Bump the npm group in /frontend with 5 updates

[dependabot]

Bumps the npm group in /frontend with 5 updates:

Package	From	To
axios	1.5.1	1.6.0
vue	3.3.6	3.3.7
@quasar/vite-plugin	1.5.0	1.6.0
sass	1.69.4	1.69.5
vue-tsc	1.8.19	1.8.22

Updates axios from 1.5.1 to 1.6.0

Release notes

Sourced from axios's releases.

Release v1.6.0

Release notes:

Bug Fixes

• CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028) (96ee232)
• dns: fixed lookup function decorator to work properly in node v20; (#6011) (5aaff53)
• types: fix AxiosHeaders types; (#5931) (a1c8ad0)

PRs

• CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Contributors to this release

• Dmitriy Mozgovoy
• Valentin Panov
• Rinku Chaudhari

Changelog

Sourced from axios's changelog.

1.6.0 (2023-10-26)

Bug Fixes

• CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028) (96ee232)
• dns: fixed lookup function decorator to work properly in node v20; (#6011) (5aaff53)
• types: fix AxiosHeaders types; (#5931) (a1c8ad0)

PRs

• CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Contributors to this release

• Dmitriy Mozgovoy
• Valentin Panov
• Rinku Chaudhari

Commits

• f7adacd chore(release): v1.6.0 (#6031)
• 9917e67 chore(ci): fix release-it arg; (#6032)
• 96ee232 fix(CSRF): fixed CSRF vulnerability CVE-2023-45857 (#6028)
• 7d45ab2 chore(tests): fixed tests to pass in node v19 and v20 with keep-alive enabl...
• 5aaff53 fix(dns): fixed lookup function decorator to work properly in node v20; (#6011)
• a48a63a chore(docs): added AxiosHeaders docs; (#5932)
• a1c8ad0 fix(types): fix AxiosHeaders types; (#5931)
• 2ac731d chore(docs): update readme.md (#5889)
• See full diff in compare view

Updates vue from 3.3.6 to 3.3.7

Release notes

Sourced from vue's releases.

v3.3.7

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vue's changelog.

3.3.7 (2023-10-24)

Bug Fixes

• compiler-sfc: avoid gen useCssVars when targeting SSR (#6979) (c568778), closes #6926
• compiler-ssr: proper scope analysis for ssr vnode slot fallback (#7184) (e09c26b), closes #7095
• correctly resolve types from relative paths on Windows (#9446) (089d36d), closes #8671
• hmr: fix hmr error for hoisted children array in v-for (7334376), closes #6978 #7114
• reactivity: assigning array.length while observing a symbol property (#7568) (e9e2778)
• scheduler: ensure jobs are in the correct order (#7748) (a8f6638), closes #7576
• ssr: fix hydration mismatch for disabled teleport at component root (#9399) (d8990fc), closes #6152
• Suspense: calling hooks before the transition finishes (#9388) (00de3e6), closes #5844 #5952
• transition/ssr: make transition appear work with SSR (#8859) (5ea8a8a), closes #6951
• types: fix ComponentCustomProps augmentation (#9468) (7374e93), closes #8376
• types: improve h overload to support union of string and component (#5432) (16ecb44), closes #5431

Commits

• 1789c1c release: v3.3.7
• e09c26b fix(compiler-ssr): proper scope analysis for ssr vnode slot fallback (#7184)
• 7374e93 fix(types): fix ComponentCustomProps augmentation (#9468)
• 5ea8a8a fix(transition/ssr): make transition appear work with SSR (#8859)
• 16ecb44 fix(types): improve h overload to support union of string and component (#5...
• f36c49f chore(deps): update dependency rollup to v4 (#9462)
• 105c564 chore(deps): update lint (#9461)
• 4885515 chore(deps): update dependency puppeteer to ~21.4.0 (#9459)
• 27e5052 chore(deps): update dependency todomvc-app-css to ^2.4.3 (#9458)
• 28a6f05 chore: remove internal flag on hmr option
• Additional commits viewable in compare view

Updates @quasar/vite-plugin from 1.5.0 to 1.6.0

Release notes

Sourced from @​quasar/vite-plugin's releases.

@​quasar/vite-plugin-v1.6.0

New

• feat+perf(vite-plugin): new options (autoImportVueExtensions & autoImportScriptExtensions) + perf enhancements

Donations

Quasar Framework is an open-source MIT-licensed project made possible due to the generous contributions by sponsors and backers. If you are interested in supporting this project, please consider the following:

• Becoming a sponsor on Github
• One-off donation via PayPal

Commits

• 5b56143 chore(vite-plugin): Bump version
• dc306b2 refactor(docs): use some of the new docs features
• 3355d75 fix(docs): bash examples copy - omit "$" char #16505
• c0d9c56 fix(ui): mask: keep null value on clear #16346 (#16348)
• c711528 feat(ui): refactor previous PR on QItem, improving it a bit (fix: #16107) (#1...
• 9d62833 fix(ui): q-item within QMenu should be selectable using the space key (fix: #...
• c5321d5 chore(deps): bump @​babel/traverse from 7.21.4 to 7.23.2 (#16479)
• 5dcd3c0 chore(deps): bump get-func-name from 2.0.0 to 2.0.2 (#16407)
• 16b87cc chore(deps-dev): bump postcss from 8.4.29 to 8.4.31 (#16435)
• 048fe93 feat(docs): addition to vite/lazy-loading
• Additional commits viewable in compare view

Updates sass from 1.69.4 to 1.69.5

Release notes

Sourced from sass's releases.

Dart Sass 1.69.5

To install Sass 1.69.5, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.

Changes

JS API

• Compatibility with Node.js 21.0.0.

See the full changelog for changes in earlier releases.

Changelog

Sourced from sass's changelog.

1.69.5

JS API

• Compatibility with Node.js 21.0.0.

Commits

• 89dac15 Add compatibility with Node.js 21.0.0 (#2128)
• 69d0f07 Bump lints from 2.1.1 to 3.0.0 (#2126)
• ac25a70 Bump dartdoc from 6.3.0 to 7.0.0 (#2118)
• See full diff in compare view

Updates vue-tsc from 1.8.19 to 1.8.22

Changelog

Sourced from vue-tsc's changelog.

1.8.22 (2023/10/27)

• fix: experimentalResolveStyleCssClasses: "always" not working (#3689) - thanks @​maIIady
• fix: __VLS_Prettify missing for dts build when uses withDefaults() (#3691)

1.8.21 (2023/10/25)

Volar.js 1.10.5 updates:

• fix(monaco): completion cannot insert text starting with $ (volarjs/volar.js#69)
• fix(typescript): automatic type acquisition not working since v1.10.0

1.8.20 (2023/10/23)

• feat: added Italian integration documentation
• feat: enforce v-bind argument to be an object (#3666) - thanks @​so1ve
• fix: JSDoc comments not emitted when using type-only defineProps macro (#3645)
• fix: autocomplete for directive comments without a space (#3665) - thanks @​so1ve
• fix: fix slot type when using a interpolation in template string (#3657) - thanks @​so1ve
• fix: add autocomplete for v-slot parameters (#3661) - thanks @​so1ve
• fix: export correct SlotsPropertyName for vue2 (#3669) - thanks @​zhiyuanzmj
• fix(types): infer discriminated unions in child component props (#3672) - thanks @​davidmatter
• fix: access to slots directly (#3671) - thanks @​so1ve
• fix: autocomplete not working for $event (#3668) - thanks @​so1ve
• perf: remove duplicate virtual code for native tags
• chore: rename volar to vue in diagnostics (#3667) - thanks @​so1ve
• chore: publish ts plugin to open-vsx (#3589) - thanks @​brc-dd

Full-time Support by

Our Platinum Sponsors

... (truncated)

Commits

• 1e8d09a v1.8.22
• 50d10c1 fix: add missing __VLS_Prettify type for withDefaults() (#3691)
• 46ae2ff v1.8.21
• c7c6243 chore: bump volar
• 40de14c chore: update dts.spec.ts.snap
• 998015f chore: reuse component meta cases for dts test
• 9ca5dcd chore: rename test-workspace folders
• ce5623e refactor: reorganize packages (#3685)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions