Summary: This seems to be (no longer) in use.
Reviewed By: lblasa
Differential Revision: D50645270
fbshipit-source-id: 69cf276f97d960a16ffd3e48342420b33fa646da
Summary: This is the immediate follow-up from the previous diff which aims to integrate the MacOS app into our release build script, meta only.
Reviewed By: antonk52, aigoncharov
Differential Revision: D50301369
fbshipit-source-id: 23a4842666c3a7aa9616c6237e16b71bae87ba36
Summary:
We recently raised a concern that for some packages types/* version is different than the package we are using. This can cause runtime errors as typescript can suggest usage that no longer reflects current API of a library. To combat this issue we decided to add a CI check to verify that major versions of types and a libriary match.
This script will be refined if in the next few diffs
Reviewed By: LukeDefeo
Differential Revision: D48779652
fbshipit-source-id: 2a826ba9d00565563553f04cd809ae0638db6282
Summary:
This updates minor and patch level dependencies. Frustratingly, I had to revert a bunch
of changes in that version range that still caused incompatibilities and test failures.
If I find time, I'll dig a bit deeper.
Reviewed By: ivanmisuno
Differential Revision: D48433210
fbshipit-source-id: 9ab12e774c1992d4f22cc1428d34f102ce820b75
Summary:
See https://github.com/samdenty/console-feed/issues/124.
This is breaking our CI and lots of other things. We should hopefully be able to cleanly revert this on Monday.
Reviewed By: ivanmisuno
Differential Revision: D47150333
fbshipit-source-id: f34d6afdb83607c8ac2cc7fb2989ca68733798e0
Summary:
^
Basically, update Jest and fix any raised issues. Mainly:
- Update necessary dependencies
- Update snapshots
- `useFakeTimers` caused a few issues which meant that the way we hook into the performance object had to be tweaked. The main code change is: `//fbsource/xplat/sonar/desktop/scripts/jest-setup-after.tsx`
- `mocked` -> `jest.mocked`
Changelog: Update Jest to v29.5.1
Reviewed By: antonk52
Differential Revision: D46319818
fbshipit-source-id: d218ca8f7e43abac6b00844953ddeb7f4e1010a2
Summary:
It seems the available binary for macOS arm64 is not signed:
```
codesign -dv --verbose=4 ./node-v16.16.0-macos-arm64
./node-v16.16.0-macos-arm64: code object is not signed
```
This is an issue as it crashes for our flipper server releases.
This can be compared to a binary downloaded from the Node distribution page:
```
codesign -dv --verbose=4 ./node
Executable=/Users/realpassy/Downloads/node-v16.15.0-darwin-arm64/bin/node
Identifier=node
Format=Mach-O thin (arm64)
CodeDirectory v=20500 size=597360 flags=0x10000(runtime) hashes=18657+7 location=embedded
VersionPlatform=1
VersionMin=720896
VersionSDK=721152
Hash type=sha256 size=32
CandidateCDHash sha256=31cdf84cac42a622c1a68558376700a2dd12d40d
CandidateCDHashFull sha256=31cdf84cac42a622c1a68558376700a2dd12d40d81c5118f3b0e0370c414eb69
Hash choices=sha256
CMSDigest=31cdf84cac42a622c1a68558376700a2dd12d40d81c5118f3b0e0370c414eb69
CMSDigestType=2
Executable Segment base=0
Executable Segment limit=56082432
Executable Segment flags=0x1
Page size=4096
Launch Constraints:
None
CDHash=31cdf84cac42a622c1a68558376700a2dd12d40d
Signature size=8986
Authority=Developer ID Application: Node.js Foundation (HX7739G8FX)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Timestamp=26 Apr 2022 at 23:00:57
Info.plist=not bound
TeamIdentifier=HX7739G8FX
Runtime Version=11.1.0
Sealed Resources=none
Internal requirements count=1 size=164
```
For additional context:
Node binary by using pkg-fetch. We just get the binary from this release page: https://github.com/vercel/pkg-fetch/releases/tag/v3.4
The exact binary we're downloading is https://github.com/vercel/pkg-fetch/releases/download/v3.4/node-v16.15.0-macos-arm64
If you just download that via Chrome, it will trigger Gatekeeper and you need to manually click "Allow" in the system privacy settings. You can also do the same by just running:
xattr -c ./node-v16*
Afterwards you can:
chmod +x ./node*
It will crash in the same way that it does after our distribution.
Reviewed By: passy
Differential Revision: D46225503
fbshipit-source-id: f0ae2d5101b99c9db7fe80333573caef52c787a2
Summary:
Replace an existing running instance, if any.
This is useful for:
- Applying updates
- Ensuring freshness of server
Reviewed By: passy
Differential Revision: D46146814
fbshipit-source-id: bfb760f3ab26b7632510773609f1c6ca3a97c4ec
Summary:
Bumps [deep-equal](https://github.com/inspect-js/node-deep-equal) from 2.0.5 to 2.2.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/inspect-js/node-deep-equal/blob/master/CHANGELOG.md">deep-equal's changelog</a>.</em></p>
<blockquote>
<h2><a href="https://github.com/inspect-js/node-deep-equal/compare/v2.2.0...v2.2.1">v2.2.1</a> - 2023-04-27</h2>
<h3>Commits</h3>
<ul>
<li>[Tests] add passing tests covering object key ordering <a href="51c9ff6b4c"><code>51c9ff6</code></a></li>
<li>[Refactor] use <code>array-buffer-byte-length</code> <a href="f47822cf0c"><code>f47822c</code></a></li>
<li>[Deps] update <code>is-array-buffer</code>, <code>regexp.prototype.flags</code> <a href="160d851333"><code>160d851</code></a></li>
<li>[Deps] update <code>es-get-iterator</code>, <code>get-intrinsic</code> <a href="2e08e956a4"><code>2e08e95</code></a></li>
<li>[Dev Deps] update <code>object.getownpropertydescriptors</code> <a href="63e9ab7450"><code>63e9ab7</code></a></li>
<li>[Dev Deps] update <code>tape</code> <a href="c8db964f60"><code>c8db964</code></a></li>
</ul>
<h2><a href="https://github.com/inspect-js/node-deep-equal/compare/v2.1.0...v2.2.0">v2.2.0</a> - 2023-01-05</h2>
<h3>Commits</h3>
<ul>
<li>[New] add support for <code>SharedArrayBuffer</code> <a href="0ef51c79b7"><code>0ef51c7</code></a></li>
<li>[Refactor] use <code>is-array-buffer</code> package <a href="0360ee1f1b"><code>0360ee1</code></a></li>
<li>[Fix] <code>whichTypedArray</code> can return false in both cases <a href="df3e3c4e30"><code>df3e3c4</code></a></li>
<li>[Dev Deps] update <code>aud</code>, <code>object.getownpropertydescriptors</code> <a href="6d62ea4f2b"><code>6d62ea4</code></a></li>
<li>[Dev Deps] update <code>ljharb/eslint-config</code> <a href="15aab59d64"><code>15aab59</code></a></li>
<li>[Deps] update <code>which-typed-array</code> <a href="8dfce27f33"><code>8dfce27</code></a></li>
<li>[eslint] remove <code>.eslintignore</code> <a href="af46773b28"><code>af46773</code></a></li>
</ul>
<h2><a href="https://github.com/inspect-js/node-deep-equal/compare/v2.0.5...v2.1.0">v2.1.0</a> - 2022-11-02</h2>
<h3>Fixed</h3>
<ul>
<li>[New] add support for <code>ArrayBuffer</code> <a href="https://redirect.github.com/inspect-js/node-deep-equal/issues/94"><code>[https://github.com/facebook/flipper/issues/94](https://github.com/inspect-js/node-deep-equal/issues/94)</code></a></li>
</ul>
<h3>Commits</h3>
<ul>
<li>[actions] reuse common workflows <a href="12de2873de"><code>12de287</code></a></li>
<li>[actions] use <code>node/install</code> instead of <code>node/run</code>; use <code>codecov</code> action <a href="ec248b96f4"><code>ec248b9</code></a></li>
<li>[Tests] run assert tests on a dynamic matrix <a href="695aebd509"><code>695aebd</code></a></li>
<li>[readme] add badges <a href="492e159158"><code>492e159</code></a></li>
<li>[Test] ArrayBuffers in node < 0.12 have a nonconfigurable own <code>byteLength</code> property <a href="40f4b87196"><code>40f4b87</code></a></li>
<li>[meta] use <code>npmignore</code> to autogenerate an npmignore file <a href="2627269314"><code>2627269</code></a></li>
<li>[Dev Deps] update <code>eslint</code>, <code>ljharb/eslint-config</code>, <code>safe-publish-latest</code>, <code>tape</code> <a href="7a05bb7482"><code>7a05bb7</code></a></li>
<li>[Deps] update <code>call-bind</code>, <code>es-get-iterator</code>, <code>get-intrinsic</code>, <code>is-arguments</code>, <code>is-regex</code>, <code>regexp.prototype.flags</code>, <code>side-channel</code>, <code>which-boxed-primitive</code>, <code>which-typed-array</code> <a href="c0844e629b"><code>c0844e6</code></a></li>
<li>[actions] update codecov uploader <a href="b1b0552fe3"><code>b1b0552</code></a></li>
<li>[Dev Deps] update <code>eslint</code>, <code>ljharb/eslint-config</code>, <code>aud</code>, <code>auto-changelog</code>, <code>has-symbols</code>, <code>object.getownpropertydescriptors</code>, <code>tape</code> <a href="9a1ccf5285"><code>9a1ccf5</code></a></li>
<li>[meta] do not publish github action workflow files <a href="2d63384d66"><code>2d63384</code></a></li>
<li>[actions] update rebase action to use reusable workflow <a href="69d21f55af"><code>69d21f5</code></a></li>
<li>[Dev Deps] update <code>eslint</code>, <code>ljharb/eslint-config</code>, <code>aud</code>, <code>has-symbols</code>, <code>object.getownpropertydescriptors</code>, <code>tape</code> <a href="297aae88f6"><code>297aae8</code></a></li>
<li>[Tests] add tests for regexes with the same source but different flags <a href="29c8a0da09"><code>29c8a0d</code></a></li>
<li>[Dev Deps] update <code>eslint</code>, <code>ljharb/eslint-config</code> <a href="9e64ec93a8"><code>9e64ec9</code></a></li>
<li>[Deps] update <code>is-arguments</code>, <code>is-date-object</code>, <code>is-regex</code>, <code>which-typed-array</code> <a href="edfb752810"><code>edfb752</code></a></li>
<li>[Dev Deps] update <code>eslint</code>, <code>ljharb/eslint-config</code>, <code>auto-changelog</code>, <code>tape</code> <a href="7b5f7a348b"><code>7b5f7a3</code></a></li>
<li>[Dev Deps] update <code>eslint</code>, <code>ljharb/eslint-config</code>, <code>has-typed-arrays</code>, <code>tape</code> <a href="e328a237ba"><code>e328a23</code></a></li>
<li>[Deps] update <code>get-intrinsic</code>, <code>regexp.prototype.flags</code>, <code>which-typed-array</code> <a href="29123a7185"><code>29123a7</code></a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="6ea6b8d296"><code>6ea6b8d</code></a> v2.2.1</li>
<li><a href="f47822cf0c"><code>f47822c</code></a> [Refactor] use <code>array-buffer-byte-length</code></li>
<li><a href="160d851333"><code>160d851</code></a> [Deps] update <code>is-array-buffer</code>, <code>regexp.prototype.flags</code></li>
<li><a href="63e9ab7450"><code>63e9ab7</code></a> [Dev Deps] update <code>object.getownpropertydescriptors</code></li>
<li><a href="2e08e956a4"><code>2e08e95</code></a> [Deps] update <code>es-get-iterator</code>, <code>get-intrinsic</code></li>
<li><a href="c8db964f60"><code>c8db964</code></a> [Dev Deps] update <code>tape</code></li>
<li><a href="51c9ff6b4c"><code>51c9ff6</code></a> [Tests] add passing tests covering object key ordering</li>
<li><a href="b9d9e54c27"><code>b9d9e54</code></a> v2.2.0</li>
<li><a href="0ef51c79b7"><code>0ef51c7</code></a> [New] add support for <code>SharedArrayBuffer</code></li>
<li><a href="0360ee1f1b"><code>0360ee1</code></a> [Refactor] use <code>is-array-buffer</code> package</li>
<li>Additional commits viewable in <a href="https://github.com/inspect-js/node-deep-equal/compare/v2.0.5...v2.2.1">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/4729
Reviewed By: passy
Differential Revision: D46016549
Pulled By: ivanmisuno
fbshipit-source-id: bbce2af026fba2c5d7622c4593b241155cc6e82e
Summary:
We were using an old unmaintained/abandonned library for communicating with adb server https://github.com/openstf/adbkit
This was giving me issues i couldnt figure out when running flipper server.
There is a popular fork written in typescript here https://github.com/DeviceFarmer/adbkit but it uses blue bird for promises.
There is a fork of the fork here which i have chosen to use which is the same api as above but with es6 promises, https://github.com/UrielCh/adbkit.
Both forks have a slightly different api to the original. In the original library there was a single client and any command directed at a particular device had a serial as the first argument
In the new libraries you create a DeviceClient where the serial is baked in and you don't need to supply this argument every time
allow-large-files
Reviewed By: lblasa
Differential Revision: D45569652
fbshipit-source-id: 2a23c0eaa12feaebdccadb3d343e087c0d5708d5
Summary: various tests failing due to this dep
Reviewed By: antonk52
Differential Revision: D45731274
fbshipit-source-id: cb79199c15a8973f50e5075dab16605d0120b30c
Summary:
Until now, launching flipper-server with TCP would accept any incoming connection as long as it comes from the same origin (localhost) using web socket host origin verification.
This is not entirely secure as origin can be spoofed with tools like curl.
Our team created a security review and a proposal was written:
https://docs.google.com/document/d/16iXypCQibPiner061SoaQUFUY9tLVAEpkKfV_hUXI7c/
Effectively, Flipper can generate a token which is then used by the client to authenticate.
This diff contains the changes required to generate, obtain, and validate authentication tokens from clients connecting to flipper over TCP connections.
The token itself is a JWT token. JWT was chosen because it is a simple industry standard which offers three features which can immediately benefit us:
- Expiration handling. No need for Flipper to store this information anywhere.
- Payload. Payload can be used to push any data we deem relevant i.e. unix username.
- Signing. Signed and verified using the same server key pair which is already in place for certificate exchange.
Additionally, the token is stored in the Flipper static folder. This ensures that the browser and PWA clients have access to it.
Reviewed By: mweststrate
Differential Revision: D45179654
fbshipit-source-id: 6761bcb24f4ba30b67d1511cde8fe875158d78af
Summary:
Original commit changeset: a9b2be74bd3f
Original Phabricator Diff: D43905200
It seems that ti caused NPM publishing to start failing
https://github.com/facebook/flipper/actions/workflows/publish-npm.yml
Reviewed By: passy
Differential Revision: D44367845
fbshipit-source-id: eef31c80561872d40babe03227a3ce0fc32eee72
Summary:
Bumps [react-refresh](https://github.com/facebook/react/tree/HEAD/packages/react) from 0.11.0 to 0.14.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/facebook/react/releases">react-refresh's releases</a>.</em></p>
<blockquote>
<h2>v0.14.0</h2>
<p>See <a href="http://facebook.github.io/react/blog/2015/10/07/react-v0.14.html">http://facebook.github.io/react/blog/2015/10/07/react-v0.14.html</a>.</p>
<h2>v0.13.3</h2>
<h3>React Core</h3>
<h4>New Features</h4>
<ul>
<li>Added <code>clipPath</code> element and attribute for SVG</li>
<li>Improved warnings for deprecated methods in plain JS classes</li>
</ul>
<h4>Bug Fixes</h4>
<ul>
<li>Loosened <code>dangerouslySetInnerHTML</code> restrictions so <code>{__html: undefined}</code> will no longer throw</li>
<li>Fixed extraneous context warning with non-pure <code>getChildContext</code></li>
<li>Ensure <code>replaceState(obj)</code> retains prototype of <code>obj</code></li>
</ul>
<h3>React with Add-ons</h3>
<h3>Bug Fixes</h3>
<ul>
<li>Test Utils: Ensure that shallow rendering works when components define <code>contextTypes</code></li>
</ul>
<h2>v0.13.2</h2>
<h3>React Core</h3>
<h4>New Features</h4>
<ul>
<li>Added <code>strokeDashoffset</code>, <code>flexPositive</code>, <code>flexNegative</code> to the list of unitless CSS properties</li>
<li>Added support for more DOM properties:
<ul>
<li><code>scoped</code> - for <code><style></code> elements</li>
<li><code>high</code>, <code>low</code>, <code>optimum</code> - for <code><meter></code> elements</li>
<li><code>unselectable</code> - IE-specific property to prevent user selection</li>
</ul>
</li>
</ul>
<h4>Bug Fixes</h4>
<ul>
<li>Fixed a case where re-rendering after rendering null didn't properly pass context</li>
<li>Fixed a case where re-rendering after rendering with <code>style={null}</code> didn't properly update <code>style</code></li>
<li>Update <code>uglify</code> dependency to prevent a bug in IE8</li>
<li>Improved warnings</li>
</ul>
<h3>React with Add-Ons</h3>
<h4>Bug Fixes</h4>
<ul>
<li>Immutabilty Helpers: Ensure it supports <code>hasOwnProperty</code> as an object key</li>
</ul>
<h3>React Tools</h3>
<ul>
<li>Improve documentation for new options</li>
</ul>
<h2>v0.13.1</h2>
<h3>React Core</h3>
<h4>Bug Fixes</h4>
<ul>
<li>Don't throw when rendering empty <code><select></code> elements</li>
<li>Ensure updating <code>style</code> works when transitioning from <code>null</code></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/facebook/react/blob/main/CHANGELOG.md">react-refresh's changelog</a>.</em></p>
<blockquote>
<h2>0.14.0 (October 7, 2015)</h2>
<h3>Major changes</h3>
<ul>
<li>Split the main <code>react</code> package into two: <code>react</code> and <code>react-dom</code>. This paves the way to writing components that can be shared between the web version of React and React Native. This means you will need to include both files and some functions have been moved from <code>React</code> to <code>ReactDOM</code>.</li>
<li>Addons have been moved to separate packages (<code>react-addons-clone-with-props</code>, <code>react-addons-create-fragment</code>, <code>react-addons-css-transition-group</code>, <code>react-addons-linked-state-mixin</code>, <code>react-addons-perf</code>, <code>react-addons-pure-render-mixin</code>, <code>react-addons-shallow-compare</code>, <code>react-addons-test-utils</code>, <code>react-addons-transition-group</code>, <code>react-addons-update</code>, <code>ReactDOM.unstable_batchedUpdates</code>).</li>
<li>Stateless functional components - React components were previously created using React.createClass or using ES6 classes. This release adds a <a href="https://reactjs.org/docs/reusable-components.html#stateless-functions">new syntax</a> where a user defines a single <a href="https://reactjs.org/docs/reusable-components.html#stateless-functions">stateless render function</a> (with one parameter: <code>props</code>) which returns a JSX element, and this function may be used as a component.</li>
<li>Refs to DOM components as the DOM node itself. Previously the only useful thing you can do with a DOM component is call <code>getDOMNode()</code> to get the underlying DOM node. Starting with this release, a ref to a DOM component <em>is</em> the actual DOM node. <strong>Note that refs to custom (user-defined) components work exactly as before; only the built-in DOM components are affected by this change.</strong></li>
</ul>
<h3>Breaking changes</h3>
<ul>
<li><code>React.initializeTouchEvents</code> is no longer necessary and has been removed completely. Touch events now work automatically.</li>
<li>Add-Ons: Due to the DOM node refs change mentioned above, <code>TestUtils.findAllInRenderedTree</code> and related helpers are no longer able to take a DOM component, only a custom component.</li>
<li>The <code>props</code> object is now frozen, so mutating props after creating a component element is no longer supported. In most cases, <a href="https://reactjs.org/docs/react-api.html#cloneelement"><code>React.cloneElement</code></a> should be used instead. This change makes your components easier to reason about and enables the compiler optimizations mentioned above.</li>
<li>Plain objects are no longer supported as React children; arrays should be used instead. You can use the <a href="https://reactjs.org/docs/create-fragment.html"><code>createFragment</code></a> helper to migrate, which now returns an array.</li>
<li>Add-Ons: <code>classSet</code> has been removed. Use <a href="https://github.com/JedWatson/classnames">classnames</a> instead.</li>
<li>Web components (custom elements) now use native property names. Eg: <code>class</code> instead of <code>className</code>.</li>
</ul>
<h3>Deprecations</h3>
<ul>
<li><code>this.getDOMNode()</code> is now deprecated and <code>ReactDOM.findDOMNode(this)</code> can be used instead. Note that in the common case, <code>findDOMNode</code> is now unnecessary since a ref to the DOM component is now the actual DOM node.</li>
<li><code>setProps</code> and <code>replaceProps</code> are now deprecated. Instead, call ReactDOM.render again at the top level with the new props.</li>
<li>ES6 component classes must now extend <code>React.Component</code> in order to enable stateless function components. The <a href="https://reactjs.org/blog/2015/01/27/react-v0.13.0-beta-1.html#other-languages">ES3 module pattern</a> will continue to work.</li>
<li>Reusing and mutating a <code>style</code> object between renders has been deprecated. This mirrors our change to freeze the <code>props</code> object.</li>
<li>Add-Ons: <code>cloneWithProps</code> is now deprecated. Use <a href="https://reactjs.org/docs/react-api.html#cloneelement"><code>React.cloneElement</code></a> instead (unlike <code>cloneWithProps</code>, <code>cloneElement</code> does not merge <code>className</code> or <code>style</code> automatically; you can merge them manually if needed).</li>
<li>Add-Ons: To improve reliability, <code>CSSTransitionGroup</code> will no longer listen to transition events. Instead, you should specify transition durations manually using props such as <code>transitionEnterTimeout={500}</code>.</li>
</ul>
<h3>Notable enhancements</h3>
<ul>
<li>Added <code>React.Children.toArray</code> which takes a nested children object and returns a flat array with keys assigned to each child. This helper makes it easier to manipulate collections of children in your <code>render</code> methods, especially if you want to reorder or slice <code>this.props.children</code> before passing it down. In addition, <code>React.Children.map</code> now returns plain arrays too.</li>
<li>React uses <code>console.error</code> instead of <code>console.warn</code> for warnings so that browsers show a full stack trace in the console. (Our warnings appear when you use patterns that will break in future releases and for code that is likely to behave unexpectedly, so we do consider our warnings to be “must-fix” errors.)</li>
