Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(crowdin): update all non-major dependencies #1323

Merged
merged 1 commit into from
Jul 15, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 12, 2024

Mend Renovate

This PR contains the following updates:

Package Type Update Change OpenSSF
@crowdin/crowdin-api-client dependencies minor 1.34.0 -> 1.35.0 OpenSSF Scorecard
@mantine/carousel (source) peerDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/carousel (source) devDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/carousel (source) dependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/core (source) peerDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/core (source) devDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/core (source) dependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/dates (source) peerDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/dates (source) devDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/dates (source) dependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/form (source) peerDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/form (source) devDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/form (source) dependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/hooks (source) peerDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/hooks (source) devDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/hooks (source) dependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/next (source) peerDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/next (source) devDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/next (source) dependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/notifications (source) peerDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/notifications (source) devDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/notifications (source) dependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/nprogress (source) peerDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/nprogress (source) devDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/nprogress (source) dependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/utils (source) peerDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/utils (source) devDependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@mantine/utils (source) dependencies patch 6.0.21 -> 6.0.22 OpenSSF Scorecard
@storybook/addon-a11y (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/addon-actions (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/addon-essentials (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/addon-interactions (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/addon-links (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/addon-mdx-gfm (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/addon-viewport (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/components (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/core-events (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/manager-api (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/nextjs (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/preview-api (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/react (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/test (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/test-runner devDependencies patch 0.19.0 -> 0.19.1 OpenSSF Scorecard
@storybook/theming (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@storybook/types (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard
@swc/helpers (source) devDependencies patch 0.5.11 -> 0.5.12 OpenSSF Scorecard
@tanstack/react-table (source) peerDependencies patch 8.19.2 -> 8.19.3 OpenSSF Scorecard
@tanstack/react-table (source) devDependencies patch 8.19.2 -> 8.19.3 OpenSSF Scorecard
@tanstack/react-table (source) dependencies patch 8.19.2 -> 8.19.3 OpenSSF Scorecard
@tanstack/react-table-devtools (source) devDependencies patch 8.19.2 -> 8.19.3 OpenSSF Scorecard
ajv (source) dependencies minor 8.16.0 -> 8.17.1 OpenSSF Scorecard
eslint-plugin-i18next devDependencies patch 6.0.7 -> 6.0.9 OpenSSF Scorecard
eslint-plugin-react devDependencies patch 7.34.3 -> 7.34.4 OpenSSF Scorecard
i18next (source) peerDependencies minor 23.11.5 -> 23.12.1 OpenSSF Scorecard
i18next (source) devDependencies minor 23.11.5 -> 23.12.1 OpenSSF Scorecard
i18next (source) dependencies minor 23.11.5 -> 23.12.1 OpenSSF Scorecard
knip (source) devDependencies minor 5.25.2 -> 5.26.0 OpenSSF Scorecard
object-sizeof dependencies patch 2.6.4 -> 2.6.5 OpenSSF Scorecard
prettier (source) devDependencies patch 3.3.2 -> 3.3.3 OpenSSF Scorecard
storybook (source) devDependencies patch 8.2.2 -> 8.2.3 OpenSSF Scorecard

Release Notes

crowdin/crowdin-api-client-js (@​crowdin/crowdin-api-client)

v1.35.0

Compare Source

What's Changed

Full Changelog: crowdin/crowdin-api-client-js@1.34.0...1.35.0

mantinedev/mantine (@​mantine/carousel)

v6.0.22

Compare Source

6.x patch

This is a patch for the previous major version, it does not impact 7.x releases.

Changes
  • [@mantine/core] Popover: Add size popover middleware to fix overflow issues in Popover.Dropdown (#​5214)
  • [@mantine/core] Menu: Fix broken focus logic when keepMounted is set (#​5565)
  • [@mantine/core] Switch: fix accessibility issues (#​5755)
  • [@mantine/core] Fix Typescript 5.5 compatibility

Full Changelog: mantinedev/mantine@6.0.21...6.0.22

storybookjs/storybook (@​storybook/addon-a11y)

v8.2.3

Compare Source

storybookjs/test-runner (@​storybook/test-runner)

v0.19.1

Compare Source

🐛 Bug Fix
Authors: 2
swc-project/swc (@​swc/helpers)

v0.5.12

Compare Source

TanStack/table (@​tanstack/react-table)

v8.19.3

Compare Source

Version 8.19.3 - 7/14/24, 8:44 AM

Changes

Fix
  • table-core: assign unassign parentId in grouped row model (#​5657) (a71ce10) by PiR
Ci
Docs

Packages

ajv-validator/ajv (ajv)

v8.17.1

Compare Source

What's Changed

Full Changelog: ajv-validator/ajv@v8.17.0...v8.17.1

Plus everything in 8.17.0 which failed to release

The only functional change is to switch from uri-js (which is no longer supported), to fast-uri. This is the second attempt and the team on fast-uri have been really helpful addressing the issues we found last time.

Revert "Revert fast-uri change (https://github.com/ajv-validator/ajv/pull/2444)" by @​gurgunday in https://github.com/ajv-validator/ajv/pull/2448
fix: ignore new eslint error for @​typescript-eslint/no-extraneous-class by @​jasoniangreen in https://github.com/ajv-validator/ajv/pull/2455
docs: clarify behaviour of addVocabulary by @​jasoniangreen in https://github.com/ajv-validator/ajv/pull/2454
docs: refactor to improve legibility by @​blottn in https://github.com/ajv-validator/ajv/pull/2432
Fix grammatical typo in managing-schemas.md by @​wetneb in https://github.com/ajv-validator/ajv/pull/2305
docs: Fix broken strict-mode link by @​alexanderjsx in https://github.com/ajv-validator/ajv/pull/2459
feat: add test for encoded refs and bump fast-uri by @​jasoniangreen in https://github.com/ajv-validator/ajv/pull/2449
fix: changes for @​typescript-eslint/array-type rule by @​jasoniangreen in https://github.com/ajv-validator/ajv/pull/2467
fixes https://github.com/ajv-validator/ajv/issues/2217 - clarify custom keyword naming by @​jasoniangreen in https://github.com/ajv-validator/ajv/pull/2457

edvardchen/eslint-plugin-i18next (eslint-plugin-i18next)

v6.0.9

Compare Source

jsx-eslint/eslint-plugin-react (eslint-plugin-react)

v7.34.4

Compare Source

Fixed
i18next/i18next (i18next)

v23.12.1

Compare Source

  • Use explicit imports for utils 2212

v23.12.0

Compare Source

  • feat: Add posibility to override keyPrefix for certain translation. 2211
webpro-nl/knip (knip)

v5.26.0

Compare Source

miktam/sizeof (object-sizeof)

v2.6.5

Compare Source

prettier/prettier (prettier)

v3.3.3

Compare Source

diff

Add parentheses for nullish coalescing in ternary (#​16391 by @​cdignam-segment)

This change adds clarity to operator precedence.

// Input
foo ? bar ?? foo : baz;
foo ?? bar ? a : b;
a ? b : foo ?? bar;

// Prettier 3.3.2
foo ? bar ?? foo : baz;
foo ?? bar ? a : b;
a ? b : foo ?? bar;

// Prettier 3.3.3
foo ? (bar ?? foo) : baz;
(foo ?? bar) ? a : b;
a ? b : (foo ?? bar);
Add parentheses for decorator expressions (#​16458 by @​y-schneider)

Prevent parentheses around member expressions or tagged template literals from being removed to follow the stricter parsing rules of TypeScript 5.5.

// Input
@​(foo`tagged template`)
class X {}

// Prettier 3.3.2
@​foo`tagged template`
class X {}

// Prettier 3.3.3
@​(foo`tagged template`)
class X {}
Support @let declaration syntax (#​16474 by @​sosukesuzuki)

Adds support for Angular v18 @let declaration syntax.

Please see the following code example. The @let declaration allows you to define local variables within the template:

@​let name = 'Frodo';

<h1>Dashboard for {{name}}</h1>
Hello, {{name}}

For more details, please refer to the excellent blog post by the Angular Team: Introducing @​let in Angular.

We also appreciate the Angular Team for kindly answering our questions to implement this feature.


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot requested a review from JoeKarow as a code owner July 12, 2024 17:11
@renovate renovate bot added automerge Enable Kodiak auto-merge dependencies Change in project dependencies. kodiak: merge.method = 'squash' Kodiak will squash merge this PR. labels Jul 12, 2024
Copy link

vercel bot commented Jul 12, 2024

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
inreach-app ✅ Ready (Inspect) Visit Preview 💬 Add feedback Jul 15, 2024 3:16pm

Copy link
Contributor

coderabbitai bot commented Jul 12, 2024

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.


Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share
Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai generate interesting stats about this repository and render them as a table.
    • @coderabbitai show all the console.log statements in this repository.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

Copy link

relativeci bot commented Jul 12, 2024

#892 Bundle Size — 3.45MiB (+0.02%).

fad7e33(current) vs c68e62d dev#878(baseline)

Warning

Bundle contains 8 duplicate packages – View duplicate packages

Bundle metrics  Change 2 changes Regression 1 regression
                 Current
#892
     Baseline
#878
Regression  Initial JS 3.06MiB(+0.02%) 3.06MiB
No change  Initial CSS 9.54KiB 9.54KiB
Change  Cache Invalidation 69.63% 34.53%
No change  Chunks 66 66
No change  Assets 79 79
No change  Modules 2005 2005
No change  Duplicate Modules 259 259
No change  Duplicate Code 7.35% 7.35%
No change  Packages 213 213
No change  Duplicate Packages 8 8
Bundle size by type  Change 2 changes Regression 2 regressions
                 Current
#892
     Baseline
#878
Regression  JS 3.33MiB (+0.02%) 3.33MiB
No change  Fonts 94.54KiB 94.54KiB
Regression  Other 9.6KiB (+0.25%) 9.58KiB
No change  CSS 9.54KiB 9.54KiB
No change  IMG 8.57KiB 8.57KiB

Bundle analysis reportBranch renovate/all-minor-patchProject dashboard

Copy link
Contributor

github-actions bot commented Jul 12, 2024

📦 Next.js Bundle Analysis for @weareinreach/app

This analysis was generated by the Next.js Bundle Analysis action. 🤖

This PR introduced no changes to the JavaScript bundle! 🙌

Copy link

alwaysmeticulous bot commented Jul 12, 2024

🤖 No test run has been triggered as your Meticulous project has been deactivated (since you haven't viewed any test results in a while). Click here to reactivate.

Last updated for commit 068c922. This comment will update as new commits are pushed.

@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 18a5755 to e2d421f Compare July 12, 2024 22:54
@renovate renovate bot changed the title fix(crowdin): update dependency object-sizeof to v2.6.5 fix(ui): update all non-major dependencies Jul 12, 2024
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from e2d421f to ee3ab92 Compare July 13, 2024 08:41
@renovate renovate bot changed the title fix(ui): update all non-major dependencies chore(ui): update all non-major dependencies Jul 13, 2024
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from ee3ab92 to 29544b5 Compare July 13, 2024 10:31
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 29544b5 to 94962c8 Compare July 13, 2024 14:03
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 94962c8 to e69e224 Compare July 13, 2024 16:48
@renovate renovate bot changed the title chore(ui): update all non-major dependencies fix(crowdin): update all non-major dependencies Jul 13, 2024
Copy link

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package NoteSourceCI
Install scripts npm/@vercel/speed-insights@1.0.12
  • Install script: postinstall
  • Source: node scripts/postinstall.mjs
  • orphan: npm/@vercel/speed-insights@1.0.12
🚫

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

  • @SocketSecurity ignore npm/@vercel/speed-insights@1.0.12

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 068c922 to fad7e33 Compare July 15, 2024 15:11
Copy link

@kodiakhq kodiakhq bot merged commit bf3b977 into dev Jul 15, 2024
23 of 25 checks passed
@kodiakhq kodiakhq bot deleted the renovate/all-minor-patch branch July 15, 2024 15:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant