chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@types/node (source)	20.12.4 -> 20.12.5
i18next (source)	23.10.1 -> 23.11.0
nanoid	5.0.6 -> 5.0.7

---

Release Notes

i18next/i18next (i18next)

v23.11.0

Compare Source

• Fix typing performance regression 2166

ai/nanoid (nanoid)

v5.0.7

Compare Source

• Fixed Parcel support (by @​WilhelmYakunin).

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday,before 4am on Thursday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
transmascfutures	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Apr 8, 2024 4:46pm

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@paralleldrive/cuid2@2.2.2	None	+1	808 kB	ericelliott
npm/@prisma/adapter-neon@5.12.1	Transitive: environment	+2	105 kB	prismabot
npm/@prisma/client@5.12.1	environment, filesystem, shell	0	8.48 MB	prismabot
npm/@storybook/addon-a11y@8.0.6	None	+3	2.84 MB	shilman
npm/@storybook/addon-essentials@8.0.6	Transitive: environment, eval, filesystem, network, shell, unsafe	+106	24.6 MB	shilman
npm/@storybook/addon-interactions@8.0.6	Transitive: environment, filesystem, network	+27	5.6 MB	shilman
npm/@storybook/addon-links@8.0.6	None	+2	64.5 kB	shilman
npm/@storybook/addon-viewport@8.0.6	None	0	16.3 kB	shilman
npm/@storybook/blocks@8.0.6	eval Transitive: environment, filesystem, network, shell, unsafe	+98	19.7 MB	shilman
npm/@storybook/nextjs@8.0.6	Transitive: environment, eval, filesystem, network, shell, unsafe	+274	28.3 MB	shilman
npm/@storybook/react@8.0.6	Transitive: environment, eval, filesystem, network, shell, unsafe	+99	16.9 MB	shilman
npm/@storybook/test@8.0.6	environment, eval Transitive: filesystem, network	+76	9.84 MB	shilman
npm/@tabler/icons-react@2.47.0	None	+1	194 MB	codecalm
npm/@tanstack/react-query-devtools@4.36.1	environment	+1	1.86 MB	tannerlinsley
npm/@tanstack/react-query@4.36.1	environment	+1	3.6 MB	tannerlinsley
npm/@tomfreudenberg/next-auth-mock@0.5.6	None	0	34 kB	tom-freudenberg
npm/@trpc/client@10.45.2	network	0	253 kB	katt
npm/@trpc/next@10.45.2	None	0	111 kB	katt
npm/@trpc/react-query@10.45.2	None	0	285 kB	katt
npm/@trpc/server@10.45.2	environment	0	713 kB	katt
npm/@types/luxon@3.4.2	None	0	120 kB	types
npm/@types/node@20.12.5	None	0	2.03 MB	types
npm/@types/react@18.2.74	None	+2	1.68 MB	types
npm/@types/umami@0.1.5	None	0	3.14 kB	types
npm/@types/ws@8.5.10	None	0	21.7 kB	types
npm/@typescript-eslint/eslint-plugin@7.5.0	Transitive: environment, filesystem	+25	6.53 MB	jameshenry
npm/@typescript-eslint/parser@7.5.0	Transitive: environment, filesystem	+18	1.76 MB	jameshenry
npm/@vercel/analytics@1.2.2	None	0	190 kB	vercel-release-bot
npm/@vercel/speed-insights@1.0.10	None	0	272 kB	vercel-release-bot
npm/boxen@7.1.1	None	+4	93.9 kB	sindresorhus
npm/chromatic@11.3.0	None	0	4.3 MB	ghengeveld
npm/dotenv-cli@7.4.1	Transitive: environment, filesystem, shell	+2	44.7 kB	entropitor
npm/embla-carousel-auto-height@7.1.0	None	+1	407 kB	davidjerleke
npm/embla-carousel-react@7.1.0	None	+1	409 kB	davidjerleke
npm/eslint-config-next@14.1.4	unsafe Transitive: environment, eval, filesystem, shell	+84	11.6 MB	vercel-release-bot
npm/eslint-formatter-github@1.1.4	environment Transitive: filesystem, network, shell	+36	6.2 MB	alisowski
npm/eslint-plugin-codegen@0.28.0	environment, filesystem, shell Transitive: unsafe	+59	17.9 MB	mmkale
npm/eslint-plugin-i@2.29.1	filesystem, unsafe Transitive: environment	+11	1.66 MB	jounqin
npm/eslint-plugin-i18next@6.0.3	None	0	67.3 kB	edvardchen
npm/eslint-plugin-n@16.6.2	filesystem Transitive: unsafe	+14	1.92 MB	weiran.zsd
npm/eslint-plugin-react@7.34.1	filesystem Transitive: eval	+43	4.27 MB	ljharb
npm/eslint-plugin-storybook@0.8.0	Transitive: environment, filesystem	+27	2.97 MB	yannbf
npm/eslint-plugin-turbo@1.13.2	environment, eval, filesystem, shell	+1	490 kB	turbobot
npm/i18next-browser-languagedetector@7.2.1	None	+1	350 kB	adrai
npm/i18next-http-backend@2.5.0	network	+1	201 kB	adrai

🚮 Removed packages: npm/nanoid@5.0.6, npm/prettier@3.2.5, npm/react-dom@18.2.0, npm/react@18.2.0, npm/typescript@5.4.4, npm/ws@8.16.0, npm/zod@3.22.4

View full report↗︎

[deepsource-io]

Here's the code health analysis summary for commits c356264..e2cf05a. View details on DeepSource ↗.

Analysis Summary

Analyzer	Status	Summary	Link
Secrets	✅ Success		View Check ↗
JavaScript	✅ Success		View Check ↗

---

💡 If you’re a repository administrator, you can configure the quality gates from the settings.

[github-actions]

📦 Next.js Bundle Analysis for @weareinreach/glaad

This analysis was generated by the Next.js Bundle Analysis action. 🤖

This PR introduced no changes to the JavaScript bundle! 🙌

[kodiakhq]

This PR currently has a merge conflict. Please resolve this and then re-add the automerge label.

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/@vercel/speed-insights@1.0.10	Install script: postinstall Source: node scripts/postinstall.mjs	package.json pnpm-lock.yaml
Install scripts	npm/core-js-pure@3.36.1	Install script: postinstall Source: node -e "try{require('./postinstall')}catch(e){}"	package.json pnpm-lock.yaml
Install scripts	npm/core-js@3.36.1	Install script: postinstall Source: node -e "try{require('./postinstall')}catch(e){}"	orphan: npm/core-js@3.36.1
Install scripts	npm/@prisma/client@5.12.1	Install script: postinstall Source: node scripts/postinstall.js	package.json pnpm-lock.yaml
Install scripts	npm/@prisma/engines@5.12.1	Install script: postinstall Source: node scripts/postinstall.js	orphan: npm/@prisma/engines@5.12.1

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/@vercel/speed-insights@1.0.10
• @SocketSecurity ignore npm/core-js-pure@3.36.1
• @SocketSecurity ignore npm/core-js@3.36.1
• @SocketSecurity ignore npm/@prisma/client@5.12.1
• @SocketSecurity ignore npm/@prisma/engines@5.12.1