fix(auth): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@aws-sdk/client-cognito-identity-provider (source)	3.535.0 -> 3.540.0					dependencies	minor
@crowdin/crowdin-api-client	1.30.0 -> 1.31.0					dependencies	minor
@iconify-json/simple-icons	1.1.96 -> 1.1.97					devDependencies	patch
@swc/core (source)	1.4.8 -> 1.4.11					devDependencies	patch
@types/react (source)	18.2.67 -> 18.2.72					devDependencies	patch
@typescript-eslint/eslint-plugin (source)	7.3.1 -> 7.4.0					devDependencies	minor
@typescript-eslint/parser (source)	7.3.1 -> 7.4.0					devDependencies	minor
knip (source)	5.2.2 -> 5.6.0					devDependencies	minor
libphonenumber-js	1.10.58 -> 1.10.59					dependencies	patch
libphonenumber-js	1.10.58 -> 1.10.59					devDependencies	patch
msw (source)	2.2.10 -> 2.2.11					devDependencies	patch
node (source)	20.11.1 -> 20.12.0						minor
react-hook-form (source)	7.51.1 -> 7.51.2					devDependencies	patch
react-hook-form (source)	7.51.1 -> 7.51.2					dependencies	patch
type-fest	4.13.1 -> 4.14.0					devDependencies	minor
zod-to-json-schema	3.22.4 -> 3.22.5					devDependencies	patch

---

Release Notes

aws/aws-sdk-js-v3 (@​aws-sdk/client-cognito-identity-provider)

v3.540.0

Compare Source

Bug Fixes

• util-endpoints: augment endpointFunctions inline in endpointResolver functions (#​5933) (42a791d)

crowdin/crowdin-api-client-js (@​crowdin/crowdin-api-client)

v1.31.0

Compare Source

What's Changed

• feat: add fields API support by @​YHorodyskyi in https://github.com/crowdin/crowdin-api-client-js/pull/381
• build(deps-dev): bump typedoc from 0.25.8 to 0.25.9 by @​dependabot in https://github.com/crowdin/crowdin-api-client-js/pull/372
• build(deps-dev): bump typedoc from 0.25.9 to 0.25.10 by @​dependabot in https://github.com/crowdin/crowdin-api-client-js/pull/374
• build(deps-dev): bump typedoc from 0.25.10 to 0.25.12 by @​dependabot in https://github.com/crowdin/crowdin-api-client-js/pull/377
• build(deps): bump follow-redirects from 1.15.4 to 1.15.6 by @​dependabot in https://github.com/crowdin/crowdin-api-client-js/pull/378
• build(deps): bump axios from 1.6.7 to 1.6.8 by @​dependabot in https://github.com/crowdin/crowdin-api-client-js/pull/379

Full Changelog: crowdin/crowdin-api-client-js@1.30.0...1.31.0

swc-project/swc (@​swc/core)

v1.4.11

Compare Source

typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)

v7.4.0

Compare Source

🚀 Features

• eslint-plugin: [consistent-type-imports] ignore files with decorators, experimentalDecorators, and emitDecoratorMetadata

• eslint-plugin: [no-unnecessary-type-arguments] handle tagged templates

• eslint-plugin: deprecate no-throw-literal and add a renamed only-throw-error

🩹 Fixes

• eslint-plugin: [prefer-optional-chain] address multipart nullish checks false positive

• eslint-plugin: [prefer-optional-chain] properly disambiguate between boolean and false

• eslint-plugin: [no-unnecessary-type-assertion] avoid remove const casting on template literals with expressions inside

❤️ Thank You

• Abraham Guo
• Brad Zacher
• Josh Goldberg ✨
• Kim Sang Du
• Kirk Waiblinger
• Marco Pasqualetti
• YeonJuan

You can read about our versioning strategy and releases on our website.

typescript-eslint/typescript-eslint (@​typescript-eslint/parser)

v7.4.0

Compare Source

webpro/knip (knip)

v5.6.0

Compare Source

v5.5.0

Compare Source

• Minor fixes in git ignores parser (ec11f37)
• Remove unnecessary check for node.isTypeOf (resolves #​571) (4c3160b)
• Extend import extraction from source file pragmas (resolves #​571) (0799864)
• Rename for prettier --performance display (5399182)
• Refactor some internals (54d2634)
• Update some docs/templates (23f98de)
• Add reproduction templates and link directly (4c45d3d)

v5.4.0

Compare Source

• Add option to ignore class and enum members in the report (resolves #​387) (8e7dc6b)
• Fix gc for --include-libs (0c202aa)
• Add note with npx knip (close #​389) (d06fd4c)

v5.3.1

Compare Source

• Fix pos for computed props in class members (closes #​360) (6ce065e)
• Skip work if classMembers are not included (be1eb08)

v5.3.0

Compare Source

catamphetamine/libphonenumber-js (libphonenumber-js)

v1.10.59

Compare Source

mswjs/msw (msw)

v2.2.11

Compare Source

v2.2.11 (2024-03-26)

Bug Fixes

• accept a narrower response body type by default (#​2107) (d35ef92) @​kettanaito

nodejs/node (node)

v20.12.0

Compare Source

react-hook-form/react-hook-form (react-hook-form)

v7.51.2: Version 7.51.2

Compare Source

🐞 fix #​11719 validation stuck on true state (#​11723)

sindresorhus/type-fest (type-fest)

v4.14.0

Compare Source

• Add DistributedPick type (#​841) fa4099c

StefanTerdell/zod-to-json-schema (zod-to-json-schema)

v3.22.5

Compare Source

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
inreach-app	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Mar 26, 2024 9:40pm

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@aws-sdk/[email protected]	Transitive: environment, filesystem, network, shell	+69	6.05 MB	aws-sdk-bot
npm/@crowdin/[email protected]	network	0	431 kB	andrii.bodnar
npm/@iconify-json/[email protected]	None	0	4.8 MB	cyberalien
npm/@mantine/[email protected]	None	0	86.4 kB	rtivital
npm/@next-auth/[email protected]	None	0	20.5 kB	balazsorban
npm/@next/[email protected]	None	0	3.33 kB	vercel-release-bot
npm/@next/[email protected]	filesystem	0	78.1 kB	vercel-release-bot
npm/@next/[email protected]	None	0	14.1 kB	vercel-release-bot
npm/@octokit/[email protected]	Transitive: network	+7	5.04 MB	octokitbot
npm/@opentelemetry/[email protected]	None	0	1.21 MB	pichlermarc
npm/@opentelemetry/[email protected]	environment, unsafe	0	877 kB	pichlermarc
npm/@opentelemetry/[email protected]	Transitive: network	+5	3.22 MB	pichlermarc
npm/@opentelemetry/[email protected]	None	+2	559 kB	pichlermarc
npm/@opentelemetry/[email protected]	environment, filesystem, shell	0	503 kB	pichlermarc
npm/@opentelemetry/[email protected]	Transitive: environment, filesystem, network	+13	14.3 MB	pichlermarc
npm/@opentelemetry/[email protected]	None	0	766 kB	pichlermarc
npm/@opentelemetry/[email protected]	Transitive: unsafe	+3	314 kB	pichlermarc
npm/@opentelemetry/[email protected]	None	0	1.66 MB	pichlermarc
npm/@playwright/[email protected]	None	0	25.4 kB	yurys
npm/@prisma/[email protected]	environment	0	35.7 kB	prismabot
npm/@prisma/[email protected]	filesystem	0	18.2 kB	prismabot
npm/@sentry/[email protected]	network	+7	10.2 MB	sentry-bot
npm/@sentry/[email protected]	environment, filesystem, network Transitive: shell	+12	7.99 MB	sentry-bot
npm/@sentry/[email protected]	environment, filesystem, network, shell, unsafe	+4	6.83 MB	sentry-bot
npm/@sentry/[email protected]	Transitive: network	+3	3.7 MB	sentry-bot
npm/@sentry/[email protected]	Transitive: network	+3	4.01 MB	sentry-bot
npm/@sentry/[email protected]	environment, filesystem, shell	0	2.58 MB	sentry-bot
npm/@snaplet/[email protected]	None	0	1.89 MB	justinvdm
npm/@snaplet/[email protected]	filesystem Transitive: environment, unsafe	+49	29.5 MB	jgoux
npm/@storybook/[email protected]	None	+2	55.8 kB	shilman
npm/@storybook/[email protected]	environment, eval	+2	375 kB	shilman
npm/@storybook/[email protected]	Transitive: environment, eval, filesystem, network, unsafe	+59	20 MB	yannbf
npm/@storybook/[email protected]	Transitive: environment, eval, filesystem, network, unsafe	+61	19.6 MB	shilman
npm/@storybook/[email protected]	None	+1	2.15 MB	shilman
npm/@storybook/[email protected]	environment, eval	+2	382 kB	shilman
npm/@storybook/[email protected]	None	0	16.5 kB	shilman
npm/@storybook/[email protected]	None	0	3.3 MB	valentinpalkovic
npm/@storybook/[email protected]	environment, eval	+38	6 MB	shilman
npm/@storybook/[email protected]	None	0	73.1 kB	shilman
npm/@storybook/[email protected]	None	+5	1.52 MB	yannbf
npm/@storybook/[email protected]	environment, network Transitive: eval	+5	432 kB	shilman
npm/@storybook/[email protected]	Transitive: environment, eval, filesystem, network, unsafe	+140	13.1 MB	shilman
npm/@storybook/[email protected]	network	+5	895 kB	shilman
npm/@storybook/[email protected]	Transitive: environment, filesystem, network, unsafe	+17	3.86 MB	shilman
npm/@storybook/[email protected]	environment, eval, filesystem, shell, unsafe Transitive: network	+59	14 MB	shilman
npm/@storybook/[email protected]	Transitive: environment	+7	3.85 MB	yannbf
npm/@storybook/[email protected]	environment	+3	759 kB	shilman
npm/@storybook/[email protected]	Transitive: environment	+22	4.84 MB	shilman
npm/@swc/[email protected]	None	0	229 kB	kdy1
npm/@t3-oss/[email protected]	None	+1	27.6 kB	juliusmarminge
npm/@tanstack/[email protected]	environment	0	369 kB	tannerlinsley
npm/@tanstack/[email protected]	environment	+1	1.86 MB	tannerlinsley
npm/@tanstack/[email protected]	environment	+1	3.6 MB	tannerlinsley
npm/@tanstack/[email protected]	None	0	443 kB	tannerlinsley
npm/@tanstack/[email protected]	Transitive: environment	+1	4.03 MB	tannerlinsley
npm/@terraformer/[email protected]	None	0	92.8 kB	jgravois
npm/@textea/[email protected]	environment	+32	24.7 MB	pionxzh
npm/@tomfreudenberg/[email protected]	None	0	34 kB	tom-freudenberg
npm/@total-typescript/[email protected]	None	0	11.7 kB	mpocock
npm/@trpc/[email protected]	network	0	253 kB	katt
npm/@trpc/[email protected]	None	0	111 kB	katt
npm/@trpc/[email protected]	None	0	285 kB	katt
npm/@trpc/[email protected]	environment	0	713 kB	katt
npm/@turbo/[email protected]	Transitive: environment, eval, filesystem	+1	916 kB	turbobot
npm/@turf/[email protected]	None	0	170 kB	mdfedderly
npm/@tweenjs/[email protected]	None	0	161 kB	trusktr
npm/@types/[email protected]	None	0	143 kB	types
npm/@types/[email protected]	None	0	2.77 kB	types
npm/@types/[email protected]	None	+2	250 kB	types
npm/@types/[email protected]	None	0	583 kB	types
npm/@types/[email protected]	None	0	8.85 kB	types
npm/@types/[email protected]	None	0	6.31 kB	types
npm/@types/[email protected]	None	+1	77 kB	types
npm/@types/[email protected]	None	0	3.58 kB	types
npm/@types/[email protected]	None	0	120 kB	types
npm/@types/[email protected]	None	0	24.1 kB	types
npm/@types/[email protected]	None	0	14.4 kB	types
npm/@types/[email protected]	None	+1	22.5 kB	types
npm/@types/[email protected]	None	0	34 kB	types
npm/@types/[email protected]	None	+1	11.1 kB	types
npm/@types/[email protected]	None	0	3.14 kB	types
npm/@types/[email protected]	None	+1	68.8 kB	types
npm/@typescript-eslint/[email protected]	None	+3	1.22 MB	jameshenry
npm/@vercel/[email protected]	None	0	190 kB	vercel-release-bot
npm/@vercel/[email protected]	environment, network	+1	165 kB	vercel-release-bot
npm/@vercel/[email protected]	environment Transitive: network	+1	291 kB	vercel-release-bot
npm/@vercel/[email protected]	filesystem, unsafe	0	16.6 MB	vercel-release-bot
npm/@vercel/[email protected]	Transitive: environment, network	+3	461 kB	vercel-release-bot
npm/@vercel/[email protected]	None	0	272 kB	vercel-release-bot
npm/@welldone-software/[email protected]	None	0	334 kB	vzaidman
npm/[email protected]	None	+1	852 kB	liuyib
npm/[email protected]	None	0	53.2 kB	esp
npm/[email protected]	eval	0	1.02 MB	esp
npm/[email protected]	None	+3	64.5 kB	wooorm

🚮 Removed packages: npm/@aws-sdk/[email protected], npm/@crowdin/[email protected], npm/@iconify-json/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

[github-actions]

📦 Next.js Bundle Analysis for @weareinreach/app

This analysis was generated by the Next.js Bundle Analysis action. 🤖

This PR introduced no changes to the JavaScript bundle! 🙌

[alwaysmeticulous]

🤖 No test run has been triggered as your Meticulous project has been deactivated (since you haven't viewed any test results in a while). Click here to reactivate.

_{Last updated for commit 4c32e2e. This comment will update as new commits are pushed.}

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/@sentry/[email protected]	Install script: install Source: node ./scripts/install.js	apps/app/package.json packages/api/package.json pnpm-lock.yaml
Install scripts	npm/@vercel/[email protected]	Install script: postinstall Source: node scripts/postinstall.mjs	apps/app/package.json pnpm-lock.yaml
Install scripts	npm/@sentry/[email protected]	Install script: install Source: node scripts/check-build.js	apps/app/package.json pnpm-lock.yaml

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/@sentry/[email protected]
• @SocketSecurity ignore npm/@vercel/[email protected]
• @SocketSecurity ignore npm/@sentry/[email protected]