payloadcms / payload

Payload is the open-source, fullstack Next.js framework, giving you instant backend superpowers. Get a full TypeScript backend and admin panel instantly. Use Payload as a headless CMS or for building powerful applications.
https://payloadcms.com
MIT License
28.28k stars 1.75k forks source link

chore(deps): bump the dev-deps group across 1 directory with 20 updates #9355

Closed dependabot[bot] closed 3 days ago

dependabot[bot] commented 6 days ago

Bumps the dev-deps group with 20 updates in the / directory:

Package From To
@next/bundle-analyzer 15.0.0 15.0.3
@playwright/test 1.48.1 1.49.0
@sentry/node 8.37.1 8.39.0
@swc/cli 0.4.0 0.5.1
@swc/jest 0.2.36 0.2.37
@types/jest 29.5.12 29.5.14
@types/minimist 1.2.2 1.2.5
@types/node 22.5.4 22.9.1
husky 9.0.11 9.1.7
lint-staged 15.2.7 15.2.10
next 15.0.0 15.0.3
playwright 1.48.1 1.49.0
playwright-core 1.48.1 1.49.0
sharp 0.32.6 0.33.5
sort-package-json 2.10.1 2.11.0
turbo 2.2.3 2.3.0
@types/to-snake-case 1.0.0 1.0.2
esbuild 0.23.1 0.24.0
vue 3.5.12 3.5.13
@next/eslint-plugin-next 15.0.0 15.0.3

Updates @next/bundle-analyzer from 15.0.0 to 15.0.3

Release notes

Sourced from @​next/bundle-analyzer's releases.

v15.0.3

Core Changes

  • Read page name from work store in server module map proxy: #71669
  • codemod: should not transform when param is not used: #71664
  • [dynamicIO] complete refactor to prerender: #71687
  • fix: metadata image route normalize path posix for windows: #71673
  • next-codemod(upgrade): optional catch when missing dev script: #71598
  • Avoid server action function indirection in Turbopack: #71628
  • fix: exclude basePath in findSourceMapURL: #71719
  • fix: stack frame text color in dark mode: #71656
  • Fix: revert the bad node binary handling: #71723
  • next-codemod: add empty pnpm-workspace.yaml to test fixtures to bypass PNPM workspace checks: #71726
  • warn on sync access if dynamicIO is not enabled: #71696
  • Update React from 69d4b800-20241021 to 45804af1-20241021: #71718
  • next-upgrade: do not add --turbopack flag when --turbo exists in next dev: #71730
  • feat: stitch errors with react owner stack: #70393
  • [dynamicIO] update data access error and documentation: #71738
  • Test cached form action with revalidate: #71591
  • Upgrade React from 45804af1-20241021 to 28668d39-20241023: #71745
  • Fix race condition when setting client reference manifests: #71741
  • Fix fetch with no-store inside of use cache: #71754
  • Remove the bottom collapse button in dev overlay: #71658
  • [dynamicIO] unify cache filling and lazy-module warming: #71749
  • Don't filter out source location frames through RSC: #71752
  • fix undefined default export error msg: #71762
  • Upgrade React from 28668d39-20241023 to 1631855f-20241023: #71769
  • Enable owner stack in experimental build: #71716
  • feat: add experiment for sharpjs cpu flags: #71733
  • fix: handle server component replay error in error overlay: #71772
  • Don't error asking for prebuilt bundles: #71778
  • Replace turbopack://[project]/... sourcemap uris with file://... in development: #71489
  • misc: update source map paths for bundled Next.js runtime: #71779
  • [dynamicIO] refine error message and docs: #71781
  • next-upgrade: change --turbo to --turbopack if applicable: #71737
  • Show all diff when uncollapse: #71792
  • Sourcemap errors in terminal by default : #71444
  • Fully enable custom error callbacks for app router: #71794
  • Simplify Server Action Webpack plugin: #71721
  • ensure DIO development segment errors are cleared after correcting: #71811
  • Include sourceframe in errors logged in the terminal during development: #71803
  • [dynamicIO] update prerender cache scoping and cache warming for validation: #71822
  • only force stack frame color in tty: #71860
  • Add test for fetch with auth in use cache: #71768
  • Fix race with hot-reloader-client clearing overlay errors: #71771
  • Fix dynamic tracking in dev: #71867
  • Revert "Sourcemap errors in terminal by default (#71444)": #71868
  • Fix fetch caching inside of "use cache": #71793
  • Trace upload: only send traces for current session: #71838
  • Reland "Sourcemap errors in terminal by default": #71877

... (truncated)

Commits


Updates @playwright/test from 1.48.1 to 1.49.0

Release notes

Sourced from @​playwright/test's releases.

v1.49.0

Aria snapshots

New assertion expect(locator).toMatchAriaSnapshot() verifies page structure by comparing to an expected accessibility tree, represented as YAML.

await page.goto('https://playwright.dev');
await expect(page.locator('body')).toMatchAriaSnapshot(`
  - banner:
    - heading /Playwright enables reliable/ [level=1]
    - link "Get started"
    - link "Star microsoft/playwright on GitHub"
  - main:
    - img "Browsers (Chromium, Firefox, WebKit)"
    - heading "Any browser • Any platform • One API"
`);

You can generate this assertion with Test Generator and update the expected snapshot with --update-snapshots command line flag.

Learn more in the aria snapshots guide.

Test runner

Breaking: channels chrome, msedge and similar switch to new headless

This change affects you if you're using one of the following channels in your playwright.config.ts:

  • chrome, chrome-dev, chrome-beta, or chrome-canary
  • msedge, msedge-dev, msedge-beta, or msedge-canary

What do I need to do?

After updating to Playwright v1.49, run your test suite. If it still passes, you're good to go. If not, you will probably need to update your snapshots, and adapt some of your test code around PDF viewers and extensions. See [issue #33566](microsoft/playwright#33566) for more details.

Other breaking changes

  • There will be no more updates for WebKit on Ubuntu 20.04 and Debian 11. We recommend updating your OS to a later version.
  • Package @playwright/experimental-ct-vue2 will no longer be updated.
  • Package @playwright/experimental-ct-solid will no longer be updated.

Try new Chromium headless

You can opt into the new headless mode by using 'chromium' channel. As official Chrome documentation puts it:

New Headless on the other hand is the real Chrome browser, and is thus more authentic, reliable, and offers more features. This makes it more suitable for high-accuracy end-to-end web app testing or browser extension testing.

... (truncated)

Commits
  • a70a96a chore: mark v1.49.0 (#33649)
  • 53f51a8 cherry-pick(#33638): chore: clear highlight when performing action
  • 2a00ca8 cherry-pick(#33635): chore: add cm placeholder text
  • 0e64340 cherry-pick(#33632): chore: highlight edited locator while recording
  • cb0f456 cherry-pick(#33629): fix(rebase): do not apply multiple rebaselines to the sa...
  • 698823a cherry-pick(#33627): fix(codegen): document.documentElement is null on early ...
  • c0fa804 cherry-pick(#33619): fix(aria): normalize whitespace in toMatchAccessible{Nam...
  • 7a32228 cherry-pick(#33614): docs: add ariaSnapshot.timeout for language ports (#33615)
  • 0e31ace cherry-pick(#33575): fix(canvas snapshots): position mismatch in headless mode
  • b2a39ff cherry-pick(#33604): docs: update docs about headless shell
  • Additional commits viewable in compare view


Updates @sentry/node from 8.37.1 to 8.39.0

Release notes

Sourced from @​sentry/node's releases.

8.39.0

Important Changes

  • feat(nestjs): Instrument event handlers (#14307)

The @sentry/nestjs SDK will now capture performance data for NestJS Events (@nestjs/event-emitter)

Other Changes

  • feat(nestjs): Add alias @SentryExceptionCaptured for @WithSentry (#14322)
  • feat(nestjs): Duplicate SentryService behaviour into @sentry/nestjs SDK init() (#14321)
  • feat(nestjs): Handle GraphQL contexts in SentryGlobalFilter (#14320)
  • feat(node): Add alias childProcessIntegration for processThreadBreadcrumbIntegration and deprecate it (#14334)
  • feat(node): Ensure request bodies are reliably captured for http requests (#13746)
  • feat(replay): Upgrade rrweb packages to 2.29.0 (#14160)
  • fix(cdn): Ensure _sentryModuleMetadata is not mangled (#14344)
  • fix(core): Set sentry.source attribute to custom when calling span.updateName on SentrySpan (#14251)
  • fix(mongo): rewrite Buffer as ? during serialization (#14071)
  • fix(replay): Remove replay id from DSC on expired sessions (#14342)
  • ref(profiling) Fix electron crash (#14216)
  • ref(types): Deprecate Request type in favor of RequestEventData (#14317)
  • ref(utils): Stop setting transaction in requestDataIntegration (#14306)
  • ref(vue): Reduce bundle size for starting application render span (#14275)

