LongYinan
37a32d1f7d
chore: bump up rollup version to v4 ( #5202 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [rollup](https://rollupjs.org/ ) ([source](https://togithub.com/rollup/rollup )) | [`^3.29.4` -> `^4.0.0`](https://renovatebot.com/diffs/npm/rollup/3.29.4/4.6.1 ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) |
---
### Release Notes
<details>
<summary>rollup/rollup (rollup)</summary>
### [`v4.6.1`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#461 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.6.0...v4.6.1 )
*2023-11-30*
##### Bug Fixes
- Resolve a situation where declaring the same `var` several times was considered a conflict ([#​5276](https://togithub.com/rollup/rollup/issues/5276 ))
##### Pull Requests
- [#​5275](https://togithub.com/rollup/rollup/pull/5275 ): Add TNG as special sponsor ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5276](https://togithub.com/rollup/rollup/pull/5276 ): Allow to redeclare parameters multiple times in nested scopes ([@​lukastaegert](https://togithub.com/lukastaegert ))
### [`v4.6.0`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#460 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.5.2...v4.6.0 )
*2023-11-26*
##### Features
- Allow `this.addWatchFile` in all plugin hooks ([#​5270](https://togithub.com/rollup/rollup/issues/5270 ))
##### Bug Fixes
- Show helpful error when native binaries are not installed due to an `npm` issue ([#​5267](https://togithub.com/rollup/rollup/issues/5267 ))
- Do not access `this` context in `this.addWatchFile` so it does not need to be bound when passed around ([#​5270](https://togithub.com/rollup/rollup/issues/5270 ))
##### Pull Requests
- [#​5267](https://togithub.com/rollup/rollup/pull/5267 ): Add friendly error for npm bug ([@​sapphi-red](https://togithub.com/sapphi-red ))
- [#​5270](https://togithub.com/rollup/rollup/pull/5270 ): Allow this.addWatchFile in all hooks ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5272](https://togithub.com/rollup/rollup/pull/5272 ): Debug deployed graphs ([@​lukastaegert](https://togithub.com/lukastaegert ))
### [`v4.5.2`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#452 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.5.1...v4.5.2 )
*2023-11-24*
##### Bug Fixes
- Handle files with UTF-8 BOM when using the commonjs plugin ([#​5268](https://togithub.com/rollup/rollup/issues/5268 ))
##### Pull Requests
- [#​5268](https://togithub.com/rollup/rollup/pull/5268 ): fix: strip BOM before calling transform hook ([@​TrickyPi](https://togithub.com/TrickyPi ))
- [#​5269](https://togithub.com/rollup/rollup/pull/5269 ): chore(deps): lock file maintenance minor/patch updates ([@​renovate](https://togithub.com/renovate )\[bot])
### [`v4.5.1`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#451 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.5.0...v4.5.1 )
*2023-11-21*
##### Bug Fixes
- Do not error when a function expression uses the same name for a parameter and its id ([#​5262](https://togithub.com/rollup/rollup/issues/5262 ))
##### Pull Requests
- [#​5257](https://togithub.com/rollup/rollup/pull/5257 ): Fix graphs in docs, improve REPL colors ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5262](https://togithub.com/rollup/rollup/pull/5262 ): Allow function expression parameters to shadow the function id ([@​lukastaegert](https://togithub.com/lukastaegert ))
### [`v4.5.0`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#450 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.4.1...v4.5.0 )
*2023-11-18*
##### Bug Fixes
- Show a proper error when using native Rollup on armv7 musl Linux ([#​5255](https://togithub.com/rollup/rollup/issues/5255 ))
##### Pull Requests
- [#​5251](https://togithub.com/rollup/rollup/pull/5251 ): doc fix import assertions to attributes in API plugin development page ([@​lhapaipai](https://togithub.com/lhapaipai ))
- [#​5253](https://togithub.com/rollup/rollup/pull/5253 ): chore(deps): lock file maintenance minor/patch updates ([@​renovate](https://togithub.com/renovate )\[bot])
- [#​5255](https://togithub.com/rollup/rollup/pull/5255 ): Error for armv7 musl build ([@​lukastaegert](https://togithub.com/lukastaegert ))
### [`v4.4.1`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#441 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.4.0...v4.4.1 )
*2023-11-14*
##### Bug Fixes
- Do not flag duplicate function declarations in function scopes as syntax errors ([#​5248](https://togithub.com/rollup/rollup/issues/5248 ))
##### Pull Requests
- [#​5248](https://togithub.com/rollup/rollup/pull/5248 ): Allow functions to redeclare vars and functions in function scopes ([@​lukastaegert](https://togithub.com/lukastaegert ))
### [`v4.4.0`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#440 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.3.1...v4.4.0 )
*2023-11-12*
##### Features
- Replace SWC linting with faster internal linting to error on duplicate declarations etc. ([#​5207](https://togithub.com/rollup/rollup/issues/5207 ))
##### Bug Fixes
- Show proper error when an entry exports non-existing bindings ([#​5207](https://togithub.com/rollup/rollup/issues/5207 ))
##### Pull Requests
- [#​5207](https://togithub.com/rollup/rollup/pull/5207 ): perf: run lint while constructing nodes ([@​sapphi-red](https://togithub.com/sapphi-red ))
### [`v4.3.1`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#431 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.3.0...v4.3.1 )
*2023-11-11*
##### Bug Fixes
- Fix rename error when handling errors in watch mode ([#​5240](https://togithub.com/rollup/rollup/issues/5240 ))
- Prevent warning when using `--forceExit` ([#​5245](https://togithub.com/rollup/rollup/issues/5245 ))
##### Pull Requests
- [#​5240](https://togithub.com/rollup/rollup/pull/5240 ): fix: allow the name of Rollup Error to be modified ([@​TrickyPi](https://togithub.com/TrickyPi ))
- [#​5243](https://togithub.com/rollup/rollup/pull/5243 ): chore(deps): lock file maintenance minor/patch updates ([@​renovate](https://togithub.com/renovate )\[bot])
- [#​5245](https://togithub.com/rollup/rollup/pull/5245 ): Ensure --forceExit works without warning ([@​lukastaegert](https://togithub.com/lukastaegert ))
### [`v4.3.0`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#430 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.2.0...v4.3.0 )
*2023-11-03*
##### Features
- Add `forceExit` CLI flag for situations where the CLI does not exit gracefully ([#​5195](https://togithub.com/rollup/rollup/issues/5195 ))
##### Bug Fixes
- Properly catch errors when removing a temporary config file fails ([#​5198](https://togithub.com/rollup/rollup/issues/5198 ))
##### Pull Requests
- [#​5195](https://togithub.com/rollup/rollup/pull/5195 ): Add `forceExit` CLI flag ([@​raphael-theriault-swi](https://togithub.com/raphael-theriault-swi ))
- [#​5198](https://togithub.com/rollup/rollup/pull/5198 ): fix: prevent `ENOENT` error on temp config removal ([@​jzempel](https://togithub.com/jzempel ))
- [#​5237](https://togithub.com/rollup/rollup/pull/5237 ): chore: remove unused files and deps ([@​TrickyPi](https://togithub.com/TrickyPi ))
- [#​5238](https://togithub.com/rollup/rollup/pull/5238 ): chore(deps): update dependency eslint-plugin-unicorn to v49 ([@​renovate](https://togithub.com/renovate )\[bot])
- [#​5239](https://togithub.com/rollup/rollup/pull/5239 ): chore(deps): lock file maintenance minor/patch updates ([@​renovate](https://togithub.com/renovate )\[bot])
### [`v4.2.0`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#420 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.1.6...v4.2.0 )
*2023-10-31*
##### Features
- Run parsing in multiple threads and introduce `parseAstAsync` helper function ([#​5202](https://togithub.com/rollup/rollup/issues/5202 ))
##### Pull Requests
- [#​5202](https://togithub.com/rollup/rollup/pull/5202 ): perf: introduce `parseAstAsync` and parallelize parsing AST ([@​sapphi-red](https://togithub.com/sapphi-red ))
### [`v4.1.6`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#416 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.1.5...v4.1.6 )
*2023-10-31*
##### Bug Fixes
- Fix a bug where emtpy block comments in certain positions could freeze Rollup ([#​5231](https://togithub.com/rollup/rollup/issues/5231 ))
##### Pull Requests
- [#​5228](https://togithub.com/rollup/rollup/pull/5228 ): build: ensure rust toolchain components for linting are installed ([@​jerome-benoit](https://togithub.com/jerome-benoit ))
- [#​5231](https://togithub.com/rollup/rollup/pull/5231 ): Render emtpy block comments after tree-shaken statements ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5232](https://togithub.com/rollup/rollup/pull/5232 ): Revert specifying rustfmt and clippy in toolchain file as it breaks REPL build ([@​lukastaegert](https://togithub.com/lukastaegert ))
### [`v4.1.5`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#415 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.1.4...v4.1.5 )
*2023-10-28*
##### Bug Fixes
- Fix an issue where actual entries that were also implicit entries could remain implicit ([#​5220](https://togithub.com/rollup/rollup/issues/5220 ))
##### Pull Requests
- [#​5209](https://togithub.com/rollup/rollup/pull/5209 ): Document Vite workaround for browser build ([@​curran](https://togithub.com/curran ))
- [#​5215](https://togithub.com/rollup/rollup/pull/5215 ): chore(deps): update dependency lint-staged to v15 ([@​renovate](https://togithub.com/renovate )\[bot])
- [#​5216](https://togithub.com/rollup/rollup/pull/5216 ): chore(deps): lock file maintenance minor/patch updates ([@​renovate](https://togithub.com/renovate )\[bot])
- [#​5218](https://togithub.com/rollup/rollup/pull/5218 ): Update license plugin ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5219](https://togithub.com/rollup/rollup/pull/5219 ): Fix error highlight in REPL ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5220](https://togithub.com/rollup/rollup/pull/5220 ): Fix race condition when emitting implicitly dependent entries ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5224](https://togithub.com/rollup/rollup/pull/5224 ): chore(deps): update actions/setup-node action to v4 ([@​renovate](https://togithub.com/renovate )\[bot])
- [#​5225](https://togithub.com/rollup/rollup/pull/5225 ): chore(deps): lock file maintenance minor/patch updates ([@​renovate](https://togithub.com/renovate )\[bot])
### [`v4.1.4`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#414 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.1.3...v4.1.4 )
*2023-10-16*
##### Bug Fixes
- Reduce sizes [@​rollup/browser](https://togithub.com/rollup/browser ) and [@​rollup/wasm-node](https://togithub.com/rollup/wasm-node ) WASM artifacts ([#​5204](https://togithub.com/rollup/rollup/issues/5204 ))
##### Pull Requests
- [#​5204](https://togithub.com/rollup/rollup/pull/5204 ): perf: shrink wasm size by avoid importing browserslist ([@​sapphi-red](https://togithub.com/sapphi-red ))
### [`v4.1.3`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#413 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.1.1...v4.1.3 )
*2023-10-15*
##### Bug Fixes
- Fix WASM build as hash function was not exported ([#​5203](https://togithub.com/rollup/rollup/issues/5203 ))
##### Pull Requests
- [#​5203](https://togithub.com/rollup/rollup/pull/5203 ): fix: export xxhashBase64Url from wasm ([@​sapphi-red](https://togithub.com/sapphi-red ))
### [`v4.1.1`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#411 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.1.0...v4.1.1 )
*2023-10-15*
##### Bug Fixes
- Improve Node parsing performance ([#​5201](https://togithub.com/rollup/rollup/issues/5201 ))
##### Pull Requests
- [#​5201](https://togithub.com/rollup/rollup/pull/5201 ): perf: use mimalloc for bindings_napi ([@​sapphi-red](https://togithub.com/sapphi-red ))
### [`v4.1.0`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#410 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.0.2...v4.1.0 )
*2023-10-14*
##### Features
- Reduce memory usage of Rollup builds ([#​5133](https://togithub.com/rollup/rollup/issues/5133 ))
##### Pull Requests
- [#​5133](https://togithub.com/rollup/rollup/pull/5133 ): perf: reducing ast node memory overhead ([@​thebanjomatic](https://togithub.com/thebanjomatic ))
- [#​5177](https://togithub.com/rollup/rollup/pull/5177 ): chore: explicitly set rust toolchain channel ([@​cijiugechu](https://togithub.com/cijiugechu ))
- [#​5179](https://togithub.com/rollup/rollup/pull/5179 ): Update migration guide for Rollup 4 ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5180](https://togithub.com/rollup/rollup/pull/5180 ): Resolve clippy errors ([@​cijiugechu](https://togithub.com/cijiugechu ))
- [#​5183](https://togithub.com/rollup/rollup/pull/5183 ): Add clippy to pipeline and fix remaining issues ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5184](https://togithub.com/rollup/rollup/pull/5184 ): docs: fix code example for `onLog` ([@​tjenkinson](https://togithub.com/tjenkinson ))
- [#​5186](https://togithub.com/rollup/rollup/pull/5186 ): Improve wording for native artifacts in migration guide ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5190](https://togithub.com/rollup/rollup/pull/5190 ): test: add verifyAst type ([@​TrickyPi](https://togithub.com/TrickyPi ))
- [#​5196](https://togithub.com/rollup/rollup/pull/5196 ): chore(deps): update dependency rollup to v4 ([@​renovate](https://togithub.com/renovate )\[bot])
- [#​5197](https://togithub.com/rollup/rollup/pull/5197 ): chore(deps): lock file maintenance minor/patch updates ([@​renovate](https://togithub.com/renovate )\[bot])
### [`v4.0.2`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#402 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.0.1...v4.0.2 )
*2023-10-06*
##### Bug Fixes
- Fix annotation detection logic to not fail when a non-ASCII character precedes a double underscore ([#​5178](https://togithub.com/rollup/rollup/issues/5178 ))
##### Pull Requests
- [#​5178](https://togithub.com/rollup/rollup/pull/5178 ): Handle special characters before double underscores ([@​lukastaegert](https://togithub.com/lukastaegert ))
### [`v4.0.1`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#401 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v4.0.0...v4.0.1 )
*2023-10-06*
##### Bug Fixes
- Do not panic on trailing semicolons after class methods ([#​5173](https://togithub.com/rollup/rollup/issues/5173 ))
- Add artifact for arm64 linux musl target ([#​5176](https://togithub.com/rollup/rollup/issues/5176 ))
##### Pull Requests
- [#​5172](https://togithub.com/rollup/rollup/pull/5172 ): chore(deps): lock file maintenance minor/patch updates ([@​renovate](https://togithub.com/renovate )\[bot])
- [#​5173](https://togithub.com/rollup/rollup/pull/5173 ): fix: ignores empty statements in class body that is returned by SWC parser ([@​TrickyPi](https://togithub.com/TrickyPi ))
- [#​5176](https://togithub.com/rollup/rollup/pull/5176 ): Fix linux arm musl build ([@​lukastaegert](https://togithub.com/lukastaegert ))
### [`v4.0.0`](https://togithub.com/rollup/rollup/blob/HEAD/CHANGELOG.md#400 )
[Compare Source](https://togithub.com/rollup/rollup/compare/v3.29.4...v4.0.0 )
*2023-10-05*
##### BREAKING CHANGES
##### General Changes
- The minimal required Node version is now 18.0.0 ([#​5142](https://togithub.com/rollup/rollup/issues/5142 ))
- The browser build now relies on a WASM artifact that needs to be provided as well ([#​5073](https://togithub.com/rollup/rollup/issues/5073 ))
- The NodeJS build now relies on an optional native binary; for unsupported platforms, users can use the `@rollup/wasm-node` package that has the same interface as Rollup but relies on WASM artifacts ([#​5073](https://togithub.com/rollup/rollup/issues/5073 ))
- The `INVALID_IMPORT_ASSERTION` error code has been replaced with `INVALID_IMPORT_ATTRIBUTE` ([#​5073](https://togithub.com/rollup/rollup/issues/5073 ))
- Rollup will now warn for `@__PURE__` and `@__NO_SIDE_EFFECTS__` annotations in invalid locations ([#​5165](https://togithub.com/rollup/rollup/issues/5165 ))
- If an entry module starts with a shebang comment `#!...`, this comment will be prepended to the output for `es` and `cjs` formats ([#​5163](https://togithub.com/rollup/rollup/issues/5163 ))
- File hashes will now use url-safe base64 encoded hashes ([#​5155](https://togithub.com/rollup/rollup/issues/5155 ))
- The maximum hash length has been reduced to 22 characters ([#​5155](https://togithub.com/rollup/rollup/issues/5155 ))
- The `RollupWarning` type has been removed in favor of the `RollupLog` type ([#​5147](https://togithub.com/rollup/rollup/issues/5147 ))
##### Changes to Rollup Options
- Acorn plugins are no longer supported, the `acornInjectPlugins` option has been removed ([#​5073](https://togithub.com/rollup/rollup/issues/5073 ))
- The `acorn` option has been removed ([#​5073](https://togithub.com/rollup/rollup/issues/5073 ))
- `output.externalImportAssertions` has been deprecated in favor of `output.externalImportAttributes` ([#​5073](https://togithub.com/rollup/rollup/issues/5073 ))
- `inlineDynamicImports`, `manualChunks` and `preserveModules` have been removed on input option level: Please use the corresponding output options of the same names ([#​5143](https://togithub.com/rollup/rollup/issues/5143 ))
- Removed output options ([#​5143](https://togithub.com/rollup/rollup/issues/5143 )):
- `output.experimentalDeepDynamicChunkOptimization`: This option is no longer needed as Rollup now always runs the full chunking algorithm
- `output.dynamicImportFunction`: Use the `renderDynamicImport` plugin hook instead
- `output.namespaceToStringTag`: Use `output.generatedCode.symbols` instead
- `output.preferConst`: Use `output.generatedCode.constBindings` instead
##### Plugin API Changes
- For `this.resolve`, the default of the `skipSelf` option is now `true` ([#​5142](https://togithub.com/rollup/rollup/issues/5142 ))
- `this.parse` now only supports the `allowReturnOutsideFunction` option for now ([#​5073](https://togithub.com/rollup/rollup/issues/5073 ))
- Import assertions now use the [new import attribute AST structure](https://togithub.com/estree/estree/blob/master/experimental/import-attributes.md ) ([#​5073](https://togithub.com/rollup/rollup/issues/5073 ))
- "assertions" have been replaced with "attributes" in various places of the plugin interface ([#​5073](https://togithub.com/rollup/rollup/issues/5073 ))
- If the import of a module id is handled by the `load` hook of a plugin, `rollup.watch` no longer watches the actual file if the module id corresponds to a real path; if this is intended, then the plugin is responsible for calling `this.addWatchFile` for any dependency files ([#​5150](https://togithub.com/rollup/rollup/issues/5150 ))
- The normalized input options provided by `buildStart` and other hooks no longer contain an `onwarn` handler; plugins should use `onLog` instead ([#​5147](https://togithub.com/rollup/rollup/issues/5147 ))
- `this.moduleIds` has been removed from the plugin context: Use `this.getModuleIds()` instead ([#​5143](https://togithub.com/rollup/rollup/issues/5143 ))
- The `hasModuleSideEffects` flag has been removed from the `ModuleInfo` returned by `this.getModuleInfo()`: Use `moduleSideEffects` on the `ModuleInfo` instead ([#​5143](https://togithub.com/rollup/rollup/issues/5143 ))
##### Features
- Improve parsing speed by switching to a native SWC-based parser ([#​5073](https://togithub.com/rollup/rollup/issues/5073 ))
- Rollup will now warn for `@__PURE__` and `@__NO_SIDE_EFFECTS__` annotations in invalid locations ([#​5165](https://togithub.com/rollup/rollup/issues/5165 ))
- The parser is now exposed as a separate export `parseAst` ([#​5169](https://togithub.com/rollup/rollup/issues/5169 ))
##### Bug Fixes
- Rollup no longer tries to watch virtual files if their name corresponds to an actual file name; instead, plugins handle watching via `this.addWatchFile()` ([#​5150](https://togithub.com/rollup/rollup/issues/5150 ))
##### Pull Requests
- [#​5073](https://togithub.com/rollup/rollup/pull/5073 ): \[v4.0] Switch parser to SWC and introduce native/WASM code ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5142](https://togithub.com/rollup/rollup/pull/5142 ): \[v4.0] Set the default of skipSelf to true ([@​TrickyPi](https://togithub.com/TrickyPi ))
- [#​5143](https://togithub.com/rollup/rollup/pull/5143 ): \[v4.0] Remove deprecated features ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5144](https://togithub.com/rollup/rollup/pull/5144 ): \[v4.0] Imporve the performance of generating ast and rollup ast nodes ([@​TrickyPi](https://togithub.com/TrickyPi ))
- [#​5147](https://togithub.com/rollup/rollup/pull/5147 ): \[v4.0] Remove onwarn from normalized input options ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5150](https://togithub.com/rollup/rollup/pull/5150 ): \[v4.0] feat: Do not watch files anymore if their content is returned by the load hook ([@​TrickyPi](https://togithub.com/TrickyPi ))
- [#​5154](https://togithub.com/rollup/rollup/pull/5154 ): \[v4.0] Add parse option to allow return outside function ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5155](https://togithub.com/rollup/rollup/pull/5155 ): \[v4.0] feat: implement hashing content in Rust ([@​TrickyPi](https://togithub.com/TrickyPi ))
- [#​5157](https://togithub.com/rollup/rollup/pull/5157 ): \[v4.0] Handle empty exports ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5160](https://togithub.com/rollup/rollup/pull/5160 ): chore(deps): lock file maintenance minor/patch updates ([@​renovate](https://togithub.com/renovate )\[bot])
- [#​5163](https://togithub.com/rollup/rollup/pull/5163 ): \[v4.0] feat: preserve shebang in entry module for CJS and ESM outputs ([@​TrickyPi](https://togithub.com/TrickyPi ))
- [#​5164](https://togithub.com/rollup/rollup/pull/5164 ): \[v4.0] fix: also strip BOM from code strings in JS ([@​TrickyPi](https://togithub.com/TrickyPi ))
- [#​5165](https://togithub.com/rollup/rollup/pull/5165 ): \[v4.0] warn for invalid annotations ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5168](https://togithub.com/rollup/rollup/pull/5168 ): \[v4.0] Ensure we support new import attribute "with" syntax ([@​lukastaegert](https://togithub.com/lukastaegert ))
- [#​5169](https://togithub.com/rollup/rollup/pull/5169 ): \[v4.0] Expose parser ([@​lukastaegert](https://togithub.com/lukastaegert ))
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View repository job log [here](https://developer.mend.io/github/toeverything/AFFiNE ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44MS4zIiwidXBkYXRlZEluVmVyIjoiMzcuODcuMiIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSJ9-->
2023-12-08 06:08:54 +00:00
Peng Xiao
fcd43033fe
fix(electron): sync settings from localStorage -> atom -> electron ( #5020 )
...
- moved `appSettingAtom` to infra since we now have different packages that depends on it. There is no better place to fit in for now
- use atomEffect to sync setting changes to updater related configs to Electron side
- refactored how Electron reacts to updater config changes.
2023-12-08 03:20:02 +00:00
Yifeng Wang
d507c24570
feat: bump blocksuite ( #5228 )
2023-12-07 19:28:49 +08:00
Yifeng Wang
819f0243d5
feat: bump blocksuite ( #5218 )
...
Co-authored-by: LongYinan <lynweklm@gmail.com >
2023-12-07 18:24:23 +08:00
Yifeng Wang
6cbf5b2a92
feat: bump blocksuite ( #5194 )
...
Co-authored-by: AyushAgrawal-A2 <ayushagl06@gmail.com >
2023-12-06 18:15:03 +08:00
LongYinan
93a0349fbc
chore: bump up vite version to v4.5.1 [SECURITY] ( #5211 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [vite](https://vitejs.dev ) ([source](https://togithub.com/vitejs/vite/tree/HEAD/packages/vite )) | [`4.5.0` -> `4.5.1`](https://renovatebot.com/diffs/npm/vite/4.5.0/4.5.1 ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) |
### GitHub Vulnerability Alerts
#### [CVE-2023-49293](https://togithub.com/vitejs/vite/security/advisories/GHSA-92r3-m2mg-pj97 )
### Summary
When Vite's HTML transformation is invoked manually via `server.transformIndexHtml`, the original request URL is passed in unmodified, and the `html` being transformed contains inline module scripts (`<script type="module">...</script>`), it is possible to inject arbitrary HTML into the transformed output by supplying a malicious URL query string to `server.transformIndexHtml`.
### Impact
Only apps using `appType: 'custom'` and using the default Vite HTML middleware are affected. The HTML entry must also contain an inline script. The attack requires a user to click on a malicious URL while running the dev server. Restricted files aren't exposed to the attacker.
### Patches
Fixed in vite@5.0.5, vite@4.5.1, vite@4.4.12
### Details
Suppose `index.html` contains an inline module script:
```html
<script type="module">
// Inline script
</script>
```
This script is transformed into a proxy script like
```html
<script type="module" src="/index.html?html-proxy&index=0.js"></script>
```
due to Vite's HTML plugin:
7fd7c6cebf/packages/vite/src/node/plugins/html.ts (L429-L465)73ef074b80/packages/vite/src/node/server/middlewares/htmlFallback.ts (L44-L47)http://localhost:5173/?%22%3E%3C/script%3E%3Cscript%3Ealert(%27boom%27)%3C/script%3E produces HTML output like
```html
<script type="module" src="/@​id/__x00__/?"></script><script>alert("boom")</script>?html-proxy&index=0.js"></script>
```
which demonstrates XSS.
### PoC
- Example 1. Serving HTML from `vite dev` middleware with `appType: 'custom'`
- Go to https://stackblitz.com/edit/vitejs-vite-9xhma4?file=main.js&terminal=dev-html
- "Open in New Tab"
- Edit URL to set query string to `?%22%3E%3C/script%3E%3Cscript%3Ealert(%27boom%27)%3C/script%3E` and navigate
- Witness XSS:
- 
- Example 2. Serving HTML from SSR-style Express server (Vite dev server runs in middleware mode):
- Go to https://stackblitz.com/edit/vitejs-vite-9xhma4?file=main.js&terminal=server
- (Same steps as above)
- Example 3. Plain `vite dev` (this shows that vanilla `vite dev` is _not_ vulnerable, provided `htmlFallbackMiddleware` is used)
- Go to https://stackblitz.com/edit/vitejs-vite-9xhma4?file=main.js&terminal=dev
- (Same steps as above)
- You should _not_ see the alert box in this case
### Detailed Impact
This will probably predominantly affect [development-mode SSR](https://vitejs.dev/guide/ssr#setting-up-the-dev-server ), where `vite.transformHtml` is called using the original `req.url`, per the docs:
7fd7c6cebf/docs/guide/ssr.md (L114-L126)https://togithub.com/vitejs/vite/releases/tag/v4.5.1 )
[Compare Source](https://togithub.com/vitejs/vite/compare/v4.5.0...v4.5.1 )
Please refer to [CHANGELOG.md](https://togithub.com/vitejs/vite/blob/v4.5.1/packages/vite/CHANGELOG.md ) for details.
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about these updates again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View repository job log [here](https://developer.mend.io/github/toeverything/AFFiNE ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44MS4zIiwidXBkYXRlZEluVmVyIjoiMzcuODEuMyIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSJ9-->
2023-12-06 08:55:32 +00:00
LongYinan
e5f8a58330
ci: refactor workflow ( #5139 )
...
Merge tests job into single one, reuse job as much as possible
2023-12-06 08:03:05 +00:00
LongYinan
37b1a54ec6
chore: bump up idb version to v8 ( #5198 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [idb](https://togithub.com/jakearchibald/idb ) | [`^7.1.1` -> `^8.0.0`](https://renovatebot.com/diffs/npm/idb/7.1.1/8.0.0 ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) |
---
### Release Notes
<details>
<summary>jakearchibald/idb (idb)</summary>
### [`v8.0.0`](https://togithub.com/jakearchibald/idb/compare/v7.1.1...v8.0.0 )
[Compare Source](https://togithub.com/jakearchibald/idb/compare/v7.1.1...v8.0.0 )
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View repository job log [here](https://developer.mend.io/github/toeverything/AFFiNE ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44MS4zIiwidXBkYXRlZEluVmVyIjoiMzcuODEuMyIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSJ9-->
2023-12-05 08:38:04 +00:00
LongYinan
e4c6db2d02
chore: bump up ava version to v6 ( #5195 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [ava](https://avajs.dev ) ([source](https://togithub.com/avajs/ava )) | [`^5.3.1` -> `^6.0.0`](https://renovatebot.com/diffs/npm/ava/5.3.1/6.0.0 ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) |
---
### Release Notes
<details>
<summary>avajs/ava (ava)</summary>
### [`v6.0.0`](https://togithub.com/avajs/ava/releases/tag/v6.0.0 )
[Compare Source](https://togithub.com/avajs/ava/compare/v5.3.1...v6.0.0 )
#### Breaking Changes
- AVA now requires Node.js versions 18.18, 20.8 or 21. Versions 14 and 16 are no longer supported. [#​3251](https://togithub.com/avajs/ava/issues/3251 ) [#​3216](https://togithub.com/avajs/ava/issues/3216 )
- When tests finish, worker threads or child processes are no longer exited through `proces.exit()`. If your test file does not exit on its own, the test run will time out. [#​3260](https://togithub.com/avajs/ava/issues/3260 )
- Changes to watch mode [#​3218](https://togithub.com/avajs/ava/issues/3218 ):
- Watch mode can no longer be started via the `ava.config.*` or `package.json` configuration.
- The `ignoredByWatcher` configuration has moved to the `watchMode` object, under the `ignoreChanges` key.
- Watch mode now uses the built-in [`fs.watch()`](https://nodejs.org/api/fs.html#fswatchfilename-options-listener ) in recursive mode. This is supported on Linux in Node.js 20 or newer, and MacOS and Windows in Node.js 18 as well. There are [caveats](https://nodejs.org/api/fs.html#caveats ) to keep in mind.
- Failed assertions now throw, meaning that any subsequent code is not executed. This also impacts the type definitions. [#​3246](https://togithub.com/avajs/ava/issues/3246 )
- [Only native errors](https://nodejs.org/api/util.html#utiltypesisnativeerrorvalue ) are now considered errors by the `t.throws()` and `t.throwsAsync()` assertions. [`Object.create(Error.prototype)` is **not** a native error](Object.create\(Error.prototype\)). [#​3229](https://togithub.com/avajs/ava/issues/3229 )
- Changes to modules loaded through the `require` configuration [#​3184](https://togithub.com/avajs/ava/issues/3184 ):
- If such modules export a default function, this function is now invoked.
- Local files are loaded through `@ava/typescript` if necessary.
#### Improvements
##### Rewritten watcher
The watcher has been rewritten. It’s now built on [`fs.watch()`](https://nodejs.org/api/fs.html#fswatchfilename-options-listener ) in recursive mode.
[`@vercel/nft`](https://togithub.com/vercel/nft ) is used to perform static dependency analysis, supporting ESM and CJS imports for JavaScript & TypeScript source files. This is a huge improvement over the previous runtime tracking of CJS imports, which did not support ESM.
Integration with [`@ava/typescript`](https://togithub.com/avajs/typescript ) has been improved. The watcher can now detect a change to a TypeScript source file, then wait for the corresponding build output to change before re-running tests.
The ignoredByWatcher configuration has moved to the watchMode object, under the ignoreChanges key.
See [#​3218](https://togithub.com/avajs/ava/issues/3218 ) and [#​3257](https://togithub.com/avajs/ava/issues/3257 ).
##### Failed assertions now throw
Assertions now throw a `TestFailure` error when they fail. This error is not exported or documented and should not be used or thrown manually. You cannot catch this error in order to recover from a failure, use `t.try()` instead.
All assertions except for `t.throws()` and `t.throwsAsync()` now return `true` when they pass. This is useful for some of the assertions in TypeScript where they can be used as a type guard.
Committing a failed `t.try()` result now also throws.
See [#​3246](https://togithub.com/avajs/ava/issues/3246 ).
##### `t.throws()` and `t.throwsAsync()` can now expect any error
By default, the thrown error (or rejection reason) must be a native error. You can change the assertion to expect any kind of error by setting `any: true` in the expectation object:
```js
t.throws(() => { throw 'error' }, {any: true})
```
See [#​3245](https://togithub.com/avajs/ava/issues/3245 ) by [@​adiSuper94](https://togithub.com/adiSuper94 ).
##### The `require` configuration is now more powerful
It now loads ES modules.
Local files are loaded through `@ava/typescript` if necessary, so you can also write these in TypeScript.
If there is a default export function, it is invoked after loading. The function is awaited so it can do asynchronous setup before further modules are loaded. Arguments from the configuration can be passed to the function (as a \[[structured clone](https://developer.mozilla.org/en-US/docs/Web/API/structuredClone )]\(https://developer.mozilla.org/en-US/docs/Web/API/structuredClone )).
See [#​3184](https://togithub.com/avajs/ava/issues/3184 ) by [@​sculpt0r](https://togithub.com/sculpt0r ).
##### Other changes worth noting
- Internal events can now be observed (experimentally). See [#​3247](https://togithub.com/avajs/ava/issues/3247 ) by [@​codetheweb](https://togithub.com/codetheweb ). It’s experimental and undocumented.
- You can now use `t.timeout.clear()` to restore a previous `t.timeout()`. [#​3221](https://togithub.com/avajs/ava/issues/3221 )
- Code coverage is flushed to disk at opportune moments. [#​3220](https://togithub.com/avajs/ava/issues/3220 )
#### New Contributors
- [@​sculpt0r](https://togithub.com/sculpt0r ) made their first contribution in [https://github.com/avajs/ava/pull/3184 ](https://togithub.com/avajs/ava/pull/3184 )
- [@​ZachHaber](https://togithub.com/ZachHaber ) made their first contribution in [https://github.com/avajs/ava/pull/3233 ](https://togithub.com/avajs/ava/pull/3233 )
- [@​adiSuper94](https://togithub.com/adiSuper94 ) made their first contribution in [https://github.com/avajs/ava/pull/3245 ](https://togithub.com/avajs/ava/pull/3245 )
- [@​bricker](https://togithub.com/bricker ) made their first contribution in [https://github.com/avajs/ava/pull/3250 ](https://togithub.com/avajs/ava/pull/3250 )
**Full Changelog**: https://github.com/avajs/ava/compare/v5.3.1...v6.0.0
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View repository job log [here](https://developer.mend.io/github/toeverything/AFFiNE ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44MS4zIiwidXBkYXRlZEluVmVyIjoiMzcuODEuMyIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSJ9-->
2023-12-05 06:19:00 +00:00
LongYinan
1dacb21178
chore: bump up @dnd-kit/modifiers version to v7 ( #5189 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [@dnd-kit/modifiers](https://togithub.com/clauderic/dnd-kit ) ([source](https://togithub.com/clauderic/dnd-kit/tree/HEAD/packages/modifiers )) | [`^6.0.1` -> `^7.0.0`](https://renovatebot.com/diffs/npm/@dnd-kit%2fmodifiers/6.0.1/7.0.0 ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) |
---
### Release Notes
<details>
<summary>clauderic/dnd-kit (@​dnd-kit/modifiers)</summary>
### [`v7.0.0`](https://togithub.com/clauderic/dnd-kit/blob/HEAD/packages/modifiers/CHANGELOG.md#700 )
[Compare Source](https://togithub.com/clauderic/dnd-kit/compare/@dnd-kit/modifiers@6.0.1...@dnd-kit/modifiers@7.0.0 )
##### Patch Changes
- Updated dependencies \[[`bc588c7`](bc588c7f7bb417f0f94bf342d5efd9https://togithub.com/dnd-kit/core )[@​6](https://togithub.com/6 ).1.0
- [@​dnd-kit/utilities](https://togithub.com/dnd-kit/utilities )[@​3](https://togithub.com/3 ).2.2
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View repository job log [here](https://developer.mend.io/github/toeverything/AFFiNE ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44MS4zIiwidXBkYXRlZEluVmVyIjoiMzcuODEuMyIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSJ9-->
2023-12-05 04:05:29 +00:00
LongYinan
f3e717ee5f
chore: bump up @opentelemetry/instrumentation-ioredis version to ^0.36.0 ( #5186 )
...
[](https://renovatebot.com )
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [@opentelemetry/instrumentation-ioredis](https://togithub.com/open-telemetry/opentelemetry-js-contrib/tree/main/plugins/node/opentelemetry-instrumentation-ioredis#readme ) ([source](https://togithub.com/open-telemetry/opentelemetry-js-contrib )) | [`^0.35.3` -> `^0.36.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2finstrumentation-ioredis/0.35.3/0.36.0 ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) | [](https://docs.renovatebot.com/merge-confidence/ ) |
---
### Release Notes
<details>
<summary>open-telemetry/opentelemetry-js-contrib (@​opentelemetry/instrumentation-ioredis)</summary>
### [`v0.36.0`](607d375595...a757b5e443607d375595...a757b5e443📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box
---
This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/ ). View repository job log [here](https://developer.mend.io/github/toeverything/AFFiNE ).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44MS4zIiwidXBkYXRlZEluVmVyIjoiMzcuODEuMyIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSJ9-->
2023-12-05 03:46:25 +00:00
LongYinan
56b37c481e
chore: bump @adobe/css-tools from 4.3.1 to 4.3.2 ( #5181 )
...
Bumps [@adobe/css-tools](https://github.com/adobe/css-tools ) from 4.3.1 to 4.3.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/adobe/css-tools/blob/main/History.md "><code>@adobe/css-tools</code>'s changelog</a>.</em></p>
<blockquote>
<h1>4.3.2 / 2023-11-28</h1>
<ul>
<li>Fix redos vulnerability with specific crafted css string - CVE-2023-48631</li>
<li>Fix Problem parsing with :is() and nested :nth-child() <a href="https://redirect.github.com/adobe/css-tools/issues/211 ">#211</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/adobe/css-tools/commits ">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/toeverything/AFFiNE/network/alerts ).
