apps/api(deps-dev): bump the dev-deps group in /apps/api with 12 updates

[dependabot]

Bumps the dev-deps group in /apps/api with 12 updates:

Package	From	To
@flydotio/dockerfile	0.4.11	0.5.9
@tsconfig/recommended	1.0.6	1.0.8
@types/jest	29.5.12	29.5.14
@types/node	20.14.1	22.10.5
body-parser	1.20.2	1.20.3
express	4.19.2	4.21.2
mammoth	1.7.2	1.9.0
nodemon	2.0.22	3.1.9
supabase	1.172.2	2.2.1
supertest	6.3.4	7.0.0
ts-jest	29.1.4	29.2.5
typescript	5.4.5	5.7.2

Updates @flydotio/dockerfile from 0.4.11 to 0.5.9

Commits

• See full diff in compare view

Updates @tsconfig/recommended from 1.0.6 to 1.0.8

Commits

• See full diff in compare view

Updates @types/jest from 29.5.12 to 29.5.14

Commits

• See full diff in compare view

Updates @types/node from 20.14.1 to 22.10.5

Commits

• See full diff in compare view

Updates body-parser from 1.20.2 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

• deps: [email protected]
• add depth option to customize the depth level in the parser
• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

• chore: add support for OSSF scorecard reporting by @​inigomarquinez in expressjs/body-parser#522
• ci: fix errors in ci github action for node 8 and 9 by @​inigomarquinez in expressjs/body-parser#523
• fix: pin to [email protected] by @​wesleytodd in expressjs/body-parser#527
• deps: [email protected] by @​melikhov-dev in expressjs/body-parser#521
• Add OSSF Scorecard badge by @​bjohansebas in expressjs/body-parser#531
• Linter by @​UlisesGascon in expressjs/body-parser#534
• Release: 1.20.3 by @​UlisesGascon in expressjs/body-parser#535

New Contributors

• @​inigomarquinez made their first contribution in expressjs/body-parser#522
• @​melikhov-dev made their first contribution in expressjs/body-parser#521
• @​bjohansebas made their first contribution in expressjs/body-parser#531
• @​UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

• deps: [email protected]
• add depth option to customize the depth level in the parser
• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Commits

• 1752951 1.20.3
• 39744cf chore: linter (#534)
• b2695c4 Merge commit from fork
• ade0f3f add scorecard to readme (#531)
• 99a1bd6 deps: [email protected] (#521)
• 9478591 fix: pin to [email protected]
• 83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
• 9d4e212 chore: add support for OSSF scorecard reporting (#522)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates express from 4.19.2 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

• Add funding field (v4) by @​bjohansebas in expressjs/express#6065
• deps: [email protected] by @​blakeembrey in expressjs/express#5956
• deps: bump [email protected] by @​jonchurch in expressjs/express#6209
• Release: 4.21.2 by @​UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

• Backport a fix for CVE-2024-47764 to the 4.x branch by @​joshbuker in expressjs/express#6029
• Release: 4.21.1 by @​UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

• Deprecate "back" magic string in redirects by @​blakeembrey in expressjs/express#5935
• [email protected] by @​wesleytodd in expressjs/express#5954
• fix(deps): [email protected] by @​wesleytodd in expressjs/express#5951
• Upgraded dependency qs to 6.13.0 to match qs in body-parser by @​agadzinski93 in expressjs/express#5946

New Contributors

• @​agadzinski93 made their first contribution in expressjs/express#5946

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect

Other Changes

• 4.19.2 Staging by @​wesleytodd in expressjs/express#5561
• remove duplicate location test for data uri by @​wesleytodd in expressjs/express#5562
• feat: document beta releases expectations by @​marco-ippolito in expressjs/express#5565
• Cut down on duplicated CI runs by @​jonchurch in expressjs/express#5564
• Add a Threat Model by @​UlisesGascon in expressjs/express#5526
• Assign captain of encodeurl by @​blakeembrey in expressjs/express#5579
• Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @​jonchurch in expressjs/express#5587
• docs: update Security.md by @​inigomarquinez in expressjs/express#5590
• docs: update triage nomination policy by @​UlisesGascon in expressjs/express#5600
• Add CodeQL (SAST) by @​UlisesGascon in expressjs/express#5433
• docs: add UlisesGascon as triage initiative captain by @​UlisesGascon in expressjs/express#5605

... (truncated)

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

• deps: [email protected]
  • Fix backtracking protection
• deps: [email protected]
  • Throws an error on invalid path values

4.21.1 / 2024-10-08

• Backported a fix for CVE-2024-47764

4.21.0 / 2024-09-11

• Deprecate res.location("back") and res.redirect("back") magic string
• deps: [email protected]
  • includes [email protected]
• deps: [email protected]
• deps: [email protected]

4.20.0 / 2024-09-10

• deps: [email protected]
  • Remove link renderization in html while redirecting
• deps: [email protected]
  • Remove link renderization in html while redirecting
• deps: [email protected]
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect
• deps: [email protected]
  • Adds support for named matching groups in the routes using a regex
  • Adds backtracking protection to parameters without regexes defined
• deps: encodeurl@~2.0.0
  • Removes encoding of \, |, and ^ to align better with URL spec
• Deprecate passing options.maxAge and options.expires to res.clearCookie
  • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

Commits

• 1faf228 4.21.2
• 2e0fb64 deps: bump [email protected] (#6209)
• 59fc270 deps: [email protected] (#5956)
• 51fc39c docs: add funding (#6065)
• 8e229f9 4.21.1
• a024c8a fix(deps): [email protected]
• 7e562c6 4.21.0
• 1bcde96 fix(deps): [email protected] (#5946)
• 7d36477 fix(deps): [email protected] (#5951)
• 40d2d8f fix(deps): [email protected]
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.

Updates mammoth from 1.7.2 to 1.9.0

Changelog

Sourced from mammoth's changelog.

1.9.0

• Update lop to 0.4.2, which removes the use of the util module when there are errors during parsing. This should remove the need to polyfill util in the browser.

• Detect checkboxes, both as complex fields and structured document tags, and convert them to checkbox inputs.

1.8.0

• Add style mapping for highlights.

Commits

• e2725a5 Bump version to 1.9.0
• bfe81df Set next version number to 1.9.0 in NEWS
• 388ec6e Update NEWS
• 777512b Convert SDT checkboxes to checkbox inputs
• a6b7486 Add children to empty element
• 888a3bd Handle complex field checkboxes without separate field char
• ce471de Convert checkbox to HTML
• 6dd60db Add input to list of void elements
• c7f99e7 Add test for retention of void elements
• 500e1c2 Parse checked value of complex field checkbox
• Additional commits viewable in compare view

Updates nodemon from 2.0.22 to 3.1.9

Release notes

Sourced from nodemon's releases.

v3.1.9

3.1.9 (2024-12-13)

Bug Fixes

• maintain backward support for exitcrash (9c9de6e)

v3.1.8

3.1.8 (2024-12-13)

Bug Fixes

• types updated (cb91187)

v3.1.7

3.1.7 (2024-09-20)

Bug Fixes

• types for export on ESModule (#2211) (9b0606a)

v3.1.6

3.1.6 (2024-09-19)

Bug Fixes

• watch nested paths (11fcaaa), closes #2216

v3.1.5

3.1.5 (2024-09-17)

Bug Fixes

• add missing ignore option to type defintion of config (#2224) (254c2ab)

v3.1.4

3.1.4 (2024-06-20)

Bug Fixes

• ensure local env have priority (6020968), closes #2209

v3.1.3

3.1.3 (2024-06-03)

... (truncated)

Commits

• 9c9de6e fix: maintain backward support for exitcrash
• 880fc42 chore: fix merge conflict
• cb91187 fix: types updated
• a021683 chore: website
• 701a950 chore: website
• 5bd5489 chore: website
• d6e5bdd chore: website
• c629667 Merge branch 'main' of github.com:remy/nodemon
• ea95953 chore: web site
• ecea25b chore: update website / fix jq
• Additional commits viewable in compare view

Updates supabase from 1.172.2 to 2.2.1

Release notes

Sourced from supabase's releases.

v2.2.1

Changelog

Bug fixes

• 034a31c9a2d102a4e47852c85a677988b2932d57: fix: bump edge-runtime to 1.66.1 (@​nyannyacha)
• e303c411d0722056beab59edb0b6c1117a9d156c: fix: bump edge-runtime to 1.66.1 (#3001) (@​laktek)

Others

• 8b2496c5e468d10c98e5ebc0ee598cee14df24d7: chore(deps): bump github.com/go-git/go-git/v5 from 5.12.0 to 5.13.0 (#2999) (@​dependabot[bot])

v2.2.0

Changelog

Features

• 9f6f2717ec0309534c00223e42e8a1b77d6f6c07: feat(start): automatically run the status command if already started (#2980) (@​avallete)

v2.1.5

Changelog

Bug fixes

• d3acc108e579a573f25fe078d7f961e666946f3c: fix: bump edge-runtime to 1.66.0 (#2997) (@​nyannyacha)

v2.1.4

Changelog

Bug fixes

• f5df11debc796d557f800c45e3a566f995c43f84: fix(db): upgrade pg15 to 15.8.1.020 (#2978) (@​avallete)

Others

• 3f5da996b9914cec808d059ece8ea8c8ea2d1d1b: chore(deps): bump golang.org/x/crypto from 0.29.0 to 0.31.0 (#2975) (@​dependabot[bot])

v2.1.3

Changelog

Bug fixes

• f81c17bbcecaae478e1c19d155dd6fef33f3d08d: fix: bump edge-runtime to 1.65.6 (#2985) (@​nyannyacha)

Others

• e22867205e730c7c7193707abfbfb11bcc4859e7: chore(deps): bump github.com/docker/docker from 27.4.0+incompatible to 27.4.1+incompatible (#2987) (@​dependabot[bot])
• dbcb1a8122b3e4320352e874f8fc6237107c5522: chore(deps): bump google.golang.org/grpc from 1.69.0 to 1.69.2 (#2986) (@​dependabot[bot])
• bbdbe3a1b03abbbf5000d3824ab518daf69c0891: chore(deps): bump github.com/docker/cli from 27.4.0+incompatible to 27.4.1+incompatible (#2988) (@​dependabot[bot])

v2.1.2

Changelog

Bug fixes

• 1d230cc6b2a81027edb5edc8d58a552a54f8e09a: fix: test (@​avallete)
• b0f139950ff0961fca603aa254ba501def76c338: Revert "fix: test" (@​avallete)
• 6fd230ee43620d5bcad2011e257ab24a93ab3671: fix: bump realtime image to 2.33.70 (#2982) (@​filipecabaco)

v2.1.1

Changelog

Bug fixes

• 9432d4322faa48f2421c479bc861b03e825006d7: fix: update storage image v1.14.5 (#2976) (@​fenos)

Others

• 3b0df03bda6e1bcf84ab68795807d182858e2a9f: chore(deps): bump google.golang.org/grpc from 1.68.1 to 1.69.0 (#2973) (@​dependabot[bot])
• 574b879f19d0da995e08121d01c13b7834e00b46: chore(deps): bump github.com/docker/docker from 27.3.1+incompatible to 27.4.0+incompatible (#2960) (@​dependabot[bot])
• b6c230337a411f265260f76f12dee5d2c266d236: chore(deps): bump go.opentelemetry.io/otel from 1.32.0 to 1.33.0 (#2974) (@​dependabot[bot])

... (truncated)

Commits

• e303c41 fix: bump edge-runtime to 1.66.1 (#3001)
• 034a31c fix: bump edge-runtime to 1.66.1
• 8b2496c chore(deps): bump github.com/go-git/go-git/v5 from 5.12.0 to 5.13.0 (#2999)
• 9f6f271 feat(start): automatically run the status command if already started (#2980)
• d3acc10 fix: bump edge-runtime to 1.66.0 (#2997)
• 3f5da99 chore(deps): bump golang.org/x/crypto from 0.29.0 to 0.31.0 (#2975)
• f5df11d fix(db): upgrade pg15 to 15.8.1.020 (#2978)
• f81c17b fix: bump edge-runtime to 1.65.6 (#2985)
• bbdbe3a chore(deps): bump github.com/docker/cli from 27.4.0+incompatible to 27.4.1+in...
• dbcb1a8 chore(deps): bump google.golang.org/grpc from 1.69.0 to 1.69.2 (#2986)
• Additional commits viewable in compare view

Updates supertest from 6.3.4 to 7.0.0

Release notes

Sourced from supertest's releases.

v7.0.0

• Merge pull request #834 from Bruception/master 225118c
• Fix TestAgent not inheriting Agent properties f290431
• fix: bump deps, drop Node.js v<14.16.0 1e18c20

ladjs/supertest@v6.3.4...v7.0.0

Commits

• 2ae1c36 7.0.0
• 225118c Merge pull request #834 from Bruception/master
• f290431 Fix TestAgent not inheriting Agent properties
• 1e18c20 fix: bump deps, drop Node.js v<14.16.0
• See full diff in compare view

Updates ts-jest from 29.1.4 to 29.2.5

Release notes

Sourced from ts-jest's releases.

v29.2.5

Please refer to CHANGELOG.md for details.

v29.2.4

Please refer to CHANGELOG.md for details.

v29.2.3

Please refer to CHANGELOG.md for details.

v29.2.2

Please refer to CHANGELOG.md for details.

v29.2.1

Please refer to CHANGELOG.md for details.

v29.2.0

Please refer to CHANGELOG.md for details.

v29.1.5

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.2.5 (2024-08-23)

Bug Fixes

• build: build package with NodeNext module (9b3ade5)
• fix: set value ts/tsx extensionsToTreatAsEsm in default esm preset (d9ff362)
• fix(compiler): fallback to NodeJS module resolution for ts 4.8 (b7d3409), closes #4499

29.2.4 (2024-08-01)

Bug Fixes

• fix: revert support implementation for Node16/NodeNext (70b9530), closes #4468 #4473

29.2.3 (2024-07-18)

Security Fixes

• build(deps): Update dependency ejs to ^3.1.10 (de94a56)

Code Refactoring

• refactor(presets): maintain preset codes inside src (8474fc2)

29.2.2 (2024-07-10)

Bug Fixes

• fix(compiler): update memory cache after changing module value (94db43f), closes #4439

29.2.1 (2024-07-10)

Bug Fixes

• fix: move ejs to dep instead of peerDep (26e31a7)
• fix: set allowSyntheticDefaultImports properly (ff4b302), closes #4156

... (truncated)

Commits

• 500a863 chore(release): 29.2.5
• dce986e build(deps): Update dependency @​babel/preset-env to ^7.25.4
• 48a28a6 build(deps): Update dependency vite to ^5.4.2
• d9ff362 fix: set value ts/tsx extensionsToTreatAsEsm in default esm preset
• 00550ef test: add e2e test case for ESM features
• 978169b build(deps): Update dependency @​types/node to v20.16.1
• e9a643c build(deps): Update dependency @​types/node to v20.16.0
• 535edab build(deps): Update dependency @​types/node to v20.15.0
• 011a9d8 build(deps): Update dependency vite to ^5.4.1
• 4eb8ccd build: update renovate bot
• Additional commits viewable in compare view

Updates typescript from 5.4.5 to 5.7.2

Release notes

Sourced from typescript's releases.

TypeScript 5.7

For release notes, check out the release announcement.

• fixed issues query for Typescript 5.7.0 (Beta).
• fixed issues query for Typescript 5.7.1 (RC).
• fixed issues query for Typescript 5.7.2 (Stable).

Downloads are available on:

• npm

TypeScript 5.7 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.7.0 (Beta).
• fixed issues query for Typescript 5.7.1 (RC).

Downloads are available on:

• npm

TypeScript 5.7 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.7.0 (Beta).

Downloads are available on:

• npm

TypeScript 5.6.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.6.0 (Beta).
• fixed issues query for Typescript 5.6.1 (RC).
• fixed issues query for Typescript 5.6.2 (Stable).
• fixed issues query for Typescript 5.6.3 (Stable).

Downloads are available on:

• npm
• NuGet package

... (truncated)

Commits

• d701d90 Bump version to 5.7.2 and LKG
• 0503a63 🤖 Pick PR #60450 (Move to file: fix detection of refe...) into release-5.7 (#...
• 3140dbb 🤖 Pick PR #60488 (Stub out copilotRelated command) into release-5.7 (#60495)
• c1216de Update LKG
• 3ee2b95 🤖 Pick PR #60415 (Fix false positive rewriteRelativeI...) into release-5.7 (#...
• 44bd3f2 Bump version to 5.7.1-rc and LKG
• 5925c81 Update LKG
• 84d58cf Merge remote-tracking branch 'origin/main' into release-5.7
• 0ec4d30 Fixing exception on unsaved file (#60362)
• 11b2930 Add compatible overloads that accept ArrayBuffer to BigInt64Array/BigUint64Ar...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml