Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the vitest group in /frontend-react with 3 updates #15874

Closed
wants to merge 1 commit into from
Closed

Bump the vitest group in /frontend-react with 3 updates #15874

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 15, 2024
edited
Loading

Bumps the vitest group in /frontend-react with 3 updates: @vitest/coverage-istanbul, @vitest/ui and vitest.

Updates @vitest/coverage-istanbul from 2.0.5 to 2.1.1

Release notes

Sourced from @​vitest/coverage-istanbul's releases.

v2.1.1

   🐞 Bug Fixes

    View changes on GitHub

v2.1.0

This release makes another big change to the Browser Mode by introducing locators API:

test('renders blog posts', async () => {
  const screen = page.render(<Blog />)
await expect.element(screen.getByRole('heading', { name: 'Blog' })).toBeInTheDocument()
const [firstPost] = screen.getByRole('listitem').all()
await firstPost.getByRole('button', { name: 'Delete' }).click()
expect(screen.getByRole('listitem').all()).toHaveLength(3)
})

You can use either vitest-browser-vue, vitest-browser-svelte or vitest-browser-react to render components and make assertions using locators. Locators are also available on the page object from @vitest/browser/context.

Potential Breaking Change

  • workspace:
    • Correctly resolve workspace globs and file paths  -  by @​sheremet-va in vitest-dev/vitest#6316 (afdcb)
    • This changes how the custom glob pattern in the workspace config is treated. Any file matching the glob is considered a Vitest config file. Any folder matching the glob pattern is treated as a workspace project and is subject to the regular config resolution (single vitest.config.ts or vite.config.ts inside the folder)
    • For example, projects/* will match anything inside the projects folder. If it's a folder, we try to find the config inside that folder (if there is none, it is still treated as a project with the default config). If it's a file, it will be treated as a Vitest config. projects/**/* previously would assume that you only wanted to have folders as projects, but now it will match every single file insideprojects.
    • This change doesn't affect non-glob usage.

   🚀 Features

... (truncated)

Commits
  • 699055e chore: release v2.1.1
  • 9f1fd18 chore: release v2.1.0
  • b2be23e chore: release v2.1.0-beta.7
  • 8ac7011 chore: release v2.1.0-beta.6
  • da52d23 fix(coverage): use project specific vitenode for uncovered files (#6044)
  • 5932a7f feat(coverage): add --exclude-after-remap (#6309)
  • 34199bd feat(browser): support v8 coverage (#6273)
  • 72056b5 chore: release v2.1.0-beta.5
  • e662c7b fix(coverage): warn if vitest and @vitest/* versions don't match (#6317)
  • 67b086b chore: release v2.1.0-beta.4
  • Additional commits viewable in compare view

Updates @vitest/ui from 2.0.5 to 2.1.1

Release notes

Sourced from @​vitest/ui's releases.

v2.1.1

   🐞 Bug Fixes

    View changes on GitHub

v2.1.0

This release makes another big change to the Browser Mode by introducing locators API:

test('renders blog posts', async () => {
  const screen = page.render(<Blog />)
await expect.element(screen.getByRole('heading', { name: 'Blog' })).toBeInTheDocument()
const [firstPost] = screen.getByRole('listitem').all()
await firstPost.getByRole('button', { name: 'Delete' }).click()
expect(screen.getByRole('listitem').all()).toHaveLength(3)
})

You can use either vitest-browser-vue, vitest-browser-svelte or vitest-browser-react to render components and make assertions using locators. Locators are also available on the page object from @vitest/browser/context.

Potential Breaking Change

  • workspace:
    • Correctly resolve workspace globs and file paths  -  by @​sheremet-va in vitest-dev/vitest#6316 (afdcb)
    • This changes how the custom glob pattern in the workspace config is treated. Any file matching the glob is considered a Vitest config file. Any folder matching the glob pattern is treated as a workspace project and is subject to the regular config resolution (single vitest.config.ts or vite.config.ts inside the folder)
    • For example, projects/* will match anything inside the projects folder. If it's a folder, we try to find the config inside that folder (if there is none, it is still treated as a project with the default config). If it's a file, it will be treated as a Vitest config. projects/**/* previously would assume that you only wanted to have folders as projects, but now it will match every single file insideprojects.
    • This change doesn't affect non-glob usage.

   🚀 Features

... (truncated)

Commits
  • 699055e chore: release v2.1.1
  • 9f1fd18 chore: release v2.1.0
  • 94a186e fix(ui): render project name consistently (#6329)
  • b2be23e chore: release v2.1.0-beta.7
  • 0223bb7 fix(ui): remove "filters" flickering (#6463)
  • 97773e2 chore: fix edge case in license files bundling (#6460)
  • b78fa88 chore(deps): update dependency @​faker-js/faker to v9 (#6461)
  • c321a3f chore: replace fast-glob with tinyglobby (#6274)
  • b992b34 fix: print unexpected error message if peer dependencies have a different ver...
  • c853126 fix(browser): correctly run in-source tests in the browser (#6440)
  • Additional commits viewable in compare view

Updates vitest from 2.0.5 to 2.1.1

Release notes

Sourced from vitest's releases.

v2.1.1

   🐞 Bug Fixes

    View changes on GitHub

v2.1.0

This release makes another big change to the Browser Mode by introducing locators API:

test('renders blog posts', async () => {
  const screen = page.render(<Blog />)
await expect.element(screen.getByRole('heading', { name: 'Blog' })).toBeInTheDocument()
const [firstPost] = screen.getByRole('listitem').all()
await firstPost.getByRole('button', { name: 'Delete' }).click()
expect(screen.getByRole('listitem').all()).toHaveLength(3)
})

You can use either vitest-browser-vue, vitest-browser-svelte or vitest-browser-react to render components and make assertions using locators. Locators are also available on the page object from @vitest/browser/context.

Potential Breaking Change

  • workspace:
    • Correctly resolve workspace globs and file paths  -  by @​sheremet-va in vitest-dev/vitest#6316 (afdcb)
    • This changes how the custom glob pattern in the workspace config is treated. Any file matching the glob is considered a Vitest config file. Any folder matching the glob pattern is treated as a workspace project and is subject to the regular config resolution (single vitest.config.ts or vite.config.ts inside the folder)
    • For example, projects/* will match anything inside the projects folder. If it's a folder, we try to find the config inside that folder (if there is none, it is still treated as a project with the default config). If it's a file, it will be treated as a Vitest config. projects/**/* previously would assume that you only wanted to have folders as projects, but now it will match every single file insideprojects.
    • This change doesn't affect non-glob usage.

   🚀 Features

... (truncated)

Commits
  • 699055e chore: release v2.1.1
  • 36b5ace fix(workspace): resolve glob pattern once to avoid name collision (#6489)
  • 16aa76c fix(browser): make example test callbacks async (#6484)
  • 9f1fd18 chore: release v2.1.0
  • 94a186e fix(ui): render project name consistently (#6329)
  • ac698b1 fix: expect.getState().testPath always returns correct path (#6472)
  • b2be23e chore: release v2.1.0-beta.7
  • 0b44722 fix: ignore importer when resolving Vitest (#6469)
  • 97773e2 chore: fix edge case in license files bundling (#6460)
  • 7ab0f4a feat(browser): support --inspect-brk (#6434)
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Sep 15, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 15, 2024
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
npm/@vitest/coverage-istanbul ^2.1.1 UnknownUnknown
npm/@vitest/ui ^2.1.1 UnknownUnknown
npm/vitest ^2.1.1 UnknownUnknown
npm/@jridgewell/sourcemap-codec 1.5.0 🟢 3.4
Details
CheckScoreReason
Code-Review⚠️ 0Found 1/15 approved changesets -- score normalized to 0
Maintained⚠️ 01 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy⚠️ 0security policy file not detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
npm/@vitest/coverage-istanbul 2.1.1 UnknownUnknown
npm/@vitest/expect 2.1.1 UnknownUnknown
npm/@vitest/mocker 2.1.1 UnknownUnknown
npm/@vitest/pretty-format 2.1.1 UnknownUnknown
npm/@vitest/runner 2.1.1 UnknownUnknown
npm/@vitest/snapshot 2.1.1 UnknownUnknown
npm/@vitest/spy 2.1.1 UnknownUnknown
npm/@vitest/ui 2.1.1 UnknownUnknown
npm/@vitest/utils 2.1.1 UnknownUnknown
npm/debug 4.3.7 🟢 4.2
Details
CheckScoreReason
Code-Review🟢 3Found 11/28 approved changesets -- score normalized to 3
Maintained🟢 65 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 6
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Binary-Artifacts🟢 10no binaries found in the repo
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ -1no workflows found
Token-Permissions⚠️ -1No tokens found
Pinned-Dependencies⚠️ -1no dependencies found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Security-Policy⚠️ 0security policy file not detected
Signed-Releases⚠️ -1no releases found
Vulnerabilities🟢 100 existing vulnerabilities detected
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/fdir 6.3.0 🟢 3.9
Details
CheckScoreReason
Code-Review⚠️ 2Found 6/30 approved changesets -- score normalized to 2
Maintained🟢 1011 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 37 existing vulnerabilities detected
npm/magic-string 0.30.11 🟢 3.7
Details
CheckScoreReason
Maintained🟢 33 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 3
Code-Review🟢 3Found 11/30 approved changesets -- score normalized to 3
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Security-Policy⚠️ 0security policy file not detected
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 73 existing vulnerabilities detected
npm/picomatch 4.0.2 🟢 5
Details
CheckScoreReason
Code-Review🟢 5Found 11/20 approved changesets -- score normalized to 5
Maintained⚠️ 00 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Signed-Releases⚠️ -1no releases found
Vulnerabilities🟢 100 existing vulnerabilities detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Fuzzing⚠️ 0project is not fuzzed
Security-Policy🟢 10security policy file detected
SAST🟢 7SAST tool detected but not run on all commits
npm/tinybench 2.9.0 UnknownUnknown
npm/tinyexec 0.3.0 UnknownUnknown
npm/tinyglobby 0.2.6 UnknownUnknown
npm/vite-node 2.1.1 UnknownUnknown
npm/vitest 2.1.1 UnknownUnknown

Scanned Manifest Files

frontend-react/package.json
  • @vitest/coverage-istanbul@^2.1.1
  • @vitest/ui@^2.1.1
  • vitest@^2.1.1
  • @vitest/coverage-istanbul@^2.0.5
  • @vitest/ui@^2.0.5
  • vitest@^2.0.5
frontend-react/yarn.lock

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/frontend-react/vitest-6ba4eff4e7 branch 2 times, most recently from 7de7ffa to 830d960 Compare September 22, 2024 04:45
@dependabot
Bump the vitest group in /frontend-react with 3 updates
0f8616f 
Bumps the vitest group in /frontend-react with 3 updates: [@vitest/coverage-istanbul](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-istanbul), [@vitest/ui](https://github.com/vitest-dev/vitest/tree/HEAD/packages/ui) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).


Updates `@vitest/coverage-istanbul` from 2.0.5 to 2.1.1
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v2.1.1/packages/coverage-istanbul)

Updates `@vitest/ui` from 2.0.5 to 2.1.1
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v2.1.1/packages/ui)

Updates `vitest` from 2.0.5 to 2.1.1
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v2.1.1/packages/vitest)

---
updated-dependencies:
- dependency-name: "@vitest/coverage-istanbul"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: vitest
- dependency-name: "@vitest/ui"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: vitest
- dependency-name: vitest
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: vitest
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/frontend-react/vitest-6ba4eff4e7 branch from 830d960 to 0f8616f Compare September 29, 2024 04:40
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Oct 6, 2024

Superseded by #16112.

@dependabot dependabot bot closed this Oct 6, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/frontend-react/vitest-6ba4eff4e7 branch October 6, 2024 04:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants