Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.7 to 1.14.8.
<details>
<summary>Commits</summary>
<ul>
<li><a href="3d81dc3237"><code>3d81dc3</code></a> Release version 1.14.8 of the npm package.</li>
<li><a href="62e546a99c"><code>62e546a</code></a> Drop confidential headers across schemes.</li>
<li>See full diff in <a href="https://github.com/follow-redirects/follow-redirects/compare/v1.14.7...v1.14.8">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=follow-redirects&package-manager=npm_and_yarn&previous-version=1.14.7&new-version=1.14.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/boa-dev/boa/network/alerts).
</details>
Bumps [boa-dev/criterion-compare-action](https://github.com/boa-dev/criterion-compare-action) from 3.0.2 to 3.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/boa-dev/criterion-compare-action/releases">boa-dev/criterion-compare-action's releases</a>.</em></p>
<blockquote>
<h2>v3.1.0</h2>
<p>Added the possibility to add feature flags for a benchmark (<a href="https://github-redirect.dependabot.com/boa-dev/criterion-compare-action/pull/32">boa-dev/criterion-compare-action#32</a>)</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="36f48c2715"><code>36f48c2</code></a> Bumped version number</li>
<li><a href="4a46bfae1d"><code>4a46bfa</code></a> Add the possibility to add feature flags for a benchmark (<a href="https://github-redirect.dependabot.com/boa-dev/criterion-compare-action/issues/32">#32</a>)</li>
<li>See full diff in <a href="https://github.com/boa-dev/criterion-compare-action/compare/v3.0.2...v3.1.0">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=boa-dev/criterion-compare-action&package-manager=github_actions&previous-version=3.0.2&new-version=3.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
This PR boxes the `Try` and `TaggedTemplate` nodes reducing the size of the `Node` structure from 88 to 56 bytes. This should improve performance in most cases, by adding another indirection with code with `try` and templates.
This Pull Request fixes/closes #1768.
It adds one extra peeked token in the buffered lexer, since it didn't take into account that the stream might end just after the last peeked token. The panic was only happening in debug mode, but still, this was wrong.
This commit selects the production build (instead of development) for the WebAssembly compilation with Webpack, used in our playground. This might make things a bit faster and smaller.
I also took the opportunity to update all the dependencies and the Test262 suite, but unfortunately this doesn't solve #1824.
Bumps [webpack](https://github.com/webpack/webpack) from 5.67.0 to 5.68.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/webpack/webpack/releases">webpack's releases</a>.</em></p>
<blockquote>
<h2>v5.68.0</h2>
<h1>Features</h1>
<ul>
<li>allow to disable compile time evaluation of import.meta.url</li>
<li>add <code>__webpack_module__</code> and <code>__webpack_module__.id</code> to the api</li>
</ul>
<h1>Bugfixes</h1>
<ul>
<li>fix handling of errors thrown in async modules</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="f593d98453"><code>f593d98</code></a> 5.68.0</li>
<li><a href="6f3735c548"><code>6f3735c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/15279">#15279</a> from taranek/docs/array-helpers-docs</li>
<li><a href="04039ca99c"><code>04039ca</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/15284">#15284</a> from webpack/feature/<strong>webpack_module</strong></li>
<li><a href="d7a87ab5bc"><code>d7a87ab</code></a> change <strong>webpack_module_id</strong> to <strong>webpack_module</strong>.id</li>
<li><a href="612de998f1"><code>612de99</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/15282">#15282</a> from webpack/feature/<strong>webpack_module</strong></li>
<li><a href="a962d2cedd"><code>a962d2c</code></a> add <strong>webpack_module</strong> and <strong>webpack_module_id</strong> to the api</li>
<li><a href="5a3760e6d4"><code>5a3760e</code></a> docs(util): added jsdoc annotations for ArrayHelpers.js</li>
<li><a href="46e8639a6a"><code>46e8639</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/15246">#15246</a> from pavelsavara/import_meta_url</li>
<li><a href="1e73ca79c4"><code>1e73ca7</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/15266">#15266</a> from webpack/bugfix/throwing-in-async-modules</li>
<li><a href="232403c5e8"><code>232403c</code></a> fix discussions</li>
<li>Additional commits viewable in <a href="https://github.com/webpack/webpack/compare/v5.67.0...v5.68.0">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=webpack&package-manager=npm_and_yarn&previous-version=5.67.0&new-version=5.68.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
This PR adds some Clippy lints. Mainly, it adds the list of pedantic lints excluding some lints that were causing too many warnings. I also denied some useful restriction and pedantic lints, to make sure we use `Self` all the possible times (for better maintainability), and that we pass elements by reference where possible, for example, or that the documentation is properly written.
This might even have some small performance gains.
I also added a perfect hash function for the CLI keywords, which should be more efficient than a `HashSet`. This is something we could use elsewhere too.
Bumps [copy-webpack-plugin](https://github.com/webpack-contrib/copy-webpack-plugin) from 10.2.2 to 10.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/webpack-contrib/copy-webpack-plugin/releases">copy-webpack-plugin's releases</a>.</em></p>
<blockquote>
<h2>v10.2.3</h2>
<h3><a href="https://github.com/webpack-contrib/copy-webpack-plugin/compare/v10.2.2...v10.2.3">10.2.3</a> (2022-01-29)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>async <code>to</code> support (<a href="fd095fb793">fd095fb</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/webpack-contrib/copy-webpack-plugin/blob/master/CHANGELOG.md">copy-webpack-plugin's changelog</a>.</em></p>
<blockquote>
<h3><a href="https://github.com/webpack-contrib/copy-webpack-plugin/compare/v10.2.2...v10.2.3">10.2.3</a> (2022-01-29)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>async <code>to</code> support (<a href="fd095fb793">fd095fb</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9a5a4c44ef"><code>9a5a4c4</code></a> chore(release): 10.2.3</li>
<li><a href="fd095fb793"><code>fd095fb</code></a> fix: async <code>to</code> support</li>
<li>See full diff in <a href="https://github.com/webpack-contrib/copy-webpack-plugin/compare/v10.2.2...v10.2.3">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=copy-webpack-plugin&package-manager=npm_and_yarn&previous-version=10.2.2&new-version=10.2.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
The main idea behind this is to upgrade the Unicode version from 13 to 14. I also upgraded the rest of the dependencies, so this closes#1802, #1800 and #1799.
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.134 to 1.0.135.
<details>
<summary>Commits</summary>
<ul>
<li><a href="8932c852a5"><code>8932c85</code></a> Release 1.0.135</li>
<li><a href="9f3dd3c7c4"><code>9f3dd3c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/serde-rs/serde/issues/2163">#2163</a> from serde-rs/discord</li>
<li><a href="dd9b415ff9"><code>dd9b415</code></a> Add discord invite links</li>
<li>See full diff in <a href="https://github.com/serde-rs/serde/compare/v1.0.134...v1.0.135">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde&package-manager=cargo&previous-version=1.0.134&new-version=1.0.135)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.76 to 1.0.78.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p>
<blockquote>
<h2>v1.0.78</h2>
<ul>
<li>Support deserializing as <code>&RawValue</code> in map key position, which would previously fail with <em>"invalid type: newtype struct"</em> (<a href="https://github-redirect.dependabot.com/serde-rs/json/issues/851">#851</a>)</li>
</ul>
<h2>v1.0.77</h2>
<ul>
<li>Include discord invite links in the published readme</li>
<li>Improve compile error on compiling with neither <code>std</code> nor <code>alloc</code> feature enabled</li>
<li>Include integration tests in published package (<a href="https://github-redirect.dependabot.com/serde-rs/json/issues/578">#578</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="98cafacefe"><code>98cafac</code></a> Release 1.0.78</li>
<li><a href="2d81cbd113"><code>2d81cbd</code></a> Move raw_value test imports to block of imports</li>
<li><a href="cbb0342ba0"><code>cbb0342</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/serde-rs/json/issues/851">#851</a> from serde-rs/rawkey</li>
<li><a href="e5cdfcc7ee"><code>e5cdfcc</code></a> Support deserializing map key as &RawValue</li>
<li><a href="6a3fb68979"><code>6a3fb68</code></a> Add test of deserializing a &RawValue in map key position</li>
<li><a href="d8512af496"><code>d8512af</code></a> Release 1.0.77</li>
<li><a href="5fe9bdd356"><code>5fe9bdd</code></a> Improve error on compiling with neither std nor alloc</li>
<li><a href="4c15649318"><code>4c15649</code></a> Include integration tests in published package</li>
<li><a href="71257c5667"><code>71257c5</code></a> Add discord invite links</li>
<li>See full diff in <a href="https://github.com/serde-rs/json/compare/v1.0.76...v1.0.78">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.76&new-version=1.0.78)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
This builds on top of #1758 to try to bring #1763 to life.
Something that should probably be done here would be to convert `JsString` to a `Sym` internally. Then, further optimizations could be done adding common strings to a custom interner type (those that we know statically).
This is definitely work in progress, but I would like to have feedback on the API, and feel free to contribute.
Co-authored-by: raskad <32105367+raskad@users.noreply.github.com>
It changes the following:
- Adjust the `context` methods `compile` and `execute` to avoid clones on `StatementList` and `CodeBlock`
Co-authored-by: raskad <32105367+raskad@users.noreply.github.com>
This Pull Request is part of #279.
It adds a string interner to Boa, which allows many types to not contain heap-allocated strings, and just contain a `NonZeroUsize` instead. This can move types to the stack (hopefully I'll be able to move `Token`, for example, maybe some `Node` types too.
Note that the internet is for now only available in the lexer. Next steps (in this PR or future ones) would include also using interning in the parser, and finally in execution. The idea is that strings should be represented with a `Sym` until they are displayed.
Talking about display. I have changed the `ParseError` type in order to not contain anything that could contain a `Sym` (basically tokens), which might be a bit faster, but what is important is that we don't depend on the interner when displaying errors.
The issue I have now is in order to display tokens. This requires the interner if we want to know identifiers, for example. The issue here is that Rust doesn't allow using a `fmt::Formatter` (only in nightly), which is making my head hurt. Maybe someone of you can find a better way of doing this.
Then, about `cursor.expect()`, this is the only place where we don't have the expected token type as a static string, so it's failing to compile. We have the option of changing the type definition of `ParseError` to contain an owned string, but maybe we can avoid this by having a `&'static str` come from a `TokenKind` with the default values, such as "identifier" for an identifier. I wanted for you to think about it and maybe we can just add that and avoid allocations there.
Oh, and this depends on the VM-only branch, so that has to be merged before :)
Another thing to check: should the interner be in its own module?
(Really small self-explanatory change - maybe the commit message could be better)
<!---
Thank you for contributing to Boa! Please fill out the template below, and remove or add any
information as you feel neccesary.
--->
It changes the following:
When calling `new Proxy(undefined, {})` the error message now refers to the target `undefined` instead of the handler `{}`
Bumps [structopt](https://github.com/TeXitoi/structopt) from 0.3.25 to 0.3.26.
<details>
<summary>Commits</summary>
<ul>
<li><a href="97e92a3755"><code>97e92a3</code></a> v0.3.26</li>
<li><a href="2bdd6b49ad"><code>2bdd6b4</code></a> Clarification on maintenance since clap v3 is out</li>
<li><a href="2736281a64"><code>2736281</code></a> Upgrade heck</li>
<li><a href="358cccf9af"><code>358cccf</code></a> [docs] Add output to all examples</li>
<li><a href="4c1a8fcb2f"><code>4c1a8fc</code></a> Link to the clap API in the documentation that says all clap methods can be used</li>
<li><a href="ffd4772156"><code>ffd4772</code></a> Typo</li>
<li>See full diff in <a href="https://github.com/TeXitoi/structopt/compare/v0.3.25...v0.3.26">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=structopt&package-manager=cargo&previous-version=0.3.25&new-version=0.3.26)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.73 to 1.0.75.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p>
<blockquote>
<h2>v1.0.74</h2>
<ul>
<li>Allow creating RawValues from references to unsized values (<a href="https://github-redirect.dependabot.com/serde-rs/json/issues/841">#841</a>, thanks <a href="https://github.com/EFanZh"><code>@EFanZh</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="a22b686f49"><code>a22b686</code></a> Release 1.0.75</li>
<li><a href="36c43bfed5"><code>36c43bf</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/serde-rs/json/issues/848">#848</a> from serde-rs/num</li>
<li><a href="d541381455"><code>d541381</code></a> Deserialize small numbers as integers in arbitrary_precision</li>
<li><a href="0ca5a69d73"><code>0ca5a69</code></a> Add regression test for issue 845</li>
<li><a href="66919777d0"><code>6691977</code></a> Disable buggy iter_not_returning_iterator lint</li>
<li><a href="aebe84cb09"><code>aebe84c</code></a> Raise toolchain version for preserve_order to rust 1.46</li>
<li><a href="3f459308f5"><code>3f45930</code></a> Set miriflags once for whole miri job</li>
<li><a href="c79d9ad2e1"><code>c79d9ad</code></a> Run miri also with some features enabled</li>
<li><a href="58d40de6ed"><code>58d40de</code></a> Release 1.0.74</li>
<li><a href="ef7794f87f"><code>ef7794f</code></a> Detect warnings in CI</li>
<li>Additional commits viewable in <a href="https://github.com/serde-rs/json/compare/v1.0.73...v1.0.75">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.73&new-version=1.0.75)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.6 to 1.14.7.
<details>
<summary>Commits</summary>
<ul>
<li><a href="2ede36d7c6"><code>2ede36d</code></a> Release version 1.14.7 of the npm package.</li>
<li><a href="8b347cbcef"><code>8b347cb</code></a> Drop Cookie header across domains.</li>
<li>See full diff in <a href="https://github.com/follow-redirects/follow-redirects/compare/v1.14.6...v1.14.7">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=follow-redirects&package-manager=npm_and_yarn&previous-version=1.14.6&new-version=1.14.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/boa-dev/boa/network/alerts).
</details>
Bumps [webpack](https://github.com/webpack/webpack) from 5.65.0 to 5.66.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/webpack/webpack/releases">webpack's releases</a>.</em></p>
<blockquote>
<h2>v5.66.0</h2>
<h1>Features</h1>
<ul>
<li>add <code>output.library.type: "commonjs-static"</code> to emit a statically analyse-able commonjs module (for node.js esm interop support)</li>
<li>add <code>experiments.css</code> (very experimental)
<ul>
<li>see <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/14893">webpack/webpack#14893</a></li>
</ul>
</li>
</ul>
<h1>Bugfixes</h1>
<ul>
<li>fix CORS headers for <code>experiments.lazyCompilation</code></li>
<li>fix <code>[absolute-resource-path]</code> for SourceMap module naming</li>
<li>avoid stack overflow when accessing many memory cached cache values in series</li>
</ul>
<h1>Performance</h1>
<ul>
<li>reduce default <code>watchOptions.aggregateTimeout</code> to 20ms</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="0105bc1f00"><code>0105bc1</code></a> 5.66.0</li>
<li><a href="753fdea847"><code>753fdea</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/15047">#15047</a> from dtanders/Fix-MultiItemCache-Stack-Exhaustion</li>
<li><a href="149333f210"><code>149333f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/14998">#14998</a> from JakobJingleheimer/support-cjs-static-named-exp...</li>
<li><a href="016ec7bcdb"><code>016ec7b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/15010">#15010</a> from webpack/test/large-cache-file</li>
<li><a href="83a0e611c4"><code>83a0e61</code></a> update cli snapshot</li>
<li><a href="2f2991a967"><code>2f2991a</code></a> Merge branch 'main' into support-cjs-static-named-exports</li>
<li><a href="102014bf54"><code>102014b</code></a> fix target expression</li>
<li><a href="5929bfcf35"><code>5929bfc</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/15041">#15041</a> from markjm/markjm/aggregate-timeout</li>
<li><a href="b54f2ac65c"><code>b54f2ac</code></a> use forEachBail from enhanced-resolve</li>
<li><a href="98887e42fc"><code>98887e4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/webpack/webpack/issues/14434">#14434</a> from buzuosheng/fix-chunkId</li>
<li>Additional commits viewable in <a href="https://github.com/webpack/webpack/compare/v5.65.0...v5.66.0">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=webpack&package-manager=npm_and_yarn&previous-version=5.65.0&new-version=5.66.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
It changes the following:
- Add handling for proxy objects to the abstract `is_array` operation.
- Implement the abstract `is_array` operation for `JsValue` and `JsObject` to avoid clones.
- Fix some builtin function lengths.
Bumps [indexmap](https://github.com/bluss/indexmap) from 1.7.0 to 1.8.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/bluss/indexmap/blob/master/RELEASES.rst">indexmap's changelog</a>.</em></p>
<blockquote>
<ul>
<li>
<p>1.8.0</p>
<ul>
<li>
<p>The new <code>IndexMap::into_keys</code> and <code>IndexMap::into_values</code> will consume
the map into keys or values, respectively, matching Rust 1.54's <code>HashMap</code>
methods, by <a href="https://github.com/taiki-e"><code>@taiki-e</code></a> in PR 195_.</p>
</li>
<li>
<p>More of the iterator types implement <code>Debug</code>, <code>ExactSizeIterator</code>, and
<code>FusedIterator</code>, by <a href="https://github.com/cuviper"><code>@cuviper</code></a> in PR 196_.</p>
</li>
<li>
<p><code>IndexMap</code> and <code>IndexSet</code> now implement rayon's <code>ParallelDrainRange</code>,
by <a href="https://github.com/cuviper"><code>@cuviper</code></a> in PR 197_.</p>
</li>
<li>
<p><code>IndexMap::with_hasher</code> and <code>IndexSet::with_hasher</code> are now <code>const</code>
functions, allowing static maps and sets, by <a href="https://github.com/mwillsey"><code>@mwillsey</code></a> in PR 203_.</p>
</li>
<li>
<p><code>IndexMap</code> and <code>IndexSet</code> now implement <code>From</code> for arrays, matching
Rust 1.56's implementation for <code>HashMap</code>, by <a href="https://github.com/rouge8"><code>@rouge8</code></a> in PR 205_.</p>
</li>
<li>
<p><code>IndexMap</code> and <code>IndexSet</code> now have methods <code>sort_unstable_keys</code>,
<code>sort_unstable_by</code>, <code>sorted_unstable_by</code>, and <code>par_*</code> equivalents,
which sort in-place without preserving the order of equal items, by
<a href="https://github.com/bhgomes"><code>@bhgomes</code></a> in PR 211_.</p>
</li>
</ul>
</li>
</ul>
<p>.. _195: <a href="https://github-redirect.dependabot.com/bluss/indexmap/pull/195">bluss/indexmap#195</a>
.. _196: <a href="https://github-redirect.dependabot.com/bluss/indexmap/pull/196">bluss/indexmap#196</a>
.. _197: <a href="https://github-redirect.dependabot.com/bluss/indexmap/pull/197">bluss/indexmap#197</a>
.. _203: <a href="https://github-redirect.dependabot.com/bluss/indexmap/pull/203">bluss/indexmap#203</a>
.. _205: <a href="https://github-redirect.dependabot.com/bluss/indexmap/pull/205">bluss/indexmap#205</a>
.. _211: <a href="https://github-redirect.dependabot.com/bluss/indexmap/pull/211">bluss/indexmap#211</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="916d1c96d2"><code>916d1c9</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/bluss/indexmap/issues/213">#213</a> from cuviper/release-1.7.1</li>
<li><a href="5386d2bf70"><code>5386d2b</code></a> Release 1.8.0 instead</li>
<li><a href="f090281240"><code>f090281</code></a> Release 1.7.1</li>
<li><a href="5a14f7bb8a"><code>5a14f7b</code></a> Move recent changes to RELEASES.rst</li>
<li><a href="13468f20f5"><code>13468f2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/bluss/indexmap/issues/211">#211</a> from bhgomes/add-sort-unstable-methods</li>
<li><a href="8bb46ca2e4"><code>8bb46ca</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/bluss/indexmap/issues/205">#205</a> from rouge8/from-array</li>
<li><a href="6fca269adf"><code>6fca269</code></a> No extra space is used in unstable sorts</li>
<li><a href="5d2ce528b3"><code>5d2ce52</code></a> Require rustc 1.51+ for <code>IndexMap::from(array)</code> and <code>IndexSet::from(array)</code></li>
<li><a href="f0159f656d"><code>f0159f6</code></a> Add <code>IndexMap::from(array)</code> and <code>IndexSet::from(array)</code></li>
<li><a href="4d6dde35b5"><code>4d6dde3</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/bluss/indexmap/issues/197">#197</a> from cuviper/par_drain</li>
<li>Additional commits viewable in <a href="https://github.com/bluss/indexmap/compare/1.7.0...1.8.0">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=1.7.0&new-version=1.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
This Pull Request fixes the bors hanging we've had recently
The vm action had been removed but bors was still waiting for it
It changes the following:
- Remove 'Tests on Linux with vm enabled' from the actions to be waited for
This Pull Request fixes some warnings and clips errors. It conflicts with the VM/non-VM PR, so should probably go in first, so that this branch gets properly updated and we get the list of real warnings/errors there.
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.131 to 1.0.132.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/serde-rs/serde/releases">serde's releases</a>.</em></p>
<blockquote>
<h2>v1.0.132</h2>
<ul>
<li>Enable Serialize and Deserialize impls for <code>std::sync::atomic::{AtomicI64, AtomicU64}</code> on riscv64 arch (<a href="https://github-redirect.dependabot.com/serde-rs/serde/issues/2141">#2141</a>, thanks <a href="https://github.com/Avimitin"><code>@Avimitin</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="77ae1c3bf7"><code>77ae1c3</code></a> Release 1.0.132</li>
<li><a href="b85e28166c"><code>b85e281</code></a> Update path to rustc target spec files</li>
<li><a href="0508cb50fc"><code>0508cb5</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/serde-rs/serde/issues/2141">#2141</a> from Avimitin/risc-v</li>
<li><a href="84fdc7df69"><code>84fdc7d</code></a> Enable atomic64 on riscv64 arch</li>
<li>See full diff in <a href="https://github.com/serde-rs/serde/compare/v1.0.131...v1.0.132">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde&package-manager=cargo&previous-version=1.0.131&new-version=1.0.132)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>