apps/api(deps-dev): bump the dev-deps group across 1 directory with 12 updates

[dependabot]

Bumps the dev-deps group with 12 updates in the /apps/api directory:

Package	From	To
@flydotio/dockerfile	0.4.11	0.5.9
@tsconfig/recommended	1.0.6	1.0.8
@types/jest	29.5.12	29.5.14
@types/node	20.14.1	22.10.2
body-parser	1.20.2	1.20.3
express	4.19.2	4.21.2
mammoth	1.7.2	1.8.0
nodemon	2.0.22	3.1.9
supabase	1.172.2	2.0.0
supertest	6.3.4	7.0.0
ts-jest	29.1.4	29.2.5
typescript	5.4.5	5.7.2

Updates @flydotio/dockerfile from 0.4.11 to 0.5.9

Commits

• See full diff in compare view

Updates @tsconfig/recommended from 1.0.6 to 1.0.8

Commits

• See full diff in compare view

Updates @types/jest from 29.5.12 to 29.5.14

Commits

• See full diff in compare view

Updates @types/node from 20.14.1 to 22.10.2

Commits

• See full diff in compare view

Updates body-parser from 1.20.2 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

• deps: [email protected]
• add depth option to customize the depth level in the parser
• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

• chore: add support for OSSF scorecard reporting by @​inigomarquinez in expressjs/body-parser#522
• ci: fix errors in ci github action for node 8 and 9 by @​inigomarquinez in expressjs/body-parser#523
• fix: pin to [email protected] by @​wesleytodd in expressjs/body-parser#527
• deps: [email protected] by @​melikhov-dev in expressjs/body-parser#521
• Add OSSF Scorecard badge by @​bjohansebas in expressjs/body-parser#531
• Linter by @​UlisesGascon in expressjs/body-parser#534
• Release: 1.20.3 by @​UlisesGascon in expressjs/body-parser#535

New Contributors

• @​inigomarquinez made their first contribution in expressjs/body-parser#522
• @​melikhov-dev made their first contribution in expressjs/body-parser#521
• @​bjohansebas made their first contribution in expressjs/body-parser#531
• @​UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

• deps: [email protected]
• add depth option to customize the depth level in the parser
• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Commits

• 1752951 1.20.3
• 39744cf chore: linter (#534)
• b2695c4 Merge commit from fork
• ade0f3f add scorecard to readme (#531)
• 99a1bd6 deps: [email protected] (#521)
• 9478591 fix: pin to [email protected]
• 83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
• 9d4e212 chore: add support for OSSF scorecard reporting (#522)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates express from 4.19.2 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

• Add funding field (v4) by @​bjohansebas in expressjs/express#6065
• deps: [email protected] by @​blakeembrey in expressjs/express#5956
• deps: bump [email protected] by @​jonchurch in expressjs/express#6209
• Release: 4.21.2 by @​UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

• Backport a fix for CVE-2024-47764 to the 4.x branch by @​joshbuker in expressjs/express#6029
• Release: 4.21.1 by @​UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

• Deprecate "back" magic string in redirects by @​blakeembrey in expressjs/express#5935
• [email protected] by @​wesleytodd in expressjs/express#5954
• fix(deps): [email protected] by @​wesleytodd in expressjs/express#5951
• Upgraded dependency qs to 6.13.0 to match qs in body-parser by @​agadzinski93 in expressjs/express#5946

New Contributors

• @​agadzinski93 made their first contribution in expressjs/express#5946

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect

Other Changes

• 4.19.2 Staging by @​wesleytodd in expressjs/express#5561
• remove duplicate location test for data uri by @​wesleytodd in expressjs/express#5562
• feat: document beta releases expectations by @​marco-ippolito in expressjs/express#5565
• Cut down on duplicated CI runs by @​jonchurch in expressjs/express#5564
• Add a Threat Model by @​UlisesGascon in expressjs/express#5526
• Assign captain of encodeurl by @​blakeembrey in expressjs/express#5579
• Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @​jonchurch in expressjs/express#5587
• docs: update Security.md by @​inigomarquinez in expressjs/express#5590
• docs: update triage nomination policy by @​UlisesGascon in expressjs/express#5600
• Add CodeQL (SAST) by @​UlisesGascon in expressjs/express#5433
• docs: add UlisesGascon as triage initiative captain by @​UlisesGascon in expressjs/express#5605

... (truncated)

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

• deps: [email protected]
  • Fix backtracking protection
• deps: [email protected]
  • Throws an error on invalid path values

4.21.1 / 2024-10-08

• Backported a fix for CVE-2024-47764

4.21.0 / 2024-09-11

• Deprecate res.location("back") and res.redirect("back") magic string
• deps: [email protected]
  • includes [email protected]
• deps: [email protected]
• deps: [email protected]

4.20.0 / 2024-09-10

• deps: [email protected]
  • Remove link renderization in html while redirecting
• deps: [email protected]
  • Remove link renderization in html while redirecting
• deps: [email protected]
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect
• deps: [email protected]
  • Adds support for named matching groups in the routes using a regex
  • Adds backtracking protection to parameters without regexes defined
• deps: encodeurl@~2.0.0
  • Removes encoding of \, |, and ^ to align better with URL spec
• Deprecate passing options.maxAge and options.expires to res.clearCookie
  • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

Commits

• 1faf228 4.21.2
• 2e0fb64 deps: bump [email protected] (#6209)
• 59fc270 deps: [email protected] (#5956)
• 51fc39c docs: add funding (#6065)
• 8e229f9 4.21.1
• a024c8a fix(deps): [email protected]
• 7e562c6 4.21.0
• 1bcde96 fix(deps): [email protected] (#5946)
• 7d36477 fix(deps): [email protected] (#5951)
• 40d2d8f fix(deps): [email protected]
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.

Updates mammoth from 1.7.2 to 1.8.0

Changelog

Sourced from mammoth's changelog.

1.8.0

• Add style mapping for highlights.

Commits

• 9176454 Bump version to 1.8.0
• d12d00f Handle highlight value of none
• 0546ccd Fix: matchers for specific break types match all break types
• 66c9ef9 Support style mapping for highlights
• 700e395 Parse run highlights
• See full diff in compare view

Updates nodemon from 2.0.22 to 3.1.9

Release notes

Sourced from nodemon's releases.

v3.1.9

3.1.9 (2024-12-13)

Bug Fixes

• maintain backward support for exitcrash (9c9de6e)

v3.1.8

3.1.8 (2024-12-13)

Bug Fixes

• types updated (cb91187)

v3.1.7

3.1.7 (2024-09-20)

Bug Fixes

• types for export on ESModule (#2211) (9b0606a)

v3.1.6

3.1.6 (2024-09-19)

Bug Fixes

• watch nested paths (11fcaaa), closes #2216

v3.1.5

3.1.5 (2024-09-17)

Bug Fixes

• add missing ignore option to type defintion of config (#2224) (254c2ab)

v3.1.4

3.1.4 (2024-06-20)

Bug Fixes

• ensure local env have priority (6020968), closes #2209

v3.1.3

3.1.3 (2024-06-03)

... (truncated)

Commits

• 9c9de6e fix: maintain backward support for exitcrash
• 880fc42 chore: fix merge conflict
• cb91187 fix: types updated
• a021683 chore: website
• 701a950 chore: website
• 5bd5489 chore: website
• d6e5bdd chore: website
• c629667 Merge branch 'main' of github.com:remy/nodemon
• ea95953 chore: web site
• ecea25b chore: update website / fix jq
• Additional commits viewable in compare view

Updates supabase from 1.172.2 to 2.0.0

Release notes

Sourced from supabase's releases.

v2.0.0

Changelog

Features

• 06db5a562a97a2323c59f23df54322475e8450b2: feat: bump cli to v2 (@​sweatybridge)

v1.226.4

Changelog

Bug fixes

• 15833d1896185018c343352cc1d1f38d4de83ecb: fix(studio): Bump studio version to 20241202-71e5240 (#2937) (@​ivasilov)

Others

• c66a6c40b170138da0deeb20ac210b1200d38002: chore: update docs for remote db reset (#2936) (@​sweatybridge)

v1.226.3

Changelog

Bug fixes

• 2ff5960b39b9a00f5a1ddcae2c33bbb84c3f4c0c: fix(config): syncing for postgres hook without secrets (#2931) (@​avallete)

v1.226.2

Changelog

Bug fixes

• 8c3a49e72ed8bac8a5034b5abc18f1ab2ba16b9e: fix: bump edge-runtime to 1.65.3 (@​nyannyacha)
• 7ff60a7fcd6de1ef40b337769981972e81c2ef4a: fix: bump edge-runtime to 1.65.3 (#2930) (@​laktek)

Others

• eae2bac10161e71cd74b34d259b974b7eb80e823: chore(deps): bump github.com/go-xmlfmt/xmlfmt from 1.1.2 to 1.1.3 (#2929) (@​dependabot[bot])

v1.226.1

Changelog

Bug fixes

• 26a20ea16ed477e4c9cd4de8504c681078fd8596: fix: bump edge-runtime to 1.65.1 (@​nyannyacha)
• 486a9bfdd11d73520b27cadd37252a866a914e11: fix: bump edge-runtime to 1.65.1 (#2928) (@​laktek)

Others

• d3cd223609f6b643e83899b3be5661433d0ba4e5: chore(deps): bump github.com/stripe/pg-schema-diff from 0.7.0 to 0.8.0 (#2922) (@​dependabot[bot])

v1.226.0

Changelog

Features

• b9e0aa073df68b75623e860e1473cf417b3d033f: feat: add minimum password length and password requirements config (#2885) (@​silentworks)

Others

• fcf6bcef9ad8c26c707b99809073e84852c8105a: chore: document function config in toml (#2925) (@​sweatybridge)
• 8fb7f30411c7d38b255d65b8bc7f8492a978731c: chore(docs): add link to the config reference in toml template (#2926) (@​avallete)

v1.225.3

Changelog

Bug fixes

• b87d67ada6459aba151c25c3d2c344998486397c: fix: bump edge-runtime to 1.65.0 (@​nyannyacha)
• 536acf23ddaa4d4fd5ba6b47f425f29c54739e70: fix: bump edge-runtime to 1.65.0 (#2924) (@​laktek)

v1.225.2

Changelog

Bug fixes

... (truncated)

Commits

• 06db5a5 feat: bump cli to v2
• 15833d1 fix(studio): Bump studio version to 20241202-71e5240 (#2937)
• c66a6c4 chore: update docs for remote db reset (#2936)
• 2ff5960 fix(config): syncing for postgres hook without secrets (#2931)
• 7ff60a7 fix: bump edge-runtime to 1.65.3 (#2930)
• 8c3a49e fix: bump edge-runtime to 1.65.3
• eae2bac chore(deps): bump github.com/go-xmlfmt/xmlfmt from 1.1.2 to 1.1.3 (#2929)
• 486a9bf fix: bump edge-runtime to 1.65.1 (#2928)
• 26a20ea fix: bump edge-runtime to 1.65.1
• d3cd223 chore(deps): bump github.com/stripe/pg-schema-diff from 0.7.0 to 0.8.0 (#2922)
• Additional commits viewable in compare view

Updates supertest from 6.3.4 to 7.0.0

Release notes

Sourced from supertest's releases.

v7.0.0

• Merge pull request #834 from Bruception/master 225118c
• Fix TestAgent not inheriting Agent properties f290431
• fix: bump deps, drop Node.js v<14.16.0 1e18c20

ladjs/supertest@v6.3.4...v7.0.0

Commits

• 2ae1c36 7.0.0
• 225118c Merge pull request #834 from Bruception/master
• f290431 Fix TestAgent not inheriting Agent properties
• 1e18c20 fix: bump deps, drop Node.js v<14.16.0
• See full diff in compare view

Updates ts-jest from 29.1.4 to 29.2.5

Release notes

Sourced from ts-jest's releases.

v29.2.5

Please refer to CHANGELOG.md for details.

v29.2.4

Please refer to CHANGELOG.md for details.

v29.2.3

Please refer to CHANGELOG.md for details.

v29.2.2

Please refer to CHANGELOG.md for details.

v29.2.1

Please refer to CHANGELOG.md for details.

v29.2.0

Please refer to CHANGELOG.md for details.

v29.1.5

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.2.5 (2024-08-23)

Bug Fixes

• build: build package with NodeNext module (9b3ade5)
• fix: set value ts/tsx extensionsToTreatAsEsm in default esm preset (d9ff362)
• fix(compiler): fallback to NodeJS module resolution for ts 4.8 (b7d3409), closes #4499

29.2.4 (2024-08-01)

Bug Fixes

• fix: revert support implementation for Node16/NodeNext (70b9530), closes #4468 #4473

29.2.3 (2024-07-18)

Security Fixes

• build(deps): Update dependency ejs to ^3.1.10 (de94a56)

Code Refactoring

• refactor(presets): maintain preset codes inside src (8474fc2)

29.2.2 (2024-07-10)

Bug Fixes

• fix(compiler): update memory cache after changing module value (94db43f), closes #4439

29.2.1 (2024-07-10)

Bug Fixes

• fix: move ejs to dep instead of peerDep (26e31a7)
• fix: set allowSyntheticDefaultImports properly (ff4b302), closes #4156

... (truncated)

Commits

• 500a863 chore(release): 29.2.5
• dce986e build(deps): Update dependency @​babel/preset-env to ^7.25.4
• 48a28a6 build(deps): Update dependency vite to ^5.4.2
• d9ff362 fix: set value ts/tsx extensionsToTreatAsEsm in default esm preset
• 00550ef test: add e2e test case for ESM features
• 978169b build(deps): Update dependency @​types/node to v20.16.1
• e9a643c build(deps): Update dependency @​types/node to v20.16.0
• 535edab build(deps): Update dependency @​types/node to v20.15.0
• 011a9d8 build(deps): Update dependency vite to ^5.4.1
• 4eb8ccd build: update renovate bot
• Additional commits viewable in compare view

Updates typescript from 5.4.5 to 5.7.2

Release notes

Sourced from typescript's releases.

TypeScript 5.7

For release notes, check out the release announcement.

• fixed issues query for Typescript 5.7.0 (Beta).
• fixed issues query for Typescript 5.7.1 (RC).
• fixed issues query for Typescript 5.7.2 (Stable).

Downloads are available on:

• npm

TypeScript 5.7 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.7.0 (Beta).
• fixed issues query for Typescript 5.7.1 (RC).

Downloads are available on:

• npm

TypeScript 5.7 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.7.0 (Beta).

Downloads are available on:

• npm

TypeScript 5.6.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.6.0 (Beta).
• fixed issues query for Typescript 5.6.1 (RC).
• fixed issues query for Typescript 5.6.2 (Stable).
• fixed issues query for Typescript 5.6.3 (Stable).

Downloads are available on:

• npm
• NuGet package

... (truncated)

Commits

• d701d90 Bump version to 5.7.2 and LKG
• 0503a63 🤖 Pick PR #60450 (Move to file: fix detection of refe...) into release-5.7 (#...
• 3140dbb 🤖 Pick PR #60488 (Stub out copilotRelated command) into release-5.7 (#60495)
• c1216de Update LKG
• 3ee2b95 🤖 Pick PR #60415 (Fix false positive rewriteRelativeI...) into release-5.7 (#...
• 44bd3f2 Bump version to 5.7.1-rc and LKG
• 5925c81 Update LKG
• 84d58cf Merge remote-tracking branch 'origin/main' into release-5.7
• 0ec4d30 Fixing exception on unsaved file (#60362)
• 11b2930 Add compatible overloads that accept ArrayBuffer to BigInt64Array/BigUint64Ar...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #985.