build(deps): bump the npm_and_yarn group across 4 directories with 18 updates

[dependabot]

Bumps the npm_and_yarn group with 13 updates in the / directory:

Package	From	To
follow-redirects	1.15.2	1.15.6
vite	4.3.7	4.5.3
semver	5.7.1	5.7.2
@babel/traverse	7.21.5	7.24.7
ejs	3.1.9	3.1.10
express	4.18.2	4.19.2
got	9.6.0	12.6.1
@docusaurus/core	2.4.1	3.4.0
@docusaurus/plugin-ideal-image	2.4.1	3.4.0
@docusaurus/preset-classic	2.4.1	3.4.0
@docusaurus/theme-live-codeblock	2.4.1	3.4.0
docusaurus-plugin-typedoc-api	3.0.0	4.2.0
tough-cookie	4.1.2	4.1.4

Bumps the npm_and_yarn group with 2 updates in the /packages/playground/remote/public/wp-nightly/wp-content/themes/twentynineteen directory: semver and postcss.
Bumps the npm_and_yarn group with 9 updates in the /packages/playground/remote/public/wp-nightly/wp-content/themes/twentytwenty directory:

Package	From	To
follow-redirects	1.15.2	1.15.6
semver	5.7.1	5.7.2
@babel/traverse	7.20.13	7.24.7
express	4.18.2	4.19.2
postcss	8.4.21	8.4.31
tough-cookie	4.1.2	4.1.4
webpack	5.75.0	5.92.1
ws	7.5.9	7.5.10
webpack-dev-middleware	5.3.3	5.3.4

Bumps the npm_and_yarn group with 3 updates in the /packages/playground/remote/public/wp-nightly/wp-content/themes/twentytwentyone directory: semver, @babel/traverse and postcss.

Updates follow-redirects from 1.15.2 to 1.15.6

Commits

• 35a517c Release version 1.15.6 of the npm package.
• c4f847f Drop Proxy-Authorization across hosts.
• 8526b4a Use GitHub for disclosure.
• b1677ce Release version 1.15.5 of the npm package.
• d8914f7 Preserve fragment in responseUrl.
• 6585820 Release version 1.15.4 of the npm package.
• 7a6567e Disallow bracketed hostnames.
• 05629af Prefer native URL instead of deprecated url.parse.
• 1cba8e8 Prefer native URL instead of legacy url.resolve.
• 72bc2a4 Simplify _processResponse error handling.
• Additional commits viewable in compare view

Updates vite from 4.3.7 to 4.5.3

Changelog

Sourced from vite's changelog.

4.5.3 (2024-03-24)

• fix: fs.deny with globs with directories (#16250) (96a7f3a), closes #16250

4.5.2 (2024-01-19)

• fix: fs deny for case insensitive systems (#15653) (eeec23b), closes #15653

4.5.1 (2023-12-04)

• fix: backport #15223, proxy html path should be encoded (#15226) (41bb354), closes #15223 #15226

4.5.0 (2023-10-18)

• feat: backport mdx as known js source (#14560) (#14670) (45595ef), closes #14560 #14670
• feat: scan .marko files (#14669) (ed7bdc5), closes #14669
• feat(ssr): backport ssr.resolve.conditions and ssr.resolve.externalConditions (#14498) (#14668) (520139c), closes #14498 #14668

4.4.11 (2023-10-05)

• revert: "fix: use string manipulation instead of regex to inject esbuild helpers (54e1275), closes #14094

4.4.10 (2023-10-03)

• fix: add source map to Web Workers (fix #14216) (#14217) (df6f32f), closes #14216 #14217
• fix: handle errors during hasWorkspacePackageJSON function (#14394) (6f6e5de), closes #14394
• fix: handle sourcemap correctly when multiple line import exists (#14232) (218861f), closes #14232
• fix: if host is specified check whether it is valid (#14013) (b1b816a), closes #14013
• fix: include vite/types/* in exports field (#14296) (40e99a1), closes #14296
• fix: initWasm options should be optional (#14152) (119c074), closes #14152
• fix: restore builtins list (f8b9adb)
• fix: use string manipulation instead of regex to inject esbuild helpers (#14094) (128ad8f), closes #14094
• fix: ws never connects after restarting server if server.hmr.server is set (#14127) (441642e), closes #14127
• fix(analysis): warnings for dynamic imports that use static template literals (#14458) (0c6d289), closes #14458
• fix(cli): convert special base (#14283) (d4bc0fb), closes #14283
• fix(css): remove pure css chunk sourcemap (#14290) (cd7e033), closes #14290
• fix(css): reset render cache on renderStart (#14326) (d334b3d), closes #14326
• fix(glob): trigger HMR for glob in a package (#14117) (0f582bf), closes #14117
• fix(import-analysis): preserve importedUrls import order (#14465) (269aa43), closes #14465
• fix(manifest): preserve pure css chunk assets (#14297) (3d63ae6), closes #14297

... (truncated)

Commits

• aac695e release: v4.5.3
• 96a7f3a fix: fs.deny with globs with directories (#16250)
• d0360c1 release: v4.5.2
• eeec23b fix: fs deny for case insensitive systems (#15653)
• c075115 release: v4.5.1
• 41bb354 fix: backport #15223, proxy html path should be encoded (#15226)
• 055d2b8 release: v4.5.0
• ed7bdc5 feat: scan .marko files (#14669)
• 45595ef feat: backport mdx as known js source (#14560) (#14670)
• 520139c feat(ssr): backport ssr.resolve.conditions and ssr.resolve.externalConditions...
• Additional commits viewable in compare view

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

• 2f8fd41 #585 better handling of whitespace (#585) (@​joaomoreno, @​lukekarrys)

Changelog

Sourced from semver's changelog.

5.7.2 (2023-07-10)

Bug Fixes

• 2f8fd41 #585 better handling of whitespace (#585) (@​joaomoreno, @​lukekarrys)

5.7

• Add minVersion method

5.6

• Move boolean loose param to an options object, with backwards-compatibility protection.
• Add ability to opt out of special prerelease version handling with the includePrerelease option flag.

5.5

• Add version coercion capabilities

5.4

• Add intersection checking

5.3

• Add minSatisfying method

5.2

• Add prerelease(v) that returns prerelease components

5.1

• Add Backus-Naur for ranges
• Remove excessively cute inspection methods

5.0

• Remove AMD/Browserified build artifacts
• Fix ltr and gtr when using the * range
• Fix for range * with a prerelease identifier

Commits

• f8cc313 chore: release 5.7.2
• 2f8fd41 fix: better handling of whitespace (#585)
• deb5ad5 chore: @​npmcli/template-oss@​4.16.0
• See full diff in compare view

Maintainer changes

This version was pushed to npm by lukekarrys, a new releaser for semver since your current version.

Updates @babel/traverse from 7.21.5 to 7.24.7

Release notes

Sourced from @​babel/traverse's releases.

v7.24.7 (2024-06-05)

🐛 Bug Fix

• babel-node
  • #16554 Allow extra flags in babel-node (@​nicolo-ribaudo)
• babel-traverse
  • #16522 fix: incorrect constantViolations with destructuring (@​liuxingbaoyu)
• babel-helper-transform-fixture-test-runner, babel-plugin-proposal-explicit-resource-management
  • #16524 fix: Transform using in switch correctly (@​liuxingbaoyu)

🏠 Internal

• babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16525 Delete unused array helpers (@​blakewilson)

Committers: 7

• Amjad Yahia Robeen Hassan (@​amjed-98)
• Babel Bot (@​babel-bot)
• Blake Wilson (@​blakewilson)
• Huáng Jùnliàng (@​JLHwung)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• Sukka (@​SukkaW)
• @​liuxingbaoyu

v7.24.6 (2024-05-24)

Thanks @​amjed-98, @​blakewilson, @​coelhucas, and @​SukkaW for your first PRs!

🐛 Bug Fix

• babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • #16514 Fix source maps for private member expressions (@​nicolo-ribaudo)
• babel-core, babel-generator, babel-plugin-transform-modules-commonjs
  • #16515 Fix source maps for template literals (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • #16485 Support undecorated static accessor in anonymous classes (@​JLHwung)
  • #16484 Fix decorator bare yield await (@​JLHwung)
• babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
  • #16483 Fix: throw TypeError if addInitializer is called after finished (@​JLHwung)
• babel-parser, babel-plugin-transform-typescript
  • #16476 fix: Correctly parse cls.fn<C> = x (@​liuxingbaoyu)

🏠 Internal

• babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16501 Generate helper metadata at build time (@​nicolo-ribaudo)
• babel-helpers
  • #16499 Add tsconfig.json for @babel/helpers/src/helpers (@​nicolo-ribaudo)
• babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16495 Move all runtime helpers to individual files (@​nicolo-ribaudo)
• babel-parser, babel-traverse
  • #16482 Statically generate boilerplate for bitfield accessors (@​nicolo-ribaudo)
• Other

... (truncated)

Changelog

Sourced from @​babel/traverse's changelog.

v7.24.7 (2024-06-05)

🐛 Bug Fix

• babel-node
  • #16554 Allow extra flags in babel-node (@​nicolo-ribaudo)
• babel-traverse
  • #16522 fix: incorrect constantViolations with destructuring (@​liuxingbaoyu)
• babel-helper-transform-fixture-test-runner, babel-plugin-proposal-explicit-resource-management
  • #16524 fix: Transform using in switch correctly (@​liuxingbaoyu)

🏠 Internal

• babel-helpers, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16525 Delete unused array helpers (@​blakewilson)

v7.24.6 (2024-05-24)

🐛 Bug Fix

• babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • #16514 Fix source maps for private member expressions (@​nicolo-ribaudo)
• babel-core, babel-generator, babel-plugin-transform-modules-commonjs
  • #16515 Fix source maps for template literals (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • #16485 Support undecorated static accessor in anonymous classes (@​JLHwung)
  • #16484 Fix decorator bare yield await (@​JLHwung)
• babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
  • #16483 Fix: throw TypeError if addInitializer is called after finished (@​JLHwung)
• babel-parser, babel-plugin-transform-typescript
  • #16476 fix: Correctly parse cls.fn<C> = x (@​liuxingbaoyu)

🏠 Internal

• babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16501 Generate helper metadata at build time (@​nicolo-ribaudo)
• babel-helpers
  • #16499 Add tsconfig.json for @babel/helpers/src/helpers (@​nicolo-ribaudo)
• babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16495 Move all runtime helpers to individual files (@​nicolo-ribaudo)
• babel-parser, babel-traverse
  • #16482 Statically generate boilerplate for bitfield accessors (@​nicolo-ribaudo)
• Other
  • #16466 Migrate import assertions syntax (@​JLHwung)

v7.24.5 (2024-04-29)

🐛 Bug Fix

• babel-plugin-transform-classes, babel-traverse
  • #16377 fix: TypeScript annotation affects output (@​liuxingbaoyu)
• babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3
  • #16440 Fix suppressed error order (@​sossost)
  • #16408 Await nullish async disposable (@​JLHwung)

💅 Polish

• babel-parser

... (truncated)

Commits

• bf1e9a3 v7.24.7
• 4463aa5 fix: incorrect constantViolations with destructuring (#16522)
• 07bd000 Improve getBindingIdentifiers (#16544)
• 17a5502 [Babel 8] Remove extra.shorthand (#16521)
• 7934963 Use type: module in all package.jsons (#16535)
• 9630250 v7.24.6
• 1f010df Explicitly define NodePath.prototype.* (#16488)
• 6e3539b [babel 8] Publish .d.ts files for every package (#16416)
• e37e64d Use eslint v9 (#16479)
• 3ff20b9 Statically generate boilerplate for bitfield accessors (#16482)
• Additional commits viewable in compare view

Updates ejs from 3.1.9 to 3.1.10

Release notes

Sourced from ejs's releases.

v3.1.10

Version 3.1.10

Commits

• d3f807d Version 3.1.10
• 9ee26dd Mocha TDD
• e469741 Basic pollution protection
• 715e950 Merge pull request #756 from Jeffrey-mu/main
• cabe314 Include advanced usage examples
• 29b076c Added header
• 11503c7 Merge branch 'main' of github.com:mde/ejs into main
• 7690404 Added security banner to README
• f47d7ae Update SECURITY.md
• 828cea1 Update SECURITY.md
• Additional commits viewable in compare view

Updates express from 4.18.2 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

• Improved fix for open redirect allow list bypass

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

• Fix ci after location patch by @​wesleytodd in expressjs/express#5552
• fixed un-edited version in history.md for 4.19.0 by @​wesleytodd in expressjs/express#5556

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

• fix typo in release date by @​UlisesGascon in expressjs/express#5527
• docs: nominating @​wesleytodd to be project captian by @​wesleytodd in expressjs/express#5511
• docs: loosen TC activity rules by @​wesleytodd in expressjs/express#5510
• Add note on how to update docs for new release by @​crandmck in expressjs/express#5541
• Prevent open redirect allow list bypass due to encodeurl
• Release 4.19.0 by @​wesleytodd in expressjs/express#5551

New Contributors

• @​crandmck made their first contribution in expressjs/express#5541

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2

Other Changes

• Use https: protocol instead of deprecated git: protocol by @​vcsjones in expressjs/express#5032
• build: Node.js@16.18 and Node.js@18.12 by @​abenhamdine in expressjs/express#5034
• ci: update actions/checkout to v3 by @​armujahid in expressjs/express#5027
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5124
• Remove unused originalIndex from acceptParams by @​raksbisht in expressjs/express#5119
• Fixed typos by @​raksbisht in expressjs/express#5117
• examples: remove unused params by @​raksbisht in expressjs/express#5113
• fix: parameter str is not described in JSDoc by @​raksbisht in expressjs/express#5130
• fix: typos in History.md by @​raksbisht in expressjs/express#5131
• build : add Node.js@19.7 by @​abenhamdine in expressjs/express#5028
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5137

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

• Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

• Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

• Prevent open redirect allow list bypass due to encodeurl
• deps: cookie@0.6.0

4.18.3 / 2024-02-29

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2
• deps: cookie@0.6.0
  • Add partitioned option

Commits

• 04bc627 4.19.2
• da4d763 Improved fix for open redirect allow list bypass
• 4f0f6cc 4.19.1
• a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
• a1fa90f fixed un-edited version in history.md for 4.19.0
• 11f2b1d build: fix build due to inconsistent supertest behavior in older versions
• 084e365 4.19.0
• 0867302 Prevent open redirect allow list bypass due to encodeurl
• 567c9c6 Add note on how to update docs for new release (#5541)
• 69a4cf2 deps: cookie@0.6.0
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Updates got from 9.6.0 to 12.6.1

Release notes

Sourced from got's releases.

