Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): Bump the arcjet-apps-minor group across 1 directory with 19 updates #343

Closed

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 27, 2024

Bumps the arcjet-apps-minor group with 19 updates in the / directory:

Package From To
@ai-sdk/openai 1.0.6 1.0.11
@astrojs/starlight 0.29.2 0.30.3
@clerk/nextjs 6.5.2 6.9.6
@langchain/community 0.3.16 0.3.20
@nanostores/react 0.8.2 0.8.4
@nestjs/common 10.4.13 10.4.15
@nestjs/core 10.4.13 10.4.15
@nestjs/platform-express 10.4.13 10.4.15
@remix-run/node 2.15.0 2.15.2
@sveltejs/kit 2.9.0 2.15.1
ai 4.0.10 4.0.22
express 4.21.1 4.21.2
hono 4.6.12 4.6.14
next-auth 4.24.10 4.24.11
pino 9.5.0 9.6.0
sass 1.81.1 1.83.0
starlight-links-validator 0.14.0 0.14.1
type-fest 4.30.0 4.31.0
zod 3.23.8 3.24.1

Updates @ai-sdk/openai from 1.0.6 to 1.0.11

Release notes

Sourced from @​ai-sdk/openai's releases.

@​ai-sdk/openai@​1.0.11

Patch Changes

  • 5ed5e45: chore (config): Use ts-library.json tsconfig for no-UI libs.
  • Updated dependencies [5ed5e45]
    • @​ai-sdk/provider-utils@​2.0.5
    • @​ai-sdk/provider@​1.0.3

@​ai-sdk/openai@​1.0.10

Patch Changes

  • d4fad4e: fix (provider/openai): fix reasoning model detection

@​ai-sdk/openai@​1.0.9

Patch Changes

  • 3fab0fb: feat (provider/openai): support reasoning_effort setting
  • e956eed: feat (provider/openai): update model list and add o1
  • 6faab13: feat (provider/openai): simulated streaming setting

@​ai-sdk/openai@​1.0.8

Patch Changes

  • 09a9cab: feat (ai/core): add experimental generateImage function
  • Updated dependencies [09a9cab]
    • @​ai-sdk/provider@​1.0.2
    • @​ai-sdk/provider-utils@​2.0.4
Commits

Updates @astrojs/starlight from 0.29.2 to 0.30.3

Release notes

Sourced from @​astrojs/starlight's releases.

@​astrojs/starlight@​0.30.3

Patch Changes

  • #2717 c5fcbb3 Thanks @​delucis! - Fixes a list item spacing issue where line break elements (<br>) could receive a margin, breaking layout in Firefox

  • #2724 02d7ac6 Thanks @​dionysuzx! - Adds social link support for Farcaster

  • #2635 ec4b851 Thanks @​HiDeoo! - Fixes an issue where the language picker in multilingual sites could display the wrong language when navigating between pages with the browser back/forward buttons.

  • #2726 e54ebd5 Thanks @​techfg! - Adds icon for phone

@​astrojs/starlight@​0.30.2

Patch Changes

  • #2702 02d16f3 Thanks @​HiDeoo! - Fixes an issue with autogenerated sidebars when using Starlight with Astro's new Content Layer API with directories containing spaces or special characters.

  • #2704 fd16470 Thanks @​delucis! - Fixes display of focus indicator around site title

@​astrojs/starlight@​0.30.1

Patch Changes

  • #2688 5c6996c Thanks @​HiDeoo! - Fixes an issue with autogenerated sidebars when using Starlight with Astro's new Content Layer API where group names would be sluggified.

@​astrojs/starlight@​0.30.0

Minor Changes

  • #2612 8d5a4e8 Thanks @​HiDeoo! - Adds support for Astro v5, drops support for Astro v4.

    Upgrade Astro and dependencies

    ⚠️ BREAKING CHANGE: Astro v4 is no longer supported. Make sure you update Astro and any other official integrations at the same time as updating Starlight:

    npx @astrojs/upgrade

    Community Starlight plugins and Astro integrations may also need to be manually updated to work with Astro v5. If you encounter any issues, please reach out to the plugin or integration author to see if it is a known issue or if an updated version is being worked on.

    Update your collections

    ⚠️ BREAKING CHANGE: Starlight's internal content collections, which organize, validate, and render your content, have been updated to use Astro's new Content Layer API and require configuration changes in your project.

    1. Move the content config file. This file no longer lives within the src/content/config.ts folder and should now exist at src/content.config.ts.

    2. Edit the collection definition(s). To update the docs collection, a loader is now required:

       // src/content.config.ts
       import { defineCollection } from "astro:content";
      +import { docsLoader } from "@astrojs/starlight/loaders";

... (truncated)

Changelog

Sourced from @​astrojs/starlight's changelog.

0.30.3

Patch Changes

  • #2717 c5fcbb3 Thanks @​delucis! - Fixes a list item spacing issue where line break elements (<br>) could receive a margin, breaking layout in Firefox

  • #2724 02d7ac6 Thanks @​dionysuzx! - Adds social link support for Farcaster

  • #2635 ec4b851 Thanks @​HiDeoo! - Fixes an issue where the language picker in multilingual sites could display the wrong language when navigating between pages with the browser back/forward buttons.

  • #2726 e54ebd5 Thanks @​techfg! - Adds icon for phone

0.30.2

Patch Changes

  • #2702 02d16f3 Thanks @​HiDeoo! - Fixes an issue with autogenerated sidebars when using Starlight with Astro's new Content Layer API with directories containing spaces or special characters.

  • #2704 fd16470 Thanks @​delucis! - Fixes display of focus indicator around site title

0.30.1

Patch Changes

  • #2688 5c6996c Thanks @​HiDeoo! - Fixes an issue with autogenerated sidebars when using Starlight with Astro's new Content Layer API where group names would be sluggified.

0.30.0

Minor Changes

  • #2612 8d5a4e8 Thanks @​HiDeoo! - Adds support for Astro v5, drops support for Astro v4.

    Upgrade Astro and dependencies

    ⚠️ BREAKING CHANGE: Astro v4 is no longer supported. Make sure you update Astro and any other official integrations at the same time as updating Starlight:

    npx @astrojs/upgrade

    Community Starlight plugins and Astro integrations may also need to be manually updated to work with Astro v5. If you encounter any issues, please reach out to the plugin or integration author to see if it is a known issue or if an updated version is being worked on.

    Update your collections

    ⚠️ BREAKING CHANGE: Starlight's internal content collections, which organize, validate, and render your content, have been updated to use Astro's new Content Layer API and require configuration changes in your project.

    1. Move the content config file. This file no longer lives within the src/content/config.ts folder and should now exist at src/content.config.ts.

    2. Edit the collection definition(s). To update the docs collection, a loader is now required:

... (truncated)

Commits

Updates @clerk/nextjs from 6.5.2 to 6.9.6

Release notes

Sourced from @​clerk/nextjs's releases.

@​clerk/nextjs@​6.9.6

Patch Changes

@​clerk/nextjs@​6.9.5

Patch Changes

@​clerk/nextjs@​6.9.4

Patch Changes

@​clerk/nextjs@​6.9.3

Patch Changes

  • Improves the error message when changing keys in development causes a subsequent request to fail. (#4787) by @​panteliselef

  • Updated dependencies []:

    • @​clerk/clerk-react@​5.20.2

@​clerk/nextjs@​6.9.2

Patch Changes

Changelog

Sourced from @​clerk/nextjs's changelog.

6.9.6

Patch Changes

6.9.5

Patch Changes

6.9.4

Patch Changes

6.9.3

Patch Changes

  • Improves the error message when changing keys in development causes a subsequent request to fail. (#4787) by @​panteliselef

  • Updated dependencies []:

    • @​clerk/clerk-react@​5.20.2

6.9.2

Patch Changes

6.9.1

Patch Changes

... (truncated)

Commits

Updates @langchain/community from 0.3.16 to 0.3.20

Release notes

Sourced from @​langchain/community's releases.

0.2.0@next

What's Changed

... (truncated)

Commits

Updates @nanostores/react from 0.8.2 to 0.8.4

Release notes

Sourced from @​nanostores/react's releases.

0.8.4

0.8.3

  • Clean package.json.
Changelog

Sourced from @​nanostores/react's changelog.

0.8.4

0.8.3

  • Clean package.json.
Commits
  • 4c0eb77 Release 0.8.4 version
  • 49249cc notify on change if state changed before subscription (#35)
  • 00f51f6 Release 0.8.3 version
  • ca54d6b Remove React RC support since the final version was released
  • abcce02 Update dependencies and Node.js versions on CI
  • See full diff in compare view

Updates @nestjs/common from 10.4.13 to 10.4.15

Release notes

Sourced from @​nestjs/common's releases.

v10.4.15 (2024-12-09)

Dependencies

Commits

Updates @nestjs/core from 10.4.13 to 10.4.15

Release notes

Sourced from @​nestjs/core's releases.

v10.4.15 (2024-12-09)

Dependencies

Commits

Updates @nestjs/platform-express from 10.4.13 to 10.4.15

Release notes

Sourced from @​nestjs/platform-express's releases.

v10.4.15 (2024-12-09)

Dependencies

Commits

Updates @remix-run/node from 2.15.0 to 2.15.2

Release notes

Sourced from @​remix-run/node's releases.

v2.15.2

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2152

v2.15.1

See the changelog for the release notes: https://github.com/remix-run/remix/blob/main/CHANGELOG.md#v2151

Changelog

Sourced from @​remix-run/node's changelog.

2.15.2

Patch Changes

2.15.1

Patch Changes

Commits

Updates @sveltejs/kit from 2.9.0 to 2.15.1

Release notes

Sourced from @​sveltejs/kit's releases.

@​sveltejs/kit@​2.15.1

Patch Changes

  • fix: add CSP hashes/nonces to inline styles when using bundleStrategy: 'inline' (#13232)

  • fix: silence dev/prod warning during sync (#13244)

@​sveltejs/kit@​2.15.0

Minor Changes

  • feat: add bundleStrategy: 'inline' option (#13193)

@​sveltejs/kit@​2.14.1

Patch Changes

  • fix: do not mutate URL during reroute logic (#13222)

@​sveltejs/kit@​2.14.0

Minor Changes

  • feat: add hash-based routing option (#13191)

Patch Changes

  • fix: create new URL when calling goto(...), to handle case where URL is mutated (#13196)

@​sveltejs/kit@​2.13.0

Minor Changes

  • feat: add bundleStrategy: 'split' | 'single' option (#13173)

@​sveltejs/kit@​2.12.2

Patch Changes

  • fix: correctly resolve no hooks file when a similarly named directory exists (#13188)

  • fix: correctly resolve $app/state on the server with Vite 5 (#13192)

@​sveltejs/kit@​2.12.1

Patch Changes

  • fix: replace navigating.current.<x> with navigating.<x> (#13174)

@​sveltejs/kit@​2.12.0

Minor Changes

  • feat: add $app/state module (#13140)

... (truncated)

Changelog

Sourced from @​sveltejs/kit's changelog.

2.15.1

Patch Changes

  • fix: add CSP hashes/nonces to inline styles when using bundleStrategy: 'inline' (#13232)

  • fix: silence dev/prod warning during sync (#13244)

2.15.0

Minor Changes

  • feat: add bundleStrategy: 'inline' option (#13193)

2.14.1

Patch Changes

  • fix: do not mutate URL during reroute logic (#13222)

2.14.0

Minor Changes

  • feat: add hash-based routing option (#13191)

Patch Changes

  • fix: create new URL when calling goto(...), to handle case where URL is mutated (#13196)

2.13.0

Minor Changes

  • feat: add bundleStrategy: 'split' | 'single' option (#13173)

2.12.2

Patch Changes

  • fix: correctly resolve no hooks file when a similarly named directory exists (#13188)

  • fix: correctly resolve $app/state on the server with Vite 5 (#13192)

2.12.1

Patch Changes

... (truncated)

Commits

Updates ai from 4.0.10 to 4.0.22

Release notes

Sourced from ai's releases.

[email protected]

Patch Changes

  • Updated dependencies [5ed5e45]
    • @​ai-sdk/provider-utils@​2.0.5
    • @​ai-sdk/provider@​1.0.3
    • @​ai-sdk/react@​1.0.7
    • @​ai-sdk/ui-utils@​1.0.6

[email protected]

Patch Changes

  • a8669a2: fix (ai/core): prefer auto-detected image mimetype
  • 6fb3e91: fix (ai/core): include type in generateText toolResults result property.

[email protected]

Patch Changes

  • da9d240: fix (ai/core): suppress errors caused by writing to closed stream
  • 6f1bfde: fix (ai/core): invoke streamText tool call repair when tool cannot be found

[email protected]

Patch Changes

  • c3a6065: fix (ai/core): apply transform before callbacks and resolvables

[email protected]

Patch Changes

  • 304e6d3: feat (ai/core): standardize generateObject, streamObject, and output errors to NoObjectGeneratedError
  • 304e6d3: feat (ai/core): add additional information to NoObjectGeneratedError

[email protected]

Patch Changes

  • 54bbf21: fix (ai/core): change streamText.experimental_transform signature to support tool type inference

[email protected]

Patch Changes

  • e3fac3f: fix (ai/core): change smoothStream default delay to 10ms

[email protected]

Patch Changes

  • cc16a83: feat (ai/core): add smoothStream helper
  • cc16a83: feat (ai/core): add experimental transform option to streamText

[email protected]

Patch Changes

... (truncated)

Commits

Updates express from 4.21.1 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

Full Changelog: expressjs/express@4.21.1...4.21.2

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

Commits
Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.


Updates hono from 4.6...

Description has been truncated

… 19 updates

Bumps the arcjet-apps-minor group with 19 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@ai-sdk/openai](https://github.com/vercel/ai) | `1.0.6` | `1.0.11` |
| [@astrojs/starlight](https://github.com/withastro/starlight/tree/HEAD/packages/starlight) | `0.29.2` | `0.30.3` |
| [@clerk/nextjs](https://github.com/clerk/javascript/tree/HEAD/packages/nextjs) | `6.5.2` | `6.9.6` |
| [@langchain/community](https://github.com/langchain-ai/langchainjs) | `0.3.16` | `0.3.20` |
| [@nanostores/react](https://github.com/nanostores/react) | `0.8.2` | `0.8.4` |
| [@nestjs/common](https://github.com/nestjs/nest/tree/HEAD/packages/common) | `10.4.13` | `10.4.15` |
| [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core) | `10.4.13` | `10.4.15` |
| [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express) | `10.4.13` | `10.4.15` |
| [@remix-run/node](https://github.com/remix-run/remix/tree/HEAD/packages/remix-node) | `2.15.0` | `2.15.2` |
| [@sveltejs/kit](https://github.com/sveltejs/kit/tree/HEAD/packages/kit) | `2.9.0` | `2.15.1` |
| [ai](https://github.com/vercel/ai) | `4.0.10` | `4.0.22` |
| [express](https://github.com/expressjs/express) | `4.21.1` | `4.21.2` |
| [hono](https://github.com/honojs/hono) | `4.6.12` | `4.6.14` |
| [next-auth](https://github.com/nextauthjs/next-auth) | `4.24.10` | `4.24.11` |
| [pino](https://github.com/pinojs/pino) | `9.5.0` | `9.6.0` |
| [sass](https://github.com/sass/dart-sass) | `1.81.1` | `1.83.0` |
| [starlight-links-validator](https://github.com/HiDeoo/starlight-links-validator/tree/HEAD/packages/starlight-links-validator) | `0.14.0` | `0.14.1` |
| [type-fest](https://github.com/sindresorhus/type-fest) | `4.30.0` | `4.31.0` |
| [zod](https://github.com/colinhacks/zod) | `3.23.8` | `3.24.1` |



Updates `@ai-sdk/openai` from 1.0.6 to 1.0.11
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/main/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/compare/@ai-sdk/[email protected]...@ai-sdk/[email protected])

Updates `@astrojs/starlight` from 0.29.2 to 0.30.3
- [Release notes](https://github.com/withastro/starlight/releases)
- [Changelog](https://github.com/withastro/starlight/blob/main/packages/starlight/CHANGELOG.md)
- [Commits](https://github.com/withastro/starlight/commits/@astrojs/[email protected]/packages/starlight)

Updates `@clerk/nextjs` from 6.5.2 to 6.9.6
- [Release notes](https://github.com/clerk/javascript/releases)
- [Changelog](https://github.com/clerk/javascript/blob/main/packages/nextjs/CHANGELOG.md)
- [Commits](https://github.com/clerk/javascript/commits/@clerk/[email protected]/packages/nextjs)

Updates `@langchain/community` from 0.3.16 to 0.3.20
- [Release notes](https://github.com/langchain-ai/langchainjs/releases)
- [Changelog](https://github.com/langchain-ai/langchainjs/blob/main/release_workspace.js)
- [Commits](https://github.com/langchain-ai/langchainjs/commits)

Updates `@nanostores/react` from 0.8.2 to 0.8.4
- [Release notes](https://github.com/nanostores/react/releases)
- [Changelog](https://github.com/nanostores/react/blob/main/CHANGELOG.md)
- [Commits](nanostores/react@0.8.2...0.8.4)

Updates `@nestjs/common` from 10.4.13 to 10.4.15
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v10.4.15/packages/common)

Updates `@nestjs/core` from 10.4.13 to 10.4.15
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v10.4.15/packages/core)

Updates `@nestjs/platform-express` from 10.4.13 to 10.4.15
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v10.4.15/packages/platform-express)

Updates `@remix-run/node` from 2.15.0 to 2.15.2
- [Release notes](https://github.com/remix-run/remix/releases)
- [Changelog](https://github.com/remix-run/remix/blob/main/packages/remix-node/CHANGELOG.md)
- [Commits](https://github.com/remix-run/remix/commits/@remix-run/[email protected]/packages/remix-node)

Updates `@sveltejs/kit` from 2.9.0 to 2.15.1
- [Release notes](https://github.com/sveltejs/kit/releases)
- [Changelog](https://github.com/sveltejs/kit/blob/main/packages/kit/CHANGELOG.md)
- [Commits](https://github.com/sveltejs/kit/commits/@sveltejs/[email protected]/packages/kit)

Updates `ai` from 4.0.10 to 4.0.22
- [Release notes](https://github.com/vercel/ai/releases)
- [Changelog](https://github.com/vercel/ai/blob/main/CHANGELOG.md)
- [Commits](https://github.com/vercel/ai/compare/[email protected]@4.0.22)

Updates `express` from 4.21.1 to 4.21.2
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/4.21.2/History.md)
- [Commits](expressjs/express@4.21.1...4.21.2)

Updates `hono` from 4.6.12 to 4.6.14
- [Release notes](https://github.com/honojs/hono/releases)
- [Commits](honojs/hono@v4.6.12...v4.6.14)

Updates `next-auth` from 4.24.10 to 4.24.11
- [Release notes](https://github.com/nextauthjs/next-auth/releases)
- [Commits](https://github.com/nextauthjs/next-auth/compare/[email protected]@4.24.11)

Updates `pino` from 9.5.0 to 9.6.0
- [Release notes](https://github.com/pinojs/pino/releases)
- [Commits](pinojs/pino@v9.5.0...v9.6.0)

Updates `sass` from 1.81.1 to 1.83.0
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](sass/dart-sass@1.81.1...1.83.0)

Updates `starlight-links-validator` from 0.14.0 to 0.14.1
- [Release notes](https://github.com/HiDeoo/starlight-links-validator/releases)
- [Changelog](https://github.com/HiDeoo/starlight-links-validator/blob/main/packages/starlight-links-validator/CHANGELOG.md)
- [Commits](https://github.com/HiDeoo/starlight-links-validator/commits/[email protected]/packages/starlight-links-validator)

Updates `type-fest` from 4.30.0 to 4.31.0
- [Release notes](https://github.com/sindresorhus/type-fest/releases)
- [Commits](sindresorhus/type-fest@v4.30.0...v4.31.0)

Updates `zod` from 3.23.8 to 3.24.1
- [Release notes](https://github.com/colinhacks/zod/releases)
- [Changelog](https://github.com/colinhacks/zod/blob/main/CHANGELOG.md)
- [Commits](colinhacks/zod@v3.23.8...v3.24.1)

---
updated-dependencies:
- dependency-name: "@ai-sdk/openai"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: "@astrojs/starlight"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: arcjet-apps-minor
- dependency-name: "@clerk/nextjs"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: arcjet-apps-minor
- dependency-name: "@langchain/community"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: "@nanostores/react"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: "@nestjs/common"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: "@nestjs/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: "@nestjs/platform-express"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: "@remix-run/node"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: "@sveltejs/kit"
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: arcjet-apps-minor
- dependency-name: ai
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: express
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: hono
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: next-auth
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: pino
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: arcjet-apps-minor
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: arcjet-apps-minor
- dependency-name: starlight-links-validator
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: arcjet-apps-minor
- dependency-name: type-fest
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: arcjet-apps-minor
- dependency-name: zod
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: arcjet-apps-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 27, 2024
Copy link

vercel bot commented Dec 27, 2024

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
arcjet-docs ❌ Failed (Inspect) Dec 27, 2024 11:09pm

Copy link

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@ai-sdk/[email protected] Transitive: environment, network +6 5.38 MB vercel-release-bot
npm/@astrojs/[email protected] Transitive: environment, filesystem, network, shell +232 28.2 MB fredkschott
npm/@clerk/[email protected] Transitive: environment, network +23 7.08 MB nikosdouvlis
npm/@langchain/[email protected] Transitive: environment, eval, filesystem, network, shell, unsafe +110 64.7 MB jacoblee93
npm/@nanostores/[email protected] None 0 4.85 kB ai
npm/@nestjs/[email protected] None +7 4.97 MB
npm/@nestjs/[email protected] Transitive: environment, filesystem, network, shell +20 5.68 MB
npm/@nestjs/[email protected] Transitive: environment, eval, filesystem, network, unsafe +57 1.98 MB
npm/@remix-run/[email protected] Transitive: environment, eval, filesystem, network +49 24.1 MB mjackson
npm/@sveltejs/[email protected] Transitive: environment, eval, filesystem, network, shell +72 260 MB conduitry, dominik_g, rich_harris, ...1 more
npm/[email protected] environment, network +17 9.33 MB vercel-release-bot
npm/[email protected] environment, filesystem, network Transitive: eval, unsafe +64 2.16 MB jonchurch
npm/[email protected] None 0 1.06 MB yusukebe
npm/[email protected] environment, network +15 3.98 MB thvu
npm/[email protected] Transitive: environment, eval, filesystem +12 1.19 MB davidmarkclements, jsumners, matteo.collina, ...1 more
npm/[email protected] Transitive: environment, filesystem, shell +27 7.29 MB
npm/[email protected] None +28 1.13 MB hideoo
npm/[email protected] None 0 403 kB sindresorhus
npm/[email protected] None 0 0 B

🚮 Removed packages: npm/@ai-sdk/[email protected], npm/@astrojs/[email protected], npm/@clerk/[email protected], npm/@langchain/[email protected], npm/@nanostores/[email protected], npm/@nestjs/[email protected], npm/@nestjs/[email protected], npm/@nestjs/[email protected], npm/@remix-run/[email protected], npm/@sveltejs/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

Copy link

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package NoteSourceCI
New author npm/[email protected] 🚫

View full report↗︎

Next steps

What is new author?

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Scrutinize new collaborator additions to packages because they now have the ability to publish code into your dependency tree. Packages should avoid frequent or unnecessary additions or changes to publishing rights.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 30, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Dec 30, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/arcjet-apps-minor-cc43a98b2a branch December 30, 2024 23:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants