apps/api(deps-dev): bump the dev-deps group across 1 directory with 12 updates

Bumps the dev-deps group with 12 updates in the /apps/api directory:

Package	From	To
@flydotio/dockerfile	`0.4.11`	`0.5.9`
@tsconfig/recommended	`1.0.6`	`1.0.8`
@types/jest	`29.5.12`	`29.5.14`
@types/node	`20.14.1`	`22.9.0`
body-parser	`1.20.2`	`1.20.3`
express	`4.19.2`	`4.21.1`
mammoth	`1.7.2`	`1.8.0`
nodemon	`2.0.22`	`3.1.7`
supabase	`1.172.2`	`1.219.2`
supertest	`6.3.4`	`7.0.0`
ts-jest	`29.1.4`	`29.2.5`
typescript	`5.4.5`	`5.6.3`

Updates @flydotio/dockerfile from 0.4.11 to 0.5.9

Commits

See full diff in compare view

Updates @tsconfig/recommended from 1.0.6 to 1.0.8

Commits

See full diff in compare view

Updates @types/jest from 29.5.12 to 29.5.14

Commits

See full diff in compare view

Updates @types/node from 20.14.1 to 22.9.0

Commits

See full diff in compare view

Updates body-parser from 1.20.2 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

deps: qs@6.13.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/body-parser#522

ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/body-parser#523

fix: pin to node@22.4.1 by @wesleytodd in expressjs/body-parser#527

deps: qs@6.12.3 by @melikhov-dev in expressjs/body-parser#521

Add OSSF Scorecard badge by @bjohansebas in expressjs/body-parser#531

Linter by @UlisesGascon in expressjs/body-parser#534

Release: 1.20.3 by @UlisesGascon in expressjs/body-parser#535

New Contributors

@inigomarquinez made their first contribution in expressjs/body-parser#522

@melikhov-dev made their first contribution in expressjs/body-parser#521

@bjohansebas made their first contribution in expressjs/body-parser#531

@UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

deps: qs@6.13.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Commits

1752951 1.20.3
39744cf chore: linter (#534)
b2695c4 Merge commit from fork
ade0f3f add scorecard to readme (#531)
99a1bd6 deps: qs@6.12.3 (#521)
9478591 fix: pin to node@22.4.1
83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
9d4e212 chore: add support for OSSF scorecard reporting (#522)
See full diff in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates express from 4.19.2 to 4.21.1

Release notes

Sourced from express's releases.

4.21.1

What's Changed

Backport a fix for CVE-2024-47764 to the 4.x branch by @joshbuker in expressjs/express#6029

Release: 4.21.1 by @UlisesGascon in expressjs/express#6031

Full Changelog: https://github.com/expressjs/express/compare/4.21.0...4.21.1

4.21.0

What's Changed

Deprecate "back" magic string in redirects by @blakeembrey in expressjs/express#5935

finalhandler@1.3.1 by @wesleytodd in expressjs/express#5954

fix(deps): serve-static@1.16.2 by @wesleytodd in expressjs/express#5951

Upgraded dependency qs to 6.13.0 to match qs in body-parser by @agadzinski93 in expressjs/express#5946

New Contributors

@agadzinski93 made their first contribution in expressjs/express#5946

Full Changelog: https://github.com/expressjs/express/compare/4.20.0...4.21.0

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

deps: encodeurl@~2.0.0 by @blakeembrey in expressjs/express#5569

skip QUERY method test by @jonchurch in expressjs/express#5628

ignore ETAG query test on 21 and 22, reuse skip util by @jonchurch in expressjs/express#5639

add support Node.js@22 in the CI by @mertcanaltin in expressjs/express#5627

doc: add table of contents, tc/triager lists to readme by @mertcanaltin in expressjs/express#5619

List and sort all projects, add captains by @blakeembrey in expressjs/express#5653

docs: add @UlisesGascon as captain for cookie-parser by @UlisesGascon in expressjs/express#5666

✨ bring back query tests for node 21 by @ctcpip in expressjs/express#5690

[v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by @jonchurch in expressjs/express#5672

skip QUERY tests for Node 21 only, still not supported by @jonchurch in expressjs/express#5695

... (truncated)

Changelog

Sourced from express's changelog.

4.21.1 / 2024-10-08

Backported a fix for CVE-2024-47764

4.21.0 / 2024-09-11

Deprecate res.location("back") and res.redirect("back") magic string

deps: serve-static@1.16.2

includes send@0.19.0

deps: finalhandler@1.3.1

deps: qs@6.13.0

4.20.0 / 2024-09-10

deps: serve-static@0.16.0

Remove link renderization in html while redirecting

deps: send@0.19.0

Remove link renderization in html while redirecting

deps: body-parser@0.6.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: path-to-regexp@0.1.10

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align better with URL spec

Deprecate passing options.maxAge and options.expires to res.clearCookie

Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

Commits

8e229f9 4.21.1
a024c8a fix(deps): cookie@0.7.1
7e562c6 4.21.0
1bcde96 fix(deps): qs@6.13.0 (#5946)
7d36477 fix(deps): serve-static@1.16.2 (#5951)
40d2d8f fix(deps): finalhandler@1.3.1
77ada90 Deprecate "back" magic string in redirects (#5935)
21df421 4.20.0
4c9ddc1 feat: upgrade to serve-static@0.16.0
9ebe5d5 feat: upgrade to send@0.19.0 (#5928)
Additional commits viewable in compare view

Updates mammoth from 1.7.2 to 1.8.0

Changelog

Sourced from mammoth's changelog.

1.8.0

Add style mapping for highlights.

Commits

9176454 Bump version to 1.8.0
d12d00f Handle highlight value of none
0546ccd Fix: matchers for specific break types match all break types
66c9ef9 Support style mapping for highlights
700e395 Parse run highlights
See full diff in compare view

Updates nodemon from 2.0.22 to 3.1.7

Release notes

Sourced from nodemon's releases.

v3.1.7

3.1.7 (2024-09-20)

Bug Fixes

types for export on ESModule (#2211) (9b0606a)

v3.1.6

3.1.6 (2024-09-19)

Bug Fixes

watch nested paths (11fcaaa), closes #2216

v3.1.5

3.1.5 (2024-09-17)

Bug Fixes

add missing ignore option to type defintion of config (#2224) (254c2ab)

v3.1.4

3.1.4 (2024-06-20)

Bug Fixes

ensure local env have priority (6020968), closes #2209

v3.1.3

3.1.3 (2024-06-03)

Bug Fixes

cast the nodemon function as Nodemon type (eaa1d54), closes #2206

v3.1.2

3.1.2 (2024-05-29)

Bug Fixes

Type exports correctly (#2207) (789663c), closes #2206

v3.1.1

3.1.1 (2024-05-25)

... (truncated)

Commits

9b0606a fix: types for export on ESModule (#2211)
1428001 Merge branch 'main' of github.com:remy/nodemon
11fcaaa fix: watch nested paths
fddbd43 chore: update web site
254c2ab fix: add missing ignore option to type defintion of config (#2224)
f014241 chore: update website
5a18d24 chore: update website
1773092 chore: update website
51dedee chore: update website
ef9ff04 chore: update website
Additional commits viewable in compare view

Updates supabase from 1.172.2 to 1.219.2

Release notes

Sourced from supabase's releases.

v1.219.2

Changelog

Bug fixes

1becd0fa4a064d9ac38b0d0bc20eac0c8d8ae3dc: fix: auto detect deno.json for globbed slugs (#2852) (@sweatybridge)

v1.219.1

Changelog

Bug fixes

10e102bced53b1a811fb729869474d64d56cba45: fix: link fails due to wrong api key type (#2850) (@sweatybridge)

v1.219.0

Changelog

Features

9a896d681324e29d784bc4bf0921a94b469f690d: feat: login via browser with device code (#2843) (@sweatybridge)

v1.218.1

Changelog

Bug fixes

834959d5f9ab321ef24e13c982d6dc8ac955adcf: fix(studio): bump studio image to 20241106-f29003e (#2845) (@ivasilov)

v1.218.0

Changelog

Features

2564fc61a2d070201e114e4879bfa1a4fe570a2c: feat(config): sync external provider config to remote (#2839) (@sweatybridge)

v1.217.2

Changelog

Bug fixes

5bd2b619f4160d7be3c33c7e0cff16041a8be330: fix(functions): create new reader for retrying deploy (#2840) (@sweatybridge)

v1.217.1

Changelog

Bug fixes

9320b5406cdd9fa586c1ffd9fa48b093763583e5: fix(studio): bump studio image to 20241106-fe0e32d (#2838) (@sweatybridge)

Others

cc62b3c09d68a4faea540198c5271abe6f12b6fd: chore: refactor let api decide for restart (#2835) (@avallete)

v1.217.0

Changelog

Features

b5c6ead610a95eb064b84f6b5729a7026ac7c8a8: feat(config): sync sms config to remote (#2831) (@sweatybridge)

v1.216.0

Changelog

Features

7752c114daa24d0c6a8cae5c4f949aa1132d065b: feat(config): support global auth config update (@sweatybridge)

Bug fixes

1c568bba6cb4311a54d232d48c2e144229cc8f2c: fix(config): remove array of empty string (@sweatybridge)

Others

526da59cf43e5d337df726f5218328a4e13c7fd6: chore: move auth config to its own file (@sweatybridge)

... (truncated)

Commits

1becd0f fix: auto detect deno.json for globbed slugs (#2852)
10e102b fix: link fails due to wrong api key type (#2850)
9a896d6 feat: login via browser with device code (#2843)
834959d fix(studio): bump studio image to 20241106-f29003e (#2845)
2564fc6 feat(config): sync external provider config to remote (#2839)
5bd2b61 fix(functions): create new reader for retrying deploy (#2840)
9320b54 fix(studio): bump studio image to 20241106-fe0e32d (#2838)
cc62b3c chore: refactor let api decide for restart (#2835)
b5c6ead feat(config): sync sms config to remote (#2831)
c697565 chore: remove unnecessary cast
Additional commits viewable in compare view

Updates supertest from 6.3.4 to 7.0.0

Release notes

Sourced from supertest's releases.

v7.0.0

Merge pull request #834 from Bruception/master 225118c

Fix TestAgent not inheriting Agent properties f290431

fix: bump deps, drop Node.js v<14.16.0 1e18c20

https://github.com/ladjs/supertest/compare/v6.3.4...v7.0.0

Commits

2ae1c36 7.0.0
225118c Merge pull request #834 from Bruception/master
f290431 Fix TestAgent not inheriting Agent properties
1e18c20 fix: bump deps, drop Node.js v<14.16.0
See full diff in compare view

Updates ts-jest from 29.1.4 to 29.2.5

Release notes

Sourced from ts-jest's releases.

v29.2.5

Please refer to CHANGELOG.md for details.

v29.2.4

Please refer to CHANGELOG.md for details.

v29.2.3

Please refer to CHANGELOG.md for details.

v29.2.2

Please refer to CHANGELOG.md for details.

v29.2.1

Please refer to CHANGELOG.md for details.

v29.2.0

Please refer to CHANGELOG.md for details.

v29.1.5

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.2.5 (2024-08-23)

Bug Fixes

build: build package with NodeNext module (9b3ade5)

fix: set value ts/tsx extensionsToTreatAsEsm in default esm preset (d9ff362)

fix(compiler): fallback to NodeJS module resolution for ts 4.8 (b7d3409), closes #4499

29.2.4 (2024-08-01)

Bug Fixes

fix: revert support implementation for Node16/NodeNext (70b9530), closes #4468 #4473

29.2.3 (2024-07-18)

Security Fixes

build(deps): Update dependency ejs to ^3.1.10 (de94a56)

Code Refactoring

refactor(presets): maintain preset codes inside src (8474fc2)

29.2.2 (2024-07-10)

Bug Fixes

fix(compiler): update memory cache after changing module value (94db43f), closes #4439

29.2.1 (2024-07-10)

Bug Fixes

fix: move ejs to dep instead of peerDep (26e31a7)

fix: set allowSyntheticDefaultImports properly (ff4b302), closes #4156

... (truncated)

Commits

500a863 chore(release): 29.2.5
dce986e build(deps): Update dependency @babel/preset-env to ^7.25.4
48a28a6 build(deps): Update dependency vite to ^5.4.2
d9ff362 fix: set value ts/tsx extensionsToTreatAsEsm in default esm preset
00550ef test: add e2e test case for ESM features
978169b build(deps): Update dependency @types/node to v20.16.1
e9a643c build(deps): Update dependency @types/node to v20.16.0
535edab build(deps): Update dependency @types/node to v20.15.0
011a9d8 build(deps): Update dependency vite to ^5.4.1
4eb8ccd build: update renovate bot
Additional commits viewable in compare view

Updates typescript from 5.4.5 to 5.6.3

Release notes

Sourced from typescript's releases.

TypeScript 5.6.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

fixed issues query for Typescript 5.6.0 (Beta).

fixed issues query for Typescript 5.6.1 (RC).

fixed issues query for Typescript 5.6.2 (Stable).

fixed issues query for Typescript 5.6.3 (Stable).

Downloads are available on:

npm

NuGet package

TypeScript 5.6

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

fixed issues query for Typescript 5.6.0 (Beta).

fixed issues query for Typescript 5.6.1 (RC).

fixed issues query for Typescript 5.6.2 (Stable).

Downloads are available on:

npm

NuGet package

TypeScript 5.6 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

fixed issues query for TypeScript v5.6.1 (RC).

fixed issues query for TypeScript v5.6.0 (Beta).

Downloads are available on:

npm

TypeScript 5.6 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

fixed issues query for Typescript 5.6.0 (Beta).

... (truncated)

Commits

d48a5cf Bump version to 5.6.3 and LKG
fefa70a 🤖 Pick PR #60083 (Don't issue implicit any when obtai...) into release-5.6 (#...
ff71692 [release-5.6] Remove tsbuildInfo specification error now that we need it for ...
1f44dcf 🤖 Pick PR #60157 (fix automatic type acquisition) into release-5.6 (#60169)
a7e3374 Bump version to 5.6.2 and LKG
2063357 🤖 Pick PR #59708 (LEGO: Pull request from lego/hb_537...) into release-5.6 (#...
4fe7e41 🤖 Pick PR #59670 (fix(59649): ts Move to a new file d...) into release-5.6 (#...
1a03e53 🤖 Pick PR #59761 (this can be nullish) into release-5.6 (#59762)
6212132 Update LKG
bbb5faf 🤖 Pick PR #59542 (Fixing delay caused in vscode due t...) into release-5.6 (#...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

mendableai / firecrawl