- [2b395b9f] Fix command to lint markdown in `CONTRIBUTING.md`
- [fed4c86c] Re-activate JSDoc ESLint plugin and fix linting issues (As
far as I remember, we deactivated it when we upgraded to ESLint 9
because it was not compatible with it. But its now.)
- [a3d2064b] Refactor ESLint config to use `defineConfig` and
`globalIgnores` ([these are like new
defaults](https://eslint.org/blog/2025/03/flat-config-extends-define-config-global-ignores/))
- [a3d2064b] Replace `eslint-plugin-import` with
`eslint-plugin-import-x`
(https://github.com/es-tooling/module-replacements/blob/main/docs/modules/eslint-plugin-import.md)
- [86a185b6] Switch Stylelint config to flat format and simplify
Stylelint scripts (like we already did for ESLint and prettier)
- [f5a2c541] Fix some typos
This has the advantage that the package manager is no longer involved
after the installation process.
However, previous start commands such as `npm run start` continue to
work. So we don't even have to adapt the documentation.
nothing to see here really
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: veeck <gitkraken@veeck.de>
Main point was to enable ESLint `dot-notation` and `no-unneeded-ternary`
rules for more code consistency.
I took the occasion to add two minor commits:
- Fix a problem found by running `test:spelling
- Minor dependency update
It wouldn't be a problem if the PR didn't arrive in the next release,
the changes are cosmetic.
user reporting slow/no connection/timeout errors on armv6l for calendar,
and newsfeed
we can increase the timeout by adding calls to the undici lib, but it
requires node 20.18.1 or above.
this adds the support for timeout
(also environment variable to override if needed,, mmFetchTimeout
(default 30 seconds)
and updates the base node version
I also reworked the Linters section in `CONTRIBUTING.md` a bit and
switched the `prettier` config to a flat config.
Co-authored-by: Veeck <github@veeck.de>
here is an updated test version of the fixes for all kinds of calendar
date problems.
NOTE: the changed branch name
NOTE: this used the node-cal@0.19.0 library UNCHANGED
best to make a new folder and git clone there
git clone https://github.com/sdetweil/MagicMirror
cd MagicMirror
git checkout fixcaldates2 // <------ note this is a changed branch name
npm run install-mm
copy your config.js and custom.css from the prior folder
and the non-default modules you have installed…
this ONLY changes the default calendar
but DOES ship an updated node-ical library too
if you need to fall back, just rename the folders around again so that
your original is called MagicMirror
all the testcases for node-ical and MagicMirror execute successfully.
the ‘BIG’ change here is to get the local NON-TZ dates for the
rrule.between()
all the checking and conversion code is commented out or not used
the node-ical fixes are for excluded dates (exdate) values being
adjusted for DST/STD time… waiting to submit that PR
one fix in calendar.js for checking if a past date was too far back,
but it never checked to see IF the event date was in the past… (before
today) so it chopped off too many
and one change in calendarfetcher.js to put out a better diagnostic
message of the parsed data… (exdate was excluded cause JSON stringify
couldn’t convert the complex structure)
I added the tests you all have documented
please re-pull and checkout the new branch (I deleted the old branch)
and npm run install-mm again
---------
Co-authored-by: Veeck <github@veeck.de>
Besides updating cspell and handling spelling issues, the important
change is adding the spelling check to the GitHub workflow.
I'm not sure if it will bother us too much when people create PRs. But I
wanted to give it a try. Or do you have any other ideas on how we can
run the spelling check on a regular basis?
Bumps [helmet](https://github.com/helmetjs/helmet) from 7.1.0 to 8.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/helmetjs/helmet/blob/main/CHANGELOG.md">helmet's
changelog</a>.</em></p>
<blockquote>
<h2>8.0.0</h2>
<h3>Changed</h3>
<ul>
<li><strong>Breaking:</strong> <code>Strict-Transport-Security</code>
now has a max-age of 365 days, up from 180</li>
<li><strong>Breaking:</strong> <code>Content-Security-Policy</code>
middleware now throws an error if a directive should have quotes but
does not, such as <code>self</code> instead of <code>'self'</code>. See
<a
href="https://redirect.github.com/helmetjs/helmet/issues/454">#454</a></li>
<li><strong>Breaking:</strong> <code>Content-Security-Policy</code>'s
<code>getDefaultDirectives</code> now returns a deep copy. This only
affects users who were mutating the result</li>
<li><strong>Breaking:</strong> <code>Strict-Transport-Security</code>
now throws an error when "includeSubDomains" option is
misspelled. This was previously a warning</li>
</ul>
<h3>Removed</h3>
<ul>
<li><strong>Breaking:</strong> Drop support for Node 16 and 17. Node 18+
is now required</li>
</ul>
<h2>7.2.0 - 2024-09-28</h2>
<h3>Changed</h3>
<ul>
<li><code>Content-Security-Policy</code> middleware now warns if a
directive should have quotes but does not, such as <code>self</code>
instead of <code>'self'</code>. This will be an error in future
versions. See <a
href="https://redirect.github.com/helmetjs/helmet/issues/454">#454</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9a8e6d5322"><code>9a8e6d5</code></a>
8.0.0</li>
<li><a
href="6562cd7074"><code>6562cd7</code></a>
CSP: speed up <code>getDefaultDirectives</code></li>
<li><a
href="a8befb3b9d"><code>a8befb3</code></a>
<code>getDefaultDirectives</code> should do a deep copy</li>
<li><a
href="558ef2ce90"><code>558ef2c</code></a>
HSTS: throw when misspelling "includeSubDomains" option</li>
<li><a
href="73e75952fe"><code>73e7595</code></a>
Content-Security-Policy: throw if directive value lacks necessary
quotes</li>
<li><a
href="76410e1093"><code>76410e1</code></a>
Content-Security-Policy can now use Object.hasOwn</li>
<li><a
href="293bd18bf5"><code>293bd18</code></a>
Strict-Transport-Security: increase max-age to 1 year</li>
<li><a
href="898cdc4c61"><code>898cdc4</code></a>
Require Node 18+</li>
<li><a
href="7e2b06947f"><code>7e2b069</code></a>
7.2.0</li>
<li><a
href="7bea9158d4"><code>7bea915</code></a>
Update changelog for 7.2.0 release</li>
<li>Additional commits viewable in <a
href="https://github.com/helmetjs/helmet/compare/v7.1.0...v8.0.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[eslint-plugin-jsdoc](https://github.com/gajus/eslint-plugin-jsdoc) from
50.3.0 to 50.3.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gajus/eslint-plugin-jsdoc/releases">eslint-plugin-jsdoc's
releases</a>.</em></p>
<blockquote>
<h2>v50.3.1</h2>
<h2><a
href="https://github.com/gajus/eslint-plugin-jsdoc/compare/v50.3.0...v50.3.1">50.3.1</a>
(2024-10-01)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong><code>check-alignment</code>:</strong> handle zero indent;
fixes <a
href="https://redirect.github.com/gajus/eslint-plugin-jsdoc/issues/1322">#1322</a>
(<a
href="34866bc988">34866bc</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="34866bc988"><code>34866bc</code></a>
fix(<code>check-alignment</code>): handle zero indent; fixes <a
href="https://redirect.github.com/gajus/eslint-plugin-jsdoc/issues/1322">#1322</a></li>
<li>See full diff in <a
href="https://github.com/gajus/eslint-plugin-jsdoc/compare/v50.3.0...v50.3.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Since PR #3551 was not yet complete, I made my own attempt.
1. Update to ESLint v9.
2. Replace deprecated `.eslintrc.json` and `.eslintignore` by flat
config `eslint.config.mjs`.
3. Adapt `check_config.js` to use flat config.
4. Since `eslint-plugin-import` still doesn't support ESLint v9 I
removed it. We can add it back when it does support v9.
5. Run tests `npm run check:js` and `npm run config:check`.
6. In order not to overload this PR, I have not yet activated more
additional rules - there are some useful ones in the new plugin
`@eslint/js`.
@bugsounet, please don't take it as an offence that I have created a
competing PR. The migration to ESLint v9 has been burning under my nails
for some time.
Update of package*.json for minimal node verion requirement (v20.9.0)
* it's an addition to #3556
* According to changelog v2.28.0: `⚠️ This release needs nodejs version
>= v20.9.0`
I felt like adding a spell checker, but it's okay if you find it
superfluous. At least then we could fix the found spell issues.
What is still missing is an automatic integration so that the spell
checker does not have to be called manually. Would it perhaps make sense
to always do it before a release?