Bundle size 📦

Path Size
@​sentry/browser 22.77 KB
@​sentry/browser - with treeshaking flags 21.53 KB
@​sentry/browser (incl. Tracing) 35.27 KB
@​sentry/browser (incl. Tracing, Replay) 72 KB
@​sentry/browser (incl. Tracing, Replay) - with treeshaking flags 62.38 KB
@​sentry/browser (incl. Tracing, Replay with Canvas) 76.31 KB
@​sentry/browser (incl. Tracing, Replay, Feedback) 89.17 KB
@​sentry/browser (incl. Feedback) 39.93 KB
@​sentry/browser (incl. sendFeedback) 27.42 KB
@​sentry/browser (incl. FeedbackAsync) 32.23 KB
@​sentry/react 25.52 KB
@​sentry/react (incl. Tracing) 38.23 KB
@​sentry/vue 26.92 KB
@​sentry/vue (incl. Tracing) 37.1 KB
@​sentry/svelte 22.91 KB
CDN Bundle 24.13 KB
CDN Bundle (incl. Tracing) 37.05 KB
CDN Bundle (incl. Tracing, Replay) 71.72 KB
CDN Bundle (incl. Tracing, Replay, Feedback) 77.07 KB
CDN Bundle - uncompressed 70.73 KB
CDN Bundle (incl. Tracing) - uncompressed 109.94 KB
CDN Bundle (incl. Tracing, Replay) - uncompressed 222.46 KB

... (truncated)

Changelog

Sourced from @​sentry/node's changelog.

8.39.0

Important Changes

  • feat(nestjs): Instrument event handlers (#14307)

The @sentry/nestjs SDK will now capture performance data for NestJS Events (@nestjs/event-emitter)

Other Changes

  • feat(nestjs): Add alias @SentryExceptionCaptured for @WithSentry (#14322)
  • feat(nestjs): Duplicate SentryService behaviour into @sentry/nestjs SDK init() (#14321)
  • feat(nestjs): Handle GraphQL contexts in SentryGlobalFilter (#14320)
  • feat(node): Add alias childProcessIntegration for processThreadBreadcrumbIntegration and deprecate it (#14334)
  • feat(node): Ensure request bodies are reliably captured for http requests (#13746)
  • feat(replay): Upgrade rrweb packages to 2.29.0 (#14160)
  • fix(cdn): Ensure _sentryModuleMetadata is not mangled (#14344)
  • fix(core): Set sentry.source attribute to custom when calling span.updateName on SentrySpan (#14251)
  • fix(mongo): rewrite Buffer as ? during serialization (#14071)
  • fix(replay): Remove replay id from DSC on expired sessions (#14342)
  • ref(profiling) Fix electron crash (#14216)
  • ref(types): Deprecate Request type in favor of RequestEventData (#14317)
  • ref(utils): Stop setting transaction in requestDataIntegration (#14306)
  • ref(vue): Reduce bundle size for starting application render span (#14275)

8.38.0

  • docs: Improve docstrings for node otel integrations (#14217)
  • feat(browser): Add moduleMetadataIntegration lazy loading support (#13817)
  • feat(core): Add trpc path to context in trpcMiddleware (#14218)
  • feat(deps): Bump @​opentelemetry/instrumentation-amqplib from 0.42.0 to 0.43.0 (#14230)
  • feat(deps): Bump @​sentry/cli from 2.37.0 to 2.38.2 (#14232)
  • feat(node): Add knex integration (#13526)
  • feat(node): Add tedious integration (#13486)
  • feat(utils): Single implementation to fetch debug ids (#14199)
  • fix(browser): Avoid recording long animation frame spans starting before their parent span (#14186)
  • fix(node): Include debug_meta with ANR events (#14203)
  • fix(nuxt): Fix dynamic import rollup plugin to work with latest nitro (#14243)
  • fix(react): Support wildcard routes on React Router 6 (#14205)
  • fix(spotlight): Export spotlightBrowserIntegration from the main browser package (#14208)
  • ref(browser): Ensure start time of interaction root and child span is aligned (#14188)
  • ref(nextjs): Make build-time value injection turbopack compatible (#14081)

Work in this release was contributed by @​grahamhency, @​Zen-cronic, @​gilisho and @​phuctm97. Thank you for your contributions!

Commits
  • c52478d release: 8.39.0
  • 5e6658a Merge pull request #14361 from getsentry/prepare-release/8.39.0
  • 8659f8d meta(changelog): Update changelog for 8.39.0
  • 100c662 meta(utils): Don't use import assertion in rollup config (#14362)
  • 4357b44 test: Clean up test output warnings (#14358)
  • da5b2e0 fix(replay): Remove replay id from DSC on expired sessions (#14342)
  • fe1fb8c fix(cdn): Ensure _sentryModuleMetadata is not mangled (#14344)
  • d253621 ref(utils): Explicitly export API in @sentry/utils (#14338)
  • 4fbc3b2 meta(utils): Replace custom versionbump script with rollup replace plugin (#1...
  • 9993d1e feat(node): Add alias childProcessIntegration for `processThreadBreadcrumbI...
  • Additional commits viewable in compare view


Updates @swc/cli from 0.4.0 to 0.5.1

Commits


Updates @swc/jest from 0.2.36 to 0.2.37

Commits


Updates @types/jest from 29.5.12 to 29.5.14

Commits


Updates @types/minimist from 1.2.2 to 1.2.5

Commits


Updates @types/node from 22.5.4 to 22.9.1

Commits


Updates husky from 9.0.11 to 9.1.7

Release notes

Sourced from husky's releases.

v9.1.7

What's Changed

New Contributors

Full Changelog: https://github.com/typicode/husky/compare/v9.1.6...v9.1.7

v9.1.6

What's Changed

New Contributors

Full Changelog: https://github.com/typicode/husky/compare/v9.1.5...v9.1.6

v9.1.5

What's Changed

New Contributors

Full Changelog: https://github.com/typicode/husky/compare/v9.1.4...v9.1.5

v9.1.4

  • Improve deprecation notice

v9.1.3

  • fix: better handle space in PATH

v9.1.2

Show a message instead of automatically removing deprecated code.

This only concerns projects that still have the following code in their hooks:

- #!/usr/bin/env sh # <- This is deprecated, remove it
- . "$(dirname -- "$0")/_/husky.sh"  # <- This is deprecated, remove it

Rest of your hook code

Hooks with these lines will fail in v10.0.0

v9.1.1

... (truncated)

Commits


Updates lint-staged from 15.2.7 to 15.2.10

Release notes

Sourced from lint-staged's releases.

v15.2.10

Patch Changes

v15.2.9

Patch Changes

  • #1463 b69ce2d Thanks @​iiroj! - Set the maximum number of event listeners to the number of tasks. This should silence the console warning MaxListenersExceededWarning: Possible EventEmitter memory leak detected.

v15.2.8

Patch Changes

  • f0480f0 Thanks @​iiroj! - In the previous version the native git rev-parse --show-toplevel command was taken into use for resolving the current git repo root. This version switched the --show-toplevel flag with --show-cdup, because on Git installed via MSYS2 the former was returning absolute paths that do not work with Node.js child_process. The new flag returns a path relative to the working directory, avoiding the issue.

    The GitHub Actions workflow has been updated to install Git via MSYS2, to ensure better future compatibility; using the default Git binary in the GitHub Actions runner was working correctly even with MSYS2.

Changelog

Sourced from lint-staged's changelog.

15.2.10

Patch Changes

15.2.9

Patch Changes

  • #1463 b69ce2d Thanks @​iiroj! - Set the maximum number of event listeners to the number of tasks. This should silence the console warning MaxListenersExceededWarning: Possible EventEmitter memory leak detected.

15.2.8

Patch Changes

  • f0480f0 Thanks @​iiroj! - In the previous version the native git rev-parse --show-toplevel command was taken into use for resolving the current git repo root. This version switched the --show-toplevel flag with --show-cdup, because on Git installed via MSYS2 the former was returning absolute paths that do not work with Node.js child_process. The new flag returns a path relative to the working directory, avoiding the issue.

    The GitHub Actions workflow has been updated to install Git via MSYS2, to ensure better future compatibility; using the default Git binary in the GitHub Actions runner was working correctly even with MSYS2.

Commits
  • 163112f chore(changeset): release
  • 829575c Merge pull request #1471 from lint-staged/updates
  • 893ca84 refactor: remove unused parameter default
  • a661f46 build(deps): migrate to ESLint 9
  • e3f283b build(deps): update minor dependencies
  • 35483b9 docs: add some more concrete command examples to the README
  • 0ce5e14 chore(changeset): release (#1465)
  • b69ce2d fix: set max event listeners to the number of tasks (#1463)
  • 52f6eef chore(changeset): release (#1462)
  • 8d8fe23 build: update repository url in package.json
  • Additional commits viewable in compare view


Updates next from 15.0.0 to 15.0.3

Release notes

Sourced from next's releases.

v15.0.3

Core Changes

  • Read page name from work store in server module map proxy: #71669
  • codemod: should not transform when param is not used: #71664
  • [dynamicIO] complete refactor to prerender: #71687
  • fix: metadata image route normalize path posix for windows: #71673
  • next-codemod(upgrade): optional catch when missing dev script: #71598
  • Avoid server action function indirection in Turbopack: #71628
  • fix: exclude basePath in findSourceMapURL: #71719
  • fix: stack frame text color in dark mode: #71656
  • Fix: revert the bad node binary handling: #71723
  • next-codemod: add empty pnpm-workspace.yaml to test fixtures to bypass PNPM workspace checks: #71726
  • warn on sync access if dynamicIO is not enabled: #71696
  • Update React from 69d4b800-20241021 to 45804af1-20241021: #71718
  • next-upgrade: do not add --turbopack flag when --turbo exists in next dev: #71730
  • feat: stitch errors with react owner stack: #70393
  • [dynamicIO] update data access error and documentation: #71738
  • Test cached form action with revalidate: #71591
  • Upgrade React from 45804af1-20241021 to 28668d39-20241023: #71745
  • Fix race condition when setting client reference manifests: #71741
  • Fix fetch with no-store inside of use cache: #71754
  • Remove the bottom collapse button in dev overlay: #71658
  • [dynamicIO] unify cache filling and lazy-module warming: #71749
  • Don't filter out source location frames through RSC: #71752
  • fix undefined default export error msg: #71762
  • Upgrade React from 28668d39-20241023 to 1631855f-20241023: #71769
  • Enable owner stack in experimental build: #71716
  • feat: add experiment for sharpjs cpu flags: #71733
  • fix: handle server component replay error in error overlay: #71772
  • Don't error asking for prebuilt bundles: #71778
  • Replace turbopack://[project]/... sourcemap uris with file://... in development: #71489
  • misc: update source map paths for bundled Next.js runtime: #71779
  • [dynamicIO] refine error message and docs: #71781
  • next-upgrade: change --turbo to --turbopack if applicable: #71737
  • Show all diff when uncollapse: #71792
  • Sourcemap errors in terminal by default : #71444
  • Fully enable custom error callbacks for app router: #71794
  • Simplify Server Action Webpack plugin: #71721
  • ensure DIO development segment errors are cleared after correcting: #71811
  • Include sourceframe in errors logged in the terminal during development: #71803
  • [dynamicIO] update prerender cache scoping and cache warming for validation: #71822
  • only force stack frame color in tty: #71860
  • Add test for fetch with auth in use cache: #71768
  • Fix race with hot-reloader-client clearing overlay errors: #71771
  • Fix dynamic tracking in dev: #71867
  • Revert "Sourcemap errors in terminal by default (#71444)": #71868
  • Fix fetch caching inside of "use cache": #71793
  • Trace upload: only send traces for current session: #71838
  • Reland "Sourcemap errors in terminal by default": #71877

... (truncated)

Commits
  • 7dc7be2 v15.0.3
  • 74b4d2d v15.0.3-canary.9
  • be40adb Add missing closing \</AppOnly> (#72453)
  • 224447c Getting Started Docs: Improve "Project Structure" page (#72399)
  • 5f0adad chore(turbopack): Update dashmap from 5.x to 6.x (#72433)
  • f668af2 [ppr] Fixed deployment tests (#72428)
  • 856521b docs(parallel-routes): update 11-parallel-routes.mdx example for modal closin...
  • 9d31638 docs(route-handlers): add TS/JS switcher to Route Resolution section in `...
  • 200fdc1 [Turbopack] remove unneeded type annotation (#72390)
  • 74a19b7 docs: unify the header deps by removing # (#72391)
  • Additional commits viewable in compare view


Updates playwright from 1.48.1 to 1.49.0

Release notes

Sourced from playwright's releases.

v1.49.0

Aria snapshots

New assertion expect(locator).toMatchAriaSnapshot() verifies page structure by comparing to an expected accessibility tree, represented as YAML.

await page.goto('https://playwright.dev');
await expect(page.locator('body')).toMatchAriaSnapshot(`
  - banner:
    - heading /Playwright enables reliable/ [level=1]
    - link "Get started"
    - link "Star microsoft/playwright on GitHub"
  - main:
    - img "Browsers (Chromium, Firefox, WebKit)"
    - heading "Any browser • Any platform • One API"
`);

You can generate this assertion with Test Generator and update the expected snapshot with --update-snapshots command line flag.

Learn more in the aria snapshots guide.

Test runner

Breaking: channels chrome, msedge and similar switch to new headless

This change affects you if you're using one of the following channels in your playwright.config.ts:

  • chrome, chrome-dev, chrome-beta, or chrome-canary
  • msedge, msedge-dev, msedge-beta, or msedge-canary

What do I need to do?

After updating to Playwright v1.49, run your test suite. If it still passes, you're good to go. If not, you will probably need to update your snapshots, and adapt some of your test code around PDF viewers and extensions. See [issue #33566](microsoft/playwright#33566) for more details.

Other breaking changes

  • There will be no more updates for WebKit on Ubuntu 20.04 and Debian 11. We recommend updating your OS to a later version.
  • Package @playwright/experimental-ct-vue2 will no longer be updated.
  • Package @playwright/experimental-ct-solid will no longer be updated.

Try new Chromium headless

You can opt into the new headless mode by using 'chromium' channel. As official Chrome documentation puts it:

New Headless on the other hand is the real Chrome browser, and is thus more authentic, reliable, and offers more features. This makes it more suitable for high-accuracy end-to-end web app testing or browser extension testing.

... (truncated)

Commits
  • a70a96a chore: mark v1.49.0 (#33649)
  • 53f51a8 cherry-pick(#33638): chore: clear highlight when performing action
  • 2a00ca8 cherry-pick(#33635): chore: add cm placeholder text
  • 0e64340 cherry-pick(#33632): chore: highlight edited locator while recording
  • cb0f456 cherry-pick(#33629): fix(rebase): do not apply multiple rebaselines to the sa...
  • 698823a cherry-pick(#33627): fix(codegen): document.documentElement is null on early ...
  • c0fa804 cherry-pick(#33619): fix(aria): normalize whitespace in toMatchAccessible{Nam...
  • 7a32228 cherry-pick(#33614): docs: add ariaSnapshot.timeout for language ports (#33615)
  • 0e31ace cherry-pick(#33575): fix(canvas snapshots): position mismatch in headless mode
  • b2a39ff cherry-pick(#33604): docs: update docs about headless shell
  • Additional commits viewable in compare view


Updates playwright-core from 1.48.1 to 1.49.0

Release notes

Sourced from playwright-core's releases.

v1.49.0

Aria snapshots

New assertion expect(locator).toMatchAriaSnapshot() verifies page structure by comparing to an expected accessibility tree, represented as YAML.

await page.goto('https://playwright.dev');
await expect(page.locator('body')).toMatchAriaSnapshot(`
  - banner:
    - heading /Playwright enables reliable/ [level=1]
    - link "Get started"
    - link "Star microsoft/playwright on GitHub"
  - main:
    - img "Browsers (Chromium, Firefox, WebKit)"
    - heading "Any browser • Any platform • One API"
`);

You can generate this assertion with Test Generator and update the expected snapshot with --update-snapshots command line flag.

Learn more in the aria snapshots guide.

Test runner

dependabot[bot] commented 3 days ago

Looks like these dependencies are updatable in another way, so this is no longer needed.