chore: bump the dependencies group with 13 updates

[dependabot]

Bumps the dependencies group with 13 updates:

Package	From	To
@datadog/browser-rum	5.34.1	5.35.0
@prisma/client	6.1.0	6.2.1
@tanstack/react-query	5.62.16	5.64.1
@tanstack/react-query-devtools	5.62.16	5.64.1
dd-trace	5.30.0	5.31.0
lucide-react	0.469.0	0.471.1
next	14.2.22	14.2.23
@datadog/datadog-ci	2.46.2	2.47.0
@types/node	22.10.5	22.10.6
eslint-config-next	15.1.3	15.1.4
postcss	8.4.49	8.5.0
prisma	6.1.0	6.2.1
typescript	5.7.2	5.7.3

Updates @datadog/browser-rum from 5.34.1 to 5.35.0

Changelog

Sourced from @​datadog/browser-rum's changelog.

v5.35.0

Public Changes:

• ✨ [RUM-5001] introduce a sessionPersistence config option to force using local storage (#3244) [LOGS] [RUM] [RUM-REACT] [RUM-SLIM] [WORKER]
• feat: support custom schema on Electron (#3204) [LOGS] [RUM] [RUM-REACT] [RUM-SLIM] [WORKER]

Internal Changes:

• Revert "👷 freeze canary deploy (#3238)" (#3252)
• 👷 Update all non-major dependencies (#3240) [LOGS] [RUM] [RUM-REACT] [RUM-SLIM] [WORKER]
• 👷 Update dependency webpack-cli to v6 (#3241)
• 👷 freeze canary deploy (#3238)
• ✅ fix leak detection issues (#3245) [RUM] [RUM-REACT] [RUM-SLIM]
• 💚 fix CI PR comment (#3250)
• ♻️ move traceSampleRate default to config validation (#3197) [RUM] [RUM-REACT] [RUM-SLIM]

Commits

• b6263ce v5.35.0
• c576519 v5.34.1 (#3233)
• See full diff in compare view

Updates @prisma/client from 6.1.0 to 6.2.1

Release notes

Sourced from @​prisma/client's releases.

6.2.1

Today we are releasing the 6.2.1 patch release to address an issue with some of the omitApi preview feature checks having been accidentally omitted when making the feature GA. Now it is fully functional without the preview feature flag.

Changes

• prisma/prisma#25997

6.2.0

Today we're releasing Prisma ORM version 6.2.0 🎉

🌟 Help us spread the word about Prisma by starring the repo or tweeting about the release. 🌟

We have a number of new features in this version, including support for json and enum fields in SQLite, a new updateManyAndReturn function, support for ULID values, as well as the promotion of the omit feature from Preview to Generally Availability.

Highlights

Excluding fields via omit is now production-ready

Our number one requested feature is out of Preview and Generally Available. In 6.2.0, you no longer need to add omitApi to your list of Preview features:

generator client {
  provider        = "prisma-client-js"
- previewFeatures = ["omitApi"]
}

As a refresher: omit allows you to exclude certain fields from being returned in the results of your Prisma Client queries.

You can either do this locally, on a per-query level:

const result = await prisma.user.findMany({
  omit: {
    password: true,
  },
});

Or globally, to ensure a field is excluded from all queries of a certain model:

const prisma = new PrismaClient({
  omit: {
    user: {
      password: true
    }
  }
})
</tr></table>

... (truncated)

Commits

• 60a8268 fix(client): remove omitApi preview feature checks (#25997)
• 3b23a20 chore(deps): update engines to 6.2.0-14.4123509d24aa4dede1e864b46351bf2790323...
• 6ea6991 chore(deps): update engines to 6.2.0-12.51db5cf11ad393407e86084764bced274b48b...
• 425502f fix: node 23 support (#25971)
• 477375c chore(deps): update engines to 6.2.0-11.c49e56c20818c325095752dd0ae895b0dc7ba...
• c43e181 fix(client): allow "passing" across rpc boundary in cloudflare workers (#25914)
• 0a4ef08 chore(deps): update engines to 6.2.0-6.cc0167b764494213f0e42d0867d48643c39c83...
• ebda0b9 fix(client): make nested omit types work (#25900)
• 509b064 chore(deps): update engines to 6.2.0-4.3aa926082bfc4f57e60f2210df297fdfbc889a...
• e3e5568 feat: sqlite JSON support (#25871)
• Additional commits viewable in compare view

Updates @tanstack/react-query from 5.62.16 to 5.64.1

Release notes

Sourced from @​tanstack/react-query's releases.

v5.64.1

Version 5.64.1 - 1/13/25, 1:23 PM

Changes

Fix

• types: support both Array and ReadonlyArray for typed query and mutation keys (#8529) (8d174c8) by @​neefrehman

Packages

• @​tanstack/query-core@​5.64.1
• @​tanstack/query-broadcast-client-experimental@​5.64.1
• @​tanstack/query-persist-client-core@​5.64.1
• @​tanstack/query-sync-storage-persister@​5.64.1
• @​tanstack/react-query@​5.64.1
• @​tanstack/react-query-devtools@​5.64.1
• @​tanstack/react-query-persist-client@​5.64.1
• @​tanstack/react-query-next-experimental@​5.64.1
• @​tanstack/solid-query@​5.64.1
• @​tanstack/solid-query-devtools@​5.64.1
• @​tanstack/solid-query-persist-client@​5.64.1
• @​tanstack/svelte-query@​5.64.1
• @​tanstack/svelte-query-devtools@​5.64.1
• @​tanstack/svelte-query-persist-client@​5.64.1
• @​tanstack/vue-query@​5.64.1
• @​tanstack/vue-query-devtools@​5.64.1
• @​tanstack/angular-query-experimental@​5.64.1
• @​tanstack/query-async-storage-persister@​5.64.1
• @​tanstack/angular-query-devtools-experimental@​5.64.1

v5.64.0

Version 5.64.0 - 1/11/25, 6:59 PM

Changes

Feat

• types: support typing QueryKey and MutationKey via Register (#8521) (fd500a4) by @​neefrehman

Docs

• react-query: highlight per component select pattern for query options (#8522) (8ddebc6) by @​DogPawHat
• react-query: Add import statement with skipToken to the docs (#8519) (690fd2a) by Przemek Maszczynski

Packages

• @​tanstack/query-core@​5.64.0
• @​tanstack/query-broadcast-client-experimental@​5.64.0
• @​tanstack/query-persist-client-core@​5.64.0

... (truncated)

Commits

• e3e8814 release: v5.64.1
• 4a589bf release: v5.64.0
• 564e549 release: v5.63.0
• e2bc216 feat(react-query): allow useQuery and useQueries to unsubscribe from the quer...
• See full diff in compare view

Updates @tanstack/react-query-devtools from 5.62.16 to 5.64.1

Release notes

Sourced from @​tanstack/react-query-devtools's releases.

v5.64.1

Version 5.64.1 - 1/13/25, 1:23 PM

Changes

Fix

• types: support both Array and ReadonlyArray for typed query and mutation keys (#8529) (8d174c8) by @​neefrehman

Packages

• @​tanstack/query-core@​5.64.1
• @​tanstack/query-broadcast-client-experimental@​5.64.1
• @​tanstack/query-persist-client-core@​5.64.1
• @​tanstack/query-sync-storage-persister@​5.64.1
• @​tanstack/react-query@​5.64.1
• @​tanstack/react-query-devtools@​5.64.1
• @​tanstack/react-query-persist-client@​5.64.1
• @​tanstack/react-query-next-experimental@​5.64.1
• @​tanstack/solid-query@​5.64.1
• @​tanstack/solid-query-devtools@​5.64.1
• @​tanstack/solid-query-persist-client@​5.64.1
• @​tanstack/svelte-query@​5.64.1
• @​tanstack/svelte-query-devtools@​5.64.1
• @​tanstack/svelte-query-persist-client@​5.64.1
• @​tanstack/vue-query@​5.64.1
• @​tanstack/vue-query-devtools@​5.64.1
• @​tanstack/angular-query-experimental@​5.64.1
• @​tanstack/query-async-storage-persister@​5.64.1
• @​tanstack/angular-query-devtools-experimental@​5.64.1

v5.64.0

Version 5.64.0 - 1/11/25, 6:59 PM

Changes

Feat

• types: support typing QueryKey and MutationKey via Register (#8521) (fd500a4) by @​neefrehman

Docs

• react-query: highlight per component select pattern for query options (#8522) (8ddebc6) by @​DogPawHat
• react-query: Add import statement with skipToken to the docs (#8519) (690fd2a) by Przemek Maszczynski

Packages

• @​tanstack/query-core@​5.64.0
• @​tanstack/query-broadcast-client-experimental@​5.64.0
• @​tanstack/query-persist-client-core@​5.64.0

... (truncated)

Commits

• e3e8814 release: v5.64.1
• 4a589bf release: v5.64.0
• 564e549 release: v5.63.0
• See full diff in compare view

Updates dd-trace from 5.30.0 to 5.31.0

Release notes

Sourced from dd-trace's releases.

5.31.0

• [34b751db6d] - (SEMVER-PATCH) improve logging of spans in trace log level (Roch Devost) #5074
• [c7648a7b8f] - (SEMVER-PATCH) fix trace log level not adding parameters to output (Roch Devost) #5069
• [daf7030eb7] - (SEMVER-PATCH) add trace level logging when updating config (Roch Devost) #5071
• [317c7a9e09] - (SEMVER-PATCH) rename Tracer to NoopProxy in noop/proxy.js (simon-id) #5068
• [7378bff190] - (SEMVER-PATCH) Benchmarks: No need to guard against unhandled promise rejections (Thomas Watson) #5025
• [b4f99e80d7] - (SEMVER-PATCH) [DI] Batch outgoing http requests (Thomas Watson) #5007
• [1e7622373a] - (SEMVER-PATCH) Send tags, including git metadata, to RC endpoint (Thomas Watson) #5070
• [86c8e26b6f] - (SEMVER-PATCH) ignore noop spans (Igor Unanua) #5063
• [12f24185e7] - (SEMVER-MINOR) Update native-appsec to 8.4.0 (ishabi) #5064
• [f813f43d20] - (SEMVER-PATCH) upgrade mocha@9 to mocha@10 (ishabi) #5065
• [8981beb6c7] - (SEMVER-PATCH) [DI] Add TODO comment (Thomas Watson) #5054
• [330e973219] - (SEMVER-PATCH) [DI] Clean up snapshot integration test (Thomas Watson) #5050
• [4d6a8e3fe8] - (SEMVER-MINOR) support aerospike 6 (ishabi) #5057
• [98ceacfd84] - (SEMVER-PATCH) [MLOB-1942] fix(llmobs): auto-annotations for wrapped functions happen after manual annotations (Sam Brenner) #4960
• [3798033eba] - (SEMVER-MINOR) [DI] Attach ddtags to probe results (Thomas Watson) #5042

Commits

• 9777818 v5.31.0
• ba51867 improve logging of spans in trace log level (#5074)
• 0cfc976 fix trace log level not adding parameters to output (#5069)
• ae1dc86 add trace level logging when updating config (#5071)
• 09e8efa rename Tracer to NoopProxy in noop/proxy.js (#5068)
• f05900d Benchmarks: No need to guard against unhandled promise rejections (#5025)
• 1ee29ad [DI] Batch outgoing http requests (#5007)
• a3044f9 Send tags, including git metadata, to RC endpoint (#5070)
• a40f229 ignore noop spans (#5063)
• e971d34 Update native-appsec to 8.4.0 (#5064)
• Additional commits viewable in compare view

Updates lucide-react from 0.469.0 to 0.471.1

Release notes

Sourced from lucide-react's releases.

Hotfix Lucide React exports

What's Changed

• fix(lucide-react) Adds type module in package.json by @​ericfennis in lucide-icons/lucide#2731

Dynamic Icon component Lucide React and new icons 0.471.0

New Dynamic Icon Component (lucide-react)

This is an easier approach than the previous dynamicIconImports we exported in the library. This one supports all environments. We removed the examples in the docs of how you can make a dynamic icon yourself with a dedicated DynamicIcon component. This one fetches the icon data itself and renders it instead of fetching the Icon component from the library. This makes it more flexible with all the frontend frameworks and libraries that exist for React.

🚨 Not recommended for regular applications that work fine with the regular static icon components. Using the dynamic icon component increases build time, separate bundles, and separate network requests for each icon.

How to use

DynamicIcon is useful for applications that want to show icons dynamically by icon name, for example when using a content management system where icon names are stored in a database.

const App = () => (
  <DynamicIcon name="camera" color="red" size={48} />
);

Possible Breaking changes

We have switched to the "exports" property in package.json. This can cause issues if you have directly imported scripts from the package. Please open an issue if we need to refine this export map.

New icons 🎨

• triangle-dashed (#2652) by @​Yohh

New icons 0.470.0

New icons 🎨

• house-wifi (#2723) by @​akshaymemane

Modified Icons 🔨

• rat (#2692) by @​jguddas

Commits

• 31c3fef fix(lucide-react) Adds type module in package.json (#2731)
• 58c2e10 feat(lucide-react): Add DynamicIcon component (#2686)
• See full diff in compare view

Updates next from 14.2.22 to 14.2.23

Release notes

Sourced from next's releases.

v14.2.23

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• backport: force module format for virtual client-proxy (#74590)
• Backport: Use provided waitUntil for pending revalidates (#74573)
• Feature: next/image: add support for images.qualities in next.config (#74500)

Credits

Huge thanks to @​styfle, @​ijjk and @​lubieowoce for helping!

Commits

• f27ce02 v14.2.23
• c4bf4ac backport: force module format for virtual client-proxy (#74162) (#74590)
• d60bb1b Backport: Use provided waitUntil for pending revalidates (#74164) (#74573)
• a85f441 feat(next/image): add support for images.qualities in next.config (#74500)
• See full diff in compare view

Updates @datadog/datadog-ci from 2.46.2 to 2.47.0

Release notes

Sourced from @​datadog/datadog-ci's releases.

v2.47.0

What's Changed

Static Analysis

• [K9VULN-2465] Add validation of package names by @​juli1 in DataDog/datadog-ci#1512
• [K9VULN-2266] Support is-dev property from osv-scanner by @​dastrong in DataDog/datadog-ci#1514
• [K9VULN-2435] Add support for Cyclone DX 1.6 by @​juli1 in DataDog/datadog-ci#1513
• [K9VULN] Specify is_dev in tests by @​dastrong in DataDog/datadog-ci#1516

Synthetics

• [SYNTH-17698] Fix local test definition variable case by @​AntoineDona in DataDog/datadog-ci#1515

Chores

• Change Serverless team in CODEOWNERS by @​lym953 in DataDog/datadog-ci#1518

Full Changelog: DataDog/datadog-ci@v2.46.2...v2.47.0

Commits

• 526224c v2.47.0
• bc467d7 Change Serverless team in CODEOWNERS
• 9c3b8c3 Merge pull request #1516 from DataDog/dastrong/fix-failing-pipelines
• f762bd2 Specify is_dev in tests
• a77fc93 Merge pull request #1513 from DataDog/juli1/STAL-2435
• aacda63 fix compilation issue
• 384fcc5 [SYNTH-17698] Fix local test definition variable case (#1515)
• 9f2b4f1 Merge pull request #1514 from DataDog/dastrong/K9VULN-2266
• 168add7 Merge branch 'master' into juli1/STAL-2435
• da09721 Merge pull request #1512 from DataDog/juli1/K9VULN-2465
• Additional commits viewable in compare view

Updates @types/node from 22.10.5 to 22.10.6

Commits

• See full diff in compare view

Updates eslint-config-next from 15.1.3 to 15.1.4

Release notes

Sourced from eslint-config-next's releases.

v15.1.4

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• backport: force module format for virtual client-proxy (#74608)
• Fix prerender tags when notFound is called (#74607)
• Use provided waitUntil for pending revalidates (#74604)
• Feature: next/image: add support for images.qualities in next.config (#74588)
• Chore: docs: add missing search: '' on remotePatterns (#74587)
• Chore: docs: update version history of next/image (#73923) (#74570)
• Chore: next/image: improve imgopt api bypass detection for unsupported images (#74569)

Credits

Huge thanks to @ and @ for helping!

Commits

• 48f2588 v15.1.4
• See full diff in compare view

Updates postcss from 8.4.49 to 8.5.0

Release notes

Sourced from postcss's releases.

8.5 “Duke Alloces”

PostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.

@​romainmenke during his work on Stylelint added Input#document in additional to Input#css.

root.source.input.document //=> "<p>Hello</p>
                           //    <style>
                           //    p {
                           //      color: green;
                           //    }
                           //    </style>"
root.source.input.css      //=> "p {
                           //      color: green;
                           //    }"

Thanks to Sponsors

This release was possible thanks to our community.

