Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump nanoid and @mapbox/mapbox-gl-geocoder in /app/frontend #2338

Open
wants to merge 1 commit into
base: release
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 9, 2024

Bumps nanoid to 3.3.8 and updates ancestor dependency @mapbox/mapbox-gl-geocoder. These dependencies need to be updated together.

Updates nanoid from 2.1.11 to 3.3.8

Release notes

Sourced from nanoid's releases.

3.0 Migration Guide

Nano ID 3.0 is the biggest release in the project history. Unfortunately, you will need to change the code of your application. But the changes are very small in most cases. In return, you will have better performance, smaller size, ES modules and TypeScript support.

Known Issues

  • Only Create React App 4.0 supports dual ESM/CJS modules.

Simple Case

In simple cases, you just need to change default import to named import.

- import nanoid from 'nanoid'
+ import { nanoid } from 'nanoid'
nanoid() //=> "sSAi9F8yakJZPxOCr_WFb"
nanoid(5) //=> "ISe9l"

If you support IE, you need to transpile node_modules by Babel.

Non-secure and asynchronous Nano ID need only import changes as well.

- import nanoid from 'nanoid/non-secure'
+ import { nanoid } from 'nanoid/non-secure'
nanoid() //=> "sSAi9F8yakJZPxOCr_WFb"

- import nanoid from 'nanoid/async'
+ import { nanoid } from 'nanoid/async'
nanoid().then(id => {
id //=> "sSAi9F8yakJZPxOCr_WFb"
})

TypeScript

Remove @types/nanoid if you have it. Nano ID now have built-in types.

npm uninstall @types/nanoid

React Native

For Expo you need to load the file by direct path:

... (truncated)

Changelog

Sourced from nanoid's changelog.

3.3.8

  • Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

3.3.7

  • Fixed node16 TypeScript support (by Saadi Myftija).

3.3.6

  • Fixed package.

3.3.5

  • Backport funding information.

3.3.4

3.3.3

  • Reduced size (by Anton Khlynovskiy).

3.3.2

  • Fixed enhanced-resolve support.

3.3.1

  • Reduced package size.

3.3

  • Added size argument to function from customAlphabet (by Stefan Sundin).

3.2

  • Added --size and --alphabet arguments to binary (by Vitaly Baev).

3.1.32

  • Reduced async exports size (by Artyom Arutyunyan).
  • Moved from Jest to uvu (by Vitaly Baev).

3.1.31

  • Fixed collision vulnerability on object in size (by Artyom Arutyunyan).

3.1.30

  • Reduced size for project with brotli compression (by Anton Khlynovskiy).

3.1.29

  • Reduced npm package size.

3.1.28

  • Reduced npm package size.

3.1.27

  • Cleaned dependencies from development tools.

3.1.26

... (truncated)

Commits

Updates @mapbox/mapbox-gl-geocoder from 4.7.4 to 5.0.3

Release notes

Sourced from @​mapbox/mapbox-gl-geocoder's releases.

v5.0.3

5.0.3

Features / Improvements 🚀

  • Updates event service to latest schema

Dependency update

  • Bumps mapbox-sdk-js to v0.16.1

v5.0.2

  • Fix setPlaceholder so that when setPlaceholder is called afterwards it return updated placeholder string #502
  • Fixed support of mapbox-gl@3 #520

v5.0.0

From the changelog:

Breaking Changes ⚠️

  • Adds Mapbox attribution footer. As we synthesize data sources in the future, based on data results there may be more lines. The footer is pretty small and unobtrusive, but if this is an issue for your product please reach out to your Technical Account Management (TAM) representative #438

Features / Improvements 🚀

  • Enables use of the value 'ip' for proximity to bias around a user's location #453
  • Adds setAccessToken method to update the accessToken after the Geocoder has been initialized #449
  • Added geolocate functionality to find user's location via the Browser API #444
  • Upgraded system font stack to include Apple fonts. This is used for text if Open Sans is not available #438
  • Adds flipCoordinates boolean option to support lon,lat coordinate order for reverse geocodes #435

Dependency update

  • Bumps nanoid to v3.1.31 to resolve security vulnerability warning.
  • Adds babelify to build process to ensure mapbox-gl-geocoder remains ES5-compatible.
  • Adds events dependency to resolve a Node emulation issue for use in packagers such as Vite #451

Bug fixes 🐛

  • Remove IE11-specific security vulnerability in createIcon method #446
  • Resolve with empty results response when the externalGeocoder method returns null #446
Changelog

Sourced from @​mapbox/mapbox-gl-geocoder's changelog.

5.0.3

Features / Improvements 🚀

  • Updates event service to latest schema

Dependency update

  • Bumps mapbox-sdk-js to v0.16.1

5.0.2

Bug fixes 🐛

  • Fix setPlaceholder so that when setPlaceholder is called afterwards it return updated placeholder string #502
  • Fixed support of mapbox-gl@​3

5.0.1

Bug fixes 🐛

  • Fix string matching and regular expressions to remove security vulnerabilities and meet code scan compliance #457

5.0.0

Breaking Changes ⚠️

  • Adds Mapbox attribution footer. As we synthesize data sources in the future, based on data results there may be more lines. The footer is pretty small and unobtrusive, but if this is an issue for your product please reach out to your Technical Account Management (TAM) representative #438

Features / Improvements 🚀

  • Enables use of the value 'ip' for proximity to bias around a user's location #453
  • Adds setAccessToken method to update the accessToken after the Geocoder has been initialized #449
  • Added geolocate functionality to find user's location via the Browser API #444
  • Upgraded system font stack to include Apple fonts. This is used for text if Open Sans is not available #438
  • Adds flipCoordinates boolean option to support lon,lat coordinate order for reverse geocodes #435

Dependency update

  • Bumps nanoid to v3.1.31 to resolve security vulnerability warning.
  • Adds babelify to build process to ensure mapbox-gl-geocoder remains ES5-compatible.
  • Adds events dependency to resolve a Node emulation issue for use in packagers such as Vite #451

Bug fixes 🐛

  • Remove IE11-specific security vulnerability in createIcon method #446
  • Resolve with empty results response when the externalGeocoder method returns null #446
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [nanoid](https://github.com/ai/nanoid) to 3.3.8 and updates ancestor dependency [@mapbox/mapbox-gl-geocoder](https://github.com/mapbox/mapbox-gl-geocoder). These dependencies need to be updated together.


Updates `nanoid` from 2.1.11 to 3.3.8
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](ai/nanoid@2.1.11...3.3.8)

Updates `@mapbox/mapbox-gl-geocoder` from 4.7.4 to 5.0.3
- [Release notes](https://github.com/mapbox/mapbox-gl-geocoder/releases)
- [Changelog](https://github.com/mapbox/mapbox-gl-geocoder/blob/main/CHANGELOG.md)
- [Commits](mapbox/mapbox-gl-geocoder@v4.7.4...v5.0.3)

---
updated-dependencies:
- dependency-name: nanoid
  dependency-type: indirect
- dependency-name: "@mapbox/mapbox-gl-geocoder"
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested review from DerekRoberts and a team as code owners December 9, 2024 23:28
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Dec 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file Frontend javascript Pull requests that update Javascript code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant