chore(deps): bump @adguard/agtree from 4.0.1 to 4.0.4#1451
chore(deps): bump @adguard/agtree from 4.0.1 to 4.0.4#1451dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
Bumps [@adguard/agtree](https://github.com/AdguardTeam/tsurlfilter/tree/HEAD/packages/agtree) from 4.0.1 to 4.0.4. - [Release notes](https://github.com/AdguardTeam/tsurlfilter/releases) - [Changelog](https://github.com/AdguardTeam/tsurlfilter/blob/master/packages/agtree/CHANGELOG.md) - [Commits](https://github.com/AdguardTeam/tsurlfilter/commits/agtree-v4.0.4/packages/agtree) --- updated-dependencies: - dependency-name: "@adguard/agtree" dependency-version: 4.0.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
There was a problem hiding this comment.
Pull request overview
Updates the project’s npm/pnpm dependency graph to use @adguard/agtree v4.0.4 (from v4.0.1), bringing in upstream fixes in HTML filtering rule conversion and selector parsing.
Changes:
- Bump
@adguard/agtreefrom^4.0.1→^4.0.4inpackage.json. - Regenerate
pnpm-lock.yamlto reflect the new resolved version and updated transitive dependencies.
Reviewed changes
Copilot reviewed 1 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| package.json | Updates the direct dependency version for @adguard/agtree. |
| pnpm-lock.yaml | Updates lockfile entries for @adguard/agtree@4.0.4 and related transitive dependency resolutions. |
Files not reviewed (1)
- pnpm-lock.yaml: Language not supported
| "_syncNote": "Dependency versions here must match those pinned in deno.json's import map; keep them in sync (for example via the existing version:sync-style task).", | ||
| "dependencies": { | ||
| "@adguard/agtree": "^4.0.1", | ||
| "@adguard/agtree": "^4.0.4", |
There was a problem hiding this comment.
The root dependency was bumped to @adguard/agtree ^4.0.4 here, but deno.json’s import map still pins "@adguard/agtree": "npm:@adguard/agtree@^4.0.1" (deno.json:100). That means Deno-based builds/tests will continue using 4.0.1, so this PR doesn’t fully apply the bump; please update the import map to ^4.0.4 (and any version-tracking docs like DEPENDENCIES.md if applicable).
| "@adguard/agtree": "^4.0.4", | |
| "@adguard/agtree": "^4.0.1", |
Bumps @adguard/agtree from 4.0.1 to 4.0.4.
Release notes
Sourced from
@adguard/agtree's releases.Changelog
Sourced from
@adguard/agtree's changelog.Commits
c98dba5AG-52411 fix conversion of tag-content with escaped double quotes5018999skipci: Automatic increment build number for AGTree3f978accombine min and max length attr values into single regexp. #18717d92a1AG-51186 Fix parsing of pseudo-class selectors with attribute selectors1a5f0e6AG-51979: prepare needed md documents for work with LLMsf58f0cbAG-51914 Improve ESLint config for AGTree8f44460AG-51485: remove obsoleted code in tsweb and agtree after upgrade to AGTree v46d94efbAG-51148 update scriptlets to v2.2.16, prepare lib releasesDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)