Bump the minor-patch group across 1 directory with 18 updates

[dependabot]

Bumps the minor-patch group with 17 updates in the / directory:

Package	From	To
@apollo/client	3.11.8	3.12.3
@apollo/server	4.11.0	4.11.2
@emotion/react	11.13.3	11.14.0
@emotion/styled	11.13.0	11.14.0
@graphql-tools/schema	10.0.6	10.0.13
@mui/icons-material	6.1.3	6.2.0
@mui/x-data-grid	7.20.0	7.23.2
discord-api-types	0.37.101	0.37.111
graphql	16.9.0	16.10.0
graphql-scalars	1.23.0	1.24.0
jose	5.9.4	5.9.6
react-hook-form	7.53.0	7.54.1
typescript	5.6.3	5.7.2
lint-staged	15.2.10	15.2.11
prettier	3.3.3	3.4.2
prisma-json-types-generator	3.1.1	3.2.2
workbox-core	7.1.0	7.3.0

Updates @apollo/client from 3.11.8 to 3.12.3

Release notes

Sourced from @​apollo/client's releases.

v3.12.3

Patch Changes

• #12214 8bfee88 Thanks @​phryneas! - Data masking: prevent infinite recursion of ContainsFragmentsRefs type

• #12204 851deb0 Thanks @​jerelmiller! - Fix Unmasked unwrapping tuple types into an array of their subtypes.

• #12204 851deb0 Thanks @​jerelmiller! - Ensure MaybeMasked does not try and unwrap types that contain index signatures.

• #12204 851deb0 Thanks @​jerelmiller! - Ensure MaybeMasked does not try to unwrap the type as Unmasked if the type contains any.

v3.12.2

Patch Changes

• #12175 84af347 Thanks @​jerelmiller! - Update peer deps to allow for React 19 stable release.

v3.12.1

Patch Changes

• #12171 e1efe74 Thanks @​phryneas! - Fix import extension in masking entry point.

v3.12.0

Minor Changes

Data masking 🎭

• #12042 1c0ecbf Thanks @​jerelmiller! - Introduces data masking in Apollo Client.

  Data masking enforces that only the fields requested by the query or fragment is available to that component. Data masking is best paired with colocated fragments.

  To enable data masking in Apollo Client, set the dataMasking option to true.

  new ApolloClient({
    dataMasking: true,
    // ... other options
  });

  For detailed information on data masking, including how to incrementally adopt it in an existing applications, see the data masking documentation.

• #12131 21c3f08 Thanks @​jerelmiller! - Allow null as a valid from value in useFragment.

• #12126 d10d702 Thanks @​jerelmiller! - Maintain the existing document if its unchanged by the codemod and move to more naive whitespace formatting

• #12150 9ed1e1e Thanks @​jerelmiller! - Fix issue when using Unmasked with older versions of TypeScript when used with array fields.

... (truncated)

Changelog

Sourced from @​apollo/client's changelog.

3.12.3

Patch Changes

• #12214 8bfee88 Thanks @​phryneas! - Data masking: prevent infinite recursion of ContainsFragmentsRefs type

• #12204 851deb0 Thanks @​jerelmiller! - Fix Unmasked unwrapping tuple types into an array of their subtypes.

• #12204 851deb0 Thanks @​jerelmiller! - Ensure MaybeMasked does not try and unwrap types that contain index signatures.

• #12204 851deb0 Thanks @​jerelmiller! - Ensure MaybeMasked does not try to unwrap the type as Unmasked if the type contains any.

3.12.2

Patch Changes

• #12175 84af347 Thanks @​jerelmiller! - Update peer deps to allow for React 19 stable release.

3.12.1

Patch Changes

• #12171 e1efe74 Thanks @​phryneas! - Fix import extension in masking entry point.

3.12.0

Minor Changes

Data masking 🎭

• #12042 1c0ecbf Thanks @​jerelmiller! - Introduces data masking in Apollo Client.

  Data masking enforces that only the fields requested by the query or fragment is available to that component. Data masking is best paired with colocated fragments.

  To enable data masking in Apollo Client, set the dataMasking option to true.

  new ApolloClient({
    dataMasking: true,
    // ... other options
  });

  For detailed information on data masking, including how to incrementally adopt it in an existing applications, see the data masking documentation.

• #12131 21c3f08 Thanks @​jerelmiller! - Allow null as a valid from value in useFragment.

... (truncated)

Commits

• e2b15c4 Version Packages (#12213)
• 8bfee88 prevent infinite recursion of ContainsFragmentsRefs type (#12214)
• 851deb0 Ensure MaybeMasked doesn't unwrap if it contains any (#12204)
• db01059 add documentation for vscode devtools (#12205)
• e022f72 Update ROADMAP.md
• 10c8755 docs: adjust screenshot size (#12178)
• 8e2a9d6 Make React 19 the default version for development (#12177)
• 95e613e Version Packages (#12176)
• 84af347 Bump React deps to v19 stable release (#12175)
• 9b8bca6 chore(deps): update cimg/node docker tag to v23.3.0 (#12158)
• Additional commits viewable in compare view

Updates @apollo/server from 4.11.0 to 4.11.2

Release notes

Sourced from @​apollo/server's releases.

@​apollo/server-integration-testsuite@​4.11.2

Patch Changes

• #7879 b0fb33b Thanks @​renovate! - Update graphql-http dependency

• #7968 68977e2 Thanks @​glasser! - Upgrade supertest and superagent dependencies

• Updated dependencies []:

  • @​apollo/server@​4.11.2

@​apollo/server@​4.11.2

(No change; there is a change to the @apollo/server-integration-testsuite used to test integrations, and the two packages always have matching versions.)

@​apollo/server-integration-testsuite@​4.11.1

Patch Changes

• #7952 bb81b2c Thanks @​glasser! - Upgrade dependencies so that automated scans don't detect a vulnerability.

  @apollo/server depends on express which depends on cookie. Versions of express older than v4.21.1 depend on a version of cookie vulnerable to CVE-2024-47764. Users of older express versions who call res.cookie() or res.clearCookie() may be vulnerable to this issue.

  However, Apollo Server does not call this function directly, and it does not expose any object to user code that allows TypeScript users to call this function without an unsafe cast.

  The only way that this direct dependency can cause a vulnerability for users of Apollo Server is if you call startStandaloneServer with a context function that calls Express-specific methods such as res.cookie() or res.clearCookies() on the response object, which is a violation of the TypeScript types provided by startStandaloneServer (which only promise that the response object is a core Node.js http.ServerResponse rather than the Express-specific subclass). So this vulnerability can only affect Apollo Server users who use unsafe JavaScript or unsafe as typecasts in TypeScript.

  However, this upgrade will at least prevent vulnerability scanners from alerting you to this dependency, and we encourage all Express users to upgrade their project's own express dependency to v4.21.1 or newer.

• Updated dependencies [bb81b2c]:

  • @​apollo/server@​4.11.1

@​apollo/server@​4.11.1

Patch Changes

• #7952 bb81b2c Thanks @​glasser! - Upgrade dependencies so that automated scans don't detect a vulnerability.

  @apollo/server depends on express which depends on cookie. Versions of express older than v4.21.1 depend on a version of cookie vulnerable to CVE-2024-47764. Users of older express versions who call res.cookie() or res.clearCookie() may be vulnerable to this issue.

  However, Apollo Server does not call this function directly, and it does not expose any object to user code that allows TypeScript users to call this function without an unsafe cast.

  The only way that this direct dependency can cause a vulnerability for users of Apollo Server is if you call startStandaloneServer with a context function that calls Express-specific methods such as res.cookie() or res.clearCookies() on the response object, which is a violation of the TypeScript types provided by startStandaloneServer (which only promise that the response object is a core Node.js http.ServerResponse rather than the Express-specific subclass). So this vulnerability can only affect Apollo Server users who use unsafe JavaScript or unsafe as typecasts in TypeScript.

  However, this upgrade will at least prevent vulnerability scanners from alerting you to this dependency, and we encourage all Express users to upgrade their project's own express dependency to v4.21.1 or newer.

Changelog

Sourced from @​apollo/server's changelog.

4.11.2

(No change; there is a change to the @apollo/server-integration-testsuite used to test integrations, and the two packages always have matching versions.)

4.11.1

Patch Changes

• #7952 bb81b2c Thanks @​glasser! - Upgrade dependencies so that automated scans don't detect a vulnerability.

  @apollo/server depends on express which depends on cookie. Versions of express older than v4.21.1 depend on a version of cookie vulnerable to CVE-2024-47764. Users of older express versions who call res.cookie() or res.clearCookie() may be vulnerable to this issue.

  However, Apollo Server does not call this function directly, and it does not expose any object to user code that allows TypeScript users to call this function without an unsafe cast.

  The only way that this direct dependency can cause a vulnerability for users of Apollo Server is if you call startStandaloneServer with a context function that calls Express-specific methods such as res.cookie() or res.clearCookies() on the response object, which is a violation of the TypeScript types provided by startStandaloneServer (which only promise that the response object is a core Node.js http.ServerResponse rather than the Express-specific subclass). So this vulnerability can only affect Apollo Server users who use unsafe JavaScript or unsafe as typecasts in TypeScript.

  However, this upgrade will at least prevent vulnerability scanners from alerting you to this dependency, and we encourage all Express users to upgrade their project's own express dependency to v4.21.1 or newer.

Commits

• 1475d82 Version Packages (#7969)
• 2a26f23 chore(deps): update all non-major dependencies (#7951)
• b7e7cd1 Version Packages (#7953)
• bb81b2c deps: upgrade express to v4.21.1 to quiet automated scans (#7952)
• See full diff in compare view

Updates @emotion/react from 11.13.3 to 11.14.0

Release notes

Sourced from @​emotion/react's releases.

@​emotion/react@​11.14.0

Minor Changes

• #3281 fc4d7bd Thanks @​Andarist! - Source code has been migrated to TypeScript. From now on type declarations will be emitted based on that, instead of being hand-written.

Patch Changes

• Updated dependencies [8dc1a6d, e1bf17e]:
  • @​emotion/cache@​11.14.0
  • @​emotion/use-insertion-effect-with-fallbacks@​1.2.0

@​emotion/react@​11.13.5

Patch Changes

• #3270 77d930d Thanks @​emmatown! - Fix inconsistent hashes using development vs production bundles/exports conditions when using @emotion/babel-plugin with sourceMap: true (the default). This is particularly visible when using Emotion with the Next.js Pages router where the development condition is used when bundling code but not when importing external code with Node.js.

• Updated dependencies [77d930d]:

  • @​emotion/serialize@​1.3.3
  • @​emotion/cache@​11.13.5
  • @​emotion/utils@​1.4.2
  • @​emotion/babel-plugin@​11.13.5

Commits

• 3c19ce5 Version Packages (#3280)
• a19d019 Convert @emotion/styled's source code to TypeScript (#3284)
• 5974e33 Fix JSX namespace @​ts-ignores (#3282)
• fc4d7bd Convert @emotion/react's source code to TypeScript (#3281)
• 8dc1a6d Convert @emotion/cache's source code to TypeScript (#3277)
• 282b61d Convert @emotion/css-prettifier's source code to TypeScript (#3278)
• e1bf17e Convert @emotion/use-insertion-effect-with-fallbacks's source code to TypeS...
• c161e6f Version Packages (#3272)
• f45eb19 Update changeset (#3273)
• 77d930d Fix inconsistent hashes using development vs production bundles/exports con...
• Additional commits viewable in compare view

Updates @emotion/styled from 11.13.0 to 11.14.0

Release notes

Sourced from @​emotion/styled's releases.

@​emotion/styled@​11.14.0

Minor Changes

• #3284 a19d019 Thanks @​Andarist! - Source code has been migrated to TypeScript. From now on type declarations will be emitted based on that, instead of being hand-written.

Patch Changes

• Updated dependencies [e1bf17e]:
  • @​emotion/use-insertion-effect-with-fallbacks@​1.2.0

@​emotion/styled@​11.13.5

Patch Changes

• #3270 77d930d Thanks @​emmatown! - Fix inconsistent hashes using development vs production bundles/exports conditions when using @emotion/babel-plugin with sourceMap: true (the default). This is particularly visible when using Emotion with the Next.js Pages router where the development condition is used when bundling code but not when importing external code with Node.js.

• Updated dependencies [77d930d]:

  • @​emotion/serialize@​1.3.3
  • @​emotion/utils@​1.4.2
  • @​emotion/babel-plugin@​11.13.5

Commits

• 3c19ce5 Version Packages (#3280)
• a19d019 Convert @emotion/styled's source code to TypeScript (#3284)
• 5974e33 Fix JSX namespace @​ts-ignores (#3282)
• fc4d7bd Convert @emotion/react's source code to TypeScript (#3281)
• 8dc1a6d Convert @emotion/cache's source code to TypeScript (#3277)
• 282b61d Convert @emotion/css-prettifier's source code to TypeScript (#3278)
• e1bf17e Convert @emotion/use-insertion-effect-with-fallbacks's source code to TypeS...
• c161e6f Version Packages (#3272)
• f45eb19 Update changeset (#3273)
• 77d930d Fix inconsistent hashes using development vs production bundles/exports con...
• Additional commits viewable in compare view

Updates @graphql-tools/schema from 10.0.6 to 10.0.13

Changelog

Sourced from @​graphql-tools/schema's changelog.

10.0.13

Patch Changes

• Updated dependencies [6a8123b]:
  • @​graphql-tools/utils@​10.6.4
  • @​graphql-tools/merge@​9.0.14

10.0.12

Patch Changes

• 020b9e4 Thanks @​ardatan! - `AbortSignal` in `GraphQLResolveInfo`, and `AbortSignal` in `ExecutionRequest`

• Updated dependencies [020b9e4]:

  • @​graphql-tools/utils@​10.6.3
  • @​graphql-tools/merge@​9.0.13

10.0.11

Patch Changes

• #6662 696a0d5 Thanks @​renovate! - dependencies updates:
  • Updated dependency @graphql-tools/merge@^9.0.11 ↗︎ (from ^9.0.10, in dependencies)
  • Updated dependency @graphql-tools/utils@^10.6.1 ↗︎ (from ^10.6.0, in dependencies)
• Updated dependencies [696a0d5, 1b24656]:
  • @​graphql-tools/merge@​9.0.12
  • @​graphql-tools/utils@​10.6.2

10.0.10

Patch Changes

• Updated dependencies [1e02935]:
  • @​graphql-tools/utils@​10.6.1
  • @​graphql-tools/merge@​9.0.11

... (truncated)

Commits

• f52dd96 chore(release): update monorepo packages versions (#6772)
• f5b83d8 chore(release): update monorepo packages versions (#6766)
• 020b9e4 enhance: AbortSignal in GraphQLResolveInfo, and AbortSignal in `Executi...
• ab4c37c chore(release): update monorepo packages versions (#6736)
• 27efe7c chore(deps): update dependency graphql-scalars to v1.24.0 (#6725)
• c506052 chore(release): update monorepo packages versions (#6709)
• 3326645 chore(release): update monorepo packages versions (#6706)
• ce25042 chore(release): update monorepo packages versions (#6678)
• 1c8bd90 chore(release): update monorepo packages versions (#6564)
• See full diff in compare view

Updates @mui/icons-material from 6.1.3 to 6.2.0

Release notes

Sourced from @​mui/icons-material's releases.

v6.2.0

A big thanks to the 11 contributors who made this release possible. Here are some highlights ✨:

• Material UI is now compatible with React 19 (#44672) @​DiegoAndai
• Fixed incorrect aria-orientation for vertical sliders. ArrowRight now increases the value and ArrowLeft decreases the value in vertical sliders; they were reversed in prior versions. (#44537) @​mj12albert

@mui/[email protected]

• [Box] Add missing component to BoxProps type (#44643) @​DiegoAndai
• [Grid] Fix spacing when using css variables (#44663) @​DiegoAndai
• [ListItemText] Add slots and slotProps (#44571) @​sai6855

Docs

• Add Toolpad Core template link (#44415) @​bharatkashyap

Core

• [docs-infra] Allow custom annotations (#44707) @​vladmoroz
• [Box] Fix component prop test (#44651) @​DiegoAndai
• React 19 useRef cleanup (#44704) @​DiegoAndai
• Remove obselete lerna options (#44676) @​ZeeshanTamboli
• Fix Regular Expression Denial of Service (ReDoS) vulnerabilities (#44627) @​SuperMaxine
• Fix number of contributors (#44650) @​aarongarciah
• [docs-infra] Add support for data attributes in the API generation (#44709) @​mnajdova
• [docs-infra] Fix RTL dark mode (#41803) @​alexfauquette
• [Grid] Remove deeply nested imports (#43605) @​Janpot

All contributors of this release in alphabetical order: @​aarongarciah, @​alexfauquette, @​bharatkashyap, @​DiegoAndai, @​Janpot, @​mj12albert, @​mnajdova, @​sai6855, @​SuperMaxine, @​vladmoroz, @​ZeeshanTamboli

v6.1.10

A big thanks to the 11 contributors who made this release possible.

@mui/[email protected]

• [Avatar] Fix slotProps.img not spread to hook (#44536) @​siriwatknp
• [FilledInput] Use slotProps instead of componentsProps (#44552) @​siriwatknp
• [Grid2] Fix theme scoping error (#44599) @​siriwatknp
• [Grid2] Add container styles from styleOverrides (#44598) @​sai6855
• Skip tonalOffset from setting color channel (#44585) @​siriwatknp
• Remove few more React.ReactElement types (#44290) @​sai6855
• [Tabs] Fix ScrollbarSize ref being overriden (#44593) @​DiegoAndai
• [Select][TextField] Fix screen reader from saying &ZeroWidthSpace (#44631) @​arishoham

@mui/[email protected]

• [ThemeProvider] Optimize theme changes when enabling CSS theme variables (#44588) @​siriwatknp

Docs

... (truncated)

Changelog

Sourced from @​mui/icons-material's changelog.

6.2.0

Dec 10, 2024

A big thanks to the 9 contributors who made this release possible. Here are some highlights ✨:

• Material UI is now compatible with React 19 (#44672) @​DiegoAndai
• Fixed incorrect aria-orientation for vertical sliders. ArrowRight now increases the value and ArrowLeft decreases the value in vertical sliders; they were reversed in prior versions. (#44537) @​mj12albert

@mui/[email protected]

• [Box] Add missing component to BoxProps type (#44643) @​DiegoAndai
• [Grid] Fix spacing when using css variables (#44663) @​DiegoAndai
• [ListItemText] Add slots and slotProps (#44571) @​sai6855

Docs

• Add Toolpad Core template link (#44415) @​bharatkashyap

Core

• [docs-infra] Allow custom annotations (#44707) @​vladmoroz
• [Box] Fix component prop test (#44651) @​DiegoAndai
• React 19 useRef cleanup (#44704) @​DiegoAndai
• Remove obselete lerna options (#44676) @​ZeeshanTamboli
• Fix Regular Expression Denial of Service (ReDoS) vulnerabilities (#44627) @​SuperMaxine
• Fix number of contributors (#44650) @​aarongarciah
• [docs-infra] Add support for data attributes in the API generation (#44709) @​mnajdova
• [docs-infra] Fix RTL dark mode (#41803) @​alexfauquette
• [Grid] Remove deeply nested imports (#43605) @​Janpot

All contributors of this release in alphabetical order: @​aarongarciah, @​alexfauquette, @​bharatkashyap, @​DiegoAndai, @​Janpot, @​mj12albert, @​mnajdova, @​sai6855, @​SuperMaxine, @​vladmoroz, @​ZeeshanTamboli

6.1.10

Dec 3, 2024

A big thanks to the 11 contributors who made this release possible.

@mui/[email protected]

• [Avatar] Fix slotProps.img not spread to hook (#44536) @​siriwatknp
• [FilledInput] Use slotProps instead of componentsProps (#44552) @​siriwatknp
• [Grid2] Fix theme scoping error (#44599) @​siriwatknp
• [Grid2] Add container styles from styleOverrides (#44598) @​sai6855
• Skip tonalOffset from setting color channel (#44585) @​siriwatknp

... (truncated)

Commits

• 3a8ceae v6.2.0 (#44710)
• 6381e29 [core] Bump React to 19 (2.0) (#44672)
• 5c5e9f6 [release] v6.1.10 (#44645)
• 8217844 v6.1.9 (#44551)
• 0b8739f [release] v6.1.8 (#44481)
• a7d441d [release] v6.1.7 (#44393)
• 57bcc7c [release] v6.1.6 (#44268)
• a2a59d4 Bump babel (#44223)
• a2364c7 Bump @​types/react to v18.3.12 (#44219)
• 141fc36 [core] Run @​mui/icon-material src:icons (#44097)
• Additional commits viewable in compare view

Updates @mui/material from 6.1.3 to 6.2.0

Release notes

Sourced from @​mui/material's releases.

v6.2.0

A big thanks to the 11 contributors who made this release possible. Here are some highlights ✨:

• Material UI is now compatible with React 19 (#44672) @​DiegoAndai
• Fixed incorrect aria-orientation for vertical sliders. ArrowRight now increases the value and ArrowLeft decreases the value in vertical sliders; they were reversed in prior versions. (#44537) @​mj12albert

@mui/[email protected]

• [Box] Add missing component to BoxProps type (#44643) @​DiegoAndai
• [Grid] Fix spacing when using css variables (#44663) @​DiegoAndai
• [ListItemText] Add slots and slotProps (#44571) @​sai6855

Docs

• Add Toolpad Core template link (#44415) @​bharatkashyap

Core

• [docs-infra] Allow custom annotations (#44707) @​vladmoroz
• [Box] Fix component prop test (#44651) @​DiegoAndai
• React 19 useRef cleanup (#44704) @​DiegoAndai
• Remove obselete lerna options (#44676) @​ZeeshanTamboli
• Fix Regular Expression Denial of Service (ReDoS) vulnerabilities (#44627) @​SuperMaxine
• Fix number of contributors (#44650) @​aarongarciah
• [docs-infra] Add support for data attributes in the API generation (#44709) @​mnajdova
• [docs-infra] Fix RTL dark mode (#41803) @​alexfauquette
• [Grid] Remove deeply nested imports (#43605) @​Janpot

All contributors of this release in alphabetical order: @​aarongarciah, @​alexfauquette, @​bharatkashyap, @​DiegoAndai, @​Janpot, @​mj12albert, @​mnajdova, @​sai6855, @​SuperMaxine, @​vladmoroz, @​ZeeshanTamboli

v6.1.10

A big thanks to the 11 contributors who made this release possible.

@mui/[email protected]

• [Avatar] Fix slotProps.img not spread to hook (#44536) @​siriwatknp
• [FilledInput] Use slotProps instead of componentsProps (#44552) @​siriwatknp
• [Grid2] Fix theme scoping error (#44599) @​siriwatknp
• [Grid2] Add container styles from styleOverrides (#44598) @​sai6855
• Skip tonalOffset from setting color channel (#44585) @​siriwatknp
• Remove few more React.ReactElement types (#44290) @​sai6855
• [Tabs] Fix ScrollbarSize ref being overriden (#44593) @​DiegoAndai
• [Select][TextField] Fix screen reader from saying &ZeroWidthSpace (#44631) @​arishoham

@mui/[email protected]

• [ThemeProvider] Optimize theme changes when enabling CSS theme variables (#44588) @​siriwatknp

Docs

... (truncated)

Changelog

Sourced from @​mui/material's changelog.

6.2.0

Dec 10, 2024

A big thanks to the 9 contributors who made this release possible. Here are some highlights ✨:

• Material UI is now compatible with React 19 (#44672) @​DiegoAndai
• Fixed incorrect aria-orientation for vertical sliders. ArrowRight now increases the value and ArrowLeft decreases the value in vertical sliders; the...

  Description has been truncated

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
comiacapay	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Dec 16, 2024 1:18am

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.