v12.6.1

• Fix get-stream import statement (#2266) 67d5039

sindresorhus/got@v12.6.0...v12.6.1

v12.6.0

• Update dependencies 88c88fb 979272e
• Loosen URL validation strictness (#2200) 0ca0b7f

sindresorhus/got@v12.5.3...v12.6.0

v12.5.3

• Fix abort event listeners not always being cleaned up (#2162) 3cc40b5

sindresorhus/got@v12.5.2...v12.5.3

v12.5.2

• Improve TypeScript 4.9 compatibility (#2163) 39f83b6

sindresorhus/got@v12.5.1...v12.5.2

v12.5.1

• Fix compatibility with TypeScript and ESM 3b3ea67
• Fix request body not being properly cached (#2150) 3e9d3af

sindresorhus/got@v12.5.0...v12.5.1

v12.5.0

• Disable method rewriting on 307 and 308 status codes (#2145) e049e94
• Upgrade dependencies 8630815 f0ac0b3 4c3762a

sindresorhus/got@v12.4.1...v12.5.0

v12.4.1

Fixes

• Fix options.context being not extensible b671480715dbbff908e9a385f5e714570c663cd7
• Don't emit uploadProgress after promise cancelation 693de217b030816f574d6e4cb505ee2e77b21c29

sindresorhus/got@v12.4.0...v12.4.1

v12.4.0

Improvements

• Support FormData without known length (#2120) 850773c

Fixes

• Don't call beforeError hooks with HTTPError if the throwHttpErrors option is false (#2104) 3927348

... (truncated)

Commits

• c405f54 12.6.1
• 67d5039 Fix get-stream import statement (#2266)
• 469a455 Meta tweaks
• 8f77e8d Fix readme "axios bugs" urls (#2253)
• af928f6 Fix type error on build (#2251)
• 702ed35 Meta tweaks
• e4460f7 Add failing tests for #2170 (#2171)
• 13a68d3 12.6.0
• 88c88fb Update dependencies
• 0ca0b7f Do not enforce newest URI rules on URLs (#2200)
• Additional commits viewable in compare view

Updates @docusaurus/core from 2.4.1 to 3.4.0

Release notes

Sourced from @​docusaurus/core's releases.

3.4.0 (2024-05-31)

🚀 New Feature

• create-docusaurus, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-theme-classic, docusaurus-utils-validation, docusaurus-utils
  • #10137 feat(docs, blog): add support for tags.yml, predefined list of tags (@​OzakIOne)
• docusaurus-theme-translations
  • #10151 feat(theme-translations): Added Turkmen (tk) default theme translations (@​ilmedova)
  • #10111 feat(theme-translations): Add Bulgarian default theme translations (bg) (@​PetarMc1)
• docusaurus-plugin-client-redirects, docusaurus-plugin-content-blog, docusaurus-plugin-pwa, docusaurus-plugin-sitemap, docusaurus-theme-search-algolia, docusaurus-types, docusaurus-utils, docusaurus
  • #9859 feat(core): hash router option - browse site offline (experimental) (@​slorber)
• docusaurus-module-type-aliases, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-types, docusaurus
  • #10121 feat(core): site storage config options (experimental) (@​slorber)

🐛 Bug Fix

• docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-utils
  • #10185 fix(docs, blog): Markdown link resolution does not support hot reload (@​slorber)
• docusaurus-theme-search-algolia
  • #10178 fix(theme): SearchPage should respect contextualSearch: false setting (@​ncoughlin)
  • #10164 fix(search): fix algolia search container bug (@​slorber)
• docusaurus-mdx-loader, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-utils
  • #10168 fix(mdx-loader): resolve Markdown/MDX links with Remark instead of RegExp (@​slorber)
• docusaurus-theme-translations
  • #10165 fix(theme-translation): add missing Korean (ko) theme translations (@​revi)
  • #10157 fix(theme-translations): complete Vietnamese theme translations (@​namnguyenthanhwork)
• docusaurus
  • #10145 fix(core): fix serve workaround regexp (@​slorber)
  • #10142 fix(core): fix docusaurus serve broken for assets when using trailingSlash (@​slorber)
  • #10130 fix(core): the broken anchor checker should not be sensitive pathname trailing slashes (@​slorber)
• docusaurus-theme-classic, docusaurus-theme-common
  • #10144 fix(theme): fix announcement bar layout shift due to missing storage key namespace (@​slorber)
• docusaurus-plugin-content-docs, docusaurus
  • #10132 fix(core): configurePostCss() should run after configureWebpack() (@​slorber)
• docusaurus-utils, docusaurus
  • #10131 fix(core): codegen should generate unique route prop filenames (@​slorber)
• docusaurus-theme-classic, docusaurus-theme-translations
  • #10118 fix(theme-translations): fix missing pluralization for label DocCard.categoryDescription.plurals (@​slorber)

📝 Documentation

• #10176 docs: add community plugin docusaurus-graph (@​Arsero)
• #10173 docs: improve how to use <details> (@​tats-u)
• #10167 docs: suggest using {<...>...</...>} if don't use Markdown in migra… (@​tats-u)
• #10143 docs: recommend users to remove hast-util-is-element in migration to v3 (@​tats-u)
• #10124 docs: v3 prepare your site blog post should point users to the upgrade guide (@​homotechsual)

🤖 Dependencies

• #10155 chore(deps): bump peaceiris/actions-gh-pages from 3 to 4 (@​dependabot[bot])

... (truncated)

Changelog

Sourced from @​docusaurus/core's changelog.

3.4.0 (2024-05-31)

🚀 New Feature

• create-docusaurus, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-theme-classic, docusaurus-utils-validation, docusaurus-utils
  • #10137 feat(docs, blog): add support for tags.yml, predefined list of tags (@​OzakIOne)
• docusaurus-theme-translations
  • #10151 feat(theme-translations): Added Turkmen (tk) default theme translations (@​ilmedova)
  • #10111 feat(theme-translations): Add Bulgarian default theme translations (bg) (@​PetarMc1)
• docusaurus-plugin-client-redirects, docusaurus-plugin-content-blog, docusaurus-plugin-pwa, docusaurus-plugin-sitemap, docusaurus-theme-search-algolia, docusaurus-types, docusaurus-utils, docusaurus
  • #9859 feat(core): hash router option - browse site offline (experimental) (@​slorber)
• docusaurus-module-type-aliases, docusaurus-theme-classic, docusaurus-theme-common, docusaurus-types, docusaurus
  • #10121 feat(core): site storage config options (experimental) (@​slorber)

🐛 Bug Fix

• docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-utils
  • #10185 fix(docs, blog): Markdown link resolution does not support hot reload (@​slorber)
• docusaurus-theme-search-algolia
  • #10178 fix(theme): SearchPage should respect contextualSearch: false setting (@​ncoughlin)
  • #10164 fix(search): fix algolia search container bug (@​slorber)
• docusaurus-mdx-loader, docusaurus-plugin-content-blog, docusaurus-plugin-content-docs, docusaurus-plugin-content-pages, docusaurus-utils
  • #10168 fix(mdx-loader): resolve Markdown/MDX links with Remark instead of RegExp (@​slorber)
• docusaurus-theme-translations
  • #10165 fix(theme-translation): add missing Korean (ko) theme translations (@​revi)
  • #10157 fix(theme-translations): complete Vietnamese theme translations (@​namnguyenthanhwork)
• docusaurus
  • #10145 fix(core): fix serve workaround regexp (@​slorber)
  • #10142 fix(core): fix docusaurus serve broken for assets when using trailingSlash (@​slorber)
  • #10130 fix(core): the broken anchor checker should not be sensitive pathname trailing slashes (@​slorber)
• docusaurus-theme-classic, docusaurus-theme-common
  • #10144 fix(theme): fix announcement bar layout shift due to missing storage key namespace (@​slorber)
• docusaurus-plugin-content-docs, docusaurus
  • #10132 fix(core): configurePostCss() should run after configureWebpack() (@​slorber)
• docusaurus-utils, docusaurus
  • #10131 fix(core): codegen should generate unique route prop filenames (@​slorber)
• docusaurus-theme-classic, docusaurus-theme-translations
  • #10118 fix(theme-translations): fix missing pluralization for label DocCard.categoryDescription.plurals (@​slorber)

📝 Documentation

• #10176 docs: add community plugin docusaurus-graph (@​Arsero)
• #10173 docs: improve how to use <details> (@​tats-u)
• #10167 docs: suggest using {<...>...</...>} if don't use Markdown in migra… (@​tats-u)
• #10143 docs: recommend users to remove hast-util-is-element in migration to v3 (@​tats-u)
• #10124 docs: v3 prepare your ...

  Description has been truncated

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@babel/code-frame@7.24.7	environment	0	24.1 kB	nicolo-ribaudo
npm/@babel/compat-data@7.24.7	None	0	65.6 kB	nicolo-ribaudo
npm/@babel/core@7.24.7	environment, filesystem, unsafe	+2	869 kB	nicolo-ribaudo
npm/@babel/generator@7.24.7	None	0	493 kB	nicolo-ribaudo
npm/@babel/helper-annotate-as-pure@7.24.7	None	0	52.4 kB	nicolo-ribaudo
npm/@babel/helper-builder-binary-assignment-operator-visitor@7.24.7	None	0	66.3 kB	nicolo-ribaudo
npm/@babel/helper-compilation-targets@7.24.7	None	0	52.2 kB	nicolo-ribaudo
npm/@babel/helper-create-class-features-plugin@7.24.7	None	0	507 kB	nicolo-ribaudo
npm/@babel/helper-create-regexp-features-plugin@7.24.7	None	0	93.5 kB	nicolo-ribaudo
npm/@babel/helper-define-polyfill-provider@0.6.2	unsafe	0	221 kB	nicolo-ribaudo
npm/@babel/helper-environment-visitor@7.24.7	None	0	6.72 kB	nicolo-ribaudo
npm/@babel/helper-function-name@7.24.7	None	0	21.7 kB	nicolo-ribaudo
npm/@babel/helper-hoist-variables@7.24.7	None	0	6.99 kB	nicolo-ribaudo
npm/@babel/helper-member-expression-to-functions@7.24.7	None	0	107 kB	nicolo-ribaudo
npm/@babel/helper-module-imports@7.24.7	None	0	63.7 kB	nicolo-ribaudo
npm/@babel/helper-module-transforms@7.24.7	None	0	158 kB	nicolo-ribaudo
npm/@babel/helper-optimise-call-expression@7.24.7	None	0	55 kB	nicolo-ribaudo
npm/@babel/helper-plugin-utils@7.24.7	None	0	127 kB	nicolo-ribaudo
npm/@babel/helper-remap-async-to-generator@7.24.7	None	0	76.4 kB	nicolo-ribaudo
npm/@babel/helper-replace-supers@7.24.7	None	0	98.6 kB	nicolo-ribaudo
npm/@babel/helper-simple-access@7.24.7	None	0	14.1 kB	nicolo-ribaudo
npm/@babel/helper-skip-transparent-expression-wrappers@7.24.7	None	0	58.5 kB	nicolo-ribaudo
npm/@babel/helper-split-export-declaration@7.24.7	None	0	10.8 kB	nicolo-ribaudo
npm/@babel/helper-string-parser@7.24.7	None	0	31.8 kB	nicolo-ribaudo
npm/@babel/helper-validator-identifier@7.24.7	None	0	49.3 kB	nicolo-ribaudo
npm/@babel/helper-validator-option@7.24.7	None	0	11.8 kB	nicolo-ribaudo
npm/@babel/helper-wrap-function@7.24.7	None	0	73.7 kB	nicolo-ribaudo
npm/@babel/helpers@7.24.7	None	0	859 kB	nicolo-ribaudo
npm/@babel/highlight@7.24.7	environment	+5	69 kB	nicolo-ribaudo
npm/@babel/parser@7.24.7	None	0	1.89 MB	nicolo-ribaudo
npm/@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression@7.24.7	None	0	73.9 kB	nicolo-ribaudo
npm/@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining@7.24.7	None	0	77.5 kB	nicolo-ribaudo
npm/@babel/plugin-proposal-private-property-in-object@7.21.0-placeholder-for-preset-env.2	None	0	16.3 kB	nicolo-ribaudo
npm/@babel/plugin-syntax-bigint@7.8.3	None	0	2.42 kB	nicolo-ribaudo
npm/@babel/plugin-syntax-import-assertions@7.24.7	None	0	69.6 kB	nicolo-ribaudo
npm/@babel/plugin-syntax-jsx@7.24.7	None	0	70 kB	nicolo-ribaudo
npm/@babel/plugin-syntax-typescript@7.24.7	None	0	72.8 kB	nicolo-ribaudo
npm/@babel/plugin-transform-arrow-functions@7.24.7	None	0	71.5 kB	nicolo-ribaudo
npm/@babel/plugin-transform-async-to-generator@7.24.7	None	0	74.7 kB	nicolo-ribaudo
npm/@babel/plugin-transform-block-scoped-functions@7.24.7	None	0	72.4 kB	nicolo-ribaudo
npm/@babel/plugin-transform-block-scoping@7.24.7	None	0	155 kB	nicolo-ribaudo
npm/@babel/plugin-transform-classes@7.24.7	None	0	160 kB	nicolo-ribaudo
npm/@babel/plugin-transform-computed-properties@7.24.7	None	0	88.6 kB	nicolo-ribaudo
npm/@babel/plugin-transform-destructuring@7.24.7	None	0	148 kB	nicolo-ribaudo
npm/@babel/plugin-transform-dotall-regex@7.24.7	None	0	70.5 kB	nicolo-ribaudo
npm/@babel/plugin-transform-duplicate-keys@7.24.7	None	0	75 kB	nicolo-ribaudo
npm/@babel/plugin-transform-exponentiation-operator@7.24.7	None	0	71.2 kB	nicolo-ribaudo
npm/@babel/plugin-transform-for-of@7.24.7	None	0	111 kB	nicolo-ribaudo
npm/@babel/plugin-transform-function-name@7.24.7	None	0	72.3 kB	nicolo-ribaudo
npm/@babel/plugin-transform-literals@7.24.7	None	0	70.5 kB	nicolo-ribaudo
npm/@babel/plugin-transform-member-expression-literals@7.24.7	None	0	70.9 kB	nicolo-ribaudo
npm/@babel/plugin-transform-modules-amd@7.24.7	None	0	88.3 kB	nicolo-ribaudo
npm/@babel/plugin-transform-modules-commonjs@7.24.7	None	0	111 kB	nicolo-ribaudo
npm/@babel/plugin-transform-modules-systemjs@7.24.7	None	0	134 kB	nicolo-ribaudo
npm/@babel/plugin-transform-modules-umd@7.24.7	None	0	93 kB	nicolo-ribaudo
