Bump the minor-and-patch group with 10 updates

[dependabot]

Bumps the minor-and-patch group with 10 updates:

Package	From	To
@blockaid/client	0.29.1	0.31.0
@fastify/rate-limit	10.1.1	10.2.1
@sentry/node	8.38.0	8.42.0
axios	1.7.7	1.7.9
@types/node	22.9.0	22.10.1
dotenv	16.4.5	16.4.7
husky	9.1.6	9.1.7
prettier	3.3.3	3.4.2
typescript	5.6.3	5.7.2
webpack	5.96.1	5.97.1

Updates @blockaid/client from 0.29.1 to 0.31.0

Release notes

Sourced from @​blockaid/client's releases.

v0.31.0

0.31.0 (2024-11-24)

Full Changelog: v0.30.0...v0.31.0

Features

• api: api update (#338) (56181b2)

Chores

• remove redundant word in comment (#337) (cb7ed3b)

Documentation

• remove suggestion to use npm call out (#335) (7e1c108)

v0.30.0

0.30.0 (2024-11-17)

Full Changelog: v0.29.1...v0.30.0

Features

• api: api update (#333) (d165a1a)

Chores

• rebuild project due to codegen change (#330) (aa02f25)
• rebuild project due to codegen change (#332) (77a1c4e)

Changelog

Sourced from @​blockaid/client's changelog.

0.31.0 (2024-11-24)

Full Changelog: v0.30.0...v0.31.0

Features

• api: api update (#338) (56181b2)

Chores

• remove redundant word in comment (#337) (cb7ed3b)

Documentation

• remove suggestion to use npm call out (#335) (7e1c108)

0.30.0 (2024-11-17)

Full Changelog: v0.29.1...v0.30.0

Features

• api: api update (#333) (d165a1a)

Chores

• rebuild project due to codegen change (#330) (aa02f25)
• rebuild project due to codegen change (#332) (77a1c4e)

Commits

• 508f2c9 Merge pull request #336 from blockaid-official/release-please--branches--main...
• 14cee51 release: 0.31.0
• 56181b2 feat(api): api update (#338)
• c70ac50 codegen metadata
• cb7ed3b chore: remove redundant word in comment (#337)
• 7e1c108 docs: remove suggestion to use npm call out (#335)
• 54617af codegen metadata
• a1beb21 codegen metadata
• dc8e7df Merge pull request #331 from blockaid-official/release-please--branches--main...
• 7c4ed9a release: 0.30.0
• Additional commits viewable in compare view

Updates @fastify/rate-limit from 10.1.1 to 10.2.1

Release notes

Sourced from @​fastify/rate-limit's releases.

v10.2.1

What's Changed

• fix: apply merged params when custom route config is provided by @​gurgunday in fastify/fastify-rate-limit#393
• fix: after should show the same ttl as the rate limit headers by @​gurgunday in fastify/fastify-rate-limit#394

Full Changelog: fastify/fastify-rate-limit@v10.2.0...v10.2.1

v10.2.0

What's Changed

• [docs]: Adding Fastify 4 & 5 Compatibilty Rows by @​eskylake in fastify/fastify-rate-limit#388
• docs(readme): sort compatibility table descending; add lts note by @​Fdawgs in fastify/fastify-rate-limit#390
• style: remove trailing whitespace by @​Fdawgs in fastify/fastify-rate-limit#391
• Added exponential backoff by @​aniketcodes in fastify/fastify-rate-limit#387

New Contributors

• @​eskylake made their first contribution in fastify/fastify-rate-limit#388

Full Changelog: fastify/fastify-rate-limit@v10.1.1...v10.2.0

Commits

• eaa1801 v10.2.1
• 8b2b54d fix: after should show the same ttl as the rate limit headers (#394)
• 09f9648 fix: apply merged params in all cases (#393)
• 1f517d8 v10.2.0
• 93ad9b2 Added exponential backoff (#387)
• 3b8431c style: remove trailing whitespace (#391)
• 4f3027f docs(readme): sort compatibility table descending; add lts note (#390)
• 4afb1a8 ci: use major version of workflows
• 296625f [docs]: Adding Fastify 5 Compatibilty Row (#388)
• See full diff in compare view

Updates @sentry/node from 8.38.0 to 8.42.0

Release notes

Sourced from @​sentry/node's releases.

8.42.0

Important Changes

• feat(react): React Router v7 support (library) (#14513)

  This release adds support for React Router v7 (library mode). Check out the docs on how to set up the integration: Sentry React Router v7 Integration Docs

Deprecations

• feat: Warn about source-map generation (#14533)

  In the next major version of the SDK we will change how source maps are generated when the SDK is added to an application. Currently, the implementation varies a lot between different SDKs and can be difficult to understand. Moving forward, our goal is to turn on source maps for every framework, unless we detect that they are explicitly turned off. Additionally, if we end up enabling source maps, we will emit a log message that we did so.

  With this particular release, we are emitting warnings that source map generation will change in the future and we print instructions on how to prepare for the next major.

• feat(nuxt): Deprecate tracingOptions in favor of vueIntegration (#14530)

  Currently it is possible to configure tracing options in two places in the Sentry Nuxt SDK:

  • In Sentry.init()
  • Inside tracingOptions in Sentry.init()

  For tree-shaking purposes and alignment with the Vue SDK, it is now recommended to instead use the newly exported vueIntegration() and its tracingOptions option to configure tracing options in the Nuxt SDK:

  // sentry.client.config.ts
  import * as Sentry from '@sentry/nuxt';
  Sentry.init({
  // ...
  integrations: [
  Sentry.vueIntegration({
  tracingOptions: {
  trackComponents: true,
  },
  }),
  ],
  });

Other Changes

• feat(browser-utils): Update web-vitals to v4.2.4 (#14439)
• feat(nuxt): Expose vueIntegration (#14526)
• fix(feedback): Handle css correctly in screenshot mode (#14535)

... (truncated)

Changelog

Sourced from @​sentry/node's changelog.

8.42.0

Important Changes

• feat(react): React Router v7 support (library) (#14513)

  This release adds support for React Router v7 (library mode). Check out the docs on how to set up the integration: Sentry React Router v7 Integration Docs

Deprecations

• feat: Warn about source-map generation (#14533)

  In the next major version of the SDK we will change how source maps are generated when the SDK is added to an application. Currently, the implementation varies a lot between different SDKs and can be difficult to understand. Moving forward, our goal is to turn on source maps for every framework, unless we detect that they are explicitly turned off. Additionally, if we end up enabling source maps, we will emit a log message that we did so.

  With this particular release, we are emitting warnings that source map generation will change in the future and we print instructions on how to prepare for the next major.

• feat(nuxt): Deprecate tracingOptions in favor of vueIntegration (#14530)

  Currently it is possible to configure tracing options in two places in the Sentry Nuxt SDK:

  • In Sentry.init()
  • Inside tracingOptions in Sentry.init()

  For tree-shaking purposes and alignment with the Vue SDK, it is now recommended to instead use the newly exported vueIntegration() and its tracingOptions option to configure tracing options in the Nuxt SDK:

  // sentry.client.config.ts
  import * as Sentry from '@sentry/nuxt';
  Sentry.init({
  // ...
  integrations: [
  Sentry.vueIntegration({
  tracingOptions: {
  trackComponents: true,
  },
  }),
  ],
  });

Other Changes

• feat(browser-utils): Update web-vitals to v4.2.4 (#14439)
• feat(nuxt): Expose vueIntegration (#14526)
• fix(feedback): Handle css correctly in screenshot mode (#14535)

... (truncated)

Commits

• faa64d0 release: 8.42.0
• da3a72c Merge pull request #14538 from getsentry/prepare-release/8.42.0
• e695a5e meta(changelog): Update changelog for 8.42.0
• 0b349eb ci(deps): Bump codecov/codecov-action from 4 to 5 (#14537)
• 146bafc feat(nuxt): Deprecate tracingOptions in favor of vueIntegration (#14530)
• 87b789c feat(browser-utils): Update web-vitals to v4.2.4 (#14439)
• 9b9ec77 feat(nuxt): Expose vueIntegration (#14526)
• 44477df fix(feeback): Handle css correctly in screenshot mode (#14535)
• 3fdab04 feat: Warn about source-map generation (#14533)
• e17bd91 chore: Dedupe @sentry/core imports (#14529)
• Additional commits viewable in compare view

Updates axios from 1.7.7 to 1.7.9

Release notes

Sourced from axios's releases.

Release v1.7.9

Release notes:

Reverts

• Revert "fix(types): export CJS types from ESM (#6218)" (#6729) (c44d2f2), closes #6218 #6729

Contributors to this release

• Jay

Release v1.7.8

Release notes:

Bug Fixes

• allow passing a callback as paramsSerializer to buildURL (#6680) (eac4619)
• core: fixed config merging bug (#6668) (5d99fe4)
• fixed width form to not shrink after 'Send Request' button is clicked (#6644) (7ccd5fd)
• http: add support for File objects as payload in http adapter (#6588) (#6605) (6841d8d)
• http: fixed proxy-from-env module import (#5222) (12b3295)
• http: use globalThis.TextEncoder when available (#6634) (df956d1)
• ios11 breaks when build (#6608) (7638952)
• types: add missing types for mergeConfig function (#6590) (00de614)
• types: export CJS types from ESM (#6218) (c71811b)
• updated stream aborted error message to be more clear (#6615) (cc3217a)
• use URL API instead of DOM to fix a potential vulnerability warning; (#6714) (0a8d6e1)

Contributors to this release

• Remco Haszing
• Jay
• Aayush Yadav
• Dmitriy Mozgovoy
• Ell Bradshaw
• Amit Saini
• Tommaso Paulon
• Akki
• Sampo Silvennoinen
• Kasper Isager Dalsgarð
• Christian Clauss
• Pavan Welihinda
• Taylor Flatt
• Kenzo Wada
• Ngole Lawson
• Haven
• Shrivali Dutt
• Henco Appel

Changelog

Sourced from axios's changelog.

1.7.9 (2024-12-04)

Reverts

• Revert "fix(types): export CJS types from ESM (#6218)" (#6729) (c44d2f2), closes #6218 #6729

Contributors to this release

• Jay

1.7.8 (2024-11-25)

Bug Fixes

• allow passing a callback as paramsSerializer to buildURL (#6680) (eac4619)
• core: fixed config merging bug (#6668) (5d99fe4)
• fixed width form to not shrink after 'Send Request' button is clicked (#6644) (7ccd5fd)
• http: add support for File objects as payload in http adapter (#6588) (#6605) (6841d8d)
• http: fixed proxy-from-env module import (#5222) (12b3295)
• http: use globalThis.TextEncoder when available (#6634) (df956d1)
• ios11 breaks when build (#6608) (7638952)
• types: add missing types for mergeConfig function (#6590) (00de614)
• types: export CJS types from ESM (#6218) (c71811b)
• updated stream aborted error message to be more clear (#6615) (cc3217a)
• use URL API instead of DOM to fix a potential vulnerability warning; (#6714) (0a8d6e1)

Contributors to this release

• Remco Haszing
• Jay
• Aayush Yadav
• Dmitriy Mozgovoy
• Ell Bradshaw
• Amit Saini
• Tommaso Paulon
• Akki
• Sampo Silvennoinen
• Kasper Isager Dalsgarð
• Christian Clauss
• Pavan Welihinda
• Taylor Flatt
• Kenzo Wada
• Ngole Lawson
• Haven
• Shrivali Dutt
• Henco Appel

Commits

• b2cb45d chore(release): v1.7.9 (#6730)
• c44d2f2 Revert "fix(types): export CJS types from ESM (#6218)" (#6729)
• 415ca94 chore(release): v1.7.8 (#6715)
• 0a8d6e1 fix: use URL API instead of DOM to fix a potential vulnerability warning; (#6...
• c71811b fix(types): export CJS types from ESM (#6218)
• 4355a6d chore(sponsor): update sponsor block (#6709)
• 5d54d22 chore(sponsor): update sponsor block (#6707)
• eac4619 fix: allow passing a callback as paramsSerializer to buildURL (#6680)
• df956d1 fix(http): use globalThis.TextEncoder when available (#6634)
• 7139ce9 chore(deps): bump cookie and socket.io (#6704)
• Additional commits viewable in compare view

Updates @types/node from 22.9.0 to 22.10.1

Commits

• See full diff in compare view

Updates dotenv from 16.4.5 to 16.4.7

Changelog

Sourced from dotenv's changelog.

16.4.7 (2024-12-03)

Changed

• Ignore .tap folder when publishing. (oops, sorry about that everyone. - @​motdotla) #848

16.4.6 (2024-12-02)

Changed

• Clean up stale dev dependencies #847
• Various README updates clarifying usage and alternative solutions using dotenvx

Commits

• a338d68 16.4.7
• daf3e3d changelog 🪵
• fb74f68 Merge pull request #848 from Spice-King/patch-1
• fe87ba2 Add .tap to .npmignore
• 0c9f764 16.4.6
• fd5f26b changelog 🪵
• bb19b6b Merge pull request #847 from motdotla/deps-updates
• 2f4e36b further dev dependency cleanup
• c2fdd01 send to codecov
• 6707487 add test coverage
• Additional commits viewable in compare view

Updates husky from 9.1.6 to 9.1.7

Release notes

Sourced from husky's releases.

v9.1.7

What's Changed

• fix: add husky label to deprecated warning by @​smackfu in typicode/husky#1538

New Contributors

• @​smackfu made their first contribution in typicode/husky#1538

Full Changelog: typicode/husky@v9.1.6...v9.1.7

Commits

• 799e84b 9.1.7
• 30f2049 fix: add husky label to deprecated warning (#1538)
• See full diff in compare view

Updates prettier from 3.3.3 to 3.4.2

Release notes

Sourced from prettier's releases.

3.4.2

🔗 Changelog

3.4.1

🔗 Changelog

3.4.0

diff

🔗 Release note

Changelog

Sourced from prettier's changelog.

3.4.2

diff

Treat U+30A0 & U+30FB in Katakana Block as CJK (#16796 by @​tats-u)

Prettier doesn't treat U+30A0 & U+30FB as Japanese. U+30FB is commonly used in Japanese to represent the delimitation of first and last names of non-Japanese people or “and”. The following “C言語・C++・Go・Rust” means “C language & C++ & Go & Rust” in Japanese.

<!-- Input (--prose-wrap=never) -->
C言
語
・
C++
・
Go
・
Rust
<!-- Prettier 3.4.1 -->
C言語・ C++ ・ Go ・ Rust
<!-- Prettier 3.4.2 -->
C言語・C++・Go・Rust

U+30A0 can be used as the replacement of the - in non-Japanese names (e.g. “Saint-Saëns” (Charles Camille Saint-Saëns) can be represented as “サン゠サーンス” in Japanese), but substituted by ASCII hyphen (U+002D) or U+FF1D (full width hyphen) in many cases (e.g. “サン=サーンス” or “サン＝サーンス”).

Fix comments print on class methods with decorators (#16891 by @​fisker)

// Input
class A {
  @decorator
  /** 
   * The method description
   *
  */
  async method(foo: Foo, bar: Bar) {
    console.log(foo);
  }
}
// Prettier 3.4.1
class A {
@​decorator
async /**
</tr></table>

... (truncated)

Commits

• cca9461 Release 3.4.2
• 572bebe Fix comments on class methods with decorators (#16891)
• 359c4f0 chore(deps): update dependency @​angular/compiler to v19.0.1 (#16903)
• 6470996 chore(deps): update dependency @​glimmer/syntax to v0.93.1 (#16904)
• e13614f Correct fit() for fill() (#16899)
• 10db357 Remove check on TSImportType.isTypeOf (#16892)
• ac46a4f Treat U+30A0 & U+30FB in Katakana Block as CJK (#16796)
• d52e905 Add test for #16207 (#16890)
• a1e354d Clean changelog_unreleased
• 99875da Bump Prettier dependency to 3.4.1
• Additional commits viewable in compare view

Updates typescript from 5.6.3 to 5.7.2

Release notes

Sourced from typescript's releases.

TypeScript 5.7

For release notes, check out the release announcement.

• fixed issues query for Typescript 5.7.0 (Beta).
• fixed issues query for Typescript 5.7.1 (RC).
• fixed issues query for Typescript 5.7.2 (Stable).

Downloads are available on:

• npm

TypeScript 5.7 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.7.0 (Beta).
• fixed issues query for Typescript 5.7.1 (RC).

Downloads are available on:

• npm

TypeScript 5.7 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for Typescript 5.7.0 (Beta).

Downloads are available on:

• npm

Commits

• d701d90 Bump version to 5.7.2 and LKG
• 0503a63 🤖 Pick PR #60450 (Move to file: fix detection of refe...) into release-5.7 (#...
• 3140dbb 🤖 Pick PR #60488 (Stub out copilotRelated command) into release-5.7 (#60495)
• c1216de Update LKG
• 3ee2b95 🤖 Pick PR #60415 (Fix false positive rewriteRelativeI...) into release-5.7 (#...
• 44bd3f2 Bump version to 5.7.1-rc and LKG
• 5925c81 Update LKG
• 84d58cf Merge remote-tracking branch 'origin/main' into release-5.7
• 0ec4d30 Fixing exception on unsaved file (#60362)
• 11b2930 Add compatible overloads that accept ArrayBuffer to BigInt64Array/BigUint64Ar...
• Additional commits viewable in compare view

Updates webpack from 5.96.1 to 5.97.1

Release notes

Sourced from webpack's releases.

v5.97.1

Bug Fixes

• Performance regression
• Sub define key should't be renamed when it's a defined variable

v5.97.0

Bug Fixes

• Don't crash with filesystem cache and unknown scheme
• Generate a valid code when output.iife is true and output.library.type is umd
• Fixed conflict variable name with concatenate modules and runtime code
• Merge duplicate chunks before
• Collisions in ESM library
• Use recursive search for versions of shared dependencies
• [WASM] Don't crash WebAssembly with Reference Types (sync and async)
• [WASM] Fixed wasm loading for sync and async webassembly
• [CSS] Don't add [uniqueName] to localIdentName when it is empty
• [CSS] Parsing strings on Windows
• [CSS] Fixed CSS local escaping

New Features

• Added support for injecting debug IDs
• Export the MergeDuplicateChunks plugin
• Added universal loading for JS chunks and JS worker chunks (only ES modules)
• [WASM] Added universal loading for WebAssembly chunks (only for async WebAssembly)
• [CSS] Allow initial CSS chunks to be placed anywhere - the output.cssHeadDataCompression option was deleted
• [CSS] Added universal loading for CSS chunks
• [CSS] Parse ICSS @value at-rules in CSS modules
• [CSS] Parse ICSS :import rules in CSS modules
• [CSS] Added the url and import options for CSS
• [CSS] Allow to import custom properties in CSS modules

Performance

• Faster Queue implementation, also fixed queue iterator state in dequeue method to ensure correct behavior after item removal

Commits

• 3612d36 chore(release): 5.97.1
• eb7ac6f fix: perf regression
• 554be24 fix: sub define key should't be renamed when it's a defined variable
• 5e0e780 refactor: issue #19030
• 58fb035 fix: sub define key should't be renamed when it's a defined variable
• af1fd12 perf: regression
• 34f19cb fix: package.json
• 0ec7f5d refactor: issue #19030
• 5e7b8a2 fix: package.json
• 644f1d1 refactor: no extra work for CSS unescaping
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@blockaid/[email protected]	environment, network	0	992 kB	blockaiduser
npm/@fastify/[email protected]	None	0	192 kB	gurgunday
npm/@sentry/[email protected]	None	0	3.53 MB	benvinegar, billyvg, evanpurkhiser, ...8 more
npm/@sentry/[email protected]	environment, unsafe	0	2.98 MB	sentry-bot
npm/@sentry/[email protected]	None	0	1.02 MB	benvinegar, billyvg, evanpurkhiser, ...8 more
npm/[email protected]	network	0	2.13 MB	jasonsaayman
npm/[email protected]	None	0	75.8 kB	motdotenv, motdotla, scottmotte, ...1 more
npm/[email protected]	None	0	4.04 kB	typicode
npm/[email protected]	None	0	7.83 MB	prettier-bot
npm/[email protected]	None	0	22.7 MB	typescript-bot
npm/[email protected]	environment, filesystem, network, unsafe	0	5.21 MB	evilebottnawi

🚮 Removed packages: npm/@blockaid/[email protected], npm/@fastify/[email protected], npm/@sentry/[email protected], npm/@sentry/[email protected], npm/@sentry/[email protected], npm/@sentry/[email protected], npm/@sentry/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