Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update dependencies (major) #2994

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): update dependencies (major) #2994

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 14, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@nuxtjs/i18n (source) ^8.5.3 -> ^9.0.0 age adoption passing confidence
@vercel/kv (source) ^2.0.0 -> ^3.0.0 age adoption passing confidence
nuxt-security (source) ^1.4.3 -> ^2.0.0 age adoption passing confidence
postcss-nested ^6.0.1 -> ^7.0.0 age adoption passing confidence

Release Notes

nuxt-modules/i18n (@​nuxtjs/i18n)

v9.0.0

Compare Source

This changelog is generated by GitHub Releases

   🚨 Breaking Changes
   🚀 Features
   🐞 Bug Fixes
    View changes on GitHub

v8.5.6

Compare Source

v8.5.5

Compare Source

No significant changes

    View changes on GitHub

v8.5.4

Compare Source

This release removes version checks that prevent usage with Nuxt versions higher than 3.x.

The path resolution for langDir (relative to srcDir) and localeDetector (relative to rootDir) remain unchanged, to ease migration to v9 we recommend configuring experimental.restructureDir which will be enabled and set to i18n by default in the upcoming major release.

   🚀 Features
    View changes on GitHub
vercel/storage (@​vercel/kv)

v3.0.0

Compare Source

Major Changes
  • 14bc82e: BREAKING: Updates @​upstash/redis to v1.34.0 which contains a small breaking change in the public API. The cursor field in scan commands is now returned as string instead of number.
Baroshem/nuxt-security (nuxt-security)

v2.0.0: 2.0.0

Compare Source

2.0.0 🎉

This is the new major version of the NuxtSecurity module. After nine release candidates versions, we are ready to present you this new amazing version 🚀

With it, we have updated many things that you can check out below in comparison to version 1.4.0.

Enjoy!

New features

As a part of this new release, there are several new features.

A+ Score by default

Our new version delivers an A+ security rating by default on both the Mozilla Observatory and SecurityHeaders.com
Our documentation page is deployed with Nuxt-Security and is tested on these two scanners: 329857551-f181edcd-7059-4399-9af0-26c83a9dc48e329857562-d28f9b97-de64-49d8-9969-eef2692e6dd1

Performance optimization

We are considerably improving the performance of Nuxt Security with this release, by removing all dependency from cheerio.
Applications running in lightweight environments such as workers, will benefit from significantly reduced CPU and memory usage, and increased page delivery.

Many thanks to @​GalacticHypernova for leading the full rewrite of our HTML parsing engine 💚

All Nuxt modes

Security headers are now deployed in all Nuxt rendering modes:

  • Universal
  • Client-only
  • Hybrid

See https://github.com/Baroshem/nuxt-security/pull/441 for details.

OWASP compliance

We are updating our default security settings to conform with the latest OWASP default values for headers.
Users benefit from these updating settings out of the box, with no changes required.

See https://github.com/Baroshem/nuxt-security/pull/450 for details.

Full Static Support

We are significantly improving application security for static websites:

  • If the site is deployed with a Nitro Preset, security headers are now delivered natively. Netlify and Vercel static presets have been fully tested.
  • If the site is deployed in a custom environment (e.g. bare-metal server), we provide a new prerenderedHeaders build-time hook that exposes all security headers for complete control of your server's headers.
🗞️ Next steps

We are planning a new release soon with the Nuxt DevTools Tab support 🚀

👉 Changelog
compare changes

❤️ Contributors
What's Changed
New Contributors
postcss/postcss-nested (postcss-nested)

v7.0.2

Compare Source

v7.0.1

Compare Source

v7.0.0

Compare Source

  • More complex logic of when to move comments (by @​Ulyanov-programmer).
  • Removed Node.js 16, 14, and 12 support.

v6.2.0

Compare Source

  • Added @starting-style to bubbling at-rules.

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the c: dependencies Pull requests that adds/updates a dependency label Oct 14, 2024
@netlify Netlify
Copy link

netlify bot commented Oct 14, 2024
edited
Loading

Deploy Preview for elk-docs canceled.

Name Link
🔨 Latest commit 71a57c6
🔍 Latest deploy log https://app.netlify.com/sites/elk-docs/deploys/673c6dd8daf62c0008355781

@netlify Netlify
Copy link

netlify bot commented Oct 14, 2024
edited
Loading

Deploy Preview for elk-zone failed.

Name Link
🔨 Latest commit 71a57c6
🔍 Latest deploy log https://app.netlify.com/sites/elk-zone/deploys/673c6dd80d513d000841ed34

@socket-security Socket Security
Copy link

socket-security bot commented Oct 14, 2024
edited
Loading

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@nuxtjs/[email protected] eval, network Transitive: environment, filesystem, unsafe +48 16.2 MB rchl
npm/@vercel/[email protected] environment 0 40.2 kB vercel-release-bot

🚮 Removed packages: npm/@nuxtjs/[email protected], npm/@vercel/[email protected], npm/[email protected]

View full report↗︎

@renovate renovate bot force-pushed the renovate/major-dependencies branch from d766e7d to b8fcfc9 Compare October 14, 2024 08:35
shuuji3
shuuji3 reviewed Oct 15, 2024
View reviewed changes
package.json
@@ -85,7 +85,7 @@
"lru-cache": "^11.0.0",
"masto": "^6.7.5",
"node-emoji": "^2.1.3",
"nuxt-security": "^1.4.3",
"nuxt-security": "^2.0.0",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems that this major version up somehow broke the type inference of the returned value of useRuntimeConfig().

@renovate renovate bot force-pushed the renovate/major-dependencies branch from b8fcfc9 to 90bf83a Compare October 21, 2024 02:27
@renovate renovate bot force-pushed the renovate/major-dependencies branch 4 times, most recently from 7a8e58b to 92ee07f Compare November 4, 2024 17:06
@renovate renovate bot force-pushed the renovate/major-dependencies branch 5 times, most recently from 5149721 to a9369ad Compare November 11, 2024 02:05
@renovate renovate bot force-pushed the renovate/major-dependencies branch 2 times, most recently from 63e1592 to d0d4fe0 Compare November 18, 2024 12:09
@renovate renovate bot force-pushed the renovate/major-dependencies branch from d0d4fe0 to 71a57c6 Compare November 19, 2024 10:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shuuji3 shuuji3 shuuji3 left review comments

Assignees
No one assigned
Labels
c: dependencies Pull requests that adds/updates a dependency
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@shuuji3