fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@codemirror/view	6.9.0 -> 6.9.1					dependencies	patch
@commitlint/config-conventional (source)	17.4.3 -> 17.4.4					devDependencies	patch
@grpc/grpc-js (source)	1.8.8 -> 1.8.9					dependencies	patch
@mikro-orm/cli (source)	5.6.9 -> 5.6.11					dependencies	patch
@mikro-orm/core (source)	5.6.9 -> 5.6.11					dependencies	patch
@mikro-orm/mariadb (source)	5.6.9 -> 5.6.11					dependencies	patch
@mikro-orm/migrations (source)	5.6.9 -> 5.6.11					dependencies	patch
@mikro-orm/mysql (source)	5.6.9 -> 5.6.11					dependencies	patch
@mikro-orm/seeder (source)	5.6.9 -> 5.6.11					dependencies	patch
@sinclair/typebox	0.25.21 -> 0.25.23					dependencies	patch
@sinclair/typebox	0.25.21 -> 0.25.23					devDependencies	patch
@types/node (source)	18.13.0 -> 18.14.0					devDependencies	minor
@types/react-dom (source)	18.0.10 -> 18.0.11					devDependencies	patch
@typescript-eslint/eslint-plugin	5.51.0 -> 5.53.0					devDependencies	minor
@typescript-eslint/parser	5.51.0 -> 5.53.0					devDependencies	minor
antd (source)	5.2.0 -> 5.2.2					peerDependencies	patch
antd (source)	5.2.0 -> 5.2.2					dependencies	patch
jest (source)	29.4.2 -> 29.4.3					devDependencies	patch
jest-environment-jsdom	29.4.2 -> 29.4.3					devDependencies	patch
jest-extended	3.2.3 -> 3.2.4					devDependencies	patch
liquidjs	10.4.0 -> 10.5.0					dependencies	minor
node	18.14.0 -> 18.14.1					volta	patch
pino-pretty	9.2.0 -> 9.3.0					devDependencies	minor
pino-pretty	9.2.0 -> 9.3.0					dependencies	minor
pnpm (source)	7.27.0 -> 7.27.1					packageManager	patch
random-words	1.2.1 -> 1.3.0					dependencies	minor
turbo (source)	1.7.4 -> 1.8.1					devDependencies	minor

---

Release Notes

codemirror/view

v6.9.1

Compare Source

Bug fixes

Improve the way posAtCoords picks the side of a widget to return by comparing the coordinates the center of the widget.

Fix an issue where transactions created for the focusChangeEffect facet were sometimes not dispatched.

conventional-changelog/commitlint

v17.4.4

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

grpc/grpc-node

v1.8.9: @​grpc/grpc-js 1.8.9

Compare Source

• Fix a bug where clients would continue to send pings at the original configured rate after receiving a backoff request from the server (#​2363)

mikro-orm/mikro-orm

v5.6.11

Compare Source

Bug Fixes

• core: do not process custom types twice in em.upsertMany (3928e78), closes #​3787
• core: fix mapping of null in datetime columns (73e483a), closes #​4057
• core: infer custom type even if there is explicit columnType option (a901112)
• schema: fix merging of primary keys from base entity (c40e15c), closes #​4051

v5.6.10

Compare Source

Bug Fixes

• core: convert custom types in delete queries from orphan removal (b32df88), closes #​4033
• core: convert custom types when snapshotting scalar composite keys (391732e), closes #​3988
• core: map returned values correctly after batch insert (a61a84f)
• core: map values from returning statement in em.upsert (bed72fe), closes #​4020
• core: use types from discovery.getMappedType on runtime too (2f682e3), closes #​4042

Performance Improvements

• core: improve result mapping and snapshotting (#​4053) (8bb0268)

sinclairzx81/typebox

v0.25.23

Compare Source

Updates:

• 324 TypeScript Language Service now presents JSDoc comments when inferring static object properties. (IntelliSense)
• 325 Additional property inference optimizations.

Additional:

• Huge thank you to Github user stevezhu for these excellent contributions.

v0.25.22

Compare Source

Updates:

• 323 adds compiler support for UTF-16 (unicode) characters for schema identifiers.

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v5.53.0

Compare Source

Features

• eslint-plugin: [consistent-generic-constructors] handle default parameters (#​6484) (e8cebce)
• eslint-plugin: [no-mixed-enums] add rule (#​6102) (16144d1)

v5.52.0

Compare Source

Bug Fixes

• eslint-plugin: [no-import-type-side-effects] correctly ignore zero-specifier imports (#​6444) (d5a6688)
• eslint-plugin: [no-unnecessary-condition] account for optional chaining on potentially void values (#​6432) (e1d9c67), closes #​5255
• eslint-plugin: [no-unnecessary-condition] fix false positive when checking indexed access types (#​6452) (d569924)
• eslint-plugin: fix key-spacing when type starts on next line (#​6412) (3eb2eed)

Features

• eslint-plugin: [block-spacing] extending base rule for TS related blocks (#​6195) (b2db3f5)
• eslint-plugin: [explicit-function-return-type] add allowFunctionsWithoutTypeParameters option (#​6105) (113640e)
• eslint-plugin: [explicit-function-return-type] add allowIIFEs option (#​6237) (a1b3f7b)

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v5.53.0

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

v5.52.0

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

ant-design/ant-design

v5.2.2

Compare Source

• DatePicker
  • 💄 Optimize DatePicker date panel style. #​40768
  • 🐞 Fix RangePicker hover style on wrong date. #​40785 @​Yuiai01
• Form
  • 🐞 Fixed inconsistency between Checkbox and Radio in table when Form is disabled. #​40728 @​Yuiai01
  • 🐞 Fix Radio/Checkbox under Form disabled property don't works correctly. #​40741 @​Yuiai01
• 🐞 Fix List extra padding when enable grid property. #​40806
• 🐞 Fix Upload actions icon alignment issue. #​40805
• 💄 Tweak Table filter dropdown radius style. #​40802
• 🐞 Fix Button loading.delay not delay at first time. #​40759 @​RedJue
• 🐞 Fix Input status style when using addonAfter and addonBefore. #​40744 @​carla-cn
• 🐞 Fix Skeleton active flicky animation in Safari. #​40692 @​slotDumpling
• Locales
  • 🇫🇷 Added french locale for Tour component. #​40750 @​RedJue
  • 🇰🇷 Update ko_KR locale. #​40716 @​owjs3901

---

• DatePicker
  • 💄 调整 DatePicker 组件日期面板的间距样式。#​40768
  • 🐞 修复 RangePicker hover 日期错位的问题。#​40785 @​Yuiai01
• Form
  • 🐞 修复 Form 下 Radio/Checkbox 的 disabled 优先级问题。#​40741 @​Yuiai01
  • 🐞 修复 Form 为 disabled 时 Checkbox 和 Radio 表现不一致的问题。#​40728 @​Yuiai01
• 🐞 修复 List 启用 grid 时下额外 padding 样式。#​40806
• 🐞 修复 Upload 操作图标不对齐的问题。#​40805
• 💄 调整 Table 筛选菜单的底部圆角样式。#​40802
• 🐞 修复 Button 组件 loading.delay 第一次不生效的问题。#​40759 @​RedJue
• 🐞 修复 Input addonAfter 和 addonBefore 的各种状态样式。#​40744 @​carla-cn
• 🐞 修复 Skeleton 在 Safari 下 active 效果闪烁的问题。#​40692 @​slotDumpling
• 国际化
  • 🇫🇷 补充 Tour 法语本地化文案。#​40750 @​RedJue
  • 🇰🇷 更新韩国本地化文案。#​40716 @​owjs3901

v5.2.1

Compare Source

• 🛠 Rewrite panelRender in Tour to funtion component。#​40670 @​li-jia-nan
• 🐞 Fix className property wrongly passed to child nodes in TimeLine。#​40700 @​any1024
• 🐞 Fix Silder dot to trigger click and hover correctly. #​40679 @​LongHaoo
• 🐞 Fix Tour that should support 0 as element. #​40631 @​li-jia-nan
• 💄 Fix DataPicker.RangePicker hover range style. #​40607 @​Yuiai01
• 💄 Optimize Steps custom icon size. #​40672 @​MadCcc
• TypeScript
  • 🤖 Update Upload to support generic types. #​40634 @​riyadelberkawy
• 🌐 Localization
  • 🇷🇺/🇺🇦 add missing translations for ru_RU and uk_UA. #​40656 @​eldarcodes

---

• 🛠 重构 Tour 中 panelRender 为函数式组件。#​40670 @​li-jia-nan
• 🐞 修复 TimeLine 中 className 传给子节点的问题。#​40700 @​any1024
• 🐞 修复 Silder 中的标记点在边缘无法点击的问题。#​40679 @​LongHaoo
• 🐞 修复 Tour 不支持 0 作为节点的问题。#​40631 @​li-jia-nan
• 💄 修复 DataPicker.RangePicker 的 hover 范围样式。#​40607 @​Yuiai01
• 💄 优化 Steps 组件自定义 icon 的大小。#​40672 @​MadCcc
• TypeScript
  • 🤖 Upload 组件支持泛型。#​40634 @​riyadelberkawy
• 🌐 国际化
  • 🇷🇺/🇺🇦 补全 ru_RU 和 uk_UA 文案。#​40656 @​eldarcodes

facebook/jest

v29.4.3

Compare Source

Features

• [expect] Update toThrow() to be able to use error causes (#​13606)
• [jest-core] allow to use workerIdleMemoryLimit with only 1 worker or runInBand option (#​13846)
• [jest-message-util] Add support for error causes (#​13868 & #​13912)
• [jest-runtime] Revert import assertions for JSON modules as it's been relegated to Stage 2 (#​13911)

Fixes

• [@jest/expect-utils] subsetEquality should consider also an object's inherited string keys (#​13824)
• [jest-mock] Clear mock state when jest.restoreAllMocks() is called (#​13867)
• [jest-mock] Prevent mockImplementationOnce and mockReturnValueOnce bleeding into withImplementation (#​13888)
• [jest-mock] Do not restore mocks when jest.resetAllMocks() is called (#​13866)

jest-community/jest-extended

v3.2.4

Compare Source

Patch Changes

• 0b07513: Support varargs in toHaveBeenCalledOnceWith (#​557)

harttle/liquidjs

v10.5.0

Compare Source

Bug Fixes

• "ownPropertyOnly" not respected when passed via "renderOptions" (d489916)

Features

• Adds support for options to CLI and improves usability (#​586) (24c8a1e)

nodejs/node

v18.14.1: 2023-02-16, Version 18.14.1 'Hydrogen' (LTS), @​RafaelGSS prepared by @​juanarbol

Compare Source

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

• CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High)
• CVE-2023-23919: Node.js OpenSSL error handling issues in nodejs crypto library (Medium)
• CVE-2023-23936: Fetch API in Node.js did not protect against CRLF injection in host headers (Medium)
• CVE-2023-24807: Regular Expression Denial of Service in Headers in Node.js fetch API (Low)
• CVE-2023-23920: Node.js insecure loading of ICU data through ICU_DATA environment variable (Low)

More detailed information on each of the vulnerabilities can be found in February 2023 Security Releases blog post.

This security release includes OpenSSL security updates as outlined in the recent
OpenSSL security advisory.

Commits

• [8393ebc72d] - build: build ICU with ICU_NO_USER_DATA_OVERRIDE (RafaelGSS) nodejs-private/node-private#​379
• [004e34d046] - crypto: clear OpenSSL error on invalid ca cert (RafaelGSS) #​46572
• [5e0142a852] - deps: cherry-pick Windows ARM64 fix for openssl (Richard Lau) #​46572
• [f71fe278a6] - deps: update archs files for quictls/openssl-3.0.8+quic (RafaelGSS) #​46572
• [2c6817e42b] - deps: upgrade openssl sources to quictls/openssl-3.0.8+quic (RafaelGSS) #​46572
• [f0afa0bfe5] - deps: update undici to 5.19.1 (Node.js GitHub Bot) #​46634
• [c26a34c13e] - deps: update undici to 5.18.0 (Node.js GitHub Bot) #​46634
• [db93ee4a15] - deps: update undici to 5.17.1 (Node.js GitHub Bot) #​46634
• [b4e49fb02c] - deps: update undici to 5.16.0 (Node.js GitHub Bot) #​46634
• [90994e6a2c] - deps: update undici to 5.15.1 (Node.js GitHub Bot) #​46634
• [00302fc7ac] - deps: update undici to 5.15.0 (Node.js GitHub Bot) #​46634
• [0e3b796cc5] - lib: makeRequireFunction patch when experimental policy (RafaelGSS) nodejs-private/node-private#​371
• [7cccd5565f] - policy: makeRequireFunction on mainModule.require (RafaelGSS) nodejs-private/node-private#​371

pinojs/pino-pretty

v9.3.0

Compare Source

What's Changed

• feat: dont print escape backslash on strings containing escaped backslashes by @​ademarsj in https://github.com/pinojs/pino-pretty/pull/401

Full Changelog: pinojs/pino-pretty@v9.2.0...v9.3.0

pnpm/pnpm

v7.27.1

Compare Source

Patch Changes

• Add store path description to the pnpm cli help.
• Print a hint that suggests to run pnpm store prune, when a tarball integrity error happens.
• Don't retry installation if the integrity checksum of a package failed and no lockfile was present.
• Fail with a meaningful error message when cannot parse a proxy URL.
• The strict-ssl, ca, key, and cert settings should work with HTTPS proxy servers #​4689.

Our Gold Sponsors

Our Silver Sponsors

apostrophecms/random-words

v1.3.0

Compare Source

• Adds new seed option. Thanks to Nathan Klingensmith.

vercel/turbo

v1.8.1: Turborepo v1.8.1

Compare Source

What's Changed

Changelog

• release(turborepo): 1.8.0 by @​github-actions in https://github.com/vercel/turbo/pull/3863
• Bump versions for eslint plugin packages by @​gsoltis in https://github.com/vercel/turbo/pull/3868
• Documentation for Workspace Configs by @​mehulkar in https://github.com/vercel/turbo/pull/3788
• Fix issue with merging dependsOn from Workspace Configs by @​mehulkar in https://github.com/vercel/turbo/pull/3866

Full Changelog: vercel/turbo@v1.8.0...v1.8.1

v1.8.0: Turborepo v1.8.0

Compare Source

What's Changed

Changelog

• fix: Use go implementation when no build tags present by @​chris-olszewski in https://github.com/vercel/turbo/pull/3678
• Avoid filename conflict by @​sokra in https://github.com/vercel/turbo/pull/3673
• fix: remove turborepo binary dependency on ffi by @​chris-olszewski in https://github.com/vercel/turbo/pull/3683
• chore: add local and global versions in debug by @​chris-olszewski in https://github.com/vercel/turbo/pull/3661
• refactor ResolveResult to allow mixing special and assets in alternatives by @​sokra in https://github.com/vercel/turbo/pull/3675
• docs: add package.json and turbo.json to a pruned directory example by @​m-shaka in https://github.com/vercel/turbo/pull/3666
• release(turborepo): 1.7.4 by @​github-actions in https://github.com/vercel/turbo/pull/3688
• test(turborepo): Login by @​NicholasLYang in https://github.com/vercel/turbo/pull/3663
• Add a page about installing turbo, including both global and repo-local by @​gsoltis in https://github.com/vercel/turbo/pull/3686
• fix: update verbosity integration tests by @​chris-olszewski in https://github.com/vercel/turbo/pull/3699
• Revert protoc version and stop building ffi on make by @​mehulkar in https://github.com/vercel/turbo/pull/3705
• Re-add ffi-install step during make by @​mehulkar in https://github.com/vercel/turbo/pull/3708
• Check in Go file generated from protobuf by @​gsoltis in https://github.com/vercel/turbo/pull/3710
• feat(docs): update verbosity reference by @​tknickman in https://github.com/vercel/turbo/pull/3740
• feat(cli): reccomend codemod in updater by @​tknickman in https://github.com/vercel/turbo/pull/3743
• fix(turbo): improved yarn berry pnp support (#​3744 by @​tknickman in https://github.com/vercel/turbo/pull/3744
• release(turborepo): 1.7.5-canary.0 by @​github-actions in https://github.com/vercel/turbo/pull/3752
• Add support for --graph=file.mermaid by @​styfle in https://github.com/vercel/turbo/pull/3633
• chore: add option to dump args sent to go by @​chris-olszewski in https://github.com/vercel/turbo/pull/3515
• Revert "chore: add option to dump args sent to go (#​3515)" by @​mehulkar in https://github.com/vercel/turbo/pull/3782
• Warn on absolute paths used in turbo.json by @​gsoltis in https://github.com/vercel/turbo/pull/3658
• Change error log line to debug, it's not an error by @​gsoltis in https://github.com/vercel/turbo/pull/3808
• Remove TIMING=1 from eslint command in examples and create-turbo starter by @​mehulkar in https://github.com/vercel/turbo/pull/3813
• Use non-high intensity yellow for warnings for readability on white background by @​mehulkar in https://github.com/vercel/turbo/pull/3810
• use consistent actions/checkout version in examples by @​oddnavy in https://github.com/vercel/turbo/pull/3791
• feat(types): update turbo.json schema by @​tknickman in https://github.com/vercel/turbo/pull/3821
• Ensure Task can depend across workspaces by @​mehulkar in https://github.com/vercel/turbo/pull/3820
• Error if none of the tasks passed to CLI were found by @​mehulkar in https://github.com/vercel/turbo/pull/3828
• port(turborepo): Unlink by @​NicholasLYang in https://github.com/vercel/turbo/pull/3824
• Add outputs to all examples by @​anthonyshew in https://github.com/vercel/turbo/pull/3830
• Callout installation docs in getting started by @​mehulkar in https://github.com/vercel/turbo/pull/3833
• Bump @​types/react version in create-turbo starter by @​mehulkar in https://github.com/vercel/turbo/pull/3844
• chore(deps): update dependency @​types/express to v4.17.17 by @​renovate in https://github.com/vercel/turbo/pull/3636
• Add package version to eslint.mdx in eslint-config-custom example by [@&fix(mis): 限制创建账户时的拥有者仅为当前租户下的用户 #820

---

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[changeset-bot]

⚠️ No Changeset found

Latest commit: ceff199

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[github-actions]

PR Preview Action v1.3.0
Preview removed because the pull request was closed.
2023-02-21 07:33 UTC

[codecov]

Codecov Report

Base: 66.50% // Head: 66.50% // No change to project coverage 👍

Coverage data is based on head (ceff199) compared to base (c55bfd3).
Patch has no changes to coverable lines.

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #465   +/-   ##
=======================================
  Coverage   66.50%   66.50%           
=======================================
  Files         111      111           
  Lines        3072     3072           
  Branches      384      384           
=======================================
  Hits         2043     2043           
  Misses        977      977           
  Partials       52       52           

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.