mehalter/mehalter.com
1
0
Fork 0
Code Issues 1 Pull requests 4 Projects Releases Packages 1 Wiki Activity Actions

chore(deps): update dependency jszip to v3 #7

Open
renovate-bot wants to merge 1 commit from renovate/jszip-3.x into main
pull from: renovate/jszip-3.x
merge into: mehalter:main
Conversation 0 Commits 1 Files changed 1 +1 -1
renovate-bot commented 2025-11-25 16:03:28 -05:00
Collaborator
Copy link

This PR contains the following updates:

Package Update Change
jszip (source) major 2.5.0 -> 3.10.1

Release Notes

Stuk/jszip (jszip)

v3.10.1

Compare Source

  • Add sponsorship files.
    • If you appreciate the time spent maintaining JSZip then I would really appreciate your sponsorship.
  • Consolidate metadata types and expose OnUpdateCallback #​851 and #​852
  • use const instead var in example from README.markdown #​828
  • Switch manual download link to HTTPS #​839

Internals:

v3.10.0

Compare Source

  • Change setimmediate dependency to more efficient one. Fixes #​617 (see #​829)
  • Update types of currentFile metadata to include null (see #​826)

v3.9.1

Compare Source

  • Fix recursive definition of InputFileFormat introduced in 3.9.0.

v3.9.0

Compare Source

  • Update types JSZip#loadAsync to accept a promise for data, and remove arguments from new JSZip() (see #​752)
  • Update types for compressionOptions to JSZipFileOptions and JSZipGeneratorOptions (see #​722)
  • Add types for generateInternalStream (see #​774)

v3.8.0

Compare Source

  • Santize filenames when files are loaded with loadAsync, to avoid "zip slip" attacks. The original filename is available on each zip entry as unsafeOriginalName. See the documentation. Many thanks to McCaulay Hudson for reporting.

v3.7.1

Compare Source

  • Fix build of dist files.
    • Note: this version ensures the changes from 3.7.0 are actually included in the dist files. Thanks to Evan W for reporting.

v3.7.0

Compare Source

  • Fix: Use a null prototype object for this.files (see #​766)
    • This change might break existing code if it uses prototype methods on the .files property of a zip object, for example zip.files.toString(). This approach is taken to prevent files in the zip overriding object methods that would exist on a normal object.

v3.6.0

Compare Source

  • Fix: redirect main to dist on browsers (see #​742)
  • Fix duplicate require DataLengthProbe, utils (see #​734)
  • Fix small error in read_zip.md (see #​703)

v3.5.0

Compare Source

  • Fix 'End of data reached' error when file extra field is invalid (see #​544).
  • Typescript definitions: Add null to return types of functions that may return null (see #​669).
  • Typescript definitions: Correct nodeStream's type (see #​682)
  • Typescript definitions: Add string output type (see #​666)

v3.4.0

Compare Source

  • Add Typescript type definitions (see #​601).

v3.3.0

Compare Source

  • Change browser module resolution to support Angular packager (see #​614).

v3.2.2

Compare Source

  • No public changes, but a number of testing dependencies have been updated.
  • Tested browsers are now: Internet Explorer 11, Chrome (most recent) and Firefox (most recent). Other browsers (specifically Safari) are still supported however testing them on Saucelabs is broken and so they were removed from the test matrix.

v3.2.1

Compare Source

  • Corrected built dist files

v3.2.0

Compare Source

  • Update dependencies to reduce bundle size (see #​532).
  • Fix deprecated Buffer constructor usage and add safeguards (see #​506).

v3.1.5

Compare Source

  • Fix IE11 memory leak (see #​429).
  • Handle 2 nodejs deprecations (see #​459).
  • Improve the "unsupported format" error message (see #​461).
  • Improve webworker compatibility (see #​468).
  • Fix nodejs 0.10 compatibility (see #​480).
  • Improve the error without type in async() (see #​481).

v3.1.4

Compare Source

  • consistently use our own utils object for inheritance (see #​395).
  • lower the memory consumption in generate* with a lot of files (see #​449).

v3.1.3

Compare Source

  • instanceof failing in window / iframe contexts (see #​350).
  • remove a copy with blob output (see #​357).
  • fix crc32 check for empty entries (see #​358).
  • fix the base64 error message with data uri (see #​359).

v3.1.2

Compare Source

  • fix support of nodejs process.platform in generate* methods (see #​335).
  • improve browserify/webpack support (see #​333).
  • partial support of a promise of text (see #​337).
  • fix streamed zip files containing folders (see #​342).

v3.1.1

Compare Source

  • Use a hard-coded JSZip.version, fix an issue with webpack (see #​328).

v3.1.0

Compare Source

  • utils.delay: use macro tasks instead of micro tasks (see #​288).
  • Harden base64 decode (see #​316).
  • Add JSZip.version and the version in the header (see #​317).
  • Support Promise(Blob) (see #​318).
  • Change JSZip.external.Promise implementation (see #​321).
  • Update pako to v1.0.2 to fix a DEFLATE bug (see #​322).

v3.0.0

Compare Source

This release changes a lot of methods, please see the upgrade guide.

  • replace sync getters and generate() with async methods (see #​195).
  • support nodejs streams (in file() and generateAsync()).
  • support Blob and Promise in file() and loadAsync() (see #​275).
  • add support.nodestream.
  • zip.filter: remove the defensive copy.
  • remove the deprecated API (see #​253).
  • type is now mandatory in generateAsync().
  • change the createFolders default value (now true).
  • Dates: use UTC instead of the local timezone.
  • Add base64 and array as possible output type.
  • Add a forEach method.
  • Drop node 0.8 support (see #​270).

v2.6.1

Compare Source

  • update pako to v1.0.2 to fix a DEFLATE bug (see #​322).

v2.6.0

Compare Source

  • publish dist/ files in the npm package (see #​225).
  • update pako to v1.0.0 (see #​261).
  • add support of Array in JSZip#load (see #​252).
  • improve file name / comment encoding support (see #​211).
  • handle prepended data (see #​266).
  • improve platform coverage in tests (see #​233 and #​269).

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [jszip](http://stuk.github.io/jszip/) ([source](https://github.com/Stuk/jszip)) | major | `2.5.0` -> `3.10.1` | --- ### Release Notes <details> <summary>Stuk/jszip (jszip)</summary> ### [`v3.10.1`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v3101-2022-08-02) [Compare Source](https://github.com/Stuk/jszip/compare/v3.10.0...v3.10.1) - Add sponsorship files. - If you appreciate the time spent maintaining JSZip then I would really appreciate [your sponsorship](https://github.com/sponsors/Stuk). - Consolidate metadata types and expose OnUpdateCallback [#&#8203;851](https://github.com/Stuk/jszip/pull/851) and [#&#8203;852](https://github.com/Stuk/jszip/pull/852) - use `const` instead `var` in example from README.markdown [#&#8203;828](https://github.com/Stuk/jszip/pull/828) - Switch manual download link to HTTPS [#&#8203;839](https://github.com/Stuk/jszip/pull/839) Internals: - Replace jshint with eslint [#&#8203;842](https://github.com/Stuk/jszip/pull/842) - Add performance tests [#&#8203;834](https://github.com/Stuk/jszip/pull/834) ### [`v3.10.0`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v3100-2022-05-20) [Compare Source](https://github.com/Stuk/jszip/compare/v3.9.1...v3.10.0) - Change setimmediate dependency to more efficient one. Fixes [#&#8203;617](https://github.com/Stuk/jszip/issues/617) (see [#&#8203;829](https://github.com/Stuk/jszip/pull/829)) - Update types of `currentFile` metadata to include `null` (see [#&#8203;826](https://github.com/Stuk/jszip/pull/826)) ### [`v3.9.1`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v391-2022-04-06) [Compare Source](https://github.com/Stuk/jszip/compare/v3.9.0...v3.9.1) - Fix recursive definition of `InputFileFormat` introduced in 3.9.0. ### [`v3.9.0`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v390-2022-04-04) [Compare Source](https://github.com/Stuk/jszip/compare/v3.8.0...v3.9.0) - Update types JSZip#loadAsync to accept a promise for data, and remove arguments from `new JSZip()` (see [#&#8203;752](https://github.com/Stuk/jszip/pull/752)) - Update types for `compressionOptions` to JSZipFileOptions and JSZipGeneratorOptions (see [#&#8203;722](https://github.com/Stuk/jszip/pull/722)) - Add types for `generateInternalStream` (see [#&#8203;774](https://github.com/Stuk/jszip/pull/774)) ### [`v3.8.0`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v380-2022-03-30) [Compare Source](https://github.com/Stuk/jszip/compare/v3.7.1...v3.8.0) - Santize filenames when files are loaded with `loadAsync`, to avoid ["zip slip" attacks](https://snyk.io/research/zip-slip-vulnerability). The original filename is available on each zip entry as `unsafeOriginalName`. See the [documentation](https://stuk.github.io/jszip/documentation/api_jszip/load_async.html). Many thanks to McCaulay Hudson for reporting. ### [`v3.7.1`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v371-2021-08-05) [Compare Source](https://github.com/Stuk/jszip/compare/v3.7.0...v3.7.1) - Fix build of `dist` files. - Note: this version ensures the changes from 3.7.0 are actually included in the `dist` files. Thanks to Evan W for reporting. ### [`v3.7.0`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v370-2021-07-23) [Compare Source](https://github.com/Stuk/jszip/compare/v3.6.0...v3.7.0) - Fix: Use a null prototype object for this.files (see [#&#8203;766](https://github.com/Stuk/jszip/pull/766)) - This change might break existing code if it uses prototype methods on the `.files` property of a zip object, for example `zip.files.toString()`. This approach is taken to prevent files in the zip overriding object methods that would exist on a normal object. ### [`v3.6.0`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v360-2021-02-09) [Compare Source](https://github.com/Stuk/jszip/compare/v3.5.0...v3.6.0) - Fix: redirect main to dist on browsers (see [#&#8203;742](https://github.com/Stuk/jszip/pull/742)) - Fix duplicate require DataLengthProbe, utils (see [#&#8203;734](https://github.com/Stuk/jszip/pull/734)) - Fix small error in read\_zip.md (see [#&#8203;703](https://github.com/Stuk/jszip/pull/703)) ### [`v3.5.0`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v350-2020-05-31) [Compare Source](https://github.com/Stuk/jszip/compare/v3.4.0...v3.5.0) - Fix 'End of data reached' error when file extra field is invalid (see [#&#8203;544](https://github.com/Stuk/jszip/pull/544)). - Typescript definitions: Add null to return types of functions that may return null (see [#&#8203;669](https://github.com/Stuk/jszip/pull/669)). - Typescript definitions: Correct nodeStream's type (see [#&#8203;682](https://github.com/Stuk/jszip/pull/682)) - Typescript definitions: Add string output type (see [#&#8203;666](https://github.com/Stuk/jszip/pull/666)) ### [`v3.4.0`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v340-2020-04-19) [Compare Source](https://github.com/Stuk/jszip/compare/v3.3.0...v3.4.0) - Add Typescript type definitions (see [#&#8203;601](https://github.com/Stuk/jszip/pull/601)). ### [`v3.3.0`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v330-2020-04-1) [Compare Source](https://github.com/Stuk/jszip/compare/v3.2.2...v3.3.0) - Change browser module resolution to support Angular packager (see [#&#8203;614](https://github.com/Stuk/jszip/pull/614)). ### [`v3.2.2`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v322-2019-07-04) [Compare Source](https://github.com/Stuk/jszip/compare/v3.2.1...v3.2.2) - No public changes, but a number of testing dependencies have been updated. - Tested browsers are now: Internet Explorer 11, Chrome (most recent) and Firefox (most recent). Other browsers (specifically Safari) are still supported however testing them on Saucelabs is broken and so they were removed from the test matrix. ### [`v3.2.1`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v321-2019-03-22) [Compare Source](https://github.com/Stuk/jszip/compare/v3.2.0...v3.2.1) - Corrected built dist files ### [`v3.2.0`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v320-2019-02-21) [Compare Source](https://github.com/Stuk/jszip/compare/v3.1.5...v3.2.0) - Update dependencies to reduce bundle size (see [#&#8203;532](https://github.com/Stuk/jszip/pull/532)). - Fix deprecated Buffer constructor usage and add safeguards (see [#&#8203;506](https://github.com/Stuk/jszip/pull/506)). ### [`v3.1.5`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v315-2017-11-09) [Compare Source](https://github.com/Stuk/jszip/compare/v3.1.4...v3.1.5) - Fix IE11 memory leak (see [#&#8203;429](https://github.com/Stuk/jszip/pull/429)). - Handle 2 nodejs deprecations (see [#&#8203;459](https://github.com/Stuk/jszip/pull/459)). - Improve the "unsupported format" error message (see [#&#8203;461](https://github.com/Stuk/jszip/pull/461)). - Improve webworker compatibility (see [#&#8203;468](https://github.com/Stuk/jszip/pull/468)). - Fix nodejs 0.10 compatibility (see [#&#8203;480](https://github.com/Stuk/jszip/pull/480)). - Improve the error without type in async() (see [#&#8203;481](https://github.com/Stuk/jszip/pull/481)). ### [`v3.1.4`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v314-2017-08-24) [Compare Source](https://github.com/Stuk/jszip/compare/v3.1.3...v3.1.4) - consistently use our own utils object for inheritance (see [#&#8203;395](https://github.com/Stuk/jszip/pull/395)). - lower the memory consumption in `generate*` with a lot of files (see [#&#8203;449](https://github.com/Stuk/jszip/pull/449)). ### [`v3.1.3`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v313-2016-10-06) [Compare Source](https://github.com/Stuk/jszip/compare/v3.1.2...v3.1.3) - instanceof failing in window / iframe contexts (see [#&#8203;350](https://github.com/Stuk/jszip/pull/350)). - remove a copy with blob output (see [#&#8203;357](https://github.com/Stuk/jszip/pull/357)). - fix crc32 check for empty entries (see [#&#8203;358](https://github.com/Stuk/jszip/pull/358)). - fix the base64 error message with data uri (see [#&#8203;359](https://github.com/Stuk/jszip/pull/359)). ### [`v3.1.2`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v312-2016-08-23) [Compare Source](https://github.com/Stuk/jszip/compare/v3.1.1...v3.1.2) - fix support of nodejs `process.platform` in `generate*` methods (see [#&#8203;335](https://github.com/Stuk/jszip/pull/335)). - improve browserify/webpack support (see [#&#8203;333](https://github.com/Stuk/jszip/pull/333)). - partial support of a promise of text (see [#&#8203;337](https://github.com/Stuk/jszip/pull/337)). - fix streamed zip files containing folders (see [#&#8203;342](https://github.com/Stuk/jszip/pull/342)). ### [`v3.1.1`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v311-2016-08-08) [Compare Source](https://github.com/Stuk/jszip/compare/v3.1.0...v3.1.1) - Use a hard-coded JSZip.version, fix an issue with webpack (see [#&#8203;328](https://github.com/Stuk/jszip/pull/328)). ### [`v3.1.0`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v310-2016-08-03) [Compare Source](https://github.com/Stuk/jszip/compare/v3.0.0...v3.1.0) - utils.delay: use macro tasks instead of micro tasks (see [#&#8203;288](https://github.com/Stuk/jszip/pull/288)). - Harden base64 decode (see [#&#8203;316](https://github.com/Stuk/jszip/pull/316)). - Add JSZip.version and the version in the header (see [#&#8203;317](https://github.com/Stuk/jszip/pull/317)). - Support Promise(Blob) (see [#&#8203;318](https://github.com/Stuk/jszip/pull/318)). - Change JSZip.external.Promise implementation (see [#&#8203;321](https://github.com/Stuk/jszip/pull/321)). - Update pako to v1.0.2 to fix a DEFLATE bug (see [#&#8203;322](https://github.com/Stuk/jszip/pull/322)). ### [`v3.0.0`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v300-2016-04-13) [Compare Source](https://github.com/Stuk/jszip/compare/v2.6.1...v3.0.0) This release changes a lot of methods, please see [the upgrade guide](http://stuk.github.io/jszip/documentation/upgrade_guide.html). - replace sync getters and `generate()` with async methods (see [#&#8203;195](https://github.com/Stuk/jszip/pull/195)). - support nodejs streams (in `file()` and `generateAsync()`). - support Blob and Promise in `file()` and `loadAsync()` (see [#&#8203;275](https://github.com/Stuk/jszip/pull/275)). - add `support.nodestream`. - zip.filter: remove the defensive copy. - remove the deprecated API (see [#&#8203;253](https://github.com/Stuk/jszip/pull/253)). - `type` is now mandatory in `generateAsync()`. - change the createFolders default value (now `true`). - Dates: use UTC instead of the local timezone. - Add `base64` and `array` as possible output type. - Add a forEach method. - Drop node 0.8 support (see [#&#8203;270](https://github.com/Stuk/jszip/pull/270)). ### [`v2.6.1`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v261-2016-07-28) [Compare Source](https://github.com/Stuk/jszip/compare/v2.6.0...v2.6.1) - update pako to v1.0.2 to fix a DEFLATE bug (see [#&#8203;322](https://github.com/Stuk/jszip/pull/322)). ### [`v2.6.0`](https://github.com/Stuk/jszip/blob/HEAD/CHANGES.md#v260-2016-03-23) [Compare Source](https://github.com/Stuk/jszip/compare/v2.5.0...v2.6.0) - publish `dist/` files in the npm package (see [#&#8203;225](https://github.com/Stuk/jszip/pull/225)). - update pako to v1.0.0 (see [#&#8203;261](https://github.com/Stuk/jszip/pull/261)). - add support of Array in JSZip#load (see [#&#8203;252](https://github.com/Stuk/jszip/pull/252)). - improve file name / comment encoding support (see [#&#8203;211](https://github.com/Stuk/jszip/pull/211)). - handle prepended data (see [#&#8203;266](https://github.com/Stuk/jszip/pull/266)). - improve platform coverage in tests (see [#&#8203;233](https://github.com/Stuk/jszip/pull/233) and [#&#8203;269](https://github.com/Stuk/jszip/pull/269)). </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xMzguNSIsInVwZGF0ZWRJblZlciI6IjQxLjEzOC41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
chore(deps): update dependency jszip to v3
All checks were successful
Build Docker Image / build (pull_request) Successful in 1m28s
Details
0042e0f9d5
All checks were successful
Build Docker Image / build (pull_request) Successful in 1m28s
Details
This pull request can be merged automatically.
This branch is out-of-date with the base branch
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin renovate/jszip-3.x:renovate/jszip-3.x
git switch renovate/jszip-3.x

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git switch main
git merge --no-ff renovate/jszip-3.x
git switch renovate/jszip-3.x
git rebase main
git switch main
git merge --ff-only renovate/jszip-3.x
git switch renovate/jszip-3.x
git rebase main
git switch main
git merge --no-ff renovate/jszip-3.x
git switch main
git merge --squash renovate/jszip-3.x
git switch main
git merge --ff-only renovate/jszip-3.x
git switch main
git merge renovate/jszip-3.x
git push origin main
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
mehalter/mehalter.com!7
No description provided.