Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency less-openui5 to v0.10.0 (main) #29

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update dependency less-openui5 to v0.10.0 (main) #29

wants to merge 1 commit into from

Conversation

mend-for-github-com[bot]
Copy link
Contributor

@mend-for-github-com mend-for-github-com bot commented Dec 6, 2022
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
less-openui5 0.1.3 -> 0.10.0 age adoption passing confidence

By merging this PR, the issue #47 will be automatically resolved and closed:

Severity CVSS Score CVE
High High 7.5 WS-2021-0009
Medium Medium 6.5 CVE-2023-26136
Medium Medium 6.3 CVE-2021-21316
Medium Medium 5.3 WS-2019-0017

Release Notes

SAP/less-openui5 (less-openui5)

v0.10.0

Compare Source

Breaking Changes
  • Security: Disable JavaScript execution in Less.js c0d3a85
BREAKING CHANGE

Parser option javascriptEnabled has been removed. JavaScript is always
disabled and cannot be enabled.

v0.9.0

Compare Source

Breaking Changes
  • Remove support for import over http(s) e4a1c86
  • Require Node.js >= 10 47f244e
BREAKING CHANGE

Import over http(s) is not supported anymore.
Use the Builder 'fs' option to provide an interface that also handles
http(s) resources.

Support for older Node.js releases has been dropped.
Only Node.js v10 or higher is supported.

v0.8.7

Compare Source

Bug Fixes
  • Error handling for missing scoping files c7513a1

v0.8.6

Compare Source

Bug Fixes

v0.8.5

Compare Source

Features

v0.8.4

Compare Source

Features

v0.8.3

Compare Source

Bug Fixes

v0.8.2

Compare Source

Bug Fixes

v0.8.1

Compare Source

Bug Fixes

v0.8.0

Compare Source

Breaking Changes
  • Remove support for 'sourceMap' / 'cleancss' options 3f234c8
Bug Fixes
  • Apply less.js fix for import race condition 694f6c4

v0.7.0

Compare Source

Breaking Changes
  • Drop support for Node.js < 8.5 810962c
Bug Fixes

v0.6.0

Compare Source

Breaking changes
  • Drop unsupported Node.js versions. Now requires >= 6 #​45
Fixes
  • Again, fix inline theme parameters encoding for '#' #​48
All changes

0.5.4...0.6.0

v0.5.4

Compare Source

Fixes
  • Revert "Fix inline theme parameters encoding for '#'" #​26
All changes

0.5.3...0.5.4

v0.5.3

Compare Source

Fixes
  • Fix less error propagation #​22
  • Fix inline theme parameters encoding for '#' #​23
All changes

0.5.2...0.5.3

v0.5.2

Compare Source

Fixes
  • Fix reduced set of variables #​20
All changes

0.5.1...0.5.2

v0.5.1

Compare Source

Fixes
  • Changed paths in variable collector to posix variant #​19
All changes

0.5.0...0.5.1

v0.5.0

Compare Source

Features
  • Reduce collected variables to only add relevant ones #​18
All changes

0.4.0...0.5.0

v0.4.0

Compare Source

Features
All changes

0.3.1...0.4.0

v0.3.1

Compare Source

Fixes
  • Performance workaround: Handle properties directly added to String proto #​12
All changes

0.3.0...0.3.1

v0.3.0

Compare Source

Breaking changes
  • Drop support for Node.js v0.10 #​5
  • Replace static build function with Builder class to enable caching of build results #​10
  • Refactor options to also include input LESS string #​6
Features
  • Added "lessInputPath" option to provide a path relative to the "rootPaths" #​10
  • Added diffing and scoping to support Belize contrast areas #​10
  • Analyze .theming files as theme scope indicators #​10
All changes

0.2.0...0.3.0

v0.2.0

Compare Source

Breaking changes
  • Set default of parser option relativeUrls to true 00d892b
Features
  • Include inline theming parameters 4fa91b9
All changes

0.1.3...0.2.0

  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by WhiteSource label Dec 6, 2022
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/main-less-openui5-0.x branch from eb4c00e to 4028974 Compare January 19, 2023 14:53
@mend-for-github-com mend-for-github-com bot changed the title Update dependency less-openui5 to v0.8.0 (main) Update dependency less-openui5 to v0.11.5 (main) Jan 19, 2023
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/main-less-openui5-0.x branch from 4028974 to 684835d Compare January 19, 2023 14:54
@mend-for-github-com mend-for-github-com bot changed the title Update dependency less-openui5 to v0.11.5 (main) Update dependency less-openui5 to v0.10.0 (main) Jan 19, 2023
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/main-less-openui5-0.x branch from 684835d to dda7831 Compare September 4, 2023 07:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
security fix Security fix generated by WhiteSource
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants