Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade: vue, axios, leaflet, vuetify #146

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade: vue, axios, leaflet, vuetify #146

wants to merge 1 commit into from

Conversation

6LpUkQSgQm
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name Versions Released on

vue
from 2.7.14 to 2.7.16 | 4 versions ahead of your current version | 9 months ago
on 2023-12-24
axios
from 0.28.0 to 0.28.1 | 1 version ahead of your current version | 5 months ago
on 2024-03-28
leaflet
from 1.8.0 to 1.9.4 | 5 versions ahead of your current version | a year ago
on 2023-05-18
vuetify
from 2.7.1 to 2.7.2 | 1 version ahead of your current version | 7 months ago
on 2024-02-14

Release notes
Package name: vue
  • 2.7.16 - 2023-12-24
  • 2.7.16-beta.2 - 2023-12-14
  • 2.7.16-beta.1 - 2023-12-08
  • 2.7.15 - 2023-10-23
  • 2.7.14 - 2022-11-09
from vue GitHub release notes
Package name: axios
  • 0.28.1 - 2024-03-28

    Release notes:

    Release notes:

    Bug Fixes

    • fix(backport): custom params serializer support (#6263)
    • fix(backport): uncaught ReferenceError req is not defined (#6307)
  • 0.28.0 - 2024-02-12

    Release notes:

    Bug Fixes

    Backports from v1.x:

    • Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
    • Fixing content-type header repeated #4745
    • Fixed timeout error message for HTTP 4738
    • Added axios.formToJSON method (#4735)
    • URL params serializer (#4734)
    • Fixed toFormData Blob issue on node>v17 #4728
    • Adding types for progress event callbacks #4675
    • Fixed max body length defaults #4731
    • Added data URL support for node.js (#4725)
    • Added isCancel type assert (#4293)
    • Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)
    • Add string[] to AxiosRequestHeaders type (#4322)
    • Allow type definition for axios instance methods (#4224)
    • Fixed AxiosError stack capturing; (#4718)
    • Fixed AxiosError status code type; (#4717)
    • Adding Canceler parameters config and request (#4711)
    • fix(types): allow to specify partial default headers for instance creation (#4185)
    • Added blob to the list of protocols supported by the browser (#4678)
    • Fixing Z_BUF_ERROR when no content (#4701)
    • Fixed race condition on immediate requests cancellation (#4261)
    • Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance #4248
    • Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)
    • Fix TS definition for AxiosRequestTransformer (#4201)
    • Use type alias instead of interface for AxiosPromise (#4505)
    • Include request and config when creating a CanceledError instance (#4659)
    • Added generic TS types for the exposed toFormData helper (#4668)
    • Optimized the code that checks cancellation (#4587)
    • Replaced webpack with rollup (#4596)
    • Added stack trace to AxiosError (#4624)
    • Updated AxiosError.config to be optional in the type definition (#4665)
    • Removed incorrect argument for NetworkError constructor (#4656)
from axios GitHub release notes
Package name: leaflet
  • 1.9.4 - 2023-05-18

    🐞 Bug fixes

    • Fix tile gaps in Chromium-based browsers (#8891 by @ IvanSanchez)
    • Fix vector drifts when zoomAnimation is false and zooming via flyTo or pinch (#8794 by @ plainheart)
    • Ensure toGeoJSON() still works with an empty array (#8737 by @ Falke-Design)
    • Ensure LineUtil and PolyUtil only iterate over array values and not properties (#8840 by @ Falke-Design)
    • Fix rounding errors in center calculation of LineUtil and PolyUtil for small layers (#8784 by @ Falke-Design)
    • Prevent unwanted layer toggle while expanding the Layers control on mobile (#8910 by @ Falke-Design)
    • Fix an error when a focusing on a Tooltip-bound FeatureGroup that contains a layer without a getElement method (#8890 by @ Falke-Design)
    • Fix Tooltip is not showing when loaded dynamically while moving the map (#8672 by @ theGOTOguy)
    • Fix noMoveStart option not applying to fitBounds (#8911 by @ AbdullahSohail-SE)
    • Fix outlines showing up when interacting with the map on Safari 16.4+ (#8917 by @ jonkoops)
  • 1.9.3 - 2022-11-18

    🙌 Accessibility

    • Expand the layers control on Enter keydown (#8556 by @ larsgw)
    • Align the scale control's alpha transparency with the attribution control (#8547 by @ Malvoz)
    • Allow the scale control's text to overflow the container (#8548 by @ Malvoz)

    🐞 Bug fixes

  • 1.9.2 - 2022-10-04

    🐞 Bug fixes

    • ⚠️ Drop ESM entrypoint from package because of numerous compatibility issues with plugins (import leaflet/dist/leaflet-src.esm.js explicitly instead to take advantage; ESM by default will come in v2) (#8493 by @ jonkoops)
    • Fix a bug where tooltips could throw an error with canvas renderer (#8498 by @ Falke-Design)
    • Fix a bug with incorrect marker popup location when there are multiple markers registered to the same popup (#8523 by @ raychanks).

    🧪 Tests

    • Fix unit tests suite stopping abruptly on Mac (#8478)

    📝 Docs

  • 1.9.1 - 2022-09-23
    • Fix Events listens not propagating to parent objects, in particular fixing compatibility with Leaflet.markercluster plugin (#8211 by @ Falke-Design)
  • 1.9.0 - 2022-09-22

    ⚡ Note on future versions

    The v1.9 release is setting the stage for the first major version bump of Leaflet since 2016! A lot has changed since then, and it's time for Leaflet to grow together with the web platform.

    After this release, we are branching off the 1.x code and putting it in maintenance mode — reserving potential 1.x releases only for critical bugfixes. Although version 2.0 is still far away and will take some time to take shape, we plan to make the following changes:

    • Dropping support for Internet Explorer.
      This has been a long time coming, but now that Internet Explorer is officially end-of-life, it's time to say goodbye. Going forward, Leaflet will move to an evergreen strategy that targets browsers like Firefox, Chrome, Edge and Safari.
    • Embracing modern JavaScript.
      To maintain backwards compatibility, Leaflet is written entirely in ES5, a version of JavaScript supported by legacy browsers. So we have not been able to make use of many great JavaScript features (e.g. standardized classes, instead having to rely on our own implementation). By adopting a more modern version of the ECMAScript standard, we can start working towards aligning Leaflet with what is expected from a modern JavaScript library.
    • Standardized modules.
      When we released Leaflet v1, the landscape in the JavaScript world was very different and full of competing module standards such as CommonJS, AMD and UMD. Today, ECMAScript modules have become the clear way forward to unite the JavaScript ecosystem under one banner. Moving forward, Leaflet will only be distributed in a single standardized module system, greatly reducing complexity of our distributed code.
    • Removing the Leaflet global.
      As a developer using Leaflet, the capital letter L is probably intimately familiar to you. This is the Leaflet global where all of Leaflet's functionality lives. To allow compiler tooling to better eliminate dead-code through a process called tree-shaking, we are removing this global variable. To preserve backwards compatibility with older plugins, we will provide a shim that can be imported manually that will restore this functionality.

    v1.9.0 changelog

    ⚠️ Breaking Changes

    • (This change has been reverted in v1.9.2) Expose ESM entrypoint with Leaflet global (#8329 by @ jonkoops).
    • Update color-adjust to print-color-adjust (#8211 by @ Malvoz)

    ❇️ API changes

    ✨ Improvements

    🙌 Accessibility

    🐞 Bug fixes

    📝 Docs

    🔧 Workflow

    🧪 Tests

@snyk-bot
fix: upgrade multiple dependencies with Snyk
a096873 
Snyk has created this PR to upgrade:
  - vue from 2.7.14 to 2.7.16.
    See this package in npm: https://www.npmjs.com/package/vue
  - axios from 0.28.0 to 0.28.1.
    See this package in npm: https://www.npmjs.com/package/axios
  - leaflet from 1.8.0 to 1.9.4.
    See this package in npm: https://www.npmjs.com/package/leaflet
  - vuetify from 2.7.1 to 2.7.2.
    See this package in npm: https://www.npmjs.com/package/vuetify

See this project in Snyk:
https://app.snyk.io/org/julienchapron/project/bbfbd160-2d3e-4909-a3b2-b0e19f3cc6bb?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@6LpUkQSgQm @snyk-bot