Smart data-driven menu rendered in an overlay

Related tags

Menu react-data-menu
Overview

NPM

NPM

React Data Menu

Smart data-driven menu rendered in an overlay.

Hints-based aligning with custom renderers and factories.

Never clipped by other components or screen edges.

Data Menu!

📺 Demo

http://dkozar.github.io/react-data-menu/

📺 Video

https://www.youtube.com/watch?v=TvtC0xsn6ig

Usage

// ES6
import React, { Component } from 'react';
import { LinkRenderer } from './renderers/LinkRenderer.js';
import { Menu } from 'react-data-menu';

function callback(item) {
    console.log('item clicked', item);
}

export class App extends Component {

    constructor(props) {
        super(props);

        this.state = {
            position: {
                x: 100,
                y: 100
            },
            items: [{
                type: 'label',
                title: 'Menu Popup 1'
            }, '-', {
                title: 'Menu item 1-1',
                callback: callback,
                items: [{ // sub-menu
                    title: 'Menu Popup 2'
                }, '-', {
                    title: 'Menu item 2-1',
                    callback: callback,
                    items: [{ // sub-sub-menu
                        title: 'Menu Popup 3'
                    }, '-', {
                        title: 'Menu item 3-1'
                    }]
                }]
            }, {
                title: 'Menu item 1-2'
            }, '-', {
                 type: 'link',
                 title: 'Give me the stars!',
                 url: 'https://github.com/dkozar/react-data-menu/stargazers',
                 target: '_blank'
            }];
        };
    }

    render() {
        var renderers = {
            'link': LinkRenderer
        };
    
        return (
            <Menu items={this.state.items} position={this.state.position} renderers={renderers} />
        );
    }
}

render(<App />, document.body);

🚚 Installation

Option A - use it as NPM plugin:

npm install react-data-menu --save

This will install the package into the node_modules folder of your project.

Option B - download the project source:

git clone https://github.com/dkozar/react-data-menu.git
cd react-data-menu
npm install

npm install will install all the dependencies (and their dependencies) into the node_modules folder.

Then, you should run one of the builds.

🏭 Builds

🚀 Hot-loader development build

npm start
open http://localhost:3000

This will give you the build that will partially update the browser via webpack whenever you save the edited source file.

Additionally, it will keep the React component state intact.

For more info on React hot-loader, take a look into this fantastic video.

🚁 Demo build

npm run demo

This should build the minified demo folder (it's how the demo is built).

npm run debug

This should build the non-minified demo folder (for easier debugging).

You could install the http-server for running demo builds in the browser:

npm install http-server
http-server

🚂 Additional builds

npm run build

Runs Babel on source files (converting ES6 and React to JS) and puts them into the build folder.

npm run dist

Builds the webpackUniversalModuleDefinition and puts it into the dist folder.

npm run all

Runs all the builds: build + dist + demo.

npm run test

Runs the tests.

⚙️ Maintainance

React 0.14: https://github.com/dkozar/react-data-menu/commits/react-0.14

👍 Thanks to:

🚀 React Transform Boilerplate for the workflow.

Downloads!

Comments
  • Compile on case sensitive systems

    Compile on case sensitive systems

    Love the library! I'm building on a case sensitive system and some imports do not match the path exactly.

    for ex, in MenuPopupFactory.js import Dom from './../util/Dom';

    should be

    import Dom from './../util/dom';

    I can do a PR if you want?

    opened by jonathannaim 5
  • Usage example given seems to be wrong. Some more Documentation?

    Usage example given seems to be wrong. Some more Documentation?

    Hello, I'm currently learning reactJS, so sorry if my question comes off as odd. I've come across this, and as part of trying to write a website to learn this, I'm having a ton of issues with the Usage example provided.

    To me, it seems that there is missing [array] brackets after the first 'items' in this.state parameters that were given. I'm not sure if that is the only problem with the Usage case you provided, but would be glad for some info or clarifications!

    I've been looking at the live demo through the web-browser's dev-tools and it seems like a very nifty little module, I just can't figure out how to get it to work for me :(

    Great job on writing it though! Seems like a lot of work was put in.

    opened by VladParshin 3
  • Bump karma from 0.13.22 to 6.3.16

    Bump karma from 0.13.22 to 6.3.16

    Bumps karma from 0.13.22 to 6.3.16.

    Release notes

    Sourced from karma's releases.

    v6.3.16

    6.3.16 (2022-02-10)

    Bug Fixes

    • security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

    v6.3.15

    6.3.15 (2022-02-05)

    Bug Fixes

    v6.3.14

    6.3.14 (2022-02-05)

    Bug Fixes

    • remove string template from client code (91d5acd)
    • warn when singleRun and autoWatch are false (69cfc76)
    • security: remove XSS vulnerability in returnUrl query param (839578c)

    v6.3.13

    6.3.13 (2022-01-31)

    Bug Fixes

    • deps: bump log4js to resolve security issue (5bf2df3), closes #3751

    v6.3.12

    6.3.12 (2022-01-24)

    Bug Fixes

    • remove depreciation warning from log4js (41bed33)

    v6.3.11

    6.3.11 (2022-01-13)

    Bug Fixes

    • deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

    ... (truncated)

    Changelog

    Sourced from karma's changelog.

    6.3.16 (2022-02-10)

    Bug Fixes

    • security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

    6.3.15 (2022-02-05)

    Bug Fixes

    6.3.14 (2022-02-05)

    Bug Fixes

    • remove string template from client code (91d5acd)
    • warn when singleRun and autoWatch are false (69cfc76)
    • security: remove XSS vulnerability in returnUrl query param (839578c)

    6.3.13 (2022-01-31)

    Bug Fixes

    • deps: bump log4js to resolve security issue (5bf2df3), closes #3751

    6.3.12 (2022-01-24)

    Bug Fixes

    • remove depreciation warning from log4js (41bed33)

    6.3.11 (2022-01-13)

    Bug Fixes

    • deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

    6.3.10 (2022-01-08)

    Bug Fixes

    • logger: create parent folders if they are missing (0d24bd9), closes #3734

    ... (truncated)

    Commits
    • ab4b328 chore(release): 6.3.16 [skip ci]
    • ff7edbb fix(security): mitigate the "Open Redirect Vulnerability"
    • c1befa0 chore(release): 6.3.15 [skip ci]
    • d9dade2 fix(helper): make mkdirIfNotExists helper resilient to concurrent calls
    • 653c762 ci: prevent duplicate CI tasks on creating a PR
    • c97e562 chore(release): 6.3.14 [skip ci]
    • 91d5acd fix: remove string template from client code
    • 69cfc76 fix: warn when singleRun and autoWatch are false
    • 839578c fix(security): remove XSS vulnerability in returnUrl query param
    • db53785 chore(release): 6.3.13 [skip ci]
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump karma from 0.13.22 to 6.3.14

    Bump karma from 0.13.22 to 6.3.14

    Bumps karma from 0.13.22 to 6.3.14.

    Release notes

    Sourced from karma's releases.

    v6.3.14

    6.3.14 (2022-02-05)

    Bug Fixes

    • remove string template from client code (91d5acd)
    • warn when singleRun and autoWatch are false (69cfc76)
    • security: remove XSS vulnerability in returnUrl query param (839578c)

    v6.3.13

    6.3.13 (2022-01-31)

    Bug Fixes

    • deps: bump log4js to resolve security issue (5bf2df3), closes #3751

    v6.3.12

    6.3.12 (2022-01-24)

    Bug Fixes

    • remove depreciation warning from log4js (41bed33)

    v6.3.11

    6.3.11 (2022-01-13)

    Bug Fixes

    • deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

    v6.3.10

    6.3.10 (2022-01-08)

    Bug Fixes

    • logger: create parent folders if they are missing (0d24bd9), closes #3734

    v6.3.9

    6.3.9 (2021-11-16)

    Bug Fixes

    • restartOnFileChange option not restarting the test run (92ffe60), closes #27 #3724

    ... (truncated)

    Changelog

    Sourced from karma's changelog.

    6.3.14 (2022-02-05)

    Bug Fixes

    • remove string template from client code (91d5acd)
    • warn when singleRun and autoWatch are false (69cfc76)
    • security: remove XSS vulnerability in returnUrl query param (839578c)

    6.3.13 (2022-01-31)

    Bug Fixes

    • deps: bump log4js to resolve security issue (5bf2df3), closes #3751

    6.3.12 (2022-01-24)

    Bug Fixes

    • remove depreciation warning from log4js (41bed33)

    6.3.11 (2022-01-13)

    Bug Fixes

    • deps: pin colors package to 1.4.0 due to security vulnerability (a5219c5)

    6.3.10 (2022-01-08)

    Bug Fixes

    • logger: create parent folders if they are missing (0d24bd9), closes #3734

    6.3.9 (2021-11-16)

    Bug Fixes

    • restartOnFileChange option not restarting the test run (92ffe60), closes #27 #3724

    6.3.8 (2021-11-07)

    Bug Fixes

    • reporter: warning if stack trace contains generated code invocation (4f23b14)

    ... (truncated)

    Commits
    • c97e562 chore(release): 6.3.14 [skip ci]
    • 91d5acd fix: remove string template from client code
    • 69cfc76 fix: warn when singleRun and autoWatch are false
    • 839578c fix(security): remove XSS vulnerability in returnUrl query param
    • db53785 chore(release): 6.3.13 [skip ci]
    • 5bf2df3 fix(deps): bump log4js to resolve security issue
    • 36ad678 chore(release): 6.3.12 [skip ci]
    • 41bed33 fix: remove depreciation warning from log4js
    • c985155 docs: create security.md
    • c96f0c5 chore(release): 6.3.11 [skip ci]
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump lodash from 4.17.4 to 4.17.19

    Bump lodash from 4.17.4 to 4.17.19

    Bumps lodash from 4.17.4 to 4.17.19.

    Release notes

    Sourced from lodash's releases.

    4.17.16

    Commits
    Maintainer changes

    This version was pushed to npm by mathias, a new releaser for lodash since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump lodash from 4.17.4 to 4.17.13

    Bump lodash from 4.17.4 to 4.17.13

    Bumps lodash from 4.17.4 to 4.17.13.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    dependencies 
    opened by dependabot[bot] 1
  • Case sensitive file

    Case sensitive file

    The PR is for the issue #3

    I've fixed the issues for the different files and I took the liberty to update eslint to latest version so I could include the plugin eslint-plugin-import.

    Hope that's ok for you

    opened by jonathannaim 1
  • Fix warning about duplicate module names

    Fix warning about duplicate module names

    Using the current build of react-data-menu yields the following warning:

    ./~/react-data-menu/build/util/HoverData.js
    There is another module with an equal name when case is ignored.
    This can lead to unexpected behavior when compiling on a filesystem with other case-semantic.
    Rename module if multiple modules are expected or use equal casing if one module is expected.
    

    This pull request just changes the name of the hoverData.js file in an import statement so that it is consistent with the actual name of the file.

    opened by pkerpedjiev 1
  • Bump express from 4.15.4 to 4.17.3

    Bump express from 4.15.4 to 4.17.3

    Bumps express from 4.15.4 to 4.17.3.

    Release notes

    Sourced from express's releases.

    4.17.3

    4.17.2

    4.17.1

    • Revert "Improve error message for null/undefined to res.status"

    4.17.0

    • Add express.raw to parse bodies into Buffer
    • Add express.text to parse bodies into string

    ... (truncated)

    Changelog

    Sourced from express's changelog.

    4.17.3 / 2022-02-16

    4.17.2 / 2021-12-16

    4.17.1 / 2019-05-25

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump qs and body-parser

    Bump qs and body-parser

    Bumps qs and body-parser. These dependencies needed to be updated together. Updates qs from 6.4.0 to 6.11.0

    Changelog

    Sourced from qs's changelog.

    6.11.0

    • [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option (#442)
    • [readme] fix version badge

    6.10.5

    • [Fix] stringify: with arrayFormat: comma, properly include an explicit [] on a single-item array (#434)

    6.10.4

    • [Fix] stringify: with arrayFormat: comma, include an explicit [] on a single-item array (#441)
    • [meta] use npmignore to autogenerate an npmignore file
    • [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, object-inspect, tape

    6.10.3

    • [Fix] parse: ignore __proto__ keys (#428)
    • [Robustness] stringify: avoid relying on a global undefined (#427)
    • [actions] reuse common workflows
    • [Dev Deps] update eslint, @ljharb/eslint-config, object-inspect, tape

    6.10.2

    • [Fix] stringify: actually fix cyclic references (#426)
    • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
    • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • [Docs] add note and links for coercing primitive values (#408)
    • [actions] update codecov uploader
    • [actions] update workflows
    • [Tests] clean up stringify tests slightly
    • [Dev Deps] update eslint, @ljharb/eslint-config, aud, object-inspect, safe-publish-latest, tape

    6.10.1

    • [Fix] stringify: avoid exception on repeated object values (#402)

    6.10.0

    • [New] stringify: throw on cycles, instead of an infinite loop (#395, #394, #393)
    • [New] parse: add allowSparse option for collapsing arrays with missing indices (#312)
    • [meta] fix README.md (#399)
    • [meta] only run npm run dist in publish, not install
    • [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbols, tape
    • [Tests] fix tests on node v0.6
    • [Tests] use ljharb/actions/node/install instead of ljharb/actions/node/run
    • [Tests] Revert "[meta] ignore eclint transitive audit warning"

    6.9.7

    • [Fix] parse: ignore __proto__ keys (#428)
    • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
    • [Robustness] stringify: avoid relying on a global undefined (#427)
    • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • [Docs] add note and links for coercing primitive values (#408)
    • [Tests] clean up stringify tests slightly
    • [meta] fix README.md (#399)
    • Revert "[meta] ignore eclint transitive audit warning"

    ... (truncated)

    Commits
    • 56763c1 v6.11.0
    • ddd3e29 [readme] fix version badge
    • c313472 [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option
    • 95bc018 v6.10.5
    • 0e903c0 [Fix] stringify: with arrayFormat: comma, properly include an explicit `[...
    • ba9703c v6.10.4
    • 4e44019 [Fix] stringify: with arrayFormat: comma, include an explicit [] on a s...
    • 113b990 [Dev Deps] update object-inspect
    • c77f38f [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, tape
    • 2cf45b2 [meta] use npmignore to autogenerate an npmignore file
    • Additional commits viewable in compare view

    Updates body-parser from 1.18.1 to 1.20.1

    Release notes

    Sourced from body-parser's releases.

    1.20.0

    1.19.2

    1.19.1

    1.19.0

    ... (truncated)

    Changelog

    Sourced from body-parser's changelog.

    1.20.1 / 2022-10-06

    1.20.0 / 2022-04-02

    1.19.2 / 2022-02-15

    1.19.1 / 2021-12-10

    1.19.0 / 2019-04-25

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump engine.io and karma

    Bump engine.io and karma

    Bumps engine.io to 6.2.1 and updates ancestor dependency karma. These dependencies need to be updated together.

    Updates engine.io from 1.8.4 to 6.2.1

    Release notes

    Sourced from engine.io's releases.

    6.2.1

    :warning: This release contains an important security fix :warning:

    A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:

    Error: read ECONNRESET
        at TCP.onStreamRead (internal/stream_base_commons.js:209:20)
    Emitted 'error' event on Socket instance at:
        at emitErrorNT (internal/streams/destroy.js:106:8)
        at emitErrorCloseNT (internal/streams/destroy.js:74:3)
        at processTicksAndRejections (internal/process/task_queues.js:80:21) {
      errno: -104,
      code: 'ECONNRESET',
      syscall: 'read'
    }
    

    Please upgrade as soon as possible.

    Bug Fixes

    • catch errors when destroying invalid upgrades (#658) (425e833)

    6.2.0

    Features

    • add the "maxPayload" field in the handshake details (088dcb4)

    So that clients in HTTP long-polling can decide how many packets they have to send to stay under the maxHttpBufferSize value.

    This is a backward compatible change which should not mandate a new major revision of the protocol (we stay in v4), as we only add a field in the JSON-encoded handshake data:

    0{"sid":"lv_VI97HAXpY6yYWAAAC","upgrades":["websocket"],"pingInterval":25000,"pingTimeout":5000,"maxPayload":1000000}
    

    Links

    6.1.3

    Bug Fixes

    • typings: allow CorsOptionsDelegate as cors options (#641) (a463d26)
    • uws: properly handle chunked content (#642) (3367440)

    ... (truncated)

    Changelog

    Sourced from engine.io's changelog.

    6.2.1 (2022-11-20)

    :warning: This release contains an important security fix :warning:

    A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:

    Error: read ECONNRESET
        at TCP.onStreamRead (internal/stream_base_commons.js:209:20)
    Emitted 'error' event on Socket instance at:
        at emitErrorNT (internal/streams/destroy.js:106:8)
        at emitErrorCloseNT (internal/streams/destroy.js:74:3)
        at processTicksAndRejections (internal/process/task_queues.js:80:21) {
      errno: -104,
      code: 'ECONNRESET',
      syscall: 'read'
    }
    

    Please upgrade as soon as possible.

    Bug Fixes

    • catch errors when destroying invalid upgrades (#658) (425e833)

    3.6.0 (2022-06-06)

    Bug Fixes

    Features

    • decrease the default value of maxHttpBufferSize (58e274c)

    This change reduces the default value from 100 mb to a more sane 1 mb.

    This helps protect the server against denial of service attacks by malicious clients sending huge amounts of data.

    See also: https://github.com/advisories/GHSA-j4f2-536g-r55m

    • increase the default value of pingTimeout (f55a79a)

    ... (truncated)

    Commits
    • 24b847b chore(release): 6.2.1
    • 425e833 fix: catch errors when destroying invalid upgrades (#658)
    • 99adb00 chore(deps): bump xmlhttprequest-ssl and engine.io-client in /examples/latenc...
    • d196f6a chore(deps): bump minimatch from 3.0.4 to 3.1.2 (#660)
    • 7c1270f chore(deps): bump nanoid from 3.1.25 to 3.3.1 (#659)
    • 535a01d ci: add Node.js 18 in the test matrix
    • 1b71a6f docs: remove "Vanilla JS" highlight from README (#656)
    • 917d1d2 refactor: replace deprecated String.prototype.substr() (#646)
    • 020801a chore: add changelog for version 3.6.0
    • ed1d6f9 test: make test script work on Windows (#643)
    • Additional commits viewable in compare view

    Updates karma from 0.13.22 to 6.4.1

    Release notes

    Sourced from karma's releases.

    v6.4.1

    6.4.1 (2022-09-19)

    Bug Fixes

    v6.4.0

    6.4.0 (2022-06-14)

    Features

    • support SRI verification of link tags (dc51a2e)
    • support SRI verification of script tags (6a54b1c)

    v6.3.20

    6.3.20 (2022-05-13)

    Bug Fixes

    • prefer IPv4 addresses when resolving domains (e17698f), closes #3730

    v6.3.19

    6.3.19 (2022-04-19)

    Bug Fixes

    • client: error out when opening a new tab fails (099b85e)

    v6.3.18

    6.3.18 (2022-04-13)

    Bug Fixes

    • deps: upgrade socket.io to v4.4.1 (52a30bb)

    v6.3.17

    6.3.17 (2022-02-28)

    Bug Fixes

    • deps: update colors to maintained version (#3763) (fca1884)

    v6.3.16

    ... (truncated)

    Changelog

    Sourced from karma's changelog.

    6.4.1 (2022-09-19)

    Bug Fixes

    6.4.0 (2022-06-14)

    Features

    • support SRI verification of link tags (dc51a2e)
    • support SRI verification of script tags (6a54b1c)

    6.3.20 (2022-05-13)

    Bug Fixes

    • prefer IPv4 addresses when resolving domains (e17698f), closes #3730

    6.3.19 (2022-04-19)

    Bug Fixes

    • client: error out when opening a new tab fails (099b85e)

    6.3.18 (2022-04-13)

    Bug Fixes

    • deps: upgrade socket.io to v4.4.1 (52a30bb)

    6.3.17 (2022-02-28)

    Bug Fixes

    • deps: update colors to maintained version (#3763) (fca1884)

    6.3.16 (2022-02-10)

    Bug Fixes

    • security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

    ... (truncated)

    Commits
    • 0013121 chore(release): 6.4.1 [skip ci]
    • 63d86be fix: pass integrity value
    • 84f7cc3 chore(release): 6.4.0 [skip ci]
    • f2d0663 docs: add integrity parameter
    • dc51a2e feat: support SRI verification of link tags
    • 6a54b1c feat: support SRI verification of script tags
    • 5e71cf5 chore(release): 6.3.20 [skip ci]
    • e17698f fix: prefer IPv4 addresses when resolving domains
    • 60f4f79 build: add Node 16 and 18 to the CI matrix
    • 6ff5aaf chore(release): 6.3.19 [skip ci]
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump loader-utils, babel-loader, css-loader, extract-text-webpack-plugin, karma-webpack, less-loader and webpack

    Bump loader-utils, babel-loader, css-loader, extract-text-webpack-plugin, karma-webpack, less-loader and webpack

    Bumps loader-utils to 1.4.1 and updates ancestor dependencies loader-utils, babel-loader, css-loader, extract-text-webpack-plugin, karma-webpack, less-loader and webpack. These dependencies need to be updated together.

    Updates loader-utils from 1.1.0 to 1.4.1

    Release notes

    Sourced from loader-utils's releases.

    v1.4.1

    1.4.1 (2022-11-07)

    Bug Fixes

    v1.4.0

    1.4.0 (2020-02-19)

    Features

    • the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

    v1.3.0

    1.3.0 (2020-02-19)

    Features

    • support the [query] template for the interpolatedName method (#162) (469eeba)

    v1.2.3

    1.2.3 (2018-12-27)

    Bug Fixes

    • interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

    v1.2.2

    1.2.2 (2018-12-27)

    Bug Fixes

    • fixed a hash type extracting in interpolateName (#137) (f8a71f4)

    v1.2.1

    1.2.1 (2018-12-25)

    ... (truncated)

    Changelog

    Sourced from loader-utils's changelog.

    1.4.1 (2022-11-07)

    Bug Fixes

    1.4.0 (2020-02-19)

    Features

    • the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

    1.3.0 (2020-02-19)

    Features

    • support the [query] template for the interpolatedName method (#162) (469eeba)

    1.2.3 (2018-12-27)

    Bug Fixes

    • interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

    1.2.2 (2018-12-27)

    Bug Fixes

    • fixed a hash type extracting in interpolateName (#137) (f8a71f4)

    1.2.1 (2018-12-25)

    ... (truncated)

    Commits
    Maintainer changes

    This version was pushed to npm by evilebottnawi, a new releaser for loader-utils since your current version.


    Updates babel-loader from 6.4.1 to 9.1.0

    Release notes

    Sourced from babel-loader's releases.

    v9.1.0

    New features

    Full Changelog: https://github.com/babel/babel-loader/compare/v9.0.1...v9.1.0

    v9.0.1

    Bug Fixes

    Full Changelog: https://github.com/babel/babel-loader/compare/v9.0.0...v9.0.1

    v9.0.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/babel/babel-loader/compare/v8.2.5...v9.0.0

    v8.3.0

    New features

    Full Changelog: https://github.com/babel/babel-loader/compare/v8.2.5...v8.3.0

    v8.2.5

    What's Changed

    New Contributors

    Full Changelog: https://github.com/babel/babel-loader/compare/v8.2.4...v8.2.5

    v8.2.4

    What's Changed

    Thanks @​loveDstyle, @​stianjensen and @​pathmapper for your first PRs!

    8.2.3

    ... (truncated)

    Changelog

    Sourced from babel-loader's changelog.

    Changelog

    For changes in version v7.0.0 and up please go to release

    Old Changelog

    Commits
    Maintainer changes

    This version was pushed to npm by nicolo-ribaudo, a new releaser for babel-loader since your current version.


    Updates css-loader from 0.23.1 to 6.7.1

    Release notes

    Sourced from css-loader's releases.

    v6.7.1

    6.7.1 (2022-03-08)

    Bug Fixes

    v6.7.0

    6.7.0 (2022-03-04)

    Features

    v6.6.0

    6.6.0 (2022-02-02)

    Features

    • added the hashStrategy option (ca4abce)

    v6.5.1

    6.5.1 (2021-11-03)

    Bug Fixes

    • regression with unicode characters in locals (b7a8441)
    • runtime path generation (#1393) (feafea8)

    v6.5.0

    6.5.0 (2021-10-26)

    Features

    • support absolute URL in url() when experiments.buildHttp enabled (#1389) (8946be4)

    Bug Fixes

    • respect nosources in the devtool option (c60eff2)

    v6.4.0

    6.4.0 (2021-10-09)

    ... (truncated)

    Changelog

    Sourced from css-loader's changelog.

    6.7.1 (2022-03-08)

    Bug Fixes

    6.7.0 (2022-03-04)

    Features

    6.6.0 (2022-02-02)

    Features

    • added the hashStrategy option (ca4abce)

    6.5.1 (2021-11-03)

    Bug Fixes

    • regression with unicode characters in locals (b7a8441)
    • runtime path generation (#1393) (feafea8)

    6.5.0 (2021-10-26)

    Features

    • support absolute URL in url() when experiments.buildHttp enabled (#1389) (8946be4)

    Bug Fixes

    • respect nosources in the devtool option (c60eff2)

    6.4.0 (2021-10-09)

    Features

    • generate more collision resistant for locals (c7db752)

    ... (truncated)

    Commits
    Maintainer changes

    This version was pushed to npm by evilebottnawi, a new releaser for css-loader since your current version.


    Updates extract-text-webpack-plugin from 1.0.1 to 3.0.2

    Release notes

    Sourced from extract-text-webpack-plugin's releases.

    v3.0.2

    2017-10-25

    Bug Fixes

    • refer to the entrypoint instead of the first module (module.identifier) (#601) (d5a1de2)

    v3.0.1

    2017-10-03

    Bug Fixes

    • index: stricter check for shouldExtract !== wasExtracted (#605) (510704f)
    • get real path from __filename instead of __dirname (NS) (8de6558)

    v3.0.0

    2017-07-10

    Bug Fixes

    Code Refactoring

    • Apply webpack-defaults & webpack 3.x support (#540) (7ae32d9)

    • refactor: DeprecationWarning: Chunk.modules 543

    BREAKING CHANGES

    • Enforces engines of "node": ">=4.3.0 < 5.0.0 || >= 5.10

    • Updates to Chunk.mapModules. This release is not backwards compatible with Webpack 2.x due to breaking changes in webpack/webpack#4764

    • Enforces peerDependencies of "webpack": "^3.1.0".

    Release v3.0.0-rc.2

    3.0.0-rc.2 (2017-07-10)

    Bug Fixes

    ... (truncated)

    Changelog

    Sourced from extract-text-webpack-plugin's changelog.

    3.0.2 (2017-10-25)

    Bug Fixes

    • refer to the entrypoint instead of the first module (module.identifier) (#601) (d5a1de2)

    3.0.1 (2017-10-03)

    Bug Fixes

    • index: stricter check for shouldExtract !== wasExtracted (#605) (510704f)
    • get real path from __filename instead of __dirname (NS) (8de6558)

    3.0.0 (2017-07-10)

    Bug Fixes

    • add missing options.ignoreOrder details in Error message (#539) (dd43832)

    Code Refactoring

    • Apply webpack-defaults & webpack 3.x support (#540) (7ae32d9)

    BREAKING CHANGES

    • Enforces engines of "node": ">=4.3.0 < 5.0.0 || >= 5.10
    • refactor: DeprecationWarning: Chunk.modules 543
    • Updates to Chunk.mapModules. This release is not backwards compatible with Webpack 2.x due to breaking changes in webpack/webpack#4764
    • Enforces peerDependencies of "webpack": "^3.1.0".

    3.0.0-rc.2 (2017-07-10)

    ... (truncated)

    Commits
    • cc3ba94 chore(release): 3.0.2
    • d5a1de2 fix: refer to the entrypoint instead of the first module (`module.identif...
    • 5286ab2 build(defaults): update to v1.6.0 (#652)
    • 4cfde50 chore(release): 3.0.1
    • 8de6558 fix: get real path from __filename instead of __dirname (NS)
    • 510704f fix(index): stricter check for shouldExtract !== wasExtracted (#605)
    • 6a660f3 docs(README): update install instructions (#570)
    • 083a6c8 docs(README): add custom [contenthash] formats (#566)
    • d7a75fc chore(release): 3.0.0
    • 7ae32d9 refactor: Apply webpack-defaults & webpack 3.x support (#540)
    • Additional commits viewable in compare view

    Updates karma-webpack from 1.8.1 to 5.0.0

    Release notes

    Sourced from karma-webpack's releases.

    v5.0.0

    No release notes provided.

    v5.0.0-alpha.6

    Bug Fixes

    • automatically fix missing webpack framework and report a warning (ea5dc8e)
    • fix an issue where multiple karma-webpack processes could not run in parallel (ea3dabe)
    • bump hotfix dependencies (98b3ec9)

    v5.0.0-alpha.5

    Bug Fixes

    • change the webpack peer dependency to webpack v5 (2e0ca74)

    v5.0.0-alpha.4

    Bug Fixes

    • fix compatibility issues for webpack v5 (8d7366f), closes #452
    • remove deprecation warning for .watch() (4fe1f60)

    v4.0.2

    4.0.2 (2019-06-08)

    Bug Fixes

    • don't error when webpackMiddleware config not provided' (#418) (7570912)

    v4.0.1

    4.0.1 (2019-06-07)

    Bug Fixes

    • package: point to dist instead of lib (#417) (c0a0d47)

    v4.0.0

    4.0.0 (2019-06-07)

    Bug Fixes

    chore

    ... (truncated)

    Changelog

    Sourced from karma-webpack's changelog.

    5.0.0 (2021-02-02)

    No changes, just a new stable release.

    5.0.0-alpha.6 (2021-01-30)

    Bug Fixes

    • automatically fix missing webpack framework and report a warning (ea5dc8e)
    • fix an issue where multiple karma-webpack processes could not run in parallel (ea3dabe)
    • bump hotfix dependencies (98b3ec9)

    5.0.0-alpha.5 (2020-12-06)

    Bug Fixes

    • change the webpack peer dependency to webpack v5 (2e0ca74)

    5.0.0-alpha.4 (2020-12-06)

    Bug Fixes

    • fix compatibility issues for webpack v5 (8d7366f), closes #452
    • remove deprecation warning for .watch() (4fe1f60)

    5.0.0-alpha.3.0 (2019-03-07)

    Bug Fixes

    5.0.0-alpha.2 (2019-02-13)

    Bug Fixes

    • karma-webpack: normalize paths to be compatible with windows (b783e1c)

    5.0.0-alpha.1 (2019-01-01)

    ... (truncated)

    Commits
    Maintainer changes

    This version was pushed to npm by ryanclark, a new releaser for karma-webpack since your current version.


    Updates less-loader from 2.2.3 to 11.1.0

    Release notes

    Sourced from less-loader's releases.

    v11.1.0

    11.1.0 (2022-10-06)

    Features

    v11.0.0

    11.0.0 (2022-05-17)

    ⚠ BREAKING CHANGES

    • minimum supported Node.js version is 14.15.0

    v10.2.0

    10.2.0 (2021-10-18)

    Features

    v10.1.0

    10.1.0 (2021-10-11)

    Features

    Bug Fixes

    • only call addDependency on absolute paths (fa11ce7)

    v10.0.1

    10.0.1 (2021-07-02)

    Bug Fixes

    v10.0.0

    10.0.0 (2021-06-17)

    ⚠ BREAKING CHANGES

    ... (truncated)

    Changelog

    Sourced from less-loader's changelog.

    11.1.0 (2022-10-06)

    Features

    11.0.0 (2022-05-17)

    ⚠ BREAKING CHANGES

    • minimum supported Node.js version is 14.15.0

    10.2.0 (2021-10-18)

    Features

    10.1.0 (2021-10-11)

    Features

    Bug Fixes

    • only call addDependency on absolute paths (fa11ce7)

    10.0.1 (2021-07-02)

    Bug Fixes

    10.0.0 (2021-06-17)

    ⚠ BREAKING CHANGES

    • less.webpackLoaderContext was removed, please use pluginManager.webpackLoaderContext

    Bug Fixes

    ... (truncated)

    Commits
    • 21caa3e chore(release): 11.1.0
    • 43cd20c feat: allow to extend conditionNames (#488)
    • c1aa4f5 chore: update dependencies to the latest version (#487)
    • 2dcfe42 chore: update commitlint action (#486)
    • 60d6a29 chore: run cancel workflow on pull request (#485)
    • 4e81ee0 chore: update jest to the latest version (#483)
    • 965f5d8 ci: update github workflow security permissions (#482)
    • 454e187 chore: upgrade dependencies to the latest version (#481)
    • bb799d1 ci: add job to cancel previous runs (#480)
    • d292548 chore: update dependencies to the latest version (#479)
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by evilebottnawi, a new releaser for less-loader since your current version.


    Updates webpack from 1.15.0 to 5.74.0

    Release notes

    Sourced from webpack's releases.

    v5.74.0

    Features

    • add resolve.extensionAlias option which allows to alias extensions
      • This is useful when you are forced to add the .js extension to imports when the file really has a .ts extension (typescript + "type": "module")
    • add support for ES2022 features like static blocks
    • add Tree Shaking support for ProvidePlugin

    Bugfixes

    • fix persistent cache when some build dependencies are on a different windows drive
    • make order of evaluation of side-effect-free modules deterministic between concatenated and non-concatenated modules
    • remove left-over from debugging in TLA/async modules runtime code
    • remove unneeded extra 1s timestamp offset during watching when files are actually untouched
      • This sometimes caused an additional second build which are not really needed
    • fix shareScope option for ModuleFederationPlugin
    • set "use-credentials" also for same origin scripts

    Performance

    • Improve memory usage and performance of aggregating needed files/directories for watching
      • This affects rebuild performance

    Extensibility

    • export HarmonyImportDependency for plugins

    v5.73.0

    Features

    • add options for default dynamicImportMode and prefetch and preload
    • add support for import { createRequire } from "module" in source code

    Bugfixes

    • fix code generation of e. g. return"field"in Module
    • fix performance of large JSON modules
    • fix performance of async modules evaluation

    Developer Experience

    • export PathData in typings
    • improve error messages with more details

    v5.72.1

    Bugfixes

    • fix __webpack_nonce__ with HMR
    • fix in operator in some cases

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump minimatch and mocha

    Bump minimatch and mocha

    Bumps minimatch to 3.0.4 and updates ancestor dependency mocha. These dependencies need to be updated together.

    Updates minimatch from 0.3.0 to 3.0.4

    Commits
    Maintainer changes

    This version was pushed to npm by isaacs, a new releaser for minimatch since your current version.


    Updates mocha from 2.5.3 to 10.1.0

    Release notes

    Sourced from mocha's releases.

    v10.1.0

    10.1.0 / 2022-10-16

    :tada: Enhancements

    :nut_and_bolt: Other

    v10.0.0

    10.0.0 / 2022-05-01

    :boom: Breaking Changes

    :nut_and_bolt: Other

    Also thanks to @​ea2305 and @​SukkaW for improvements to our documentation.

    v9.2.2

    9.2.2 / 2022-03-11

    Please also note our announcements.

    :bug: Fixes

    ... (truncated)

    Changelog

    Sourced from mocha's changelog.

    10.1.0 / 2022-10-16

    :tada: Enhancements

    :nut_and_bolt: Other

    10.0.0 / 2022-05-01

    :boom: Breaking Changes

    :nut_and_bolt: Other

    Also thanks to @​ea2305 and @​SukkaW for improvements to our documentation.

    9.2.2 / 2022-03-11

    :bug: Fixes

    :nut_and_bolt: Other

    ... (truncated)

    Commits
    • 5f96d51 build(v10.1.0): release
    • ed74f16 build(v10.1.0): update CHANGELOG
    • 51d4746 chore(devDeps): update 'ESLint' to v8 (#4926)
    • 4e06a6f fix(browser): increase contrast for replay buttons (#4912)
    • 41567df Support prefers-color-scheme: dark (#4896)
    • 61b4b92 fix the regular expression for function clean in utils.js (#4770)
    • 77c18d2 chore: use standard 'Promise.allSettled' instead of polyfill (#4905)
    • 84b2f84 chore(ci): upgrade GH actions to latest versions (#4899)
    • 023f548 build(v10.0.0): release
    • 62b1566 build(v10.0.0): update CHANGELOG
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by juergba, a new releaser for mocha since your current version.


    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump socket.io-parser and karma

    Bump socket.io-parser and karma

    Bumps socket.io-parser to 4.2.1 and updates ancestor dependency karma. These dependencies need to be updated together.

    Updates socket.io-parser from 2.3.1 to 4.2.1

    Release notes

    Sourced from socket.io-parser's releases.

    4.2.1

    Bug Fixes

    • check the format of the index of each attachment (b5d0cb7)

    Links

    4.2.0

    Features

    • allow the usage of custom replacer and reviver (#112) (b08bc1a)

    Links

    4.1.2

    Bug Fixes

    • allow objects with a null prototype in binary packets (#114) (7f6b262)

    Links

    4.1.1

    Links

    4.1.0

    Features

    • provide an ESM build with and without debug (388c616)

    Links

    4.0.5

    Bug Fixes

    • check the format of the index of each attachment (b559f05)

    Links

    ... (truncated)

    Changelog

    Sourced from socket.io-parser's changelog.

    4.2.1 (2022-06-27)

    Bug Fixes

    • check the format of the index of each attachment (b5d0cb7)

    4.2.0 (2022-04-17)

    Features

    • allow the usage of custom replacer and reviver (#112) (b08bc1a)

    4.1.2 (2022-02-17)

    Bug Fixes

    • allow objects with a null prototype in binary packets (#114) (7f6b262)

    4.1.1 (2021-10-14)

    4.1.0 (2021-10-11)

    Features

    • provide an ESM build with and without debug (388c616)

    4.0.4 (2021-01-15)

    Bug Fixes

    • allow integers as event names (1c220dd)

    4.0.3 (2021-01-05)

    4.0.2 (2020-11-25)

    ... (truncated)

    Commits
    • 5a2ccff chore(release): 4.2.1
    • b5d0cb7 fix: check the format of the index of each attachment
    • c7514b5 chore(release): 4.2.0
    • 931f152 chore: add Node.js 16 in the test matrix
    • 6c9cb27 chore: bump @​socket.io/component-emitter to version 3.1.0
    • b08bc1a feat: allow the usage of custom replacer and reviver (#112)
    • aed252c chore(release): 4.1.2
    • 89209fa chore: bump cached-path-relative from 1.0.2 to 1.1.0 (#113)
    • 0a3b556 chore: bump path-parse from 1.0.6 to 1.0.7 (#108)
    • 7f6b262 fix: allow objects with a null prototype in binary packets (#114)
    • Additional commits viewable in compare view

    Updates karma from 0.13.22 to 6.4.1

    Release notes

    Sourced from karma's releases.

    v6.4.1

    6.4.1 (2022-09-19)

    Bug Fixes

    v6.4.0

    6.4.0 (2022-06-14)

    Features

    • support SRI verification of link tags (dc51a2e)
    • support SRI verification of script tags (6a54b1c)

    v6.3.20

    6.3.20 (2022-05-13)

    Bug Fixes

    • prefer IPv4 addresses when resolving domains (e17698f), closes #3730

    v6.3.19

    6.3.19 (2022-04-19)

    Bug Fixes

    • client: error out when opening a new tab fails (099b85e)

    v6.3.18

    6.3.18 (2022-04-13)

    Bug Fixes

    • deps: upgrade socket.io to v4.4.1 (52a30bb)

    v6.3.17

    6.3.17 (2022-02-28)

    Bug Fixes

    • deps: update colors to maintained version (#3763) (fca1884)

    v6.3.16

    ... (truncated)

    Changelog

    Sourced from karma's changelog.

    6.4.1 (2022-09-19)

    Bug Fixes

    6.4.0 (2022-06-14)

    Features

    • support SRI verification of link tags (dc51a2e)
    • support SRI verification of script tags (6a54b1c)

    6.3.20 (2022-05-13)

    Bug Fixes

    • prefer IPv4 addresses when resolving domains (e17698f), closes #3730

    6.3.19 (2022-04-19)

    Bug Fixes

    • client: error out when opening a new tab fails (099b85e)

    6.3.18 (2022-04-13)

    Bug Fixes

    • deps: upgrade socket.io to v4.4.1 (52a30bb)

    6.3.17 (2022-02-28)

    Bug Fixes

    • deps: update colors to maintained version (#3763) (fca1884)

    6.3.16 (2022-02-10)

    Bug Fixes

    • security: mitigate the "Open Redirect Vulnerability" (ff7edbb)

    ... (truncated)

    Commits
    • 0013121 chore(release): 6.4.1 [skip ci]
    • 63d86be fix: pass integrity value
    • 84f7cc3 chore(release): 6.4.0 [skip ci]
    • f2d0663 docs: add integrity parameter
    • dc51a2e feat: support SRI verification of link tags
    • 6a54b1c feat: support SRI verification of script tags
    • 5e71cf5 chore(release): 6.3.20 [skip ci]
    • e17698f fix: prefer IPv4 addresses when resolving domains
    • 60f4f79 build: add Node 16 and 18 to the CI matrix
    • 6ff5aaf chore(release): 6.3.19 [skip ci]
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
Releases(1.0.12)
  • 1.0.11(Sep 20, 2016)

  • 1.0.9(Aug 28, 2016)

    I moved the event dispatching logic into separate project: https://github.com/dkozar/raycast-dom

    Menu is a complex component, so with all of those mouse and touch listeners attached to popup and item renderers, it became unmaintainable.

    Complex components with lot of children should really rely on event bubbling. That's what Raycast provides; with it, the menu component should be more logical and predictable.

    Source code(tar.gz)
    Source code(zip)
  • 1.0.8(Aug 18, 2016)

    Fixed the bug of firing onContextMenu when tap-and-holding the toggle button of dropdown menu.

    Tap-and-hold was previously closing the (just opened) menu when dropdown is in toggle mode.

    Source code(tar.gz)
    Source code(zip)
  • 1.0.7(Aug 17, 2016)

  • 1.0.5(Aug 14, 2016)

    Touch events are now processed properly (so the menu works on touch screens).

    In demo, I'm treating 'touchstart' similar to 'contextmenu': tapping the application background brings up the app menu, while tapping the circle brings the circle menu.

    While menu is open, tapping the application background is closing it.

    Source code(tar.gz)
    Source code(zip)
  • 1.0.3(Aug 13, 2016)

    Dropdown menu was not properly closing when clicking away.

    It was still open after opening another menu, so there were multiple menu instances floating around.

    With this fix, opening another dropdown (or right-click menu) closes all the previous instances.

    Source code(tar.gz)
    Source code(zip)
Owner
Danko Kozar
UX Developer / React / eDriven
Danko Kozar
Left navigation menu. Get data from JSON file and display simple form menu.

Left Navbar Menu Left navigation menu. Get data from JSON file and display simple form menu. User Interface created using React and Typescript. App st

Wojtek 5 May 24, 2021
React component for building accessible menu, dropdown, submenu, context menu and more.

React-Menu An accessible and keyboard-friendly React menu library. Live examples and docs Features React menu components for easy and fast web develop

Zheng Song 837 Jan 9, 2023
Animated hamburger menu icons for React (1.5 KB) 🍔

‌ ‌ Animated hamburger menu icons for React Hamburger menu icons for React, with CSS-driven transitions. Created to be as elegant and performant as po

Luuk de Vlieger 709 Dec 31, 2022
React Dropdown Menu

React Dropdown Menu

Mikkel Laursen 142 Dec 3, 2022
Hamburger Menu React JS Using Third Party Package ReactJS - Popup

In this project, let's build a Hamburger Menu app by applying the concepts we have learned till now. Refer to the image below: Design Files Click to v

null 2 Dec 6, 2021
Simple Context menu component for react showing all parent's node menus in theirs contexts.

Simple Context menu component for react showing all inherited parents menu with SSR compatibility.

Nathan Braun 6 Nov 13, 2022
A simple sliding side menu component for React

Cheeseburger Menu A simple sliding side menu component for React. This component provides the sliding menu only, not the hamburger button. For your bu

Eddie McLean 19 May 27, 2022
React dropdown menu components

react-menu-list This project is a set of components for building menus. This project works well for dropdown and autocomplete menus. The menus are cor

Streak 79 Nov 16, 2022
Add a context menu to your react app with ease

Documentation Go here. Installation Using yarn $ yarn add react-contexify Using npm $ npm install --save react-contexify The gist import React from 'r

Fadi Khadra 868 Jan 8, 2023
A react component that displays an unlimited deep menu

react-infinity-menu An unlimited deep side menu Live Demo Demo Installation npm install react-infinity-menu How to use import InfinityMenu from "react

Social Tables 58 Dec 5, 2022
Radial Menu for FiveM,built with React

BCS Radial Menu This project is to freshen up the options for free radial menu f

BagusCodeStudio 13 Nov 7, 2022
🍪 A stylized command menu for React.

?? Superkey is under development and is not ready for production. If you have any bugs or problems please create an issue. ?? Website (working ?? ) •

Pablo Hdez 57 Dec 31, 2022
📱 A performant, easy to use hold to open context menu for React Native powered by Reanimated 🚀

React Native Hold Menu A performant, easy to use hold to open context menu for React Native powered by Reanimated. ?? This package is experimental and

Enes 1k Jan 6, 2023
ScrollView with infinte paged scrolling (no looping). The number of pages rendered before and after current page can be customized. Pages are rendered when user scrolled.

react-native-infinite-scrollview ScrollView with infinte paged scrolling (no looping). The number of pages rendered before and after current page can

null 75 Sep 21, 2022
React-wizardry is a data-driven smart wizard component for creating powerful forms with in built validations

react-wizardry is a data-driven smart wizard component for creating powerful forms with in built validations. Demo Features ⚡ Data driven API ✅ In bui

Prabhu Murthy 38 Aug 16, 2022
A simple, data-driven, light-weight React Tree Menu component

React Simple Tree Menu Inspired by Downshift, a simple, data-driven, light-weight React Tree Menu component that: does not depend on any UI framework

Huang-Ming Chang 120 Dec 1, 2022
Left navigation menu. Get data from JSON file and display simple form menu.

Left Navbar Menu Left navigation menu. Get data from JSON file and display simple form menu. User Interface created using React and Typescript. App st

Wojtek 5 May 24, 2021
An NFT Marketplace running on ethereum, binance smart chain, polygon, avalanche, fantom, optimism and arbitrum powered by 0x smart contracts. Made in React/Next JS, MUI and Typescript.

An NFT Marketplace running on ethereum, binance smart chain, polygon, avalanche, fantom, optimism and arbitrum powered by 0x smart contracts. Made in React/Next JS, MUI and Typescript.

DexKit 35 Dec 29, 2022
Draggable, Smart menu for react

Features ⚡ Configurable and smart floating menu for react ⚙️ Comes with a lot of options to customize the behavior of the menu ?? Auto detects edges o

Prabhu Murthy 129 Jan 6, 2023
Responsive Data Driven Filter Grid & Data Card Component

Responsive Data Driven Filter Grid & Data Card Component

Leonardo Vidal 0 Sep 12, 2021