- 29 Sep, 2023 6 commits
-
-
dependabot[bot] authored
Bumps [sass](https://github.com/sass/dart-sass) from 1.67.0 to 1.68.0. - [Release notes](https://github.com/sass/dart-sass/releases) - [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md) - [Commits](https://github.com/sass/dart-sass/compare/1.67.0...1.68.0) --- updated-dependencies: - dependency-name: sass dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps the rollup group with 1 update: [rollup](https://github.com/rollup/rollup). - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollup/rollup/compare/v3.29.3...v3.29.4) --- updated-dependencies: - dependency-name: rollup dependency-type: direct:development update-type: version-update:semver-patch dependency-group: rollup ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [preact](https://github.com/preactjs/preact) from 10.17.1 to 10.18.0. - [Release notes](https://github.com/preactjs/preact/releases) - [Commits](https://github.com/preactjs/preact/compare/10.17.1...10.18.0) --- updated-dependencies: - dependency-name: preact dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.0.5 to 3.0.6. - [Release notes](https://github.com/cure53/DOMPurify/releases) - [Commits](https://github.com/cure53/DOMPurify/compare/3.0.5...3.0.6) --- updated-dependencies: - dependency-name: dompurify dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [chai](https://github.com/chaijs/chai) from 4.3.9 to 4.3.10. - [Release notes](https://github.com/chaijs/chai/releases) - [Changelog](https://github.com/chaijs/chai/blob/4.x.x/History.md) - [Commits](https://github.com/chaijs/chai/compare/v4.3.9...v4.3.10) --- updated-dependencies: - dependency-name: chai dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.1465.0 to 2.1466.0. - [Release notes](https://github.com/aws/aws-sdk-js/releases) - [Commits](https://github.com/aws/aws-sdk-js/compare/v2.1465.0...v2.1466.0) --- updated-dependencies: - dependency-name: aws-sdk dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
- 28 Sep, 2023 13 commits
-
-
Robert Knight authored
-
Robert Knight authored
- Add the core `rollup` dep to the "rollup" group. It is maintained by the same GitHub org, but doesn't start with `@rollup/` - Add groups for `@types/` package. These are all sourced from the same organization. - Rename `lint` => `eslint`. This avoids ambiguity if copying this config into other repos that also use Python linters.
-
dependabot[bot] authored
Bumps the sentry group with 1 update: [@sentry/browser](https://github.com/getsentry/sentry-javascript). - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-javascript/compare/7.70.0...7.72.0) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: sentry ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.29 to 8.4.30. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/postcss/compare/8.4.29...8.4.30) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps the lint group with 3 updates: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin), [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) and [eslint-plugin-mocha](https://github.com/lo1tuma/eslint-plugin-mocha). Updates `@typescript-eslint/eslint-plugin` from 6.7.2 to 6.7.3 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.7.3/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 6.7.2 to 6.7.3 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.7.3/packages/parser) Updates `eslint-plugin-mocha` from 10.1.0 to 10.2.0 - [Release notes](https://github.com/lo1tuma/eslint-plugin-mocha/releases) - [Changelog](https://github.com/lo1tuma/eslint-plugin-mocha/blob/master/CHANGELOG.md) - [Commits](https://github.com/lo1tuma/eslint-plugin-mocha/compare/10.1.0...10.2.0) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: lint - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: lint - dependency-name: eslint-plugin-mocha dependency-type: direct:development update-type: version-update:semver-minor dependency-group: lint ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [get-func-name](https://github.com/chaijs/get-func-name) from 2.0.0 to 2.0.2. - [Release notes](https://github.com/chaijs/get-func-name/releases) - [Commits](https://github.com/chaijs/get-func-name/commits/v2.0.2) --- updated-dependencies: - dependency-name: get-func-name dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [chai](https://github.com/chaijs/chai) from 4.3.8 to 4.3.9. - [Release notes](https://github.com/chaijs/chai/releases) - [Changelog](https://github.com/chaijs/chai/blob/4.x.x/History.md) - [Commits](https://github.com/chaijs/chai/compare/v4.3.8...v4.3.9) --- updated-dependencies: - dependency-name: chai dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps the babel group with 2 updates: [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) and [@babel/preset-typescript](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript). Updates `@babel/core` from 7.22.17 to 7.23.0 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.0/packages/babel-core) Updates `@babel/preset-typescript` from 7.22.15 to 7.23.0 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.0/packages/babel-preset-typescript) --- updated-dependencies: - dependency-name: "@babel/core" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: babel - dependency-name: "@babel/preset-typescript" dependency-type: direct:development update-type: version-update:semver-minor dependency-group: babel ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.1463.0 to 2.1465.0. - [Release notes](https://github.com/aws/aws-sdk-js/releases) - [Commits](https://github.com/aws/aws-sdk-js/compare/v2.1463.0...v2.1465.0) --- updated-dependencies: - dependency-name: aws-sdk dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@types/showdown](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/showdown) from 2.0.1 to 2.0.2. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/showdown) --- updated-dependencies: - dependency-name: "@types/showdown" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@types/scroll-into-view](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/scroll-into-view) from 1.16.1 to 1.16.2. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/scroll-into-view) --- updated-dependencies: - dependency-name: "@types/scroll-into-view" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@octokit/rest](https://github.com/octokit/rest.js) from 20.0.1 to 20.0.2. - [Release notes](https://github.com/octokit/rest.js/releases) - [Commits](https://github.com/octokit/rest.js/compare/v20.0.1...v20.0.2) --- updated-dependencies: - dependency-name: "@octokit/rest" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@npmcli/arborist](https://github.com/npm/cli/tree/HEAD/workspaces/arborist) from 7.0.0 to 7.1.0. - [Release notes](https://github.com/npm/cli/releases) - [Changelog](https://github.com/npm/cli/blob/latest/workspaces/arborist/CHANGELOG.md) - [Commits](https://github.com/npm/cli/commits/v7.1.0/workspaces/arborist) --- updated-dependencies: - dependency-name: "@npmcli/arborist" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
- 27 Sep, 2023 4 commits
-
-
Robert Knight authored
Without this the pattern doesn't match any packages.
-
Robert Knight authored
Try to reduce conflicts when merging dependency updates by grouping updates for related packages. See https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups
-
Robert Knight authored
This allows Prettier to be used to format files in `.github/` for example.
-
dependabot[bot] authored
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 6.7.0 to 6.7.2. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.7.2/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
- 25 Sep, 2023 11 commits
-
-
Alejandro Celaya authored
-
dependabot[bot] authored
Bumps [rollup](https://github.com/rollup/rollup) from 3.29.2 to 3.29.3. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollup/rollup/compare/v3.29.2...v3.29.3) --- updated-dependencies: - dependency-name: rollup dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [eslint](https://github.com/eslint/eslint) from 8.49.0 to 8.50.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/compare/v8.49.0...v8.50.0) --- updated-dependencies: - dependency-name: eslint dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [axe-core](https://github.com/dequelabs/axe-core) from 4.8.1 to 4.8.2. - [Release notes](https://github.com/dequelabs/axe-core/releases) - [Changelog](https://github.com/dequelabs/axe-core/blob/develop/CHANGELOG.md) - [Commits](https://github.com/dequelabs/axe-core/compare/v4.8.1...v4.8.2) --- updated-dependencies: - dependency-name: axe-core dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.1459.0 to 2.1463.0. - [Release notes](https://github.com/aws/aws-sdk-js/releases) - [Commits](https://github.com/aws/aws-sdk-js/compare/v2.1459.0...v2.1463.0) --- updated-dependencies: - dependency-name: aws-sdk dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 10.4.15 to 10.4.16. - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/autoprefixer/compare/10.4.15...10.4.16) --- updated-dependencies: - dependency-name: autoprefixer dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 6.6.0 to 6.7.2. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.7.2/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@types/dompurify](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/dompurify) from 3.0.2 to 3.0.3. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/dompurify) --- updated-dependencies: - dependency-name: "@types/dompurify" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@sentry/cli](https://github.com/getsentry/sentry-cli) from 2.20.7 to 2.21.1. - [Release notes](https://github.com/getsentry/sentry-cli/releases) - [Changelog](https://github.com/getsentry/sentry-cli/blob/2.21.1/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-cli/compare/2.20.7...2.21.1) --- updated-dependencies: - dependency-name: "@sentry/cli" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.69.0 to 7.70.0. - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-javascript/compare/7.69.0...7.70.0) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
Robert Knight authored
Ignore port requests in `PortProvider` where the `MessageEvent.source` property is null. This can happen if the source was removed before our message event handler was called. This attempts to resolve https://hypothesis.sentry.io/issues/3987392274.
-
- 19 Sep, 2023 3 commits
-
-
Robert Knight authored
Allow the host frame to explicitly reject a request for a message channel by setting the `Message.error` property. Previously other frames could only wait for requests to time out. This allows the sidebar to display an error much sooner if it gets reloaded and cannot reconnect to the host frame. Part of https://github.com/hypothesis/client/issues/4095
-
Robert Knight authored
These checks had not been updated for the addition of the "profile" application. Also at a conceptual level the responsibility for deciding which types of frames are allowed to connect to each other belongs to the `PortProvider` in the host frame, not the `PortFinder` in other frames.
-
Robert Knight authored
If the `<hypothesis-sidebar>` element is moved around in the DOM, this can cause the sidebar to reload. There may also be other causes of the sidebar reloading (eg. process crash for out-of-process iframe?). If the sidebar loads a second time, it will fail to connect to the host frame since `PortProvider` will try to re-use the `MessageChannel` it has already allocated, but sending that channels ports will fail since they have already been transferred. Recovering from this scenario fully involves a lot of changes since all the places that have a connection to the sidebar would need to support replacing that channel. Also various state in host/guest frames (eg. currently loaded annotations) will be out of sync and need resetting. What this commit does is just to handle the situation more gracefully, by logging a meaningful error in the console and, after a delay, showing an error message in the sidebar telling the user to reload the page. This also avoids spamming Sentry [1] with errors about a situation that is out of our control. We get a lot of error reports about this each month, mainly from certain high-traffic pages that embed the client, but so far no actual complaints from users about Hypothesis not working. Therefore it doesn't yet seem valuable enough to do all the work to recover from a sidebar frame reload automatically. [1] https://hypothesis.sentry.io/issues/2975780063/
-
- 18 Sep, 2023 3 commits
-
-
dependabot[bot] authored
Bumps [sinon](https://github.com/sinonjs/sinon) from 15.2.0 to 16.0.0. - [Release notes](https://github.com/sinonjs/sinon/releases) - [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md) - [Commits](https://github.com/sinonjs/sinon/compare/v15.2.0...v16.0.0) --- updated-dependencies: - dependency-name: sinon dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [sass](https://github.com/sass/dart-sass) from 1.66.1 to 1.67.0. - [Release notes](https://github.com/sass/dart-sass/releases) - [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md) - [Commits](https://github.com/sass/dart-sass/compare/1.66.1...1.67.0) --- updated-dependencies: - dependency-name: sass dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [rollup](https://github.com/rollup/rollup) from 3.28.1 to 3.29.2. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollup/rollup/compare/v3.28.1...v3.29.2) --- updated-dependencies: - dependency-name: rollup dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-