build(deps): bump the production-dependencies group with 4 updates

[dependabot]

Bumps the production-dependencies group with 4 updates: ash, ash_authentication, ash_phoenix and phoenix_live_view.

Updates ash from 3.4.56 to 3.4.60

Changelog

Sourced from ash's changelog.

v3.4.60 (2025-01-27)

Bug Fixes:

• traverse custom expressions when listing refs

v3.4.59 (2025-01-27)

Bug Fixes:

• better placed validations of aggregate support for data layers

v3.4.58 (2025-01-26)

Bug Fixes:

• properly check query aggregate support

Improvements:

• support authorize_with option in Ash.get (#1732)

v3.4.57 (2025-01-23)

Bug Fixes:

• [Ash.Resource.Validation.Compare] ensure compare validation doesn't put functions in exceptions

Commits

• efd582d chore: release version v3.4.60
• 589440a chore: update spark
• cea3d55 fix: traverse custom expressions when listing refs
• f1617ff chore: release version v3.4.59
• 16f080f chore: add back in function that should not have been removed
• 7f867e5 docs: work on docs coverage & update ex_doc
• 0ce7feb fix: better placed validations of aggregate support for data layers
• 24045c3 ci: support toggling releases on/off for ci runs
• 8372310 chore: release version v3.4.58
• 968ea19 fix: properly check query aggregate support
• Additional commits viewable in compare view

Updates ash_authentication from 4.4.3 to 4.4.5

Changelog

Sourced from ash_authentication's changelog.

v4.4.5 (2025-01-27)

Improvements:

• Add support for OAuth2 Code Verifier (#896)

v4.4.4 (2025-01-23)

Improvements:

• make hashed_password optional if magic_link is also used

Commits

• d0e7805 chore: release version v4.4.5
• 580dc44 chore: fix build and nil check on oidc config
• 8a3ea29 improvement: Add support for OAuth2 Code Verifier (#896)
• ae552f5 chore: release version v4.4.4
• 78a7a3b improvement: make hashed_password optional if magic_link is also used
• fddfae7 chore(deps): Bump spark in the production-dependencies group (#895)
• 9fd321e docs: small docs links & logo changes
• 045339d chore: only update lock file compatible deps
• See full diff in compare view

Updates ash_phoenix from 2.1.14 to 2.1.16

Changelog

Sourced from ash_phoenix's changelog.

v2.1.16 (2025-01-29)

Bug Fixes:

• don't try to build form interfaces for calculations

• reindex forms sorted with sort_forms/3

v2.1.15 (2025-01-27)

Bug Fixes:

• handle nil nested form when carrying over errors

• Handle invalid params and warn when invalid (#301)

• In AshPhoenix.Form.errors parse path before errors get (#300)

• Make ash_errors private and remove unused default values

• Show correct error message when no form is configured but a relationship is present

Improvements:

• Move get params logic to private function, put get params on every for call (#304)

• add AshPhoenix.LiveView.assign_page_and_stream_result/3 (#303)

• make arguments have higher precedence in do_value (#294)

Commits

• 2d6ab84 chore: release version v2.1.16
• 6bac756 fix: don't try to build form interfaces for calculations
• 8c5b1a8 docs: Add makeup_eex package for heex syntax highlighting (#305)
• 86e72a6 fix: reindex forms sorted with sort_forms/3
• c3d432d chore: update spark for docs improvements
• c2e5217 chore: release version v2.1.15
• 175066b fix: handle nil nested form when carrying over errors
• 1a81654 improvement: Move get params logic to private function, put get params on eve...
• e899e87 fix: Handle invalid params and warn when invalid (#301)
• 883f817 improvement: add AshPhoenix.LiveView.assign_page_and_stream_result/3 (#303)
• Additional commits viewable in compare view

Updates phoenix_live_view from 1.0.2 to 1.0.3

Changelog

Sourced from phoenix_live_view's changelog.

1.0.3 (2025-01-28)

Bug fixes

• Fix regression where browser back/forward buttons used patch instead of navigate, failing to update the page (#3529)
• Fix client hooks inside streams that contain nested LiveViews (#3530)
• Fix LiveComponents in nested LiveViews not updating under certain conditions (#3626)
• Fix client-side hooks not being cleared properly (#3628)
• Fix LiveUpload from client hook not auto uploading when immediately followed by form event (#3647)
• Fix inputs being cleared in some cases when patching locked trees (#3647)
• Fix client hooks with dynamic IDs not being destroyed properly when parts of the DOM are locked (#3651)

Enhancements

• Allow to configure if duplicate IDs / other detected errors should warn or raise by passing on_error to Phoenix.LiveViewTest.live/3 / Phoenix.LiveViewTest.live_isolated/3 (#3653)
• Also detect duplicate LiveComponents that are added dynamically to the page in LiveViewTest (#3653)
• Log an error in the JavaScript console when detecting a stream container with missing phx-update="stream" attribute (#3645)
• Update documentation to mention :fun and {:fun, arity} as valid attribute types for Phoenix.Component.attr/3 (#3635)
• Update documentation to mention ways for dynamically rendering function components (#3632)
• Update documentation to mention {:inner, selector} and {:closest, selector} as valid options for to in JS commands (#3638)

Commits

• 8ea6b48 Release 1.0.3
• e419029 mix format
• df82b86 small refactor of on_error tests
• f1b9d2b only raise by default in later release
• aee1b64 update tests to not use deprecated struct update syntax
• 7a69ff7 update changelog
• 6ca0b8b Update assets
• f100c75 fail early when hook element is not owned by view (#3618)
• a414c2c Update assets
• 07e4340 remove replaceRootHistory (#3625)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions