From e7be25a045b1e0b3e688f150e06c6a5ea06be0ee Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 30 Jan 2025 09:05:02 +0000
Subject: [PATCH 1/5] chore(deps): Bump github/codeql-action from 3.28.1 to
 3.28.6 (#3467)

Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.28.1 to 3.28.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.28.6</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.6/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.5</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.5/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.4</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.4/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.3</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v3.28.3/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
<h2>v3.28.2</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.28.6 - 27 Jan 2025</h2>
<ul>
<li>Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
<a
href="https://redirect.github.com/github/codeql-action/pull/2726">#2726</a></li>
</ul>
<h2>3.28.5 - 24 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2717">#2717</a></li>
</ul>
<h2>3.28.4 - 23 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.3 - 22 Jan 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.20.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2707">#2707</a></li>
<li>Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the <a
href="https://github.com/github/codeql-action-sync-tool">CodeQL Action
sync tool</a> and the Actions runner did not have Zstandard installed.
<a
href="https://redirect.github.com/github/codeql-action/pull/2710">#2710</a></li>
<li>Uploading debug artifacts for CodeQL analysis is temporarily
disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2712">#2712</a></li>
</ul>
<h2>3.28.2 - 21 Jan 2025</h2>
<p>No user facing changes.</p>
<h2>3.28.1 - 10 Jan 2025</h2>
<ul>
<li>CodeQL Action v2 is now deprecated, and is no longer updated or
supported. For better performance, improved security, and new features,
upgrade to v3. For more information, see <a
href="https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/">this
changelog post</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/2677">#2677</a></li>
<li>Update default CodeQL bundle version to 2.20.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2678">#2678</a></li>
</ul>
<h2>3.28.0 - 20 Dec 2024</h2>
<ul>
<li>Bump the minimum CodeQL bundle version to 2.15.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2655">#2655</a></li>
<li>Don't fail in the unusual case that a file is on the search path. <a
href="https://redirect.github.com/github/codeql-action/pull/2660">#2660</a>.</li>
</ul>
<h2>3.27.9 - 12 Dec 2024</h2>
<p>No user facing changes.</p>
<h2>3.27.8 - 12 Dec 2024</h2>
<ul>
<li>Fixed an issue where streaming the download and extraction of the
CodeQL bundle did not respect proxy settings. <a
href="https://redirect.github.com/github/codeql-action/pull/2624">#2624</a></li>
</ul>
<h2>3.27.7 - 10 Dec 2024</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/17a820bf2e43b47be2c72b39cc905417bc1ab6d0"><code>17a820b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2735">#2735</a>
from github/aeisenberg/fix-permissions</li>
<li><a
href="https://github.com/github/codeql-action/commit/3a4eae00ff23d411ccf7ed58d680071d84b6f8b7"><code>3a4eae0</code></a>
Add extra permission to mergeback workflow</li>
<li><a
href="https://github.com/github/codeql-action/commit/4e83f6b818d7c9f52143570963b2c7f7f055decb"><code>4e83f6b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2732">#2732</a>
from github/update-v3.28.6-b49419044</li>
<li><a
href="https://github.com/github/codeql-action/commit/64ad47c7c184c89d0665bab67b8bd53e42425e85"><code>64ad47c</code></a>
Update changelog for v3.28.6</li>
<li><a
href="https://github.com/github/codeql-action/commit/b494190443a6ef5636b96529b698caabed0a8248"><code>b494190</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2726">#2726</a>
from github/aeisenberg/reenable-artifact-upload</li>
<li><a
href="https://github.com/github/codeql-action/commit/a8797048056402d6b6e8d3b3b5e67bb0ba32a6a1"><code>a879704</code></a>
Clarify test fail;ure message</li>
<li><a
href="https://github.com/github/codeql-action/commit/62c322fad9e33d39a2f7517e621a0e07516f5b48"><code>62c322f</code></a>
Add better comments around artifact upload tests</li>
<li><a
href="https://github.com/github/codeql-action/commit/c6b286132edd6f7f497542488a5a4d70768a2363"><code>c6b2861</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2731">#2731</a>
from github/dependabot/npm_and_yarn/npm-e1e9e6cd15</li>
<li><a
href="https://github.com/github/codeql-action/commit/297e89a0d9ede0e543f8d0e122332129f9a65d86"><code>297e89a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2723">#2723</a>
from github/marcogario/start-proxy_tests</li>
<li><a
href="https://github.com/github/codeql-action/commit/357e0ceaa944420266db3ff50182959161a023f0"><code>357e0ce</code></a>
Update checked-in dependencies</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/b6a472f63d85b9c78a3ac5e89422239fc15e9b3c...17a820bf2e43b47be2c72b39cc905417bc1ab6d0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.28.1&new-version=3.28.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/codeql.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 047922c950..63db06dbe1 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -28,10 +28,10 @@ jobs:
         language: [javascript]
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: github/codeql-action/init@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
+      - uses: github/codeql-action/init@17a820bf2e43b47be2c72b39cc905417bc1ab6d0 # v3.28.6
         with:
           languages: ${{ matrix.language }}
-      - uses: github/codeql-action/autobuild@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
-      - uses: github/codeql-action/analyze@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
+      - uses: github/codeql-action/autobuild@17a820bf2e43b47be2c72b39cc905417bc1ab6d0 # v3.28.6
+      - uses: github/codeql-action/analyze@17a820bf2e43b47be2c72b39cc905417bc1ab6d0 # v3.28.6
         with:
           category: '/language:${{matrix.language}}'

From a62714db70a4124ab419425475c558ee426ab324 Mon Sep 17 00:00:00 2001
From: John Cowen <johncowen@users.noreply.github.com>
Date: Thu, 30 Jan 2025 09:46:56 +0000
Subject: [PATCH 2/5] feat(tools): adds "execute on all workspaces" Makefile
 decorator (#3486)

This target calls a Makefile target on all packages within the
workspace:

i.e. `make ws/lint` will run `make lint` on all packages. If the target
doesn't exist, the command will fail only for that sub-package.

Signed-off-by: John Cowen <john.cowen@konghq.com>
---
 Makefile                             | 1 +
 packages/config/src/mk/decorators.mk | 5 +++++
 2 files changed, 6 insertions(+)
 create mode 100644 packages/config/src/mk/decorators.mk

diff --git a/Makefile b/Makefile
index 7ed2d7890c..852963ea09 100644
--- a/Makefile
+++ b/Makefile
@@ -11,6 +11,7 @@ MK := $(KUMAHQ_CONFIG)/src/mk
 .DEFAULT_GOAL := help
 include $(MK)/help.mk
 
+include $(MK)/decorators.mk
 include $(MK)/install.mk
 include $(MK)/check.mk
 
diff --git a/packages/config/src/mk/decorators.mk b/packages/config/src/mk/decorators.mk
new file mode 100644
index 0000000000..16d3b196e2
--- /dev/null
+++ b/packages/config/src/mk/decorators.mk
@@ -0,0 +1,5 @@
+.PHONY: ws/%
+ws/%: ## Dev: Run the same command in every package in the workspace i.e. `make ws/lint`
+	@for dir in $(shell npm query .workspace | jq -r '.[].location'); do \
+		$(MAKE) -C $(NPM_WORKSPACE_ROOT)/$$dir $(subst ws/,,$@); \
+	done

From 40fa242cb61fc8eb598ce111010ec28c85fe5983 Mon Sep 17 00:00:00 2001
From: John Cowen <johncowen@users.noreply.github.com>
Date: Thu, 30 Jan 2025 12:19:16 +0000
Subject: [PATCH 3/5] fix: removes extra padding adding via kongponents update
 (#3493)

Several people have reported issue with being able to click on our tab
component i.e. you have to click exactly on the text instead of being
able to click on the entire button.

A recent kongponent update
(https://github.com/Kong/kongponents/pull/2532) changed the padding of
certain HTML elements, which removed the padding from our anchor links
and added it to the surrounding div instead, meaning whilst it looked
like you could click on the entire button to click the anchor, you where
actually clicking the div, meaning the anchor wasn't navigating.

Also see
https://github.com/Kong/kongponents/pull/2532/files#diff-01f83cc2092a263bfd47c1d0a4ba5e96dea98264d85282662a63f4fa18c44dedR177

This PR rearranges the padding using some overwrites to return the
anchor its previous padded state.

There is still a little unclickable area between the button and the
bottom border, but I think this is intentional form the kongponents
authors. The additional difference with this area is that at least you
don't see a pointer cursor when hovering over it.

Signed-off-by: John Cowen <john.cowen@konghq.com>
---
 packages/kuma-gui/src/app/x/components/x-tabs/XTabs.vue | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/packages/kuma-gui/src/app/x/components/x-tabs/XTabs.vue b/packages/kuma-gui/src/app/x/components/x-tabs/XTabs.vue
index 71c32509d7..efd1d89808 100644
--- a/packages/kuma-gui/src/app/x/components/x-tabs/XTabs.vue
+++ b/packages/kuma-gui/src/app/x/components/x-tabs/XTabs.vue
@@ -82,13 +82,16 @@ watch(() => slots, () => {
 })
 </script>
 <style lang="scss" scoped>
+:deep(.tab-link) {
+  /* TODO(jc): override KTab's div styling  */
+  padding: 0 !important;
+}
 :deep(.tab-link) > * {
   transition: inherit;
   border-radius: inherit;
   color: inherit;
   outline: inherit;
-  /* TODO(jc): This can be removed if we ever get rid of the global link styling  */
-  text-decoration: none !important;
+  padding: $kui-space-30 $kui-space-50;
 }
 :deep(.tab-link) > *:focus-visible {
   background-color: $kui-color-background-neutral-weaker;

From 26ec3c69b92cb07618c89601ab70cea5f09c584d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 30 Jan 2025 14:59:49 +0000
Subject: [PATCH 4/5] chore(deps): Bump @vueuse/core from 12.4.0 to 12.5.0
 (#3471)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[@vueuse/core](https://github.com/vueuse/vueuse/tree/HEAD/packages/core)
from 12.4.0 to 12.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vueuse/vueuse/releases"><code>@​vueuse/core</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v12.5.0</h2>
<h3>   🚀 Features</h3>
<ul>
<li>More passive event handlers  -  by <a
href="https://github.com/ferferga"><code>@​ferferga</code></a> in <a
href="https://redirect.github.com/vueuse/vueuse/issues/4484">vueuse/vueuse#4484</a>
<a href="https://github.com/vueuse/vueuse/commit/eddbf8f9"><!-- raw HTML
omitted -->(eddbf)<!-- raw HTML omitted --></a></li>
<li>Use <code>useEventListener</code> where it was not being used  -  by
<a href="https://github.com/ferferga"><code>@​ferferga</code></a> in <a
href="https://redirect.github.com/vueuse/vueuse/issues/4479">vueuse/vueuse#4479</a>
<a href="https://github.com/vueuse/vueuse/commit/c6c6ede0"><!-- raw HTML
omitted -->(c6c6e)<!-- raw HTML omitted --></a></li>
<li><strong>useClipboard</strong>: Should fall back to legacy clipboard
when read/write fails  -  by <a
href="https://github.com/OrbisK"><code>@​OrbisK</code></a> in <a
href="https://redirect.github.com/vueuse/vueuse/issues/4512">vueuse/vueuse#4512</a>
<a href="https://github.com/vueuse/vueuse/commit/01acd578"><!-- raw HTML
omitted -->(01acd)<!-- raw HTML omitted --></a></li>
<li><strong>useCountdown</strong>: New function  -  by <a
href="https://github.com/rtugeek"><code>@​rtugeek</code></a>, <a
href="https://github.com/huang-julien"><code>@​huang-julien</code></a>,
<strong>Anthony Fu</strong> and <a
href="https://github.com/antfu"><code>@​antfu</code></a> in <a
href="https://redirect.github.com/vueuse/vueuse/issues/4125">vueuse/vueuse#4125</a>
<a href="https://github.com/vueuse/vueuse/commit/69cedd2f"><!-- raw HTML
omitted -->(69ced)<!-- raw HTML omitted --></a></li>
<li><strong>useEventListener</strong>: Make all parameters arrayable and
reactive  -  by <a
href="https://github.com/ferferga"><code>@​ferferga</code></a> in <a
href="https://redirect.github.com/vueuse/vueuse/issues/4486">vueuse/vueuse#4486</a>
<a href="https://github.com/vueuse/vueuse/commit/caf08519"><!-- raw HTML
omitted -->(caf08)<!-- raw HTML omitted --></a></li>
<li><strong>useFetch</strong>: Add parameters to the
<code>afterFetch</code> and <code>onFetchError</code>  -  by <a
href="https://github.com/tolking"><code>@​tolking</code></a> and
<strong>Anthony Fu</strong> in <a
href="https://redirect.github.com/vueuse/vueuse/issues/4499">vueuse/vueuse#4499</a>
<a href="https://github.com/vueuse/vueuse/commit/98a83d78"><!-- raw HTML
omitted -->(98a83)<!-- raw HTML omitted --></a></li>
<li><strong>useFileDialog</strong>: Add initialFiles option  -  by <a
href="https://github.com/EvgenyWas"><code>@​EvgenyWas</code></a> in <a
href="https://redirect.github.com/vueuse/vueuse/issues/4509">vueuse/vueuse#4509</a>
<a href="https://github.com/vueuse/vueuse/commit/8a8d6a3f"><!-- raw HTML
omitted -->(8a8d6)<!-- raw HTML omitted --></a></li>
</ul>
<h3>   🐞 Bug Fixes</h3>
<ul>
<li><strong>debounceFilter</strong>: Invoke on maxWait with the latest
invoker  -  by <a
href="https://github.com/43081j"><code>@​43081j</code></a> and <a
href="https://github.com/OrbisK"><code>@​OrbisK</code></a> in <a
href="https://redirect.github.com/vueuse/vueuse/issues/4497">vueuse/vueuse#4497</a>
<a href="https://github.com/vueuse/vueuse/commit/48e0a2e0"><!-- raw HTML
omitted -->(48e0a)<!-- raw HTML omitted --></a></li>
<li><strong>useMagicKeys</strong>: Fix key order issue on first use  - 
by <a href="https://github.com/babu-ch"><code>@​babu-ch</code></a> in <a
href="https://redirect.github.com/vueuse/vueuse/issues/4505">vueuse/vueuse#4505</a>
<a href="https://github.com/vueuse/vueuse/commit/b6947f78"><!-- raw HTML
omitted -->(b6947)<!-- raw HTML omitted --></a></li>
<li><strong>useVirtualList</strong>: Allow readonly arrays as input  - 
by <a
href="https://github.com/RebeccaStevens"><code>@​RebeccaStevens</code></a>
in <a
href="https://redirect.github.com/vueuse/vueuse/issues/4504">vueuse/vueuse#4504</a>
<a href="https://github.com/vueuse/vueuse/commit/f3cc7eca"><!-- raw HTML
omitted -->(f3cc7)<!-- raw HTML omitted --></a></li>
</ul>
<h5>    <a
href="https://github.com/vueuse/vueuse/compare/v12.4.0...v12.5.0">View
changes on GitHub</a></h5>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vueuse/vueuse/commit/1e153e936a6055d633becd3a685603b4492d8791"><code>1e153e9</code></a>
chore: release v12.5.0</li>
<li><a
href="https://github.com/vueuse/vueuse/commit/98a83d7861f8b7d1f7a29a594afb8b07cc714f4f"><code>98a83d7</code></a>
feat(useFetch): add parameters to the <code>afterFetch</code> and
<code>onFetchError</code> (<a
href="https://github.com/vueuse/vueuse/tree/HEAD/packages/core/issues/4499">#4499</a>)</li>
<li><a
href="https://github.com/vueuse/vueuse/commit/01acd57850724cd5fefcd83f9526f5a4c533a22a"><code>01acd57</code></a>
feat(useClipboard): should fall back to legacy clipboard when read/write
fail...</li>
<li><a
href="https://github.com/vueuse/vueuse/commit/0ebefbe2c3c66879b7300634b0cee169f07c4e9b"><code>0ebefbe</code></a>
docs(useClipboardItems): fix demo by using <code>text/plain</code> mime
type (<a
href="https://github.com/vueuse/vueuse/tree/HEAD/packages/core/issues/4513">#4513</a>)</li>
<li><a
href="https://github.com/vueuse/vueuse/commit/f3cc7ecad6483ff2b6214f47ad64d1d154b49fe3"><code>f3cc7ec</code></a>
fix(useVirtualList): allow readonly arrays as input (<a
href="https://github.com/vueuse/vueuse/tree/HEAD/packages/core/issues/4504">#4504</a>)</li>
<li><a
href="https://github.com/vueuse/vueuse/commit/69cedd2fc7e8eaae673d642bb70cc9b30b3cd7da"><code>69cedd2</code></a>
feat(useCountdown): new function (<a
href="https://github.com/vueuse/vueuse/tree/HEAD/packages/core/issues/4125">#4125</a>)</li>
<li><a
href="https://github.com/vueuse/vueuse/commit/b6947f78329374876df5f589e43256e46bba68d7"><code>b6947f7</code></a>
fix(useMagicKeys): fix key order issue on first use (<a
href="https://github.com/vueuse/vueuse/tree/HEAD/packages/core/issues/4505">#4505</a>)</li>
<li><a
href="https://github.com/vueuse/vueuse/commit/d08eb2c8ad17c01b77d49a01de13009553ccf624"><code>d08eb2c</code></a>
refactor: use <code>useTemplateRef</code> instead of <code>ref</code> in
demos and docs (<a
href="https://github.com/vueuse/vueuse/tree/HEAD/packages/core/issues/4482">#4482</a>)</li>
<li><a
href="https://github.com/vueuse/vueuse/commit/8a8d6a3f873d75c725b24e2ca65a3b552faefae0"><code>8a8d6a3</code></a>
feat(useFileDialog): add initialFiles option (<a
href="https://github.com/vueuse/vueuse/tree/HEAD/packages/core/issues/4509">#4509</a>)</li>
<li><a
href="https://github.com/vueuse/vueuse/commit/3933a0b014951607f75a4c3d740c6433e854e077"><code>3933a0b</code></a>
chore(deps): update to vitest@3 (<a
href="https://github.com/vueuse/vueuse/tree/HEAD/packages/core/issues/4501">#4501</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vueuse/vueuse/commits/v12.5.0/packages/core">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@vueuse/core&package-manager=npm_and_yarn&previous-version=12.4.0&new-version=12.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 package-lock.json              | 55 +++++++++++++++++++++++++++++-----
 packages/kuma-gui/package.json |  2 +-
 2 files changed, 49 insertions(+), 8 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 24d8a3d329..d189e379f8 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -4670,13 +4670,26 @@
       }
     },
     "node_modules/@vueuse/core": {
-      "version": "12.4.0",
-      "resolved": "https://registry.npmjs.org/@vueuse/core/-/core-12.4.0.tgz",
-      "integrity": "sha512-XnjQYcJwCsyXyIafyA6SvyN/OBtfPnjvJmbxNxQjCcyWD198urwm5TYvIUUyAxEAN0K7HJggOgT15cOlWFyLeA==",
+      "version": "12.5.0",
+      "resolved": "https://registry.npmjs.org/@vueuse/core/-/core-12.5.0.tgz",
+      "integrity": "sha512-GVyH1iYqNANwcahAx8JBm6awaNgvR/SwZ1fjr10b8l1HIgDp82ngNbfzJUgOgWEoxjL+URAggnlilAEXwCOZtg==",
+      "license": "MIT",
       "dependencies": {
         "@types/web-bluetooth": "^0.0.20",
-        "@vueuse/metadata": "12.4.0",
-        "@vueuse/shared": "12.4.0",
+        "@vueuse/metadata": "12.5.0",
+        "@vueuse/shared": "12.5.0",
+        "vue": "^3.5.13"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@vueuse/core/node_modules/@vueuse/shared": {
+      "version": "12.5.0",
+      "resolved": "https://registry.npmjs.org/@vueuse/shared/-/shared-12.5.0.tgz",
+      "integrity": "sha512-vMpcL1lStUU6O+kdj6YdHDixh0odjPAUM15uJ9f7MY781jcYkIwFA4iv2EfoIPO6vBmvutI1HxxAwmf0cx5ISQ==",
+      "license": "MIT",
+      "dependencies": {
         "vue": "^3.5.13"
       },
       "funding": {
@@ -4750,10 +4763,37 @@
         }
       }
     },
-    "node_modules/@vueuse/metadata": {
+    "node_modules/@vueuse/integrations/node_modules/@vueuse/core": {
+      "version": "12.4.0",
+      "resolved": "https://registry.npmjs.org/@vueuse/core/-/core-12.4.0.tgz",
+      "integrity": "sha512-XnjQYcJwCsyXyIafyA6SvyN/OBtfPnjvJmbxNxQjCcyWD198urwm5TYvIUUyAxEAN0K7HJggOgT15cOlWFyLeA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@types/web-bluetooth": "^0.0.20",
+        "@vueuse/metadata": "12.4.0",
+        "@vueuse/shared": "12.4.0",
+        "vue": "^3.5.13"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@vueuse/integrations/node_modules/@vueuse/metadata": {
       "version": "12.4.0",
       "resolved": "https://registry.npmjs.org/@vueuse/metadata/-/metadata-12.4.0.tgz",
       "integrity": "sha512-AhPuHs/qtYrKHUlEoNO6zCXufu8OgbR8S/n2oMw1OQuBQJ3+HOLQ+EpvXs+feOlZMa0p8QVvDWNlmcJJY8rW2g==",
+      "dev": true,
+      "license": "MIT",
+      "funding": {
+        "url": "https://github.com/sponsors/antfu"
+      }
+    },
+    "node_modules/@vueuse/metadata": {
+      "version": "12.5.0",
+      "resolved": "https://registry.npmjs.org/@vueuse/metadata/-/metadata-12.5.0.tgz",
+      "integrity": "sha512-Ui7Lo2a7AxrMAXRF+fAp9QsXuwTeeZ8fIB9wsLHqzq9MQk+2gMYE2IGJW48VMJ8ecvCB3z3GsGLKLbSasQ5Qlg==",
+      "license": "MIT",
       "funding": {
         "url": "https://github.com/sponsors/antfu"
       }
@@ -4762,6 +4802,7 @@
       "version": "12.4.0",
       "resolved": "https://registry.npmjs.org/@vueuse/shared/-/shared-12.4.0.tgz",
       "integrity": "sha512-9yLgbHVIF12OSCojnjTIoZL1+UA10+O4E1aD6Hpfo/DKVm5o3SZIwz6CupqGy3+IcKI8d6Jnl26EQj/YucnW0Q==",
+      "dev": true,
       "license": "MIT",
       "dependencies": {
         "vue": "^3.5.13"
@@ -16776,7 +16817,7 @@
         "@kong/icons": "^1.20.2",
         "@kong/kongponents": "^9.16.1",
         "@vue/shared": "^3.5.13",
-        "@vueuse/core": "^12.4.0",
+        "@vueuse/core": "^12.5.0",
         "brandi": "^5.0.0",
         "deepmerge": "^4.3.1",
         "js-yaml": "^4.1.0",
diff --git a/packages/kuma-gui/package.json b/packages/kuma-gui/package.json
index d67fef979a..44046707cb 100644
--- a/packages/kuma-gui/package.json
+++ b/packages/kuma-gui/package.json
@@ -17,7 +17,7 @@
     "@kong/icons": "^1.20.2",
     "@kong/kongponents": "^9.16.1",
     "@vue/shared": "^3.5.13",
-    "@vueuse/core": "^12.4.0",
+    "@vueuse/core": "^12.5.0",
     "brandi": "^5.0.0",
     "deepmerge": "^4.3.1",
     "js-yaml": "^4.1.0",

From d5eef60219eba9bb3412c72e92e64be6976dd255 Mon Sep 17 00:00:00 2001
From: John Cowen <johncowen@users.noreply.github.com>
Date: Thu, 30 Jan 2025 15:19:57 +0000
Subject: [PATCH 5/5] fix: prevents KSelect/XSelect from firing events twice
 (#3491)

I found that KSelect `select` event would fire twice if you change the
`items` as a result of the the first `select` event.

I would guess that KSelect could do something like firing a select event
as a result of a non-user-interaction if you change the `selected`
property of an `item`. So even though the menu has already been
changed/selected by the user, if you change `items` immediately after to
be the same as the user selection, it re-fires the same event. But kinda
just guessing.

I moved XSelect to use a different approach which avoids using
`items[].selected`, which fixes the issue, and I no longer see the
double events.

From my investigation this issue doesn't seem to be affecting anything
currently, but it'd best if our XSelect component didn't fire `change`
twice.

Signed-off-by: John Cowen <john.cowen@konghq.com>
---
 .../kuma-gui/src/app/x/components/x-select/XSelect.vue | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/packages/kuma-gui/src/app/x/components/x-select/XSelect.vue b/packages/kuma-gui/src/app/x/components/x-select/XSelect.vue
index 4433076ce9..5ed42bdd4d 100644
--- a/packages/kuma-gui/src/app/x/components/x-select/XSelect.vue
+++ b/packages/kuma-gui/src/app/x/components/x-select/XSelect.vue
@@ -1,5 +1,6 @@
 <template>
   <KSelect
+    v-model="selected"
     :label="props.label"
     :items="items"
     @selected="emit('change', String($event.value))"
@@ -25,7 +26,7 @@
 </template>
 <script lang="ts" setup>
 import { KSelect } from '@kong/kongponents'
-import { computed } from 'vue'
+import { computed, ref } from 'vue'
 
 const emit = defineEmits<{
   (event: 'change', value: string): void
@@ -40,12 +41,13 @@ const props = withDefaults(defineProps<{
 
 const slots = defineSlots()
 
+const selected = ref(props.selected)
+
 const items = computed(() => {
   const items = Object.keys(slots).reduce<
     {
       value: string
       label: string
-      selected: boolean
     }[]
   >((prev, key) => {
     const pos = key.lastIndexOf('-option')
@@ -55,15 +57,11 @@ const items = computed(() => {
         {
           value: item,
           label: item,
-          selected: item === props.selected,
         },
       )
     }
     return prev
   }, [])
-  if (items.find(item => item.selected) === undefined) {
-    items[0].selected = true
-  }
   return items
 })