dependabot[bot] opened a new pull request, #37159: URL: https://github.com/apache/superset/pull/37159
Bumps [immer](https://github.com/immerjs/immer) from 11.0.1 to 11.1.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/immerjs/immer/releases";>immer's releases</a>.</em></p> <blockquote> <h2>v11.1.3</h2> <h2><a href="https://github.com/immerjs/immer/compare/v11.1.2...v11.1.3";>11.1.3</a> (2025-12-29)</h2> <h3>Bug Fixes</h3> <ul> <li>recursive T for WritableDraft (<a href="https://redirect.github.com/immerjs/immer/issues/1197";>#1197</a>) (<a href="https://github.com/immerjs/immer/commit/78ea6941f0de564e10c9e20c91449ea37d477991";>78ea694</a>)</li> </ul> <h2>v11.1.2</h2> <h2><a href="https://github.com/immerjs/immer/compare/v11.1.1...v11.1.2";>11.1.2</a> (2025-12-29)</h2> <h3>Bug Fixes</h3> <ul> <li>bogus commit to retest release (<a href="https://github.com/immerjs/immer/commit/c329ddb1f4b8d3988458978ace36988d3a9eab24";>c329ddb</a>)</li> </ul> <h2>v11.1.0</h2> <h1><a href="https://github.com/immerjs/immer/compare/v11.0.1...v11.1.0";>11.1.0</a> (2025-12-20)</h1> <p>This <strong>feature release</strong> adds a new optional "array method overrides" plugin that significantly speeds up array methods when accessing drafts.</p> <h2>Changelog</h2> <h3>Performance Improvements</h3> <p>As part of the recent performance optimization work, our benchmarks showed that all Proxy-based immutable update libraries were drastically slower than vanilla JS when calling both mutating and non-mutating array methods. After investigation, it turns out that an array method like <code>arr.filter()</code> causes the Proxy's <code>get</code> trap to trigger for every single item in the array. This in turn forces creation of a new Proxy and internal Immer metadata for every item, even though this was just a read operation and no items were being updated.</p> <p>This release adds a new <code>enableArrayMethods</code> plugin that will override draft array methods to bypass the draft and directly operate on the underlying wrapped array instance. This <em>significantly</em> speeds up array operations.</p> <p>When enabled, the plugin overrides these array methods:</p> <ul> <li>Mutating: <code>push</code>, <code>pop</code>, <code>shift</code>, <code>unshift</code>, <code>splice</code>, <code>reverse</code>, <code>sort</code></li> <li>Non-mutating: <code>filter</code>, <code>slice</code>, <code>concat</code>, <code>flat</code>, <code>find</code>, <code>findIndex</code>, <code>findLast</code>, <code>findLastIndex</code>, <code>some</code>, <code>every</code>, <code>indexOf</code>, <code>lastIndexOf</code>, <code>includes</code>, <code>join</code>, <code>toString</code>, <code>toLocaleString</code></li> </ul> <p>Our benchmarks show that the overridden methods (plus the other perf changes in Immer 10.2 and 11.0) are <a href="https://redirect.github.com/immerjs/immer/pull/1184";>50-80% faster than the baseline behavior of Immer 10.1</a>.</p> <p>The plugin adds about 1.5-2K minified to Immer's bundle size.</p> <p>It's important to note that <strong>the plugin does change the "safe to mutate a draft" semantics of Immer</strong>. Any of these methods that receives an array item as a callback argument <strong><em>will not</em> automatically wrap that item in a Proxy!</strong>. That means that if you try to mutate an argument in a method such as <code>filter</code>, it <em>will</em> actually mutate the real underlying object, which <em>will</em> cause bugs in your app. This is an intentional design tradeoff. Semantically, all of these methods imply read-only access to array values, so if your code tries to mutate an array item in a callback, that is a bug in your code.</p> <p>Note that this does <em>not</em> override <code>map</code>, <code>flatMap</code>, <code>forEach</code>, or <code>reduce</code> / <code>reduceRight</code>. Those methods do imply either side effects and potential mutations, or returning arbitrary values. Given that, we determined it was both safest and simplest to keep their behavior as-is.</p> <p>See the <a href="https://immerjs.github.io/immer/array-methods";>Array Methods Plugin docs page</a> for further details on the behavior of the overridden methods.</p> <h2>What's Changed</h2> <ul> <li>Override array methods to avoid proxy creation while iterating and updating by <a href="https://github.com/markerikson";><code>@​markerikson</code></a> in <a href="https://redirect.github.com/immerjs/immer/pull/1184";>immerjs/immer#1184</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/immerjs/immer/commit/570c8009c40990fe5b0f742c5ae114c107a5024f";><code>570c800</code></a> chore(<strong>tests</strong>): add vitest globals to tsconfig.json (<a href="https://redirect.github.com/immerjs/immer/issues/1196";>#1196</a>)</li> <li><a href="https://github.com/immerjs/immer/commit/78ea6941f0de564e10c9e20c91449ea37d477991";><code>78ea694</code></a> fix: recursive T for WritableDraft (<a href="https://redirect.github.com/immerjs/immer/issues/1197";>#1197</a>)</li> <li><a href="https://github.com/immerjs/immer/commit/c329ddb1f4b8d3988458978ace36988d3a9eab24";><code>c329ddb</code></a> fix: bogus commit to retest release</li> <li><a href="https://github.com/immerjs/immer/commit/b208d58698e5a72c64d55bb467b9e7c9fd00c92a";><code>b208d58</code></a> fix: Fix broken array patching and ensure all values in draft Maps/Sets are f...</li> <li><a href="https://github.com/immerjs/immer/commit/d6265138448ebb0f8adbd312f5d8b06f9043e433";><code>d626513</code></a> Merge pull request <a href="https://redirect.github.com/immerjs/immer/issues/1198";>#1198</a> from immerjs/feature/array-plugin-docs</li> <li><a href="https://github.com/immerjs/immer/commit/0fffdc28d40b7d2451351b325333760407df1696";><code>0fffdc2</code></a> Actually add array plugin to docs</li> <li><a href="https://github.com/immerjs/immer/commit/34fd86d7918b56543c3144a37d2ff8dc8ab95725";><code>34fd86d</code></a> chore(deps-dev): bump vite from 5.4.20 to 5.4.21 (<a href="https://redirect.github.com/immerjs/immer/issues/1185";>#1185</a>)</li> <li><a href="https://github.com/immerjs/immer/commit/406ade980e1310c5fd96212cf611b1ddda1193ec";><code>406ade9</code></a> chore(deps): bump node-forge from 1.3.1 to 1.3.3 in /website (<a href="https://redirect.github.com/immerjs/immer/issues/1195";>#1195</a>)</li> <li><a href="https://github.com/immerjs/immer/commit/bdf5cbd413d394ba5895f941fc64a67fa6f94ef5";><code>bdf5cbd</code></a> [docs] Documented setUseStrictIteration</li> <li><a href="https://github.com/immerjs/immer/commit/d38a9d046b79e65fc879ed286be43e9753e24144";><code>d38a9d0</code></a> feat: Override array methods to avoid proxy creation while iterating and upda...</li> <li>See full diff in <a href="https://github.com/immerjs/immer/compare/v11.0.1...v11.1.3";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
