chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@size-limit/preset-small-lib	8.1.2 -> 8.2.4
@trivago/prettier-plugin-sort-imports	4.0.0 -> 4.1.1
@types/jest (source)	29.4.0 -> 29.4.2
@types/react (source)	18.0.27 -> 18.0.28
@types/react-dom (source)	18.0.10 -> 18.0.11
@typescript-eslint/eslint-plugin	5.50.0 -> 5.55.0
@typescript-eslint/parser	5.50.0 -> 5.55.0
@vitest/ui	0.28.3 -> 0.29.2
c8	7.12.0 -> 7.13.0
caniuse-lite	1.0.30001450 -> 1.0.30001466
cypress	12.5.0 -> 12.8.0
eslint (source)	8.33.0 -> 8.36.0
eslint-config-next	13.1.6 -> 13.2.4
joi	17.7.0 -> 17.8.4
next (source)	13.1.6 -> 13.2.4
prettier (source)	2.8.3 -> 2.8.4
qs	6.11.0 -> 6.11.1
size-limit	8.1.2 -> 8.2.4
swagger-ui-react	4.15.5 -> 4.18.1
tsup (source)	6.5.0 -> 6.6.3
type-fest	3.5.4 -> 3.6.1
typedoc (source)	0.23.24 -> 0.23.26
vite (source)	4.0.4 -> 4.1.4
vitest	0.28.3 -> 0.29.2
zod (source)	3.20.2 -> 3.21.4

---

Release Notes

ai/size-limit

v8.2.4

Compare Source

v8.2.3

Compare Source

• Fixed npm release process.

v8.2.2

Compare Source

• Fixed npm release process.

v8.2.0

Compare Source

trivago/prettier-plugin-sort-imports

v4.1.1

Compare Source

Revert

• Type imports#​153 by Xenfo

v4.1.0

Compare Source

New features

• Move @​babel/core to devDependencies #​200 by yykamei
• Only preserve directives already at the start of the program #​198 by c-dante
• Bump babel to support satisfies keyword #​196 by Leomotors
• Update prettier for TS 4.9 #​194 by taiwabisabi
• Fixed empty/no script tag in vue component error #​192 by adamDilger
• Change @​vue/compiler-sfc to an optional dependency#​189 by transitive-bullshit
• Type imports#​153 by Xenfo

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v5.55.0

Compare Source

Bug Fixes

• eslint-plugin: [no-confusing-void-expression] check sequence expressions for void is in last position (#​6597) (d73d7d3)
• eslint-plugin: [no-unnecessary-boolean-literal-compare] fixer should handle parentheses (#​6569) (2d8c196)

Features

• eslint-plugin: [lines-around-comment] add extension rule (#​5327) (d55211c)
• eslint-plugin: [member-ordering] add support for grouping readonly fields (#​6349) (9d3bdfc)
• eslint-plugin: [no-unnecessary-cond] check logical assignments (#​6594) (dbc203a)
• update TypeScript to 5.0 RC (#​6570) (36ef0e1)
• use @​eslint-community dependencies (#​6603) (5f6ed73)

5.54.1 (2023-03-06)

Note: Version bump only for package @​typescript-eslint/eslint-plugin

v5.54.1

Compare Source

Note: Version bump only for package @​typescript-eslint/eslint-plugin

v5.54.0

Compare Source

Features

• eslint-plugin: [promise-function-async] check for promises in implicit return types (#​6330) (de1e5ce), closes #​6329

v5.53.0

Compare Source

Features

• eslint-plugin: [consistent-generic-constructors] handle default parameters (#​6484) (e8cebce)
• eslint-plugin: [no-mixed-enums] add rule (#​6102) (16144d1)

v5.52.0

Compare Source

Bug Fixes

• eslint-plugin: [no-import-type-side-effects] correctly ignore zero-specifier imports (#​6444) (d5a6688)
• eslint-plugin: [no-unnecessary-condition] account for optional chaining on potentially void values (#​6432) (e1d9c67), closes #​5255
• eslint-plugin: [no-unnecessary-condition] fix false positive when checking indexed access types (#​6452) (d569924)
• eslint-plugin: fix key-spacing when type starts on next line (#​6412) (3eb2eed)

Features

• eslint-plugin: [block-spacing] extending base rule for TS related blocks (#​6195) (b2db3f5)
• eslint-plugin: [explicit-function-return-type] add allowFunctionsWithoutTypeParameters option (#​6105) (113640e)
• eslint-plugin: [explicit-function-return-type] add allowIIFEs option (#​6237) (a1b3f7b)

v5.51.0

Compare Source

Bug Fixes

• eslint-plugin: [sort-type-constituents] fixed behavior change (#​6384) (5bf7f7f), closes #​6339
• eslint-plugin: do not use .at(), Node 14 does not support it (#​6402) (077ed1b)

Features

• eslint-plugin: [naming-convention] improve performance by removing unnecessary selectors (#​6376) (3647a1c)
• eslint-plugin: [no-floating-promises] error on logical expression (#​6356) (f330e06)
• eslint-plugin: [no-import-type-side-effects] add rule to warn against runtime side effects with verbatimModuleSyntax (#​6394) (b14d3be)
• eslint-plugin: [strict-boolean-expressions] add allow nullable enum to strict boolean expressions (#​6096) (d4747cd)

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v5.55.0

Compare Source

Features

• parser: add exported meta object (#​6586) (d05c3d8)

5.54.1 (2023-03-06)

Note: Version bump only for package @​typescript-eslint/parser

v5.54.1

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

v5.54.0

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

v5.53.0

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

v5.52.0

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

v5.51.0

Compare Source

Note: Version bump only for package @​typescript-eslint/parser

vitest-dev/vitest

v0.29.2

Compare Source

   🐞 Bug Fixes

• Optimize dependencies in setup files  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2935 (c169f)
• coverage: C8 provider to work when isolate:false  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/2929 (86538)

    View changes on GitHub

v0.29.1

Compare Source

   🐞 Bug Fixes

• Wait for optimized dependency to be bundled in non-pnpm package managers  -  by @​sheremet-va (d2460)

    View changes on GitHub

v0.29.0

Compare Source

This release makes some significant changes to how tests are running. If you were using --no-threads before, you might consider enabling --single-thread instead (because your tests are now running in child_process instead of a worker thread) or try our new performance optimization feature (discussed later). If you were relying on API that was not available inside a worker (like process.chdir(), you can now use this option.

One of the potential breaking bug fixes is that environments do not share the same global scope anymore if you run them with --no-isolate, --no-threads or --single-thread - you might need to update your setup files if you were relying on a global variable before.

If you had performance issues on large code bases before, try the new deps.experimentalOptimizer option instead of disabling threads. Feedback is welcome!

One of the breaking changes includes adding a link to snapshots inside snapshot files, meaning you will need to update all your snapshots.

   🚨 Breaking Changes

• Vitest as peer dependency for coverage packages  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/2836 (94247)
• Coverage-c8 to use V8 profiler directly instead of NODE_V8_COVERAGE  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/2786 (095c6)
• Add a link to the comment at the top of the snapshot file  -  by @​btea in https://github.com/vitest-dev/vitest/issues/2867 (615e1)
• Always run separate environments in isolation  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2860 (1f858)
  • Tests with node and jsdom (and other environments) now don't share the same global scope, if you run them with --no-isolate or --no-threads flag. Vitest doesn't provide a way to restore the previous behavior as it is considered a bug.
• Use child_process when --no-threads is used  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2772 (7bf54)
  • Tests inside chid_process might run longer due to the communication overhead. If you want to restore the previous behavior, use --single-thread.

   🚀 Features

• Add test seed to banner  -  by @​btkostner in https://github.com/vitest-dev/vitest/issues/2877 (bdb39)
• Use custom source-map-support implementation  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2905 (6ff6c)
• Add an option to enable Vite optimizer  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2912 (af8de)
• coverage:
  • Add support for coverage reporter options  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/2690 (f8176)
  • Automatic threshold updating  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/2886 (e1652)
• spy:
  • Implement mock.withImplementation API  -  by @​obadakhalili and @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2835 (610b1)
• vite-node:
  • Cli option for vite mode  -  by @​abarke in https://github.com/vitest-dev/vitest/issues/2893 (0fc08)

   🐞 Bug Fixes

• Wait for console.log to print a message before terminating a worker  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2861 (fbc54)
• Cleanup last mocked cache when call vi.doMock  -  by @​mysteryven in https://github.com/vitest-dev/vitest/issues/2872 (65d71)
• Reload changed configuration file on watch mode  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/2889 (4d277)
• coverage: Custom providers to work inside worker threads  -  by @​AriPerkkio in https://github.com/vitest-dev/vitest/issues/2817 (81604)

