A modern and minimalist framework for building responsive and modern frontend

  • By zeva
  • Last update: Jul 4, 2022
  • Comments: 16

Zeva logo

Zeva

A modern and minimalist framework for building responsive and modern frontend
Explore Zeva docs »

Report bug · Request feature

Version License: MIT Discord

Table of contents

Getting Started

Introduction

Get started with zeva, a modern and minimalist framework for building responsive and modern front ends. Below are different ways of using zeva on your project:

  1. Download the zip file from here
  2. Clone it from here
  3. Use one of our two CDN links:
  4. npm i zeva (coming soon)
  5. yarn add zeva (coming soon)
  6. bower install zeva (coming soon)

Content

Within the downloaded file you'll find the following directories and files, logically grouping common assets and providing both compiled and minified variations:

zeva/
└── dist/
    └── css/
        ├── zeva.css
        ├── zeva.css.map
        ├── zeva.min.css
        └── zeva.min.css.map
    └── js/
        └── index.min.js

Theming:

Zeva Theming helps you Customize Zeva for changing the overall look of your Project. Light Theme

"> 
<body class="body-light">

Custom Theme

"> 
<body class="body --bg-{your background color here} --text-{your main text color here}">

Responsive

Include this tag inside before stylesheet link to ensure proper rendering and touch zooming for all devices.

"> 
<meta name="viewport" content="width=device-width, initial-scale=1.0">

Usage:

CDN Usage

Include the stylesheet inside , same for other cdn links too

"> 
<link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/zeva-ui/zeva/dist/css/zeva.css">



<link rel="stylesheet" href="https://cdn.jsdelivr.net/gh/zeva-ui/zeva/dist/css/zeva.min.css">

Zip Usage: CSS files

  1. Unzip the file wherever you want;
  2. Go to dist/css/;
  3. Import/Copy either the regular or minified CSS file.
"> 
<link rel="stylesheet" href="./dist/css/zeva.css">



<link rel="stylesheet" href="./dist/css/zeva.min.css">

Zip Usage: Sass files

Before anything, you should import our variables. To do so, follow these steps:

  1. Unzip the .zip wherever you want;
  2. Go to src/scss/;
  3. Import ./abstracts/variables/variables to the top of your main Sass file. Always remember to import variables, before anything!

Now, you're free to import any .scss file that you need.

// Zeva's required files
@import './abstracts/variables/variables';

// Chosen components
@import './components/button',
        './components/form',
        './components/table';

Zip Usage: JS file

  1. Unzip the files
  2. Go to dist/js/
  3. Import/Copy the minified js file to your working directory
"> 
<script type="text/javascript" src="index.min.js">script>

Theming Usage

Include the "> 

<script type="text/javascript" src="https://cdn.jsdelivr.net/gh/zeva-ui/zeva/dist/js/index.min.js">script>

Include this for using icons

Icons provided by fontawesome

"> 
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.7.2/css/all.css" integrity="sha384-fnmOCqbTlWIlj8LyTjo7mOUStjsKC4pOpQbqyi7RrhN7udi9RwhKkMHpvLbHG9Sr" crossorigin="anonymous">

Styling

Typography

We use Poppins as font-family, made by ITF on Google fonts

    <a>linka>
    <i>italici>
    <b>boldb>
    <u>underlineu>
    <strike>strikestrike>
    <small>smallsmall> <sup>superscriptsup> <sub>subscriptsub> <h1>This is a headingh1> <h2>This is a headingh2> <h3>This is a headingh3> <h4>This is a headingh4> <h5>This is a headingh5> <h6>This is a headingh6>

Font size

Zeva uses "rem" unit for font-size, it's relative to font-size of the root element.

$font-size: 1rem; /* normal font */
$font-size-small: 0.8rem; /* smaller font */
$font-size-big: 1.2rem;  /* bigger font */

Components

Helpers

Helpers make it easy to customize components as per your needs. Helpers can be used with mostly all components. The 'h' prefix, in the class names of helpers, means 'helper'.