<li>Previously, including untrusted objects as React children <a href="http://danlec.com/blog/xss-via-a-spoofed-react-element">could result in an XSS security vulnerability</a>. This problem should be avoided by properly validating input at the application layer and by never passing untrusted objects around your application code. As an additional layer of protection, <a href="https://github-redirect.dependabot.com/facebook/react/pull/4832">React now tags elements</a> with a specific <a href="http://www.2ality.com/2014/12/es6-symbols.html">ES2015 (ES6) <code>Symbol</code></a> in browsers that support it, in order to ensure that React never considers untrusted JSON to be a valid element. If this extra security protection is important to you, you should add a <code>Symbol</code> polyfill for older browsers, such as the one included by <a href="https://babeljs.io/docs/usage/polyfill/">Babel’s polyfill</a>.</li>
<li>When possible, React DOM now generates XHTML-compatible markup.</li>
<li>React DOM now supports these standard HTML attributes: <code>capture</code>, <code>challenge</code>, <code>inputMode</code>, <code>is</code>, <code>keyParams</code>, <code>keyType</code>, <code>minLength</code>, <code>summary</code>, <code>wrap</code>. It also now supports these non-standard attributes: <code>autoSave</code>, <code>results</code>, <code>security</code>.</li>
<li>React DOM now supports these SVG attributes, which render into namespaced attributes: <code>xlinkActuate</code>, <code>xlinkArcrole</code>, <code>xlinkHref</code>, <code>xlinkRole</code>, <code>xlinkShow</code>, <code>xlinkTitle</code>, <code>xlinkType</code>, <code>xmlBase</code>, <code>xmlLang</code>, <code>xmlSpace</code>.</li>
<li>The <code>image</code> SVG tag is now supported by React DOM.</li>
<li>In React DOM, arbitrary attributes are supported on custom elements (those with a hyphen in the tag name or an <code>is="..."</code> attribute).</li>
<li>React DOM now supports these media events on <code>audio</code> and <code>video</code> tags: <code>onAbort</code>, <code>onCanPlay</code>, <code>onCanPlayThrough</code>, <code>onDurationChange</code>, <code>onEmptied</code>, <code>onEncrypted</code>, <code>onEnded</code>, <code>onError</code>, <code>onLoadedData</code>, <code>onLoadedMetadata</code>, <code>onLoadStart</code>, <code>onPause</code>, <code>onPlay</code>, <code>onPlaying</code>, <code>onProgress</code>, <code>onRateChange</code>, <code>onSeeked</code>, <code>onSeeking</code>, <code>onStalled</code>, <code>onSuspend</code>, <code>onTimeUpdate</code>, <code>onVolumeChange</code>, <code>onWaiting</code>.</li>
<li>Many small performance improvements have been made.</li>
<li>Many warnings show more context than before.</li>
<li>Add-Ons: A <a href="https://github-redirect.dependabot.com/facebook/react/pull/3355"><code>shallowCompare</code></a> add-on has been added as a migration path for <code>PureRenderMixin</code> in ES6 classes.</li>
<li>Add-Ons: <code>CSSTransitionGroup</code> can now use <a href="https://github.com/facebook/react/blob/48942b85/docs/docs/10.1-animation.md#custom-classes">custom class names</a> instead of appending <code>-enter-active</code> or similar to the transition name.</li>
</ul>
<h3>New helpful warnings</h3>
<ul>
<li>React DOM now warns you when nesting HTML elements invalidly, which helps you avoid surprising errors during updates.</li>
<li>Passing <code>document.body</code> directly as the container to <code>ReactDOM.render</code> now gives a warning as doing so can cause problems with browser extensions that modify the DOM.</li>
<li>Using multiple instances of React together is not supported, so we now warn when we detect this case to help you avoid running into the resulting problems.</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="3603d45157"><code>3603d45</code></a> v0.14.0</li>
<li><a href="693dd3567b"><code>693dd35</code></a> Update to fbjs@0.3</li>
<li><a href="4a4174b9e8"><code>4a4174b</code></a> 0.14.0-rc1</li>
<li><a href="c04d02e5e8"><code>c04d02e</code></a> Add warnings to React module</li>
<li><a href="52b4c9eabf"><code>52b4c9e</code></a> Upgrade to fbjs, fbjs-scripts @ 0.2</li>
<li><a href="b38509cade"><code>b38509c</code></a> Merge pull request <a href="https://github.com/facebook/react/tree/HEAD/packages/react/issues/4540">https://github.com/facebook/flipper/issues/4540</a> from scottburch/ie8-fix</li>
<li><a href="ecb34de574"><code>ecb34de</code></a> Upgrade ESLint, fix code</li>
<li><a href="3f6bca7b16"><code>3f6bca7</code></a> 0.14.0-beta3</li>
<li><a href="5f01a90954"><code>5f01a90</code></a> Update addons.js</li>
<li><a href="1da2b29897"><code>1da2b29</code></a> added suggested comment to get file to pass es-lint</li>
<li>Additional commits viewable in <a href="https://github.com/facebook/react/commits/v0.14.0/packages/react">compare view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a href="https://www.npmjs.com/~gnoff">gnoff</a>, a new releaser for react-refresh since your current version.</p>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/4540
Reviewed By: ivanmisuno
Differential Revision: D44215184
Pulled By: mweststrate
fbshipit-source-id: e8f33dfbfbe887d49c27f2dabbbc1548de3d10e9
Summary:
Bumps [oclif/command](https://github.com/oclif/command) from 1.8.16 to 1.8.22.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/oclif/command/releases"><code>@oclif/command</code>'s releases</a>.</em></p>
<blockquote>
<h2>1.8.22</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@oclif/parser</code> from 3.8.9 to 3.8.10 (<a href="62a4a05991">62a4a05</a>)</li>
</ul>
<h2>1.8.21</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump json5 from 2.2.0 to 2.2.3 (<a href="29dda733e3">29dda73</a>)</li>
</ul>
<h2>1.8.20</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@oclif/parser</code> from 3.8.8 to 3.8.9 (<a href="535285337a">5352853</a>)</li>
</ul>
<h2>1.8.19</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump semver and <code>@types/semver</code> (<a href="6904df82f9">6904df8</a>)</li>
</ul>
<h2>1.8.18</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@oclif/parser</code> from 3.8.6 to 3.8.8 (<a href="db059a8623">db059a8</a>)</li>
</ul>
<h2>1.8.17</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@oclif/errors</code> from 1.3.5 to 1.3.6 (<a href="24becbad50">24becba</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/oclif/command/blob/main/CHANGELOG.md"><code>@oclif/command</code>'s changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this file. See <a href="https://github.com/conventional-changelog/standard-version">standard-version</a> for commit guidelines.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="60fa4d3146"><code>60fa4d3</code></a> chore(release): 1.8.22 [skip ci]</li>
<li><a href="cf08098f12"><code>cf08098</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/oclif/command/issues/357">https://github.com/facebook/flipper/issues/357</a> from oclif/dependabot-npm_and_yarn-oclif-parser-3.8.10</li>
<li><a href="62a4a05991"><code>62a4a05</code></a> fix(deps): bump <code>@oclif/parser</code> from 3.8.9 to 3.8.10</li>
<li><a href="6b9bafea87"><code>6b9bafe</code></a> chore(release): 1.8.21 [skip ci]</li>
<li><a href="8a9f2697e4"><code>8a9f269</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/oclif/command/issues/356">https://github.com/facebook/flipper/issues/356</a> from oclif/dependabot-npm_and_yarn-json5-2.2.3</li>
<li><a href="29dda733e3"><code>29dda73</code></a> fix(deps): bump json5 from 2.2.0 to 2.2.3</li>
<li><a href="e42009f05c"><code>e42009f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/oclif/command/issues/353">https://github.com/facebook/flipper/issues/353</a> from oclif/dependabot-npm_and_yarn-types-node-14.18.36</li>
<li><a href="1bdeb44b8e"><code>1bdeb44</code></a> chore(dev-deps): bump <code>@types/node</code> from 14.18.35 to 14.18.36</li>
<li><a href="e6f3cf30f5"><code>e6f3cf3</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/oclif/command/issues/352">https://github.com/facebook/flipper/issues/352</a> from oclif/dependabot-npm_and_yarn-types-node-14.18.35</li>
<li><a href="6a25009c2e"><code>6a25009</code></a> chore(dev-deps): bump <code>@types/node</code> from 14.18.34 to 14.18.35</li>
<li>Additional commits viewable in <a href="https://github.com/oclif/command/compare/v1.8.16...1.8.22">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/4543
Reviewed By: aigoncharov
Differential Revision: D43905200
Pulled By: passy
fbshipit-source-id: a9b2be74bd3ff52037c53cb9f16abfe544ed1fe7
Summary:
Bumps [react-virtualized-auto-sizer](https://github.com/bvaughn/react-virtualized-auto-sizer) from 1.0.6 to 1.0.7.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/bvaughn/react-virtualized-auto-sizer/commits">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/4520
Reviewed By: mweststrate
Differential Revision: D43305179
Pulled By: ivanmisuno
fbshipit-source-id: fb1a6a02141f1355acf3bae8e78702daec9b4d7b
Summary:
Bumps [js-base64](https://github.com/dankogai/js-base64) from 3.7.4 to 3.7.5.