    View changes on GitHub

v0.28.5

Compare Source

   🚀 Features

• Add --script option to vite-node  -  by @​jgoux and @​dammy001 in https://github.com/vitest-dev/vitest/issues/2793 (d3d6b)
• Inject executor directly into runner  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2858 (62c43)

   🐞 Bug Fixes

• Don't call "afterAll" hooks, if suite was skipped  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2802 (aa1aa)
• Always display serialized error, even if it doesn't have stack  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2829 (ab5f8)
• Clear mocks between tests  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2857 (c420c)
• expect:
  • Check for no 'throw' type in toHaveReturned  -  by @​trivikr in https://github.com/vitest-dev/vitest/issues/2850 (1164c)
  • Accept array index as number in toHaveProperty  -  by @​trivikr in https://github.com/vitest-dev/vitest/issues/2808 (8705e)

   🏎 Performance

• Don't inline Vitest entry  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2819 (570c6)

    View changes on GitHub

v0.28.4

Compare Source

   🐞 Bug Fixes

• Setup correct utils inside asymmetric matchers  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2768 (415c8)
• Cjs exports has Object.prototype instead of null  -  by @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2769 (4fc49)
• Duplicate callbacks in vite-node HMR  -  by @​jgoux in https://github.com/vitest-dev/vitest/issues/2792 (f0333)
• Do not include source files in onWatcherStart when typecheck.ignoreSourceErrors is true  -  by @​mascii and @​sheremet-va in https://github.com/vitest-dev/vitest/issues/2774 (d612e)

    View changes on GitHub

bcoe/c8

v7.13.0

Compare Source

Features

• add skipFull and excludeNodeModules to type definitions (#​417) (b93b9c0)
• support passing reporter options (#​423) (bc347a9)
• types: add typings for reporterOptions (#​446) (3646e6e)

browserslist/caniuse-lite

v1.0.30001466

Compare Source

v1.0.30001465

Compare Source

v1.0.30001464

Compare Source

v1.0.30001462

Compare Source

v1.0.30001460

Compare Source

v1.0.30001459

Compare Source

v1.0.30001458

Compare Source

v1.0.30001457

Compare Source

v1.0.30001456

Compare Source

v1.0.30001455

Compare Source

v1.0.30001454

Compare Source

v1.0.30001453

Compare Source

v1.0.30001452

Compare Source

v1.0.30001451

Compare Source

cypress-io/cypress

v12.8.0

Compare Source

Changelog: https://docs.cypress.io/guides/references/changelog#​12.8.0

v12.7.0

Compare Source

Changelog: https://docs.cypress.io/guides/references/changelog#​12.7.0

v12.6.0

Compare Source

Changelog: https://docs.cypress.io/guides/references/changelog#​12.6.0

v12.5.1

Compare Source

Changelog: https://docs.cypress.io/guides/references/changelog#​12-5-1

eslint/eslint

v8.36.0

Compare Source

Features

• c89a485 feat: Add checkJSDoc option to multiline-comment-style (#​16807) (Laurent Cozic)
• f5f5e11 feat: Serialize parsers/processors in flat config (#​16944) (Nicholas C. Zakas)
• 4799297 feat: use @​eslint-community dependencies (#​16784) (Michaël De Boey)

Bug Fixes

• 92c1943 fix: correctly iterate files matched by glob patterns (#​16831) (Nitin Kumar)

Documentation

• b98fdd4 docs: Update README (GitHub Actions Bot)
• caf08ce docs: fix estree link in custom formatters docs (#​16967) (Milos Djermanovic)
• 3398431 docs: Custom Parsers cleanup/expansion (#​16887) (Ben Perlmutter)
• 19d3531 docs: Update README (GitHub Actions Bot)
• b09a512 docs: detect and fix broken links (#​16837) (Nitin Kumar)

Chores

• 602b111 chore: upgrade @​eslint/js@​8.36.0 (#​16978) (Milos Djermanovic)
• 43c2345 chore: package.json update for @​eslint/js release (ESLint Jenkins)
• 00afb84 chore: upgrade @​eslint/eslintrc@​2.0.1 (#​16977) (Milos Djermanovic)
• 698c5aa chore: upgrade espree@9.5.0 (#​16976) (Milos Djermanovic)
• 75acdd2 chore: lint more js files in docs (#​16964) (Milos Djermanovic)
• 89d9844 ci: bump actions/add-to-project from 0.4.0 to 0.4.1 (#​16943) (dependabot[bot])

v8.35.0

Compare Source

Features

• 8e34a04 feat: add afterHashbangComment option to lines-around-comment rule (#​16920) (SUZUKI Sosuke)
• c8c0c71 feat: Move all and recommended configs into package. (#​16844) (Nicholas C. Zakas)
• 71f6f0d feat: report more cases with ?? in no-constant-binary-expression (#​16826) (Daiki Nishikawa)

Bug Fixes

• 9698bc5 fix: pin esquery v1.4.0 (fixes #​16896) (#​16897) (唯然)

Documentation

• f9f195e docs: Plugin docs cleanup & expansion (#​16862) (Ben Perlmutter)
• df809fd docs: Custom Formatters page cleanup/expansion (#​16886) (Ben Perlmutter)
• 0700d1b docs: Add PostCSS/Autoprefixer/CSSNano (#​16502) (Nick Schonning)
• 7b9e9bf docs: support unicode anchors (#​16782) (Percy Ma)
• 5fbc0bf docs: Update README (GitHub Actions Bot)
• 67865a0 docs: Remove mention of mailing list (#​16869) (Amaresh S M)
• 43af24a docs: Add explanation of when to use 'warn' severity (#​16882) (Nicholas C. Zakas)
• ed2999b docs: Shareable configs page edits and expansion (#​16824) (Ben Perlmutter)
• 2780635 docs: fix typos (#​16884) (Lioness100)
• 5bdaae2 docs: Ways to Extend ESLint page (#​16861) (Ben Perlmutter)

Chores

• cdcbe12 chore: upgrade @​eslint/js@​8.35.0 (#​16935) (Brandon Mills)
• c954c34 chore: package.j

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[changeset-bot]

⚠️ No Changeset found

Latest commit: a5ae42b

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated
next-validations	✅ Ready (Inspect)	Visit Preview	💬 Add your feedback	Mar 15, 2023 at 6:48AM (UTC)
next-validations-demo	✅ Ready (Inspect)	Visit Preview	💬 Add your feedback	Mar 15, 2023 at 6:48AM (UTC)

[what-the-diff]

• Update vite from 4.0.4 to 4.1.0

[socket-security]

Socket Security Pull Request Report

Dependency issues detected: If you merge this pull request, you will not be alerted to the instances of these issues again.

📜 Install scripts

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Package	Script field	Source
cypress@12.3.0 (upgraded)	postinstall	example/package.json via @types/cypress@1.1.3
esbuild@0.16.17 (upgraded)	postinstall	package.json via vite@4.1.4, vitest@0.29.2
esbuild@0.17.11 (upgraded)	postinstall	package.json via @size-limit/preset-small-lib@8.2.4, tsup@6.6.3

🫣 Native code

Contains native code which could be a vector to obscure malicious code, and generally decrease the likelihood of reproducible or reliable installs.

Ensure that native code bindings are expected. Consumers may consider pure JS and functionally similar alternatives to avoid the challenges and risks associated with native code bindings.

Package	Location	Source
tree-sitter@0.20.1 (added)	binding.gyp	example/package.json via swagger-ui-react@4.18.1
tree-sitter-json@0.20.0 (added)	binding.gyp	example/package.json via swagger-ui-react@4.18.1
tree-sitter-yaml@0.5.0 (added)	binding.gyp	example/package.json via swagger-ui-react@4.18.1

Pull request report summary

Issue	Status
Install scripts	⚠️ 3 issues
Native code	⚠️ 3 issues
Bin script shell injection	✅ 0 issues
Unresolved require	✅ 0 issues
Invalid package.json	✅ 0 issues
HTTP dependency	✅ 0 issues
Git dependency	✅ 0 issues
Potential typo squat	✅ 0 issues
Known Malware	✅ 0 issues
Telemetry	✅ 0 issues
Protestware/Troll package	✅ 0 issues

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore cypress@12.3.0
• @SocketSecurity ignore esbuild@0.16.17
• @SocketSecurity ignore esbuild@0.17.11
• @SocketSecurity ignore tree-sitter@0.20.1
• @SocketSecurity ignore tree-sitter-json@0.20.0
• @SocketSecurity ignore tree-sitter-yaml@0.5.0

⚠️ Please accept the latest app permissions to ensure bot commands work properly. Accept the new permissions here.

Powered by socket.dev