microsoft
/
vscode-cordova
зеркало из https://github.com/microsoft/vscode-cordova.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
1 272 коммитов 6 Ветки 72 Теги 32 MiB
Граф коммитов

149 Коммитов

Автор SHA1 Сообщение Дата
Rodolfo Berwanger Liberado 01bf313b84
Update json5 to fix vulnerability (#1005) 
* Update cordova hostname customization support

* Update requestArgs.ts

* Update jsDebugConfigAdapter.ts

* Gulp format

* Revert gulp format

* Update pathMapping hostname value

* Validation argument correction

* Update json5 version

* Revert "Update json5 version"

This reverts commit 9dbef31282.

* Fix changes

* Update integrity key

---------

Co-authored-by: Rodolfo Liberado (BEYONDSOFT CONSULTING INC) <v-rliberado@microsoft.com>
Co-authored-by: Ezio Li <v-yukl@microsoft.com>
 2024-09-18 10:34:19 +08:00
dependabot[bot] 6f9f1d2d62
Bump elliptic from 6.5.4 to 6.5.7 (#991) 
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.4 to 6.5.7.
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.4...v6.5.7)

---
updated-dependencies:
- dependency-name: elliptic
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-04 10:38:08 +08:00
dependabot[bot] 5ccfdcd8bc
Bump micromatch from 4.0.5 to 4.0.8 (#990) 
Bumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5 to 4.0.8.
- [Release notes](https://github.com/micromatch/micromatch/releases)
- [Changelog](https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/micromatch/compare/4.0.5...4.0.8)

---
updated-dependencies:
- dependency-name: micromatch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ezio Li <v-yukl@microsoft.com>
 2024-09-03 09:47:35 +08:00
lexie011 fc12491fc5
Remove ip module to fix security vulnerability (#989) 
Co-authored-by: Ezio Li <v-yukl@microsoft.com>
 2024-08-30 10:11:15 +08:00
Ezio Li a970e52701
Fix vulnerability: replace module xcode by xcparse (#975) 
* Fix vulnerability: replace module xcode by xcparse

* Remove module xcode
 2024-08-09 15:22:05 +08:00
dependabot[bot] 955bab424c
Bump ws, engine.io-client and engine.io (#965) 
Bumps [ws](https://github.com/websockets/ws), [engine.io-client](https://github.com/socketio/engine.io-client) and [engine.io](https://github.com/socketio/engine.io). These dependencies needed to be updated together.

Updates `ws` from 7.4.6 to 7.5.10
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/7.4.6...7.5.10)

Updates `engine.io-client` from 3.5.2 to 3.5.4
- [Release notes](https://github.com/socketio/engine.io-client/releases)
- [Changelog](https://github.com/socketio/engine.io-client/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/engine.io-client/compare/3.5.2...3.5.4)

Updates `engine.io` from 3.6.1 to 3.6.2
- [Release notes](https://github.com/socketio/engine.io/releases)
- [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/engine.io/compare/3.6.1...3.6.2)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: indirect
- dependency-name: engine.io-client
  dependency-type: indirect
- dependency-name: engine.io
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-04 10:03:23 +08:00
dependabot[bot] 5a80954a13
Bump braces and gulp (#964) 
Bumps [braces](https://github.com/micromatch/braces) to 3.0.3 and updates ancestor dependency [gulp](https://github.com/gulpjs/gulp). These dependencies need to be updated together.


Updates `braces` from 3.0.2 to 3.0.3
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3)

Updates `gulp` from 4.0.2 to 5.0.0
- [Release notes](https://github.com/gulpjs/gulp/releases)
- [Changelog](https://github.com/gulpjs/gulp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gulpjs/gulp/compare/v4.0.2...v5.0.0)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
- dependency-name: gulp
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-28 10:23:26 +08:00
dependabot[bot] d4dba5910f
Bump express from 4.18.1 to 4.19.2 (#959) 
Bumps [express](https://github.com/expressjs/express) from 4.18.1 to 4.19.2.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.18.1...4.19.2)

---
updated-dependencies:
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-16 14:11:57 +08:00
lexie011 ab95938777
Prepare for 2.7.0 (#958) 
* Prepare for 2.7.0

* delete extra  line

* Seperate internal changes from 2.7.0 changelog
 2024-03-29 13:41:40 +08:00
dependabot[bot] 98c2a214be
Bump es5-ext from 0.10.53 to 0.10.63 (#954) 
Bumps [es5-ext](https://github.com/medikoo/es5-ext) from 0.10.53 to 0.10.63.
- [Release notes](https://github.com/medikoo/es5-ext/releases)
- [Changelog](https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md)
- [Commits](https://github.com/medikoo/es5-ext/compare/v0.10.53...v0.10.63)

---
updated-dependencies:
- dependency-name: es5-ext
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-06 19:14:30 +08:00
dependabot[bot] ae353afbcd
Bump ip from 1.1.5 to 1.1.9 (#952) 
Bumps [ip](https://github.com/indutny/node-ip) from 1.1.5 to 1.1.9.
- [Commits](https://github.com/indutny/node-ip/compare/v1.1.5...v1.1.9)

---
updated-dependencies:
- dependency-name: ip
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ezio Li <v-yukl@microsoft.com>
 2024-02-27 16:13:04 +08:00
Ezio Li 1e0465e3d8
Prepare for 2.6.7 (#942) 2024-01-08 15:55:02 +08:00
benjaminbi 10bf3a49bd
Bump eslint package to support typescript 5.0.0+ (#941) 
* Bump eslint package to support typescript 5.0.0+
Fixes #940

* Bump eslint package to support typescript 5.0.0+
Fixes #940
 2023-12-27 09:38:29 +08:00
Ezio Li d95a945875
Bump vscode-test to 2.3.8 (#937) 2023-12-14 13:56:19 +08:00
benjaminbi abd2b3e3bc
Gulp script failure on Node18 in gulp-typescript package (#936) 
Fixes #935
 2023-12-13 17:38:11 +08:00
Ezio Li a00eb70230
Improve pwa-chrome configuration settings for cordova-android (#924) 
* Support cordova webview asset loader

* Update
 2023-11-22 10:10:59 +08:00
dependabot[bot] 2308ee867a
Bump @babel/traverse from 7.18.5 to 7.23.2 (#921) 
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.18.5 to 7.23.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse)

---
updated-dependencies:
- dependency-name: "@babel/traverse"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-17 14:53:51 +08:00
benjaminbi 6a7d1537c0
Prepare 2.6.6-1 (#928) 2023-11-06 14:24:19 +08:00
dependabot[bot] 8e287e111a
Bump browserify-sign from 4.2.1 to 4.2.2 (#925) 
Bumps [browserify-sign](https://github.com/crypto-browserify/browserify-sign) from 4.2.1 to 4.2.2.
- [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md)
- [Commits](https://github.com/crypto-browserify/browserify-sign/compare/v4.2.1...v4.2.2)

---
updated-dependencies:
- dependency-name: browserify-sign
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-31 22:00:35 -05:00
Ezio Li 90631b8699
Update vscode-debugadapter to @vscode/debugadapter (#920) 2023-10-11 01:15:25 -05:00
benjaminbi 9712200499
Prepare for 2.6.5 (#912) 
* Prepare for 2.6.5
Fixes #911

* Prepare for 2.6.5
Fixes #911

* Prepare for 2.6.5
Fixes #911
 2023-08-17 11:59:28 +08:00
dependabot[bot] 4cefb7a47c
Bump word-wrap from 1.2.3 to 1.2.5 (#899) 
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.5.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.5)

---
updated-dependencies:
- dependency-name: word-wrap
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-07-25 14:36:48 +08:00
dependabot[bot] a71bf7d313
Bump semver from 6.3.0 to 6.3.1 (#892) 
Bumps [semver](https://github.com/npm/node-semver) from 6.3.0 to 6.3.1.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v6.3.1/CHANGELOG.md)
- [Commits](https://github.com/npm/node-semver/compare/v6.3.0...v6.3.1)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-07-25 13:59:39 +08:00
Ezio Li 5c08f019dd
Prepare for 2.6.4 (#894) 2023-07-14 17:30:29 +08:00
benjaminbi c06ebcdb7b
Bump uuid version (#891) 
Fixes #890
 2023-07-05 11:47:05 +08:00
benjaminbi 3a985a48db
Bump chokidar package version to fix vulnerability issues (#889) 
Fixes #888
 2023-07-04 14:43:48 +08:00
benjaminbi 43048bc47e
Bump debug package version (#885) 
Fixes #884
 2023-06-28 14:23:57 +08:00
benjaminbi 2f643bb06f
Bump nanoid version to fix security alert #12 (#882) 
* Bump nanoid version to fix security alert #12
Fixes #881

* Update

---------

Co-authored-by: EzioLi <v-yukl@microsoft.com>
 2023-06-21 15:30:42 +08:00
benjaminbi 18970bc56e
Bump socket.io-parser version to fix high priority security issue (#879) 
Fixes #878
 2023-06-15 15:57:40 +08:00
benjaminbi 917f9ca1cc
Security issue: glob-parent before 5.1.2 vulnerable to Regular Expression Denial of Service in enclosure regex (#877) 
Fixes #876
 2023-06-14 16:27:20 +08:00
benjaminbi 19f951410c
Fix minimatch ReDoS vulnerability issue (Issue 874) (#875) 
* Bump simple-plist from 1.1.1 to 1.3.1

Bumps [simple-plist](https://github.com/wollardj/simple-plist) from 1.1.1 to 1.3.1.
- [Release notes](https://github.com/wollardj/simple-plist/releases)
- [Commits](https://github.com/wollardj/simple-plist/compare/v1.1.1...v1.3.1)

---
updated-dependencies:
- dependency-name: simple-plist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fix minimatch ReDoS vulnerability issue
Fixes #874

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-13 15:10:31 +08:00
dependabot[bot] 81912cbc5e
Bump simple-plist from 1.1.1 to 1.3.1 (#873) 
Bumps [simple-plist](https://github.com/wollardj/simple-plist) from 1.1.1 to 1.3.1.
- [Release notes](https://github.com/wollardj/simple-plist/releases)
- [Commits](https://github.com/wollardj/simple-plist/compare/v1.1.1...v1.3.1)

---
updated-dependencies:
- dependency-name: simple-plist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-12 13:49:27 +08:00
dependabot[bot] 9e4d59eb55
Bump xml2js, @vscode/vsce and vscode-nls-dev (#864) 
Bumps [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) to 0.5.0 and updates ancestor dependencies [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js), [@vscode/vsce](https://github.com/Microsoft/vsce) and [vscode-nls-dev](https://github.com/Microsoft/vscode-nls-dev). These dependencies need to be updated together.


Updates `xml2js` from 0.4.23 to 0.5.0
- [Commits](https://github.com/Leonidas-from-XIV/node-xml2js/commits/0.5.0)

Updates `@vscode/vsce` from 2.16.0 to 2.19.0
- [Release notes](https://github.com/Microsoft/vsce/releases)
- [Commits](https://github.com/Microsoft/vsce/compare/v2.16.0...v2.19.0)

Updates `vscode-nls-dev` from 4.0.0 to 4.0.4
- [Commits](https://github.com/Microsoft/vscode-nls-dev/commits)

---
updated-dependencies:
- dependency-name: xml2js
  dependency-type: indirect
- dependency-name: "@vscode/vsce"
  dependency-type: direct:development
- dependency-name: vscode-nls-dev
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-23 17:00:00 +08:00
Ezio Li e278cdc196
Prepare for 2.6.3 (#860) 2023-04-24 16:04:26 +08:00
benjaminbi 18043da5f5 [Feature] Check updates for all package modules in extension 
Fixes #843
 2023-04-18 16:17:30 +08:00
dependabot[bot] f4253b01aa
Bump webpack from 5.31.2 to 5.76.0 (#850) 
Bumps [webpack](https://github.com/webpack/webpack) from 5.31.2 to 5.76.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.31.2...v5.76.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-21 13:13:12 +08:00
dependabot[bot] 3d9b6cd38e
Bump qs from 6.9.6 to 6.10.3 (#828) 
Bumps [qs](https://github.com/ljharb/qs) from 6.9.6 to 6.10.3.
- [Release notes](https://github.com/ljharb/qs/releases)
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ljharb/qs/compare/v6.9.6...v6.10.3)

