Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade remark-rehype from 8.0.0 to 8.1.0 #7601

Merged
merged 2 commits into from
Apr 16, 2024

Conversation

JasonStoltz
Copy link
Member

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade remark-rehype from 8.0.0 to 8.1.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released 3 years ago, on 2021-04-13.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@JasonStoltz JasonStoltz requested a review from a team as a code owner March 19, 2024 17:04
@mgadewoll mgadewoll force-pushed the snyk-upgrade-c5bcbc36b494c07938daf61c1c2cd38c branch from 92500e5 to c6cf6a6 Compare April 16, 2024 09:17
@elasticmachine
Copy link
Collaborator

elasticmachine commented Apr 16, 2024

💚 Build Succeeded

History

@kibanamachine
Copy link

Preview staging links for this PR:

@mgadewoll
Copy link
Contributor

mgadewoll commented Apr 16, 2024

ℹ️ This upgrade introduces mainly dependency updates (including dependency updates of dependencies). See the full changelog here.

Upgrades the following dependencies:

  • mdast-util-to-hast from 10.0.0 to ^10.2.0 - we were already using this version on our side

Upgrades the following devDependencies:

  • browserify from 16.0.0 to ^17.0.0 (diff here)
  • remark-cli from 8.0.0 to ^9.0.0 (diff here)
  • remark-parse from 8.0.0 to ^9.0.0 (diff here)
  • remark-preset-wooorm from 7.0.0 to ^8.0.0 (diff here)
  • remark-stringify from 8.0.0 to ^9.0.0 (diff here)
  • xo from 0.33.0 to ^0.38.0 (diff here)

📦 Affected components: EuiMarkdownFormat and EuiMarkdownEditor

✅ There was no regression found for the affected components.


ℹ️ Update: Added separate sections for dependency and devDependency updates. (link)

@cee-chen
Copy link
Contributor

remark-parse from 8.0.0 to ^9.0.0 (diff here)

⚠️ This might be an issue: see #5543 (comment)

We already require (a) version of remark-parse at 8.x and I don't know if I love us having multiple major versions of it in our dependency tree. To be honest, I'm very tempted to just discard this upgrade for now and pin our remark-related dependencies until we generally resolve #5543 and figure out what we want to do with it / EuiMarkdownEditor as a whole. :/

@mgadewoll
Copy link
Contributor

remark-parse from 8.0.0 to ^9.0.0 (diff here)

⚠️ This might be an issue: see #5543 (comment)

We already require (a) version of remark-parse at 8.x and I don't know if I love us having multiple major versions of it in our dependency tree. To be honest, I'm very tempted to just discard this upgrade for now and pin our remark-related dependencies until we generally resolve #5543 and figure out what we want to do with it / EuiMarkdownEditor as a whole. :/

@cee-chen thanks for the additional information!

This breaks EUI's own tooltip and checkbox plugins

Does this mean the markdown plugins, e.g. used here? Checking the functionality seemed fine to me but I'm clearly missing something then here 😅

@cee-chen
Copy link
Contributor

Right, because we're using our own version of remark-parse pinned to 8.0.4. This PR adds a second version of remark-parse at different major which I don't see the benefit of to be frank. I think we need to freeze/pin our remark related dependencies to where they are until we figure out what we want to do with the plugin and #5543.

@cee-chen

This comment was marked as off-topic.

@cee-chen
Copy link
Contributor

cee-chen commented Apr 16, 2024

OH. OK, sorry, I'm looking even closer at the actual changelog now. Everything other than mdast-util-to-hast was just devDependencies changes which do not affect EUI whatsoever. Alright, sorry for the false alarm. We can go ahead and merge this in

@cee-chen cee-chen merged commit 2980e32 into main Apr 16, 2024
7 checks passed
@cee-chen cee-chen deleted the snyk-upgrade-c5bcbc36b494c07938daf61c1c2cd38c branch April 16, 2024 15:18
@mgadewoll
Copy link
Contributor

OH. OK, sorry, I'm looking even closer at the actual changelog now. Everything other than mdast-util-to-hast was just devDependencies changes which do not affect EUI whatsoever. Alright, sorry for the false alarm. We can go ahead and merge this in

Ah, no worries. I think that's on me I could have made the distinction clearer in the list, separating by dev and regular dependencies. Sorry for adding extra overhead! 🙈

@cee-chen
Copy link
Contributor

No worries, thanks as always for the thoroughness and be willing to talk things through!

cee-chen added a commit to elastic/kibana that referenced this pull request May 3, 2024
`v94.1.0-backport.0` ⏩ `v94.2.1-backport.0`

_[Questions? Please see our Kibana upgrade
FAQ.](https://github.com/elastic/eui/blob/main/wiki/eui-team-processes/upgrading-kibana.md#faq-for-kibana-teams)_

---

##
[`v94.2.1-backport.0`](https://github.com/elastic/eui/releases/v94.2.1-backport.0)

**This is a backport release only intended for use by Kibana.**

- Reverted the `EuiFlexGroup`/`EuiFlexItem` `component` prop feature due
to Kibana typing issues

## [`v94.2.1`](https://github.com/elastic/eui/releases/v94.2.1)

**Bug fixes**

- Fixed an `EuiTabbedContent` edge case bug that occurred when updated
with a completely different set of `tabs`
([#7713](elastic/eui#7713))
- Fixed the `@storybook/test` dependency to be listed in
`devDependencies` and not `dependencies`
([#7719](elastic/eui#7719))

## [`v94.2.0`](https://github.com/elastic/eui/releases/v94.2.0)

- Updated `getDefaultEuiMarkdownPlugins()` to allow excluding the
following plugins in addition to `tooltip`:
([#7676](elastic/eui#7676))
  - `checkbox`
  - `linkValidator`
  - `lineBreaks`
  - `emoji`
- Updated `EuiSelectable`'s `isPreFiltered` prop to allow passing a
configuration object, which allows disabling search highlighting in
addition to search filtering
([#7683](elastic/eui#7683))
- Updated `EuiFlexGroup` and `EuiFlexItem` prop types to support passing
any valid React component type to the `component` prop and ensure proper
type checking of the extra props forwarded to the `component`.
([#7688](elastic/eui#7688))
- Updated `EuiSearchBar` to allow the `@` special character in query
string searches ([#7702](elastic/eui#7702))
- Added a new, optional `optionMatcher` prop to `EuiSelectable` and
`EuiComboBox` allowing passing a custom option matcher function to these
components and controlling option filtering for given search string
([#7709](elastic/eui#7709))

**Bug fixes**

- Fixed an `EuiPageTemplate` bug where prop updates would not cascade
down to child sections
([#7648](elastic/eui#7648))
- To cascade props down to the sidebar, `EuiPageTemplate` now explicitly
requires using the `EuiPageTemplate.Sidebar` rather than
`EuiPageSidebar`
- Fixed `EuiFieldNumber`'s typing to accept an icon configuration shape
([#7666](elastic/eui#7666))
- Fixed `EuiFieldText` and `EuiFieldNumber` to render the correct
paddings for icon shapes set to `side: 'right'`
([#7666](elastic/eui#7666))
- Fixed `EuiFieldText` and `EuiFieldNumber` to fully ignore
`icon`/`prepend`/`append` when `controlOnly` is set to true
([#7666](elastic/eui#7666))
- Fixed `EuiColorPicker`'s input not setting the correct right padding
for the number of icons displayed
([#7666](elastic/eui#7666))
- Visual fixes for `EuiRange`s with `showInput`:
([#7678](elastic/eui#7678))
  - Longer `append`/`prepend` labels no longer cause a background bug
  - Inputs can no longer overwhelm the actual range in width
- Fixed a visual text alignment regression in `EuiTableRowCell`s with
the `row` header scope
([#7681](elastic/eui#7681))
- Fixed `toolTipProps` type on `EuiSuperUpdateButton` to use
`Partial<EuiToolTipProps>`
([#7692](elastic/eui#7692))
- Fixes missing prop type for `popperProps` on `EuiDatePicker`
([#7694](elastic/eui#7694))
- Fixed a focus bug with `EuiDataGrid`s with `leadingControlColumns`
when moving columns to the left/right
([#7701](elastic/eui#7701))
([#7698](elastic/eui#7698))
- Fixed `EuiSuperDatePicker` to validate date string with respect of
locale on `EuiAbsoluteTab`.
([#7705](elastic/eui#7705))
- Fixed a visual bug with `EuiSuperDatePicker`'s absolute tab on small
mobile screens ([#7708](elastic/eui#7708))
- Fixed i18n of empty and loading state messages for the
`FieldValueSelectionFilter` component
([#7718](elastic/eui#7718))

**Dependency updates**

- Updated `@hello-pangea/dnd` to v16.6.0
([#7599](elastic/eui#7599))
- Updated `remark-rehype` to v8.1.0
([#7601](elastic/eui#7601))

**Accessibility**

- Improved `EuiBasicTable` and `EuiInMemoryTable`'s selection checkboxes
to have unique aria-labels per row
([#7672](elastic/eui#7672))
- Added `aria-valuetext` attributes to `EuiRange`s with tick labels for
improved screen reader UX
([#7675](elastic/eui#7675))
- Updated `EuiAccordion` to keep focus on accordion trigger instead of
moving to content on click/keypress
([#7696](elastic/eui#7696))
- Added `aria-disabled` attribute to `EuiHorizontalSteps` when status is
"disabled" ([#7699](elastic/eui#7699))

---------

Co-authored-by: Tomasz Kajtoch <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants