chore(deps): Update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@commitlint/cli (source)	^17.6.7 -> ^17.7.1					devDependencies	minor
@commitlint/config-conventional (source)	^17.6.7 -> ^17.7.0					devDependencies	minor
@nestjs/swagger	^7.1.6 -> ^7.1.8					dependencies	patch
@rollup/pluginutils (source)	^5.0.2 -> ^5.0.3					devDependencies	patch
@sentry/node (source)	^7.61.0 -> ^7.64.0					dependencies	minor
@sentry/tracing (source)	^7.61.0 -> ^7.64.0					dependencies	minor
@types/node (source)	^18.17.2 -> ^18.17.5					devDependencies	patch
@types/react (source)	^18.2.18 -> ^18.2.20					devDependencies	patch
discord-api-types (source)	^0.37.51 -> ^0.37.53					dependencies	patch
eslint (source)	^8.46.0 -> ^8.47.0					devDependencies	minor
inquirer (source)	^9.2.9 -> ^9.2.10					dependencies	patch
luxon	^3.3.0 -> ^3.4.0					dependencies	minor
minecraft-protocol	^1.43.2 -> ^1.44.0					dependencies	minor
mongoose (source)	^7.4.2 -> ^7.4.3					dependencies	patch
node	18.17.0 -> 18.17.1						patch
pnpm (source)	8.6.11 -> 8.6.12					packageManager	patch
sass	^1.64.2 -> ^1.65.1					devDependencies	minor
sharp (changelog)	^0.32.4 -> ^0.32.5					dependencies	patch
typescript (source)	5.2.0-dev.20230803 -> 5.2.0-dev.20230807					devDependencies	patch
zod (source)	^3.21.4 -> ^3.22.1					dependencies	minor

---

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

---

Release Notes

conventional-changelog/commitlint (@​commitlint/cli)

v17.7.1

Compare Source

Note: Version bump only for package @​commitlint/cli

v17.7.0

Compare Source

Note: Version bump only for package @​commitlint/cli

17.6.7 (2023-07-19)

Note: Version bump only for package @​commitlint/cli

17.6.6 (2023-06-24)

Note: Version bump only for package @​commitlint/cli

17.6.5 (2023-05-30)

Note: Version bump only for package @​commitlint/cli

17.6.3 (2023-05-04)

Note: Version bump only for package @​commitlint/cli

17.6.1 (2023-04-14)

Note: Version bump only for package @​commitlint/cli

conventional-changelog/commitlint (@​commitlint/config-conventional)

v17.7.0

Compare Source

Note: Version bump only for package @​commitlint/config-conventional

17.6.7 (2023-07-19)

Note: Version bump only for package @​commitlint/config-conventional

17.6.6 (2023-06-24)

Note: Version bump only for package @​commitlint/config-conventional

17.6.5 (2023-05-30)

Note: Version bump only for package @​commitlint/config-conventional

17.6.3 (2023-05-04)

Note: Version bump only for package @​commitlint/config-conventional

17.6.1 (2023-04-14)

Note: Version bump only for package @​commitlint/config-conventional

nestjs/swagger (@​nestjs/swagger)

v7.1.8

Compare Source

• Merge branch 'master' of https://github.com/nestjs/swagger (441fea4)
• fix: patch local copy of open api document (8af173c)
• chore(deps): update dependency @​types/lodash to v4.14.197 (5e7aa83)
• chore(deps): update dependency release-it to v16.1.4 (e580260)
• chore(deps): update commitlint monorepo to v17.7.0 (d8275bb)
• chore(deps): update dependency @​types/node to v18.17.4 (3b7b6dd)
• chore(deps): update typescript-eslint monorepo to v6.3.0 (9d898b2)

v7.1.7

Compare Source

• fix: patch document on every request #​2547 (17371a6)
• Merge pull request #​2549 from deongroenewald/operation-ids-with-version (062dcb6)
• Merge pull request #​2514 from Addono/fix/support-defining-properties-of-objects-as-query-arguments (1fb289e)
• Merge pull request #​2544 from destyk/master (17af50a)
• Merge pull request #​2521 from nestjs/renovate/swagger-ui-dist-5.x (2bc1a5e)
• Merge pull request #​2553 from Spissable/bug/nullable-enum-without-enum-type (b73349e)
• chore(deps): update dependency eslint-config-prettier to v9 (dd9bf76)
• chore(deps): update dependency @​types/node to v18.17.3 (158e72c)
• fix(plugin): Fix nullable enum not having a proper enum type (6dad8f6)
• Address additional PR feedback (7cbe0ef)
• chore(deps): update dependency @​types/node to v18.17.2 (6555285)
• Fix incorrect OperationIdFactory type. (4731336)
• chore(deps): update dependency eslint-config-prettier to v8.10.0 (ab50b6f)
• feat(swagger): Provide URI version to operationIdFactory (00b2b62)
• fix(deps): update dependency swagger-ui-dist to v5.3.1 (c6e4ae5)
• feat(@​nestjs/swagger): add resolve-path util (cb299b1)
• tests(@​nestjs/swagger): update fastify (5fa7e48)
• tests(@​nestjs/swagger): update express (5d2938b)
• feat(@​nestjs/swagger): add customSwaggerUiPath (05c8c78)
• fix: support defining properties on query parameters of type object (1e9a338)
• test(e2e): adds failing E2E test which uses the property-field on a Query parameter (038a366)

rollup/plugins (@​rollup/pluginutils)

v5.0.3

Compare Source

2023-08-13

Bugfixes

• fix: add current working dirctory when pattern starts with one * #​1547

getsentry/sentry-javascript (@​sentry/node)

v7.64.0

Compare Source

• feat(core): Add setMeasurement export (#​8791)
• fix(nextjs): Check for existence of default export when wrapping pages (#​8794)
• fix(nextjs): Ensure imports are valid relative paths (#​8799)
• fix(nextjs): Only re-export default export if it exists (#​8800)

v7.63.0

Compare Source

• build(deps): bump @​opentelemetry/instrumentation from 0.41.0 to 0.41.2
• feat(eventbuilder): Export exceptionFromError for use in hybrid SDKs (#​8766)
• feat(node-experimental): Re-export from node (#​8786)
• feat(tracing): Add db connection attributes for mysql spans (#​8775)
• feat(tracing): Add db connection attributes for postgres spans (#​8778)
• feat(tracing): Improve data collection for mongodb spans (#​8774)
• fix(nextjs): Execute sentry config independently of autoInstrumentServerFunctions and autoInstrumentAppDirectory (#​8781)
• fix(replay): Ensure we do not flush if flush took too long (#​8784)
• fix(replay): Ensure we do not try to flush when we force stop replay (#​8783)
• fix(replay): Fix hasCheckout handling (#​8782)
• fix(replay): Handle multiple clicks in a short time (#​8773)
• ref(replay): Skip events being added too long after initial segment (#​8768)

v7.62.0

Compare Source

Important Changes

• feat(integrations): Add ContextLines integration for html-embedded JS stack frames (#​8699)

This release adds the ContextLines integration as an optional integration for the Browser SDKs to @sentry/integrations.

This integration adds source code from inline JavaScript of the current page's HTML (e.g. JS in <script> tags) to stack traces of captured errors.
It can't collect source code from assets referenced by your HTML (e.g. <script src="..." />).

The ContextLines integration is useful when you have inline JS code in HTML pages that can't be accessed by Sentry's backend, for example, due to a login-protected page.

import { ContextLines } from "@​sentry/integrations";

Sentry.init({
  // ...
  integrations: [
    new ContextLines({
      // The number of lines to collect before and after each stack frame's line number
      // Defaults to 7
      frameContextLines: 7,
    }),
  ],
});

Other Changes

• fix(nextjs): Make all wrappers isomorphic and available in all runtimes (#​8743)
• fix(replay): Cancel debounce when replay is too short/long (#​8742)
• fix(utils): dirname and basename should handle Windows paths (#​8737)
• ref: Hoist flush, close, and lastEventId into @sentry/core (#​8731)
• ref(node): Don't call JSON.stringify on prisma client when logging (#​8745)

v7.61.1

Compare Source

• feat(nextjs): Add AsyncLocalStorage async context strategy to edge SDK (#​8720)
• fix(core): Filter internal API frames for synthetic frames (#​8710)
• fix(integrations): Capture exception if any arg to console method is an error (#​8671)
• fix(node-experimental): Update auto integration lookup & readme (#​8690)
• fix(node): Add availablility check on current hub to Node ContextLines integration (#​8715)
• fix(replay): Ensure buffer sessions end after capturing an error (#​8713)
• fix(replay): Ensure buffer->session switch is reliable (#​8712)
• fix(replay): Ensure we debounce flush if replay too short (#​8716)
• fix(replay): Improve capture of errorIds/traceIds (#​8678)
• fix(tracing): Set correct parent span id on fetch sentry-trace header (#​8687)
• fix(utils): Avoid pre_context and context_line overlap if frame lineno is out of bounds (#​8722)
• ref(replay): Improve status logging (#​8709)
• ref(nextjs): Allow withSentryConfig to accept async config function (#​8721)

discordjs/discord-api-types (discord-api-types)

v0.37.53

Compare Source

Features

• GatewayActivityUpdateData: allow sending state (#​801) (e095e09)

v0.37.52

Compare Source

Bug Fixes

• RESTPatchAPIChannelJSONBody: available_tags requires name only (#​802) (5261124)

eslint/eslint (eslint)

v8.47.0

Compare Source

Features

• 53d7508 feat: update regex for methods with thisArg (#​17439) (Francesco Trotta)

Bug Fixes

• 631648e fix: do not report on shadowed constructors in no-new-wrappers (#​17447) (Francesco Trotta)

Documentation

• a766a48 docs: document lack of config file names (#​17442) (James)
• a1635d6 docs: Update README (GitHub Actions Bot)
• 47a0859 docs: update require-unicode-regexp.md as following up #​17402 (#​17441) (SUZUKI Sosuke)
• fcdc85d docs: Update README (GitHub Actions Bot)
• 2a92b6c docs: update with "Specifying Parser Options" (#​17435) (Cheol-Won)
• d743ed3 docs: add metadata for parser/processor (#​17438) (Huáng Jùnliàng)
• 224376c docs: Update README (GitHub Actions Bot)
• a41a8e4 docs: update script names in README (#​17432) (Nitin Kumar)

Chores

• bf69aa6 chore: Update dependencies (#​17456) (Nicholas C. Zakas)
• 0e45760 chore: package.json update for @​eslint/js release (ESLint Jenkins)
• 757bfe1 chore: Remove add-to-triage (#​17450) (Nicholas C. Zakas)
• b066640 chore: standardize npm script names (#​17431) (Nitin Kumar)
• 6b2410f chore: Update add-to-triage.yml (#​17444) (Nicholas C. Zakas)

SBoudrias/Inquirer.js (inquirer)

v9.2.10

Compare Source

moment/luxon (luxon)

v3.4.0

Compare Source

• Fix type checking on input zones
• Fix Islamic months listing
• Fix normalize() for negative inputs

PrismarineJS/node-minecraft-protocol (minecraft-protocol)

v1.44.0

Compare Source

1.44.0

Automattic/mongoose (mongoose)

v7.4.3

Compare Source

==================

• fix: avoid applying map property getters when saving #​13704 #​13657
• fix(query): allow deselecting discriminator key #​13722 #​13679
• types(models+query): return lean type when passing QueryOptions with lean: true to relevant model functions like find() and findOne() #​13721 #​13705
• types(schema): correct return type for Schema.prototype.indexes() #​13718 #​13702
• types: allow accessing options from pre middleware #​13708 #​13633
• types: add UpdateQueryKnownOnly type for stricter UpdateQuery type checking #​13699 #​13630
• types(schema): support required: { isRequired: true } syntax in schema definition #​13680
• docs(middleware): clarify that doc.deleteOne() doesn't run query middleware currently #​13707 #​13669

nodejs/node (node)

v18.17.1: 2023-08-09, Version 18.17.1 'Hydrogen' (LTS), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

• CVE-2023-32002: Policies can be bypassed via Module._load (High)
• CVE-2023-32006: Policies can be bypassed by module.constructor.createRequire (Medium)
• CVE-2023-32559: Policies can be bypassed via process.binding (Medium)
• OpenSSL Security Releases
  • OpenSSL security advisory 14th July.
  • OpenSSL security advisory 19th July.
  • OpenSSL security advisory 31st July

More detailed information on each of the vulnerabilities can be found in August 2023 Security Releases blog post.

Commits

• [fe3abdf82e] - deps: update archs files for openssl-3.0.10+quic1 (Node.js GitHub Bot) #​49036
• [2c5a522d9c] - deps: upgrade openssl sources to quictls/openssl-3.0.10+quic1 (Node.js GitHub Bot) #​49036
• [15bced0bde] - policy: handle Module.constructor and main.extensions bypass (RafaelGSS) nodejs-private/node-private#417
• [d4570fae35] - policy: disable process.binding() when enabled (Tobias Nießen) nodejs-private/node-private#460

pnpm/pnpm (pnpm)

v8.6.12

Compare Source

Patch Changes

• Make the error message friendlier when a user attempts to run a command that does not exist #​6887.
• pnpm patch should work correctly when shared-workspace-file is set to false #​6885.
• pnpm env use should retry deleting the previous Node.js executable #​6587.
• pnpm dlx should not print an error stack when the underlying script execution fails #​6698.
• When showing the download progress of large tarball files, always display the same number of digits after the decimal point #​6901.
• Report download progress less frequently to improve performance #​6906.
• pnpm install --frozen-lockfile --lockfile-only should fail if the lockfile is not up to date with the package.json files #​6913.

Our Gold Sponsors

Our Silver Sponsors

sass/dart-sass (sass)

v1.65.1

Compare Source

• Update abs-percent deprecatedIn version to 1.65.0.

v1.65.0

Compare Source

• All functions defined in CSS Values and Units 4 are now parsed as calculation
  objects: round(), mod(), rem(), sin(), cos(), tan(), asin(),
  acos(), atan(), atan2(), pow(), sqrt(), hypot(), log(), exp(),
  abs(), and sign().

• Deprecate explicitly passing the % unit to the global abs() function. In
  future releases, this will emit a CSS abs() function to be resolved by the
  browser. This deprecation is named abs-percent.

lovell/sharp (sharp)

v0.32.5

Compare Source

Microsoft/TypeScript (typescript)

v5.2.0-dev.20230807

Compare Source

v5.2.0-dev.20230806

Compare Source

v5.2.0-dev.20230805

Compare Source

v5.2.0-dev.20230804

Compare Source

colinhacks/zod (zod)

v3.22.1

Compare Source

Commits:

Fix handing of this in ZodFunction schemas. The parse logic for function schemas now requires the Reflect API.

const methodObject = z.object({
  property: z.number(),
  method: z.function().args(z.string()).returns(z.number()),
});
const methodInstance = {
  property: 3,
  method: function (s: string) {
    return s.length + this.property;
  },
};
const parsed = methodObject.parse(methodInstance);
parsed.method("length=8"); // => 11 (8 length + 3 property)

• 932cc47 Initial prototype fix for issue #​2651 (#​2652)
• 0a055e7 3.22.1

v3.22.0

Compare Source

ZodReadonly

This release introduces ZodReadonly and the .readonly() method on ZodType.

Calling .readonly() on any schema returns a ZodReadonly instance that wraps the original schema. The new schema parses all inputs using the original schema, then calls Object.freeze() on the result. The inferred type is also marked as readonly.

const schema = z.object({ name: string }).readonly();
type schema = z.infer<typeof schema>;
// Readonly<{name: string}>

const result = schema.parse({ name: "fido" });
result.name = "simba"; // error

The inferred type uses TypeScript's built-in readonly types when relevant.

z.array(z.string()).readonly();
// readonly string[]

z.tuple([z.string(), z.number()]).readonly();
// readonly [string, number]

z.map(z.string(), z.date()).readonly();
// ReadonlyMap<string, Date>

z.set(z.string()).readonly();
// ReadonlySet<Promise<string>>

Commits:

• 6dad907 Comments
• 56ace68 Fix deno test
• 3809d54 Add superforms
• d1ad522 Add transloadit
• a3bb701 Testing on Typescript 5.0 (#​2221)
• 51e14be docs: update deprecated link (#​2219)
• a263814 fixed Datetime & IP TOC links
• 502384e docs: add mobx-zod-form to form integrations (#​2299)
• a8be450 docs: Add zocker to Ecosystem section (#​2416)
• 15de22a Allow subdomains and hyphens in ZodString.email (#​2274)
• 00f5783 Add zod-openapi to ecosystem (#​2434)
• 0a17340 docs: fix minor typo (#​2439)
• 60a2134 Add masterborn
• 0a90ed1 chore: move exports.types field to first spot @​ package.json. (#​2443)
• 67f35b1 docs: allow Zod to be used in dev tools at site (#​2432)
• 6795c57 Fix not working Deno doc link. (#​2428)
• 37e9c55 Generalize uuidRegex
• 0969950 adds ctx to preprocess (#​2426)
• af08390 fix: super refinement function types (#​2420)
• 36fef58 Make email regex reasonable (#​2157)
• f627d14 Document canary
• e06321c docs: add tapiduck to API libraries (#​2410)
• 11e507c docs: add ts as const example in zod enums (#​2412)
• 5427565 docs: add zod-fixture to mocking ecosystem (#​2409)
• d3bf7e6 docs: add zodock to mocking ecosystem (#​2394)
• 2270ae5 remove "as any" casts in createZodEnum (#​2332)
• 00bdd0a fix proto pollution vulnerability (#​2239)
• a3c5256 Fix error_handling unrecognized_keys example
• 4f75cbc Adds getters to Map for key + value (#​2356)
• ca7b032 FMC (#​2346)
• 6fec8bd docs: fix typo in link fragment (#​2329)
• 16f90bd Update README.md
• 2c80250 Update readme
• eaf64e0 Update sponsors
• c576311 Update readme
• 5e23b4f Add *.md pattern to prettier (#​2476)
• 898dced Revamp tests
• 6309322 Update test runners
• [c0aece1](https://togithub.com/colinhacks/zod/commit/c0aece1672d

---

Configuration

📅 Schedule: Branch creation - "before 12pm on Sunday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
statsify	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Aug 16, 2023 7:50pm

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠ Warning: custom changes will be lost.