fix(deps): bump the all group across 1 directory with 11 updates

[dependabot]

Bumps the all group with 11 updates in the /api directory:

Package	From	To
@libsql/client	0.6.2	0.7.0
@passwordless-id/webauthn	1.6.1	1.6.2
drizzle-orm	0.31.2	0.32.0
hono	4.4.7	4.5.1
toucan-js	3.4.0	4.0.0
tsx	4.15.7	4.16.2
@biomejs/biome	1.8.2	1.8.3
@cloudflare/workers-types	4.20240620.0	4.20240718.0
drizzle-kit	0.22.7	0.23.0
typescript	5.5.2	5.5.3
wrangler	3.61.0	3.65.1

Updates @libsql/client from 0.6.2 to 0.7.0

Changelog

Sourced from @​libsql/client's changelog.

0.7.0 -- 2024-06-25

• Add configurable concurrency limit for parallel query execution (defaults to 20) to address socket hangup errors.

Commits

• a9fdba9 0.7.0
• 83e58a8 Update CHANGELOG.md
• 352024e Merge pull request #226 from tursodatabase/add-queue-to-execute
• e46c530 Merge pull request #222 from tursodatabase/invalid-url-error
• 63f54be Update default values for the concurrency parameter
• 350fb3c Fix tests by returning a value from the executeMultiple method
• fab870e Add type safety to the limit funcion
• 6bf5753 Merge main
• c599e38 Add concurrency limit to batch, transaction, and executeMultiple
• 496d1c0 Add concurrency option to createClient
• Additional commits viewable in compare view

Updates @passwordless-id/webauthn from 1.6.1 to 1.6.2

Commits

• 78ed32a switched to jsdelivr instead of unpkg for CDN
• 42b2b25 Merge pull request #55 from colinlyguo/fix-typos
• 867388a another fix
• fe82f5d another fix
• 99d96ed fix typos
• d1a4b6f Merge pull request #52 from JohnnyCrazy/abort-signal
• 9cd660b add support for abort signal
• See full diff in compare view

Updates drizzle-orm from 0.31.2 to 0.32.0

Release notes

Sourced from drizzle-orm's releases.

0.32.0

Release notes for [email protected] and [email protected]

It's not mandatory to upgrade both packages, but if you want to use the new features in both queries and migrations, you will need to upgrade both packages

New Features

🎉 MySQL $returningId() function

MySQL itself doesn't have native support for RETURNING after using INSERT. There is only one way to do it for primary keys with autoincrement (or serial) types, where you can access insertId and affectedRows fields. We've prepared an automatic way for you to handle such cases with Drizzle and automatically receive all inserted IDs as separate objects

import { boolean, int, text, mysqlTable } from 'drizzle-orm/mysql-core';
const usersTable = mysqlTable('users', {
id: int('id').primaryKey(),
name: text('name').notNull(),
verified: boolean('verified').notNull().default(false),
});
const result = await db.insert(usersTable).values([{ name: 'John' }, { name: 'John1' }]).$returningId();
//    ^? { id: number }[]

Also with Drizzle, you can specify a primary key with $default function that will generate custom primary keys at runtime. We will also return those generated keys for you in the $returningId() call

import { varchar, text, mysqlTable } from 'drizzle-orm/mysql-core';
import { createId } from '@paralleldrive/cuid2';
const usersTableDefFn = mysqlTable('users_default_fn', {
customId: varchar('id', { length: 256 }).primaryKey().$defaultFn(createId),
name: text('name').notNull(),
});
const result = await db.insert(usersTableDefFn).values([{ name: 'John' }, { name: 'John1' }]).$returningId();
//  ^? { customId: string }[]

If there is no primary keys -> type will be {}[] for such queries

🎉 PostgreSQL Sequences

You can now specify sequences in Postgres within any schema you need and define all the available properties

Example

</tr></table> 

... (truncated)

Commits

• 15ff6b4 Merge pull request #2607 from drizzle-team/generated
• aaf764c Open all tests
• 7612dda Update release notes
• c160852 Merge branch 'main' of github.com:drizzle-team/drizzle-orm into generated
• 50dca32 Add 1 more test for infer insert for mysql package
• ee8277f Update typo
• 4c9a51d Update planetscale and mysql-proxy returning runtime
• 3bbf9ed Add 0.31.4 changelog
• 8e4735d Fix a few tests for returning in a new structure
• 0865432 Merge pull request #2602 from Cherry/fix/prisma-optional-dep
• Additional commits viewable in compare view

Updates hono from 4.4.7 to 4.5.1

Release notes

Sourced from hono's releases.

v4.5.1

What's Changed

• chore: remove rimraf and use bun shell by @​nakasyou in honojs/hono#3146
• chore: moving the setup file of vitest by @​EdamAme-x in honojs/hono#3157
• fix(middleware/jwt): Changed the jwt-secret type to SignatureKey by @​JulesVerner in honojs/hono#3167
• feat(bearer-auth): Allow empty bearer-auth middleware prefixes by @​prevostc in honojs/hono#3161
• chore(factory): remove @experimental from createApp by @​yusukebe in honojs/hono#3164
• fix(client): support array values for query in ws by @​yusukebe in honojs/hono#3169
• fix(validator): ignore content-type mismatches by @​yusukebe in honojs/hono#3165

New Contributors

• @​JulesVerner made their first contribution in honojs/hono#3167
• @​prevostc made their first contribution in honojs/hono#3161

Full Changelog: honojs/hono@v4.5.0...v4.5.1

v4.5.0

Hono v4.5.0 is now available!

We have added three new built-in middleware. Now Hono is bringing 20 built-in middleware!

1. Basic Authentication
2. Bearer Authentication
3. Body Limit
4. Cache
5. Combine
6. Compress
7. CORS
8. CSRF Protection
9. ETag
10. IP Restriction
11. JSX Renderer
12. JWT
13. Logger
14. Method Override
15. Pretty JSON
16. Request ID
17. Secure Headers
18. Timeout
19. Timing
20. Trailing Slash

Amazing! These truly make Hono batteries-included framework.

Let's go through the new features in this release.

IP Restrict Middleware

Introducing IP Restrict Middleware. This middleware limits access to resources based on the IP address of the user.

... (truncated)

Commits

• 0535579 v4.5.1
• 4171896 fix(validator): allow content-type mismatches (#3165)
• 7389b4c fix(client): support array values for query in ws (#3169)
• 3b8e72a chore(factory): remove @experimental from createApp (#3164)
• 66fc63d feat(bearer-auth): Allow empty bearer-auth middleware prefixes (#3161)
• 09f1d20 fix(middleware/jwt): Changed the jwt-secret type to SignatureKey (#3167)
• 84424ad chore: moving the setup file of vitest (#3157)
• f23a416 chore: remove rimraf and use bun shell (#3146)
• 801e1b9 v4.5.0
• 2f4bb3e Merge pull request #3144 from honojs/next
• Additional commits viewable in compare view

Updates toucan-js from 3.4.0 to 4.0.0

Release notes

Sourced from toucan-js's releases.

[email protected]

Major Changes

• fce854c and c29ddfa: This release upgrades the underlying Sentry SDKs to v8.

  • Toucan now extends ScopeClass instead of Hub.
  • Class-based integrations have been removed in Sentry v8. Toucan adapts to this change by renaming:
    • Dedupe integration to dedupeIntegration
    • ExtraErrorData integration to extraErrorDataIntegration
    • RewriteFrames integration to rewriteFramesIntegration
    • SessionTiming integration to sessionTimingIntegration
    • LinkedErrors integration to linkedErrorsIntegration
    • RequestData integration to requestDataIntegration
  • Additionally, Transaction integration is no longer provided.
  • Toucan instance can now be deeply copied using Toucan.clone().

  Refer to Sentry v8 release notes and Sentry v7->v8 for additional context.

Special shout-out to @​timfish for their contribution 🚀

Commits

• f8e0bbb Version Packages (#239)
• c29ddfa v4.0.0 (#238)
• fce854c Update to Sentry v8 SDKs (#234)
• See full diff in compare view

Updates tsx from 4.15.7 to 4.16.2

Release notes

Sourced from tsx's releases.

v4.16.2

4.16.2 (2024-07-03)

Bug Fixes

• isolated cts import in Node v18 (#61) (042be03)

---

This release is also available on:

• npm package (@​latest dist-tag)

v4.16.1

4.16.1 (2024-07-03)

Bug Fixes

• cjs: isolate implicit resolver enhancement (#59) (143a5bd)
• cjs: namespace filter to preserve file path (6ef949c)
• esm: implicit resolution with tsconfig paths (a74aa58), closes #607

---

This release is also available on:

• npm package (@​latest dist-tag)

v4.16.0

4.16.0 (2024-06-29)

Bug Fixes

• cjs: tsx.require to support core modules (f748e19)

Features

• cjs: improve compatibility with other loaders (3e1e546)

---

This release is also available on:

... (truncated)

Commits

• 042be03 fix: isolated cts import in Node v18 (#61)
• a74aa58 fix(esm): implicit resolution with tsconfig paths
• 1603c66 refactor(cjs): cjs lexer detection
• c6d5203 refactor(cjs): always inherit query from parent (#60)
• aa3f2a1 test: scoped cts loading in Node v18
• 8c61236 refactor(types): improve CJS module types
• 23ebe7e refactor: preserve resolveFilename args accurately
• e0b581c test: assert package can be loaded relative to data url
• 143a5bd fix(cjs): isolate implicit resolver enhancement (#59)
• 6ef949c fix(cjs): namespace filter to preserve file path
• Additional commits viewable in compare view

Updates @biomejs/biome from 1.8.2 to 1.8.3

Release notes

Sourced from @​biomejs/biome's releases.

CLI v1.8.3

CLI

Bug fixes

• Fix #3104 by suppressing node warnings when using biome migrate. Contributed by @​SuperchupuDev

• Force colors to be off when using the GitHub reporter to properly create annotations in GitHub actions (#3148). Contributed by @​Sec-ant

Parser

Bug fixes

• Implement CSS unicode range. Contributed by @​denbezrukov

Formatter

Bug fixes

• Fix #3184 CSS formatter converts custom identifiers to lowercase. Contributed by @​denbezrukov
• Fix #3256 constant crashes when editing css files #3256. Contributed by @​denbezrukov

Linter

New features

• Add nursery/useDeprecatedReason rule. Contributed by @​vohoanglong0107.
• Add nursery/noExportedImports. Contributed by @​Conaclos

Bug fixes

• useConsistentArrayType and useShorthandArrayType now ignore Array in the extends and implements clauses. Fix #3247. Contributed by @​Conaclos
• Fixes #3066 by taking into account the dependencies declared in the package.json. Contributed by @​ematipico
• The code action of the useArrowFunction rule now preserves a trailing comma when there is only a single type parameter in the arrow function and JSX is enabled. Fixes #3292. Contributed by @​Sec-ant

Enhancements

• Enhance tailwind sorting lint rule #1274 with variant support.

  Every preconfigured variant is assigned a weight that concurs on establishing the output sorting order. Since nesting variants on the same utility class is possible, the resulting weight is the Bitwise XOR of all the variants weight for that class. Dynamic variants (e.g. has-[.custom-class], group-[:checked]) are also supported and they take the weight of their base variant name the custom value attached (e.g. has-[.custom-class] takes has weight). Arbitrary variants (e.g. [&nth-child(2)]) don't have a weight assigned and they are placed after every known variant. Classes with the same amount of arbitrary variants follow lexicographical order. The class that has the highest number of nested arbitrary variants is placed last. Screen variants (e.g. sm:, max-md:, min-lg:) are not supported yet.

  Contributed by @​lutaok

... (truncated)

Changelog

Sourced from @​biomejs/biome's changelog.

v1.8.3 (2024-06-27)

CLI

Bug fixes

• Fix #3104 by suppressing node warnings when using biome migrate. Contributed by @​SuperchupuDev

• Force colors to be off when using the GitHub reporter to properly create annotations in GitHub actions (#3148). Contributed by @​Sec-ant

Parser

Bug fixes

• Implement CSS unicode range. Contributed by @​denbezrukov

Formatter

Bug fixes

• Fix #3184 CSS formatter converts custom identifiers to lowercase. Contributed by @​denbezrukov
• Fix #3256 constant crashes when editing css files #3256. Contributed by @​denbezrukov

Linter

New features

• Add nursery/useDeprecatedReason rule. Contributed by @​vohoanglong0107.
• Add nursery/noExportedImports. Contributed by @​Conaclos

Enhancements

• Implement suggestedExtensions option for useImportExtensions rule. Contributed by @​drdaemos

Bug fixes

• useConsistentArrayType and useShorthandArrayType now ignore Array in the extends and implements clauses. Fix #3247. Contributed by @​Conaclos
• Fixes #3066 by taking into account the dependencies declared in the package.json. Contributed by @​ematipico
• The code action of the useArrowFunction rule now preserves a trailing comma when there is only a single type parameter in the arrow function and JSX is enabled. Fixes #3292. Contributed by @​Sec-ant

Enhancements

• Enhance tailwind sorting lint rule #1274 with variant support.

  Every preconfigured variant is assigned a weight that concurs on establishing the output sorting order. Since nesting variants on the same utility class is possible, the resulting weight is the Bitwise XOR of all the variants weight for that class. Dynamic variants (e.g. has-[.custom-class], group-[:checked]) are also supported and they take the weight of their base variant name the custom value attached (e.g. has-[.custom-class] takes has weight). Arbitrary variants (e.g. [&nth-child(2)]) don't have a weight assigned and they are placed after every known variant. Classes with the same amount of arbitrary variants follow lexicographical order. The class that has the highest number of nested arbitrary variants is placed last. Screen variants (e.g. sm:, max-md:, min-lg:) are not supported yet.

... (truncated)

Commits

• c28d597 release: v1.8.3 (#3302)
• f88b7b2 chore: update codegen to include GraphQL (#3301)
• 6f9c938 feat(noExportedImports): add lint rule (#3097)
• cd3bb04 chore(deps): update @​biomejs packages (#3266)
• See full diff in compare view

Updates @cloudflare/workers-types from 4.20240620.0 to 4.20240718.0

Commits

• See full diff in compare view

Updates drizzle-kit from 0.22.7 to 0.23.0

Release notes

Sourced from drizzle-kit's releases.

v0.23.0

🎉 New flag --force for drizzle-kit push

You can auto-accept all data-loss statements using the push command. It's only available in CLI parameters. Make sure you always use it if you are fine with running data-loss statements on your database

🎉 New migrations flag prefix

You can now customize migration file prefixes to make the format suitable for your migration tools:

• index is the default type and will result in 0001_name.sql file names;
• supabase and timestamp are equal and will result in 20240627123900_name.sql file names;
• unix will result in unix seconds prefixes 1719481298_name.sql file names;
• none will omit the prefix completely;

Example: Supabase migrations format

import { defineConfig } from "drizzle-kit";
export default defineConfig({
  dialect: "postgresql",
  migrations: {
    prefix: 'supabase'
  }
});

🎉 Migrations support for PostgreSQL Sequences

You can now specify sequences in Postgres within any schema you need and define all the available properties

Example

import { pgSchema, pgSequence } from "drizzle-orm/pg-core";
// No params specified
export const customSequence = pgSequence("name");
// Sequence with params
export const customSequence = pgSequence("name", {
startWith: 100,
maxValue: 10000,
minValue: 100,
cycle: true,
cache: 10,
increment: 2
});
// Sequence in custom schema
export const customSchema = pgSchema('custom_schema');
</tr></table>

... (truncated)

Commits

• See full diff in compare view

Updates typescript from 5.5.2 to 5.5.3

Release notes

Sourced from typescript's releases.

TypeScript 5.5.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

• fixed issues query for TypeScript v5.5.3 (Stable).
• fixed issues query for TypeScript v5.5.2 (Stable).
• fixed issues query for TypeScript v5.5.1 (RC).
• fixed issues query for TypeScript v5.5.0 (Beta).

Downloads are available on:

• npm
• NuGet package

Commits

• f0e9921 Bump version to 5.5.3 and LKG
• 738bd60 Cherry-pick #58966 to release-5.5 (#59002)
• See full diff in compare view

Updates wrangler from 3.61.0 to 3.65.1

Release notes

Sourced from wrangler's releases.

[email protected]

Patch Changes

• #6267 957d668 Thanks @​WalshyDev! - chore: add total module size to the logged table, this makes it much easier to see the total size of all modules combined.

• #6244 e7c06d7 Thanks @​gabivlj! - fix: wrangler cloudchamber json errors are properly formatted

• Updated dependencies [779c713]:

  • [email protected]

[email protected]

Minor Changes

• #6194 25afcb2 Thanks @​zebp! - chore: Add duration and sourcemap size to upload metrics event

  Wrangler will now send the duration and the total size of any sourcemaps uploaded with your Worker to Cloudflare if you have metrics enabled.

• #6259 eb201a3 Thanks @​ottomated! - chore: Add types to DurableObjectNamespace type generation. For example:

  interface Env {
    OBJECT: DurableObjectNamespace<import("./src/index").MyDurableObject>;
  }

• #6245 e4abed3 Thanks @​OilyLime! - feature: Add support for Hyperdrive over Access configs

Patch Changes

• #6255 d497e1e Thanks @​rozenmd! - fix: teach wrangler init --from-dash about d1 bindings

  This PR teaches wrangler init --from-dash about D1 bindings, so they aren't incorrectly added to the wrangler.toml as unsafe bindings.

• #6258 4f524f2 Thanks @​dom96! - feature: Add warning about deploying Python with requirements.txt

  This expands on the warning shown for all Python Workers to include a message about deploying Python Workers with a requirements.txt not being supported.

• #6249 8bbd824 Thanks @​petebacondarwin! - chore: Update config-schema.json for the wrangler.toml

• #5955 db11a0f Thanks @​harugon! - fix: correctly escape newlines in constructType function for multiline strings

  This fix ensures that multiline strings are correctly handled by the constructType function. Newlines are now properly escaped to prevent invalid JavaScript code generation when using the wrangler types command. This improves robustness and prevents errors related to multiline string handling in environment variables and other configuration settings.

• #6263 fa1016c Thanks @​petebacondarwin! - fix: use cli script-name arg when deploying a worker with queue consumers

• Updated dependencies [0d32448]:

  • [email protected]

[email protected]

Minor Changes

... (truncated)

Changelog

Sourced from wrangler's changelog.

3.65.1

Patch Changes

• #6267 957d668 Thanks @​WalshyDev! - chore: add total module size to the logged table, this makes it much easier to see the total size of all modules combined.

• #6244 e7c06d7 Thanks @​gabivlj! - fix: wrangler cloudchamber json errors are properly formatted

• Updated dependencies [779c713]:

  • [email protected]

3.65.0

Minor Changes

• #6194 25afcb2 Thanks @​zebp! - chore: Add duration and sourcemap size to upload metrics event

  Wrangler will now send the duration and the total size of any sourcemaps uploaded with your Worker to Cloudflare if you have metrics enabled.

• #6259 eb201a3 Thanks @​ottomated! - chore: Add types to DurableObjectNamespace type generation. For example:

  interface Env {
    OBJECT: DurableObjectNamespace<import("./src/index").MyDurableObject>;
  }

• #6245 e4abed3 Thanks @​OilyLime! - feature: Add support for Hyperdrive over Access configs

Patch Changes

• #6255 d497e1e Thanks @​rozenmd! - fix: teach wrangler init --from-dash about d1 bindings

  This PR teaches wrangler init --from-dash about D1 bindings, so they aren't incorrectly added to the wrangler.toml as unsafe bindings.

• #6258 4f524f2 Thanks @​dom96! - feature: Add warning about deploying Python with requirements.txt

  This expands on the warning shown for all Python Workers to include a message about deploying Python Workers with a requirements.txt not being supported.

• #6249 8bbd824 Thanks @​petebacondarwin! - chore: Update config-schema.json for the wrangler.toml

• #5955 db11a0f Thanks @​harugon! - fix: correctly escape newlines in constructType function for multiline strings

  This fix ensures that multiline strings are correctly handled by the constructType function. Newlines are now properly escaped to prevent invalid JavaScript code generation when using the wrangler types command. This improves robustness and prevents errors related to multiline string handling in environment variables and other configuration settings.

• #6263 fa1016c Thanks @​petebacondarwin! - fix: use cli script-name arg when deploying a worker with queue consumers

• Updated dependencies [0d32448]:

  • [email protected]

... (truncated)

Commits

• 810e36e Version Packages (#6281)
• 779c713 chore(deps): bump the workerd-and-workers-types group with 2 updates (#6294)
• 6526517 fix(wrangler): Update vitest config to capture .tsx tests (#6277)
• 957d668 Log total amount + size of all modules (#6267)
• e7c06d7 wrangler cloudchamber: fix --json flags when required fields for it to work a...
• eba40d0 add test for new stacked hotkeys instructions on narrow screens (#6278)
• d8e56c7 fix(wrangler): Make wrangler generate deprecation warning more user-friendl...
• 5f6a5bc fix(wrangler): Remove unnecessary command emoji (#6275)
• e61444c Multiline hotkeys (#6187)
• de91506 Version Packages (#6251)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #316.