dependabot[bot] opened a new pull request, #308: URL: https://github.com/apache/commons-build-plugin/pull/308
Bumps [org.graalvm.js:js-scriptengine](https://github.com/graalvm/graaljs) from 24.0.2 to 24.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/graalvm/graaljs/releases";>org.graalvm.js:js-scriptengine's releases</a>.</em></p> <blockquote> <h2>GraalJS 24.1.0</h2> <p>GraalJS is an ECMAScript-compliant runtime to execute JavaScript and Node.js applications. It is fully standard compliant, execute applications with high performance, and provide all benefits from the GraalVM stack, including language interoperability and common tooling.</p> <p>GraalJS version 24.1.0 is designed for use with Oracle GraalVM for JDK 23.0.0 or GraalVM Community Edition for JDK 23.0.0, and can be downloaded separately.</p> <p>There are two standalone types to choose from:</p> <ul> <li>Native Standalone: This contains a Native Image compiled launcher</li> <li>JVM Standalone: This contains JavaScript in the JVM configuration</li> </ul> <p>To distinguish between them, the GraalVM Community Edition version has the suffix <code>-community</code> in the name. A JVM standalone has a <code>-jvm</code> suffix in a name.</p> <p>Learn more about GraalJS and how to get started on the website: <a href="http://www.graalvm.org/reference-manual/js/";>https://www.graalvm.org/javascript/</a>.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/oracle/graaljs/blob/master/CHANGELOG.md";>org.graalvm.js:js-scriptengine's changelog</a>.</em></p> <blockquote> <h2>Version 24.1.0</h2> <ul> <li>ECMAScript 2024 mode/features enabled by default.</li> <li>Implemented the <a href="https://github.com/tc39/proposal-redeclarable-global-eval-vars";>Make eval-introduced global vars redeclarable</a> proposal.</li> <li>Implemented the <a href="https://github.com/tc39/proposal-float16array";>Float16Array</a> proposal. It is available in ECMAScript staging mode (<code>--js.ecmascript-version=staging</code>).</li> <li>Implemented the <a href="https://github.com/tc39/proposal-array-from-async";>Array.fromAsync</a> proposal. It is available in ECMAScript staging mode (<code>--js.ecmascript-version=staging</code>).</li> <li>Implemented the <a href="https://github.com/tc39/proposal-resizablearraybuffer";>Resizable and Growable ArrayBuffers</a> proposal.</li> <li>Updated Node.js to version 20.13.1.</li> <li>Made option <code>js.esm-eval-returns-exports</code> stable and allowed in <code>SandboxPolicy.UNTRUSTED</code>.</li> </ul> <h2>Version 24.0.0</h2> <ul> <li>Implemented the <a href="https://github.com/WebAssembly/threads";>WebAssembly threads</a> proposal.</li> <li>Implemented the <a href="https://github.com/tc39/proposal-promise-with-resolvers";>Promise.withResolvers</a> proposal. It is available in ECMAScript staging mode (<code>--js.ecmascript-version=staging</code>).</li> <li>Implementation of <a href="https://github.com/tc39/proposal-async-iterator-helpers";>Async Iterator Helpers</a> proposal (that was split out from Iterator Helpers proposal) was moved behind the experimental option <code>--js.async-iterator-helpers</code>.</li> <li>Implemented the <a href="https://github.com/tc39/proposal-is-usv-string";>Well-Formed Unicode Strings</a> proposal. It is available in ECMAScript staging mode (<code>--js.ecmascript-version=staging</code>).</li> <li>Implemented the <a href="https://github.com/tc39/proposal-json-parse-with-source";>JSON.parse source text access</a> proposal. It is available in ECMAScript staging mode (<code>--js.ecmascript-version=staging</code>).</li> <li>Updated Node.js to version 18.18.2.</li> <li>WebAssembly support in Node.js has been enabled by default. It can be disabled using the experimental option <code>--js.webassembly=false</code>.</li> <li><code>--js.import-assertions</code> option has been replaced by <code>--js.import-attributes</code> option because <a href="https://github.com/tc39/proposal-import-attributes";>the corresponding proposal</a> has migrated from the usage of assertions to the usage of attributes.</li> </ul> <h2>Version 23.1.0</h2> <ul> <li>NOTE: GraalVM no longer ships with a "js" ScriptEngine. Please either use the Maven dependency or explicitly put <code>js-scriptengine.jar</code> on the module path. See <a href="https://github.com/oracle/graaljs/blob/master/docs/user/ScriptEngine.md";>ScriptEngine documentation</a> for details.</li> <li>ECMAScript 2023 mode/features enabled by default.</li> <li>Updated Node.js to version 18.17.1.</li> <li>Implemented the <a href="https://github.com/tc39/proposal-async-context";>Async Context</a> proposal. It is available behind the experimental option <code>--js.async-context</code>.</li> <li><code>FinalizationRegistry.prototype.cleanupSome</code> is not enabled by default any more; it has been moved to ECMAScript staging mode (<code>--js.ecmascript-version=staging</code>).</li> <li>Added an experimental option <code>--js.allow-narrow-spaces-in-date-format</code> (enabled by default). When this option is set to <code>false</code> then narrow spaces in date/time formats are replaced by a space (<code>0x20</code>).</li> <li>Made option <code>js.console</code> stable and allowed in <code>SandboxPolicy.UNTRUSTED</code>.</li> <li>Made option <code>js.unhandled-rejections</code> stable and allowed in <code>SandboxPolicy.CONSTRAINED</code>.</li> <li>Added option <code>js.allow-eval</code> that is stable and allowed in <code>SandboxPolicy.UNTRUSTED</code>.</li> <li>Deprecated option <code>js.disable-eval</code>, superseded by <code>js.allow-eval</code>.</li> <li>Implemented the <a href="https://github.com/tc39/proposal-string-dedent";>String.dedent</a> proposal. It is available in ECMAScript staging mode (<code>--js.ecmascript-version=staging</code>).</li> <li>Duplicate named capture groups are now supported in regular expressions, as per the <a href="https://github.com/tc39/proposal-duplicate-named-capturing-groups";>duplicate named capturing groups</a> proposal.</li> <li>Implemented the <a href="https://github.com/tc39/proposal-regexp-v-flag";>RegExp v flag</a> proposal. It is available behind the experimental option <code>--js.regexp-unicode-sets</code>.</li> <li>The Maven coordinates for embedding the GraalVM JavaScript have been updated. For consuming the enterprise GraalVM JavaScript, use: <pre lang="xml"><code><dependency> <groupId>org.graalvm.polyglot</groupId> <artifactId>js</artifactId> <version>${graalvm.version}</version> <type>pom</type> </dependency> </code></pre> For consuming the community GraalVM JavaScript, use: <pre lang="xml"><code><dependency> <groupId>org.graalvm.polyglot</groupId> <artifactId>js-community</artifactId> <version>${graalvm.version}</version> <type>pom</type> </code></pre> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/oracle/graaljs/commit/5ed929b213fff8a888ebfeeb86cbfd5b3b74f663";><code>5ed929b</code></a> [GR-54375] Release GraalVM 24.1.0.</li> <li><a href="https://github.com/oracle/graaljs/commit/c7170b3a6b74b81efabe5932cfe4fd2e9d428f34";><code>c7170b3</code></a> [GR-57059] Batch backport from master into 24.1 release branch.</li> <li><a href="https://github.com/oracle/graaljs/commit/3a569a85935a4b529b5f0f3de1532895e9d732a5";><code>3a569a8</code></a> Sync CI files.</li> <li><a href="https://github.com/oracle/graaljs/commit/e118c7b36cab64c6cbf0086a97494015302a9daf";><code>e118c7b</code></a> Adding a note about js.stack-trace-api option into change-log.</li> <li><a href="https://github.com/oracle/graaljs/commit/5d26b522cc4273014cbb8fe76c80540f5ce2c942";><code>5d26b52</code></a> Testing js.stack-trace-api option.</li> <li><a href="https://github.com/oracle/graaljs/commit/fd4b7beeb7d084389b532fb0c13cd954fd5472e9";><code>fd4b7be</code></a> Adding an option that enables/disables stack-trace-related extensions.</li> <li><a href="https://github.com/oracle/graaljs/commit/5041fbfc128b772bc3b5783e494b653ecacc79ee";><code>5041fbf</code></a> Enabling Error.stackTraceLimit in MLE mode.</li> <li><a href="https://github.com/oracle/graaljs/commit/fa68370b6969f12ddbc2711be6a01f7006cf98ab";><code>fa68370</code></a> Adding a note about the limited usage of Error.prepareStackTrace/stackTraceLi...</li> <li><a href="https://github.com/oracle/graaljs/commit/8f85f0be12a64079aa101d351ac1d259ce4d015f";><code>8f85f0b</code></a> Do not override the deprecated isCaptureFramesForTrace(Node).</li> <li><a href="https://github.com/oracle/graaljs/commit/3fbfef5d5986f230606ea9e186e7dae5df2873ce";><code>3fbfef5</code></a> Tests using Error.prepareStackTrace/stackTraceLimit should use v8-compat mode.</li> <li>Additional commits viewable in <a href="https://github.com/graalvm/graaljs/compare/vm-24.0.2...vm-24.1.0";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