<details>
<summary>Commits</summary>
<ul>
<li><a href="7e790b799e"><code>7e790b7</code></a> version 3.7.5</li>
<li><a href="f729053682"><code>f729053</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/dankogai/js-base64/issues/167">https://github.com/facebook/flipper/issues/167</a> from ctomacheski/main</li>
<li><a href="a9a994f367"><code>a9a994f</code></a> improve performance by stop using the mapFn param on Uint8Array.from constructor</li>
<li>See full diff in <a href="https://github.com/dankogai/js-base64/compare/3.7.4...3.7.5">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/4519
Reviewed By: mweststrate
Differential Revision: D43305193
Pulled By: ivanmisuno
fbshipit-source-id: e10eb134c079951e325c1f4d627eb1e60510c12d
Summary:
Bumps [babel/generator](https://github.com/babel/babel/tree/HEAD/packages/babel-generator) from 7.20.7 to 7.20.14.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/babel/babel/releases"><code>@babel/generator</code>'s releases</a>.</em></p>
<blockquote>
<h2>v7.20.14 (2023-01-27)</h2>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-plugin-transform-block-scoping</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15361">#15361</a> fix: Identifiers in the loop are not renamed (<a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a>)</li>
</ul>
</li>
<li><code>babel-cli</code>, <code>babel-core</code>, <code>babel-generator</code>, <code>babel-helper-transform-fixture-test-runner</code>, <code>babel-plugin-transform-destructuring</code>, <code>babel-plugin-transform-modules-commonjs</code>, <code>babel-plugin-transform-react-jsx</code>, <code>babel-traverse</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15365">#15365</a> fix: Properly generate source maps for manually added multi-line content (<a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a>)</li>
</ul>
</li>
</ul>
<h4>Committers: 2</h4>
<ul>
<li>Babel Bot (<a href="https://github.com/babel-bot"><code>@babel-bot</code></a>)</li>
<li><a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a></li>
</ul>
<h2>v7.20.13 (2023-01-21)</h2>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-helpers</code>, <code>babel-plugin-proposal-decorators</code>, <code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>, <code>babel-runtime</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15332">#15332</a> Ensure class decorators can access decorated non-static members (<a href="https://github.com/JLHwung"><code>@JLHwung</code></a>)</li>
</ul>
</li>
<li><code>babel-plugin-transform-typescript</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15349">#15349</a> fix: Preserve <code>import {type T} from 'x'</code> when <code>onlyRemoveTypeImports:true</code> (<a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a>)</li>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15344">#15344</a> fix: Properties that are <code>abstract</code> should not be initialized. (<a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a>)</li>
</ul>
</li>
<li><code>babel-parser</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15338">#15338</a> Allow negative number in ambient const initializer (<a href="https://github.com/JLHwung"><code>@JLHwung</code></a>)</li>
</ul>
</li>
</ul>
<h4>↩️ Revert</h4>
<ul>
<li><code>babel-plugin-transform-react-inline-elements</code>, <code>babel-plugin-transform-react-jsx-development</code>, <code>babel-plugin-transform-react-jsx</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15355">#15355</a> Reverts "Re-use common JSX element transform for <!-- raw HTML omitted -->" (<a href="https://github.com/JLHwung"><code>@JLHwung</code></a>)</li>
</ul>
</li>
</ul>
<h4>Committers: 4</h4>
<ul>
<li>Babel Bot (<a href="https://github.com/babel-bot"><code>@babel-bot</code></a>)</li>
<li>Huáng Jùnliàng (<a href="https://github.com/JLHwung"><code>@JLHwung</code></a>)</li>
<li>Nicolò Ribaudo (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li>
<li><a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a></li>
</ul>
<h2>v7.20.12 (2023-01-04)</h2>
<p>Thanks <a href="https://github.com/cross19xx"><code>@cross19xx</code></a>, <a href="https://github.com/JBYoshi"><code>@JBYoshi</code></a> and <a href="https://github.com/nmn"><code>@nmn</code></a> for your first PRs!</p>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-traverse</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15224">#15224</a> Fix <code>TaggedTemplateLiteral</code> evaluation (<a href="https://github.com/nmn"><code>@nmn</code></a>)</li>
</ul>
</li>
<li><code>babel-helper-create-class-features-plugin</code>, <code>babel-plugin-proposal-class-properties</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15312">#15312</a> fix: <code>delete this</code> in static class properties initialization (<a href="https://github.com/SuperSodaSea"><code>@SuperSodaSea</code></a>)</li>
</ul>
</li>
</ul>
<h4>💅 Polish</h4>
<ul>
<li><code>babel-traverse</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15313">#15313</a> Implement support for evaluating computed properties. (<a href="https://github.com/JBYoshi"><code>@JBYoshi</code></a>)</li>
</ul>
</li>
</ul>
<h4>Committers: 5</h4>
<ul>
<li>Jonathan Browne (<a href="https://github.com/JBYoshi"><code>@JBYoshi</code></a>)</li>
<li>Kenneth Kwakye-Gyamfi (<a href="https://github.com/cross19xx"><code>@cross19xx</code></a>)</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/babel/babel/blob/main/CHANGELOG.md"><code>@babel/generator</code>'s changelog</a>.</em></p>
<blockquote>
<h2>v7.20.14 (2023-01-27)</h2>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-plugin-transform-block-scoping</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15361">#15361</a> fix: Identifiers in the loop are not renamed (<a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a>)</li>
</ul>
</li>
<li><code>babel-cli</code>, <code>babel-core</code>, <code>babel-generator</code>, <code>babel-helper-transform-fixture-test-runner</code>, <code>babel-plugin-transform-destructuring</code>, <code>babel-plugin-transform-modules-commonjs</code>, <code>babel-plugin-transform-react-jsx</code>, <code>babel-traverse</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15365">#15365</a> fix: Properly generate source maps for manually added multi-line content (<a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a>)</li>
</ul>
</li>
</ul>
<h2>v7.20.13 (2023-01-21)</h2>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-helpers</code>, <code>babel-plugin-proposal-decorators</code>, <code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>, <code>babel-runtime</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15332">#15332</a> Ensure class decorators can access decorated non-static members (<a href="https://github.com/JLHwung"><code>@JLHwung</code></a>)</li>
</ul>
</li>
<li><code>babel-plugin-transform-typescript</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15349">#15349</a> fix: Preserve <code>import {type T} from 'x'</code> when <code>onlyRemoveTypeImports:true</code> (<a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a>)</li>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15344">#15344</a> fix: Properties that are <code>abstract</code> should not be initialized. (<a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a>)</li>
</ul>
</li>
<li><code>babel-parser</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15338">#15338</a> Allow negative number in ambient const initializer (<a href="https://github.com/JLHwung"><code>@JLHwung</code></a>)</li>
</ul>
</li>
</ul>
<h4>↩️ Revert</h4>
<ul>
<li><code>babel-plugin-transform-react-inline-elements</code>, <code>babel-plugin-transform-react-jsx-development</code>, <code>babel-plugin-transform-react-jsx</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15355">#15355</a> Reverts "Re-use common JSX element transform for <!-- raw HTML omitted -->" (<a href="https://github.com/JLHwung"><code>@JLHwung</code></a>)</li>
</ul>
</li>
</ul>
<h2>v7.20.12 (2023-01-04)</h2>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-traverse</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15224">#15224</a> Fix <code>TaggedTemplateLiteral</code> evaluation (<a href="https://github.com/nmn"><code>@nmn</code></a>)</li>
</ul>
</li>
<li><code>babel-helper-create-class-features-plugin</code>, <code>babel-plugin-proposal-class-properties</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15312">#15312</a> fix: <code>delete this</code> in static class properties initialization (<a href="https://github.com/SuperSodaSea"><code>@SuperSodaSea</code></a>)</li>
</ul>
</li>
</ul>
<h4>💅 Polish</h4>
<ul>
<li><code>babel-traverse</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15313">#15313</a> Implement support for evaluating computed properties. (<a href="https://github.com/JBYoshi"><code>@JBYoshi</code></a>)</li>
</ul>
</li>
</ul>
<h2>v7.20.11 (2022-12-23)</h2>
<h4>👓 Spec Compliance</h4>
<ul>
<li><code>babel-helper-module-transforms</code>, <code>babel-plugin-proposal-dynamic-import</code>, <code>babel-plugin-transform-modules-amd</code>, <code>babel-plugin-transform-modules-commonjs</code>, <code>babel-plugin-transform-modules-systemjs</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15290">#15290</a> Return rejected promise when stringify import specifier throws (<a href="https://github.com/SuperSodaSea"><code>@SuperSodaSea</code></a>)</li>
</ul>
</li>
</ul>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-plugin-transform-block-scoping</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15309">#15309</a> Fix for binding shadowing outer var with loop closure (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li>
</ul>
</li>
</ul>
<h2>v7.20.10 (2022-12-23)</h2>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-traverse</code>
<ul>
<li><a href="https://github-redirect.dependabot.com/babel/babel/pull/15305">#15305</a> fix: <code>guessExecutionStatusRelativeTo</code> exception (<a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a>)</li>
</ul>
</li>
</ul>
<h2>v7.20.9 (2022-12-23)</h2>
<h4>🐛 Bug Fix</h4>
<ul>
<li><code>babel-plugin-transform-block-scoping</code></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="4ed66dd0b7"><code>4ed66dd</code></a> v7.20.14</li>
<li><a href="6de6d58165"><code>6de6d58</code></a> fix: source maps for manually added multi-line content (<a href="https://github.com/babel/babel/tree/HEAD/packages/babel-generator/issues/15365">#15365</a>)</li>
<li>See full diff in <a href="https://github.com/babel/babel/commits/v7.20.14/packages/babel-generator">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/4502
Reviewed By: ivanmisuno
Differential Revision: D43117842
Pulled By: mweststrate
fbshipit-source-id: 0ba55a1341c8d146bb4984d11ef2158dad4032c8
Summary:
Bumps [metro-minify-terser](https://github.com/facebook/metro) from 0.70.2 to 0.75.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/facebook/metro/releases">metro-minify-terser's releases</a>.</em></p>
<blockquote>
<h2>Release v0.75.0</h2>
<ul>
<li><strong>[Breaking]</strong>: Formalise minimum Node JS requirement at 14.17.0 via <code>package.json#engines</code>. (<a href="c3e453ede5</a>)</li>
<li><strong>[Breaking]</strong>: Filter untyped context properties passed to custom resolvers. (<a href="cb01ec09c6</a>)</li>
<li><strong>[Breaking]</strong>: Change default <code>context.redirectModulePath</code> implementation to return absolute path in all cases. (<a href="acbfe63d83</a>)</li>
<li><strong>[Feature]</strong>: Add <code>mainFields</code>, <code>getPackage</code>, and <code>getPackageForModule</code> to custom resolver context. (<a href="adfb59329f</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/facebook/metro/compare/v0.74.1...v0.75.0">https://github.com/facebook/metro/compare/v0.74.1...v0.75.0</a></p>
<h2>Release v0.74.1</h2>
<ul>
<li><strong>[Feature]</strong>: Add <code>babel/plugin-proposal-numeric-separator</code> to <code>metro-react-native-babel-preset</code> (<a href="https://github-redirect.dependabot.com/facebook/metro/pull/681">facebook/metro#681</a> by <a href="https://github.com/SConaway"><code>@SConaway</code></a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/facebook/metro/compare/v0.74.0...v0.74.1">https://github.com/facebook/metro/compare/v0.74.0...v0.74.1</a></p>
<h2>Release v0.74.0</h2>
<ul>
<li><strong>[Breaking]</strong> Remove <code>@babel/plugin-transform-template-literals</code> from metro-react-native-babel-preset (<a href="322dea8dc7</a>)</li>
<li><strong>[Breaking]</strong> Remove <code>postProcessBundleSourcemap</code> from config (<a href="339794e434</a>)</li>
<li><strong>[Fix]</strong> Don't log ENOENT errors to console for expected URL stack frames (<a href="1031ae6713</a>)</li>
<li><strong>[Fix]</strong> Don't attempt to use the <code>find</code> crawler on Windows (<a href="735aa9f523</a>)</li>
<li><strong>[Performance]</strong> Improve AST processing during transformation (<a href="https://github-redirect.dependabot.com/facebook/metro/pull/854">facebook/metro#854</a> by <a href="https://github.com/EvanBacon"><code>@EvanBacon</code></a>)</li>
<li><strong>[Performance]</strong> Improve Fast Refresh responsiveness when watching a large number of files (<a href="b942eca551</a>)</li>
</ul>
<p><strong>Full Changelog:</strong> <a href="https://github.com/facebook/metro/compare/v0.73.6...v0.74.0">https://github.com/facebook/metro/compare/v0.73.6...v0.74.0</a></p>
<h2>Release v0.73.7</h2>
<p><em>This is a hotfix on the <code>0.73.x</code> branch.</em></p>
<ul>
<li><strong>[Fix]</strong> Don't attempt to use the <code>find</code> crawler on Windows (<a href="370301981b</a>)</li>
</ul>
<h2>Release v0.73.6</h2>
<ul>
<li><strong>[Fix]</strong> Fix duplicate 'add' events, reduce dropped events on new subtrees in <code>NodeWatcher</code> (non-Watchman, non-macOS).(<a href="51fb7e349c</a>)</li>
</ul>
<blockquote>
<p>NOTE: Experimental features are not covered by semver and can change at any time.</p>
</blockquote>
<ul>
<li><strong>[Experimental]</strong> <code>experimentalImportBundleSupport</code>: Move bundle path hints into serialised dependency map(<a href="https://github-redirect.dependabot.com/facebook/metro/pull/901">facebook/metro#901</a>)</li>
</ul>
<p><strong>Full Changelog:</strong> <a href="https://github.com/facebook/metro/compare/v0.73.5...v0.73.6">https://github.com/facebook/metro/compare/v0.73.5...v0.73.6</a></p>
<h2>Release v0.73.5</h2>
<ul>
<li><strong>[Fix]</strong>: Make all <code>getTransformOptions</code> result properties optional. (<a href="a07c8235a3</a>)</li>
<li><strong>[Fix]</strong>: Bug that can lead to "unknown module" errors at runtime after an incremental build. (<a href="b1be263f7d</a>)</li>
<li><strong>[Fix]</strong>: <code>metro-runtime</code>: Re-throw cached module errors without wrapping. (<a href="032c4a1e03</a>)</li>
<li><strong>[Fix]</strong> Bump <code>babel/types</code> dependency to <code>^7.20.0</code> for more consistent exposed AST Bump <code>babel/types</code> dependency to <code>^7.20.0</code> for more consistent exposed AST</li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/facebook/metro/compare/v0.73.4...v0.73.5">https://github.com/facebook/metro/compare/v0.73.4...v0.73.5</a></p>
<h2>Release v0.73.4</h2>
<ul>
<li><strong>[Feature]:</strong> Expose <code>watch</code> option in <code>RunServerOptions</code> (<a href="https://github-redirect.dependabot.com/facebook/metro/pull/889">facebook/metro#889</a> by <a href="https://github.com/EvanBacon"><code>@EvanBacon</code></a>)</li>
<li><strong>[Feature]:</strong> <code>metro-runtime</code>: Emit additional context on WebSocket <code>'close'</code> events (<a href="d54986c49c</a>)</li>
</ul>
<blockquote>
<p>NOTE: Experimental features are not covered by semver and can change at any time.</p>
</blockquote>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="a110931489"><code>a110931</code></a> Release 0.75.0</li>
<li><a href="28b38bb0af"><code>28b38bb</code></a> Remove duplicated engines entry from metro-symbolicate package.json</li>
<li><a href="acbfe63d83"><code>acbfe63</code></a> Refactor subpath matching logic in browser spec resolution</li>
<li><a href="c3e453ede5"><code>c3e453e</code></a> Add "engines" field to all packages to indicate minimum Node JS version</li>
<li><a href="e890c997d0"><code>e890c99</code></a> Back out "Process files before adding them to <code>FileSystem</code>"</li>
<li><a href="1a81060c6c"><code>1a81060</code></a> Process files before adding them to <code>FileSystem</code></li>
<li><a href="aa442cacdb"><code>aa442ca</code></a> Move default redirectModulePath implementation into metro-resolver</li>
<li><a href="adfb59329f"><code>adfb593</code></a> Add getPackageForModule function to resolution context</li>
<li><a href="11a468140c"><code>11a4681</code></a> Document unstable_perfLoggerFactory (<a href="https://github-redirect.dependabot.com/facebook/metro/issues/920">https://github.com/facebook/flipper/issues/920</a>)</li>
<li><a href="7acb686f28"><code>7acb686</code></a> allow passing config for unstable_perfLoggerFactory without warning</li>
<li>Additional commits viewable in <a href="https://github.com/facebook/metro/compare/v0.70.2...v0.75.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/4493
Reviewed By: ivanmisuno
Differential Revision: D43117867
Pulled By: mweststrate
fbshipit-source-id: b842b25da921f1ca0cee563365c58f6f1c881791
Summary: Combining a bunch of individual tasks for dep upgrades into one diff.
Reviewed By: ivanmisuno
Differential Revision: D42706074
fbshipit-source-id: 054b2545ad1295699f47f4c6eb5065b7b9a1d6a0
Summary:
Bumps [oclif/plugin-warn-if-update-available](https://github.com/oclif/plugin-warn-if-update-available) from 2.0.4 to 2.0.14.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/oclif/plugin-warn-if-update-available/releases"><code>@oclif/plugin-warn-if-update-available</code>'s releases</a>.</em></p>
<blockquote>
<h2>2.0.14</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@oclif/core</code> from 1.20.3 to 1.20.4 (<a href="10fff9af86">10fff9a</a>)</li>
</ul>
<h2>2.0.13</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@oclif/core</code> from 1.20.0 to 1.20.3 (<a href="56c514e199">56c514e</a>)</li>
</ul>
<h2>2.0.12</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump async from 2.6.3 to 2.6.4 (<a href="3536f48d5a">3536f48</a>)</li>
</ul>
<h2>2.0.11</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@oclif/core</code> from 1.19.1 to 1.20.0 (<a href="f1a417375e">f1a4173</a>)</li>
</ul>
<h2>2.0.10</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@oclif/core</code> from 1.18.0 to 1.19.1 (<a href="388b4101fc">388b410</a>)</li>
</ul>
<h2>2.0.9</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@oclif/core</code> from 1.16.5 to 1.18.0 (<a href="0e252b24ef">0e252b2</a>)</li>
</ul>
<h2>2.0.8</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump semver from 7.3.7 to 7.3.8 (<a href="02ec3564e0">02ec356</a>)</li>
</ul>
<h2>2.0.7</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@oclif/core</code> from 1.16.4 to 1.16.5 (<a href="1a81356ae1">1a81356</a>)</li>
</ul>
<h2>2.0.6</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump moment from 2.29.2 to 2.29.4 (<a href="51c59d5722">51c59d5</a>)</li>
</ul>
<h2>2.0.5</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@oclif/core</code> from 1.1.1 to 1.16.4 (<a href="b8808ca1b7">b8808ca</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/oclif/plugin-warn-if-update-available/blob/main/CHANGELOG.md"><code>@oclif/plugin-warn-if-update-available</code>'s changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this file. See <a href="https://github.com/conventional-changelog/standard-version">standard-version</a> for commit guidelines.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="b821c57bab"><code>b821c57</code></a> chore(release): 2.0.14 [skip ci]</li>
<li><a href="f12100c86d"><code>f12100c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/oclif/plugin-warn-if-update-available/issues/327">https://github.com/facebook/flipper/issues/327</a> from oclif/dependabot-npm_and_yarn-oclif-core-1.20.4</li>
<li><a href="10fff9af86"><code>10fff9a</code></a> fix(deps): bump <code>@oclif/core</code> from 1.20.3 to 1.20.4</li>
<li><a href="6e8a6f9b1e"><code>6e8a6f9</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/oclif/plugin-warn-if-update-available/issues/328">https://github.com/facebook/flipper/issues/328</a> from oclif/dependabot-npm_and_yarn-chai-and-types-cha...</li>
<li><a href="bded580245"><code>bded580</code></a> chore(dev-deps): bump chai and <code>@types/chai</code></li>
<li><a href="81e38a0747"><code>81e38a0</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/oclif/plugin-warn-if-update-available/issues/324">https://github.com/facebook/flipper/issues/324</a> from oclif/dependabot-npm_and_yarn-types-lodash-4.14.188</li>
<li><a href="502b073c7c"><code>502b073</code></a> chore(dev-deps): bump <code>@types/lodash</code> from 4.14.186 to 4.14.188</li>
<li><a href="951d36474d"><code>951d364</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/oclif/plugin-warn-if-update-available/issues/325">https://github.com/facebook/flipper/issues/325</a> from oclif/dependabot-npm_and_yarn-tslib-2.4.1</li>
<li><a href="b98ff2e8fe"><code>b98ff2e</code></a> chore(dev-deps): bump tslib from 2.4.0 to 2.4.1</li>
<li><a href="6469b28776"><code>6469b28</code></a> chore(release): 2.0.13 [skip ci]</li>
<li>Additional commits viewable in <a href="https://github.com/oclif/plugin-warn-if-update-available/compare/v2.0.4...2.0.14">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/4341
Reviewed By: antonk52
Differential Revision: D41578608
Pulled By: mweststrate
fbshipit-source-id: 71066c6c1b62bcd23f4943ea7d028d939c29cd61
Summary:
Bumps [oclif/config](https://github.com/oclif/config) from 1.18.3 to 1.18.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/oclif/config/releases"><code>@oclif/config</code>'s releases</a>.</em></p>
<blockquote>
<h2>1.18.6</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@oclif/parser</code> from 3.8.8 to 3.8.9 (<a href="6c30537f9a">6c30537</a>)</li>
</ul>
<h2>1.18.5</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@oclif/parser</code> from 3.8.7 to 3.8.8 (<a href="b03591e782">b03591e</a>)</li>
</ul>
<h2>1.18.4</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@oclif/errors</code> from 1.3.5 to 1.3.6 (<a href="8fbab1517f">8fbab15</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/oclif/config/blob/main/CHANGELOG.md"><code>@oclif/config</code>'s changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this file. See <a href="https://github.com/conventional-changelog/standard-version">standard-version</a> for commit guidelines.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="7b9bd9359c"><code>7b9bd93</code></a> chore(release): 1.18.6 [skip ci]</li>
<li><a href="e328852f15"><code>e328852</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/oclif/config/issues/342">https://github.com/facebook/flipper/issues/342</a> from oclif/dependabot-npm_and_yarn-oclif-parser-3.8.9</li>
<li><a href="6c30537f9a"><code>6c30537</code></a> fix(deps): bump <code>@oclif/parser</code> from 3.8.8 to 3.8.9</li>
<li><a href="4d8137011a"><code>4d81370</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/oclif/config/issues/339">https://github.com/facebook/flipper/issues/339</a> from oclif/dependabot-npm_and_yarn-types-node-14.18.33</li>
<li><a href="335064dd4c"><code>335064d</code></a> chore(dev-deps): bump <code>@types/node</code> from 14.18.32 to 14.18.33</li>
<li><a href="dc8129050b"><code>dc81290</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/oclif/config/issues/338">https://github.com/facebook/flipper/issues/338</a> from oclif/repo-sync/leif/default</li>
<li><a href="8a103317d0"><code>8a10331</code></a> chore([no ci]): Synced local '.github/workflows/manualRelease.yml' with remot...</li>
<li><a href="5dade910ad"><code>5dade91</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/oclif/config/issues/337">https://github.com/facebook/flipper/issues/337</a> from oclif/dependabot-npm_and_yarn-types-node-14.18.32</li>
<li><a href="be81537a3f"><code>be81537</code></a> chore(dev-deps): bump <code>@types/node</code> from 14.18.31 to 14.18.32</li>
<li><a href="cf927d9910"><code>cf927d9</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/oclif/config/issues/336">https://github.com/facebook/flipper/issues/336</a> from oclif/repo-sync/leif/default</li>
<li>Additional commits viewable in <a href="https://github.com/oclif/config/compare/v1.18.3...1.18.6">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/4301
Reviewed By: antonk52
Differential Revision: D41578628
Pulled By: mweststrate
fbshipit-source-id: 100b203984df2589dc088a2e2acea67aef934b8b
Summary:
Bumps [emotion/styled](https://github.com/emotion-js/emotion) from 11.8.1 to 11.10.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/emotion-js/emotion/releases"><code>@emotion/styled</code>'s releases</a>.</em></p>
