dependabot[bot] opened a new pull request, #36922: URL: https://github.com/apache/superset/pull/36922
Bumps [jsdom](https://github.com/jsdom/jsdom) from 27.0.0 to 27.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jsdom/jsdom/releases";>jsdom's releases</a>.</em></p> <blockquote> <h2>Version 27.4.0</h2> <ul> <li>Added <code>TextEncoder</code> and <code>TextDecoder</code>.</li> <li>Improved decoding of HTML bytes by using the new <a href="https://www.npmjs.com/package/@exodus/bytes";><code>@exodus/bytes</code></a> package; it is now much more correct. (ChALkeR)</li> <li>Improved decoding of XML bytes to use UTF-8 more often, instead of sniffing for <code><meta charset></code> or using the parent frame's encoding.</li> <li>Fixed a memory leak when <code>Range</code>s were used and then the elements referred to by those ranges were removed.</li> </ul> <h2>Version 27.3.0</h2> <ul> <li>Improved CSS parsing and CSSOM object APIs via updates to <a href="https://www.npmjs.com/package/@acemir/cssom";><code>@acemir/cssom</code></a>. (acemir)</li> </ul> <h2>Version 27.2.0</h2> <ul> <li>Added <code>CSSGroupingRule</code>, <code>CSSNestedDeclarations</code>, <code>CSSConditionRule</code>, <code>CSSContainerRule</code>, <code>CSSScopeRule</code>, <code>CSSSupportsRule</code>, <code>CSSLayerBlockRule</code>, and <code>CSSLayerStatementRule</code> to jsdom <code>Window</code>s. (acemir)</li> <li>Improved CSS parsing and CSSOM object APIs via updates to <a href="https://www.npmjs.com/package/@acemir/cssom";><code>@acemir/cssom</code></a>. (acemir)</li> <li>Fixed <code>@import</code>-ed stylesheets to be properly exposed to CSSOM, and not to overwrite the sheet created from the <code><link></code> or <code><style></code> element. (acemir)</li> </ul> <h2>Version 27.1.0</h2> <ul> <li>Improved CSS parsing by switching to <a href="https://www.npmjs.com/package/@acemir/cssom";><code>@acemir/cssom</code></a>, including support for nested selectors, nested declarations, layer statements, and improved at-rule validation. (acemir)</li> <li>Fixed some selector cache invalidation issues where changes to attributes were not being picked up. (asamuzaK)</li> <li>Fixed <code>package.json</code> <code>"engines"</code> field to reflect the new minimum Node.js versions needed to run jsdom, as noted in the changelog for v27.0.1.</li> </ul> <h2>Version 27.0.1</h2> <p><strong>This release inadvertently raised the minimum Node.js version from v20.0.0 to v20.19.0+, v22.12.0+, v24.0.0+</strong>. (This happened via a dependency update.) This probably should have been a breaking (major) change, instead of happening in a patch version, since it prevents using earlier Node.js versions.</p> <p>After further testing, we found that most of our development dependencies also require these versions, and so it's not feasible for the jsdom project to support earlier Node.js versions. (For example, our testing frameworks will not run on them.) If you need to use such earlier versions, or otherwise are working in an environment which gives related errors such as <code>ERR_REQUIRE_ESM</code>, then please stick with the v26.1.0 release of jsdom. (Noting, of course, that such versions are unsupported, and we will not respond to bug reports opened against them.)</p> <p>Subsequent jsdom releases will explicitly require these minimum Node.js versions, and will have CI testing to ensure that the minimum version is not accidentally raised again.</p> <p>Normal changelog:</p> <ul> <li>Fixed some regressions in CSS selectors. Most such regression fixes were done in a minor update of a dependency, and thus available for all fresh installs of v27.0.0. However, one related to <code>class=""</code> attribute changes is only possible with a new version of jsdom. (asamuzaK)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jsdom/jsdom/blob/main/Changelog.md";>jsdom's changelog</a>.</em></p> <blockquote> <h2>27.4.0</h2> <ul> <li>Added <code>TextEncoder</code> and <code>TextDecoder</code>.</li> <li>Improved decoding of HTML bytes by using the new <a href="https://www.npmjs.com/package/@exodus/bytes";><code>@exodus/bytes</code></a> package; it is now much more correct. (ChALkeR)</li> <li>Improved decoding of XML bytes to use UTF-8 more often, instead of sniffing for <code><meta charset></code> or using the parent frame's encoding.</li> <li>Fixed a memory leak when <code>Range</code>s were used and then the elements referred to by those ranges were removed.</li> </ul> <h2>27.3.0</h2> <ul> <li>Improved CSS parsing and CSSOM object APIs via updates to <a href="https://www.npmjs.com/package/@acemir/cssom";><code>@acemir/cssom</code></a>. (acemir)</li> </ul> <h2>27.2.0</h2> <ul> <li>Added <code>CSSGroupingRule</code>, <code>CSSNestedDeclarations</code>, <code>CSSConditionRule</code>, <code>CSSContainerRule</code>, <code>CSSScopeRule</code>, <code>CSSSupportsRule</code>, <code>CSSLayerBlockRule</code>, and <code>CSSLayerStatementRule</code> to jsdom <code>Window</code>s. (acemir)</li> <li>Improved CSS parsing and CSSOM object APIs via updates to <a href="https://www.npmjs.com/package/@acemir/cssom";><code>@acemir/cssom</code></a>. (acemir)</li> <li>Fixed <code>@import</code>-ed stylesheets to be properly exposed to CSSOM, and not to overwrite the sheet created from the <code><link></code> or <code><style></code> element. (acemir)</li> </ul> <h2>27.1.0</h2> <ul> <li>Improved CSS parsing by switching to <a href="https://www.npmjs.com/package/@acemir/cssom";><code>@acemir/cssom</code></a>, including support for nested selectors, nested declarations, layer statements, and improved at-rule validation. (acemir)</li> <li>Fixed some selector cache invalidation issues where changes to attributes were not being picked up. (asamuzaK)</li> <li>Fixed <code>package.json</code> <code>"engines"</code> field to reflect the new minimum Node.js versions needed to run jsdom, as noted in the changelog for v27.0.1.</li> </ul> <h2>27.0.1</h2> <p><strong>This release inadvertently raised the minimum Node.js version from v20.0.0 to v20.19.0+, v22.12.0+, v24.0.0+</strong>. (This happened via a dependency update.) This probably should have been a breaking (major) change, instead of happening in a patch version, since it prevents using earlier Node.js versions.</p> <p>After further testing, we found that most of our development dependencies also require these versions, and so it's not feasible for the jsdom project to support earlier Node.js versions. (For example, our testing frameworks will not run on them.) If you need to use such earlier versions, or otherwise are working in an environment which gives related errors such as <code>ERR_REQUIRE_ESM</code>, then please stick with the v26.1.0 release of jsdom. (Noting, of course, that such versions are unsupported, and we will not respond to bug reports opened against them.)</p> <p>Subsequent jsdom releases will explicitly require these minimum Node.js versions, and will have CI testing to ensure that the minimum version is not accidentally raised again.</p> <p>Normal changelog:</p> <ul> <li>Fixed some regressions in CSS selectors. Most such regression fixes were done in a minor update of a dependency, and thus available for all fresh installs of v27.0.0. However, one related to <code>class=""</code> attribute changes is only possible with a new version of jsdom. (asamuzaK)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jsdom/jsdom/commit/098d16d6b86c5f215d48658c3005cb54b1325603";><code>098d16d</code></a> Version 27.4.0</li> <li><a href="https://github.com/jsdom/jsdom/commit/1cd029efb72314840c46730d72f9684c60635c54";><code>1cd029e</code></a> Improve asciiLowercase/asciiUppercase performance</li> <li><a href="https://github.com/jsdom/jsdom/commit/83fcb627264def824fd80366b33c29ccb5c6dd01";><code>83fcb62</code></a> Implement TextEncoder and TextDecoder; improve XML decoding</li> <li><a href="https://github.com/jsdom/jsdom/commit/ddad97df73368768c5107e3d141b6bb994164c4d";><code>ddad97d</code></a> Switch from iconv-lite to exodus/bytes for decoding</li> <li><a href="https://github.com/jsdom/jsdom/commit/25cb2a1c2b2944ab218b347a602accb736cdaa92";><code>25cb2a1</code></a> Use weak references for ranges</li> <li><a href="https://github.com/jsdom/jsdom/commit/ed4f5ed66d0b5b3ee888389a27850fe17253c357";><code>ed4f5ed</code></a> Add currently-failing CSS regression tests</li> <li><a href="https://github.com/jsdom/jsdom/commit/56b75c279a1afe35ca6e4a7796d75f3c31fb9b70";><code>56b75c2</code></a> Version 27.3.0</li> <li><a href="https://github.com/jsdom/jsdom/commit/decdb954814279576426f2f81c1d34858dcf94dd";><code>decdb95</code></a> Update dependencies and dev dependencies</li> <li><a href="https://github.com/jsdom/jsdom/commit/542b1a668a46f99fdffa6eec518b83eb79392cc0";><code>542b1a6</code></a> CSSOM improvements</li> <li><a href="https://github.com/jsdom/jsdom/commit/b0805a908fb905ec69c4d1afc09977226927ae09";><code>b0805a9</code></a> Version 27.2.0</li> <li>Additional commits viewable in <a href="https://github.com/jsdom/jsdom/compare/27.0.0...27.4.0";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