</details>
2023-12-04 14:59:50 +00:00
Flrande
a2784c352f
chore: bump blocksuite ( #5138 )
2023-12-04 12:02:35 +00:00
Cats Juice
d911d21d1c
feat(component): add storybook ( #5079 )
2023-12-04 08:32:19 +00:00
Cats Juice
9c50dbc362
feat(core): remove all imports from design/component ( #5078 )
...
feat(core): remove all imports from design/component
feat(plugin): remove imports from design-components
feat(storybook): remove design-components imoprts
feat(core): remove
fix(component): remove design/component import in local-demo-tip
2023-12-04 08:32:16 +00:00
Cats Juice
0abadbe7bb
refactor(component): migrate design components ( #5000 )
...
```[tasklist]
### Tasks
- [x] Migrate components from [design](https://github.com/toeverything/design )
- [x] Replace all imports from `@toeverything/components`
- [x] Clean up `@toeverything/components` dependencies
- [x] Storybook
```
### Influence
Here are all the components that are influenced by `@toeverything/components`
- `@affine/component`
- App update `Button` `Tooltip`
- App sidebar header `IconButton`, `Tooltip`
- Back `Button`
- Auth
- Change email page save `Button`
- Change password page all `Button`s (Save, Later, Open)
- Confirm change email `Button`
- Set password page `Button`
- Sign in success page `Button`
- Sign up page `Button`
- Auth `Modal`
- Workspace card `Avatar`, `Divider`, `Tooltip`, `IconButton`
- Share
- Disable shared public link `Modal`
- Import page `IconButton`, `Tooltip`
- Accept invite page `Avatar`, `Button`
- Invite member `Modal`
- 404 Page `Avatar`, `Button`, `IconButton`, `Tooltip`
- Notification center `IconButton`
- Page list
- operation cell `IconButton`, `Menu`, `ConfirmModal`, `Tooltip`
- tags more `Menu`
- favorite `IconButton`, `Tooltip`
- new page dropdown `Menu`
- filter `Menu`, `Button`, `IconButton`
- Page operation `Menu`
- export `MenuItem`
- move to trash `MenuItem`, `ConfirmModal`
- Workspace header filter `Menu`, `Button`
- Collection bar `Button`, `Tooltip` (*⚠️ seems not used*)
- Collection operation `Menu`, `MenuItem`
- Create collection `Modal`, `Button`
- Edit collection `Modal`, `Button`
- Page mode filter `Menu`
- Page mode `Button`, `Menu`
- Setting modal
- storage usage progress `Button`, `Tooltip`
- On boarding tour `Modal`
- `@affine/core`
- Bookmark `Menu`
- Affine error boundary `Button`
- After sign in send email `Button`
- After sign up send email `Button`
- Send email `Button`
- Sign in `Button`
- Subscription redirect `Loading`, `Button`
- Setting `Modal`
- User plan button `Tooltip`
- Members `Avatar`, `Button`, `IconButton`, `Loading`, `Tooltip`, `Menu`
- Profile `Button`, `Avatar`
- Workspace
- publish panel `Button`, `Tooltip`
- export panel `Button`
- storage panel `Button`, `Tooltip`
- delete `ConfirmModal`
- Language `Menu`
- Account setting `Avatar`, `Button`
- Date format setting `Menu`
- Billing `Button`, `IconButton`, `Loading`
- Payment plans `Button`, `ConfirmModal`, `Modal`, `Tooltip`
- Create workspace `Modal`, `ConfirmModal`, `Button`
- Payment disabled `ConfirmModal`
- Share/Export `Menu`, `Button`, `Divider`
- Sign out `ConfirmModal`
- Temp disable affine cloud `Modal`
- Page detail operation `Menu`
- Blocksuite mode switch `Tooltip`
- Login card `Avatar`
- Help island `Tooltip`
- `plugin`
- copilot
- hello world
- image preview
- outline
2023-12-04 08:32:12 +00:00
LongYinan
1f7654e80f
chore: bump @adobe/css-tools from 4.3.1 to 4.3.2 ( #5154 )
...
Bumps [@adobe/css-tools](https://github.com/adobe/css-tools ) from 4.3.1 to 4.3.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/adobe/css-tools/blob/main/History.md "><code>@adobe/css-tools</code>'s changelog</a>.</em></p>
<blockquote>
<h1>4.3.2 / 2023-11-28</h1>
<ul>
<li>Fix redos vulnerability with specific crafted css string - CVE-2023-48631</li>
<li>Fix Problem parsing with :is() and nested :nth-child() <a href="https://redirect.github.com/adobe/css-tools/issues/211 ">#211</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/adobe/css-tools/commits ">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/toeverything/AFFiNE/network/alerts ).
</details>
2023-12-01 08:52:40 +00:00
Joooye_34
eb7d293aaa
fix(core): implement editor timeout and report error from boundary ( #5105 ) ( #5151 )
...
fix(core): implement editor timeout and report error from boundary (#5105 )
ci: add sentry env when frontend assets build (#5131 )
fix(core): expose catched editor load error (#5133 )
fix(infra): use blocksuite api to check compatibility (#5137 )
fix(infra): compatibility logic follow blocksuite (#5143 )
fix(core): rerender error boundary when route change and improve sentry report (#5147 )
2023-12-01 07:25:08 +00:00
JimmFly
23518cae16
feat(core): add manual check for updates ( #4957 )
...
work for #4523
add `appBuildType` to `runtimeConfig`
add `useAppUpdater` to manage client updates
<!--
copilot:summary
-->
### <samp>🤖 [[deprecated]](https://githubnext.com/copilot-for-prs-sunset ) Generated by Copilot at cdd012c</samp>
This pull request refactors and enhances the update functionality for the frontend. It introduces a new custom hook `useAppUpdater` that simplifies the update logic and state management, and uses it in various components and commands. It also adds more options and feedback for the user to control and monitor the update process, such as manual download, auto-check, and auto-download toggles, and update status and progress indicators. It also updates the `AboutAffine` component to show the app icon, version, and build type. It also adds new translations, dependencies, types, and schemas related to the update functionality.
<img width="1073" alt="image" src="https://github.com/toeverything/AFFiNE/assets/102217452/16ae7a6a-0035-4e57-902b-6b8f63169501 ">
2023-11-29 13:31:25 +00:00
LongYinan
a2b8a073cc
ci: pr title lint job does not need to install all dependencies ( #5124 )
2023-11-29 09:51:14 +00:00
liuyi
89f267a3fe
refactor(server): simplify metrics creation and usage ( #5115 )
2023-11-29 08:05:08 +00:00
LongYinan
a843dcd851
fix: resolve cycle imports and prevent it by oxlint ( #5103 )
2023-11-29 04:43:27 +00:00
LongYinan
b73e87e4ad
chore: upgrade typescript-eslint ( #5110 )
2023-11-29 04:43:23 +00:00
Peng Xiao
71d6b730f7
chore: bump blocksuite ( #5051 )
...
https://github.com/toeverything/blocksuite/pull/5337
2023-11-27 04:46:23 +00:00
liuyi
91efca107a
refactor(server): standarderlize metrics and trace with OTEL ( #5054 )
...
you can now export span to Zipkin and metrics to Prometheus when developing locally
follow the docs of OTEL: https://opentelemetry.io/docs/instrumentation/js/exporters/
<img width="2357" alt="image" src="https://github.com/toeverything/AFFiNE/assets/8281226/ec615e1f-3e91-43f7-9111-d7d2629e9679 ">
2023-11-24 15:19:22 +00:00
Joooye_34
317ca7f4e7
ci: fix storybook publish problem ( #5047 )
2023-11-23 23:38:09 +08:00
JimmFly
4168551783
chore: bump icons version ( #5042 )
2023-11-23 12:00:51 +00:00
LongYinan
55c6477bcc
fix(electron): appimage forge builder ( #5043 )
2023-11-23 11:46:50 +00:00
Peng Xiao
ae8329c590
chore(core): update react-resizable-panels ( #5041 )
...
`react-resizable-panels` will throw some errors sometime when showing history modal dialog.
I haven't checked the root cause, but upgrade it to the latest will get rid of the error.
2023-11-23 09:20:12 +00:00
EYHN
23e0137ed8
refactor(workspace): blob sync ( #5037 )
...
This pr implements a blob engine.
It exposes a single `BlobStorage` to the `blocksuite`, and in it we sync blobs between multiple storages.
The implement still have few issues, but we can merge this pr first and fix them in future.
* BlobEngine currently **do nothing when delete**, because synchronization logic conflicts with deletion logic.
* BlobEngine sync between storages by querying the blob list at regular intervals. This will **cause many queries**, we can avoid this in the future by subscribing to remote changes.
2023-11-23 07:56:19 +00:00
LongYinan
3499dbbb7f
feat: upgrade dependencies and lockfile ( #5016 )
...
- Close https://github.com/toeverything/AFFiNE/security/dependabot/47
2023-11-23 05:18:05 +00:00
Flrande
d7d47853fe
chore: bump blocksuite ( #5030 )
2023-11-22 20:51:35 +08:00
Flrande
a3d880daa3
chore: bump blocksuite ( #5026 )
2023-11-22 20:12:52 +08:00
liuyi
d1476495ae
feat(server): impl doc history ( #5004 )
2023-11-22 07:56:59 +00:00
Peng Xiao
3839a9bd15
build(electron): asar ( #4965 )
...
Due to restrictions on how Electron package works, the `node_modules` should not be hoisted and not to use s/h-links at all. This is why we need to have two separate installs for electron and non-electron packages in the build.
Tested via the following script
```bash
#!/bin/bash
echo "step 1: clean up"
find . -name "node_modules" -prune -exec rm -rf '{}' +
# git clean -dfX
build_type=canary
echo "step 2: install web dependencies"
# firstly, build web static
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 SENTRYCLI_SKIP_DOWNLOAD=1 PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 HUSKY=1 yarn
echo "step 3: generate assets"
BUILD_TYPE="$build_type" yarn workspace @affine/electron generate-assets
# cleanup node_modules
find . -name "node_modules" -prune -exec rm -rf '{}' +
echo "step 4: install electron dependencies"
# install electron deps
yarn config set nmHoistingLimits workspaces
yarn config set enableScripts false
yarn config set nmMode classic
PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD=1 HUSKY=0 yarn workspaces focus @affine/electron @affine/monorepo
echo "step 5: build native"
# build native
yarn workspace @affine/native build
yarn workspace @affine/storage build
echo "step 6: build electron"
# build electron
yarn workspace @affine/electron build
echo "step 7: package electron"
# package
SKIP_GENERATE_ASSETS=1 BUILD_TYPE="$build_type" HOIST_NODE_MODULES=1 yarn workspace @affine/electron package
```
2023-11-21 17:44:30 +00:00
Cats Juice
57d42bf491
refactor(core): remove all MUI related components and utilities ( #4941 )
2023-11-20 10:51:28 +08:00
EYHN
aa4c7407de
refactor: new provider ( #4900 )
2023-11-17 15:50:01 +08:00
Flrande
8b2c3d4c41
chore: bump blocksuite ( #4958 )
2023-11-16 22:01:03 +08:00
LongYinan
5b0b8cf216
test(e2e): add subdoc migration test ( #4921 )
...
test(e2e): add subdoc migration test
fix: remove .only
2023-11-14 14:39:59 +08:00
Peng Xiao
a8d89254ce
fix(electron): dev reload ( #4911 )
2023-11-12 03:19:27 +00:00
Joooye_34
30bac7dce2
ci(core): eslint errors for core ( #4662 )
2023-11-10 10:25:59 +00:00
Yifeng Wang
28177657ef
chore: bump theme ( #4904 )
...
Co-authored-by: 李华桥 <joooye1991@gmail.com >
2023-11-10 15:42:06 +08:00
Yifeng Wang
2117d6b232
chore: bump blocksuite ( #4901 )
2023-11-10 13:23:29 +08:00
LongYinan
839f500979
ci: disable postinstall on macOS build ( #4885 )
2023-11-09 11:58:55 +00:00
Peng Xiao
442115632b
chore(component): bump bs ( #4880 )
2023-11-09 04:47:10 +00:00
Joooye_34
a8bff81a7e
ci: use resolutions to resolve building error in mac-os ( #4878 )
2023-11-09 02:43:47 +00:00
Hongtao Lye
12c72e63b1
chore: bump blocksuite version ( #4862 )
2023-11-08 07:12:48 +00:00
Peng Xiao
cfffcad1b8
fix(core): adapt blob in sqlite for svg type ( #4845 )
2023-11-06 10:09:48 +00:00
JimmFly
9664d142ad
feat(core): temporary expansion files are limited to 100M ( #4833 )
2023-11-06 06:38:46 +00:00
Peng Xiao
7e381e830a
perf(core): load all pages after 10s ( #4834 )
2023-11-03 09:42:29 +00:00
