Bump dependencies (#2735)

* Bump vue from 3.5.12 to 3.5.13 Bumps [vue](https://github.com/vuejs/core) from 3.5.12 to 3.5.13. - [Release notes](https://github.com/vuejs/core/releases) - [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md) - [Commits](vuejs/core@v3.5.12...v3.5.13) --- updated-dependencies: - dependency-name: vue dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump @fortawesome/fontawesome-free from 6.6.0 to 6.7.1 Bumps [@fortawesome/fontawesome-free](https://github.com/FortAwesome/Font-Awesome) from 6.6.0 to 6.7.1. - [Release notes](https://github.com/FortAwesome/Font-Awesome/releases) - [Changelog](https://github.com/FortAwesome/Font-Awesome/blob/6.x/CHANGELOG.md) - [Commits](FortAwesome/Font-Awesome@6.6.0...6.7.1) --- updated-dependencies: - dependency-name: "@fortawesome/fontawesome-free" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump vite-plugin-commonjs from 0.10.3 to 0.10.4 Bumps [vite-plugin-commonjs](https://github.com/vite-plugin/vite-plugin-commonjs) from 0.10.3 to 0.10.4. - [Release notes](https://github.com/vite-plugin/vite-plugin-commonjs/releases) - [Changelog](https://github.com/vite-plugin/vite-plugin-commonjs/blob/main/CHANGELOG.md) - [Commits](vite-plugin/vite-plugin-commonjs@v0.10.3...v0.10.4) --- updated-dependencies: - dependency-name: vite-plugin-commonjs dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump primevue from 4.2.2 to 4.2.3 Bumps [primevue](https://github.com/primefaces/primevue/tree/HEAD/packages/primevue) from 4.2.2 to 4.2.3. - [Release notes](https://github.com/primefaces/primevue/releases) - [Changelog](https://github.com/primefaces/primevue/blob/master/CHANGELOG.md) - [Commits](https://github.com/primefaces/primevue/commits/4.2.3/packages/primevue) --- updated-dependencies: - dependency-name: primevue dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump github/codeql-action from 3.27.4 to 3.27.5 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.4 to 3.27.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@ea9e4e3...f09c1c0) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump actions/dependency-review-action from 4.4.0 to 4.5.0 Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.4.0 to 4.5.0. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@4081bf9...3b139cf) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump codecov/codecov-action from 5.0.2 to 5.0.7 Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.0.2 to 5.0.7. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@5c47607...015f24e) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump laravel/framework from 11.32.0 to 11.33.2 Bumps [laravel/framework](https://github.com/laravel/framework) from 11.32.0 to 11.33.2. - [Release notes](https://github.com/laravel/framework/releases) - [Changelog](https://github.com/laravel/framework/blob/11.x/CHANGELOG.md) - [Commits](laravel/framework@v11.32.0...v11.33.2) --- updated-dependencies: - dependency-name: laravel/framework dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump barryvdh/laravel-debugbar from 3.14.7 to 3.14.9 Bumps [barryvdh/laravel-debugbar](https://github.com/barryvdh/laravel-debugbar) from 3.14.7 to 3.14.9. - [Release notes](https://github.com/barryvdh/laravel-debugbar/releases) - [Changelog](https://github.com/barryvdh/laravel-debugbar/blob/master/CHANGELOG.md) - [Commits](barryvdh/laravel-debugbar@v3.14.7...v3.14.9) --- updated-dependencies: - dependency-name: barryvdh/laravel-debugbar dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump itsgoingd/clockwork from 5.3.0 to 5.3.1 Bumps [itsgoingd/clockwork](https://github.com/itsgoingd/clockwork) from 5.3.0 to 5.3.1. - [Release notes](https://github.com/itsgoingd/clockwork/releases) - [Changelog](https://github.com/itsgoingd/clockwork/blob/master/CHANGELOG.md) - [Commits](itsgoingd/clockwork@v5.3.0...v5.3.1) --- updated-dependencies: - dependency-name: itsgoingd/clockwork dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump friendsofphp/php-cs-fixer from 3.64.0 to 3.65.0 Bumps [friendsofphp/php-cs-fixer](https://github.com/PHP-CS-Fixer/PHP-CS-Fixer) from 3.64.0 to 3.65.0. - [Release notes](https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/releases) - [Changelog](https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/blob/master/CHANGELOG.md) - [Commits](PHP-CS-Fixer/PHP-CS-Fixer@v3.64.0...v3.65.0) --- updated-dependencies: - dependency-name: friendsofphp/php-cs-fixer dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump fakerphp/faker from 1.24.0 to 1.24.1 Bumps [fakerphp/faker](https://github.com/FakerPHP/Faker) from 1.24.0 to 1.24.1. - [Release notes](https://github.com/FakerPHP/Faker/releases) - [Changelog](https://github.com/FakerPHP/Faker/blob/v1.24.1/CHANGELOG.md) - [Commits](FakerPHP/Faker@v1.24.0...v1.24.1) --- updated-dependencies: - dependency-name: fakerphp/faker dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Merge remote-tracking branch 'origin/dependabot/composer/fakerphp/faker-1.24.1' into bump * Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/primevue-4.2.3' into bump * fix phpstan * composer update * refuse version 5.7 of typescript --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
LycheeOrg · Nov 25, 2024 · 8b7ffcb · 8b7ffcb
1 parent c24e0f5
commit 8b7ffcb
Show file tree

Hide file tree

Showing 10 changed files with 409 additions and 403 deletions.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -50,7 +50,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+        uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -60,7 +60,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+        uses: github/codeql-action/autobuild@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -73,6 +73,6 @@ jobs:
       #   ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+        uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
         with:
           category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -24,4 +24,4 @@ jobs:
       - name: 'Checkout Repository'
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@4081bf99e2866ebe428fc0477b69eb4fcda7220a # v4.4.0
+        uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0
diff --git a/.github/workflows/php_no_legacy_tests.yml b/.github/workflows/php_no_legacy_tests.yml
@@ -112,7 +112,7 @@ jobs:
         run: php artisan migrate:rollback
 
       - name: Codecov
-        uses: codecov/codecov-action@5c47607acb93fed5485fdbf7232e8a31425f672a # v5.0.2
+        uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5.0.7
         env:
           CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
 

diff --git a/.github/workflows/php_tests.yml b/.github/workflows/php_tests.yml
@@ -108,7 +108,7 @@ jobs:
         run: php artisan migrate:rollback
 
       - name: Codecov
-        uses: codecov/codecov-action@5c47607acb93fed5485fdbf7232e8a31425f672a # v5.0.2
+        uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5.0.7
         env:
           CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
 

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -72,6 +72,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v2.16.4
+        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v2.16.4
         with:
           sarif_file: results.sarif
diff --git a/app/Actions/Sharing/ListShare.php b/app/Actions/Sharing/ListShare.php
@@ -51,6 +51,7 @@ public function do(?User $participant, ?User $owner, ?BaseAlbum $baseAlbum): Sha
 
 			// Existing albums which can be shared optionally filtered by
 			// album ID and/or owner ID
+			/** @var Collection<int,object{id:string,title:string}> $albums */
 			$albums = DB::table('base_albums')
 				->leftJoin('albums', 'albums.id', '=', 'base_albums.id')
 				->select(['base_albums.id', 'title', 'parent_id'])
@@ -60,15 +61,18 @@ public function do(?User $participant, ?User $owner, ?BaseAlbum $baseAlbum): Sha
 				->get();
 			$this->linkAlbums($albums);
 			$albums->each(function ($album) {
+				/** @phpstan-ignore-next-line */
 				$album->title = $this->breadcrumbPath($album);
 			});
 			$albums->each(function ($album) {
+				/** @var object{parent_id:string,parent:object} $album */
 				unset($album->parent_id);
 				unset($album->parent);
 			});
 
 			// Existing users with whom an album can be shared optionally
 			// filtered by participant ID
+			/** @var Collection<int,object{id:int,username:string}> $users */
 			$users = DB::table('users')->select(['id', 'username'])
 				->when($participant !== null, fn ($q) => $q->where('id', '=', $participant->id))
 				->when($participant === null, fn ($q) => $q->where('may_administrate', '=', false))