Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump @adobe/css-tools from 4.0.1 to 4.3.1 #1377

Merged
merged 2 commits into from
Oct 17, 2023
Merged

Bump @adobe/css-tools from 4.0.1 to 4.3.1 #1377

merged 2 commits into from
Oct 17, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 30, 2023
edited
Loading

Bumps @adobe/css-tools from 4.0.1 to 4.3.1.

Changelog

Sourced from @​adobe/css-tools's changelog.

4.3.1 / 2023-03-14

  • Fix redos vulnerability with specific crafted css string - CVE-2023-26364

4.3.0 / 2023-03-07

  • Update build tools
  • Update exports path and files

4.2.0 / 2023-02-21

4.1.0 / 2023-01-25

  • Support ESM Modules

4.0.2 / 2023-01-12

  • #71 : @​import does not work if url contains ';'
  • #77 : Regression in selector parsing: Attribute selectors not parsed correctly
Commits

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
Bump @adobe/css-tools from 4.0.1 to 4.3.1
cd49c83 
Bumps [@adobe/css-tools](https://github.com/adobe/css-tools) from 4.0.1 to 4.3.1.
- [Changelog](https://github.com/adobe/css-tools/blob/main/History.md)
- [Commits](https://github.com/adobe/css-tools/commits)

---
updated-dependencies:
- dependency-name: "@adobe/css-tools"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from tubone24 as a code owner August 30, 2023 00:23
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Aug 30, 2023
@coveralls
Copy link
Collaborator

Pull Request Test Coverage Report for Build 6018963322

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+1.0%) to 86.649%
Totals Coverage Status
Change from base Build 5856462199: 1.0%
Covered Lines: 250
Relevant Lines: 280
💛 - Coveralls

@github-actions
Copy link
Contributor

depcheck Result

List up libraries that are defined in dependencies and devDependencies in package.json but not used in your codes.

Unused dependencies 
- @popperjs/core
- @sentry/react
- @typescript-eslint/eslint-plugin
- babel-loader
- babel-polyfill
- classnames
- flexboxgrid
- gatsby-legacy-polyfills
- gatsby-plugin-flexsearch
- gatsby-plugin-twitter
- gatsby-react-router-scroll
- html-minifier
- intersection-observer
- md5
- preact
- preact-render-to-string
- react-body-classname
- react-dom
- rimraf
- sass
- typescript
Unused devdependencies 
- @babel/core
- @babel/preset-typescript
- @storybook/addon-a11y
- @storybook/addon-controls
- @storybook/addon-essentials
- @storybook/addon-info
- @storybook/addon-interactions
- @storybook/addon-knobs
- @storybook/addon-links
- @storybook/addon-storysource
- @storybook/addon-viewport
- @storybook/builder-webpack5
- @storybook/manager-webpack5
- @textlint-rule/textlint-rule-no-duplicate-abbr
- @types/jest
- @types/react-test-renderer
- @types/responselike
- axe-core
- @babel/eslint-parser
- babel-plugin-transform-runtime
- core-js
- cross-env
- css-loader
- eslint
- eslint-config-airbnb
- eslint-import-resolver-webpack
- eslint-plugin-import
- eslint-plugin-jsx-a11y
- eslint-plugin-react
- gh-pages
- husky
- identity-obj-proxy
- jest
- jest-environment-jsdom
- markdownlint-cli2
- memlab
- netlify-cli
- netlify-lambda
- nyc
- prettier
- react-test-renderer
- sass-loader
- start-server-and-test
- stylelint
- stylelint-config-recess-order
- stylelint-config-recommended-scss
- stylelint-config-standard
- stylelint-scss
- textlint
- textlint-filter-rule-allowlist
- textlint-filter-rule-comments
- textlint-rule-aws-spellcheck
- textlint-rule-ja-no-inappropriate-words
- textlint-rule-no-mixed-zenkaku-and-hankaku-alphabet
- textlint-rule-no-start-duplicated-conjunction
- textlint-rule-preset-smarthr
- textlint-rule-prh
- textlint-rule-terminology
- ts-jest
- yaml-lint
Missing 
- colors
  - /github/workspace/src/styles/_hover.scss

- @algolia/transporter
  - /github/workspace/src/components/SearchBox/index.tsx

- @algolia/client-search
  - /github/workspace/src/components/SearchBox/index.tsx

- qs
  - /github/workspace/scripts/benchmark.js

- https
  - /github/workspace/scripts/uploadScreenShot.ts

github-actions bot pushed a commit that referenced this pull request Oct 16, 2023
@tubone24
[file upload] Added file for PR #1377
c321e75
@github-actions
Copy link
Contributor

Memlab leaks report

page-load [7.2MB] (baseline) [s1] > action-on-page [8.9MB] (target) [s2] > revert [9.1MB] (final) [s3]  
------2 clusters------

--Similar leaks in this run: 1229--
--Retained size of leaked objects: 123.1KB--
[<synthetic>] (synthetic) @1 [10.3MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @6211 [62.1KB]
  --requestAnimationFrame (property)--->  [<closure>] (closure) @42773 [164 bytes]
  --context (internal)--->  [<function scope>] (object) @306477 [68 bytes]
  --previous (internal)--->  [<function scope>] (object) @94937 [35KB]
  --n (variable)--->  [t] (closure) @173451 [1.3KB]
  --context (internal)--->  [<function scope>] (object) @72421 [63KB]
  --n (variable)--->  [Object] (object) @307073 [62.9KB]
  --449 (element)--->  [Object] (object) @187465 [24 bytes]
  --exports (property)--->  [r] (closure) @173187 [2.6KB]
  --hasData (property)--->  [<closure>] (closure) @143107 [76 bytes]
  --context (internal)--->  [<function scope>] (object) @143101 [1.4KB]
  --e (variable)--->  [Object] (object) @173427 [1KB]
  --2 (element)--->  [Object] (object) @324363 [76 bytes]
  --aaAutocomplete (property)--->  [f] (object) @324367 [348 bytes]
  --$node (property)--->  [q] (object) @327809 [188 bytes]
  --0 (element)--->  [Detached HTMLSpanElement] (native) @321133 [616 bytes]
  --7 (element)--->  [Detached HTMLDivElement] (native) @320881 [5.7KB]
  --7 (element)--->  [Detached HTMLDivElement] (native) @320781 [384 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @320909 [384 bytes]
  --6 (element)--->  [Detached HTMLAnchorElement] (native) @321205 [2.2KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @321219 [2.2KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @321233 [2.2KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @321247 [2.2KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @321261 [2.2KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @321275 [2.2KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @320509 [2.2KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @320523 [2.2KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @320537 [2.2KB]
  --16 (element)--->  [Detached InternalNode] (native) @57454 [336 bytes]
  --2 (element)--->  [Detached InternalNode] (native) @47082 [224 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @47076 [224 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @47078 [112 bytes]
  --1 (element)--->  [Detached EventListener] (native) @61374 [112 bytes]

