mirror of
https://github.com/toeverything/AFFiNE.git
synced 2026-07-01 17:50:50 +08:00
d13f8d98e98988e465c9a9f0aeccab9cd7b1c665
1835 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
d13f8d98e9 | chore: bump up ava version to v8 | ||
|
|
154d9e975d | fix: deps & config (#15126) | ||
|
|
24e07f73bb |
chore: bump up capacitor-plugin-app-tracking-transparency version to v3 (#15079)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [capacitor-plugin-app-tracking-transparency](https://redirect.github.com/mahnuh/capacitor-plugin-app-tracking-transparency) | [`^2.0.5` → `^3.0.0`](https://renovatebot.com/diffs/npm/capacitor-plugin-app-tracking-transparency/2.0.5/3.0.0) |  |  | --- ### Release Notes <details> <summary>mahnuh/capacitor-plugin-app-tracking-transparency (capacitor-plugin-app-tracking-transparency)</summary> ### [`v3.0.0`](https://redirect.github.com/mahnuh/capacitor-plugin-app-tracking-transparency/releases/tag/v3.0.0) [Compare Source](https://redirect.github.com/mahnuh/capacitor-plugin-app-tracking-transparency/compare/v2.0.5...v3.0.0) - Add support for Swift Package Manager ([#​29](https://redirect.github.com/mahnuh/capacitor-plugin-app-tracking-transparency/issues/29)) [`40051d6`](https://redirect.github.com/mahnuh/capacitor-plugin-app-tracking-transparency/commit/40051d6) - Update README.md [`d8c4d27`](https://redirect.github.com/mahnuh/capacitor-plugin-app-tracking-transparency/commit/d8c4d27) *** </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMDkuNCIsInVwZGF0ZWRJblZlciI6IjQzLjIwOS40IiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com> |
||
|
|
d500e472f0 | chore: bump deps (#15124) | ||
|
|
a77d89bb1a |
fix(editor): edgeless can't slider with finger (#15091)
fix bug edgeless can't slider with finger <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added mobile immersive edgeless mode with dynamic chrome auto-hide and tap-gesture controls. * Added a mobile zoom ruler UI for edgeless. * **Bug Fixes** * Improved iOS rendering/zoom by applying low-zoom survival behavior, gesture-aware refresh deferral, and effective-DPR canvas scaling. * Fixed iOS webview zoom/bounce and process-termination reload behavior. * Improved placeholder styling with theme-aware colors. * **Chores** * Updated local ignore rules and iOS app build/version configuration. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: DarkSky <darksky2048@gmail.com> |
||
|
|
eb32a5894e |
chore: bump up @googleapis/androidpublisher version to v36 (#15063)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@googleapis/androidpublisher](https://redirect.github.com/googleapis/google-api-nodejs-client) | [`^35.0.0` → `^36.0.0`](https://renovatebot.com/diffs/npm/@googleapis%2fandroidpublisher/35.1.1/36.0.0) |  |  | --- ### Release Notes <details> <summary>googleapis/google-api-nodejs-client (@​googleapis/androidpublisher)</summary> ### [`v36.0.0`](https://redirect.github.com/googleapis/google-api-nodejs-client/blob/HEAD/CHANGELOG.md#13600-2024-05-02) ##### ⚠ BREAKING CHANGES - **workloadmanager:** This release has breaking changes. - **serviceusage:** This release has breaking changes. - **servicenetworking:** This release has breaking changes. - **serviceconsumermanagement:** This release has breaking changes. - **securitycenter:** This release has breaking changes. - **redis:** This release has breaking changes. - **networkmanagement:** This release has breaking changes. - **iam:** This release has breaking changes. - **doubleclickbidmanager:** This release has breaking changes. - **dns:** This release has breaking changes. - **dataportability:** This release has breaking changes. - **dataplex:** This release has breaking changes. - **dataform:** This release has breaking changes. - **contentwarehouse:** This release has breaking changes. - **content:** This release has breaking changes. - **compute:** This release has breaking changes. - **beyondcorp:** This release has breaking changes. - **alloydb:** This release has breaking changes. - **aiplatform:** This release has breaking changes. ##### Features - **accessapproval:** update the API ([88f6ef5](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/88f6ef52f6b19a90962acb1604694da5e22af1d0)) - **admin:** update the API ([b6fff85](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/b6fff8553fc561f5c16d8bd46ded439bb793ea8a)) - **adsense:** update the API ([5349cf9](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/5349cf9808017b594380ade8c94aed81a3330ed2)) - **advisorynotifications:** update the API ([9c37105](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/9c371058f141e1b30567a74d35245c0d116e9f02)) - **aiplatform:** update the API ([56cde03](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/56cde03e4eb6283561515ecac8435ad28f49dda9)) - **alertcenter:** update the API ([10d8698](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/10d869861c193788a3150515b2d8ec323517bc38)) - **alloydb:** update the API ([51ad37e](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/51ad37ee97ac19ca26c26c645f39f8d9d3fde0cd)) - **analyticsadmin:** update the API ([8b4c314](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/8b4c31451d3ace85c48b8a1170eac09024c518e0)) - **analyticshub:** update the API ([d06ce46](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/d06ce46d020c92976660e2e9ee68f35f0e2da2f6)) - **androidmanagement:** update the API ([bb2dc2d](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/bb2dc2d1e3d99b2a27bfe9f1b517ab257cc886bf)) - **androidpublisher:** update the API ([f58a3c8](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/f58a3c8544b91d6cb987f2b72f200e7b79eabe14)) - **appengine:** update the API ([543b45e](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/543b45e8cad0556e923f2f44e61d3bf96675e1ca)) - **apphub:** update the API ([e9a8db0](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/e9a8db0b264dc78e526dae22ff7a33574406a360)) - **artifactregistry:** update the API ([5a5e4aa](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/5a5e4aae48f826b6daec0493c4cfe79b4b0dfa4a)) - **authorizedbuyersmarketplace:** update the API ([351c7ed](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/351c7edca745cf8d996963e6816811eaaca09a04)) - **backupdr:** update the API ([9796834](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/97968343e02bd85538961138f02ed20976f53a02)) - **beyondcorp:** update the API ([7f20c02](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/7f20c0238728cae35a37e06b95e7dbb8cad57e2e)) - **bigqueryconnection:** update the API ([0e56135](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/0e56135413c3799c0543bb45510dede96970cb63)) - **bigquery:** update the API ([72b5d21](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/72b5d21ed11f1bcde638a1240c02d6ce03906844)) - **bigtableadmin:** update the API ([ad68d8c](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ad68d8c6e175573ebd5c54ec74328386d9dc8cd3)) - **blockchainnodeengine:** update the API ([7f0503c](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/7f0503cc2cf3b7d7f90f0518a1deb592a4f313a4)) - **chat:** update the API ([0810516](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/081051658a22c7bf2cd8915838608f53fb620cd6)) - **cloudasset:** update the API ([4eb45be](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/4eb45bed03811fb3f5c18967a0c7128ced2ee011)) - **cloudbuild:** update the API ([d20db7b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/d20db7be93195c69e6b1345bcf196aeab8b57b35)) - **clouddeploy:** update the API ([cd5014b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/cd5014bd87adbfbc2729f78f7d56bb4b8d42b7d7)) - **cloudsupport:** update the API ([ceb5503](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ceb5503e69b26a0838d8decc00ca17ebdcdda743)) - **compute:** update the API ([f84e98a](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/f84e98a33f39034e2cb7846fbc4c3fc6804a2ffa)) - **connectors:** update the API ([478d8c6](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/478d8c60beb0ccae9a89590f71802aa7843275e2)) - **contactcenteraiplatform:** update the API ([862d69b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/862d69b84cbbe5f9e6c34af4bfdfbe33990c9331)) - **contactcenterinsights:** update the API ([c1974c4](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/c1974c4b7385c84fdb70cd3c05e5ad601dbb4272)) - **container:** update the API ([8cd9863](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/8cd986326583b69735627bae07263fad1595b7fb)) - **content:** update the API ([76546b8](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/76546b866ac0e675f27b2b9ab1727f4c821c17ac)) - **contentwarehouse:** update the API ([aa28685](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/aa286853fecaa5d45d80e33e309ea388ea6ece97)) - **dataflow:** update the API ([ddd9231](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ddd92315d9fff4a5a20493b1ce874f0974df3b82)) - **dataform:** update the API ([a43ddce](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/a43ddced989c08697f803f6d167f771ae27ecbcb)) - **datamigration:** update the API ([f0e692d](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/f0e692d9169793bc8abe3cd33982e36e04faf3ea)) - **dataplex:** update the API ([20e701c](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/20e701c6dc51978418c70f58907d0d2c8d5d407d)) - **dataportability:** update the API ([50c5d63](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/50c5d63f83ccf4e91e27e7322062a8edc24b33cf)) - **datastream:** update the API ([57a62ef](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/57a62ef7920ab1ca1e18452b2749c3585a981736)) - **dialogflow:** update the API ([ddfc789](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ddfc789b5c0c567d2ddc8241448e260bfb7ad20f)) - **discoveryengine:** update the API ([ec40fe5](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ec40fe54ac9bc032c370f8eaf436489a10b04159)) - **discovery:** update the API ([8d42dab](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/8d42dab88214bc01e9a9678794b6015435b5071f)) - **displayvideo:** update the API ([90937cd](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/90937cda7d6475fd0f04ac2332f3351f53f08b22)) - **dlp:** update the API ([88f0a64](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/88f0a640104e95f5aa785b89658997746153915e)) - **dns:** update the API ([4688a5e](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/4688a5ef2114c8ffcc15890ee47949431915841c)) - **documentai:** update the API ([b07b1aa](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/b07b1aa83a3be53769729f43afe252bab824b55a)) - **domains:** update the API ([d34c2a0](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/d34c2a09071ea3431f88ce0b6be0757a9682f66e)) - **doubleclickbidmanager:** update the API ([0e6990d](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/0e6990d73d7c576483a84b4dce75a5fd7fe3c0ad)) - **eventarc:** update the API ([0c28816](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/0c2881683796bfbc7581c2b772ef6d630737ad02)) - **factchecktools:** update the API ([bd8d187](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/bd8d187f2fa9859b230c0292c509312b93fba7a5)) - **firestore:** update the API ([6d67fed](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/6d67fed98433e01900db319bc4747577cb6d6e3d)) - **games:** update the API ([99d63c1](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/99d63c1ce9e7a141ce34ca9ab3b85e7c24413357)) - **gkebackup:** update the API ([e90fb98](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/e90fb98d64548538cbb810258e9fde7b3f3561fc)) - **gkehub:** update the API ([d4c3244](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/d4c3244d232a2788ef39e85a3ba451227446ebb2)) - **gmail:** update the API ([a4d9319](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/a4d9319ad50bbfd9e27ed7b4ff865951b7dd1032)) - **iam:** update the API ([2e9117f](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/2e9117f73657e08bcea4de889f49bbeca4cb6882)) - **iap:** update the API ([db72cb3](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/db72cb3acc75efc17df7dd0d6b4418e17c1c3c81)) - **logging:** update the API ([4317a72](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/4317a72ef5752de222fafdaadb4be75267fedd4f)) - **marketingplatformadmin:** update the API ([ff87055](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ff8705570be84e5c2b93bac53dc6dc38923137ef)) - **metastore:** update the API ([57b1763](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/57b1763cd49724b461a5f85f8a6ef1cdebfdd500)) - **migrationcenter:** update the API ([3f91b3a](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/3f91b3abc6c81c7848e127563207299631cb1c7c)) - **monitoring:** update the API ([b601933](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/b6019332629f7f487a720bbedf58284f32bc84f2)) - **networkconnectivity:** update the API ([bb6e8ff](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/bb6e8ffe0ccc87c117b7acbecf2ad9a52ec76158)) - **networkmanagement:** update the API ([3c9d201](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/3c9d20120e16a1c6df1c2cbac758d2fa28670c7b)) - **ondemandscanning:** update the API ([9efea7e](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/9efea7ec8fa03709a875f4e8131bcdf059ddd403)) - **orgpolicy:** update the API ([9abcb3a](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/9abcb3ab05e3f8ceac3d5f6fb77b69b6312d3d78)) - **paymentsresellersubscription:** update the API ([5c6228e](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/5c6228e8693db8d5c3797148f0f547063beb23f1)) - **privateca:** update the API ([c8bed74](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/c8bed74402e19d48227929a3c387663650c713fd)) - **pubsub:** update the API ([985ba9b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/985ba9bb35f3bd9db382497be3ec99d4c309cff4)) - **recaptchaenterprise:** update the API ([cd6af58](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/cd6af586c85f638a9e59647f9e14e13fbf4500c4)) - **redis:** update the API ([2896261](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/28962616def25002b1ab7eb995f220ba87646894)) - regenerate index files ([7cbd403](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/7cbd403f5f44d43aa9fb86f35b4b71ff16bf8511)) - **retail:** update the API ([5c3af10](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/5c3af10dc0c01bcba9ac1dd306ece2641e576f66)) - **run:** update the API ([4adbdec](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/4adbdec9d3771f3c024f978fab7897e547825b11)) - **searchads360:** update the API ([03ca122](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/03ca122fba8a0ae1bf3cb482aefefd17eeba6adf)) - **securitycenter:** update the API ([8b08aa2](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/8b08aa2ac1d8bb8eb264f8bda3089da60b4f4028)) - **serviceconsumermanagement:** update the API ([8878e94](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/8878e945849f0c8a2946789f554aa8f7d43d9db5)) - **servicecontrol:** update the API ([763243a](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/763243a5a56fbc735a259bc8a0cd16046a9b5289)) - **servicenetworking:** update the API ([d481dce](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/d481dce95d7f9f899d9b62f78933a731159f381c)) - **serviceusage:** update the API ([41b76ee](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/41b76ee8d6beeeb3bbccdcbbcd0853f610a54171)) - **sheets:** update the API ([74b2d05](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/74b2d057117112b9b6991f70dc47ac60a9945e82)) - **spanner:** update the API ([2d2e0f6](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/2d2e0f64b7ceb23e7695939c367d74c7ce14fc2b)) - **sqladmin:** update the API ([7cc6d5e](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/7cc6d5e1283e44228e54acf2bdb10bbe5436996c)) - **tpu:** update the API ([d6658ff](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/d6658ff0af9efce119b420c5da8cfcab7b882276)) - **trafficdirector:** update the API ([69f9252](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/69f92522ff9920b35c5a07302f509f86c49485df)) - **verifiedaccess:** update the API ([33544fc](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/33544fca5d8da32c49b7c9a803e6f818cd71abcb)) - **workloadmanager:** update the API ([855fab4](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/855fab42662185d828978f3474b6eba492f4b674)) - **workstations:** update the API ([867515f](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/867515ff691803da59aac961866bb6afb224a642)) - **youtube:** update the API ([7452149](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/7452149d3d70dd45b10ceff77310aa09b6c2c57d)) ##### Bug Fixes - **abusiveexperiencereport:** update the API ([dfd4aa1](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/dfd4aa1e515b9665f2fcdf4a13eecd267b386895)) - **acceleratedmobilepageurl:** update the API ([9b0387c](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/9b0387c44997aab7f305900eee6fcb8801d3f7ee)) - **accesscontextmanager:** update the API ([413c833](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/413c833b3273a224f9df5fc36fae40669724e4fb)) - **acmedns:** update the API ([4199c73](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/4199c734fcde97cd00126d4531c0acfe7f4aad9a)) - **addressvalidation:** update the API ([3c51f3f](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/3c51f3f5214e6465f25825ee8f37a773bbc7b07e)) - **adexchangebuyer2:** update the API ([ec9384a](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ec9384ab02f3f30493962122c90c0549c318c7d4)) - **adexperiencereport:** update the API ([8932647](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/8932647c6be056c97fff0754cf4198ae9b55e6bd)) - **admob:** update the API ([7b699f5](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/7b699f5f9cc2f565811caf67a944eaa104d22efb)) - **adsensehost:** update the API ([e4373ed](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/e4373ed0b695c995317e6f735542a228df2022e7)) - **analyticsdata:** update the API ([9c8dcf8](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/9c8dcf8f9aae5858d453a0dae64ca9837672bc87)) - **analyticsreporting:** update the API ([4b2a5bd](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/4b2a5bdaf8aca2a581fec1e7ee1f534eb9867dca)) - **analytics:** update the API ([f7f9cc4](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/f7f9cc4b9f2bf47aedd233ecdfb43531b5dad3cd)) - **androiddeviceprovisioning:** update the API ([47d89cd](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/47d89cda619cdec6b83e826913e1ff92e090ced8)) - **androidenterprise:** update the API ([293c247](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/293c247fbf83fbe9b54c14cd991b69bfd9679996)) - **apigateway:** update the API ([7d02f2d](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/7d02f2dae2c63f6cf62de73fc1d3e1381f9f7ce1)) - **apigeeregistry:** update the API ([f627870](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/f62787095c2439b882896130c259cedb810114de)) - **apikeys:** update the API ([f2ab501](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/f2ab50102415317c56bb20fb7c1894505c86a7e9)) - **area120tables:** update the API ([ba9d3e6](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ba9d3e6258f47ea0d0bb3dae9f484a9097f2bdad)) - **assuredworkloads:** update the API ([3dc3798](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/3dc3798f56c03f0cf7136eb5d5e625ef2c3c21ee)) - **batch:** update the API ([10727a4](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/10727a4ccab11bd1203fa95cb14131a67804e7a5)) - **biglake:** update the API ([ebfd8c6](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ebfd8c6610f83f7ed63d21705f7d1eb2ed6db2d0)) - **bigquerydatapolicy:** update the API ([4871975](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/48719750b35826c4f147f8dc8601c90188dc8bee)) - **bigquerydatatransfer:** update the API ([05b9fc8](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/05b9fc89e9f0b1b94092e50cef21b03044b836ba)) - **bigqueryreservation:** update the API ([9f226a3](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/9f226a3de413175cd44c76f45b19169010daaaa9)) - **billingbudgets:** update the API ([1190847](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/1190847e882070097b0ef0fc74f23c5f162ecd16)) - **binaryauthorization:** update the API ([a5ad874](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/a5ad874a862e827b55278bd56f25d6efbcc797c6)) - **blogger:** update the API ([285aa94](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/285aa9455d6afe92001fa4373c7a153124d9bf21)) - **books:** update the API ([b95f9af](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/b95f9aff24842b3e2132f74913fb794699ea55be)) - **businessprofileperformance:** update the API ([92abfea](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/92abfea3a06b9714b650f6846469a434ff9d8c71)) - **calendar:** update the API ([a040e6d](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/a040e6d6ccbb5efbebd09db5e452e586072afc71)) - **certificatemanager:** update the API ([32dd53e](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/32dd53e849a341afbd7f0f52548485167556f85d)) - **checks:** update the API ([37cb793](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/37cb793b61fbf605d4e94af20abbe6a75fab277d)) - **chromemanagement:** update the API ([2a9f611](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/2a9f611d836a86cb36e0288ee13818238fac9a02)) - **chromepolicy:** update the API ([5f2b01b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/5f2b01b222e12e7719296d6dbc885aa8b029c47b)) - **chromeuxreport:** update the API ([c7af220](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/c7af220ffb1f7c5ee56a7e6ad0a87d9ff4c0e8a1)) - **civicinfo:** update the API ([74c8d7b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/74c8d7be47d07654832eca7a82ff54ab727e556a)) - **classroom:** update the API ([2183745](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/2183745a478778c1009d91ab160f1546526c7746)) - **cloudbilling:** update the API ([f8baaac](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/f8baaac306d170b837cf2eb544edae932d13ed98)) - **cloudchannel:** update the API ([a65c068](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/a65c068d0595e90214d69be0ab74af66c80ad62d)) - **cloudcontrolspartner:** update the API ([5a7437b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/5a7437badd218eb3b92544397baa440040d2f3a6)) - **clouderrorreporting:** update the API ([4c557f5](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/4c557f5a186799c1f4abe3b7afa3b1481f187b14)) - **cloudfunctions:** update the API ([fc21faf](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/fc21faf20d3f7a4a70c035cea20fc36082a247b9)) - **cloudidentity:** update the API ([3d288c6](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/3d288c674958a8ece72b1bb73764b9549b3cbc1c)) - **cloudkms:** update the API ([93e0687](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/93e06878abf84ad8b1df3f12ace0f067b1f25098)) - **cloudprofiler:** update the API ([d11e9e4](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/d11e9e41137ae8d062bd4ed084a350b0bde8d3c0)) - **cloudresourcemanager:** update the API ([76f0f51](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/76f0f511f97312e3aa7a41f14befa836ce44df55)) - **cloudscheduler:** update the API ([94305b7](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/94305b7da4ccfab0e63b613d6a7fcbe33864270d)) - **cloudsearch:** update the API ([e6de73d](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/e6de73da3a7cf1c269ef6017843ccf6fd078f154)) - **cloudshell:** update the API ([f399b75](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/f399b75d0d63674a28970f589aea6f01eab1577b)) - **cloudtasks:** update the API ([31dbbe2](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/31dbbe2439fabe0f0fc1b8f3377a305fee87c2c0)) - **cloudtrace:** update the API ([212d697](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/212d697a0e2654ba1bb8f2775bf039b57be3a6cd)) - **composer:** update the API ([75304a0](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/75304a070d61822ec87af425147acf2a3e72afdf)) - **config:** update the API ([07be765](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/07be7657dd18a230d4e2390f156263a98fdae02a)) - **containeranalysis:** update the API ([90afb7b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/90afb7bddfde862f89ed2f599ca74bf8e2002e8c)) - **customsearch:** update the API ([dc6b156](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/dc6b156aaa9bcb1d45356db3c3a7058ed0720c04)) - **datacatalog:** update the API ([64c1abc](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/64c1abc7e78bbe9a213c1c696a83389ca1b8d313)) - **datafusion:** update the API ([6aff1d8](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/6aff1d8ecad16691a2b9d5ab4b5bfacf2680c8a0)) - **datalabeling:** update the API ([797471f](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/797471fb5f97302a1ab7f50587298aee650bf372)) - **datapipelines:** update the API ([e108596](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/e10859679756d3c1fe243ade7b4ff096d4057f7a)) - **dataproc:** update the API ([abbcb61](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/abbcb618952a5c365ef553b83f88bd4fc6a19c68)) - **datastore:** update the API ([fe99c43](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/fe99c436b00f3e0db1c048b6e1978c2c91eeaf75)) - **deploymentmanager:** update the API ([87fda2a](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/87fda2a3b88f81077ed5f18f52e0263644ba19cb)) - **dfareporting:** update the API ([4cec666](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/4cec666a18587527e4973548112080ccafaa9e37)) - **digitalassetlinks:** update the API ([abe8c25](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/abe8c25a24e1c1e521338d1ece3f8124c08ed686)) - **docs:** update the API ([5c28cc5](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/5c28cc5f90c3ec07902952673a54a9439aebaefe)) - **domainsrdap:** update the API ([f3678df](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/f3678df1b0f9621c9319be5c32b5c1ae0257409f)) - **doubleclicksearch:** update the API ([f6e9c9a](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/f6e9c9a07c6871be0b722532e09a1079fa2aa84d)) - **driveactivity:** update the API ([63563b6](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/63563b6d89ccdb8a778089c48a649d212ae41187)) - **drivelabels:** update the API ([44db39e](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/44db39ea335d5b3566c1f6a751f32eb159427c6a)) - **drive:** update the API ([5f88b3e](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/5f88b3e4deaa2aa30bc78df0e5c2e9e387e7d161)) - **essentialcontacts:** update the API ([6bc249f](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/6bc249f5d12c4975f3569ad735fe6b14875960a7)) - **fcmdata:** update the API ([da072ae](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/da072ae63e796156028c0b28863adfef9d1887b8)) - **fcm:** update the API ([c2043ed](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/c2043ed711270a5e38a0842b539898e9d289f436)) - **file:** update the API ([4bbf0b9](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/4bbf0b92661f5ea47f09eefecf48238ab13980f1)) - **firebaseappcheck:** update the API ([851d463](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/851d4639bf75850c4ab88c1dad4dfd9166f9801b)) - **firebaseappdistribution:** update the API ([96163b7](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/96163b73f732144c3da840b18d6a55aac62d6081)) - **firebasedatabase:** update the API ([3d96170](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/3d96170cc795827c84a53e0c3d0de526a12b9d95)) - **firebasedynamiclinks:** update the API ([1122f63](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/1122f63e79402abe5be53a38334c565ca883ad18)) - **firebasehosting:** update the API ([6abce84](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/6abce84cf7567d906dc94c64700c8bc42c55de4a)) - **firebaseml:** update the API ([eef0dfe](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/eef0dfe82ab1c082959cdb168d9c8e438b98606b)) - **firebaserules:** update the API ([d02b49c](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/d02b49c84908b0757a6525665b9451092c0ee3dd)) - **firebasestorage:** update the API ([b303956](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/b303956d395587471344b89bf546068d89b6b1a8)) - **firebase:** update the API ([38f0247](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/38f024730891a3e566ac49a18dd2786768f8fe10)) - **fitness:** update the API ([bd72df1](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/bd72df18aba9c830b788a5ac4fd260ba693ce31d)) - **forms:** update the API ([e06cd96](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/e06cd96538ce8a44d850c8cc29aabcdf0b180ab9)) - **gamesConfiguration:** update the API ([b26b164](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/b26b16406b25d2cc66aeb21bbb4eb7d366c4f6ac)) - **gamesManagement:** update the API ([c056dbb](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/c056dbb47b86bf807f7a536281f4ec9f715b1b3b)) - **gkeonprem:** update the API ([50b340a](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/50b340ab8c56308486f8f47f15cf76c010300137)) - **gmailpostmastertools:** update the API ([2d1dd45](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/2d1dd456fd959314d4dfdd5066f32304ca6534a4)) - **groupsmigration:** update the API ([2d5dfc8](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/2d5dfc87a79567d6c65713279d9e169f791edd15)) - **groupssettings:** update the API ([81f7c45](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/81f7c4560d45065ccd96c24d05094c7b5de59580)) - **healthcare:** update