npm/@babel/plugin-transform-named-capturing-groups-regex@7.24.7	None	0	71.2 kB	nicolo-ribaudo
npm/@babel/plugin-transform-new-target@7.24.7	None	0	76.1 kB	nicolo-ribaudo
npm/@babel/plugin-transform-object-super@7.24.7	None	0	75.4 kB	nicolo-ribaudo
npm/@babel/plugin-transform-parameters@7.24.7	None	0	132 kB	nicolo-ribaudo
npm/@babel/plugin-transform-property-literals@7.24.7	None	0	70.6 kB	nicolo-ribaudo
npm/@babel/plugin-transform-react-display-name@7.24.7	None	0	78.4 kB	nicolo-ribaudo
npm/@babel/plugin-transform-react-jsx-development@7.24.7	None	0	69.7 kB	nicolo-ribaudo
npm/@babel/plugin-transform-react-jsx@7.24.7	None	0	147 kB	nicolo-ribaudo
npm/@babel/plugin-transform-react-pure-annotations@7.24.7	None	0	74.5 kB	nicolo-ribaudo
npm/@babel/plugin-transform-regenerator@7.24.7	None	0	73.3 kB	nicolo-ribaudo
npm/@babel/plugin-transform-reserved-words@7.24.7	None	0	70.2 kB	nicolo-ribaudo
npm/@babel/plugin-transform-runtime@7.24.7	unsafe	0	105 kB	nicolo-ribaudo
npm/@babel/plugin-transform-shorthand-properties@7.24.7	None	0	73 kB	nicolo-ribaudo
npm/@babel/plugin-transform-spread@7.24.7	None	0	87.3 kB	nicolo-ribaudo
npm/@babel/plugin-transform-sticky-regex@7.24.7	None	0	70.6 kB	nicolo-ribaudo
npm/@babel/plugin-transform-template-literals@7.24.7	None	0	81.8 kB	nicolo-ribaudo
npm/@babel/plugin-transform-typeof-symbol@7.24.7	None	0	76.4 kB	nicolo-ribaudo
npm/@babel/plugin-transform-typescript@7.24.7	None	0	201 kB	nicolo-ribaudo
npm/@babel/plugin-transform-unicode-escapes@7.24.7	None	0	79.8 kB	nicolo-ribaudo
npm/@babel/plugin-transform-unicode-regex@7.24.7	None	0	70.3 kB	nicolo-ribaudo
npm/@babel/preset-env@7.24.7	environment, filesystem	0	236 kB	nicolo-ribaudo
npm/@babel/preset-modules@0.1.6-no-external-plugins	None	0	38.6 kB	nicolo-ribaudo
npm/@babel/preset-react@7.24.7	None	0	80 kB	nicolo-ribaudo
npm/@babel/preset-typescript@7.24.7	None	0	90.8 kB	nicolo-ribaudo
npm/@babel/runtime-corejs3@7.24.7	None	0	328 kB	nicolo-ribaudo
npm/@babel/runtime@7.24.7	None	0	246 kB	nicolo-ribaudo
npm/@babel/template@7.24.7	None	0	69 kB	nicolo-ribaudo
npm/@babel/traverse@7.24.7	None	0	634 kB	nicolo-ribaudo
npm/@babel/types@7.24.7	environment	0	2.41 MB	nicolo-ribaudo
npm/@bcoe/v8-coverage@0.2.3	None	0	277 kB	bcoe
npm/@codemirror/autocomplete@6.4.2	None	+1	359 kB	marijn
npm/@codemirror/commands@6.2.2	None	+1	354 kB	marijn
npm/@codemirror/lang-css@6.1.1	Transitive: environment	+4	493 kB	marijn
npm/@codemirror/lang-html@6.4.2	Transitive: environment	+5	627 kB	marijn
npm/@codemirror/lang-javascript@6.1.4	Transitive: environment	+5	804 kB	marijn
npm/@codemirror/lang-php@6.0.1	Transitive: environment	+4	778 kB	marijn
npm/@codemirror/lang-sql@6.4.0	Transitive: environment	+3	496 kB	marijn
npm/@codemirror/language@6.6.0	Transitive: environment	+3	636 kB	marijn
npm/@codemirror/state@6.2.0	None	0	363 kB	marijn
npm/@codemirror/theme-one-dark@6.1.1	None	+2	262 kB	marijn
npm/@codemirror/view@6.9.3	None	0	899 kB	marijn
npm/@docusaurus/core@3.4.0	Transitive: environment, eval, filesystem, network, shell, unsafe	+91	14.7 MB	slorber
npm/@docusaurus/plugin-ideal-image@3.4.0	environment Transitive: filesystem, network	+32	1.79 MB	slorber
npm/@docusaurus/preset-classic@3.4.0	environment Transitive: filesystem, network, unsafe	+65	6.88 MB	slorber
npm/@docusaurus/theme-live-codeblock@3.4.0	Transitive: environment, filesystem, network	+50	7.51 MB	slorber
npm/@eslint/eslintrc@1.4.1	filesystem, unsafe	+3	845 kB	eslintbot
npm/@gar/promisify@1.1.3	None	0	4.2 kB	gar
npm/@humanwhocodes/config-array@0.9.5	None	0	45.5 kB	nzakas
npm/@istanbuljs/load-nyc-config@1.1.0	environment, filesystem	+1	18.3 kB	coreyfarrell
npm/@istanbuljs/schema@0.1.3	None	0	17.2 kB	coreyfarrell
npm/@jest/console@29.5.0	None	0	19.1 kB	simenb
npm/@jest/core@29.5.0	unsafe	0	145 kB	simenb
npm/@jest/environment@29.5.0	None	0	15.9 kB	simenb
npm/@jest/fake-timers@29.5.0	None	0	26.3 kB	simenb
npm/@jest/globals@29.5.0	None	0	5.26 kB	simenb
npm/@jest/reporters@29.5.0	environment, unsafe Transitive: filesystem	+1	169 kB	simenb
npm/@jest/source-map@29.4.3	None	0	5.07 kB	simenb
npm/@jest/test-result@29.5.0	None	0	15.7 kB	simenb
npm/@jest/test-sequencer@29.5.0	None	0	13.5 kB	simenb
npm/@jest/transform@29.5.0	None	0	52.4 kB	simenb
npm/@jridgewell/gen-mapping@0.3.5	None	0	81.6 kB	jridgewell
npm/@jridgewell/set-array@1.2.1	None	0	17.9 kB	jridgewell
npm/@jridgewell/trace-mapping@0.3.25	None	0	169 kB	jridgewell
npm/@knodes/typedoc-plugin-pages@0.23.1	filesystem	+1	461 kB	gerkin
npm/@npmcli/fs@3.1.0	filesystem	0	26.5 kB	lukekarrys
npm/@npmcli/move-file@2.0.1	filesystem	+1	26.1 kB	gar
npm/@nx/devkit@16.2.1	environment, filesystem, shell, unsafe	+1	258 kB	nrwl-jason
npm/@nx/esbuild@16.2.1	filesystem	+1	87.5 kB	nrwl-jason
npm/@nx/eslint-plugin@16.2.1	filesystem	+1	179 kB	nrwl-jason
npm/@nx/jest@16.2.1	unsafe Transitive: filesystem	+2	297 kB	nrwl-jason
npm/@nx/js@16.2.1	environment, filesystem	+4	567 kB	nrwl-jason
npm/@nx/linter@16.2.1	shell Transitive: filesystem	+2	281 kB	nrwl-jason
npm/@nx/node@16.2.1	None	+1	114 kB	nrwl-jason
npm/@nx/plugin@16.2.1	Transitive: filesystem	+2	277 kB	nrwl-jason
npm/@nx/react@16.2.1	Transitive: filesystem	+2	764 kB	nrwl-jason
npm/@nx/rollup@16.2.1	environment, filesystem	+9	742 kB	nrwl-jason
npm/@nx/vite@16.2.1	Transitive: filesystem	+3	743 kB	nrwl-jason
npm/@nx/web@16.2.1	None	+1	196 kB	nrwl-jason
npm/@nx/webpack@16.2.1	environment, filesystem	+1	260 kB	nrwl-jason
npm/@nx/workspace@16.2.1	environment, filesystem	+2	2.37 MB	nrwl-jason
npm/@rollup/plugin-url@8.0.1	filesystem	+2	79.9 kB	shellscape
npm/@sinonjs/commons@3.0.0	None	0	38.6 kB	mrgnrdrck
npm/@sinonjs/fake-timers@10.1.0	eval	0	80.1 kB	fatso83
npm/@testing-library/react@14.0.0	environment	+2	8.25 MB	testing-library-bot
npm/@tootallnate/once@2.0.0	None	0	16.3 kB	tootallnate
npm/@types/babel__core@7.20.0	None	0	33.7 kB	types
npm/@types/babel__generator@7.6.4	None	0	11.7 kB	types
npm/@types/babel__template@7.4.1	None	0	6.93 kB	types
npm/@types/babel__traverse@7.18.5	None	0	65.2 kB	types
npm/@types/estree@0.0.39	None	0	17.8 kB	types
npm/@types/file-saver@2.0.5	None	0	7.3 kB	types
npm/@types/glob@7.2.0	None	0	6.61 kB	types
npm/@types/graceful-fs@4.1.6	None	0	4.52 kB	types
npm/@types/jest@29.5.1	None	+2	447 kB	types
npm/@types/minimatch@3.0.5	None	0	8.2 kB	types
npm/@types/minimist@1.2.2	None	0	6.72 kB	types
npm/@types/node@18.14.2	None	0	3.61 MB	types
npm/@types/normalize-package-data@2.4.1	None	0	6.29 kB	types
npm/@types/prettier@2.7.2	None	0	49.5 kB	types
npm/@types/react-dom@18.2.4	None	0	30.3 kB	types
npm/@types/react-modal@3.16.0	None	0	11.2 kB	types
npm/@types/semver@7.5.0	None	0	23.7 kB	types
npm/@types/stack-utils@2.0.1	None	0	6.97 kB	types
npm/@types/wordpress__block-editor@11.5.0	None	+5	246 kB	types
npm/@types/wordpress__blocks@12.5.0	None	+5	220 kB	types
npm/@types/ws@8.5.10	None	0	21.7 kB	types
npm/@typescript-eslint/eslint-plugin@5.59.6	None	0	2.42 MB	jameshenry
npm/@typescript-eslint/parser@5.59.6	None	0	18.6 kB	jameshenry
npm/@typescript-eslint/scope-manager@5.59.6	None	0	592 kB	jameshenry
npm/@typescript-eslint/type-utils@5.59.6	None	0	88 kB	jameshenry
npm/@typescript-eslint/types@5.59.6	None	0	223 kB	jameshenry
npm/@typescript-eslint/typescript-estree@5.59.6	environment, filesystem	0	551 kB	jameshenry
npm/@typescript-eslint/utils@5.59.6	None	0	501 kB	jameshenry
npm/@typescript-eslint/visitor-keys@5.59.6	None	0	18.4 kB	jameshenry
npm/@vitejs/plugin-react@3.1.0	environment	+3	460 kB	vitebot
npm/@vitest/coverage-c8@0.31.1	None	+1	426 kB	oreanno
npm/@vitest/ui@0.31.1	None	+1	1.02 MB	oreanno
npm/@webassemblyjs/ast@1.12.1	None	0	207 kB	xtuc
npm/@webassemblyjs/helper-buffer@1.12.1	None	0	10.8 kB	xtuc
npm/@webassemblyjs/helper-wasm-bytecode@1.11.6	None	0	16 kB	xtuc
npm/@webassemblyjs/helper-wasm-section@1.12.1	None	0	19.7 kB	xtuc
npm/@webassemblyjs/ieee754@1.11.6	None	0	3.18 kB	xtuc
npm/@webassemblyjs/leb128@1.11.6	None	0	30.7 kB	xtuc
npm/@webassemblyjs/utf8@1.11.6	None	0	7.31 kB	xtuc
npm/@webassemblyjs/wasm-edit@1.12.1	None	0	34.6 kB	xtuc
npm/@webassemblyjs/wasm-gen@1.12.1	None	0	28.1 kB	xtuc
npm/@webassemblyjs/wasm-opt@1.12.1	None	0	14.4 kB	xtuc
npm/@webassemblyjs/wasm-parser@1.12.1	None	0	129 kB	xtuc
npm/@webassemblyjs/wast-printer@1.12.1	None	0	39.6 kB	xtuc
npm/@wordpress/block-editor@11.6.0	environment	+55	44.8 MB	gutenbergplugin
npm/@wordpress/blocks@12.6.0	environment	+15	5.28 MB	gutenbergplugin
npm/@wordpress/components@23.6.0	environment	+40	26.1 MB	gutenbergplugin
npm/@wordpress/core-data@6.6.0	None	+12	4.74 MB	gutenbergplugin
npm/@wordpress/data@8.6.0	None	+12	3.93 MB	gutenbergplugin
npm/@wordpress/element@5.6.0	None	0	391 kB	gutenbergplugin
npm/@wordpress/escape-html@2.33.0	None	0	84.7 kB	gutenbergplugin
npm/@wordpress/notices@3.29.0	None	+4	767 kB	gutenbergplugin

🚮 Removed packages: npm/@babel/code-frame@7.12.13, npm/@babel/compat-data@7.14.0, npm/@babel/core@7.14.3, npm/@babel/generator@7.14.3, npm/@babel/helper-compilation-targets@7.13.16, npm/@babel/helper-function-name@7.14.2, npm/@babel/helper-get-function-arity@7.12.13, npm/@babel/helper-member-expression-to-functions@7.13.12, npm/@babel/helper-module-imports@7.13.12, npm/@babel/helper-module-transforms@7.14.2, npm/@babel/helper-optimise-call-expression@7.12.13, npm/@babel/helper-replace-supers@7.14.3, npm/@babel/helper-simple-access@7.13.12, npm/@babel/helper-split-export-declaration@7.12.13, npm/@babel/helper-validator-identifier@7.12.11, npm/@babel/helper-validator-option@7.12.17, npm/@babel/helpers@7.14.0, npm/@babel/highlight@7.13.10, npm/@babel/parser@7.14.3, npm/@babel/runtime-corejs3@7.16.0, npm/@babel/runtime@7.16.0, npm/@babel/template@7.12.13, npm/@babel/traverse@7.14.2, npm/@babel/types@7.14.2, npm/@docusaurus/core@2.4.1, npm/@docusaurus/plugin-ideal-image@2.4.1, npm/@docusaurus/preset-classic@2.4.1, npm/@docusaurus/theme-live-codeblock@2.4.1, npm/@es-joy/jsdoccomment@0.10.8, npm/@eslint/eslintrc@1.0.4, npm/@humanwhocodes/config-array@0.6.0, npm/@nodelib/fs.scandir@2.1.4, npm/@nodelib/fs.stat@2.0.4, npm/@nodelib/fs.walk@1.2.6, npm/@stylelint/postcss-css-in-js@0.37.2, npm/@stylelint/postcss-markdown@0.36.2, npm/@types/json-schema@7.0.9, npm/@types/mdast@3.0.3, npm/@types/minimist@1.2.1, npm/@types/normalize-package-data@2.4.0, npm/@types/unist@2.0.3, npm/@typescript-eslint/eslint-plugin@4.33.0, npm/@typescript-eslint/experimental-utils@4.33.0, npm/@typescript-eslint/parser@4.33.0, npm/@typescript-eslint/scope-manager@4.33.0, npm/@typescript-eslint/types@4.33.0, npm/@typescript-eslint/typescript-estree@4.33.0, npm/@typescript-eslint/visitor-keys@4.33.0, npm/@wordpress/browserslist-config@4.0.1, npm/@wordpress/eslint-plugin@9.2.0, npm/@wordpress/prettier-config@1.1.1, npm/@wordpress/stylelint-config@19.1.0, npm/acorn-jsx@5.3.2, npm/acorn@8.5.0, npm/ajv@6.12.6, npm/ansi-colors@4.1.1, npm/ansi-regex@4.1.0, npm/anymatch@3.1.2, npm/aria-query@4.2.2, npm/array-includes@3.1.4, npm/array-union@2.1.0, npm/array.prototype.flat@1.2.5, npm/array.prototype.flatmap@1.2.5, npm/arrify@1.0.1, npm/ast-types-flow@0.0.7, npm/astral-regex@2.0.0, npm/autoprefixer@10.4.0, npm/axe-core@4.3.5, npm/axobject-query@2.2.0, npm/babel-eslint@10.1.0, npm/bail@1.0.5, npm/balanced-match@1.0.0, npm/binary-extensions@2.2.0, npm/brace-expansion@1.1.11, npm/braces@3.0.2, npm/browserslist@4.16.6, npm/call-bind@1.0.0, npm/callsites@3.1.0, npm/camelcase-keys@6.2.2, npm/caniuse-api@3.0.0, npm/caniuse-lite@1.0.30001164, npm/character-entities-legacy@1.1.4, npm/character-entities@1.2.4, npm/character-reference-invalid@1.1.4, npm/chokidar-cli@3.0.0, npm/chokidar@3.5.2, npm/cliui@5.0.0, npm/clone-regexp@2.2.0, npm/color-convert@1.9.3, npm/color-name@1.1.3, npm/colorette@1.2.1, npm/comment-parser@1.2.4, npm/concat-map@0.0.1, npm/convert-source-map@1.7.0, npm/core-js-pure@3.19.1, npm/cross-spawn@7.0.3, npm/cssesc@3.0.0, npm/cssnano-utils@2.0.1, npm/damerau-levenshtein@1.0.7, npm/debug@4.3.1, npm/decamelize-keys@1.1.0, npm/decamelize@1.2.0, npm/deep-is@0.1.4, npm/define-properties@1.1.3, npm/dependency-graph@0.11.0, npm/dir-glob@3.0.1, npm/doctrine@2.1.0, npm/dom-serializer@0.2.2, npm/domelementtype@1.3.1, npm/domhandler@2.4.2, npm/domutils@1.7.0, npm/electron-to-chromium@1.3.749, npm/emoji-regex@9.2.2, npm/enquirer@2.3.6, npm/entities@1.1.2, npm/error-ex@1.3.2, npm/es-abstract@1.18.0-next.1, npm/es-to-primitive@1.2.1, npm/escalade@3.1.1, npm/eslint-config-prettier@7.2.0, npm/eslint-import-resolver-node@0.3.6, npm/eslint-module-utils@2.7.1, npm/eslint-plugin-import@2.25.2, npm/eslint-plugin-jest@24.7.0, npm/eslint-plugin-jsdoc@36.1.1, npm/eslint-plugin-jsx-a11y@6.4.1, npm/eslint-plugin-prettier@3.4.1, npm/eslint-plugin-react-hooks@4.2.0, npm/eslint-plugin-react@7.26.1, npm/eslint-scope@5.1.1, npm/eslint-utils@3.0.0, npm/eslint-visitor-keys@2.1.0, npm/eslint@8.2.0, npm/espree@9.0.0, npm/esquery@1.4.0, npm/esrecurse@4.3.0, npm/estraverse@4.3.0, npm/esutils@2.0.3, npm/execall@2.0.0, npm/extend@3.0.2, npm/fast-deep-equal@3.1.3, npm/fast-diff@1.2.0, npm/fast-glob@3.2.5, npm/fast-json-stable-stringify@2.1.0, npm/fast-levenshtein@2.0.6, npm/fastest-levenshtein@1.0.12, npm/fastq@1.11.0, npm/file-entry-cache@6.0.1, npm/fill-range@7.0.1, npm/find-up@2.1.0, npm/flat-cache@3.0.4, npm/flatted@3.1.1, npm/fraction.js@4.1.1, npm/fs-extra@10.0.0, npm/fs.realpath@1.0.0, npm/fsevents@2.3.2, npm/function-bind@1.1.1, npm/functional-red-black-tree@1.0.1, npm/gensync@1.0.0-beta.2, npm/get-caller-file@2.0.5, npm/get-intrinsic@1.0.1, npm/get-stdin@8.0.0, npm/get-symbol-description@1.0.0, npm/glob-parent@5.1.2, npm/glob@7.1.7, npm/global-modules@2.0.0, npm/global-prefix@3.0.0, npm/globals@12.4.0, npm/globby@11.0.3, npm/globjoin@0.1.4, npm/gonzales-pe@4.3.0, npm/graceful-fs@4.2.4, npm/hard-rejection@2.1.0, npm/has-bigints@1.0.1, npm/has-symbols@1.0.1, npm/has-tostringtag@1.0.0, npm/has@1.0.3, npm/hosted-git-info@2.8.9, npm/html-tags@3.1.0, npm/htmlparser2@3.10.1, npm/ignore@5.1.8, npm/import-cwd@3.0.0, npm/import-fresh@3.3.0, npm/import-from@3.0.0, npm/import-lazy@4.0.0, npm/imurmurhash@0.1.4, npm/indent-string@4.0.0, npm/indexes-of@1.0.1, npm/inflight@1.0.6, npm/inherits@2.0.4, npm/ini@1.3.8, npm/internal-slot@1.0.3, npm/is-alphabetical@1.0.4, npm/is-alphanumerical@1.0.4, npm/is-arrayish@0.2.1, npm/is-bigint@1.0.4, npm/is-binary-path@2.1.0, npm/is-boolean-object@1.1.2, npm/is-buffer@2.0.5, npm/is-callable@1.2.2, npm/is-core-module@2.2.0, npm/is-date-object@1.0.2, npm/is-decimal@1.0.4, npm/is-extglob@2.1.1, npm/is-fullwidth-code-point@2.0.0, npm/is-glob@4.0.1, npm/is-hexadecimal@1.0.4, npm/is-negative-zero@2.0.0, npm/is-number-object@1.0.6, npm/is-number@7.0.0, npm/is-plain-obj@2.1.0, npm/is-regex@1.1.1, npm/is-regexp@2.1.0, npm/is-shared-array-buffer@1.0.1, npm/is-string@1.0.7, npm/is-symbol@1.0.3, npm/is-typedarray@1.0.0, npm/is-weakref@1.0.1, npm/isexe@2.0.0, npm/js-tokens@4.0.0, npm/jsdoc-type-pratt-parser@1.2.0, npm/jsesc@2.5.2, npm/json-parse-better-errors@1.0.2, npm/json-schema-traverse@0.4.1, npm/json-stable-stringify-without-jsonify@1.0.1, npm/json5@1.0.1, npm/jsonfile@6.1.0, npm/jsx-ast-utils@3.2.1, npm/kind-of@6.0.3, npm/known-css-properties@0.21.0, npm/language-subtag-registry@0.3.21, npm/language-tags@1.0.5, npm/levn@0.4.1, npm/lilconfig@2.0.4, npm/lines-and-columns@1.1.6, npm/load-json-file@4.0.0, npm/locate-path@2.0.0, npm/lodash.clonedeep@4.5.0, npm/lodash.debounce@4.0.8, npm/lodash.difference@4.5.0, npm/lodash.forown@4.4.0, npm/lodash.get@4.4.2, npm/lodash.groupby@4.6.0, npm/lodash.memoize@4.1.2, npm/lodash.merge@4.6.2, npm/lodash.sortby@4.7.0, npm/lodash.throttle@4.1.1, npm/lodash.truncate@4.4.2, npm/lodash.uniq@4.5.0, npm/lodash@4.17.21, npm/longest-streak@2.0.4, npm/loose-envify@1.4.0, npm/map-obj@4.2.1, npm/mathml-tag-names@2.1.3, npm/mdast-util-from-markdown@0.8.5, npm/mdast-util-to-markdown@0.6.5, npm/mdast-util-to-string@2.0.0, npm/memorystream@0.3.1, npm/meow@9.0.0, npm/merge2@1.4.1, npm/micromark@2.11.4, npm/micromatch@4.0.2, npm/min-indent@1.0.1, npm/minimatch@3.0.4, npm/minimist-options@4.1.0, npm/minimist@1.2.5, npm/ms@2.1.2, npm/nanoid@3.1.30, npm/natural-compare@1.4.0, npm/nice-try@1.0.5, npm/node-releases@1.1.73, npm/normalize-path@3.0.0, npm/normalize-range@0.1.2, npm/normalize-selector@0.2.0, npm/npm-run-all@4.1.5, npm/num2fraction@1.2.2, npm/object-assign@4.1.1, npm/object-inspect@1.9.0, npm/object-keys@1.1.1, npm/object.assign@4.1.2, npm/object.entries@1.1.5, npm/object.fromentries@2.0.5, npm/object.hasown@1.1.0, npm/object.values@1.1.5, npm/once@1.4.0, npm/optionator@0.9.1, npm/p-limit@2.3.0, npm/p-locate@2.0.0, npm/p-try@2.2.0, npm/parent-module@1.0.1, npm/parse-entities@2.0.0, npm/parse-json@5.2.0, npm/path-exists@3.0.0, npm/path-is-absolute@1.0.1, npm/path-key@3.1.1, npm/path-parse@1.0.7, npm/path-type@4.0.0, npm/picocolors@1.0.0, npm/picomatch@2.2.2, npm/pidtree@0.3.1, npm/pify@3.0.0, npm/pkg-dir@2.0.0, npm/postcss-calc@8.0.0, npm/postcss-cli@9.0.2, npm/postcss-css-variables@0.18.0, npm/postcss-custom-media@8.0.0, npm/postcss-discard-duplicates@5.0.1, npm/postcss-focus-within@5.0.1, npm/postcss-html@0.36.0, npm/postcss-less@3.1.4, npm/postcss-load-config@3.1.0, npm/postcss-media-query-parser@0.2.3, npm/postcss-merge-rules@5.0.3, npm/postcss-nested@5.0.6, npm/postcss-reporter@7.0.4, npm/postcss-resolve-nested-selector@0.1.1, npm/postcss-safe-parser@4.0.2, npm/postcss-sass@0.4.4, npm/postcss-scss@2.1.1, npm/postcss-selector-parser@6.0.4, npm/postcss-syntax@0.36.2, npm/postcss-value-parser@4.1.0, npm/postcss@8.3.11, npm/prelude-ls@1.2.1, npm/prettier-linter-helpers@1.0.0, npm/pretty-hrtime@1.0.3, npm/progress@2.0.3, npm/prop-types@15.7.2, npm/punycode@2.1.1, npm/queue-microtask@1.2.3, npm/quick-lru@4.0.1, npm/react-is@16.13.1, npm/read-cache@1.0.0, npm/read-pkg@3.0.0, npm/readable-stream@3.6.0, npm/readdirp@3.6.0, npm/redent@3.0.0, npm/regenerator-runtime@0.13.9, npm/regexp.prototype.flags@1.3.1, npm/regexpp@3.2.0, npm/regextras@0.8.0, npm/remark-parse@9.0.0, npm/remark-stringify@9.0.1, npm/remark@13.0.0, npm/repeat-string@1.6.1, npm/require-directory@2.1.1, npm/require-from-string@2.0.2, npm/require-main-filename@2.0.0, npm/requireindex@1.2.0, npm/resolve-from@4.0.0, npm/reusify@1.0.4, npm/rtlcss@3.5.0, npm/run-parallel@1.2.0, npm/safe-buffer@5.1.2, npm/sass@1.43.4, npm/semver@7.3.5, npm/set-blocking@2.0.0, npm/shebang-command@2.0.0, npm/shebang-regex@3.0.0, npm/shell-quote@1.7.2, npm/side-channel@1.0.4, npm/signal-exit@3.0.3, npm/slash@3.0.0, npm/slice-ansi@4.0.0, npm/source-map-js@0.6.2, npm/source-map@0.5.7, npm/spdx-correct@3.1.1, npm/spdx-exceptions@2.3.0, npm/spdx-expression-parse@3.0.1, npm/spdx-license-ids@3.0.7, npm/specificity@0.4.1, npm/string-width@3.1.0, npm/string.prototype.matchall@4.0.6, npm/string.prototype.padend@3.1.1, npm/string.prototype.trimend@1.0.3, npm/string.prototype.trimstart@1.0.3, npm/string_decoder@1.3.0, npm/strip-ansi@5.2.0, npm/strip-bom@3.0.0, npm/strip-indent@3.0.0, npm/strip-json-comments@3.1.1, npm/style-search@0.1.0, npm/stylelint-config-recommended-scss@5.0.1, npm/stylelint-config-recommended@3.0.0, npm/stylelint-scss@3.21.0, npm/stylelint@13.13.1, npm/sugarss@2.0.0, npm/svg-tags@1.0.0, npm/table@6.7.1, npm/text-table@0.2.0, npm/to-fast-properties@2.0.0, npm/to-regex-range@5.0.1, npm/trim-newlines@3.0.1, npm/trough@1.0.5, npm/tsconfig-paths@3.11.0, npm/tslib@1.14.1, npm/tsutils@3.21.0, npm/type-check@0.4.0, npm/typedarray-to-buffer@3.1.5, npm/unbox-primitive@1.0.1, npm/unified@9.2.1, npm/uniq@1.0.1, npm/unist-util-find-all-after@3.0.2, npm/unist-util-is@4.1.0, npm/unist-util-stringify-position@2.0.3, npm/universalify@2.0.0, npm/uri-js@4.4.1, npm/util-deprecate@1.0.2, npm/v8-compile-cache@2.3.0, npm/validate-npm-package-license@3.0.4, npm/vfile-message@2.0.4, npm/vfile@4.2.1, npm/which-boxed-primitive@1.0.2, npm/which-module@2.0.0, npm/which@2.0.2, npm/word-wrap@1.2.3, npm/wrap-ansi@5.1.0, npm/wrappy@1.0.2, npm/write-file-atomic@3.0.3, npm/y18n@4.0.3, npm/yaml@1.10.2, npm/yargs-parser@13.1.2, npm/yargs@13.3.2, npm/yocto-queue@0.1.0, npm/zwitch@1.0.5

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Install scripts	npm/@swc/core@1.3.61	Install script: postinstall Source: node postinstall.js	orphan: npm/@swc/core@1.3.61	🚫
Install scripts	npm/vue-demi@0.14.3	Install script: postinstall Source: node ./scripts/postinstall.js	orphan: npm/vue-demi@0.14.3	🚫

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/@swc/core@1.3.61
• @SocketSecurity ignore npm/vue-demi@0.14.3