.h-border-all - Creates a border around a component .h-border-pill - Used for rounded borders .h-border-bottom - Creates a border but only on bottom .h-display-block - Displays a component as a block element (like

). .h-text-right - Aligns the text to right .h-text-center - Aligns the text to Center .h-width-full - Sets a component width to 100% of it's parent .h-weight-bold - Changes font weight to bold

Buttons

Different button styles

simple button "> 
<button class="button">simple buttonbutton>
<button class="button button--filled">filled buttonbutton>
<button class="button h-border-pill">rounded buttonbutton>
<button class="button h-border-pill button--filled">rounded filled buttonbutton>

Button Sizes

small button "> 
<button class="button -size-small">small buttonbutton>
<button class="button">normal buttonbutton>
<button class="button -size-large">large buttonbutton>

Button Theme

danger button "> 
<button class="button -theme-danger">danger buttonbutton>
<button class="button -theme-warn h-border-pill">warn button roundedbutton>
<button class="button button--filled -theme-success">success button filledbutton>

Button with Icons

Search   "> 
<button class="button">Search   <i class="fas fa-search">i>button>
<button class="button -h-border-pill button--filled">Download   <i class="fas fa-download">i>button>
<button class="button -theme-danger -h-border-pill"><i class="fas fa-skull-crossbones">i>   Danger button>

Tables

Simple Table

First Name Last Name Age Country Elon Musk 47 South Africa, Canada, America Mark Zuckerberg 34 America "> 
<table class="table">
    <thead>
        <tr>
            <th>First Nameth>
            <th>Last Nameth>
            <th>Ageth>
            <th>Countryth>
        tr>
    thead> <tbody> <tr> <td>Elontd> <td>Musktd> <td>47td> <td>South Africa, Canada, Americatd> tr> <tr> <td>Marktd> <td>Zuckerbergtd> <td>34td> <td>Americatd> tr> tbody> table>

Filled Table with border on bottom of tag

First Name Last Name Age Country Elon Musk 47 South Africa, Canada, America Mark Zuckerberg 34 America "> 
<table class="table">
    <thead class="table__head--filled">
        <tr>
            <th>First Nameth>
            <th>Last Nameth>
            <th>Ageth>
            <th>Countryth>
        tr>
    thead> <tbody> <tr> <td>Elontd> <td>Musktd> <td>47td> <td>South Africa, Canada, Americatd> tr> <tr> <td>Marktd> <td>Zuckerbergtd> <td>34td> <td>Americatd> tr> tbody> table>

Forms

Input fields

"> 
<input type="text" class="input" placeholder="default input field">
<input type="text" class="input" placeholder="another default input field">
"> 
<input type="text" class="input h-width-full" placeholder="full-width input field">
<input type="text" class="input h-width-full h-border-all" placeholder="full-width bordered input field">
<input type="text" class="input h-width-full h-weight-bold" placeholder="full-width bold input field">
<input type="text" class="input h-width-full h-weight-bold h-border-pill input--filled" placeholder="full-width bold rounded filled input field">
<input type="text" class="input h-weight-bold h-border-pill h-border-all" placeholder="bold rounded bordered input field">
<input type="text" class="input h-border-pill input--filled" placeholder="rounded filled input field">

Textarea

<textarea class="input" placeholder="this is a textarea">
<textarea class="input h-width-full" placeholder="this is another textarea but longer">

Tip: You can apply all the classes on a textarea applied on input field.

Radio Buttons

Radio button "> 
<label class="label">Radio button
    <input type="radio" name="radio">
    <span class="radio">span>
label>
<label class="label">another radio button
    <input type="radio" name="radio">
    <span class="radio">span>
label>
<label class="label">disabled radio button
    <input type="radio" name="radio" disabled>
    <span class="radio">span>
label>

Checkboxes

A checkbox "> 
<label class="label">A checkbox
        <input type="checkbox">
        <span class="checkbox">span>
    label>
    <label class="label">Another checkbox but checked
        <input type="checkbox" checked>
        <span class="checkbox">span>
label>
<label class="label">Disabled checkbox
        <input type="checkbox" disabled>
        <span class="checkbox">span>
label>

Select

"> 
<select class="input h-weight-bold">
    <option>option oneoption>
    <option>option twooption>
    <option>option threeoption>
    <option>option fouroption>
select>

<select class="input h-weight-bold h-width-full">
    <option>option oneoption> <option>option twooption> <option>option three<option> <option>option fouroption> select>

more components coming soon...

Bugs and feature requests

Have a bug or a feature request? Please first read the issue guidelines and search for existing and closed issues. If your problem or idea is not addressed yet, please open a new issue.

Contributing

Please read through our contributing guidelines. Included are directions for opening issues, coding standards, and notes on development.

All HTML and CSS should conform to the Code Guide, maintained by Mark Otto.

Editor preferences are available in the editor config for easy use in common text editors. Read more and download plugins at https://editorconfig.org/.

Versioning

We use SemVer for versioning. For the versions available, see the tags on this repository.

Core Team

imfunny jlammer Kvanrooyen
imfunny jlammer Kvanrooyen

Thanks

Github

https://github.com/zeva-ui/zeva

Comments(16)

  • 1

    animations

    It is important to support users with default animations, so they won't need to bother with it.

    Although, I should note that this feature must be optional, so users can choose to use it or not by toggling a Sass variable value.

  • 2

    zeva prefix

    Creating a custom prefix for class names would avoid conflicts with users code.

    Prefixes examples:

    • zv-block--element__modifier;
    • zeva-block--element__modifier.
  • 3

    BEVM implementation

    At first, I thought we would go with BEM as a naming system, but it came to my mind that modifiers could make HTML lines too long. To solve that, I found the idea of BEVM (which is a version of BEM) the most interesting one.

    BEVM stands for: Block Element Variation Modifier

    Using this pattern, selectors are organized in this way: block__element--variation -modifier

    example:

    <button class="button button--filled -theme-danger">submit</button>

    As you can see (although, it's not concise) this system improves readability and promotes CSS & HTML decouple. In this way, the user would be able to, quickly, change the button variation or theme:

    <!-- theme changed -->
<button class="button button--filled -theme-success">submit</button>

    or...

    <!-- button variation changed -->
<button class="button button--dashed -theme-danger">submit</button>

    With that in mind, I'd like you guys to read the below summary (overviews, at least) so you can tell me what is your opinion on this matter, before pushing anything.

    New Classes

    Bellow there is a description for the why and how classes were modified/added.

    Button

    .button

    This base class remains the same.

    .button--filled

    This class replaces the .filled class so to suit BEVM variation classes.

    .button__icon

    This class replaces the .button i selector, so to decouple CSS from HTML. In this way, users don't need to (necessarily) use the tag <i>. Instead, they can have anything they desired, as long as they have .button__icon as a value for the class attribute.

    .-theme-danger

    This class replaces the .danger class so to suit BEVM modifiers. In addition to that, there's no more .danger-filled class. Instead, .-theme-danger was developed to be able to style any button variation, properly.

    Ps: In this way, users will only need to remember one class: .-theme-danger.

    .-size-small

    This class replaces the .small class so to suit BEVM modifier classes.

    .-size-large

    This class replaces the .big class so to suit BEVM modifier classes and use a proper name.

    Overview

    |

    old
    | new | |------------------------------|:-----------------:| | .button | - | | .filled | .button--filled | | .button i | .button__icon | | .danger & .danger-filled | .-theme-danger | | .small | .-size-small | | .big | .-size-large |

    Form

    .input

    This base class remains the same.

    .label

    This base class remains the same.

    .select

    This base class remains the same.

    .input--filled

    This class replaces the .input-filled class so to suit BEVM variation classes.

    Overview

    | old | new | |-----------------------|:----------------:| | .input | - | | .label | - | | .select | - | | .input-filled | .input--filled |

    Table

    .table

    This base class remains the same.

    .table--bordered

    This class replaces the .table-bordered class so to suit BEVM variation classes.

    .table--borderless

    This variation class was added, as its styles is no more default for the base .table class.

    Ps: Default styles for .table is now rows with bottom borders.

    .table__head--filled

    This class replaces the .table-filled class so to suit BEVM variation classes and use a proper name.

    .table__body--filled

    This class replaces the .table-tbody-filled class so to suit BEVM variation classes.

    .table__body--bordered

    This class replaces the .table-tbody-bordered class so to suit BEVM variation classes.

    .table__body--borderless

    This variation class was added, as its styles is no more default for the base .table class.

    Ps: Default styles for .table is now rows with bottom borders.

    Overview

    | old | new | |---------------------------|:--------------------------:| | .table | - | | .table-bordered | .table--bordered | | - | .table--borderless | | .table-filled | .table__head--filled | | .table-tbody-filled | .table__body--filled | | .table-tbody-bordered | .table__body--bordered | | - | .table__body--borderless |

    Animation Helpers

    I was thinking and maybe it's better to have animation classes as helpers, as they depend on components to do their stuff (just like any other helper).

    Ps: The 'h' prefix, in the following class names, means 'helper'.

    .h-anim-pulse

    This class was added so users can have a default pulse animation.

    .h-anim-pulse--hover

    This class replaces the .pulse-once:hover selector so to suit BEVM variation classes.

    .h-anim-float

    This class replaces the .float class so to suit BEVM.

    .h-iteration-infinite

    This class was added so users can add animation parameters, in a modular and easy way.

    Now, there's no need for creating classes such as .pulse-infinite. The user could do:

    <div class="h-anim-pulse h-iteration-infinite"></div>

<div class="h-anim-pulse--hover h-iteration-infinite"></div>

<div class="h-anim-float h-iteration-infinite"></div>

    As opposed to a non-modular way...

    <div class="pulse-infinite"></div>

<div class="pulse-once"></div>

<div class="float"></div>

    Ps: Although the last example is cleaner, it won't scale.

    Overview

    | old | new | |----------------------------|:---------------------------------:| | - | .h-anim-pulse | | .pulse-once:hover | .h-anim-pulse--hover | | .float | .h-anim-float | | - | .h-iteration-infinite |

    Other Helpers

    The 'h' prefix, in the following class names, means 'helper'.

    .h-border-all

    This class replaces the .bordered class, uses a proper name and now is not tied to the button component. Instead, it is a general helper class that can be used in any component.

    .h-border-pill

    This class replaces the .rounded class, uses a proper name and now is not tied to the button component. Instead, it is a general helper class that can be used in any component.

    .h-border-bottom

    This class replaces the .bordered class, uses a proper name and now is not tied to the button component. Instead, it is a general helper class that can be used in any component.

    .h-display-block

    This class replaces the .block class, uses a proper name and now is not tied to the button component. Instead, it is a general helper class that can be used in any component.

    .h-text-right

    This class replaces the .table-right class, uses a proper name and now is not tied to the table component. Instead, it is a general helper class that can be used in any component.

    .h-text-center

    This class replaces the .table-center class, uses a proper name and now is not tied to the table component. Instead, it is a general helper class that can be used in any component.

    .h-width-full

    This class replaces the .full class, uses a proper name and now is not tied to the button component. Instead, it is a general helper class that can be used in any component.

    Something that should be noted is that this is a helper for styling components to a max width and by "max" I mean: to the max width imfunny set it intially. So max could be 100% or even 95%, depending on the component using this class.

    .h-weight-bold

    This class replaces the .bold class, uses a proper name and now is not tied to the button component. Instead, it is a general helper class that can be used in any component.

    Something that should be noted is that this is a helper for styling text, but when used with .input it styles borders, as well.

    Overview

    | old | new | |----------------------------------|:---------------------------------:| | .bordered | .h-border-all | | .rounded | .h-border-pill | | - | .h-border-bottom | | .full | .h-width-full | | .block | .h-display-block | | .bold | .h-weight-bold | | .table-right | .h-text-right | | .table-center | .h-text-center |

  • 4

    landing page

    Newcomers need to be convinced that the framework is worth trying, before going to the docs. For this purpose, we need a beautiful landing page that emphasize Zeva's good attributes.

