Bumps
[@types/lodash](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/lodash)
from 4.17.1 to 4.17.12.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/lodash">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Rakesh Shivapooja <v-rakeshsh@microsoft.com>
Bumps playwright from v1.46.1-focal to v1.48.1-focal.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: v-sharmachir <v-sharmachir@microsoft.com>
#### Details
This PR upgrades axe-core to 4.10.2
##### Motivation
Updating axe-core version from 4.9.1 to 4.10.2
##### Context
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [ ] Addresses an existing issue: #0000
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
Bumps
[@testing-library/react](https://github.com/testing-library/react-testing-library)
from 16.0.0 to 16.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/testing-library/react-testing-library/releases"><code>@testing-library/react</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v16.0.1</h2>
<h2><a
href="https://github.com/testing-library/react-testing-library/compare/v16.0.0...v16.0.1">16.0.1</a>
(2024-08-29)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Add support for exactOptionalPropertyTypes in TypeScript (<a
href="https://redirect.github.com/testing-library/react-testing-library/issues/1351">#1351</a>)
(<a
href="3dcd8a9649">3dcd8a9</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3dcd8a9649"><code>3dcd8a9</code></a>
fix: Add support for exactOptionalPropertyTypes in TypeScript (<a
href="https://redirect.github.com/testing-library/react-testing-library/issues/1351">#1351</a>)</li>
<li><a
href="7a28fa9168"><code>7a28fa9</code></a>
Fix React Canary and Experimental tests (<a
href="https://redirect.github.com/testing-library/react-testing-library/issues/1353">#1353</a>)</li>
<li>See full diff in <a
href="https://github.com/testing-library/react-testing-library/compare/v16.0.0...v16.0.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [webpack](https://github.com/webpack/webpack) from 5.91.0 to
5.95.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/webpack/webpack/releases">webpack's
releases</a>.</em></p>
<blockquote>
<h2>v5.95.0</h2>
<h2>Bug Fixes</h2>
<ul>
<li>Fixed hanging when attempting to read a symlink-like file that it
can't read</li>
<li>Handle <code>default</code> for import context element
dependency</li>
<li>Merge duplicate chunks call after split chunks</li>
<li>Generate correctly code for dynamically importing the same file
twice and destructuring</li>
<li>Use content hash as [base] and [name] for extracted DataURI's</li>
<li>Distinguish <code>module</code> and <code>import</code> in
<code>module-import</code> for externals <code>import</code>'s</li>
<li>[Types] Make <code>EnvironmentPlugin</code> default values types
less strict</li>
<li>[Types] Typescript 5.6 compatibility</li>
</ul>
<h2>New Features</h2>
<ul>
<li>Add new <code>optimization.entryIife</code> option
(<code>true</code> by default for the <code>production</code> mode)</li>
<li>Pass output.hash* options to loader context</li>
</ul>
<h2>Performance</h2>
<ul>
<li>Avoid unneeded re-visit in build chunk graph</li>
</ul>
<h2>v5.94.0</h2>
<h2>Bug Fixes</h2>
<ul>
<li>Added runtime condition for harmony reexport checked</li>
<li>Handle properly
<code>data</code>/<code>http</code>/<code>https</code> protocols in
source maps</li>
<li>Make <code>bigint</code> optimistic when browserslist not found</li>
<li>Move <code>@types/eslint-scope</code> to dev deps</li>
<li>Related in asset stats is now always an array when no related
found</li>
<li>Handle ASI for export declarations</li>
<li>Mangle destruction incorrect with export named default properly</li>
<li>Fixed unexpected asi generation with sequence expression</li>
<li>Fixed a lot of types</li>
</ul>
<h2>New Features</h2>
<ul>
<li>Added new external type "module-import"</li>
<li>Support <code>webpackIgnore</code> for <code>new URL()</code>
construction</li>
<li>[CSS] <code>@import</code> pathinfo support</li>
</ul>
<h2>Security</h2>
<ul>
<li>Fixed DOM clobbering in auto public path</li>
</ul>
<h2>v5.93.0</h2>
<h2>Bug Fixes</h2>
<ul>
<li>Generate correct relative path to runtime chunks</li>
<li>Makes <code>DefinePlugin</code> quieter under default log level</li>
<li>Fixed mangle destructuring default in namespace import</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e20fd634fd"><code>e20fd63</code></a>
chore(release): 5.95.0</li>
<li><a
href="4866b0daf1"><code>4866b0d</code></a>
feat: added new <code>optimization.entryIife</code> option</li>
<li><a
href="d90f6920f0"><code>d90f692</code></a>
fix: merge duplicate chunks after split chunks</li>
<li><a
href="90dec30ff4"><code>90dec30</code></a>
fix(externals): distinguish “module” and “import” in
“module-import”</li>
<li><a
href="c1a0a4666e"><code>c1a0a46</code></a>
fix(externals): distinguish “module” and “import” in
“module-import”</li>
<li><a
href="14d8fa8dd5"><code>14d8fa8</code></a>
fix: all tests cases</li>
<li><a
href="dae16ad11e"><code>dae16ad</code></a>
feat: pass output.hash* options to loader context</li>
<li><a
href="75d185d27e"><code>75d185d</code></a>
feat: pass <code>output.hash*</code> options to loader context</li>
<li><a
href="46e0b9cc05"><code>46e0b9c</code></a>
test: update</li>
<li><a
href="8e62f9f36b"><code>8e62f9f</code></a>
test</li>
<li>Additional commits viewable in <a
href="https://github.com/webpack/webpack/compare/v5.91.0...v5.95.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [serve-static](https://github.com/expressjs/serve-static) from
1.15.0 to 1.16.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/serve-static/releases">serve-static's
releases</a>.</em></p>
<blockquote>
<h2>1.16.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Remove link renderization in html while redirecting (<a
href="https://redirect.github.com/expressjs/serve-static/pull/173">expressjs/serve-static#173</a>)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a>
made their first contribution in <a
href="https://redirect.github.com/expressjs/serve-static/pull/173">expressjs/serve-static#173</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0">https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/serve-static/blob/master/HISTORY.md">serve-static's
changelog</a>.</em></p>
<blockquote>
<h1>1.16.0 / 2024-09-10</h1>
<ul>
<li>Remove link renderization in html while redirecting</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="48c73970b1"><code>48c7397</code></a>
1.16.0</li>
<li><a
href="0c11fad159"><code>0c11fad</code></a>
Merge commit from fork</li>
<li>See full diff in <a
href="https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0">compare
view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a
href="https://www.npmjs.com/~ulisesgascon">ulisesgascon</a>, a new
releaser for serve-static since your current version.</p>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/microsoft/accessibility-insights-web/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps playwright from v1.45.3-focal to v1.46.1-focal.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anjali Singh <v-singhanjal@microsoft.com>
Bumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5
to 4.0.8.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/micromatch/releases">micromatch's
releases</a>.</em></p>
<blockquote>
<h2>4.0.8</h2>
<p>Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We
consider the issues low-priority, so even if you see automated scanners
saying otherwise, don't be scared.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md">micromatch's
changelog</a>.</em></p>
<blockquote>
<h2>[4.0.8] - 2024-08-22</h2>
<ul>
<li>backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch</li>
</ul>
<h2>[4.0.7] - 2024-05-22</h2>
<ul>
<li>this is basically v4.0.5, with some README updates</li>
<li><strong>it is vulnerable to CVE-2024-4067</strong></li>
<li>Updated braces to v3.0.3 to avoid CVE-2024-4068</li>
<li>does NOT break API compatibility</li>
</ul>
<h2>[4.0.6] - 2024-05-21</h2>
<ul>
<li>Added <code>hasBraces</code> to check if a pattern contains
braces.</li>
<li>Fixes CVE-2024-4067</li>
<li><strong>BREAKS API COMPATIBILITY</strong></li>
<li>Should be labeled as a major release, but it's not.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8bd704ec0d"><code>8bd704e</code></a>
4.0.8</li>
<li><a
href="a0e68416a4"><code>a0e6841</code></a>
run verb to generate README documentation</li>
<li><a
href="4ec288484f"><code>4ec2884</code></a>
Merge branch 'v4' into hauserkristof-feature/v4.0.8</li>
<li><a
href="03aa805217"><code>03aa805</code></a>
Merge pull request <a
href="https://redirect.github.com/micromatch/micromatch/issues/266">#266</a>
from hauserkristof/feature/v4.0.8</li>
<li><a
href="814f5f70ef"><code>814f5f7</code></a>
lint</li>
<li><a
href="67fcce6a10"><code>67fcce6</code></a>
fix: CHANGELOG about braces & CVE-2024-4068, v4.0.5</li>
<li><a
href="113f2e3fa7"><code>113f2e3</code></a>
fix: CVE numbers in CHANGELOG</li>
<li><a
href="d9dbd9a266"><code>d9dbd9a</code></a>
feat: updated CHANGELOG</li>
<li><a
href="2ab13157f4"><code>2ab1315</code></a>
fix: use actions/setup-node@v4</li>
<li><a
href="1406ea38f3"><code>1406ea3</code></a>
feat: rework test to work on macos with node 10,12 and 14</li>
<li>Additional commits viewable in <a
href="https://github.com/micromatch/micromatch/compare/4.0.5...4.0.8">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/microsoft/accessibility-insights-web/network/alerts).
