Bump vue from 2.3.3 to 2.6.12

[dependabot]

Bumps vue from 2.3.3 to 2.6.12.

Release notes

Sourced from vue's releases.

v2.6.11

Security Fixes

• Bump vue-server-renderer's dependency of serialize-javascript to 2.1.2

Bug Fixes

• types: fix prop constructor type inference (#10779) 4821149, closes #10779
• fix function expression regex (#9922) 569b728, closes #9922 #9920
• compiler: Remove the warning for valid v-slot value (#9917) 085d188, closes #9917
• types: fix global namespace declaration for UMD bundle (#9912) ab50e8e, closes #9912

v2.6.10

Bug Fixes

• codegen: support named function expression in v-on (#9709) 3433ba5, closes #9709 #9707
• core: cleanup timeouts for async components (#9649) 02d21c2, closes #9649 #9648
• core: only unset dom prop when not present f11449d, closes #9650
• core: use window.performance for compatibility in JSDOM (#9700) 653c74e, closes #9700 #9698
• scheduler: revert timeStamp check 22790b2, closes #9729 #9632
• slots: fix slots not updating when passing down normal slots as $scopedSlots ebc1893, closes #9699
• types: allow using functions on the PropTypes (#9733) df4af4b, closes #9733 #9692
• types: support string type for style in VNode data (#9728) 982d5a4, closes #9728 #9727

v2.6.9

Bug Fixes

• event timeStamp check for Qt 7591b9d, closes #9681
• should consider presence of normal slots when caching normalized scoped slots 9313cf9, closes #9644
• should not swallow user catch on rejected promise in methods 7186940, closes #9694
• should use fallback for scoped slots with single falsy v-if 781c705, closes #9658
• ssr: not push non-async css files into map (#9677) d282400, closes #9677
• v-bind object should be overridable by single bindings (#9653) 0b57380, closes #9653 #9641
• compiler: whitespace: 'condense' should honor pre tag as well (#9660) f1bdd7f, closes #9660
• scheduler: fix getNow check in IE9 (#9647) da77d6a, closes #9647 #9632
• scheduler: getNow detection can randomly fail (#9667) ef2a380, closes #9667
• ssr: fix nested async functional componet rendering (#9673) 8082d2f, closes #9673 #9643
• transition: fix appear check for transition wrapper components (#9668) 4de4649, closes #9668

v2.6.8

Bug Fixes

• avoid compression of unicode sequences by using regexps (#9595) 7912f75, closes #9595 #9456
• fix modifier parsing for dynamic argument with deep path (#9585) 060c3b9, closes #9585 #9577
• further adjust max stack size 571a488, closes #9562
• handle async component when parent is toggled before resolve (#9572) ed34113, closes #9572 #9571
• scoped slots dynamic check should include v-for on element itself 2277b23, closes #9596
• compiler: set end location for incomplete elements (#9598) cbad54a, closes #9598
• types: allow scoped slots to return a single VNode (#9563) 241eea1, closes #9563
• types: update this for nextTick api (#9541) f333016, closes #9541

... (truncated)

Commits

• bb253db build: release 2.6.12
• 60a71ea build: build 2.6.12
• 5b39961 fix(security): upgrade serialize-javascript (#11434)
• 46ae952 chore: update sponsors [ci skip] (#11570)
• d9a41d2 build(deps): bump elliptic from 6.4.1 to 6.5.3 (#11554)
• 6c1f387 chore: update sponsors [ci skip]
• 4611a44 chore: update backers [ci skip] (#11566)
• 38cfb2b chore: update sponsors [ci skip] (#11542)
• 8ead9d2 chore: spelling and grammar (#11481)
• 98b4d68 chore: update sponsors [ci skip] (#11435)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)