build(deps-dev): bump zx from 8.3.0 to 8.3.1

[dependabot]

Bumps zx from 8.3.0 to 8.3.1.

Release notes

Sourced from zx's releases.

8.3.1 – Perfect Seal

The release essence: introduced full-featured .env support #461 → #1060 #1052 #1043 #1037 #1032 #1030 #1022

API

envapi is a tiny 100 LOC dotenv-inspired parser and serializer that we've integrated into zx.

import { dotenv, fs } from 'zx'
// parse
const env = dotenv.parse('A=A\nFOO=BAR') // { A: 'A', FOO: 'BAR' }
// serialize
const raw = dotenv.stringify(env) // A=A\nFOO=BAR
await fs.writeFile('.env', raw)
// load
dotenv.load('.env') // { A: 'A', FOO: 'BAR' }
// update the process.env
dotenv.config('.env')
process.env.A // A

CLI

zx --env .env script.mjs
zx --env-file .env script.mjs

QnA

— Why not use dotenv directly?
— 1) Size does matter 2) We'd like to avoid internal vaults.

— Why not load .env by default?
— 1) Explicit is better than implicit 2) Runtime itself (like bun) may provide the feature.

Chore

• Provided stdall piping #1033
• Exposed ProcessPromise fullCmd and unique id #1035
• Simplified internal regexps #1040 #1038
• Removed zx globals from unit tests scope #1039
• Added check if tempfile exists #1041
• Added ts support in markdown #1042
• Enabled CodeQL and OSV scanners #1011
• Configured pre-push git hooks #1044
• Explicitly declared permissions for test.yml #1045
• Mentioned halt and run API in docs #1046
• Fixed timeout option handling for corner cases #1049

... (truncated)

Commits

• 3419ab6 fmt
• 48decce Remove v7 docs from website
• 76ea47a Update docs.yml: install @​rollup/rollup-linux-x64-gnu
• 60e0bb1 Update docs.yml
• b8d4e19 build(deps-dev): bump vite in the npm_and_yarn group (#1084)
• 89d1177 test(core): check $ uses defaults store (#1079)
• bf26083 feat(cli): process md for any kind of input (#1078)
• 49a82c4 feat: expose ProcessPromise stage (#1077)
• 437a80f fix: timeout signal override (#1075)
• a38d471 refactor: avoid redundant buffer to string (#1072)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)