  • 5

    Bump tar from 4.4.8 to 4.4.15

    Bumps tar from 4.4.8 to 4.4.15.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • 6

    contributing guide

    Although we do have one, it is still too poor. This guide should have sections for PR branch, identation and other good practices that ensure consistency.

  • 7

    Added a inverse of index.css

    I created an inverse style. Instead of white text on a black background, it is black text on a white background. I have screenshots of what both styles look like.

  • 8

    Bump node-sass from 4.12.0 to 4.13.1

    Bumps node-sass from 4.12.0 to 4.13.1.

    Release notes

    Sourced from node-sass's releases.

    v4.13.1

    Community

    Supported Environments

    OS Architecture Node
    Windows x86 & x64 0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13
    OSX x64 0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13
    Linux* x86 & x64 0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8**, 9**, 10**^, 11**^, 12**^, 13**^
    Alpine Linux x64 6, 8, 10, 11, 12, 13
    FreeBSD i386 amd64 8, 10, 12, 13

    *Linux support refers to Ubuntu, Debian, and CentOS 5+ ** Not available on CentOS 5 ^ Only available on x64

    v4.13.0

    Features

    Community

    Dependencies

    Supported Environments

    OS Architecture Node
    Windows x86 & x64 0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13
    OSX x64 0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13
    Linux* x86 & x64 0.10, 0.12, 1, 2, 3, 4, 5, 6, 7, 8**, 9**, 10**^, 11**^, 12**^, 13**^
    Alpine Linux x64 6, 8, 10, 11, 12, 13
    FreeBSD i386 amd64 6, 8, 10, 12, 13

    *Linux support refers to Ubuntu, Debian, and CentOS 5+

    Changelog

    Sourced from node-sass's changelog.

    v4.13.1

    https://github.com/sass/node-sass/releases/tag/v4.13.1

    v4.13.0

    https://github.com/sass/node-sass/releases/tag/v4.13.0

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • 9

    Bump lodash from 4.17.14 to 4.17.19

    Bumps lodash from 4.17.14 to 4.17.19.

    Release notes

    Sourced from lodash's releases.

    4.17.16

    Commits
    Maintainer changes

    This version was pushed to npm by mathias, a new releaser for lodash since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • 10

    Bump mixin-deep from 1.3.1 to 1.3.2

    Bumps mixin-deep from 1.3.1 to 1.3.2.

    Commits
    Maintainer changes

    This version was pushed to npm by doowb, a new releaser for mixin-deep since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • 11

    Bump lodash from 4.17.11 to 4.17.14

    Bumps lodash from 4.17.11 to 4.17.14.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • 12

    Bump qs from 6.5.2 to 6.5.3

    Bumps qs from 6.5.2 to 6.5.3.

    Changelog

    Sourced from qs's changelog.

    6.5.3

    • [Fix] parse: ignore __proto__ keys (#428)
    • [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source
    • [Fix] correctly parse nested arrays
    • [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
    • [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
    • [Fix] when parseArrays is false, properly handle keys ending in []
    • [Fix] fix for an impossible situation: when the formatter is called with a non-string value
    • [Fix] utils.merge: avoid a crash with a null target and an array source
    • [Refactor] utils: reduce observable [[Get]]s
    • [Refactor] use cached Array.isArray
    • [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
    • [Refactor] parse: only need to reassign the var once
    • [Robustness] stringify: avoid relying on a global undefined (#427)
    • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
    • [Docs] Clarify the need for "arrayLimit" option
    • [meta] fix README.md (#399)
    • [meta] add FUNDING.yml
    • [actions] backport actions from main
    • [Tests] always use String(x) over x.toString()
    • [Tests] remove nonexistent tape option
    • [Dev Deps] backport from main
    Commits
    • 298bfa5 v6.5.3
    • ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
    • 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
    • 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
    • 12ac1c4 [meta] fix README.md (#399)
    • 0338716 [actions] backport actions from main
    • 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
    • 51b8a0b add FUNDING.yml
    • 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
    • f814a7f [Dev Deps] backport from main
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • 13

    Bump decode-uri-component from 0.2.0 to 0.2.2

    Bumps decode-uri-component from 0.2.0 to 0.2.2.

    Release notes

    Sourced from decode-uri-component's releases.

    v0.2.2

    • Prevent overwriting previously decoded tokens 980e0bf

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

    v0.2.1

    • Switch to GitHub workflows 76abc93
    • Fix issue where decode throws - fixes #6 746ca5d
    • Update license (#1) 486d7e2
    • Tidelift tasks a650457
    • Meta tweaks 66e1c28

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • 14

    Bump copy-props from 2.0.4 to 2.0.5

    Bumps copy-props from 2.0.4 to 2.0.5.

    Release notes

    Sourced from copy-props's releases.

    2.0.5

    Fix

    • Avoids prototype pollution (#7)

    Doc

    • Update license years.
    • Transfer ownership to Gulp Team (#6)

    Build

    • Update dependencies: each-props (>=1.3.2), is-plain-object (>=5.0.0).

    Test

    • Expand test versions to v11〜v14.
    Changelog

    Sourced from copy-props's changelog.

    Changelog

    3.0.1 (2021-10-31)

    Bug Fixes

    • ci: Rename prettierignore typo & avoid formatting web (192badf)
    • Update dependencies (ba8a51c)

    3.0.0 (2021-09-25)

    ⚠ BREAKING CHANGES

    • Normalize repository, dropping node <10.13 support (#8)

    Miscellaneous Chores

    • Normalize repository, dropping node <10.13 support (#8) (85b1165)
    Commits
    • 40b7974 2.0.5
    • 2c738f5 Fix: Avoids prototype pollution (#7)
    • 4cac863 Merge: Transfer ownership to Gulp Team (#6)
    • 54a791d Doc: Transfer ownership to Gulp Team
    • 196fc9e Merge: Update dependencies and expand ci test versions (#5)
    • e89907f Test: Update npm to v4 when nodejs is v5 because of npm install error.
    • e970322 Test: Run coveralls when nodejs >= 6 because of its supports
    • 063e534 Test: Add nodejs v11-v14 into ci test versions
    • 72270af Doc: Update license years
    • f60b928 Build: Update versions of dependencies
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • 15

    Bump node-sass from 4.13.1 to 7.0.0

    Bumps node-sass from 4.13.1 to 7.0.0.

    Release notes

    Sourced from node-sass's releases.

    v7.0.0

    Breaking changes

    Features

    Dependencies

    Community

    • Remove double word "support" from documentation (@​pzrq, #3159)

    Misc

    Supported Environments

    OS Architecture Node
    Windows x86 & x64 12, 14, 16, 17
    OSX x64 12, 14, 16, 17
    Linux* x64 12, 14, 16, 17
    Alpine Linux x64 12, 14, 16, 17
    FreeBSD i386 amd64 12, 14

    *Linux support refers to major distributions like Ubuntu, and Debian

    v6.0.1

    Dependencies

    Misc

    Supported Environments

    ... (truncated)

    Changelog

    Sourced from node-sass's changelog.

    v4.14.0

    https://github.com/sass/node-sass/releases/tag/v4.14.0

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • 16

    Bump tar from 4.4.8 to 4.4.18

    Bumps tar from 4.4.8 to 4.4.18.

    Commits
    • 3e35515 4.4.18
    • 52b09e3 fix: prevent path escape using drive-relative paths
    • bb93ba2 fix: reserve paths properly for unicode, windows
    • 2f1bca0 fix: prune dirCache properly for unicode, windows
    • 9bf70a8 4.4.17
    • 6aafff0 fix: skip extract if linkpath is stripped entirely
    • 5c5059a fix: reserve paths case-insensitively
    • fd6accb 4.4.16
    • 53cea6e tests: run (and pass) on windows
    • 166cfc0 fix: refactoring to pass tests on Windows
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

Popular Tag

Related