</details>
> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [webpack](https://github.com/webpack/webpack) from 5.91.0 to
5.94.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/webpack/webpack/releases">webpack's
releases</a>.</em></p>
<blockquote>
<h2>v5.94.0</h2>
<h2>Bug Fixes</h2>
<ul>
<li>Added runtime condition for harmony reexport checked</li>
<li>Handle properly
<code>data</code>/<code>http</code>/<code>https</code> protocols in
source maps</li>
<li>Make <code>bigint</code> optimistic when browserslist not found</li>
<li>Move <code>@types/eslint-scope</code> to dev deps</li>
<li>Related in asset stats is now always an array when no related
found</li>
<li>Handle ASI for export declarations</li>
<li>Mangle destruction incorrect with export named default properly</li>
<li>Fixed unexpected asi generation with sequence expression</li>
<li>Fixed a lot of types</li>
</ul>
<h2>New Features</h2>
<ul>
<li>Added new external type "module-import"</li>
<li>Support <code>webpackIgnore</code> for <code>new URL()</code>
construction</li>
<li>[CSS] <code>@import</code> pathinfo support</li>
</ul>
<h2>Security</h2>
<ul>
<li>Fixed DOM clobbering in auto public path</li>
</ul>
<h2>v5.93.0</h2>
<h2>Bug Fixes</h2>
<ul>
<li>Generate correct relative path to runtime chunks</li>
<li>Makes <code>DefinePlugin</code> quieter under default log level</li>
<li>Fixed mangle destructuring default in namespace import</li>
<li>Fixed consumption of eager shared modules for module federation</li>
<li>Strip slash for pretty regexp</li>
<li>Calculate correct contenthash for CSS generator options</li>
</ul>
<h2>New Features</h2>
<ul>
<li>Added the <code>binary</code> generator option for asset modules to
explicitly keep source maps produced by loaders</li>
<li>Added the <code>modern-module</code> library value for tree shakable
output</li>
<li>Added the <code>overrideStrict</code> option to override strict or
non-strict mode for javascript modules</li>
</ul>
<h2>v5.92.1</h2>
<h2>Bug Fixes</h2>
<ul>
<li>Doesn't crash with an error when the css experiment is enabled and
contenthash is used</li>
</ul>
<h2>v5.92.0</h2>
<h2>Bug Fixes</h2>
<ul>
<li>Correct tidle range's comutation for module federation</li>
<li>Consider runtime for pure expression dependency update hash</li>
<li>Return value in the <code>subtractRuntime</code> function for
runtime logic</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="eabf85d858"><code>eabf85d</code></a>
chore(release): 5.94.0</li>
<li><a
href="955e057abc"><code>955e057</code></a>
security: fix DOM clobbering in auto public path</li>
<li><a
href="9822387362"><code>9822387</code></a>
test: fix</li>
<li><a
href="cbb86ede32"><code>cbb86ed</code></a>
test: fix</li>
<li><a
href="5ac3d7f2cd"><code>5ac3d7f</code></a>
fix: unexpected asi generation with sequence expression</li>
<li><a
href="2411661bd1"><code>2411661</code></a>
security: fix DOM clobbering in auto public path</li>
<li><a
href="b8c03d4772"><code>b8c03d4</code></a>
fix: unexpected asi generation with sequence expression</li>
<li><a
href="f46a03ccbc"><code>f46a03c</code></a>
revert: do not use heuristic fallback for "module-import"</li>
<li><a
href="60f189871a"><code>60f1898</code></a>
fix: do not use heuristic fallback for "module-import"</li>
<li><a
href="66306aa456"><code>66306aa</code></a>
Revert "fix: module-import get fallback from
externalsPresets"</li>
<li>Additional commits viewable in <a
href="https://github.com/webpack/webpack/compare/v5.91.0...v5.94.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/microsoft/accessibility-insights-web/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [luxon](https://github.com/moment/luxon) from 3.4.4 to 3.5.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/moment/luxon/blob/master/CHANGELOG.md">luxon's
changelog</a>.</em></p>
<blockquote>
<h1>3.5.0 (2024-08-03)</h1>
<ul>
<li>Various performance improvements</li>
<li>throwOnInvalid causes the constructor to throw if the year is
invalid</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a4044fe60e"><code>a4044fe</code></a>
bump to 3.5.0</li>
<li><a
href="cea7b5f7ea"><code>cea7b5f</code></a>
Documented weekSettings opt in DateTime (<a
href="https://redirect.github.com/moment/luxon/issues/1640">#1640</a>)</li>
<li><a
href="2008075eb7"><code>2008075</code></a>
Fixed duplicate word in comment in datetime.js (<a
href="https://redirect.github.com/moment/luxon/issues/1623">#1623</a>)</li>
<li><a
href="cafc4ee159"><code>cafc4ee</code></a>
Perf: Cache ts offset guesses for quickDT (<a
href="https://redirect.github.com/moment/luxon/issues/1579">#1579</a>)</li>
<li><a
href="73c4438852"><code>73c4438</code></a>
fix cutoff year docs</li>
<li><a
href="895a74916a"><code>895a749</code></a>
Added some JS doc for time zones (<a
href="https://redirect.github.com/moment/luxon/issues/1499">#1499</a>)</li>
<li><a
href="080e813122"><code>080e813</code></a>
Alias DateTime in documentation site (<a
href="https://redirect.github.com/moment/luxon/issues/1546">#1546</a>)</li>
<li><a
href="55bdb08f8d"><code>55bdb08</code></a>
add DATETIME_MED_WITH_WEEKDAY to formatting.md (<a
href="https://redirect.github.com/moment/luxon/issues/1554">#1554</a>)</li>
<li><a
href="161611449c"><code>1616114</code></a>
format</li>
<li><a
href="5763215252"><code>5763215</code></a>
Update interval.js doc per <a
href="https://redirect.github.com/moment/luxon/issues/742">#742</a> (<a
href="https://redirect.github.com/moment/luxon/issues/1565">#1565</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/moment/luxon/compare/3.4.4...3.5.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.38 to
8.4.41.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/releases">postcss's
releases</a>.</em></p>
<blockquote>
<h2>8.4.41</h2>
<ul>
<li>Fixed types (by <a
href="https://github.com/nex3"><code>@nex3</code></a> and <a
href="https://github.com/querkmachine"><code>@querkmachine</code></a>).</li>
<li>Cleaned up RegExps (by <a
href="https://github.com/bluwy"><code>@bluwy</code></a>).</li>
</ul>
<h2>8.4.40</h2>
<ul>
<li>Moved to getter/setter in nodes types to help Sass team (by <a
href="https://github.com/nex3"><code>@nex3</code></a>).</li>
</ul>
<h2>8.4.39</h2>
<ul>
<li>Fixed <code>CssSyntaxError</code> types (by <a
href="https://github.com/romainmenke"><code>@romainmenke</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/postcss/postcss/blob/main/CHANGELOG.md">postcss's
changelog</a>.</em></p>
<blockquote>
<h2>8.4.41</h2>
<ul>
<li>Fixed types (by <a
href="https://github.com/nex3"><code>@nex3</code></a> and <a
href="https://github.com/querkmachine"><code>@querkmachine</code></a>).</li>
<li>Cleaned up RegExps (by <a
href="https://github.com/bluwy"><code>@bluwy</code></a>).</li>
</ul>
<h2>8.4.40</h2>
<ul>
<li>Moved to getter/setter in nodes types to help Sass team (by <a
href="https://github.com/nex3"><code>@nex3</code></a>).</li>
</ul>
<h2>8.4.39</h2>
<ul>
<li>Fixed <code>CssSyntaxError</code> types (by <a
href="https://github.com/romainmenke"><code>@romainmenke</code></a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="57e02115e4"><code>57e0211</code></a>
Release 8.4.41 version</li>
<li><a
href="f27134f472"><code>f27134f</code></a>
Update dependencies</li>
<li><a
href="146d31c451"><code>146d31c</code></a>
Merge pull request <a
href="https://redirect.github.com/postcss/postcss/issues/1952">#1952</a>
from nex3/rule-props</li>
<li><a
href="3707c3bac5"><code>3707c3b</code></a>
Merge remote-tracking branch 'origin/main' into rule-props</li>
<li><a
href="9ab36195ee"><code>9ab3619</code></a>
Declare <code>Input.toJSON()</code></li>
<li><a
href="be59ad419c"><code>be59ad4</code></a>
Remove dead website</li>
<li><a
href="165154b65a"><code>165154b</code></a>
Update dependencies</li>
<li><a
href="6127a44c27"><code>6127a44</code></a>
Declaration#variable do not have setter</li>
<li><a
href="536726db42"><code>536726d</code></a>
Fix type</li>
<li><a
href="58fa0ef50b"><code>58fa0ef</code></a>
Sort keys</li>
<li>Additional commits viewable in <a
href="https://github.com/postcss/postcss/compare/8.4.38...8.4.41">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps playwright from v1.45.1-focal to v1.45.3-focal.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Prachi Naigaonkar <v-prachin@microsoft.com>
Bumps [jscodeshift](https://github.com/facebook/jscodeshift) from 0.15.2
to 0.16.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/jscodeshift/blob/main/CHANGELOG.md">jscodeshift's
changelog</a>.</em></p>
<blockquote>
<h2>[0.16.1] 2024-06-25</h2>
<h3>Fixed</h3>
<ul>
<li>Removed old <code>babel-core</code> dependency that was unused but
caused security scanners to flag vulnerabilities.</li>
</ul>
<h2>[0.16.0] 2024-06-18</h2>
<h3>Added</h3>
<ul>
<li>Added a <code>--gitignore</code> flag to avoid transforming any
files listed in <code>.gitignore</code> (<a
href="https://redirect.github.com/facebook/jscodeshift/issues/508">#508</a>,
<a href="https://github.com/ElonVolo"><code>@ElonVolo</code></a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Updated various dependencies to latest version (<a
href="https://redirect.github.com/facebook/jscodeshift/issues/588">#588</a>,
<a href="https://github.com/ElonVolo"><code>@ElonVolo</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ef16b0a202"><code>ef16b0a</code></a>
v0.16.1</li>
<li><a
href="89211fa115"><code>89211fa</code></a>
Remove babel-core</li>
<li><a
href="e81fe9938a"><code>e81fe99</code></a>
Add website placeholder</li>
<li><a
href="e4736f8f35"><code>e4736f8</code></a>
0.16.0</li>
<li><a
href="0fac51d30c"><code>0fac51d</code></a>
Merge pull request <a
href="https://redirect.github.com/facebook/jscodeshift/issues/508">#508</a>
from ElonVolo/GitIgnoreFlagIgnores</li>
<li><a
href="d3b3c77bfe"><code>d3b3c77</code></a>
Merge pull request <a
href="https://redirect.github.com/facebook/jscodeshift/issues/588">#588</a>
from ElonVolo/UpdatingDependencies</li>
<li><a
href="c07af05269"><code>c07af05</code></a>
Updating CI/CD config</li>
<li><a
href="361fd09b6d"><code>361fd09</code></a>
chore: Updating secondary dependencies.</li>
<li><a
href="e07e9317a9"><code>e07e931</code></a>
chore: Updating recast to 0.23.9</li>
<li>See full diff in <a
href="https://github.com/facebook/jscodeshift/compare/v0.15.2...v0.16.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [ws](https://github.com/websockets/ws) from 8.17.0 to 8.17.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/websockets/ws/releases">ws's
releases</a>.</em></p>
<blockquote>
<h2>8.17.1</h2>
<h1>Bug fixes</h1>
<ul>
<li>Fixed a DoS vulnerability (<a
href="https://redirect.github.com/websockets/ws/issues/2231">#2231</a>).</li>
</ul>
<p>A request with a number of headers exceeding
the[<code>server.maxHeadersCount</code>][]
threshold could be used to crash a ws server.</p>
<pre lang="js"><code>const http = require('http');
const WebSocket = require('ws');
<p>const wss = new WebSocket.Server({ port: 0 }, function () {
const chars =
"!#$%&'*+-.0123456789abcdefghijklmnopqrstuvwxyz^_`|~".split('');
const headers = {};
let count = 0;</p>
<p>for (let i = 0; i < chars.length; i++) {
if (count === 2000) break;</p>
<pre><code>for (let j = 0; j &lt; chars.length; j++) {
const key = chars[i] + chars[j];
headers[key] = 'x';
if (++count === 2000) break;
}
</code></pre>
<p>}</p>
<p>headers.Connection = 'Upgrade';
headers.Upgrade = 'websocket';
headers['Sec-WebSocket-Key'] = 'dGhlIHNhbXBsZSBub25jZQ==';
headers['Sec-WebSocket-Version'] = '13';</p>
<p>const request = http.request({
headers: headers,
host: '127.0.0.1',
port: wss.address().port
});</p>
<p>request.end();
});
</code></pre></p>
<p>The vulnerability was reported by <a
href="https://github.com/rrlapointe">Ryan LaPointe</a> in <a
href="https://redirect.github.com/websockets/ws/issues/2230">websockets/ws#2230</a>.</p>
<p>In vulnerable versions of ws, the issue can be mitigated in the
following ways:</p>
<ol>
<li>Reduce the maximum allowed length of the request headers using the
[<code>--max-http-header-size=size</code>][] and/or the
[<code>maxHeaderSize</code>][] options so
that no more headers than the <code>server.maxHeadersCount</code> limit
can be sent.</li>
</ol>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3c56601092"><code>3c56601</code></a>
[dist] 8.17.1</li>
<li><a
href="e55e5106f1"><code>e55e510</code></a>
[security] Fix crash when the Upgrade header cannot be read (<a
href="https://redirect.github.com/websockets/ws/issues/2231">#2231</a>)</li>
<li><a
href="6a00029edd"><code>6a00029</code></a>
[test] Increase code coverage</li>
<li><a
href="ddfe4a804d"><code>ddfe4a8</code></a>
[perf] Reduce the amount of <code>crypto.randomFillSync()</code>
calls</li>
<li>See full diff in <a
href="https://github.com/websockets/ws/compare/8.17.0...8.17.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/microsoft/accessibility-insights-web/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps playwright from v1.44.1-focal to v1.45.1-focal.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anjali Singh <v-singhanjal@microsoft.com>
Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to
3.0.3.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="74b2db2938"><code>74b2db2</code></a>
3.0.3</li>
<li><a
href="88f1429a0f"><code>88f1429</code></a>
update eslint. lint, fix unit tests.</li>
<li><a
href="415d660c30"><code>415d660</code></a>
Snyk js braces 6838727 (<a
href="https://redirect.github.com/micromatch/braces/issues/40">#40</a>)</li>
<li><a
href="190510f79d"><code>190510f</code></a>
fix tests, skip 1 test in test/braces.expand</li>
<li><a
href="716eb9f12d"><code>716eb9f</code></a>
readme bump</li>
<li><a
href="a5851e57f4"><code>a5851e5</code></a>
Merge pull request <a
href="https://redirect.github.com/micromatch/braces/issues/37">#37</a>
from coderaiser/fix/vulnerability</li>
<li><a
href="2092bd1fb1"><code>2092bd1</code></a>
feature: braces: add maxSymbols (<a
href="https://github.com/micromatch/braces/issues/">https://github.com/micromatch/braces/issues/</a>...</li>
<li><a
href="9f5b4cf473"><code>9f5b4cf</code></a>
fix: vulnerability (<a
href="https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727">https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727</a>)</li>
<li><a
href="98414f9f1f"><code>98414f9</code></a>
remove funding file</li>
<li><a
href="665ab5d561"><code>665ab5d</code></a>
update keepEscaping doc (<a
href="https://redirect.github.com/micromatch/braces/issues/27">#27</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/micromatch/braces/compare/3.0.2...3.0.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/microsoft/accessibility-insights-web/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit updates axe-core to its latest version, 4.9.1, from 4.8.4. It also bumps the accessibility-insights-report package version.
Part of Feature 2187203 (internal access required to view).
#### Details
This feature updates below packages.
1. react from v16 to v18.
2. react-dom from v16 to v18.
3. @types-react from v16 to v18.
4. @types-react-dom from v16 to v18.
5. @testing-library/react from v12 to v15.
6. @fluentui/react from v8.x.x to v8.118.1.
7. Removed react-helmet and added react-helmet-async.
**1. Notable changes for react, react-dom:**
**Motivation:** React 18 introduces a new root API which provides better
ergonomics for managing roots. The new root API also enables the new
concurrent renderer, which allows you to opt-into concurrent features.
**In V16, we had below to render the component:**
import { render } from 'react-dom';
const container = document.getElementById('app');
render(<App tab="home" />, container);
- **In V18, we have below to render the component:**
import { createRoot } from 'react-dom/client';
const container = document.getElementById('app');
const root = createRoot(container); // createRoot(container!) if you use
TypeScript
root.render(<App tab="home" />);
**2. Notable changes for @types-react and @types-react-dom:**
**Motivation:** The new types are safer and catch issues that used to be
ignored by the type checker. The most notable change is that the
children prop now needs to be listed explicitly when defining props
- In old we have below
WrappedComponent: React.ComponentType<P>,
- In new we have below
WrappedComponent: React.ComponentType<**React.PropsWithChildren<P>**>,
**Approach for type changes:** So this Type changes are added using
automation script https://github.com/eps1lon/types-react-codemod. This
automation script is suggested in react18 migration document.
- Added new package types-react-codemod.
- After adding the package, executed yarn types-react-codemod preset-18
./src in root, and then selected all option from the list of options.
- This will transform all types of component type having child
components to <React.PropsWithChildren<P>>.
**3. Notable changes for @testing-library/react:**
- Current version of @testing-library/react does not support react18, so
from v13.x.x, react18 support is added. So updated to latest V15. For
reference -
https://github.com/testing-library/react-testing-library/releases/tag/v13.0.0
- Wrapped state updates/async operations under act.
- Updated test cases with createRoot for createRootMock instead of
render and renderMock.
-
**4. Notable changes for @fluentui/react from v8.x.x to v8.118.1**
- Existing fluent ui version does not support react18, test cases were
failing, hence after checking v8.118.1 documentation, it supports react
and react-dom v18. Hence upadated.
**5. Notable changes for react-helmet-async:**
- Current react-helmet package throws error 'objects cannot be child,
expected elements', for react18, Hence as alternative used
react-helmet-async. For reference
https://www.npmjs.com/package/react-helmet-async?activeTab=readme
because react-helmet-async uses react18 as dependency.
- Wrapped Helmet provider for root, as to pass context of
react-helmet-async.
- Created a variable to store data, and then this data was passed as
JSX, instead of passing the data as it is. Because it will throw
**"Objects cannot be used as react elements"**.
**For example:**
`export const GuidanceTitle =
NamedFC<GuidanceTitleProps>('GuidanceTitle', ({ name }) => {
const titleValue = `Guidance for ${name} - ${productName}`;
return (
<>
<Helmet>
<title>{titleValue}</title>
</Helmet>
<h1>{name}</h1>
</>
);
});`
**6. Along with above**
- Made changes to mock helpers, because after react18 changes, the JSON
structure of component was coming differently, so accordingly corrected
the helpers, to get proper component name for snapshots.
- Updated snapshots, because as we are using latest Fluent UI version,
new props are introduced which can be seen in snapshots.
- Refactored few test cases, which were wrong logically, like for
example:
using of mockReactComponents in global and inside test case using of
useOriginalComponents to get the props using
getMockComponentClassPropsForCall which was wrong logically is fixed to
use any one approach.
- Updated report package with react, react-dom v18 to keep in sync with
AI web.
##### Context
This PR includes all changes required for migration of AI web from
react16 to react18.
It includes test cases fixes.
It includes lint issues fixes.
<!-- Are there any parts that you've intentionally left out-of-scope for
a later PR to handle? -->
<!-- Were there any alternative approaches you considered? What
tradeoffs did you consider? -->
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [ ] Addresses an existing issue: #0000
- [x] Ran `yarn fastpass`
- [x] Added/updated relevant unit test(s) (and ran `yarn test`)
- [x] Verified code coverage for the changes made. Check coverage report
at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [ ] (UI changes only) Added screenshots/GIFs to description above
- [x] (UI changes only) Verified usability with NVDA/JAWS
---------
Co-authored-by: Jeevani Chinthala <v-jeevanic@microsoft.com>
Co-authored-by: JeevaniChinthala <148259226+JeevaniChinthala@users.noreply.github.com>
Co-authored-by: v-sharmachir <v-sharmachir@microsoft.com>
Co-authored-by: Chirag Sharma <150002431+v-sharmachir@users.noreply.github.com>
Co-authored-by: Saanica Ghate <148259220+SaanicaG@users.noreply.github.com>
Co-authored-by: Saanica Ghate <v-sghate@microsoft.com>
Bumps playwright from v1.44.0-focal to v1.44.1-focal.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anjali Singh <v-singhanjal@microsoft.com>
Bumps playwright from v1.43.1-focal to v1.44.0-focal.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anjali Singh <v-singhanjal@microsoft.com>
Bumps playwright from v1.42.1-focal to v1.43.1-focal.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anjali Singh <v-singhanjal@microsoft.com>
#### Details
Typescript Cleanup Part 3 of 3
**Covering 80 errors in 40 files in this PR**
##### Motivation
**SUBPART 1:**
1.
src/tests/unit/tests/common/configs/web-visualization-configuration-factory.test.ts
(4)
2.
src/tests/unit/tests/DetailsView/actions/assessment-action-message-creator.test.ts
(4)
3.
src/tests/unit/tests/DetailsView/components/assessment-issues-test-view.test.tsx
(6)
4.
src/tests/unit/tests/DetailsView/components/test-view-container.test.tsx
(1)
5. src/tests/unit/tests/DetailsView/details-view-body.test.tsx (1)
6. src/tests/unit/tests/DetailsView/details-view-content.test.tsx (3)
7. src/tests/unit/tests/DetailsView/document-title-updater.test.ts (1)
8. src/tests/unit/tests/DetailsView/handlers/get-document-title.test.ts
(2)
9.
src/tests/unit/tests/DetailsView/components/left-nav/details-view-left-nav.test.tsx
(1)
10.
src/tests/unit/tests/DetailsView/components/next-requirement-button.test.tsx
(1)
11.
src/tests/unit/tests/DetailsView/components/scan-incomplete-warning.test.tsx
(1)
Number of errors covered as part of this user story: **25**
**SUBPART 2:**
Merged PR2 which had these files fixed:
https://github.com/v-prachin/accessibility-insights-web/pull/1
1. src/tests/unit/tests/injected/analyzer-state-update-handler.test.ts
(5)
2. src/tests/unit/tests/injected/analyzers/analyzer-provider.test.ts (1)
3. src/tests/unit/tests/injected/analyzers/tab-stops-analyzer.test.ts
(1)
4. src/tests/unit/tests/injected/selector-map-helper.test.ts (4)
5.
src/tests/unit/tests/injected/target-page-visualization-updater.test.ts
(1)
6.
src/tests/unit/tests/injected/visualization-state-change-handler.test.ts
(2)
7.
src/tests/unit/tests/injected/visualization-type-drawer-registrar.test.ts
(1)
8.
src/tests/unit/tests/popup/components/diagnostic-view-toggle-factory.test.tsx
(8)
9.
src/tests/unit/tests/background/stores/visualization-scan-result-store.test.ts
(2)
Number of errors covered as part of this user story: **25**
**SUBPART 3:**
1.
src/tests/unit/tests/DetailsView/components/adhoc-static-test-view.test.tsx
(1)
2.
src/tests/unit/tests/DetailsView/components/adhoc-tab-stops-test-view.test.tsx
(1)
3. src/tests/unit/tests/DetailsView/components/iframe-warning.test.tsx
(2)
4. src/tests/unit/tests/DetailsView/components/issues-table.test.tsx (1)
5. src/tests/unit/tests/DetailsView/details-view-container.test.tsx (2)
6. src/tests/unit/tests/injected/adapters/resolution-creator.test.ts (1)
7. src/tests/unit/tests/reports/package/axe-results-report.test.ts (1)
8. src/tests/unit/tests/background/target-tab-controller.test.ts (1)
9. src/tests/unit/tests/background/stores/persistent-store.test.ts (1)
10.
src/tests/unit/tests/DetailsView/components/adhoc-issues-test-view.test.tsx(1)
11.
src/tests/unit/tests/background/initial-visualization-store-data-generator.test.ts
(2)
12. src/tests/unit/tests/reports/components/inline-image.test.tsx (1)
13.
src/tests/unit/tests/common/message-creators/assessment-card-selection-message-creator.test.ts
14.
src/tests/unit/tests/common/message-creators/card-selection-message-creator.test.ts
15.
src/tests/unit/tests/common/message-creators/needs-review-card-selection-message-creator.test.ts
16. src/tests/unit/tests/common/notification-creator.test.ts
17. src/tests/unit/tests/common/telemetry-data-factory.test.ts
18.
src/tests/unit/tests/DetailsView/actions/details-view-action-message-creator.test.ts
19.
src/tests/unit/tests/DetailsView/actions/tab-stop-requirement-action-message-creator.test.ts
20.
src/tests/unit/tests/DetailsView/components/left-nav/visualization-based-left-nav.test.tsx
Number of errors covered as part of this user story: **30**
**Total Number of errors covered as part of this user story: **80****
- src/common/components/cards/instance-details-group.tsx
- src/DetailsView/details-view-initializer.ts
Due to typescript changes the style of the snapshot file got
re-arranged. So updated the snapshot files.
##### Context
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [x] Addresses an existing issue:
#(https://github.com/microsoft/accessibility-insights-web/pull/6611)
- [x] Ran `yarn fastpass`
- [x] Added/updated relevant unit test(s) (and ran `yarn test`)
- [x] Verified code coverage for the changes made. Check coverage report
at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
---------
Co-authored-by: Jeevani Chinthala <v-jeevanic@microsoft.com>
Co-authored-by: Vikash Yadav <v-viyada@microsoft.com>
Bumps [webpack](https://github.com/webpack/webpack) from 5.89.0 to
5.91.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/webpack/webpack/releases">webpack's
releases</a>.</em></p>
<blockquote>
<h2>v5.91.0</h2>
<h2>Bug Fixes</h2>
<ul>
<li>Deserializer for ignored modules doesn't crash</li>
<li>Allow the <code>unsafeCache</code> option to be a proxy object</li>
<li>Normalize the <code>snapshot.unmanagedPaths</code> option</li>
<li>Fixed <code>fs</code> types</li>
<li>Fixed resolve's plugins types</li>
<li>Fixed wrongly calculate postOrderIndex</li>
<li>Fixed watching types</li>
<li>Output import attrbiutes/import assertions for external JS
imports</li>
<li>Throw an error when DllPlugin needs to generate multiple manifest
files, but the path is the same</li>
<li>[CSS] Output
<code>layer</code>/<code>supports</code>/<code>media</code> for external
CSS imports</li>
</ul>
<h2>New Features</h2>
<ul>
<li>Allow to customize the stage of BannerPlugin</li>
<li>[CSS] Support CSS exports convention</li>
<li>[CSS] support CSS local ident name</li>
<li>[CSS] Support <code>__webpack_nonce__</code> for CSS chunks</li>
<li>[CSS] Support <code>fetchPriority</code> for CSS chunks</li>
<li>[CSS] Allow to use LZW to compress css head meta (enabled in the
<code>production</code> mode by default)</li>
<li>[CSS] Support prefetch/preload for CSS chunks</li>
</ul>
<h2>v5.90.3</h2>
<h2>Bug Fixes</h2>
<ul>
<li>don't mangle when destructuring a reexport</li>
<li>types for <code>Stats.toJson()</code> and
<code>Stats.toString()</code></li>
<li>many internal types</li>
<li>[CSS] clean up export css local vars</li>
</ul>
<h2>Perf</h2>
<ul>
<li>simplify and optimize chunk graph creation</li>
</ul>
<h2>v5.90.2</h2>
<h2>Bug Fixes</h2>
<ul>
<li>use <code>Math.imul</code> in <code>fnv1a32</code> to avoid loss of
precision, directly hash UTF16 values</li>
<li>the <code>setStatus()</code> of the HMR module should not return an
array, which may cause infinite recursion</li>
<li><code>__webpack_exports_info__.xxx.canMangle</code> shouldn't always
same as default</li>
<li>mangle export with destructuring</li>
<li>use new runtime to reconsider skipped connections
<code>activeState</code></li>
<li>make dynamic import optional in <code>try/catch</code></li>
<li>improve auto publicPath detection</li>
</ul>
<h2>Dependencies & Maintenance</h2>
<ul>
<li>improve CI setup and include Node.js@21</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="60daca5410"><code>60daca5</code></a>
chore(release): 5.91.0</li>
<li><a
href="8dad9ce177"><code>8dad9ce</code></a>
chore(deps-dev): bump <code>@babel/preset-react</code> from 7.23.3 to
7.24.1</li>
<li><a
href="a3229f9d69"><code>a3229f9</code></a>
chore(deps-dev): bump <code>@babel/core</code> from 7.24.0 to
7.24.1</li>
<li><a
href="40c2e44ff2"><code>40c2e44</code></a>
chore(deps-dev): bump <code>@types/node</code> from 20.11.29 to
20.11.30</li>
<li><a
href="a04faba9d0"><code>a04faba</code></a>
chore(deps-dev): bump memfs from 4.7.7 to 4.8.0</li>
<li><a
href="8f22221003"><code>8f22221</code></a>
chore(deps): bump es-module-lexer from 1.4.1 to 1.4.2</li>
<li><a
href="8df6912933"><code>8df6912</code></a>
chore(deps): bump es-module-lexer from 1.4.1 to 1.4.2</li>
<li><a
href="711c6185bf"><code>711c618</code></a>
chore(deps-dev): bump memfs from 4.7.7 to 4.8.0</li>
<li><a
href="c462bb3574"><code>c462bb3</code></a>
chore(deps-dev): bump <code>@types/node</code> from 20.11.29 to
20.11.30</li>
<li><a
href="f0d3e3ef35"><code>f0d3e3e</code></a>
chore(deps-dev): bump <code>@babel/preset-react</code> from 7.23.3 to
7.24.1</li>
<li>Additional commits viewable in <a
href="https://github.com/webpack/webpack/compare/v5.89.0...v5.91.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
#### Details
This PR updates axe-core to its latest version,
[4.8.4](https://github.com/dequelabs/axe-core/releases/v4.8.4), from
[4.7.2](https://github.com/dequelabs/axe-core/releases/v4.7.2). It also
bumps the accessibility-insights-report package version. As part of the
axe-core update:
- The deprecate & disable duplicate-id / duplicate-id-active rule has
been deprecated (https://github.com/dequelabs/axe-core/pull/4071).
- moved duplicate-id-aria to needs review.
(https://github.com/dequelabs/axe-core/pull/4075)
<img width="922" alt="image"
src="https://github.com/microsoft/accessibility-insights-web/assets/95463767/152c51ce-16d9-4550-aee2-6ddd8155a722">
- checks: enable help-same-as-label, but remove from rules
(https://github.com/dequelabs/axe-core/pull/4096)
- Various improvements were made to the types. Potentially the most
impactful of which is that the target and ancestry property now return
as UnlabelledFrameSelector instead of as string[],
- Major version upgrade 4.8.0 details
https://github.com/dequelabs/axe-core/releases/tag/v4.8.0
<!-- Usually a sentence or two describing what the PR changes -->
##### Motivation
This change is part of
https://dev.azure.com/mseng/1ES/_workitems/edit/2157659/
##### Context
<!-- Are there any parts that you've intentionally left out-of-scope for
a later PR to handle? -->
<!-- Were there any alternative approaches you considered? What
tradeoffs did you consider? -->
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [ ] Addresses an existing issue: #0000
- [ ] Ran `yarn fastpass`
- [x] Added/updated relevant unit test(s) (and ran `yarn test`)
- [x] Verified code coverage for the changes made. Check coverage report
at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [ ] (UI changes only) Added screenshots/GIFs to description above
- [ ] (UI changes only) Verified usability with NVDA/JAWS
---------
Co-authored-by: Rakesh Shivapooja <v-rakeshsh@microsoft.com>
Co-authored-by: Vikash Yadav <v-viyada@microsoft.com>
Bumps [tar](https://github.com/isaacs/node-tar) from 6.1.13 to 6.2.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md">tar's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>7.0</h2>
<ul>
<li>Rewrite in TypeScript, provide ESM and CommonJS hybrid
interface</li>
<li>Add tree-shake friendly exports, like
<code>import('tar/create')</code>
and <code>import('tar/read-entry')</code> to get individual functions or
classes.</li>
<li>Add <code>chmod</code> option that defaults to false, and deprecate
<code>noChmod</code>. That is, reverse the default option regarding
explicitly setting file system modes to match tar entry
settings.</li>
<li>Add <code>processUmask</code> option to avoid having to call
<code>process.umask()</code> when <code>chmod: true</code> (or
<code>noChmod: false</code>) is
set.</li>
</ul>
<h2>6.2</h2>
<ul>
<li>Add support for brotli compression</li>
<li>Add <code>maxDepth</code> option to prevent extraction into
excessively
deep folders.</li>
</ul>
<h2>6.1</h2>
<ul>
<li>remove dead link to benchmarks (<a
href="https://redirect.github.com/isaacs/node-tar/issues/313">#313</a>)
(<a href="https://github.com/yetzt"><code>@yetzt</code></a>)</li>
<li>add examples/explanation of using tar.t (<a
href="https://github.com/isaacs"><code>@isaacs</code></a>)</li>
<li>ensure close event is emited after stream has ended (<a
href="https://github.com/webark"><code>@webark</code></a>)</li>
<li>replace deprecated String.prototype.substr() (<a
href="https://github.com/CommanderRoot"><code>@CommanderRoot</code></a>,
<a
href="https://github.com/lukekarrys"><code>@lukekarrys</code></a>)</li>
</ul>
<h2>6.0</h2>
<ul>
<li>Drop support for node 6 and 8</li>
<li>fix symlinks and hardlinks on windows being packed with
<code>\</code>-style path targets</li>
</ul>
<h2>5.0</h2>
<ul>
<li>Address unpack race conditions using path reservations</li>
<li>Change large-numbers errors from TypeError to Error</li>
<li>Add <code>TAR_*</code> error codes</li>
<li>Raise <code>TAR_BAD_ARCHIVE</code> warning/error when there are no
valid
entries found in an archive</li>
<li>do not treat ignored entries as an invalid archive</li>
<li>drop support for node v4</li>
<li>unpack: conditionally use a file mapping to write files on
Windows</li>
<li>Set more portable 'mode' value in portable mode</li>
<li>Set <code>portable</code> gzip option in portable mode</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bef7b1e4ff"><code>bef7b1e</code></a>
6.2.1</li>
<li><a
href="fe8cd57da5"><code>fe8cd57</code></a>
prevent extraction in excessively deep subfolders</li>
<li><a
href="fe7ebfdced"><code>fe7ebfd</code></a>
remove security.md</li>
<li><a
href="5bc9d404e8"><code>5bc9d40</code></a>
6.2.0</li>
<li><a
href="fe1ef5ec87"><code>fe1ef5e</code></a>
changelog 6.2</li>
<li><a
href="e483220935"><code>e483220</code></a>
get rid of npm lint stuff</li>
<li><a
href="689928a0ba"><code>689928a</code></a>
ci that works outside of npm org</li>
<li><a
href="db6f539286"><code>db6f539</code></a>
file inference improvements for .tbr and .tgz</li>
<li><a
href="336fa8f27c"><code>336fa8f</code></a>
refactor: dry and other pr comments</li>
<li><a
href="eeba222387"><code>eeba222</code></a>
chore: lint fixes</li>
<li>Additional commits viewable in <a
href="https://github.com/isaacs/node-tar/compare/v6.1.13...v6.2.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/microsoft/accessibility-insights-web/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [esbuild](https://github.com/evanw/esbuild) from 0.19.11 to
0.20.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/releases">esbuild's
releases</a>.</em></p>
<blockquote>
<h2>v0.20.2</h2>
<ul>
<li>
<p>Support TypeScript experimental decorators on <code>abstract</code>
class fields (<a
href="https://redirect.github.com/evanw/esbuild/issues/3684">#3684</a>)</p>
<p>With this release, you can now use TypeScript experimental decorators
on <code>abstract</code> class fields. This was silently compiled
incorrectly in esbuild 0.19.7 and below, and was an error from esbuild
0.19.8 to esbuild 0.20.1. Code such as the following should now work
correctly:</p>
<pre lang="ts"><code>// Original code
const log = (x: any, y: string) => console.log(y)
abstract class Foo { @log abstract foo: string }
new class extends Foo { foo = '' }
<p>// Old output (with --loader=ts
--tsconfig-raw={&quot;compilerOptions&quot;:{&quot;experimentalDecorators&quot;:true}})
const log = (x, y) => console.log(y);
class Foo {
}
new class extends Foo {
foo = "";
}();</p>
<p>// New output (with --loader=ts
--tsconfig-raw={&quot;compilerOptions&quot;:{&quot;experimentalDecorators&quot;:true}})
const log = (x, y) => console.log(y);
class Foo {
}
__decorateClass([
log
], Foo.prototype, "foo", 2);
new class extends Foo {
foo = "";
}();
</code></pre></p>
</li>
<li>
<p>JSON loader now preserves <code>__proto__</code> properties (<a
href="https://redirect.github.com/evanw/esbuild/issues/3700">#3700</a>)</p>
<p>Copying JSON source code into a JavaScript file will change its
meaning if a JSON object contains the <code>__proto__</code> key. A
literal <code>__proto__</code> property in a JavaScript object literal
sets the prototype of the object instead of adding a property named
<code>__proto__</code>, while a literal <code>__proto__</code> property
in a JSON object literal just adds a property named
<code>__proto__</code>. With this release, esbuild will now work around
this problem by converting JSON to JavaScript with a computed property
key in this case:</p>
<pre lang="js"><code>// Original code
import data from
'data:application/json,{"__proto__":{"fail":true}}'
if (Object.getPrototypeOf(data)?.fail) throw 'fail'
<p>// Old output (with --bundle)
(() => {
//
<data:application/json,{"<strong>proto</strong>":{"fail":true}}>
var json_proto_fail_true_default = { <strong>proto</strong>: { fail:
true } };</p>
<p>// entry.js
if (Object.getPrototypeOf(json_proto_fail_true_default)?.fail)
throw "fail";
})();</p>
<p></code></pre></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/blob/main/CHANGELOG.md">esbuild's
changelog</a>.</em></p>
<blockquote>
<h2>0.20.2</h2>
<ul>
<li>
<p>Support TypeScript experimental decorators on <code>abstract</code>
class fields (<a
href="https://redirect.github.com/evanw/esbuild/issues/3684">#3684</a>)</p>
<p>With this release, you can now use TypeScript experimental decorators
on <code>abstract</code> class fields. This was silently compiled
incorrectly in esbuild 0.19.7 and below, and was an error from esbuild
0.19.8 to esbuild 0.20.1. Code such as the following should now work
correctly:</p>
<pre lang="ts"><code>// Original code
const log = (x: any, y: string) => console.log(y)
abstract class Foo { @log abstract foo: string }
new class extends Foo { foo = '' }
<p>// Old output (with --loader=ts
--tsconfig-raw={&quot;compilerOptions&quot;:{&quot;experimentalDecorators&quot;:true}})
const log = (x, y) => console.log(y);
class Foo {
}
new class extends Foo {
foo = "";
}();</p>
<p>// New output (with --loader=ts
--tsconfig-raw={&quot;compilerOptions&quot;:{&quot;experimentalDecorators&quot;:true}})
const log = (x, y) => console.log(y);
class Foo {
}
__decorateClass([
log
], Foo.prototype, "foo", 2);
new class extends Foo {
foo = "";
}();
</code></pre></p>
</li>
<li>
<p>JSON loader now preserves <code>__proto__</code> properties (<a
href="https://redirect.github.com/evanw/esbuild/issues/3700">#3700</a>)</p>
<p>Copying JSON source code into a JavaScript file will change its
meaning if a JSON object contains the <code>__proto__</code> key. A
literal <code>__proto__</code> property in a JavaScript object literal
sets the prototype of the object instead of adding a property named
<code>__proto__</code>, while a literal <code>__proto__</code> property
in a JSON object literal just adds a property named
<code>__proto__</code>. With this release, esbuild will now work around
this problem by converting JSON to JavaScript with a computed property
key in this case:</p>
<pre lang="js"><code>// Original code
import data from
'data:application/json,{"__proto__":{"fail":true}}'
if (Object.getPrototypeOf(data)?.fail) throw 'fail'
<p>// Old output (with --bundle)
(() => {
//
<data:application/json,{"<strong>proto</strong>":{"fail":true}}>
var json_proto_fail_true_default = { <strong>proto</strong>: { fail:
true } };</p>
<p>// entry.js
if (Object.getPrototypeOf(json_proto_fail_true_default)?.fail)
throw "fail";
})();
</code></pre></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="617eddaa32"><code>617edda</code></a>
publish 0.20.2 to npm</li>
<li><a
href="4780075ace"><code>4780075</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/3700">#3700</a>:
json loader preserves <code>__proto__</code> keys</li>
<li><a
href="30bed2d2d7"><code>30bed2d</code></a>
better errors for invalid js decorator syntax</li>
<li><a
href="300eeb7112"><code>300eeb7</code></a>
ts: allow non-null assertions in js decorators</li>
<li><a
href="4d997d9485"><code>4d997d9</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/3698">#3698</a>:
yarn pnp edge case with <code>tsconfig.json</code></li>
<li><a
href="cf42954760"><code>cf42954</code></a>
resolver: improve some debug logging</li>
<li><a
href="b0765ae132"><code>b0765ae</code></a>
fix some lints</li>
<li><a
href="dfa6206919"><code>dfa6206</code></a>
fix some comments (closes <a
href="https://redirect.github.com/evanw/esbuild/issues/3683">#3683</a>)</li>
<li><a
href="ae5cc17516"><code>ae5cc17</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/3684">#3684</a>:
<code>abstract</code> experimental decorators</li>
<li><a
href="c809af050a"><code>c809af0</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/2388">#2388</a>:
allow consuming types without dom types (<a
href="https://redirect.github.com/evanw/esbuild/issues/3679">#3679</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/evanw/esbuild/compare/v0.19.11...v0.20.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [@swc/jest](https://github.com/swc-project/pkgs) from 0.2.29 to
0.2.36.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/swc-project/pkgs/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[@types/luxon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/luxon)
from 3.4.0 to 3.4.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/luxon">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [css-loader](https://github.com/webpack-contrib/css-loader) from
6.9.0 to 6.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/webpack-contrib/css-loader/releases">css-loader's
releases</a>.</em></p>
<blockquote>
<h2>v6.10.0</h2>
<h2><a
href="https://github.com/webpack-contrib/css-loader/compare/v6.9.1...v6.10.0">6.10.0</a>
(2024-01-30)</h2>
<h3>Features</h3>
<ul>
<li>add <code>@rspack/core</code> as an optional peer dependency (<a
href="https://redirect.github.com/webpack-contrib/css-loader/issues/1568">#1568</a>)
(<a
href="3924679cb9">3924679</a>)</li>
<li>pass the <code>resourceQuery</code> and
<code>resourceFragment</code> to the <code>auto</code> and
<code>mode</code> callback (<a
href="https://redirect.github.com/webpack-contrib/css-loader/issues/1569">#1569</a>)
(<a
href="d641c4d482">d641c4d</a>)</li>
<li>support named exports with any characters (<a
href="6f43929983">6f43929</a>)</li>
</ul>
<h2>v6.9.1</h2>
<h3><a
href="https://github.com/webpack-contrib/css-loader/compare/v6.9.0...v6.9.1">6.9.1</a>
(2024-01-18)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>css nesting support</li>
<li><code>@scope</code> at-rule support</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/webpack-contrib/css-loader/blob/master/CHANGELOG.md">css-loader's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/webpack-contrib/css-loader/compare/v6.9.1...v6.10.0">6.10.0</a>
(2024-01-30)</h2>
<h3>Features</h3>
<ul>
<li>add <code>@rspack/core</code> as an optional peer dependency (<a
href="https://redirect.github.com/webpack-contrib/css-loader/issues/1568">#1568</a>)
(<a
href="3924679cb9">3924679</a>)</li>
<li>pass the <code>resourceQuery</code> and
<code>resourceFragment</code> to the <code>auto</code> and
<code>mode</code> callback (<a
href="https://redirect.github.com/webpack-contrib/css-loader/issues/1569">#1569</a>)
(<a
href="d641c4d482">d641c4d</a>)</li>
<li>support named exports with any characters (<a
href="6f43929983">6f43929</a>)</li>
</ul>
<h3><a
href="https://github.com/webpack-contrib/css-loader/compare/v6.9.0...v6.9.1">6.9.1</a>
(2024-01-18)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>css nesting support</li>
<li><code>@scope</code> at-rule support</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7bbb57c9b5"><code>7bbb57c</code></a>
chore(release): 6.10.0</li>
<li><a
href="d641c4d482"><code>d641c4d</code></a>
feat: pass the <code>resourceQuery</code> and
<code>resourceFragment</code> to the <code>auto</code> and `mode...</li>
<li><a
href="3924679cb9"><code>3924679</code></a>
feat: add <code>@rspack/core</code> as an optional peer dependency (<a
href="https://redirect.github.com/webpack-contrib/css-loader/issues/1568">#1568</a>)</li>
<li><a
href="6f43929983"><code>6f43929</code></a>
feat: support named exports with any characters</li>
<li><a
href="f9192eeb27"><code>f9192ee</code></a>
chore(release): 6.9.1</li>
<li><a
href="6515be0e35"><code>6515be0</code></a>
fix: css nesting support and <code>@scope</code> at-rule</li>
<li><a
href="0751f7a5fd"><code>0751f7a</code></a>
docs: update (<a
href="https://redirect.github.com/webpack-contrib/css-loader/issues/1562">#1562</a>)</li>
<li>See full diff in <a
href="https://github.com/webpack-contrib/css-loader/compare/v6.9.0...v6.10.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps playwright from v1.41.2-focal to v1.42.1-focal.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anjali Singh <v-singhanjal@microsoft.com>
#### Details
As we have already replaced enzyme with react testing library in all
unit test cases so this is final PR to remove enzyme package from repo.
##### Motivation
Existing User Story : [User Story
2142858](https://dev.azure.com/mseng/1ES/_workitems/edit/2142858):
Enzyme replacement in files under src/tests/unit/tests/injected
##### Context
<!-- Are there any parts that you've intentionally left out-of-scope for
a later PR to handle? -->
<!-- Were there any alternative approaches you considered? What
tradeoffs did you consider? -->
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [n/a] Addresses an existing issue: #0000
- [x] Ran `yarn fastpass`
- [x] Added/updated relevant unit test(s) (and ran `yarn test`)
- [x] Verified code coverage for the changes made. Check coverage report
at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [n/a] (UI changes only) Added screenshots/GIFs to description above
- [n/a] (UI changes only) Verified usability with NVDA/JAWS
Bumps [prettier](https://github.com/prettier/prettier) from 3.2.4 to
3.2.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/prettier/prettier/releases">prettier's
releases</a>.</em></p>
<blockquote>
<h2>3.2.5</h2>
<p>🔗 <a
href="https://github.com/prettier/prettier/blob/main/CHANGELOG.md#325">Changelog</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/prettier/prettier/blob/main/CHANGELOG.md">prettier's
changelog</a>.</em></p>
<blockquote>
<h1>3.2.5</h1>
<p><a
href="https://github.com/prettier/prettier/compare/3.2.4...3.2.5">diff</a></p>
<h4>Support Angular inline styles as single template literal (<a
href="https://redirect.github.com/prettier/prettier/pull/15968">#15968</a>
by <a
href="https://github.com/sosukesuzuki"><code>@sosukesuzuki</code></a>)</h4>
<p><a
href="https://blog.angular.io/introducing-angular-v17-4d7033312e4b">Angular
v17</a> supports single string inline styles.</p>
<!-- raw HTML omitted -->
<pre lang="ts"><code>// Input
@Component({
template: `<div>...</div>`,
styles: `h1 { color: blue; }`,
})
export class AppComponent {}
<p>// Prettier 3.2.4
<a href="https://github.com/Component"><code>@Component</code></a>({
template: <code>&lt;div&gt;...&lt;/div&gt;</code>,
styles: <code>h1 { color: blue; }</code>,
})
export class AppComponent {}</p>
<p>// Prettier 3.2.5
<a href="https://github.com/Component"><code>@Component</code></a>({
template: <code>&lt;div&gt;...&lt;/div&gt;</code>,
styles: <code>h1 { color: blue; }</code>,
})
export class AppComponent {}</p>
<p></code></pre></p>
<h4>Unexpected embedded formatting for Angular template (<a
href="https://redirect.github.com/prettier/prettier/pull/15969">#15969</a>
by <a href="https://github.com/JounQin"><code>@JounQin</code></a>)</h4>
<p>Computed template should not be considered as Angular component
template</p>
<!-- raw HTML omitted -->
<pre lang="ts"><code>// Input
const template = "foobar";
<p><a href="https://github.com/Component"><code>@Component</code></a>({
[template]: <code>&lt;h1&gt;{{ hello
}}&lt;/h1&gt;</code>,
})
export class AppComponent {}
</tr></table>
</code></pre></p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7142cf354c"><code>7142cf3</code></a>
Release 3.2.5</li>
<li><a
href="8cbee2e217"><code>8cbee2e</code></a>
chore(deps): update glimmer to v0.88.1 (<a
href="https://redirect.github.com/prettier/prettier/issues/15991">#15991</a>)</li>
<li><a
href="45baee061c"><code>45baee0</code></a>
chore(deps): update dependency magic-string to v0.30.6 (<a
href="https://redirect.github.com/prettier/prettier/issues/16022">#16022</a>)</li>
<li><a
href="9fb32a1a6b"><code>9fb32a1</code></a>
Minor refactor to property print (<a
href="https://redirect.github.com/prettier/prettier/issues/15924">#15924</a>)</li>
<li><a
href="08f19401e4"><code>08f1940</code></a>
Update install script for husky v9 (<a
href="https://redirect.github.com/prettier/prettier/issues/16000">#16000</a>)</li>
<li><a
href="6d0b1d2a93"><code>6d0b1d2</code></a>
Update yarn to v4.1.0 (<a
href="https://redirect.github.com/prettier/prettier/issues/16021">#16021</a>)</li>
<li><a
href="c8ba8dbca1"><code>c8ba8db</code></a>
chore(deps): update dependency <code>@angular/compiler</code> to
v17.1.2 (<a
href="https://redirect.github.com/prettier/prettier/issues/16018">#16018</a>)</li>
<li><a
href="e2250ec688"><code>e2250ec</code></a>
chore(deps): update typescript-eslint to v6.20.0 (<a
href="https://redirect.github.com/prettier/prettier/issues/16015">#16015</a>)</li>
<li><a
href="02865f6cc7"><code>02865f6</code></a>
chore(deps): update dependency npm-run-all2 to v6.1.2 (<a
href="https://redirect.github.com/prettier/prettier/issues/16017">#16017</a>)</li>
<li><a
href="014ee5d474"><code>014ee5d</code></a>
chore(deps): update dependency hermes-parser to v0.19.0 (<a
href="https://redirect.github.com/prettier/prettier/issues/16014">#16014</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/prettier/prettier/compare/3.2.4...3.2.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Prachi Naigaonkar <v-prachin@microsoft.com>
Bumps [jscodeshift](https://github.com/facebook/jscodeshift) from 0.15.1
to 0.15.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/facebook/jscodeshift/blob/main/CHANGELOG.md">jscodeshift's
changelog</a>.</em></p>
<blockquote>
<h2>[0.15.2] 2024-02-21</h2>
<h3>Fixed</h3>
<ul>
<li>Process all supported extensions by default (<a
href="https://redirect.github.com/facebook/jscodeshift/issues/584">#584</a>,
<a href="https://github.com/trivikr"><code>@trivikr</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4851fc8a01"><code>4851fc8</code></a>
0.15.2</li>
<li><a
href="686900477c"><code>6869004</code></a>
Process all supported JavaScript extensions by default</li>
<li>See full diff in <a
href="https://github.com/facebook/jscodeshift/compare/0.15.1...v0.15.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[@types/chrome](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/chrome)
from 0.0.256 to 0.0.260.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/chrome">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
#### Details
Enzyme replacement in test files.
##### Motivation
enzyme replacement in files under
/src/tests/unit/tests/DetailsView/components/
##### Context
All changes are done in test files only and snapshots are updated.
details-view-command-bar.test.tsx: We will raise this file in part 3
feature PRs.
#### Pull request checklist
<!-- If a checklist item is not applicable to this change, write "n/a"
in the checkbox -->
- [x] Addresses an existing issue: [USER STORY
2136483](https://dev.azure.com/mseng/1ES/_workitems/edit/2136483)
- [x] Ran `yarn fastpass`
- [x] Added/updated relevant unit test(s) (and ran `yarn test`)
- [x] Verified code coverage for the changes made. Check coverage report
at: `<rootDir>/test-results/unit/coverage`
- [x] PR title *AND* final merge commit title both start with a semantic
tag (`fix:`, `chore:`, `feat(feature-name):`, `refactor:`). See
`CONTRIBUTING.md`.
- [N/A] (UI changes only) Added screenshots/GIFs to description above
- [N/A] (UI changes only) Verified usability with NVDA/JAWS
dependabot[bot]
v-rakeshsh
rohittarpara
Prachi Naigaonkar
Saanica Ghate
Vikash Yadav