[pull] master from liangliangyy:master#33
Open
pull[bot] wants to merge 601 commits into
Open
Conversation
|
You have successfully added a new CodeQL configuration |
…mote source Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Potential fix for code scanning alert no. 25: URL redirection from remote source
Potential fix for code scanning alert no. 25: URL redirection from remote source
## 主要改进 ### 1. 资源预加载优化 - 新增关键字体文件预加载(open-sans.css) - 新增代码高亮样式预加载(pygments/default.css) - 保留现有的 DNS 预解析和 CDN 预连接 ### 2. 扩展内联关键 CSS(约60行) - 添加首屏关键布局样式,防止布局抖动(CLS优化) - 实现骨架屏加载动画,提升感知性能 - 优化 Alpine.js x-cloak 防闪烁样式 - 统一深色/浅色模式的基础样式 ### 3. JavaScript 加载优化 - 移除 MathJax 加载器的冗余 async 属性 - 统一使用 defer,确保不阻塞 HTML 解析 ## 性能预期 - FCP (First Contentful Paint): 预计提升 0.3-0.4s - CLS (Cumulative Layout Shift): 保持 0(完美) - 感知性能:骨架屏动画提升用户体验 ## 测试 - 本地开发环境: ✅ 正常运行 - 模板语法: ✅ 无错误 - 深色模式切换: ✅ 无闪烁 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
性能优化:增强首屏渲染和资源加载策略
…hing - Replaced FormView and RedirectView with SecureFormView, LoginFormView, and LogoutRedirectView in accounts/views.py for enhanced security features. - Implemented AuthenticatedFormView in comments/views.py to enforce login requirements for comment submissions. - Introduced caching constants in constants.py to standardize cache timeout values and cache key templates. - Created base_views.py to encapsulate common view functionalities, reducing code duplication across views. - Enhanced article querying in blog/views.py using mixins for optimized database access and caching. - Consolidated error handling views into error_views.py for consistent error page rendering. - Updated settings.py to reflect new Elasticsearch host configuration.
Refactor views and introduce base views for improved security and cac…
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v2...v3) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [gevent](https://github.com/gevent/gevent) from 23.9.1 to 25.9.1. - [Release notes](https://github.com/gevent/gevent/releases) - [Changelog](https://github.com/gevent/gevent/blob/master/docs/changelog_pre.rst) - [Commits](gevent/gevent@23.9.1...25.9.1) --- updated-dependencies: - dependency-name: gevent dependency-version: 25.9.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [requests](https://github.com/psf/requests) from 2.32.4 to 2.32.5. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.32.4...v2.32.5) --- updated-dependencies: - dependency-name: requests dependency-version: 2.32.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4 to 5. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@v4...v5) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [propcache](https://github.com/aio-libs/propcache) from 0.3.1 to 0.4.1. - [Release notes](https://github.com/aio-libs/propcache/releases) - [Changelog](https://github.com/aio-libs/propcache/blob/master/CHANGES.rst) - [Commits](aio-libs/propcache@v0.3.1...v0.4.1) --- updated-dependencies: - dependency-name: propcache dependency-version: 0.4.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pyecharts](https://github.com/pyecharts/pyecharts) from 2.0.8 to 2.0.9. - [Release notes](https://github.com/pyecharts/pyecharts/releases) - [Commits](pyecharts/pyecharts@v2.0.8...v2.0.9) --- updated-dependencies: - dependency-name: pyecharts dependency-version: 2.0.9 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
…ithub/codeql-action-4 ci(deps): bump github/codeql-action from 3 to 4
…ocker/login-action-3 ci(deps): bump docker/login-action from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v2...v3) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
chore(deps): bump pyecharts from 2.0.8 to 2.0.9
…ocker/setup-buildx-action-3 ci(deps): bump docker/setup-buildx-action from 2 to 3
chore(deps): bump propcache from 0.3.1 to 0.4.1
chore(deps): bump gevent from 23.9.1 to 25.9.1
…odecov/codecov-action-5 ci(deps): bump codecov/codecov-action from 4 to 5
…ctions/checkout-6 ci(deps): bump actions/checkout from 3 to 6
chore(deps): bump requests from 2.32.4 to 2.32.5
Bumps the frontend-production group in /frontend with 4 updates: [@alpinejs/collapse](https://github.com/alpinejs/alpine/tree/HEAD/packages/collapse), [@alpinejs/focus](https://github.com/alpinejs/alpine/tree/HEAD/packages/focus), [@alpinejs/intersect](https://github.com/alpinejs/alpine/tree/HEAD/packages/intersect) and [alpinejs](https://github.com/alpinejs/alpine/tree/HEAD/packages/alpinejs). Updates `@alpinejs/collapse` from 3.15.10 to 3.15.11 - [Release notes](https://github.com/alpinejs/alpine/releases) - [Commits](https://github.com/alpinejs/alpine/commits/v3.15.11/packages/collapse) Updates `@alpinejs/focus` from 3.15.10 to 3.15.11 - [Release notes](https://github.com/alpinejs/alpine/releases) - [Commits](https://github.com/alpinejs/alpine/commits/v3.15.11/packages/focus) Updates `@alpinejs/intersect` from 3.15.10 to 3.15.11 - [Release notes](https://github.com/alpinejs/alpine/releases) - [Commits](https://github.com/alpinejs/alpine/commits/v3.15.11/packages/intersect) Updates `alpinejs` from 3.15.10 to 3.15.11 - [Release notes](https://github.com/alpinejs/alpine/releases) - [Commits](https://github.com/alpinejs/alpine/commits/v3.15.11/packages/alpinejs) --- updated-dependencies: - dependency-name: "@alpinejs/collapse" dependency-version: 3.15.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: frontend-production - dependency-name: "@alpinejs/focus" dependency-version: 3.15.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: frontend-production - dependency-name: "@alpinejs/intersect" dependency-version: 3.15.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: frontend-production - dependency-name: alpinejs dependency-version: 3.15.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: frontend-production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps the frontend-development group in /frontend with 4 updates: [autoprefixer](https://github.com/postcss/autoprefixer), [cssnano](https://github.com/cssnano/cssnano), [cssnano-preset-advanced](https://github.com/cssnano/cssnano) and [postcss](https://github.com/postcss/postcss). Updates `autoprefixer` from 10.4.27 to 10.5.0 - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](postcss/autoprefixer@10.4.27...10.5.0) Updates `cssnano` from 7.1.4 to 7.1.5 - [Release notes](https://github.com/cssnano/cssnano/releases) - [Commits](https://github.com/cssnano/cssnano/compare/cssnano@7.1.4...cssnano@7.1.5) Updates `cssnano-preset-advanced` from 7.0.12 to 7.0.13 - [Release notes](https://github.com/cssnano/cssnano/releases) - [Commits](https://github.com/cssnano/cssnano/compare/cssnano-preset-advanced@7.0.12...cssnano-preset-advanced@7.0.13) Updates `postcss` from 8.5.9 to 8.5.10 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.5.9...8.5.10) --- updated-dependencies: - dependency-name: autoprefixer dependency-version: 10.5.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: frontend-development - dependency-name: cssnano dependency-version: 7.1.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-development - dependency-name: cssnano-preset-advanced dependency-version: 7.0.13 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-development - dependency-name: postcss dependency-version: 8.5.10 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-development ... Signed-off-by: dependabot[bot] <support@github.com>
…ntend/dev/frontend-development-186cdfd774 chore(deps-dev): bump the frontend-development group in /frontend with 4 updates
…ntend/dev/frontend-production-1d3023aa3e chore(deps): bump the frontend-production group in /frontend with 4 updates
…026.1 chore(deps): bump tzdata from 2025.3 to 2026.1
…on-dependencies-0ab1360bb1 chore(deps): bump openai from 2.30.0 to 2.31.0 in the production-dependencies group
…6.4.0 chore(deps): bump gevent from 25.9.1 to 26.4.0
Update dependencies for production and frontend groups
- 账户/OAuth 页面阴影从 shadow-2xl/shadow-primary/25 降级为 shadow-sm - 推荐插件 widget 改用 Tailwind 语义 token,适配多主题与暗色模式 - base.html 内联样式硬编码 hex 改用 CSS 变量,lightbox 改 Tailwind v3 opacity 语法 - nav/footer/pagination 补全 aria-expanded/label/controls 等无障碍属性 - 修复移动端 emoji picker 右侧溢出(max-w + overflow-x-auto 兜底) - 评论树深层嵌套缩进响应式(mobile ml-3/6/9,desktop ml-12/24/36) - lightbox 关闭按钮移入容器、容器改 max-w-[90vw]、caption 加 break-words - article_index mobile 侧边栏套 details 折叠,与 article_detail 保持一致 - Nav logo 字号响应式、footer 图标 mobile 放大到 44px 触摸区 - 新增 .interface-design/system.md 设计系统文档
