v4.0.5

[exception]

Bump Cal.com to v4.0.5

[github-actions]

Hey there and thank you for opening this pull request! 👋🏼

We require pull request titles to follow the Conventional Commits specification and it looks like your proposed title needs to be adjusted.

Details:

No release type found in pull request title "v4.0.5". Add a prefix to indicate what kind of release this pull request corresponds to. For reference, see https://www.conventionalcommits.org/

Available types:
 - feat: A new feature
 - fix: A bug fix
 - docs: Documentation only changes
 - style: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)
 - refactor: A code change that neither fixes a bug nor adds a feature
 - perf: A code change that improves performance
 - test: Adding missing tests or correcting existing tests
 - build: Changes that affect the build system or external dependencies (example scopes: gulp, broccoli, npm)
 - ci: Changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs)
 - chore: Other changes that don't modify src or test files
 - revert: Reverts a previous commit

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@types/node@16.9.1	None	0	1.63 MB	types
npm/@types/react@18.0.26	None	0	178 kB	types
npm/follow-redirects@1.15.6	network	0	29.4 kB	rubenverborgh
npm/lodash-es@4.17.21	eval	0	636 kB	bnjmnt4n
npm/memoize-one@6.0.0	None	0	35.6 kB	alexreardon

🚮 Removed packages: npm/@aashutoshrathi/word-wrap@1.2.6, npm/@babel/compat-data@7.24.4, npm/@babel/helper-environment-visitor@7.22.20, npm/@babel/helper-plugin-utils@7.24.5, npm/@babel/helper-string-parser@7.24.1, npm/@babel/helper-validator-identifier@7.24.5, npm/@babel/helper-validator-option@7.23.5, npm/@babel/regjsgen@0.8.0, npm/@colors/colors@1.5.0, npm/@esbuild/android-arm64@0.20.2, npm/@esbuild/android-arm@0.20.2, npm/@esbuild/android-x64@0.20.2, npm/@esbuild/darwin-arm64@0.20.2, npm/@esbuild/darwin-x64@0.20.2, npm/@esbuild/freebsd-arm64@0.20.2, npm/@esbuild/freebsd-x64@0.20.2, npm/@esbuild/linux-arm64@0.20.2, npm/@esbuild/linux-arm@0.20.2, npm/@esbuild/linux-ia32@0.20.2, npm/@esbuild/linux-loong64@0.20.2, npm/@esbuild/linux-mips64el@0.20.2, npm/@esbuild/linux-ppc64@0.20.2, npm/@esbuild/linux-riscv64@0.20.2, npm/@esbuild/linux-s390x@0.20.2, npm/@esbuild/linux-x64@0.20.2, npm/@esbuild/netbsd-x64@0.20.2, npm/@esbuild/openbsd-x64@0.20.2, npm/@esbuild/sunos-x64@0.20.2, npm/@esbuild/win32-arm64@0.20.2, npm/@esbuild/win32-ia32@0.20.2, npm/@esbuild/win32-x64@0.20.2, npm/@eslint-community/eslint-utils@4.4.0, npm/@eslint-community/regexpp@4.10.0, npm/@eslint/js@8.57.0, npm/@fastify/busboy@2.1.1, npm/@hapi/hoek@9.3.0, npm/@humanwhocodes/module-importer@1.0.1, npm/@humanwhocodes/object-schema@2.0.3, npm/@jridgewell/set-array@1.2.1, npm/@nodelib/fs.scandir@2.1.5, npm/@nodelib/fs.stat@2.0.5, npm/@nodelib/fs.walk@1.2.8, npm/@pkgjs/parseargs@0.11.0, npm/@protobufjs/aspromise@1.1.2, npm/@protobufjs/base64@1.1.2, npm/@protobufjs/codegen@2.0.4, npm/@protobufjs/eventemitter@1.1.0, npm/@protobufjs/fetch@1.1.0, npm/@protobufjs/float@1.0.2, npm/@protobufjs/inquire@1.1.0, npm/@protobufjs/path@1.1.2, npm/@protobufjs/pool@1.1.0, npm/@protobufjs/utf8@1.1.0, npm/@rollup/rollup-android-arm-eabi@4.17.2, npm/@rollup/rollup-android-arm64@4.17.2, npm/@rollup/rollup-darwin-arm64@4.17.2, npm/@rollup/rollup-darwin-x64@4.17.2, npm/@rollup/rollup-linux-arm-gnueabihf@4.17.2, npm/@rollup/rollup-linux-arm64-gnu@4.17.2, npm/@rollup/rollup-linux-arm64-musl@4.17.2, npm/@rollup/rollup-linux-riscv64-gnu@4.17.2, npm/@rollup/rollup-linux-x64-gnu@4.17.2, npm/@rollup/rollup-linux-x64-musl@4.17.2, npm/@rollup/rollup-win32-arm64-msvc@4.17.2, npm/@rollup/rollup-win32-ia32-msvc@4.17.2, npm/@rollup/rollup-win32-x64-msvc@4.17.2, npm/@sentry/types@7.112.2, npm/@sideway/formula@3.0.1, npm/@sideway/pinpoint@2.0.0, npm/@sinclair/typebox@0.27.8, npm/@swc/core-darwin-arm64@1.5.2, npm/@swc/core-linux-arm64-gnu@1.5.2, npm/@swc/core-linux-arm64-musl@1.5.2, npm/@swc/core-linux-x64-gnu@1.5.2, npm/@swc/core-linux-x64-musl@1.5.2, npm/@swc/core-win32-arm64-msvc@1.5.2, npm/@swc/core-win32-ia32-msvc@1.5.2, npm/@swc/core-win32-x64-msvc@1.5.2, npm/@swc/counter@0.1.3, npm/@tsconfig/node10@1.0.11, npm/@tsconfig/node12@1.0.11, npm/@tsconfig/node14@1.0.3, npm/@tsconfig/node16@1.0.4, npm/@types/estree@1.0.5, npm/@types/json-schema@7.0.15, npm/@types/mime@1.3.5, npm/@types/node@12.20.55, npm/@types/normalize-package-data@2.4.4, npm/@types/qs@6.9.15, npm/@types/range-parser@1.2.7, npm/@types/semver@7.5.8, npm/@types/tough-cookie@4.0.5, npm/@types/yargs-parser@21.0.3, npm/@ungap/structured-clone@1.2.0, npm/@xtuc/ieee754@1.2.0, npm/@xtuc/long@4.2.2, npm/accepts@1.3.8, npm/acorn-jsx@5.3.2, npm/ansi-regex@6.0.1, npm/ansi-styles@4.3.0, npm/arg@5.0.2, npm/argparse@2.0.1, npm/array-flatten@1.1.1, npm/array-union@2.1.0, npm/asap@2.0.6, npm/assert-plus@1.0.0, npm/async@3.2.5, npm/at-least-node@1.0.0, npm/auto-bind@4.0.0, npm/aws-sign2@0.7.0, npm/aws4@1.12.0, npm/babel-plugin-syntax-trailing-function-commas@7.0.0-beta.0, npm/base64-js@1.5.1, npm/big.js@5.2.2, npm/bignumber.js@9.1.2, npm/binary-extensions@2.3.0, npm/bluebird@3.7.2, npm/bowser@2.11.0, npm/buffer-from@1.1.2, npm/builtin-modules@3.3.0, npm/bytes@3.1.2, npm/callsites@3.1.0, npm/camelcase@5.3.1, npm/caniuse-lite@1.0.30001614, npm/caseless@0.12.0, npm/char-regex@1.0.2, npm/chardet@0.7.0, npm/check-more-types@2.24.0, npm/chownr@1.1.4, npm/chrome-trace-event@1.0.3, npm/ci-info@3.9.0, npm/cli-spinners@2.9.2, npm/cli-width@3.0.0, npm/clone@1.0.4, npm/co@4.6.0, npm/color-name@1.1.3, npm/colorette@2.0.20, npm/common-tags@1.8.2, npm/commondir@1.0.1, npm/constants-browserify@1.0.0, npm/content-type@1.0.5, npm/cookie-signature@1.0.6, npm/core-util-is@1.0.2, npm/create-require@1.1.1, npm/cross-spawn@7.0.3, npm/cssesc@3.0.0, npm/debug@4.3.4, npm/decamelize@1.2.0, npm/deep-is@0.1.4, npm/deepmerge@4.3.1, npm/depd@2.0.0, npm/dependency-graph@0.11.0, npm/destroy@1.2.0, npm/detect-newline@3.1.0, npm/diff-sequences@29.6.3, npm/diff@4.0.2, npm/doctrine@3.0.0, npm/dotenv@16.4.5, npm/eastasianwidth@0.2.0, npm/ee-first@1.1.1, npm/electron-to-chromium@1.4.751, npm/emittery@0.13.1, npm/emoji-regex@9.2.2, npm/emojis-list@3.0.0, npm/encodeurl@1.0.2, npm/env-paths@2.2.1, npm/es-errors@1.3.0, npm/esbuild@0.20.2, npm/escape-string-regexp@1.0.5, npm/eslint-scope@7.2.2, npm/eslint-visitor-keys@3.4.3, npm/esprima@4.0.1, npm/esquery@1.5.0, npm/esrecurse@4.3.0, npm/estraverse@5.3.0, npm/esutils@2.0.3, npm/etag@1.8.1, npm/event-target-shim@5.0.1, npm/eventemitter3@4.0.7, npm/events@3.3.0, npm/exit@0.1.2, npm/extend@3.0.2, npm/extsprintf@1.3.0, npm/fast-deep-equal@3.1.3, npm/fast-json-stable-stringify@2.1.0, npm/fast-url-parser@1.1.3, npm/fastq@1.17.1, npm/fbjs-css-vars@1.0.2, npm/file-entry-cache@6.0.1, npm/flat-cache@3.2.0, npm/flatted@3.3.1, npm/forever-agent@0.6.1, npm/forwarded@0.2.0, npm/fresh@0.5.2, npm/fs-constants@1.0.0, npm/gensync@1.0.0-beta.2, npm/get-package-type@0.1.0, npm/glob-parent@6.0.2, npm/graceful-fs@4.2.11, npm/graphemer@1.4.0, npm/graphql@16.8.1, npm/har-schema@2.0.0, npm/has-flag@3.0.0, npm/has-proto@1.0.3, npm/has-symbols@1.0.3, npm/hosted-git-info@2.8.9, npm/human-signals@2.1.0, npm/husky@8.0.3, npm/ieee754@1.2.1, npm/ignore@5.3.1, npm/immediate@3.0.6, npm/immutable@3.7.6, npm/import-from@4.0.0, npm/imurmurhash@0.1.4, npm/indent-string@4.0.0, npm/inflight@1.0.6, npm/ini@1.3.8, npm/ipaddr.js@1.9.1, npm/is-arrayish@0.2.1, npm/is-buffer@1.1.6, npm/is-callable@1.2.7, npm/is-docker@2.2.1, npm/is-extglob@2.1.1, npm/is-fullwidth-code-point@4.0.0, npm/is-generator-fn@2.1.0, npm/is-glob@4.0.3, npm/is-interactive@1.0.0, npm/is-negative-zero@2.0.3, npm/is-number@7.0.0, npm/is-obj@2.0.0, npm/is-path-inside@3.0.3, npm/is-stream@1.1.0, npm/is-typedarray@1.0.0, npm/is-unicode-supported@0.1.0, npm/is-windows@1.0.2, npm/is-wsl@2.2.0, npm/isarray@2.0.5, npm/isobject@3.0.1, npm/isstream@0.1.2, npm/jest-get-type@29.6.3, npm/jest-regex-util@29.6.3, npm/jsbn@0.1.1, npm/jsesc@2.5.2, npm/json-buffer@3.0.1, npm/json-parse-better-errors@1.0.2, npm/json-parse-even-better-errors@2.3.1, npm/json-schema-traverse@1.0.0, npm/json-schema@0.4.0, npm/json-stable-stringify-without-jsonify@1.0.1, npm/json-stringify-safe@5.0.1, npm/json5@2.2.3, npm/keyv@4.5.4, npm/kind-of@6.0.3, npm/kleur@3.0.3, npm/lazy-ass@1.6.0, npm/levn@0.4.1, npm/lines-and-columns@1.2.4, npm/lodash.camelcase@4.3.0, npm/lodash.debounce@4.0.8, npm/lodash.get@4.4.2, npm/lodash.isplainobject@4.0.6, npm/lodash.merge@4.6.2, npm/lodash.once@4.1.1, npm/long@5.2.3, npm/lowercase-keys@2.0.0, npm/lru-cache@6.0.0, npm/magic-string@0.30.10, npm/map-cache@0.2.2, npm/merge-stream@2.0.0, npm/merge2@1.4.1, npm/mime-types@2.1.35, npm/mime@1.6.0, npm/mimic-response@1.0.1, npm/minimist@1.2.8, npm/moment@2.30.1, npm/mute-stream@0.0.8, npm/natural-compare@1.4.0, npm/negotiator@0.6.3, npm/neo-async@2.6.2, npm/node-int64@0.4.0, npm/node-releases@2.0.14, npm/normalize-path@3.0.0, npm/npm-run-path@4.0.1, npm/nullthrows@1.1.1, npm/oauth-sign@0.9.0, npm/object-inspect@1.13.1, npm/object-keys@1.1.1, npm/once@1.4.0, npm/os-tmpdir@1.0.2, npm/p-finally@1.0.0, npm/p-try@2.2.0, npm/pako@1.0.11, npm/parent-module@1.0.1, npm/path-root-regex@0.1.2, npm/path-type@4.0.0, npm/performance-now@2.1.0, npm/pg-int8@1.0.1, npm/picomatch@2.3.1, npm/pify@4.0.1, npm/pirates@4.0.6, npm/possible-typed-array-names@1.0.0, npm/postcss-selector-parser@6.0.16, npm/postgres-array@2.0.0, npm/postgres-bytea@1.0.0, npm/postgres-date@1.0.7, npm/prelude-ls@1.2.1, npm/prettier@2.8.8, npm/process-nextick-args@2.0.1, npm/process@0.11.10, npm/queue-microtask@1.2.3, npm/regenerate@1.4.2, npm/remove-trailing-separator@1.1.0, npm/repeat-string@1.6.1, npm/require-from-string@2.0.2, npm/require-main-filename@2.0.0, npm/resolve-from@5.0.0, npm/resolve.exports@2.0.2, npm/reusify@1.0.4, npm/rollup@4.17.2, npm/run-async@2.4.1, npm/run-parallel@1.2.0, npm/safe-buffer@5.2.1, npm/set-blocking@2.0.0, npm/setimmediate@1.0.5, npm/signedsource@1.0.0, npm/sisteransi@1.0.5, npm/slash@3.0.0, npm/sourcemap-codec@1.4.8, npm/spdx-exceptions@2.5.0, npm/spdx-license-ids@3.0.17, npm/sprintf-js@1.0.3, npm/stream-shift@1.0.3, npm/string-argv@0.3.2, npm/strip-ansi@6.0.1, npm/strip-bom@3.0.0, npm/strip-final-newline@2.0.0, npm/strip-json-comments@3.1.1, npm/strnum@1.0.5, npm/text-table@0.2.0, npm/through@2.3.8, npm/tmpl@1.0.5, npm/to-fast-properties@2.0.0, npm/tr46@0.0.3, npm/tree-kill@1.2.2, npm/tslib@2.6.2, npm/tunnel@0.0.6, npm/tweetnacl@0.14.5, npm/type-check@0.4.0, npm/type-fest@0.21.3, npm/typedarray@0.0.6, npm/typescript@4.9.5, npm/ua-parser-js@1.0.37, npm/uglify-js@3.17.4, npm/unc-path-regex@0.1.2, npm/undici@5.28.4, npm/unicode-canonical-property-names-ecmascript@2.0.0, npm/unicode-match-property-value-ecmascript@2.1.0, npm/unicode-property-aliases-ecmascript@2.1.0, npm/universalify@0.1.2, npm/untildify@4.0.0, npm/uri-js@4.4.1, npm/util-deprecate@1.0.2, npm/uuid@8.3.2, npm/vary@1.1.2, npm/which-module@2.0.1, npm/which@2.0.2, npm/word-wrap@1.2.5, npm/wordwrap@1.0.0, npm/xml-name-validator@4.0.0, npm/xtend@4.0.2, npm/yaml@1.10.2, npm/yargs-parser@20.2.9

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/core-js@3.37.0	Install script: postinstall Source: node -e "try{require('./postinstall')}catch(e){}"	orphan: npm/core-js@3.37.0

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/core-js@3.37.0

[graphite-app]

Graphite Automations

"Add platform team as reviewer" took an action on this PR • (04/30/24)

1 reviewer was added to this PR based on Keith Williams's automation.

[github-actions]

📦 Next.js Bundle Analysis for @calcom/web

This analysis was generated by the Next.js Bundle Analysis action. 🤖

This PR introduced no changes to the JavaScript bundle! 🙌

[deploysentinel]

Current Playwright Test Results Summary

✅ 315 Passing - ⚠️ 17 Flaky

Run may still be in progress, this comment will be updated as current testing workflow or job completes...

(Last updated on 04/30/2024 09:22:59pm UTC)

Run Details

Running Workflow PR Update on Github Actions

Commit: 3a9e927

Started: 04/30/2024 09:20:24pm UTC

⚠️ Flakes

📄   apps/web/playwright/payment-apps.e2e.ts • 1 Flake

Test Case Results

Test Case	Last 7 days Failures	Last 7 days Flakes
Payment app when more than one payment app is installed the price should be updated when changing settings Retry 1 • Initial Attempt	0% (0) 0 / 201 runs failed over last 7 days	4.98% (10) 10 / 201 runs flaked over last 7 days

---

📄   packages/embeds/embed-core/playwright/tests/action-based.e2e.ts • 9 Flakes

Top 1 Common Error Messages

null	9 Test Cases Affected

Test Case Results

Test Case	Last 7 days Failures	Last 7 days Flakes
Popup Tests should open embed iframe on click - Configured with light theme Retry 1 • Initial Attempt	19.92% (48) 48 / 241 runs failed over last 7 days	50.21% (121) 121 / 241 runs flaked over last 7 days
Popup Tests should be able to reschedule Retry 1 • Initial Attempt	-168.06% (-121) -121 / 72 runs failed over last 7 days	168.06% (121) 121 / 72 runs flaked over last 7 days
Popup Tests should open Routing Forms embed on click Retry 1 • Initial Attempt	-168.06% (-121) -121 / 72 runs failed over last 7 days	168.06% (121) 121 / 72 runs flaked over last 7 days
Popup Tests Floating Button Popup Pro User - Configured in App with default setting of system theme should open embed iframe according to system theme when no theme is configured through Embed API Retry 1 • Initial Attempt	-166.67% (-120) -120 / 72 runs failed over last 7 days	166.67% (120) 120 / 72 runs flaked over last 7 days
Popup Tests Floating Button Popup Pro User - Configured in App with default setting of system theme should open embed iframe according to system theme when configured with 'auto' theme using Embed API Retry 1 • Initial Attempt	-166.67% (-120) -120 / 72 runs failed over last 7 days	166.67% (120) 120 / 72 runs flaked over last 7 days
Popup Tests Floating Button Popup Pro User - Configured in App with default setting of system theme should open embed iframe(Booker Profile Page) with dark theme when configured with dark theme using Embed API Retry 1 • Initial Attempt	-166.67% (-120) -120 / 72 runs failed over last 7 days	166.67% (120) 120 / 72 runs flaked over last 7 days
Popup Tests Floating Button Popup Pro User - Configured in App with default setting of system theme should open embed iframe(Event Booking Page) with dark theme when configured with dark theme using Embed API Retry 1 • Initial Attempt	-166.67% (-120) -120 / 72 runs failed over last 7 days	166.67% (120) 120 / 72 runs flaked over last 7 days
Popup Tests prendered embed should be loaded and apply the config given to it Retry 1 • Initial Attempt	-166.67% (-120) -120 / 72 runs failed over last 7 days	166.67% (120) 120 / 72 runs flaked over last 7 days
Popup Tests should open on clicking child element Retry 1 • Initial Attempt	-179.31% (-52) -52 / 29 runs failed over last 7 days	179.31% (52) 52 / 29 runs flaked over last 7 days

---

📄   apps/web/playwright/profile.e2e.ts • 1 Flake

Test Case Results

Test Case	Last 7 days Failures	Last 7 days Flakes
Update Profile Can update a users email (verification enabled) Retry 1 • Initial Attempt	10% (20) 20 / 200 runs failed over last 7 days	31% (62) 62 / 200 runs flaked over last 7 days

---

📄   apps/web/playwright/booking-seats.e2e.ts • 1 Flake

Test Case Results

Test Case	Last 7 days Failures	Last 7 days Flakes
Reschedule for booking with seats If rescheduled/cancelled booking with seats it should display the correct number of seats Retry 1 • Initial Attempt	0% (0) 0 / 192 runs failed over last 7 days	4.69% (9) 9 / 192 runs flaked over last 7 days

---

📄   packages/embeds/embed-core/playwright/tests/namespacing.e2e.ts • 4 Flakes

Top 1 Common Error Messages

null	4 Test Cases Affected

Test Case Results

Test Case	Last 7 days Failures	Last 7 days Flakes
Namespacing Inline Embed Double install Embed Snippet with inline embed using a namespace Retry 1 • Initial Attempt	0.44% (1) 1 / 225 run failed over last 7 days	55.11% (124) 124 / 225 runs flaked over last 7 days
Namespacing Inline Embed Add inline embed using a namespace without reload Retry 1 • Initial Attempt	0% (0) 0 / 225 runs failed over last 7 days	55.11% (124) 124 / 225 runs flaked over last 7 days
Namespacing Different namespaces can have different init configs Retry 1 • Initial Attempt	0% (0) 0 / 224 runs failed over last 7 days	54.46% (122) 122 / 224 runs flaked over last 7 days
Namespacing Inline Embed Double install Embed Snippet with inline embed without a namespace(i.e. default namespace) Retry 1 • Initial Attempt	0% (0) 0 / 225 runs failed over last 7 days	56% (126) 126 / 225 runs flaked over last 7 days

---

📄   apps/web/playwright/webhook.e2e.ts • 1 Flake

Test Case Results

Test Case	Last 7 days Failures	Last 7 days Flakes
BOOKING_RESCHEDULED when rescheduling to a booking that already exists, should send a booking rescheduled event with the existant booking uid Retry 2 • Retry 1 • Initial Attempt	12.50% (25) 25 / 200 runs failed over last 7 days	43.50% (87) 87 / 200 runs flaked over last 7 days

---

View Detailed Build Results

---