Bump the production-dependencies group across 1 directory with 21 updates

[dependabot]

Bumps the production-dependencies group with 21 updates in the / directory:

Package	From	To
roots/wordpress	6.6.2	6.7.1
oscarotero/env	2.1.0	2.1.1
jjgrainger/posttypes	2.2	2.2.1
consolidation/robo	5.0.0	5.1.0
generoi/robo-genero	0.4.7	0.5.1
wpackagist-plugin/query-monitor	3.16.4	3.17.0
wpackagist-plugin/user-switching	1.8.0	1.9.1
roots/acorn	4.3.0	4.3.1
log1x/navi	3.0.3	3.1.1
log1x/sage-svg	2.0.1	2.0.2
wpackagist-plugin/safe-svg	2.2.6	2.3.1
wpackagist-plugin/limit-login-attempts-reloaded	2.26.13	2.26.16
generoi/advanced-custom-fields-pro	6.3.9	6.3.11
generoi/gravityforms	2.8.17	2.9.1.2
generoi/polylang-pro	3.6.4.1	3.6.5
wpackagist-plugin/wordpress-seo	23.5	24.1
wpackagist-plugin/redirection	5.5.0	5.5.1
wpackagist-plugin/woocommerce	9.3.3	9.5.1
generoi/genero-cmp	2.1.5	2.1.6
generoi/wp-image-resizer	1.4.0	1.5.0
10up/wpcli-vulnerability-scanner	1.2.1	1.2.2

Updates roots/wordpress from 6.6.2 to 6.7.1

Release notes

Sourced from roots/wordpress's releases.

Version 6.7.1

Sourced from WordPress.org Documentation.

Version 6.7

Version notes available on WordPress.org Documentation.

Commits

• 9451af4 📄 Update name
• See full diff in compare view

Updates oscarotero/env from 2.1.0 to 2.1.1

Release notes

Sourced from oscarotero/env's releases.

2.1.1

See CHANGELOG

Changelog

Sourced from oscarotero/env's changelog.

[2.1.1] - 2024-12-03

Fixed

• Support for PHP 8.4 #12.

Commits

• 9f7d85c new version
• 8ff53b2 fix tests
• 47aa2ab removed command
• 763f53a dep versions
• 84e45c1 added workflow
• 0540127 use github actions for testing
• fe47aff Merge pull request #12 from IvanZhuck/hotfix/php-8.4-implicitly-nullable-para...
• 7d4ab3f Fixed implicitly nullable parameter declaration
• 102c6e9 Merge pull request #9 from szepeviktor/patch-1
• 195b641 Add a return type
• See full diff in compare view

Updates jjgrainger/posttypes from 2.2 to 2.2.1

Release notes

Sourced from jjgrainger/posttypes's releases.

v2.2.1

What's Changed

• fix docblock definition by @​jakubmikita in jjgrainger/PostTypes#88
• empty array if taxonomy query var is null by @​Barny-Thorpe in jjgrainger/PostTypes#93
• Update tests by @​jjgrainger in jjgrainger/PostTypes#95
• Release v2.2.1 by @​jjgrainger in jjgrainger/PostTypes#96

New Contributors

• @​jakubmikita made their first contribution in jjgrainger/PostTypes#88
• @​Barny-Thorpe made their first contribution in jjgrainger/PostTypes#93

Full Changelog: jjgrainger/PostTypes@v2.2...v2.2.1

Changelog

Sourced from jjgrainger/posttypes's changelog.

v2.2.1

• merge [pull requests #95](jjgrainger/PostTypes#95): Update tests
• merge [pull requests #93](jjgrainger/PostTypes#93): Fix empty array if taxonomy query var is null
• merge [pull requests #88](jjgrainger/PostTypes#88): Fix docblock definition

Commits

• 2f20f62 Merge pull request #96 from jjgrainger/release/v2.2.1
• 09cf76b update changelog
• ae0163b bump version
• 9d23c9f Merge pull request #95 from jjgrainger/maintenance/update-test
• a0b90b3 update tests workflow
• 865ddb1 Merge pull request #93 from ItinerisLtd/ERROR-FIX/uncaught-type-error
• e9bb49d Merge pull request #88 from jakubmikita/patch-1
• 625d355 remove deprecated notices from test files
• a126e7b update phpunit to 9.6
• 7c64360 empty array if null
• Additional commits viewable in compare view

Updates consolidation/robo from 5.0.0 to 5.1.0

Changelog

Sourced from consolidation/robo's changelog.

5.1.0 10/22/2024

• PHP 8.4 compatibility by Andy Postnikov (#1165)
• Don't require exact event-dispatcher version (typo fix) by Pierre Rudloff (#1169)

Commits

• dde6bd8 Release version for 5.1.0
• 0fd468d CHANDELOG for 5.1.0
• 8b15abf Don't require exact event-dispatcher version (#1169)
• bb85c2d PHP 8.4 compatibility (#1165)
• d416e90 fix: replace 4.0.7 with 5.0.0 (#1163)
• a5b74eb Check backwards compatibliity from version 5.0.0
• See full diff in compare view

Updates generoi/robo-genero from 0.4.7 to 0.5.1

Commits

• c142889 Fix return type
• bd07adb Support wildcards in tables
• See full diff in compare view

Updates wpackagist-plugin/query-monitor from 3.16.4 to 3.17.0

Updates wpackagist-plugin/user-switching from 1.8.0 to 1.9.1

Updates roots/acorn from 4.3.0 to 4.3.1

Release notes

Sourced from roots/acorn's releases.

v4.3.1

What's Changed

• 🧑‍💻 Group templates by name for block themes by @​ssang in roots/acorn#390
• 🚑 Fix responses always returning 200 on WordPress routes by @​Log1x in roots/acorn#412

Full Changelog: roots/acorn@v4.3.0...v4.3.1

Commits

• 3c6040d 🔖 v4.3.1
• ab2b0ac 🚑 Fix responses always returning 200 on WordPress routes (#412)
• ede407b 🧑‍💻 Group templates by name for block themes (#390)
• See full diff in compare view

Updates log1x/navi from 3.0.3 to 3.1.1

Release notes

Sourced from log1x/navi's releases.

v3.1.1

Change log

Bug fixes

• 🎨 Fix Exception message typo (#86)
• 🔧 Update the navi:make command signature (Fixes #87) (#88)

Full Changelog: Log1x/navi@v3.1.0...v3.1.1

v3.1.0

Change log

Enhancements

• ✨ Add a navi:list command to show registered navigation menus
• ✨ Add support for allowing default CSS classes on menu items (#85)
• 🚚 Change the make:navi command signature to navi:make
• 🧑‍💻 Improve the navi:make command output
• 🎨 Improve disallowed menu class filtering
• 🎨 Use all() instead of toArray() in examples
• 🎨 Add missing methods to the Facade docblock
• 📝 Improve the README
• ➕ Add roots/acorn to the project in development

Bug fixes

• 🩹 Properly remove default WordPress CSS classes from menu items (Fixes #84, #83, #78)

Commits

• 97fa923 v3.1.1
• 1a0feca 🎨 Fix Exception message typo (#86)
• ed28a3a v3.1.0 (#85)
• 25d8931 v3.1.0
• 8270814 📝 Improve the README
• a58d90f 🎨 Add missing methods to the Facade docblock
• 915c3e2 🎨 Use all() instead of toArray() in examples
• 76c39df ✨ Add support for allowing default CSS classes on menu items
• 5b95f76 🧑‍💻 Improve the navi:make command output
• 99cad96 ➕ Add roots/acorn to the project in development
• Additional commits viewable in compare view

Updates log1x/sage-svg from 2.0.1 to 2.0.2

Release notes

Sourced from log1x/sage-svg's releases.

v2.0.2

Change log

Bug fixes

• 🩹 Fix missing array type for passing attachments (#29)

New Contributors

• @​SergiArias made their first contribution in Log1x/sage-svg#29

Full Changelog: Log1x/sage-svg@v2.0.1...v2.0.2

Commits

• c871fa8 🩹 Fix missing array type for passing attachments (#29)
• See full diff in compare view

Updates wpackagist-plugin/safe-svg from 2.2.6 to 2.3.1

Updates wpackagist-plugin/limit-login-attempts-reloaded from 2.26.13 to 2.26.16

Updates generoi/advanced-custom-fields-pro from 6.3.9 to 6.3.11

Release notes

Sourced from generoi/advanced-custom-fields-pro's releases.

v6.3.11

Release Date 12th November 2024

• Enhancement - Field Group keys are now copyable on click
• Fix - Repeater tables with fields hidden by conditional logic now render correctly
• Fix - ACF Blocks now behave correctly in React StrictMode
• Fix - Edit mode is no longer available to ACF Blocks with an WordPress Block API version of 3 as field editing is not supported in the iframe

v6.3.10

Release Date 29th October 2024

• Security - Setting a metabox callback for custom post types and taxonomies now requires being an admin, or super admin for multisite installs
• Security - Field specific ACF nonces are now prefixed, resolving an issue where third party nonces could be treated as valid for AJAX calls
• Enhancement - A new “Close and Add Field” option is now available when editing a field group, inserting a new field inline after the field being edited
• Enhancement - ACF and ACF PRO now share the same plugin updater for improved reliability and performance
• Fix - Exporting post types and taxonomies containing metabox callbacks now correctly exports the user defined callback

Commits

• d5df114 v6.3.11
• 684f8ee v6.3.10
• See full diff in compare view

Updates generoi/gravityforms from 2.8.17 to 2.9.1.2

Release notes

Sourced from generoi/gravityforms's releases.

v2.9.1.2

• Fixed an issue where invalid data on a multiple files upload field can cause the entry export to break on PHP 8+. Credit: The GravityKit Team.
• API: Added GFAPI::maybe_process_feeds(), GFAPI::get_processed_feeds_meta(), and GFAPI::update_processed_feeds_meta().
• API: Added the gform_allow_async_feed_reprocessing filter.
• Fixed an issue where a typo was preventing styling from being applied to notifications.
• Fixed an issue where the note added by the custom anti-spam filter is overridden when the Akismet integration is enabled.
• Fixed an issue that causes form validation errors if a product field has a quantity of 0 and the form includes shipping and total fields.

v2.9.1.1

• Fixed an issue where Hooks.js was not being added to the header when using certain hosting environments.
• Fixed an accessibility issue that prevents the product quantity label from matching the input field.
• Added settings for "sort column" and "sort order" to the Screen Options settings on the form list page.
• Fixed an issue where the gform_allowable_tags filter is not applied when using the filter without the optional $form_id property. Credit: The Gravity PDF team.
• Fixed an issue where form block theme settings are visible when the default form theme is not Orbital.
• Fixed a bug that prevents the gform_progressbar_start_at_zero filter from working.
• Updated the reCAPTCHA field to use SVG images.
• API: Updated the state management JS module to return a shallow copy of objects retrieved via the get method.
• Added the gform_check_empty_index_file_exists filter to allow developers to check whether an empty index file exists before creating a new one.

v2.9.1

• Added detection of SQLite database to the system report.
• Added focus states to links in the validation summary and autofocus to the validation summary for better accessibility.
• Added screenreader support to the password strength indicator on the Password field.
• Updated number fields that are read-only to use the read-only styles.
• Updated styling of failed payment and cancelled subscription entry notes.
• Updated the currency dropdown on the plugin settings page to not use Select2 for improved accessibility.
• Updated the license validation messages to be more specific when there is a server error or API rate limit error.
• Updated the minimum WordPress version (for support) on the System Status page to 6.5.
• Fixed a PHP notice that can occur when viewing the Form Settings for a pre-existing form. Credit: The GravityKit Team.
• Fixed a fatal error that can occur when adding additional files to a multifile upload field.
• Fixed an accessibility issue with the date dropdown field by adding hidden labels to the dropdowns.
• Fixed an issue in the entry detail screen where the Notes metabox is misaligned in Safari 18.0.
• Fixed an issue that can sometimes prevent the total field from updating if some products have conditional logic rules.
• Fixed an issue that cause the form or confirmation to be unstyled when AJAX is enabled.
• Fixed an issue that causes delayed feeds to be executed twice in some cases.
• Fixed an issue that prevents gform_ajax_spinner_url from working.
• Fixed an issue that prevents the gform_price_change event from firing.
• Fixed an issue where Gravity Forms checks if a schema upgrade is needed on every page load.
• Fixed an issue where a choice with an empty label is selected by default when the field doesn't have a value.
• Fixed an issue where a console error is thrown when the next button is clicked on a multi-page form that contains a payment field.
• Fixed a fatal error that occurs on submission if modified state input value is an array.
• Fixed a fatal error that occurs when the page query argument is an array. Credit: Automattic.
• Fixed an issue where a fatal memory error can occur on the Form Settings page in some hosting environments when a large number of forms exist.
• Fixed an issue where apostrophes in page names are sanitized incorrectly in Pagination Options.
• Fixed an issue where aria attributes for the list field are not translating.
• Fixed an issue where disabled image choice inputs are still able to be selected/unselected.

... (truncated)

Commits

• 2f4b435 v2.9.1.2
• 164abc8 v2.9.1.1
• eb60bfd v2.9.1
• b9a29c5 v2.9.0.5
• 87dd602 v2.9.0.4
• 7ee6891 v2.9.0.3
• b895ed3 v2.9.0.2
• d0c05d3 v2.9.0.1
• e93b600 v2.8.18
• bfc7943 Update composer.json
• Additional commits viewable in compare view

Updates generoi/polylang-pro from 3.6.4.1 to 3.6.5

Release notes

Sourced from generoi/polylang-pro's releases.

v3.6.5

• Add compatibility with WP 6.7
• Pro: Prevent infinite loop when the locale fallbacks reference each other
• Pro: Set canResegment attribute to no in XLIFF files
• Fix empty notice displayed if the plugin upgrade notice is set but empty

Commits

• 423ebfa v3.6.5
• f5e4770 Update composer.json
• dba64ad Add github action job to update packagist
• 1e0649c cleanup
• 83b20a6 Update action
• See full diff in compare view

Updates wpackagist-plugin/wordpress-seo from 23.5 to 24.1

Updates wpackagist-plugin/redirection from 5.5.0 to 5.5.1

Updates wpackagist-plugin/woocommerce from 9.3.3 to 9.5.1

Updates generoi/genero-cmp from 2.1.5 to 2.1.6

Commits

• 59ca39e Fix personal data settings always overriden by gform
• See full diff in compare view

Updates generoi/wp-image-resizer from 1.4.0 to 1.5.0

Commits

• e329c43 Skip lazyload attributes if data-sizes is already present
• See full diff in compare view

Updates 10up/wpcli-vulnerability-scanner from 1.2.1 to 1.2.2

Release notes

Sourced from 10up/wpcli-vulnerability-scanner's releases.

1.2.2

Changed

• Bump actions/upload-artifact from v3 to v4 (props @​iamdharmesh, @​jeffpaul via #104).

Fixed

• Ensure the final release contains the composer.json file so the plugin can be installed properly via WP-CLI (props @​burhandodhy, @​iamdharmesh, @​felipeelia via #105).

New Contributors

• @​felipeelia made their first contribution in 10up/wpcli-vulnerability-scanner#105

---

Full Changelog: 10up/wpcli-vulnerability-scanner@1.2.1...1.2.2 View closed items in the milestone.

Changelog

Sourced from 10up/wpcli-vulnerability-scanner's changelog.

[1.2.2] - 2024-11-20

Changed

• Bump actions/upload-artifact from v3 to v4 (props @​iamdharmesh, @​jeffpaul via #104).

Fixed

• Ensure the final release contains the composer.json file so the plugin can be installed properly via WP-CLI (props @​burhandodhy, @​iamdharmesh, @​felipeelia via #105).

Commits

• e0ad56b Merge branch 'develop' into trunk
• 7c9d43a Merge pull request #107 from 10up/release/1.2.2
• b9b481c Update release date
• 94565ae Try fixing Wordfence test
• 02f1053 Remove space
• e17a521 Update CREDITS.md
• 6e585ee Update changelog
• b6e3e7c Version bump to 1.2.2
• 6dc8e8c Merge pull request #105 from 10up/fix/98
• 8054952 Update readme and make sure to have composer.json in the stable branch
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions