PR #59761 (this can be nullish) into release-5.6 (#59762)
  • 6212132 Update LKG
  • bbb5faf 🤖 Pick PR #59542 (Fixing delay caused in vscode due t...) into release-5.6 (#...
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request | Dependency Name | Ignore Conditions | | --- | --- | | typescript | [>= 5.0.a, < 5.1] |
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript&package-manager=npm_and_yarn&previous-version=5.4.5&new-version=5.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package.json | 2 +- packages/report-e2e-tests/package.json | 2 +- yarn.lock | 20 ++++++++++---------- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/package.json b/package.json index 3c43c3bb20c..b44cf8661d4 100644 --- a/package.json +++ b/package.json @@ -146,7 +146,7 @@ "ts-loader": "^9.5.1", "typed-scss-modules": "^8.0.0", "typemoq": "^2.1.0", - "typescript": "^5.4.5", + "typescript": "^5.6.3", "webpack": "^5.95.0", "webpack-cli": "^5.1.4", "webpack-node-externals": "^3.0.0" diff --git a/packages/report-e2e-tests/package.json b/packages/report-e2e-tests/package.json index 404aef5092a..6e5c1d39b9f 100644 --- a/packages/report-e2e-tests/package.json +++ b/packages/report-e2e-tests/package.json @@ -24,6 +24,6 @@ "jest-file-snapshot": "^0.5.0", "jest-junit": "^16.0.0", "prettier": "^3.3.3", - "typescript": "^5.4.5" + "typescript": "^5.6.3" } } diff --git a/yarn.lock b/yarn.lock index 0e95b0facca..9c7b939e618 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3026,7 +3026,7 @@ __metadata: jest-file-snapshot: ^0.5.0 jest-junit: ^16.0.0 prettier: ^3.3.3 - typescript: ^5.4.5 + typescript: ^5.6.3 languageName: unknown linkType: soft @@ -3153,7 +3153,7 @@ __metadata: ts-loader: ^9.5.1 typed-scss-modules: ^8.0.0 typemoq: ^2.1.0 - typescript: ^5.4.5 + typescript: ^5.6.3 ua-parser-js: ^1.0.37 uuid: ^9.0.1 webextension-polyfill: ^0.12.0 @@ -11954,23 +11954,23 @@ __metadata: languageName: node linkType: hard -"typescript@npm:^5.4.5": - version: 5.4.5 - resolution: "typescript@npm:5.4.5" +"typescript@npm:^5.6.3": + version: 5.6.3 + resolution: "typescript@npm:5.6.3" bin: tsc: bin/tsc tsserver: bin/tsserver - checksum: 53c879c6fa1e3bcb194b274d4501ba1985894b2c2692fa079db03c5a5a7140587a1e04e1ba03184605d35f439b40192d9e138eb3279ca8eee313c081c8bcd9b0 + checksum: ba302f8822777ebefb28b554105f3e074466b671e7444ec6b75dadc008a62f46f373d9e57ceced1c433756d06c8b7dc569a7eefdf3a9573122a49205ff99021a languageName: node linkType: hard -"typescript@patch:typescript@^5.4.5#~builtin": - version: 5.4.5 - resolution: "typescript@patch:typescript@npm%3A5.4.5#~builtin::version=5.4.5&hash=85af82" +"typescript@patch:typescript@^5.6.3#~builtin": + version: 5.6.3 + resolution: "typescript@patch:typescript@npm%3A5.6.3#~builtin::version=5.6.3&hash=85af82" bin: tsc: bin/tsc tsserver: bin/tsserver - checksum: 2373c693f3b328f3b2387c3efafe6d257b057a142f9a79291854b14ff4d5367d3d730810aee981726b677ae0fd8329b23309da3b6aaab8263dbdccf1da07a3ba + checksum: ade87bce2363ee963eed0e4ca8a312ea02c81873ebd53609bc3f6dc0a57f6e61ad7e3fb8cbb7f7ab8b5081cbee801b023f7c4823ee70b1c447eae050e6c7622b languageName: node linkType: hard From 675e84649bfd44f9f69b8de127054bad579defee Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 20 Dec 2024 14:20:31 -0500 Subject: [PATCH 16/17] chore(deps-dev): Bump jest-file-snapshot from 0.5.0 to 0.7.0 (#7489) Bumps [jest-file-snapshot](https://github.com/satya164/jest-file-snapshot) from 0.5.0 to 0.7.0.
Release notes

Sourced from jest-file-snapshot's releases.

Release 0.7.0

0.7.0 (2024-07-10)

Bug Fixes

Features

  • add an option to customize diff method. closes #25 (952999d)

Release 0.6.0

0.6.0 (2024-07-08)

Bug Fixes

  • invalid interface reference in d.ts (#23) (d0fa939)

Features

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jest-file-snapshot&package-manager=npm_and_yarn&previous-version=0.5.0&new-version=0.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- packages/report-e2e-tests/package.json | 2 +- yarn.lock | 91 ++++++-------------------- 2 files changed, 21 insertions(+), 72 deletions(-) diff --git a/packages/report-e2e-tests/package.json b/packages/report-e2e-tests/package.json index 6e5c1d39b9f..7db83a437bf 100644 --- a/packages/report-e2e-tests/package.json +++ b/packages/report-e2e-tests/package.json @@ -21,7 +21,7 @@ "devDependencies": { "@types/jest": "^29.5.11", "jest": "^29.7.0", - "jest-file-snapshot": "^0.5.0", + "jest-file-snapshot": "^0.7.0", "jest-junit": "^16.0.0", "prettier": "^3.3.3", "typescript": "^5.6.3" diff --git a/yarn.lock b/yarn.lock index 9c7b939e618..e28078b8c83 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1656,19 +1656,6 @@ __metadata: languageName: node linkType: hard -"@jest/types@npm:^26.6.2": - version: 26.6.2 - resolution: "@jest/types@npm:26.6.2" - dependencies: - "@types/istanbul-lib-coverage": ^2.0.0 - "@types/istanbul-reports": ^3.0.0 - "@types/node": "*" - "@types/yargs": ^15.0.0 - chalk: ^4.0.0 - checksum: a0bd3d2f22f26ddb23f41fddf6e6a30bf4fab2ce79ec1cb6ce6fdfaf90a72e00f4c71da91ec61e13db3b10c41de22cf49d07c57ff2b59171d64b29f909c1d8d6 - languageName: node - linkType: hard - "@jest/types@npm:^29.6.3": version: 29.6.3 resolution: "@jest/types@npm:29.6.3" @@ -2579,15 +2566,6 @@ __metadata: languageName: node linkType: hard -"@types/yargs@npm:^15.0.0": - version: 15.0.19 - resolution: "@types/yargs@npm:15.0.19" - dependencies: - "@types/yargs-parser": "*" - checksum: 6a509db36304825674f4f00300323dce2b4d850e75819c3db87e9e9f213ac2c4c6ed3247a3e4eed6e8e45b3f191b133a356d3391dd694d9ea27a0507d914ef4c - languageName: node - linkType: hard - "@types/yargs@npm:^17.0.8": version: 17.0.32 resolution: "@types/yargs@npm:17.0.32" @@ -3023,7 +3001,7 @@ __metadata: "@types/jest": ^29.5.11 accessibility-insights-report: "*" jest: ^29.7.0 - jest-file-snapshot: ^0.5.0 + jest-file-snapshot: ^0.7.0 jest-junit: ^16.0.0 prettier: ^3.3.3 typescript: ^5.6.3 @@ -3302,7 +3280,7 @@ __metadata: languageName: node linkType: hard -"ansi-regex@npm:^5.0.0, ansi-regex@npm:^5.0.1": +"ansi-regex@npm:^5.0.1": version: 5.0.1 resolution: "ansi-regex@npm:5.0.1" checksum: 2aa4bb54caf2d622f1afdad09441695af2a83aa3fe8b8afa581d205e57ed4261c183c4d3877cee25794443fde5876417d859c108078ab788d6af7e4fe52eb66b @@ -4671,13 +4649,6 @@ __metadata: languageName: node linkType: hard -"diff-sequences@npm:^26.6.2": - version: 26.6.2 - resolution: "diff-sequences@npm:26.6.2" - checksum: 79af871776ef149a7ff3345d6b1bf37fe6e81f68632aa5542787851f6f60fba19b0be22fdd1e06046f56ae7382763ccfe94a982c39ee72bd107aef435ecbc0cf - languageName: node - linkType: hard - "diff-sequences@npm:^29.6.3": version: 29.6.3 resolution: "diff-sequences@npm:29.6.3" @@ -5881,7 +5852,7 @@ __metadata: languageName: node linkType: hard -"filenamify@npm:^4.2.0": +"filenamify@npm:^4.3.0": version: 4.3.0 resolution: "filenamify@npm:4.3.0" dependencies: @@ -7665,18 +7636,6 @@ __metadata: languageName: node linkType: hard -"jest-diff@npm:^26.6.1": - version: 26.6.2 - resolution: "jest-diff@npm:26.6.2" - dependencies: - chalk: ^4.0.0 - diff-sequences: ^26.6.2 - jest-get-type: ^26.3.0 - pretty-format: ^26.6.2 - checksum: d00d297f31e1ac0252127089892432caa7a11c69bde29cf3bb6c7a839c8afdb95cf1fd401f9df16a4422745da2e6a5d94b428b30666a2540c38e1c5699915c2d - languageName: node - linkType: hard - "jest-diff@npm:^29.7.0": version: 29.7.0 resolution: "jest-diff@npm:29.7.0" @@ -7746,22 +7705,15 @@ __metadata: languageName: node linkType: hard -"jest-file-snapshot@npm:^0.5.0": - version: 0.5.0 - resolution: "jest-file-snapshot@npm:0.5.0" +"jest-file-snapshot@npm:^0.7.0": + version: 0.7.0 + resolution: "jest-file-snapshot@npm:0.7.0" dependencies: - chalk: ^4.1.0 - filenamify: ^4.2.0 - jest-diff: ^26.6.1 - mkdirp: ^1.0.4 - checksum: c7e771223c6b6d2659a3b1a48b0841054fb5a6c503fb27aee9b8664097223c667674f435cc68ad958fa91c0188c33477598d0f7c7d358e7966713f4d42942284 - languageName: node - linkType: hard - -"jest-get-type@npm:^26.3.0": - version: 26.3.0 - resolution: "jest-get-type@npm:26.3.0" - checksum: 1cc6465ae4f5e880be22ba52fd270fa64c21994915f81b41f8f7553a7957dd8e077cc8d03035de9412e2d739f8bad6a032ebb5dab5805692a5fb9e20dd4ea666 + chalk: ^4.1.2 + filenamify: ^4.3.0 + jest-diff: ^29.7.0 + mkdirp: ^3.0.1 + checksum: 240ed86c21b7aaaefe4e92b0ec8ae164aea9d651bf0f59daaa1f4c919816059dfe252e6e7198bc284a75cbc75b366e375d6a579683de063da674eda3a32e9905 languageName: node linkType: hard @@ -8932,6 +8884,15 @@ __metadata: languageName: node linkType: hard +"mkdirp@npm:^3.0.1": + version: 3.0.1 + resolution: "mkdirp@npm:3.0.1" + bin: + mkdirp: dist/cjs/src/bin.js + checksum: 972deb188e8fb55547f1e58d66bd6b4a3623bf0c7137802582602d73e6480c1c2268dcbafbfb1be466e00cc7e56ac514d7fd9334b7cf33e3e2ab547c16f83a8d + languageName: node + linkType: hard + "ms@npm:2.0.0": version: 2.0.0 resolution: "ms@npm:2.0.0" @@ -9863,18 +9824,6 @@ __metadata: languageName: node linkType: hard -"pretty-format@npm:^26.6.2": - version: 26.6.2 - resolution: "pretty-format@npm:26.6.2" - dependencies: - "@jest/types": ^26.6.2 - ansi-regex: ^5.0.0 - ansi-styles: ^4.0.0 - react-is: ^17.0.1 - checksum: e3b808404d7e1519f0df1aa1f25cee0054ab475775c6b2b8c5568ff23194a92d54bf93274139b6f584ca70fd773be4eaa754b0e03f12bb0a8d1426b07f079976 - languageName: node - linkType: hard - "pretty-format@npm:^27.0.2": version: 27.5.1 resolution: "pretty-format@npm:27.5.1" From aee35602224e0e92fcf4569ccb2002b3aa12cdae Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Dec 2024 02:23:01 -0800 Subject: [PATCH 17/17] chore(deps): Bump playwright from v1.48.1-focal to v1.48.2-focal (#7488) Bumps playwright from v1.48.1-focal to v1.48.2-focal. --- .github/workflows/ci.yml | 2 +- Dockerfile | 2 +- package.json | 2 +- yarn.lock | 20 ++++++++++---------- 4 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9514a5e7595..979ecbcd9a6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -133,7 +133,7 @@ jobs: name: e2e-web-tests (${{ matrix.shard-index }}/${{ strategy.job-total }}) runs-on: ubuntu-20.04 # We need to update this each time we update playwright - container: mcr.microsoft.com/playwright:v1.48.1-focal + container: mcr.microsoft.com/playwright:v1.48.2-focal strategy: fail-fast: false matrix: diff --git a/Dockerfile b/Dockerfile index 7db673c856f..44294568248 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ # reference: https://stackoverflow.com/a/51683309/3711475 # reference: https://github.com/GoogleChrome/puppeteer/blob/master/docs/troubleshooting.md#running-puppeteer-in-docker -FROM mcr.microsoft.com/playwright:v1.48.1-focal AS setup +FROM mcr.microsoft.com/playwright:v1.48.2-focal AS setup USER root diff --git a/package.json b/package.json index b44cf8661d4..cc9eebeb4aa 100644 --- a/package.json +++ b/package.json @@ -130,7 +130,7 @@ "license-check-and-add": "^4.0.5", "mini-css-extract-plugin": "2.9.0", "npm-run-all": "^4.1.5", - "playwright": "^1.48.1", + "playwright": "^1.48.2", "postcss": "^8.4.41", "postcss-modules": "^6.0.0", "prettier": "^3.3.3", diff --git a/yarn.lock b/yarn.lock index e28078b8c83..2a5b3b27140 100644 --- a/yarn.lock +++ b/yarn.lock @@ -3109,7 +3109,7 @@ __metadata: luxon: ^3.5.0 mini-css-extract-plugin: 2.9.0 npm-run-all: ^4.1.5 - playwright: ^1.48.1 + playwright: ^1.48.2 postcss: ^8.4.41 postcss-modules: ^6.0.0 prettier: ^3.3.3 @@ -9635,27 +9635,27 @@ __metadata: languageName: node linkType: hard -"playwright-core@npm:1.48.1": - version: 1.48.1 - resolution: "playwright-core@npm:1.48.1" +"playwright-core@npm:1.48.2": + version: 1.48.2 + resolution: "playwright-core@npm:1.48.2" bin: playwright-core: cli.js - checksum: adf5b43e054e49bcc712d70e71dedab92c362ea76a45a767bdf3d928d3c810a42f6f1c49382f3d44ed005986048001f75cb568605031215dc89a3e56d99d2976 + checksum: a73ecea379f13f757ec38299871256a130d4abec5688369969a6b1ef6104c67f731a27c9a503a988c3e5b1141048552a3ed8c4d061cb631ff2ebab606835c10a languageName: node linkType: hard -"playwright@npm:^1.48.1": - version: 1.48.1 - resolution: "playwright@npm:1.48.1" +"playwright@npm:^1.48.2": + version: 1.48.2 + resolution: "playwright@npm:1.48.2" dependencies: fsevents: 2.3.2 - playwright-core: 1.48.1 + playwright-core: 1.48.2 dependenciesMeta: fsevents: optional: true bin: playwright: cli.js - checksum: 81ca13392ad5e5ca87a226d0f5ff2da958c4e06a01dd6b56b4e4e5b4fec45ef8a8f7f0563ef0f4c725814265b931984d0c841e8524362b24480bcd527aa0c054 + checksum: 69ffb28b5a94fc21a9bd3439feb363ffebb21c6b00e6d08ffc225787be49005d6b57072ebb043e78378252850f2b7712f8478e6685138a8e445d6fda94a31e28 languageName: node linkType: hard