If your company wants to support the sustainability of front-end infrastructure or wants to give some love to PostCSS, you can join our supporters by:

• Tidelift with a Spotify-like subscription model supporting all projects from your lock file.
• Direct donations at GitHub Sponsors or Open Collective.

Changelog

Sourced from postcss's changelog.

Change Log

This project adheres to Semantic Versioning.

8.5 “Duke Alloces”

• Added Input#document for sources like CSS-in-JS or HTML (by @​romainmenke).

Commits

• 6873270 Release 8.5 version
• 4223bb9 Fix 80 columns limit
• 80e2401 Add Input#document (#1996)
• 6f86879 Update dependencies
• 85cbbec Fix pnpm version on CI
• 76caa57 Update dependencies
• 46ff246 Move to pnpm 10
• 99da2f2 Fix the documentation for RuleRaws.ownSemicolon (#1994)
• 4493eed Pins nanoid to ^3.3.8 (#1992)
• 2acd7c7 Bump nanoid from 3.3.7 to 3.3.8 (#1989)
• Additional commits viewable in compare view

Updates prisma from 6.1.0 to 6.2.1

Release notes

Sourced from prisma's releases.

6.2.1

Today we are releasing the 6.2.1 patch release to address an issue with some of the omitApi preview feature checks having been accidentally omitted when making the feature GA. Now it is fully functional without the preview feature flag.

Changes

• prisma/prisma#25997

6.2.0

Today we're releasing Prisma ORM version 6.2.0 🎉

🌟 Help us spread the word about Prisma by starring the repo or tweeting about the release. 🌟

We have a number of new features in this version, including support for json and enum fields in SQLite, a new updateManyAndReturn function, support for ULID values, as well as the promotion of the omit feature from Preview to Generally Availability.

Highlights

Excluding fields via omit is now production-ready

Our number one requested feature is out of Preview and Generally Available. In 6.2.0, you no longer need to add omitApi to your list of Preview features:

generator client {
  provider        = "prisma-client-js"
- previewFeatures = ["omitApi"]
}

As a refresher: omit allows you to exclude certain fields from being returned in the results of your Prisma Client queries.

You can either do this locally, on a per-query level:

const result = await prisma.user.findMany({
  omit: {
    password: true,
  },
});

Or globally, to ensure a field is excluded from all queries of a certain model:

const prisma = new PrismaClient({
  omit: {
    user: {
      password: true
    }
  }
})
</tr></table>

... (truncated)

Commits

• d6c1639 feat(cli): report typescript version via prisma --version (#25968)
• 425502f fix: node 23 support (#25971)
• See full diff in compare view

Updates typescript from 5.7.2 to 5.7.3

Release notes

Sourced from typescript's releases.

TypeScript 5.7.3

For release notes, check out the release announcement.

• fixed issues query for Typescript 5.7.0 (Beta).
• fixed issues query for Typescript 5.7.1 (RC).
• fixed issues query for Typescript 5.7.2 (Stable).
• fixed issues query for Typescript 5.7.3 (Stable).

Downloads are available on npm

Commits

• a5e123d Update LKG
• 8bc0204 🤖 Pick PR #60828 (Fix CodeQL configuration, releases) into release-5.7 (#60923)
• 7aa63df 🤖 Pick PR #60393 (Don't try to add an implicit undefi...) into release-5.7 (#...
• 9df7c36 Bump version to 5.7.3 and LKG
• e167412 🤖 Pick PR #60794 (Harden sanitizeLog against incorr...) into release-5.7 (#...
• 9ba364c Fix coverage build on release-5.7 (#60792)
• 4b7441a 🤖 Pick PR #60680 (Mark the inherited any-based index ...) into release-5.7 (#...
• e844dc3 Cherry-pick #60402, #60440, #60616 into release-5.7 (#60777)
• 21b02a1 🤖 Pick PR #60749 (Do not require import attribute on ...) into release-5.7 (#...
• b82fd16 🤖 Pick PR #60576 (Avoid incorrectly reusing assertion...) into release-5.7 (#...
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
next	[>= 15.a, < 16]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
100-cims	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jan 13, 2025 10:42pm