--Similar leaks in this run: 539--
--Retained size of leaked objects: 49KB--
[<synthetic>] (synthetic) @1 [10.3MB]
  --4 (shortcut)--->  [Window / https://blog.tubone-project24.xyz] (object) @6211 [62.1KB]
  --___replace (property)--->  [<closure>] (closure) @43269 [76 bytes]
  --context (internal)--->  [<function scope>] (object) @115473 [724 bytes]
  --a (variable)--->  [Module] (object) @173505 [6.1KB]
  --get version (property)--->  [version] (closure) @75083 [76 bytes]
  --context (internal)--->  [<function scope>] (object) @75093 [6.3KB]
  --Qn (variable)--->  [y] (object) @425321 [368 bytes]
  --props (property)--->  [Object] (object) @446783 [28 bytes]
  --children (property)--->  [Object] (object) @437513 [296 bytes]
  --props (property)--->  [Object] (object) @437515 [56 bytes]
  --children (property)--->  [Object] (object) @425599 [1.2KB]
  --__ (property)--->  [Object] (object) @426761 [1.1KB]
  --__ (property)--->  [Object] (object) @426785 [940 bytes]
  --__ (property)--->  [Object] (object) @426803 [736 bytes]
  --__d (property)--->  [Detached HTMLDivElement] (native) @320821 [440 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @320819 [384 bytes]
  --5 (element)--->  [Detached HTMLDivElement] (native) @320817 [384 bytes]
  --6 (element)--->  [Detached HTMLDivElement] (native) @321173 [14.1KB]
  --5 (element)--->  [Detached HTMLAnchorElement] (native) @321171 [2.2KB]
  --11 (element)--->  [Detached HTMLAnchorElement] (native) @321165 [2.2KB]
  --12 (element)--->  [Detached HTMLAnchorElement] (native) @321159 [2.2KB]
  --13 (element)--->  [Detached InternalNode] (native) @34920 [680 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @34922 [624 bytes]
  --3 (element)--->  [Detached InternalNode] (native) @55060 [528 bytes]
  --1 (element)--->  [Detached InternalNode] (native) @55050 [528 bytes]
  --5 (element)--->  [Detached Attr] (native) @55056 [88 bytes]

@github-actions github-actions bot temporarily deployed to development-storybook October 16, 2023 08:55 Inactive
@github-actions github-actions bot temporarily deployed to development October 16, 2023 08:55 Inactive
@github-actions
Copy link
Contributor

Storybook Preview

Deploy path: /home/runner/work/blog/blog/storybook-static
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/blog-storybook/deploys/652cfbbf34035d1e6fa44127
Website Draft URL: https://652cfbbf34035d1e6fa44127--blog-storybook.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

Deploy Preview

Deploy path: /home/runner/work/blog/blog/public
Functions path: /home/runner/work/blog/blog/functions/src
Configuration path: /home/runner/work/blog/blog/netlify.toml
Deploying to draft URL...

Logs: https://app.netlify.com/sites/pensive-lamport-5822d2/deploys/652cfb9f1393ec18586b2ce6
Website Draft URL: https://652cfb9f1393ec18586b2ce6--pensive-lamport-5822d2.netlify.app

If everything looks good on your draft URL, deploy it to your main site URL with the --prod flag.
netlify deploy --prod

@github-actions
Copy link
Contributor

Bundle Analyzer URL

https://652cfb9f1393ec18586b2ce6--pensive-lamport-5822d2.netlify.app/webpack-bundle-analyser

github-actions bot pushed a commit that referenced this pull request Oct 16, 2023
@tubone24
[file upload] Added file for PR #1377
a7291d2
github-actions bot pushed a commit that referenced this pull request Oct 16, 2023
@tubone24
[file upload] Added file for PR #1377
10b289b
github-actions bot pushed a commit that referenced this pull request Oct 16, 2023
@tubone24
[file upload] Added file for PR #1377
558f02c
@github-actions
Copy link
Contributor

Lighthouse Score

Desktop

performance: 81
accessibility: 100
best-practices: 100
seo: 92
pwa: 100

Mobile

performance: 78
accessibility: 100
best-practices: 95
seo: 93
pwa: 100

github-actions bot pushed a commit that referenced this pull request Oct 16, 2023
@tubone24
[file upload] Added file for PR #1377
95cb2db
@tubone24 tubone24 merged commit 06ba098 into master Oct 17, 2023
29 checks passed
@tubone24 tubone24 deleted the dependabot/npm_and_yarn/adobe/css-tools-4.3.1 branch October 17, 2023 12:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tubone24 tubone24 tubone24 approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file packages
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@coveralls @tubone24