[openstreetmap/openstreetmap-website] Bump js-cookie from 2.2.1 to 3.0.0 (#3271)

dependabot[bot] notifications at github.com
Mon Jul 26 23:00:58 UTC 2021 

Bumps [js-cookie](https://github.com/js-cookie/js-cookie) from 2.2.1 to 3.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/js-cookie/js-cookie/releases">js-cookie's releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<ul>
<li>Removed <code>defaults</code> in favor of a builder: now to supply an api instance with particular predefined (cookie) attributes there's <code>Cookies.withAttributes()</code>, e.g.:</li>
</ul>
<pre lang="js"><code>const api = Cookies.withAttributes({
  path: '/',
  secure: true
})
api.set('key', 'value') // writes cookie with path: '/' and secure: true...
</code></pre>
<ul>
<li>The attributes that an api instance is configured with are exposed as <code>attributes</code> property; it's an immutable object and unlike <code>defaults</code> cannot be changed to configure the api.</li>
<li>The mechanism to fall back to the standard, internal converter by returning a falsy value in a custom read converter has been removed. Instead the default converters are now exposed as <code>Cookies.converter</code>, which allows for implementing self-contained custom converters providing the same behavior:</li>
</ul>
<pre lang="js"><code>const customReadConverter = (value, name) =&gt; {
  if (name === 'special') {
    return unescape(value)
  }
  return Cookies.converter.read(value)
}
</code></pre>
<ul>
<li><code>withConverter()</code> no longer accepts a function as argument to be turned into a read converter. It is now required to always pass an object with the explicit type(s) of converter(s):</li>
</ul>
<pre lang="js"><code>const api = Cookies.withConverter({
  read: (value, name) =&gt; unescape(value)
})
</code></pre>
<ul>
<li>The converter(s) that an api instance is configured with are exposed as <code>converter</code> property; it's an immutable object and cannot be changed to configure the api.</li>
<li>Started providing library as ES module, in addition to UMD module. The <code>module</code> field in <code>package.json</code> points to an ES module variant of the library.</li>
<li>Started using <code>browser</code> field instead of <code>main</code> in <code>package.json</code> (for the UMD variant of the library).</li>
<li>Dropped support for IE &lt; 10.</li>
<li>Removed <code>getJSON()</code>: use <code>Cookies.set('foo', JSON.stringify({ ... }))</code> and <code>JSON.parse(Cookies.get('foo'))</code> instead.</li>
<li>Removed support for Bower.</li>
<li>Added minified versions to package - <a href="https://github-redirect.dependabot.com/js-cookie/js-cookie/issues/501">#501</a></li>
<li>Improved support for url encoded cookie values (support case insensitive encoding) -  <a href="https://github-redirect.dependabot.com/js-cookie/js-cookie/issues/466">#466</a>, <a href="https://github-redirect.dependabot.com/js-cookie/js-cookie/issues/530">#530</a></li>
<li>Expose default path via API - <a href="https://github-redirect.dependabot.com/js-cookie/js-cookie/issues/541">#541</a></li>
<li>Handle falsy arguments passed to getters - <a href="https://github-redirect.dependabot.com/js-cookie/js-cookie/issues/399">#399</a></li>
<li>No longer support Node &lt; 12 when building (LTS versions only)</li>
</ul>
<h2>v3.0.0-rc.4</h2>
<p>Reverted changes introduced in <a href="https://github.com/js-cookie/js-cookie/releases/tag/v3.0.0-rc.2">rc2</a>, which caused a mayor breaking change in the case of requesting the library via jsdelivr CDN with a particular file name. <strong>This breaking change was not intentional.</strong></p>
<p>The problem was that we've been advertising the following link in the readme on the master branch:</p>
<p><a href="https://cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js">https://cdn.jsdelivr.net/npm/js-cookie@rc/dist/js.cookie.min.js</a></p>
<p>while the respective change had changed that file name in the distribution to <code>js.cookie.umd.min.js</code>.</p>
<p><strong>Nonetheless, we advise to always use the latest stable version in production environments.</strong></p>
<h2>v3.0.0-rc.3</h2>
<ul>
<li>Fixed paths in <code>exports</code> field in package.json - <a href="https://github-redirect.dependabot.com/js-cookie/js-cookie/issues/695">#695</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/js-cookie/js-cookie/commit/ea3239ac98cb0269746563092f9e3662a7b20ad3"><code>ea3239a</code></a> Craft v3.0.0 release</li>
<li><a href="https://github.com/js-cookie/js-cookie/commit/1711eb2f3f5a95b6334771bbf458bbb1510f2ff1"><code>1711eb2</code></a> Bump eslint-plugin-promise from 4.3.1 to 5.1.0</li>
<li><a href="https://github.com/js-cookie/js-cookie/commit/7e1d613acbe89ef7efa59a188c80be7dbd2c606a"><code>7e1d613</code></a> Bump eslint-config-standard from 14.1.1 to 16.0.3</li>
<li><a href="https://github.com/js-cookie/js-cookie/commit/2643786060f66dfcaac5ba34e33240f48685299f"><code>2643786</code></a> Bump eslint-plugin-markdown from 1.0.2 to 2.2.0</li>
<li><a href="https://github.com/js-cookie/js-cookie/commit/309a4eb1ead9875a8620230c2312aa2a0b7dbf1c"><code>309a4eb</code></a> Bump standard from 14.3.4 to 16.0.3</li>
<li><a href="https://github.com/js-cookie/js-cookie/commit/74c56efe4719d48e51b95116423d0120b39084a5"><code>74c56ef</code></a> Bump eslint from 6.8.0 to 7.31.0</li>
<li><a href="https://github.com/js-cookie/js-cookie/commit/2fe225a3e5d9c667bf17a6ae52f750d302f6112a"><code>2fe225a</code></a> Bump grunt-contrib-nodeunit from 2.1.0 to 3.0.0</li>
<li><a href="https://github.com/js-cookie/js-cookie/commit/6105fb3d4e2d643361260b2bbe7118c22db57b61"><code>6105fb3</code></a> Bump grunt-contrib-connect from 2.1.0 to 3.0.0</li>
<li><a href="https://github.com/js-cookie/js-cookie/commit/cc25e502a0b9fa96462bc39d7c3ac9c102b936a3"><code>cc25e50</code></a> Reformat with up-to-date prettier</li>
<li><a href="https://github.com/js-cookie/js-cookie/commit/f423ced8dc1143bfc42cade8dedf293d33e24a3a"><code>f423ced</code></a> Bump prettier from 1.19.1 to 2.3.2</li>
<li>Additional commits viewable in <a href="https://github.com/js-cookie/js-cookie/compare/v2.2.1...v3.0.0">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=js-cookie&package-manager=npm_and_yarn&previous-version=2.2.1&new-version=3.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
You can view, comment on, or merge this pull request online at:

  https://github.com/openstreetmap/openstreetmap-website/pull/3271

-- Commit Summary --

  * Bump js-cookie from 2.2.1 to 3.0.0

-- File Changes --

    M package.json (2)
    M yarn.lock (8)

-- Patch Links --

https://github.com/openstreetmap/openstreetmap-website/pull/3271.patch
https://github.com/openstreetmap/openstreetmap-website/pull/3271.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/3271
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20210726/e762a0eb/attachment-0001.htm>

More information about the rails-dev mailing list