- interval: weekly → monthly - open-pull-requests-limit: 3 → 2 - 三个生态(pip/npm/github-actions)分组改为 catch-all patterns: ['*'] - pip 补齐 major 版本忽略规则(与 frontend 保持一致) 效果:每月每生态最多 1 个 PR,总计 ≤ 3 PR/月
refactor(ui): 统一设计系统并修复移动端体验
Bumps the python-dependencies group with 3 updates: [greenlet](https://github.com/python-greenlet/greenlet), [openai](https://github.com/openai/openai-python) and [tzdata](https://github.com/python/tzdata). Updates `greenlet` from 3.4.0 to 3.5.0 - [Changelog](https://github.com/python-greenlet/greenlet/blob/master/CHANGES.rst) - [Commits](python-greenlet/greenlet@3.4.0...3.5.0) Updates `openai` from 2.31.0 to 2.33.0 - [Release notes](https://github.com/openai/openai-python/releases) - [Changelog](https://github.com/openai/openai-python/blob/main/CHANGELOG.md) - [Commits](openai/openai-python@v2.31.0...v2.33.0) Updates `tzdata` from 2026.1 to 2026.2 - [Release notes](https://github.com/python/tzdata/releases) - [Changelog](https://github.com/python/tzdata/blob/master/NEWS.md) - [Commits](python/tzdata@2026.1...2026.2) --- updated-dependencies: - dependency-name: greenlet dependency-version: 3.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: openai dependency-version: 2.33.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: tzdata dependency-version: '2026.2' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
Updates the requirements on [certifi](https://github.com/certifi/python-certifi) to permit the latest version. - [Commits](certifi/python-certifi@2024.07.04...2024.12.14) --- updated-dependencies: - dependency-name: certifi dependency-version: 2024.12.14 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
…with 9 updates Bumps the frontend-dependencies group with 9 updates in the /frontend directory: | Package | From | To | | --- | --- | --- | | [@alpinejs/collapse](https://github.com/alpinejs/alpine/tree/HEAD/packages/collapse) | `3.15.11` | `3.15.12` | | [@alpinejs/focus](https://github.com/alpinejs/alpine/tree/HEAD/packages/focus) | `3.15.11` | `3.15.12` | | [@alpinejs/intersect](https://github.com/alpinejs/alpine/tree/HEAD/packages/intersect) | `3.15.11` | `3.15.12` | | [alpinejs](https://github.com/alpinejs/alpine/tree/HEAD/packages/alpinejs) | `3.15.11` | `3.15.12` | | [cssnano](https://github.com/cssnano/cssnano) | `7.1.5` | `7.1.7` | | [cssnano-preset-advanced](https://github.com/cssnano/cssnano) | `7.0.13` | `7.0.15` | | [htmx.org](https://github.com/bigskysoftware/htmx) | `2.0.8` | `2.0.10` | | [postcss](https://github.com/postcss/postcss) | `8.5.10` | `8.5.13` | | [terser](https://github.com/terser/terser) | `5.46.1` | `5.46.2` | Updates `@alpinejs/collapse` from 3.15.11 to 3.15.12 - [Release notes](https://github.com/alpinejs/alpine/releases) - [Commits](https://github.com/alpinejs/alpine/commits/v3.15.12/packages/collapse) Updates `@alpinejs/focus` from 3.15.11 to 3.15.12 - [Release notes](https://github.com/alpinejs/alpine/releases) - [Commits](https://github.com/alpinejs/alpine/commits/v3.15.12/packages/focus) Updates `@alpinejs/intersect` from 3.15.11 to 3.15.12 - [Release notes](https://github.com/alpinejs/alpine/releases) - [Commits](https://github.com/alpinejs/alpine/commits/v3.15.12/packages/intersect) Updates `alpinejs` from 3.15.11 to 3.15.12 - [Release notes](https://github.com/alpinejs/alpine/releases) - [Commits](https://github.com/alpinejs/alpine/commits/v3.15.12/packages/alpinejs) Updates `cssnano` from 7.1.5 to 7.1.7 - [Release notes](https://github.com/cssnano/cssnano/releases) - [Commits](https://github.com/cssnano/cssnano/compare/cssnano@7.1.5...cssnano@7.1.7) Updates `cssnano-preset-advanced` from 7.0.13 to 7.0.15 - [Release notes](https://github.com/cssnano/cssnano/releases) - [Commits](https://github.com/cssnano/cssnano/compare/cssnano-preset-advanced@7.0.13...cssnano-preset-advanced@7.0.15) Updates `htmx.org` from 2.0.8 to 2.0.10 - [Release notes](https://github.com/bigskysoftware/htmx/releases) - [Changelog](https://github.com/bigskysoftware/htmx/blob/master/CHANGELOG.md) - [Commits](bigskysoftware/htmx@v2.0.8...v2.0.10) Updates `postcss` from 8.5.10 to 8.5.13 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.5.10...8.5.13) Updates `terser` from 5.46.1 to 5.46.2 - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](terser/terser@v5.46.1...v5.46.2) --- updated-dependencies: - dependency-name: "@alpinejs/collapse" dependency-version: 3.15.12 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: frontend-dependencies - dependency-name: "@alpinejs/focus" dependency-version: 3.15.12 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: frontend-dependencies - dependency-name: "@alpinejs/intersect" dependency-version: 3.15.12 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: frontend-dependencies - dependency-name: alpinejs dependency-version: 3.15.12 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: frontend-dependencies - dependency-name: cssnano dependency-version: 7.1.7 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-dependencies - dependency-name: cssnano-preset-advanced dependency-version: 7.0.15 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-dependencies - dependency-name: htmx.org dependency-version: 2.0.10 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-dependencies - dependency-name: postcss dependency-version: 8.5.13 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-dependencies - dependency-name: terser dependency-version: 5.46.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
…ntend/dev/frontend-dependencies-747eefdb35 chore(deps): bump the frontend-dependencies group across 1 directory with 9 updates
…gte-2024.12.14 chore(deps): update certifi requirement from >=2024.7.4 to >=2024.12.14
…ependencies-2cac91e394 chore(deps): bump the python-dependencies group with 3 updates
Bump python and frontend dependencies with multiple updates
fix(template): 在 base.html 注入网站统计代码字段,修复死代码
Bumps the python-dependencies group with 9 updates: | Package | From | To | | --- | --- | --- | | [coverage](https://github.com/coveragepy/coveragepy) | `7.13.5` | `7.14.1` | | [django](https://github.com/django/django) | `5.2.13` | `5.2.14` | | [gevent](https://github.com/gevent/gevent) | `26.4.0` | `26.5.0` | | [greenlet](https://github.com/python-greenlet/greenlet) | `3.5.0` | `3.5.1` | | [openai](https://github.com/openai/openai-python) | `2.33.0` | `2.40.0` | | [propcache](https://github.com/aio-libs/propcache) | `0.4.1` | `0.5.2` | | [pytz](https://github.com/stub42/pytz) | `2026.1.post1` | `2026.2` | | [requests](https://github.com/psf/requests) | `2.33.1` | `2.34.2` | | [jsonpickle](https://github.com/jsonpickle/jsonpickle) | `4.1.1` | `4.1.2` | Updates `coverage` from 7.13.5 to 7.14.1 - [Release notes](https://github.com/coveragepy/coveragepy/releases) - [Changelog](https://github.com/coveragepy/coveragepy/blob/main/CHANGES.rst) - [Commits](coveragepy/coveragepy@7.13.5...7.14.1) Updates `django` from 5.2.13 to 5.2.14 - [Commits](django/django@5.2.13...5.2.14) Updates `gevent` from 26.4.0 to 26.5.0 - [Release notes](https://github.com/gevent/gevent/releases) - [Changelog](https://github.com/gevent/gevent/blob/master/docs/changelog_pre.rst) - [Commits](gevent/gevent@26.4.0...26.5.0) Updates `greenlet` from 3.5.0 to 3.5.1 - [Changelog](https://github.com/python-greenlet/greenlet/blob/master/CHANGES.rst) - [Commits](python-greenlet/greenlet@3.5.0...3.5.1) Updates `openai` from 2.33.0 to 2.40.0 - [Release notes](https://github.com/openai/openai-python/releases) - [Changelog](https://github.com/openai/openai-python/blob/main/CHANGELOG.md) - [Commits](openai/openai-python@v2.33.0...v2.40.0) Updates `propcache` from 0.4.1 to 0.5.2 - [Release notes](https://github.com/aio-libs/propcache/releases) - [Changelog](https://github.com/aio-libs/propcache/blob/master/CHANGES.rst) - [Commits](aio-libs/propcache@v0.4.1...v0.5.2) Updates `pytz` from 2026.1.post1 to 2026.2 - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](stub42/pytz@release_2026.1.post1...release_2026.2) Updates `requests` from 2.33.1 to 2.34.2 - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.33.1...v2.34.2) Updates `jsonpickle` from 4.1.1 to 4.1.2 - [Release notes](https://github.com/jsonpickle/jsonpickle/releases) - [Changelog](https://github.com/jsonpickle/jsonpickle/blob/main/CHANGES.rst) - [Commits](jsonpickle/jsonpickle@v4.1.1...v4.1.2) --- updated-dependencies: - dependency-name: coverage dependency-version: 7.14.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: django dependency-version: 5.2.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies - dependency-name: gevent dependency-version: 26.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: greenlet dependency-version: 3.5.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies - dependency-name: openai dependency-version: 2.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: propcache dependency-version: 0.5.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: pytz dependency-version: '2026.2' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: requests dependency-version: 2.34.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: python-dependencies - dependency-name: jsonpickle dependency-version: 4.1.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: python-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
Updates the requirements on [cryptography](https://github.com/pyca/cryptography) to permit the latest version. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@43.0.1...43.0.3) --- updated-dependencies: - dependency-name: cryptography dependency-version: 43.0.3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps the frontend-dependencies group in /frontend with 5 updates: | Package | From | To | | --- | --- | --- | | [cssnano](https://github.com/cssnano/cssnano) | `7.1.7` | `7.1.9` | | [cssnano-preset-advanced](https://github.com/cssnano/cssnano) | `7.0.15` | `7.0.16` | | [postcss](https://github.com/postcss/postcss) | `8.5.13` | `8.5.15` | | [terser](https://github.com/terser/terser) | `5.46.2` | `5.48.0` | | [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) | `6.4.2` | `6.4.3` | Updates `cssnano` from 7.1.7 to 7.1.9 - [Release notes](https://github.com/cssnano/cssnano/releases) - [Commits](https://github.com/cssnano/cssnano/compare/cssnano@7.1.7...cssnano@7.1.9) Updates `cssnano-preset-advanced` from 7.0.15 to 7.0.16 - [Release notes](https://github.com/cssnano/cssnano/releases) - [Commits](https://github.com/cssnano/cssnano/compare/cssnano-preset-advanced@7.0.15...cssnano-preset-advanced@7.0.16) Updates `postcss` from 8.5.13 to 8.5.15 - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.5.13...8.5.15) Updates `terser` from 5.46.2 to 5.48.0 - [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md) - [Commits](terser/terser@v5.46.2...v5.48.0) Updates `vite` from 6.4.2 to 6.4.3 - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v6.4.3/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v6.4.3/packages/vite) --- updated-dependencies: - dependency-name: cssnano dependency-version: 7.1.9 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-dependencies - dependency-name: cssnano-preset-advanced dependency-version: 7.0.16 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-dependencies - dependency-name: postcss dependency-version: 8.5.15 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-dependencies - dependency-name: terser dependency-version: 5.48.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: frontend-dependencies - dependency-name: vite dependency-version: 6.4.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: frontend-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
…ependencies-3cbba2bdbd chore(deps): bump the python-dependencies group with 9 updates
…aphy-gte-43.0.3 chore(deps): update cryptography requirement from >=43.0.1 to >=43.0.3
…ntend/dev/frontend-dependencies-070e810a96 chore(deps-dev): bump the frontend-dependencies group in /frontend with 5 updates
Bump Python and frontend dependencies with multiple updates
Bumps the pip group with 1 update in the / directory: [bleach](https://github.com/mozilla/bleach). Updates `bleach` from 6.3.0 to 6.4.0 - [Changelog](https://github.com/mozilla/bleach/blob/main/CHANGES) - [Commits](mozilla/bleach@v6.3.0...v6.4.0) --- updated-dependencies: - dependency-name: bleach dependency-version: 6.4.0 dependency-type: direct:production dependency-group: pip ... Signed-off-by: dependabot[bot] <support@github.com>
chore(deps): bump bleach from 6.3.0 to 6.4.0 in the pip group across 1 directory
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )