{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":206620712,"defaultBranch":"main","name":"statusboard","ownerLogin":"npm","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2019-09-05T17:29:00.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/6078720?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1714784070.0","currentOid":""},"activityList":{"items":[{"before":"c4e52e60a7d7208d944450655bf99248fb43f44a","after":"1bc59351f52b08f1d7b9e9cad45f4e150ca21d64","ref":"refs/heads/dependabot/npm_and_yarn/main/proc-log-4.2.0","pushedAt":"2024-05-04T00:55:39.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"deps: bump proc-log from 3.0.0 to 4.2.0\n\nBumps [proc-log](https://github.com/npm/proc-log) from 3.0.0 to 4.2.0.\n- [Release notes](https://github.com/npm/proc-log/releases)\n- [Changelog](https://github.com/npm/proc-log/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/npm/proc-log/compare/v3.0.0...v4.2.0)\n\n---\nupdated-dependencies:\n- dependency-name: proc-log\n dependency-type: direct:production\n update-type: version-update:semver-major\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"deps: bump proc-log from 3.0.0 to 4.2.0"}},{"before":"fff05fefca9356a640e03edfd3be9b2db17920bb","after":"f64c860634afe37fdae9789ea8d6ce8f8bb38e19","ref":"refs/heads/dependabot/npm_and_yarn/main/octokit/graphql-8.1.1","pushedAt":"2024-05-04T00:55:28.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"deps: bump @octokit/graphql from 7.0.2 to 8.1.1\n\nBumps [@octokit/graphql](https://github.com/octokit/graphql.js) from 7.0.2 to 8.1.1.\n- [Release notes](https://github.com/octokit/graphql.js/releases)\n- [Commits](https://github.com/octokit/graphql.js/compare/v7.0.2...v8.1.1)\n\n---\nupdated-dependencies:\n- dependency-name: \"@octokit/graphql\"\n dependency-type: direct:production\n update-type: version-update:semver-major\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"deps: bump @octokit/graphql from 7.0.2 to 8.1.1"}},{"before":"5e131dc2a0cc9389381ab1ba44a2c45f61086f01","after":"b37d334ff9f250de71ba178c7e7e94932d0181b5","ref":"refs/heads/main","pushedAt":"2024-05-04T00:54:30.000Z","pushType":"pr_merge","commitsCount":3,"pusher":{"login":"lukekarrys","name":"Luke Karrys","path":"/lukekarrys","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/542108?s=80&v=4"},"commit":{"message":"fix(linting): no-unused-vars","shortMessageHtmlLink":"fix(linting): no-unused-vars"}},{"before":"d1a797f8c6d2208f18be5b7e3d6dca5b3c08ea50","after":null,"ref":"refs/heads/stafftools/update-template-oss","pushedAt":"2024-05-04T00:54:30.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"lukekarrys","name":"Luke Karrys","path":"/lukekarrys","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/542108?s=80&v=4"}},{"before":"6529c13ca004bf8daf0c2b9b4b6c22262aac4221","after":"d1a797f8c6d2208f18be5b7e3d6dca5b3c08ea50","ref":"refs/heads/stafftools/update-template-oss","pushedAt":"2024-05-04T00:40:14.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"lukekarrys","name":"Luke Karrys","path":"/lukekarrys","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/542108?s=80&v=4"},"commit":{"message":"fix(linting): no-unused-vars","shortMessageHtmlLink":"fix(linting): no-unused-vars"}},{"before":"653591556c6de1d4de0c8e0f0a67297cb14fe690","after":"c4e52e60a7d7208d944450655bf99248fb43f44a","ref":"refs/heads/dependabot/npm_and_yarn/main/proc-log-4.2.0","pushedAt":"2024-05-04T00:38:07.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"deps: bump proc-log from 3.0.0 to 4.2.0\n\nBumps [proc-log](https://github.com/npm/proc-log) from 3.0.0 to 4.2.0.\n- [Release notes](https://github.com/npm/proc-log/releases)\n- [Changelog](https://github.com/npm/proc-log/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/npm/proc-log/compare/v3.0.0...v4.2.0)\n\n---\nupdated-dependencies:\n- dependency-name: proc-log\n dependency-type: direct:production\n update-type: version-update:semver-major\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"deps: bump proc-log from 3.0.0 to 4.2.0"}},{"before":"a61887e083caf126b61454126423ee4bf7cbf982","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/main/pacote-18.0.3","pushedAt":"2024-05-04T00:37:19.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"lukekarrys","name":"Luke Karrys","path":"/lukekarrys","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/542108?s=80&v=4"}},{"before":"b6a5bc078b6abc6049a16233813f0993fdfd74a0","after":"5e131dc2a0cc9389381ab1ba44a2c45f61086f01","ref":"refs/heads/main","pushedAt":"2024-05-04T00:37:18.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"lukekarrys","name":"Luke Karrys","path":"/lukekarrys","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/542108?s=80&v=4"},"commit":{"message":"deps: bump pacote from 17.0.7 to 18.0.3 (#830)\n\nBumps [pacote](https://github.com/npm/pacote) from 17.0.7 to 18.0.3.\r\n
\r\nRelease notes\r\n

Sourced from pacote's\r\nreleases.

\r\n
\r\n

v18.0.3

\r\n

18.0.3\r\n(2024-04-30)

\r\n

Dependencies

\r\n
    \r\n
  • 5ecce7a\r\n#360\r\nnpm-registry-fetch@17.0.0 (#360)
    • \r\n
\r\n

v18.0.2

\r\n

18.0.2\r\n(2024-04-24)

\r\n

Bug Fixes

\r\n
    \r\n
  • 116b277\r\n#358 don't\r\nstrip underscore attributes in .manifest() (#358) (@​wraithgar)
    • \r\n
\r\n

v18.0.1

\r\n

18.0.1\r\n(2024-04-23)

\r\n

Bug Fixes

\r\n
    \r\n
  • b547e0d\r\n#356 use\r\n@​npmcli/package-json (#356) (@​lukekarrys)
    • \r\n
\r\n

v18.0.0

\r\n

18.0.0\r\n(2024-04-15)

\r\n

⚠️ BREAKING CHANGES

\r\n
    \r\n
  • The silent option was used to control whether\r\n@npmcli/run-script would write a banner via\r\nconsole.log. Now ouput will be emitted via an\r\nprocess.emit('output').
    • \r\n
\r\n

Features

\r\n
    \r\n
  • 0c04569\r\n#352\r\nremove silent option (@​lukekarrys)
    • \r\n
\r\n

Dependencies

\r\n
    \r\n
  • cb3abc2\r\n#352 bump\r\n@​npmcli/run-script from 7.0.4 to 8.0.0 (@​dependabot[bot])
    • \r\n
\r\n

Chores

\r\n
    \r\n
  • 7089bb1\r\n#355\r\npostinstall for dependabot template-oss PR (@​lukekarrys)
    • \r\n
  • 4952672\r\n#355 bump\r\n@​npmcli/template-oss from 4.21.3 to 4.21.4 (@​dependabot[bot])
    • \r\n
\r\n
\r\n
\r\n
\r\nChangelog\r\n

Sourced from pacote's\r\nchangelog.

\r\n
\r\n

18.0.3\r\n(2024-04-30)

\r\n

Dependencies

\r\n
    \r\n
  • 5ecce7a\r\n#360\r\nnpm-registry-fetch@17.0.0 (#360)
    • \r\n
\r\n

18.0.2\r\n(2024-04-24)

\r\n

Bug Fixes

\r\n
    \r\n
  • 116b277\r\n#358 don't\r\nstrip underscore attributes in .manifest() (#358) (@​wraithgar)
    • \r\n
\r\n

18.0.1\r\n(2024-04-23)

\r\n

Bug Fixes

\r\n
    \r\n
  • b547e0d\r\n#356 use\r\n@​npmcli/package-json (#356) (@​lukekarrys)
    • \r\n
\r\n

18.0.0\r\n(2024-04-15)

\r\n

⚠️ BREAKING CHANGES

\r\n
    \r\n
  • The silent option was used to control whether\r\n@npmcli/run-script would write a banner via\r\nconsole.log. Now ouput will be emitted via an\r\nprocess.emit('output').
    • \r\n
\r\n

Features

\r\n
    \r\n
  • 0c04569\r\n#352\r\nremove silent option (@​lukekarrys)
    • \r\n
\r\n

Dependencies

\r\n
    \r\n
  • cb3abc2\r\n#352 bump\r\n@​npmcli/run-script from 7.0.4 to 8.0.0 (@​dependabot[bot])
    • \r\n
\r\n

Chores

\r\n
    \r\n
  • 7089bb1\r\n#355\r\npostinstall for dependabot template-oss PR (@​lukekarrys)
    • \r\n
  • 4952672\r\n#355 bump\r\n@​npmcli/template-oss from 4.21.3 to 4.21.4 (@​dependabot[bot])
    • \r\n
\r\n
\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • 8ae0b79\r\nchore: release 18.0.3 (#361)
    • \r\n
  • 5ecce7a\r\ndeps: npm-registry-fetch@17.0.0 (#360)
    • \r\n
  • c4f6821\r\nchore: release 18.0.2 (#359)
    • \r\n
  • 116b277\r\nfix: don't strip underscore attributes in .manifest() (#358)
    • \r\n
  • 0cd82be\r\nchore: release 18.0.1 (#357)
    • \r\n
  • b547e0d\r\nfix: use @​npmcli/package-json (#356)
    • \r\n
  • 066ead2\r\nchore: release 18.0.0 (#354)
    • \r\n
  • 7089bb1\r\nchore: postinstall for dependabot template-oss PR
    • \r\n
  • 4952672\r\nchore: bump @​npmcli/template-oss from 4.21.3 to\r\n4.21.4
    • \r\n
  • 0c04569\r\nfeat!: remove silent option
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pacote&package-manager=npm_and_yarn&previous-version=17.0.7&new-version=18.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\n\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"deps: bump pacote from 17.0.7 to 18.0.3 (#830)"}},{"before":"2d1cfb9d19865136b5757dff977999a0693bdf26","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/undici-5.28.4","pushedAt":"2024-05-04T00:36:57.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"lukekarrys","name":"Luke Karrys","path":"/lukekarrys","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/542108?s=80&v=4"}},{"before":"ab0f5a995181a308239a0d78729dda06efdcf886","after":"b6a5bc078b6abc6049a16233813f0993fdfd74a0","ref":"refs/heads/main","pushedAt":"2024-05-04T00:36:56.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"lukekarrys","name":"Luke Karrys","path":"/lukekarrys","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/542108?s=80&v=4"},"commit":{"message":"chore(deps-dev): bump undici from 5.28.2 to 5.28.4 (#814)\n\nBumps [undici](https://github.com/nodejs/undici) from 5.28.2 to 5.28.4.\r\n
\r\nRelease notes\r\n

Sourced from undici's\r\nreleases.

\r\n
\r\n

v5.28.4

\r\n

:warning: Security Release :warning:

\r\n
    \r\n
  • Fixes https://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7\r\nCVE-2024-30260
    • \r\n
  • Fixes https://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672\r\nCVE-2024-30261
    • \r\n
\r\n

Full Changelog: https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4

\r\n

v5.28.3

\r\n

⚠️ Security Release ⚠️

\r\n

Fixes:

\r\n
    \r\n
  • CVE-2024-24758\r\nProxy-Authorization header not cleared on cross-origin redirect in\r\nfetch
    • \r\n
\r\n

Full Changelog: https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3

\r\n
\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • fb98306\r\nBumped v5.28.4
    • \r\n
  • 2b39440\r\nMerge pull request from GHSA-9qxr-qj54-h672
    • \r\n
  • 64e3402\r\nMerge pull request from GHSA-m4v8-wqvr-p9f7
    • \r\n
  • 723c4e7\r\nRevert "build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 (#2389)"
    • \r\n
  • 0e9d54b\r\nskip failing test due to Node.js changes
    • \r\n
  • e71cb4c\r\nBumped v5.28.3
    • \r\n
  • 20c65b8\r\nFix tests for Node.js v20.11.0 (#2618)
    • \r\n
  • 8ec52cd\r\nFix tests for Node.js v21 (#2609)
    • \r\n
  • d3aa574\r\nMerge pull request from GHSA-3787-6prv-h9w3
    • \r\n
  • See full diff in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=undici&package-manager=npm_and_yarn&previous-version=5.28.2&new-version=5.28.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nDependabot will resolve any conflicts with this PR as long as you don't\r\nalter it yourself. You can also trigger a rebase manually by commenting\r\n`@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\nYou can disable automated security fix PRs for this repo from the\r\n[Security Alerts\r\npage](https://github.com/npm/statusboard/network/alerts).\r\n\r\n
\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"chore(deps-dev): bump undici from 5.28.2 to 5.28.4 (#814)"}},{"before":"0d4fb08299c73a709a69b1acdd7b9bf39d7af716","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/main/esbuild-0.20.2","pushedAt":"2024-05-04T00:35:18.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"lukekarrys","name":"Luke Karrys","path":"/lukekarrys","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/542108?s=80&v=4"}},{"before":"9883ee8415ab26e4618e3032fce4cfb413845a78","after":"ab0f5a995181a308239a0d78729dda06efdcf886","ref":"refs/heads/main","pushedAt":"2024-05-04T00:35:17.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"lukekarrys","name":"Luke Karrys","path":"/lukekarrys","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/542108?s=80&v=4"},"commit":{"message":"deps: bump esbuild from 0.20.1 to 0.20.2 (#804)\n\nBumps [esbuild](https://github.com/evanw/esbuild) from 0.20.1 to 0.20.2.\r\n
\r\nRelease notes\r\n

Sourced from esbuild's\r\nreleases.

\r\n
\r\n

v0.20.2

\r\n
    \r\n
  • \r\n

    Support TypeScript experimental decorators on abstract\r\nclass fields (#3684)

    \r\n

    With this release, you can now use TypeScript experimental decorators\r\non abstract class fields. This was silently compiled\r\nincorrectly in esbuild 0.19.7 and below, and was an error from esbuild\r\n0.19.8 to esbuild 0.20.1. Code such as the following should now work\r\ncorrectly:

    \r\n
    // Original code\r\nconst log = (x: any, y: string) => console.log(y)\r\nabstract class Foo { @log abstract foo: string }\r\nnew class extends Foo { foo = '' }\r\n
    // Old output (with --loader=ts\r\n--tsconfig-raw={&quot;compilerOptions&quot;:{&quot;experimentalDecorators&quot;:true}})\r\nconst log = (x, y) => console.log(y);\r\nclass Foo {\r\n}\r\nnew class extends Foo {\r\nfoo = "";\r\n}();
    \r\n
    // New output (with --loader=ts\r\n--tsconfig-raw={&quot;compilerOptions&quot;:{&quot;experimentalDecorators&quot;:true}})\r\nconst log = (x, y) => console.log(y);\r\nclass Foo {\r\n}\r\n__decorateClass([\r\nlog\r\n], Foo.prototype, "foo", 2);\r\nnew class extends Foo {\r\nfoo = "";\r\n}();\r\n

    \r\n
    • \r\n
  • \r\n

    JSON loader now preserves __proto__ properties (#3700)

    \r\n

    Copying JSON source code into a JavaScript file will change its\r\nmeaning if a JSON object contains the __proto__ key. A\r\nliteral __proto__ property in a JavaScript object literal\r\nsets the prototype of the object instead of adding a property named\r\n__proto__, while a literal __proto__ property\r\nin a JSON object literal just adds a property named\r\n__proto__. With this release, esbuild will now work around\r\nthis problem by converting JSON to JavaScript with a computed property\r\nkey in this case:

    \r\n
    // Original code\r\nimport data from\r\n'data:application/json,{"__proto__":{"fail":true}}'\r\nif (Object.getPrototypeOf(data)?.fail) throw 'fail'\r\n
    // Old output (with --bundle)\r\n(() => {\r\n//\r\n<data:application/json,{"proto":{"fail":true}}>\r\nvar json_proto_fail_true_default = { proto: { fail:\r\ntrue } };
    \r\n
    // entry.js\r\nif (Object.getPrototypeOf(json_proto_fail_true_default)?.fail)\r\nthrow "fail";\r\n})();
    \r\n

    \r\n
    • \r\n
\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nChangelog\r\n

Sourced from esbuild's\r\nchangelog.

\r\n
\r\n

0.20.2

\r\n
    \r\n
  • \r\n

    Support TypeScript experimental decorators on abstract\r\nclass fields (#3684)

    \r\n

    With this release, you can now use TypeScript experimental decorators\r\non abstract class fields. This was silently compiled\r\nincorrectly in esbuild 0.19.7 and below, and was an error from esbuild\r\n0.19.8 to esbuild 0.20.1. Code such as the following should now work\r\ncorrectly:

    \r\n
    // Original code\r\nconst log = (x: any, y: string) => console.log(y)\r\nabstract class Foo { @log abstract foo: string }\r\nnew class extends Foo { foo = '' }\r\n
    // Old output (with --loader=ts\r\n--tsconfig-raw={&quot;compilerOptions&quot;:{&quot;experimentalDecorators&quot;:true}})\r\nconst log = (x, y) => console.log(y);\r\nclass Foo {\r\n}\r\nnew class extends Foo {\r\nfoo = "";\r\n}();
    \r\n
    // New output (with --loader=ts\r\n--tsconfig-raw={&quot;compilerOptions&quot;:{&quot;experimentalDecorators&quot;:true}})\r\nconst log = (x, y) => console.log(y);\r\nclass Foo {\r\n}\r\n__decorateClass([\r\nlog\r\n], Foo.prototype, "foo", 2);\r\nnew class extends Foo {\r\nfoo = "";\r\n}();\r\n

    \r\n
    • \r\n
  • \r\n

    JSON loader now preserves __proto__ properties (#3700)

    \r\n

    Copying JSON source code into a JavaScript file will change its\r\nmeaning if a JSON object contains the __proto__ key. A\r\nliteral __proto__ property in a JavaScript object literal\r\nsets the prototype of the object instead of adding a property named\r\n__proto__, while a literal __proto__ property\r\nin a JSON object literal just adds a property named\r\n__proto__. With this release, esbuild will now work around\r\nthis problem by converting JSON to JavaScript with a computed property\r\nkey in this case:

    \r\n
    // Original code\r\nimport data from\r\n'data:application/json,{"__proto__":{"fail":true}}'\r\nif (Object.getPrototypeOf(data)?.fail) throw 'fail'\r\n
    // Old output (with --bundle)\r\n(() => {\r\n//\r\n<data:application/json,{"proto":{"fail":true}}>\r\nvar json_proto_fail_true_default = { proto: { fail:\r\ntrue } };
    \r\n
    // entry.js\r\nif (Object.getPrototypeOf(json_proto_fail_true_default)?.fail)\r\nthrow "fail";\r\n})();\r\n

    \r\n
    • \r\n
\r\n\r\n
\r\n

... (truncated)

\r\n
\r\n
\r\nCommits\r\n
    \r\n
  • 617edda\r\npublish 0.20.2 to npm
    • \r\n
  • 4780075\r\nfix #3700:\r\njson loader preserves __proto__ keys
    • \r\n
  • 30bed2d\r\nbetter errors for invalid js decorator syntax
    • \r\n
  • 300eeb7\r\nts: allow non-null assertions in js decorators
    • \r\n
  • 4d997d9\r\nfix #3698:\r\nyarn pnp edge case with tsconfig.json
    • \r\n
  • cf42954\r\nresolver: improve some debug logging
    • \r\n
  • b0765ae\r\nfix some lints
    • \r\n
  • dfa6206\r\nfix some comments (closes #3683)
    • \r\n
  • ae5cc17\r\nfix #3684:\r\nabstract experimental decorators
    • \r\n
  • c809af0\r\nfix #2388:\r\nallow consuming types without dom types (#3679)
    • \r\n
  • Additional commits viewable in compare\r\nview
    • \r\n
\r\n
\r\n
\r\n\r\n\r\n[![Dependabot compatibility\r\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=esbuild&package-manager=npm_and_yarn&previous-version=0.20.1&new-version=0.20.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\r\n\r\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\r\n\r\n[//]: # (dependabot-automerge-start)\r\n[//]: # (dependabot-automerge-end)\r\n\r\n---\r\n\r\n
\r\nDependabot commands and options\r\n
\r\n\r\nYou can trigger Dependabot actions by commenting on this PR:\r\n- `@dependabot rebase` will rebase this PR\r\n- `@dependabot recreate` will recreate this PR, overwriting any edits\r\nthat have been made to it\r\n- `@dependabot merge` will merge this PR after your CI passes on it\r\n- `@dependabot squash and merge` will squash and merge this PR after\r\nyour CI passes on it\r\n- `@dependabot cancel merge` will cancel a previously requested merge\r\nand block automerging\r\n- `@dependabot reopen` will reopen this PR if it is closed\r\n- `@dependabot close` will close this PR and stop Dependabot recreating\r\nit. You can achieve the same result by closing it manually\r\n- `@dependabot show ignore conditions` will show all\r\nof the ignore conditions of the specified dependency\r\n- `@dependabot ignore this major version` will close this PR and stop\r\nDependabot creating any more for this major version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this minor version` will close this PR and stop\r\nDependabot creating any more for this minor version (unless you reopen\r\nthe PR or upgrade to it yourself)\r\n- `@dependabot ignore this dependency` will close this PR and stop\r\nDependabot creating any more for this dependency (unless you reopen the\r\nPR or upgrade to it yourself)\r\n\r\n\r\n
\r\n\r\n> **Note**\r\n> Automatic rebases have been disabled on this pull request as it has\r\nbeen open for over 30 days.\r\n\r\nSigned-off-by: dependabot[bot] \r\nCo-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>","shortMessageHtmlLink":"deps: bump esbuild from 0.20.1 to 0.20.2 (#804)"}},{"before":"8c7c6b6cec0c1277a59f74d9f8693e8f143cdf73","after":"6529c13ca004bf8daf0c2b9b4b6c22262aac4221","ref":"refs/heads/stafftools/update-template-oss","pushedAt":"2024-05-03T21:45:46.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"lukekarrys","name":"Luke Karrys","path":"/lukekarrys","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/542108?s=80&v=4"},"commit":{"message":"fix(linting): no-unused-vars","shortMessageHtmlLink":"fix(linting): no-unused-vars"}},{"before":null,"after":"8c7c6b6cec0c1277a59f74d9f8693e8f143cdf73","ref":"refs/heads/stafftools/update-template-oss","pushedAt":"2024-05-03T18:48:50.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"lukekarrys","name":"Luke Karrys","path":"/lukekarrys","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/542108?s=80&v=4"},"commit":{"message":"chore: postinstall for dependabot template-oss PR","shortMessageHtmlLink":"chore: postinstall for dependabot template-oss PR"}},{"before":"2accd60328bb1b9c141798b6470f48cd4634c95b","after":"9883ee8415ab26e4618e3032fce4cfb413845a78","ref":"refs/heads/main","pushedAt":"2024-05-03T12:24:32.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"chore: update data","shortMessageHtmlLink":"chore: update data"}},{"before":"358d3f3a710be7b2265613dcfba2572e408aba90","after":"2accd60328bb1b9c141798b6470f48cd4634c95b","ref":"refs/heads/main","pushedAt":"2024-05-03T11:01:21.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"chore: update maintained projects","shortMessageHtmlLink":"chore: update maintained projects"}},{"before":"4ec24df47b1883aa02912ff9ca4615b94ff469c3","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/main/datatables.net-2.0.5","pushedAt":"2024-05-03T10:13:20.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"f4349776a47811462fa2820f06e316498aa73ccf","ref":"refs/heads/dependabot/npm_and_yarn/main/datatables.net-2.0.6","pushedAt":"2024-05-03T10:13:16.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"deps: bump datatables.net from 1.13.8 to 2.0.6\n\nBumps [datatables.net](https://github.com/DataTables/Dist-DataTables) from 1.13.8 to 2.0.6.\n- [Release notes](https://github.com/DataTables/Dist-DataTables/releases)\n- [Commits](https://github.com/DataTables/Dist-DataTables/compare/1.13.8...2.0.6)\n\n---\nupdated-dependencies:\n- dependency-name: datatables.net\n dependency-type: direct:production\n update-type: version-update:semver-major\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"deps: bump datatables.net from 1.13.8 to 2.0.6"}},{"before":"b0f9961a556f180bf885a81d9b274b6e406df9d4","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/main/datatables.net-bs4-2.0.5","pushedAt":"2024-05-03T10:12:56.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"00fbf8ccd716551d3e004e51a57e3d87fc1ee177","ref":"refs/heads/dependabot/npm_and_yarn/main/datatables.net-bs4-2.0.6","pushedAt":"2024-05-03T10:12:52.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"deps: bump datatables.net-bs4 from 1.13.8 to 2.0.6\n\nBumps [datatables.net-bs4](https://github.com/DataTables/Dist-DataTables-Bootstrap4) from 1.13.8 to 2.0.6.\n- [Release notes](https://github.com/DataTables/Dist-DataTables-Bootstrap4/releases)\n- [Commits](https://github.com/DataTables/Dist-DataTables-Bootstrap4/compare/1.13.8...2.0.6)\n\n---\nupdated-dependencies:\n- dependency-name: datatables.net-bs4\n dependency-type: direct:production\n update-type: version-update:semver-major\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"deps: bump datatables.net-bs4 from 1.13.8 to 2.0.6"}},{"before":"a5f07d47bb86851fff35e12bfbe554ab5a0a0d7e","after":"358d3f3a710be7b2265613dcfba2572e408aba90","ref":"refs/heads/main","pushedAt":"2024-05-02T12:23:29.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"chore: update data","shortMessageHtmlLink":"chore: update data"}},{"before":"2affe9235def04c882a871fc4043ee6049ae85b6","after":"a5f07d47bb86851fff35e12bfbe554ab5a0a0d7e","ref":"refs/heads/main","pushedAt":"2024-05-02T11:01:20.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"chore: update maintained projects","shortMessageHtmlLink":"chore: update maintained projects"}},{"before":"5e72a5f7f8fd76ce1152721523925e0d67d21b63","after":"2affe9235def04c882a871fc4043ee6049ae85b6","ref":"refs/heads/main","pushedAt":"2024-05-01T12:21:19.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"chore: update data","shortMessageHtmlLink":"chore: update data"}},{"before":"6a9b22a9f966cb58eb2c92234f245b961c0cc2b6","after":"5e72a5f7f8fd76ce1152721523925e0d67d21b63","ref":"refs/heads/main","pushedAt":"2024-05-01T11:01:14.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"chore: update maintained projects","shortMessageHtmlLink":"chore: update maintained projects"}},{"before":"57811243b4a81ceb88cf5af432aea0007480aa9d","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/main/pacote-18.0.2","pushedAt":"2024-05-01T09:27:09.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"a61887e083caf126b61454126423ee4bf7cbf982","ref":"refs/heads/dependabot/npm_and_yarn/main/pacote-18.0.3","pushedAt":"2024-05-01T09:27:06.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"deps: bump pacote from 17.0.7 to 18.0.3\n\nBumps [pacote](https://github.com/npm/pacote) from 17.0.7 to 18.0.3.\n- [Release notes](https://github.com/npm/pacote/releases)\n- [Changelog](https://github.com/npm/pacote/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/npm/pacote/compare/v17.0.7...v18.0.3)\n\n---\nupdated-dependencies:\n- dependency-name: pacote\n dependency-type: direct:production\n update-type: version-update:semver-major\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"deps: bump pacote from 17.0.7 to 18.0.3"}},{"before":"a4145fe416b9152ed534ec5c03d5275e2720c141","after":"6a9b22a9f966cb58eb2c92234f245b961c0cc2b6","ref":"refs/heads/main","pushedAt":"2024-04-30T12:29:13.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"chore: update data","shortMessageHtmlLink":"chore: update data"}},{"before":"f3b78549dd532881302205d2dad0b72a502d2400","after":"a4145fe416b9152ed534ec5c03d5275e2720c141","ref":"refs/heads/main","pushedAt":"2024-04-30T11:01:22.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"chore: update maintained projects","shortMessageHtmlLink":"chore: update maintained projects"}},{"before":"ba410044315c1d780dd37b1e6600060a159e79a5","after":"f3b78549dd532881302205d2dad0b72a502d2400","ref":"refs/heads/main","pushedAt":"2024-04-29T12:47:14.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"chore: update data","shortMessageHtmlLink":"chore: update data"}},{"before":"40157c10724bb0edea721d3dff297f4187de1a6b","after":"ba410044315c1d780dd37b1e6600060a159e79a5","ref":"refs/heads/main","pushedAt":"2024-04-29T11:01:18.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"chore: update maintained projects","shortMessageHtmlLink":"chore: update maintained projects"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEQTUWiQA","startCursor":null,"endCursor":null}},"title":"Activity · npm/statusboard"}