Bump solid-js from 1.7.12 to 1.9.5

[dependabot]

Bumps solid-js from 1.7.12 to 1.9.5.

Release notes

Sourced from solid-js's releases.

v1.9.0 - LGTM!

This release like the last is focusing on small quality of life improvements and adjustments that will help us move towards 2.0. So while not the most exciting release to everyone it provides some really important features and fixes to some developers.

And unlike many previous releases the vast majority of the work and features came from PRs from the community. So really all I can say is Looks Good to Me!

Better JSX Validation

While still incomplete across templates we've added JSDOM to the compiler to better detect invalid HTML at build time by comparing what we expect the template to be with what a browser would output. This now includes things that are nested we didn't detect before like putting <a> inside other <a> tags which will lead to the browser "correcting" it in less than intuitive ways.

Improved Exports

While each environment in solid-js/web has its own methods to be used in the compiler. We are now exporting the client methods from the server to prevent weird import errors. Now these methods will throw if used in this environment but shouldn't break your build.

Additionally we have seen some issues in bundlers that incorrectly feed our ESM exports back through the browser field. While this is a known issue they all pointed issues at each other and with no intention of fixing it. We have removed the browser field in this release, meaning some legacy packages may have issues resolving browser if they don't support export conditions.

This is regretful but this blocked deployments on several platforms and since this was the only fix at our disposal after two years of attempting to push this issue to the bundlers to no avail, we've moved forward with it.

Custom Element improvements

We have a few improvements to our custom element support in this release. First off we now detect elements with the is attribute as custom elements which means all the special behavior is afforded to them.

We've also improved our event handler delegating retargetting to better handle shadow DOM events. There were cases where we skipped over part of the tree.

Finally we've added the bool: attribute namespace to handle explicitly setting certain attributes according to boolean attribute rules. While this isn't necessary for built-in booleans currently we handle most attributes as properties and we lacked a specific override. But now we have it:

<my-element bool:enable={isEnabled()}></my-element>

Support for handleEvent Syntax in Non-Delegated Events

A little known thing is that events actually also support objects instead of functions (See: https://developer.mozilla.org/en-US/docs/Web/API/EventTarget/addEventListener)

We(thanks @​titoBouzout) realized we can use this mechanism as a way to set advanced rules like passive or capture on this object as way to handle all current and future event attributes that browsers might add. This way we don't need specific mechanisms like oncapture: (which is now deprecated).

Instead using on: you can set the event properties you wish.

<>
  <div on:click={{
    handleEvent(e) {
      console.log("clicked", e)
    },
    once:true
  }/>
  <div on:wheel={{
    handleEvent(e) {
      e.preventDefault() // only works on not passive events
      e.stopPropagation()  
</tr></table> 

... (truncated)

Changelog

Sourced from solid-js's changelog.

Changelog

1.8.0 - 2023-10-09

I admit this is not the most exciting release from a feature standpoint. We are in that holding pattern between the end of 1.x and the start of 2.0. We recently made our new reactive experiments public and continue to build those out in public with @​solidjs/signals.

This version is more about addressing some of the fundamentals that will help us in other projects like SolidStart while we do the transition. A big part of this is applying what we have learned when doing performance benchmarks for the work that has been funded by Google Chrome Aurora.

Async and Resources need work and are too all in. It is great to have a solution but now that we have a better understanding we need to start breaking things apart into their fundamental pieces.

De-duping Streaming Serialization

This is the marquee feature of this release and is largely the work of @​lxsmnsyc. Solid has been able to serialize promises and do streaming for a couple of years now, but it was very special-cased. Now it is a generic mechanism.

This matters because it means that we have decoupled the promise serialization from Resources, and in so decoupled the whole when the stream is done from them. This opens up things like nested promises.

More so we have a mechanism now that deeply de-dupes data serialized across flushes. This is important for features like Islands where you might pass the same props to multiple Islands across different Suspense boundaries and don't want to send the data more than once. And even examples where that data can be accessed at varying depths (recursive comments in say a Hackernews site).

Hydration Improvements

Fragments for Hydration have been a bit of a pain and we keep seeming to have different issues reported around element duplication. Most commonly this has been around where there are lazy component siblings or where the fragment is top-level. After looking into and fixing an issue for Astro I decided to look at some of the oldest bugs in Solid and found it was a similar bug.

In many cases, the DOM can change throughout Hydration while doing things like streaming but we need to pause and resume hydration because code isn't available yet. While we don't create elements during hydration, getting an accurate snapshot of the DOM for the current state for future list reconciliation is a process we've had a few tries at but in 1.8 we update this in a way that makes sure it doesn't get out of date.

Also in 1.8, we have added some performance improvements to hydration in the form of not redundantly setting attributes or props as the page hydrates similar to how we don't update text. This is all migration towards a future where we don't need to do as much hydration, but it is important to note that values will be kept as they were on the server rather than how they may compute at runtime during hydration.

Smaller Templates

In 1.7 we removed unnecessary closing tags from template strings. It was a bit painful because we were a bit overzealous at first. While I believe in the end we got to a good place, ultimately all but the simplest reductions have been hidden behind a compiler flag(omitNestedClosingTags). Thanks to work from @​intrnl we are implementing another template size reduction technique of removing unnecessary quotes. Quotes are actually not required by HTML in some cases and it can add up.

Other

Fix NGINX Server Side Includes

Comments led with # are treated as special directives for a few different servers so we've needed to change our open hydration markers to $. As usual, your version of Solid and the Babel Plugin should be the same to ensure this matches up.

Better Guards on Global Scripts

Solid uses an inline HydrationScript as a way to do processing before the framework and code have loaded. To handle things like event capture and streaming. However, we didn't do a good job of guarding the right thing when multiple were added to the same page, a situation that can happen in Micro-frontends or 3rd party Islands solutions. Now the script guards against duplicate inclusion.

1.7.0 - 2023-03-30

Solid has experienced incredible growth in usage the last 6 months. Companies are using it to power production applications and SolidStart Beta has been a big part of that. As a natural part of this growth and increased use at scale we are continuing to learn what works well and what the rough edges in Solid are today.

This v1.7 release marks the beginning of the migration roadmap to v2.0. We are beginning to re-evaluate core APIs and will begin introducing new ones while reasonably deprecating older ones in a manner that eases breaking changes. Our intention is to ease the broader ecosystem into preparing for improvements that a major 2.0 will unlock for the whole community.

Improved TypeScript

Null-Asserted Control Flow

... (truncated)

Commits

• 29ab5bb v1.9.5
• 35266c1 JSX type updates, preliminary MathML support, fix spread overescaping
• 1f83ebc format
• 9431b88 mirror createDynamic on SSR
• 86ae8a9 add optional initalValue argument to from helper (#2429)
• e897701 Add createDynamic utility. (#2422)
• 0eab77d Show double evaluation (#2411)
• f9ef621 dev: Add afterRegisterGraph hook replacing afterCreateSignal (#2396)
• 89e016d dev: Add internal flag to signal (#2393)
• 3579ec0 chore: update copyright year (#2397)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.