[Snyk] Upgrade: , semver, , arch, fs-extra, glob, inversify, jsonc-parser, minimatch, reflect-metadata, rxjs, tmp, untildify, vscode-debugprotocol, which, winreg, xml2js #2
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade multiple dependencies.
👯 The following dependencies are linked and will therefore be updated together.ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
@iarna/toml
⚠️ This is a major version upgrade, and may be a breaking change | 4 years ago
⚠️ This is a major version upgrade, and may be a breaking change | 7 months ago
⚠️ This is a major version upgrade, and may be a breaking change | 10 months ago
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
⚠️ This is a major version upgrade, and may be a breaking change | 2 months ago
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
⚠️ This is a major version upgrade, and may be a breaking change | a year ago
from 2.2.5 to 3.0.0 | 1 version ahead of your current version
on 2020-04-23
semver
from 7.6.0 to 7.6.3 | 3 versions ahead of your current version | 2 months ago
on 2024-07-16
@vscode/extension-telemetry
from 0.8.4 to 0.9.7 | 9 versions ahead of your current version | 2 months ago
on 2024-08-02
arch
from 2.2.0 to 3.0.0 | 1 version ahead of your current version
on 2024-02-12
fs-extra
from 10.0.1 to 11.2.0 | 5 versions ahead of your current version
on 2023-11-28
glob
from 7.2.0 to 11.0.0 | 54 versions ahead of your current version
on 2024-07-08
inversify
from 5.0.5 to 6.0.2 | 4 versions ahead of your current version
on 2023-10-20
jsonc-parser
from 3.2.0 to 3.3.1 | 3 versions ahead of your current version | 3 months ago
on 2024-06-24
minimatch
from 5.1.0 to 10.0.1 | 52 versions ahead of your current version
on 2024-07-08
reflect-metadata
from 0.1.13 to 0.2.2 | 5 versions ahead of your current version | 6 months ago
on 2024-03-29
rxjs
from 6.6.7 to 7.8.1 | 41 versions ahead of your current version
on 2023-04-26
tmp
from 0.0.33 to 0.2.3 | 5 versions ahead of your current version | 7 months ago
on 2024-02-29
untildify
from 4.0.0 to 5.0.0 | 1 version ahead of your current version
on 2023-06-11
vscode-debugprotocol
from 1.35.0 to 1.51.0 | 36 versions ahead of your current version | 3 years ago
on 2021-12-02
which
from 2.0.2 to 4.0.0 | 3 versions ahead of your current version
on 2023-08-29
winreg
from 1.2.4 to 1.2.5 | 1 version ahead of your current version | a year ago
on 2023-10-20
xml2js
from 0.5.0 to 0.6.2 | 3 versions ahead of your current version | a year ago
on 2023-07-26
Issues fixed by the recommended upgrade:
SNYK-JS-INFLIGHT-6095116
Release notes
Package name: @iarna/toml
3.0.0
2.2.5
Package name: semver
7.6.3 (2024-07-16)
Bug Fixes
73a3d79
#726 optimize Range parsing and formatting (#726) (@ jviide)Documentation
2975ece
#719 fix extra backtick typo (#719) (@ stdavis)7.6.2 (2024-05-09)
Bug Fixes
6466ba9
#713 lru: use map.delete() directly (#713) (@ negezor, @ lukekarrys)7.6.1 (2024-05-04)
Bug Fixes
c570a34
#704 linting: no-unused-vars (@ wraithgar)ad8ff11
#704 use internal cache implementation (@ mbtools)ac9b357
#682 typo in compareBuild debug message (#682) (@ mbtools)Dependencies
988a8de
#709 uninstalllru-cache
(#709)3fabe4d
#704 remove lru-cacheChores
dd09b60
#705 bump @ npmcli/template-oss to 4.22.0 (@ lukekarrys)ec49cdc
#701 chore: chore: postinstall for dependabot template-oss PR (@ lukekarrys)b236c3d
#696 add benchmarks (#696) (@ H4ad)692451b
#688 various improvements to README (#688) (@ mbtools)5feeb7f
#705 postinstall for dependabot template-oss PR (@ lukekarrys)074156f
#701 bump @ npmcli/template-oss from 4.21.3 to 4.21.4 (@ dependabot[bot])7.6.0 (2024-01-31)
Features
a7ab13a
#671 preserve pre-release and build parts of a version on coerce (#671) (@ madtisa, madtisa, @ wraithgar)Chores
816c7b2
#667 postinstall for dependabot template-oss PR (@ lukekarrys)0bd24d9
#667 bump @ npmcli/template-oss from 4.21.1 to 4.21.3 (@ dependabot[bot])e521932
#652 postinstall for dependabot template-oss PR (@ lukekarrys)8873991
#652 chore: chore: postinstall for dependabot template-oss PR (@ lukekarrys)f317dc8
#652 bump @ npmcli/template-oss from 4.19.0 to 4.21.0 (@ dependabot[bot])7303db1
#658 add clean() test for build metadata (#658) (@ jethrodaniel)6240d75
#656 add missing quotes in README.md (#656) (@ zyxkad)14d263f
#625 postinstall for dependabot template-oss PR (@ lukekarrys)7c34e1a
#625 bump @ npmcli/template-oss from 4.18.1 to 4.19.0 (@ dependabot[bot])123e0b0
#622 postinstall for dependabot template-oss PR (@ lukekarrys)737d5e1
#622 bump @ npmcli/template-oss from 4.18.0 to 4.18.1 (@ dependabot[bot])cce6180
#598 postinstall for dependabot template-oss PR (@ lukekarrys)b914a3d
#598 bump @ npmcli/template-oss from 4.17.0 to 4.18.0 (@ dependabot[bot])Package name: @vscode/extension-telemetry
Changes:
This list of changes was auto generated.
Update packages (#206)
Rollback packages (#204)
navigator.userAgentData
is unavailable. Thanks to @ seznaThis release contains a small fix to the 1DS package used by Microsoft extensions in the web to ensure compliance with the California's Global Privacy Control. If you're not a Microsoft extension, then it is safe to disregard this release as it contains no new features or improvements for the third party flow.
Thanks to a community contribution by @ ilia-db the
unhandlederror
event handler has been properly fixed to include common properties.Application insights web basics comes with the ability to pass in a fetch pollyfill that allows it to be used for both Node and Web. This is similar to what we already do for first party extensions using the 1DS package.
While there is no breaking changes here, the replacement of a key dependency with what should be an equivalent alternative may have unknown edge cases that were not accounted for, therefore the version has been bumped to reflect this.
Bundlephobia reports a 67Kb decline in bundle size with this change.
sendRawTelemetryEvent
sendingkey: key
pairs instead ofkey: value
pairsPackage name: arch
3.0.0
2.2.0
Package name: fs-extra
11.2.0
11.1.1
11.1.0
11.0.0
10.1.0
10.0.1
Package name: glob
11.0.0
10.4.4
10.4.3
10.4.2
10.4.1
10.4.0
10.3.16
10.3.15
10.3.14
10.3.13
Package name: inversify
Added
Changed
Fixed
No content.
Added
Fixed
Target.isTagged()
to excludeoptional
from tag injections #1190.toConstructor
,toFactory
,toFunction
,toAutoFactory
,toProvider
andtoConstantValue
to have singleton scope #1297.No content.
Package name: jsonc-parser
Changes:
This list of changes was auto generated.
Changes:
Feature Requests:
Bugs:
undefined
on empty string inputOthers:
See More
preserveConstEnums: true
, switch to es2020Edit[]
can be concatenated