<blockquote>
<h2><code>@emotion/styled</code><a href="https://github.com/11"><code>@11</code></a>.10.4</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a href="https://github-redirect.dependabot.com/emotion-js/emotion/pull/2867">https://github.com/facebook/flipper/issues/2867</a> <a href="89b6dbb3c1"><code>89b6dbb3</code></a> Thanks <a href="https://github.com/Andarist"><code>@Andarist</code></a>! - Externalized code referencing <code>React.useInsertionEffect</code> to a separate <code>emotion/use-insertion-effect-with-fallbacks</code> package. This package should be used in your defined externals if you bundle Emotion for whatever reason. It references <code>useInsertionEffect</code> in a very specific way that allows us to use it conditionally. However, if the code consuming Emotion is bundled as a library with Emotion in it then some bundlers might change the way in which we reference <code>useInsertionEffect</code> and that might create problems for bundlers used to consume the said library code. By externalizing this new package you can still bundle Emotion if you want to without running into this problem as you won't "destroy" the carefully crafted reference to <code>useInsertionEffect</code> in the process.</p>
<p>Note that we don't recommend bundling Emotion. You should have very specific reasons to do so.</p>
</li>
<li>
<p>Updated dependencies [<a href="89b6dbb3c1"><code>89b6dbb3</code></a>]:</p>
<ul>
<li><code>@emotion/use-insertion-effect-with-fallbacks</code><a href="https://github.com/1"><code>@1</code></a>.0.0</li>
</ul>
</li>
</ul>
<h2><code>@emotion/styled</code><a href="https://github.com/11"><code>@11</code></a>.10.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a href="https://github-redirect.dependabot.com/emotion-js/emotion/pull/2819">#2819</a> <a href="bbad8c7993"><code>bbad8c79</code></a> Thanks <a href="https://github.com/nicksrandall"><code>@nicksrandall</code></a>! - <code>exports</code> field has been added to the <code>package.json</code> manifest. It limits what files can be imported from a package but we've tried our best to allow importing all the files that were considered to be a part of the public API.</p>
</li>
<li>
<p><a href="https://github-redirect.dependabot.com/emotion-js/emotion/pull/2819">#2819</a> <a href="bbad8c7993"><code>bbad8c79</code></a> Thanks <a href="https://github.com/nicksrandall"><code>@nicksrandall</code></a>! - Thanks to the added <code>exports</code> field, the package now includes a <code>worker</code> condition that can be utilized by properly configured bundlers when targeting worker-like environments. It fixes the issue with browser-specific files being prioritized by some bundlers when targeting workers.</p>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [<a href="bbad8c7993"><code>bbad8c79</code></a>, <a href="bbad8c7993"><code>bbad8c79</code></a>]:
<ul>
<li><code>@emotion/babel-plugin</code><a href="https://github.com/11"><code>@11</code></a>.10.0</li>
<li><code>@emotion/is-prop-valid</code><a href="https://github.com/1"><code>@1</code></a>.2.0</li>
<li><code>@emotion/serialize</code><a href="https://github.com/1"><code>@1</code></a>.1.0</li>
<li><code>@emotion/utils</code><a href="https://github.com/1"><code>@1</code></a>.2.0</li>
</ul>
</li>
</ul>
<h2><code>@emotion/styled</code><a href="https://github.com/11"><code>@11</code></a>.9.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a href="https://github-redirect.dependabot.com/emotion-js/emotion/pull/2759">https://github.com/facebook/flipper/issues/2759</a> Thanks <a href="https://github.com/srmagura"><code>@srmagura</code></a>, <a href="https://github.com/Andarist"><code>@Andarist</code></a>! - Change the argument of the <code>shouldForwardProp</code> option of <code>styled</code> from <code>PropertyKey</code> to <code>string</code> in the TypeScript definitions.</p>
</li>
<li>
<p><a href="https://github-redirect.dependabot.com/emotion-js/emotion/pull/2333">https://github.com/facebook/flipper/issues/2333</a> <a href="3055efddf8"><code>3055efdd</code></a> Thanks <a href="https://github.com/Andarist"><code>@Andarist</code></a>! - <code>shouldForwardProp</code> has been changed from being a bivariant method to a contravariant function - it improves the type-safety for those that type this option.</p>
</li>
<li>
<p><a href="https://github-redirect.dependabot.com/emotion-js/emotion/pull/2333">https://github.com/facebook/flipper/issues/2333</a> <a href="3055efddf8"><code>3055efdd</code></a> Thanks <a href="https://github.com/antongolub"><code>@antongolub</code></a>! - <code>FilteringStyledOptions</code> and <code>StyledOptions</code> types no longer require a type argument for the <code>Props</code> generic.</p>
</li>
<li>
<p>Updated dependencies [<a href="26e4e3e8b6"><code>26e4e3e8</code></a>, <a href="5e81f21398"><code>5e81f213</code></a>, <a href="3055efddf8"><code>3055efdd</code></a>]:</p>
<ul>
<li><code>@emotion/serialize</code><a href="https://github.com/1"><code>@1</code></a>.0.4</li>
<li><code>@emotion/is-prop-valid</code><a href="https://github.com/1"><code>@1</code></a>.1.3</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="6835850e39"><code>6835850</code></a> Version Packages (<a href="https://github-redirect.dependabot.com/emotion-js/emotion/issues/2872">https://github.com/facebook/flipper/issues/2872</a>)</li>
<li><a href="89b6dbb3c1"><code>89b6dbb</code></a> Move conditional <code>useInsertionEffect</code> declarations into separate package (<a href="https://github-redirect.dependabot.com/emotion-js/emotion/issues/2867">https://github.com/facebook/flipper/issues/2867</a>)</li>
<li><a href="28522cd3ca"><code>28522cd</code></a> Upgrade Yarn (<a href="https://github-redirect.dependabot.com/emotion-js/emotion/issues/2870">https://github.com/facebook/flipper/issues/2870</a>)</li>
<li><a href="f2608b3a54"><code>f2608b3</code></a> Version Packages (<a href="https://github-redirect.dependabot.com/emotion-js/emotion/issues/2865">https://github.com/facebook/flipper/issues/2865</a>)</li>
<li><a href="b9b8b7493d"><code>b9b8b74</code></a> Fixed a regression that could cause a crash when looking for an ignoring comm...</li>
<li><a href="c60d646ff5"><code>c60d646</code></a> Version Packages (<a href="https://github-redirect.dependabot.com/emotion-js/emotion/issues/2860">https://github.com/facebook/flipper/issues/2860</a>)</li>
<li><a href="df434eaf9d"><code>df434ea</code></a> Pass <code>--no-immutable</code> to Yarn when regenerating lockfile after versioning pac...</li>
<li><a href="2de94aee23"><code>2de94ae</code></a> Regenerate lockfile after versioning packages</li>
<li><a href="005e211d53"><code>005e211</code></a> Fixed an issue in the styles minifier that caused interpolations to be someti...</li>
<li><a href="0ffd6068fe"><code>0ffd606</code></a> Fixed the ignore flag not disabling the warning when there are multiple block...</li>
<li>Additional commits viewable in <a href="https://github.com/emotion-js/emotion/compare/emotion/styled@11.8.1...@emotion/styled@11.10.4">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Pull Request resolved: https://github.com/facebook/flipper/pull/4118
Reviewed By: aigoncharov
Differential Revision: D40335000
Pulled By: mweststrate
fbshipit-source-id: 7427a4ebb0d6b4e643288ae10e4db34a3781bb88
Pascal Hartig
Lorenzo Blasa
Anton Kastritskiy
Andrey Goncharov
dependabot[bot]
Luke De Feo