---
updated-dependencies:
- dependency-name: qs
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-24 20:26:46 +08:00
Ezio Li 83910aed2e
Add junit test report and publish test result to pipeline build run (#848) 2023-02-13 19:25:50 +08:00
Ezio Li 1626f783df
Fix node ECONNRESET error in MacOS (#844) 2023-01-30 17:22:10 +08:00
dependabot[bot] 2b60757932
Bump socket.io-parser from 3.3.2 to 3.3.3 (#813) 
Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 3.3.2 to 3.3.3.
- [Release notes](https://github.com/socketio/socket.io-parser/releases)
- [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io-parser/compare/3.3.2...3.3.3)

---
updated-dependencies:
- dependency-name: socket.io-parser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ezio Li <v-yukl@microsoft.com>
 2023-01-18 11:28:08 +08:00
Ezio Li 8fdcd4bc06
Prepare for 2.6.2 (#835) 2023-01-10 11:07:27 +08:00
Ezio Li c938fd7ccf
Update vsce module from vsce to @vscode/vsce (#833) 2022-12-27 18:21:15 +08:00
dependabot[bot] 809aeaba13
Bump decode-uri-component from 0.2.0 to 0.2.2 (#827) 
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2.
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2)

---
updated-dependencies:
- dependency-name: decode-uri-component
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-12 15:48:11 +08:00
dependabot[bot] 7cb337609a
Bump loader-utils from 2.0.3 to 2.0.4 (#821) 
Bumps [loader-utils](https://github.com/webpack/loader-utils) from 2.0.3 to 2.0.4.
- [Release notes](https://github.com/webpack/loader-utils/releases)
- [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md)
- [Commits](https://github.com/webpack/loader-utils/compare/v2.0.3...v2.0.4)

---
updated-dependencies:
- dependency-name: loader-utils
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ezio Li <v-yukl@microsoft.com>
 2022-12-06 19:19:56 +08:00
dependabot[bot] 8a75d0acb4
Bump engine.io from 3.6.0 to 3.6.1 (#824) 
Bumps [engine.io](https://github.com/socketio/engine.io) from 3.6.0 to 3.6.1.
- [Release notes](https://github.com/socketio/engine.io/releases)
- [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/engine.io/compare/3.6.0...3.6.1)

---
updated-dependencies:
- dependency-name: engine.io
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-28 16:48:12 +08:00
dependabot[bot] 5f11f11727
Bump loader-utils from 2.0.0 to 2.0.3 (#809) 
Bumps [loader-utils](https://github.com/webpack/loader-utils) from 2.0.0 to 2.0.3.
- [Release notes](https://github.com/webpack/loader-utils/releases)
- [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.3/CHANGELOG.md)
- [Commits](https://github.com/webpack/loader-utils/compare/v2.0.0...v2.0.3)

---
updated-dependencies:
- dependency-name: loader-utils
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-09 13:41:20 +08:00
Ezio Li 7f41b3a95b
Prepare for 2.6.1: fix blocking issue (#802) 
* Prepare for 2.6.0

* Update

* Prepare for 2.6.1: hotfix

* Update version

* Update changed log

* Update
 2022-10-24 13:59:16 +08:00
Ezio Li f5a8f1d1dd
Prepare for 2.6.0 (#800) 
* Prepare for 2.6.0

* Update
 2022-10-20 11:01:42 +08:00
dependabot[bot] a850ec0c4b
Bump engine.io and socket.io (#793) 
Bumps [engine.io](https://github.com/socketio/engine.io) and [socket.io](https://github.com/socketio/socket.io). These dependencies needed to be updated together.

Updates `engine.io` from 3.5.0 to 3.6.0
- [Release notes](https://github.com/socketio/engine.io/releases)
- [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/engine.io/compare/3.5.0...3.6.0)

Updates `socket.io` from 2.4.1 to 2.5.0
- [Release notes](https://github.com/socketio/socket.io/releases)
- [Changelog](https://github.com/socketio/socket.io/blob/2.5.0/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io/compare/2.4.1...2.5.0)

---
updated-dependencies:
- dependency-name: engine.io
  dependency-type: indirect
- dependency-name: socket.io
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-09-28 17:02:50 +08:00
Ezio Li 37ed3a871a
Add husky pre-commit checking (#791) 2022-09-28 09:39:56 +08:00