the API ([4dcb153](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/4dcb1532b818deed3e14b43d2e42de87d68a71ab)) - **homegraph:** update the API ([709f585](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/709f58538c74d97ac0508b3d5fd6518502401614)) - **iamcredentials:** update the API ([0610412](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/06104128540bdc9565a0cd8cdb812aafe4025ba2)) - **identitytoolkit:** update the API ([99534fb](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/99534fba8b394219448155ab565154cfa5710b15)) - **ids:** update the API ([5ad0d0b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/5ad0d0ba7b827d5b24e69baa8ec6fb6aff738d2f)) - **indexing:** update the API ([3c4e15a](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/3c4e15a098c8cfaa8ac116046553bac0ca1cd7cb)) - **jobs:** update the API ([7687e7b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/7687e7b88acbf1c0803bb9490593839728e013e5)) - **kgsearch:** update the API ([5a54be2](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/5a54be26f5328c9a0b167cc06e4026358e1970df)) - **kmsinventory:** update the API ([3ac181b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/3ac181bbd6283099b1ea29b1371c61eb0e211773)) - **language:** update the API ([91caf34](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/91caf3471150689b54fa2a51cde93de44c595df7)) - **libraryagent:** update the API ([50b72ef](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/50b72ef609e5c9058b5a03ed5aaa1b5062e4bf47)) - **licensing:** update the API ([b6f27e9](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/b6f27e942a89e4597e1c212a700b26f51ddb7bf9)) - **lifesciences:** update the API ([fcc9aae](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/fcc9aaec76f6e1075e520b75118a9ca77a596dfb)) - **localservices:** update the API ([ca0c8d7](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ca0c8d7c7409cccbdf436d539119f093d3f62eec)) - **looker:** update the API ([0c067fa](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/0c067fa5944b446b3b6766b57aec7ab646f08ba1)) - **managedidentities:** update the API ([1f430c5](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/1f430c5ffd6aa522f4d99978a3a719918295a231)) - **manufacturers:** update the API ([d55ac4f](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/d55ac4f151d006e4d975eede60e491877a706a93)) - **memcache:** update the API ([39c011c](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/39c011c3681af3e906b370080a2ca8a6caf83fa0)) - **ml:** update the API ([bf42196](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/bf421969326b70fae5d4c6cddc432546004ec0f0)) - **mybusinessaccountmanagement:** update the API ([ce386e4](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ce386e47e08737a2252203bc30d39229d9be595a)) - **mybusinessbusinessinformation:** update the API ([cdaeb3b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/cdaeb3bc7d8a80dfee13dd0de6dbc5a6f93f5c7c)) - **mybusinesslodging:** update the API ([34eda38](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/34eda38c76099f2aa6b906505fb7f2b33c43cf26)) - **mybusinessnotifications:** update the API ([ae38037](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ae38037c11139e45813fd0306e3357129b036e1d)) - **mybusinessplaceactions:** update the API ([c9f5ea0](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/c9f5ea0ebe9ee56b0c600367122f2f833fc82d33)) - **mybusinessqanda:** update the API ([9d43c1e](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/9d43c1e6ee4654d8bfff86aa44eee91c212e2aef)) - **mybusinessverifications:** update the API ([60bdbd2](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/60bdbd229b5a25345953be1eff11813b10840902)) - **networksecurity:** update the API ([b4ab725](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/b4ab7254926c2a80445481f490eb9738a7399f93)) - **networkservices:** update the API ([0cf9456](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/0cf9456b33165b03510406f5173f875aa67b15c8)) - **notebooks:** update the API ([71b9980](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/71b99805f4a3b99585c09a1b5442e2e43be45d13)) - **oauth2:** update the API ([db72d5d](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/db72d5d788e26b83dac6603dd0c66280e48643fe)) - **osconfig:** update the API ([fc51160](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/fc5116090ac8e177af2cfe17ed5bb938d1f27470)) - **oslogin:** update the API ([d814cb9](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/d814cb920dcb533086161c1e8cba819aa36b7c6d)) - **pagespeedonline:** update the API ([ea4b6e3](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ea4b6e327902369d129eab3b4433509d3e488c36)) - **people:** update the API ([d2f704e](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/d2f704e98cef30bc42636f7aa866bd0a2b586f20)) - **places:** update the API ([7dd5993](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/7dd5993f4d5adbfd6eeed73bad1c066594fa8ffe)) - **playcustomapp:** update the API ([301c3ad](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/301c3adda469b043a7d0c632fb6b41f06c918a78)) - **playdeveloperreporting:** update the API ([7e73906](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/7e7390622559837e06f16e7303d286eedf2a58ed)) - **playgrouping:** update the API ([9753005](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/9753005a61f6aeaab0e433f2691b635508721923)) - **playintegrity:** update the API ([78dfca2](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/78dfca25343031a78ba17ce5a9f84b4b449ff3c3)) - **policyanalyzer:** update the API ([703ab7b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/703ab7bcbcd642386a483f5a70056a41b73f40ce)) - **policysimulator:** update the API ([4a7be29](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/4a7be29e56b02985916e9a5e0563f4c447980134)) - **policytroubleshooter:** update the API ([a556194](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/a556194c602dd8f577f043908a7647667c6ac3f4)) - **poly:** update the API ([12d5e41](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/12d5e413c9db34fc5c1c34ab4773499c5f8c9c3b)) - **prod\_tt\_sasportal:** update the API ([5dfac38](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/5dfac38e84b1d21146a9fecd9ead4a04d81e19f8)) - **publicca:** update the API ([e7906c5](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/e7906c5b474e2303a50a91dd15b3c0ca37ffbff8)) - **pubsublite:** update the API ([f06ab43](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/f06ab430e6095263623df08ac0ff727c9ec9c332)) - **rapidmigrationassessment:** update the API ([3fe4f53](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/3fe4f53ee08c594ac96fbe126918d555910d962a)) - **readerrevenuesubscriptionlinking:** update the API ([c2996fa](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/c2996fac1a3f5c48fa0a0be9fa2b8b070f0e0a66)) - **realtimebidding:** update the API ([e05daef](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/e05daefcd22ec574a00043ba5dbc13e7097b9970)) - **recommendationengine:** update the API ([7b4553c](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/7b4553c671f92881f12ca6b0c6d13b9897cff259)) - **recommender:** update the API ([827d7fc](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/827d7fcf0b01ee4bb097d0e9b258dacfd903d4de)) - **reseller:** update the API ([3b0d62c](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/3b0d62ce52be031269cc38d461464fde58015af4)) - **resourcesettings:** update the API ([b499612](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/b49961200508406ed5dc860b66d671a1598026b0)) - **runtimeconfig:** update the API ([f4f60c4](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/f4f60c410d6d7a39d585a3f9711bd1e398cf1d42)) - **safebrowsing:** update the API ([ec3ca1a](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ec3ca1abec9b9a90efafba0840ad34bcaf28a24c)) - **sasportal:** update the API ([a6a96bc](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/a6a96bc8ee62e20c1dd078e8074b07ea523a58fd)) - **script:** update the API ([582352f](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/582352f283013f76babffc3f34de45aff10fb44e)) - **searchconsole:** update the API ([25ad1ff](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/25ad1ff213231bf47f909b48349a356b14d5dac6)) - **secretmanager:** update the API ([0d6d936](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/0d6d93683ed834ad4414635c8408d1cbacda2c54)) - **servicedirectory:** update the API ([a550687](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/a55068740ecafc29a193fe17a0d207e9becfdcac)) - **servicemanagement:** update the API ([74cb0a2](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/74cb0a2a62c6b29337808ad6fef57daf5c5afed5)) - **siteVerification:** update the API ([a0d8969](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/a0d896969a6635f013a428cc58519075e58f7cfc)) - **slides:** update the API ([3e4be4b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/3e4be4b9af47252b6b59de71255b08b2643f63df)) - **smartdevicemanagement:** update the API ([6ec4bd9](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/6ec4bd90d316f93cd12000ae76feb395c327100e)) - **solar:** update the API ([4377037](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/4377037197348f7908f9c0a5937d2acd938ba2e5)) - **sourcerepo:** update the API ([0889507](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/088950701aeffc7aa8e6f2f17f955023e05494e1)) - **speech:** update the API ([504c8d0](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/504c8d07f3a9363908cdee44b31294d97087956d)) - **storagetransfer:** update the API ([aee9c44](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/aee9c449cf7b6592a91674d8acf83c3f24089b87)) - **storage:** update the API ([cd03772](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/cd037720cda614720bef7852812b1eb99d86d25f)) - **streetviewpublish:** update the API ([3a0401c](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/3a0401c216fd3c4bc8c11913572cf4f628df4813)) - **sts:** update the API ([bce176a](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/bce176a17c9e5ff821d2e6a058720f9f744e18b4)) - **tagmanager:** update the API ([594c354](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/594c354031bb89976ac2b46054c2e0cf6bcd3ed0)) - **tasks:** update the API ([4203139](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/4203139d06bd3b8487d1d0e2d29b92ba7d9a6975)) - **testing:** update the API ([5d373cc](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/5d373cc08c089156b7ca26d52fd51c059e5c1227)) - **texttospeech:** update the API ([366a3fc](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/366a3fc5e1e88c28e0500dbd72970b52bfa442e0)) - **toolresults:** update the API ([ad28679](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/ad28679c983fdc6df90a2cfa73175f7d6f41c741)) - **transcoder:** update the API ([1799ca0](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/1799ca0e2b6c03a21e2dfecfcdd20efaf866222f)) - **translate:** update the API ([6ef599c](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/6ef599c831d7a797b797faf3736ac6514d6bf5c0)) - **travelimpactmodel:** update the API ([be498cd](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/be498cde964258f31edd0d32e5032555b4bf0211)) - **vault:** update the API ([cb9bc44](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/cb9bc4432053217aa68d18b283d55a4ca553617f)) - **versionhistory:** update the API ([0e4d78e](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/0e4d78e3b4fdd766a38662bd270453080efd804d)) - **videointelligence:** update the API ([8139c6a](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/8139c6a6a353c42b878ba2c5751071ecaa06eff0)) - **vision:** update the API ([c6585c7](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/c6585c79b039060193405d68e865552f579dae19)) - **vmmigration:** update the API ([2664ee2](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/2664ee2f9c1f01d51d8545f4cab82535fac59846)) - **vmwareengine:** update the API ([fcdd0d9](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/fcdd0d9cc42e7e7b34ec2b431f94043cde95b8e3)) - **vpcaccess:** update the API ([fe1b7f5](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/fe1b7f52025c36cd63df1b874d1303ab8e13abab)) - **walletobjects:** update the API ([58fe19c](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/58fe19cf6606af287f80afa88f6846a0df9a23c6)) - **webfonts:** update the API ([bd5115d](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/bd5115dbc9c1bdb337f078cfac36bbc5143e41de)) - **webrisk:** update the API ([e227c8e](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/e227c8ed85845dfaf4aa51b0dd727d53a1a5f9cc)) - **websecurityscanner:** update the API ([3e1d63b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/3e1d63b7ab93ca294ec0c983851321bc2fb85338)) - **workflowexecutions:** update the API ([3329041](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/3329041d025edb6a14756e9f15324f6265e7a1e2)) - **workflows:** update the API ([b75aa48](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/b75aa48a774260202f951f0b0b45255c8b346d69)) - **workspaceevents:** update the API ([78acf6b](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/78acf6bdcb0197c34bc4f7950ed4bf351d386b59)) - **youtubeAnalytics:** update the API ([5fdf519](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/5fdf519aebe3d4dfaa7fd477d1121dbc9bd1280f)) - **youtubereporting:** update the API ([87c5dcc](https://redirect.github.com/googleapis/google-api-nodejs-client/commit/87c5dcc04c98a5defa4a271125cd5a248eca800a)) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMDYuMSIsInVwZGF0ZWRJblZlciI6IjQzLjIwNi4xIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
f98688f6c7 |
chore: bump up oxlint to v1.68.0 (#15071)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [oxlint](https://oxc.rs/docs/guide/usage/linter) ([source](https://redirect.github.com/oxc-project/oxc/tree/HEAD/npm/oxlint)) | [`1.67.0` → `1.68.0`](https://renovatebot.com/diffs/npm/oxlint/1.67.0/1.68.0) |  |  | --- ### Release Notes <details> <summary>oxc-project/oxc (oxlint)</summary> ### [`v1.68.0`](https://redirect.github.com/oxc-project/oxc/blob/HEAD/npm/oxlint/CHANGELOG.md#1680---2026-06-01) [Compare Source](https://redirect.github.com/oxc-project/oxc/compare/oxlint_v1.67.0...oxlint_v1.68.0) ##### 🚀 Features - [`e4b1f46`](https://redirect.github.com/oxc-project/oxc/commit/e4b1f46) linter/typescript: Implement `method-signature-style` rule ([#​22679](https://redirect.github.com/oxc-project/oxc/issues/22679)) (Mikhail Baev) - [`bc462ca`](https://redirect.github.com/oxc-project/oxc/commit/bc462ca) linter/vue: Implement no-reserved-component-names rule ([#​22741](https://redirect.github.com/oxc-project/oxc/issues/22741)) (bab) - [`ef9e751`](https://redirect.github.com/oxc-project/oxc/commit/ef9e751) linter/vue: Implement component-definition-name-casing rule ([#​22818](https://redirect.github.com/oxc-project/oxc/issues/22818)) (bab) - [`d67f51a`](https://redirect.github.com/oxc-project/oxc/commit/d67f51a) linter/vue: Implement require-prop-type-constructor rule ([#​22708](https://redirect.github.com/oxc-project/oxc/issues/22708)) (bab) - [`8422e8b`](https://redirect.github.com/oxc-project/oxc/commit/8422e8b) linter/jsdoc: Implement `require-yields-description` rule ([#​22805](https://redirect.github.com/oxc-project/oxc/issues/22805)) (Mikhail Baev) - [`fe93f97`](https://redirect.github.com/oxc-project/oxc/commit/fe93f97) linter/eslint: Implement `prefer-named-capture-group` rule ([#​22759](https://redirect.github.com/oxc-project/oxc/issues/22759)) (Sebastian Poxhofer) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMDkuMCIsInVwZGF0ZWRJblZlciI6IjQzLjIwOS4wIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
8c0e1ba04e |
chore: bump up linter to v1.68.0 (#15069)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [eslint-plugin-oxlint](https://redirect.github.com/oxc-project/eslint-plugin-oxlint) | [`1.67.0` → `1.68.0`](https://renovatebot.com/diffs/npm/eslint-plugin-oxlint/1.67.0/1.68.0) |  |  | --- ### Release Notes <details> <summary>oxc-project/eslint-plugin-oxlint (eslint-plugin-oxlint)</summary> ### [`v1.68.0`](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/releases/tag/v1.68.0) [Compare Source](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.67.0...v1.68.0) *No significant changes* ##### [View changes on GitHub](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.67.0...v1.68.0) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMDYuMSIsInVwZGF0ZWRJblZlciI6IjQzLjIwOS4wIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
aca47445aa |
feat(client): migration old package to rspack (#15068)
#### PR Dependency Tree * **PR #15068** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Upgraded Vitest across packages to 4.1.8 and bumped Tailwind PostCSS to 4.3.0 * CLI/tooling updated to support the media-capture-playground package and adjust build/dev server behavior * **Bug Fixes** * Improved workspace deletion reliability in the Electron app * **Refactor** * Simplified media capture playground build setup (build/config adjustments) * **Tests** * Made tests more robust by preserving/restoring environment state during runs <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
|
75f4c0eede |
feat(editor): add block button for hovering blocks (#14879)
This PR implements [feature request] #14845 <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Add-block control that appears when hovering blocks in page mode to insert and auto-focus a new paragraph; control hides after insertion. * **Improvements** * Improved hover and interaction handling to avoid accidental triggers when interacting with the drag handle or add-block control. * Consistent sizing, positioning, and visibility behavior for the add-block control. * **Style** * Moved heading icon slightly for improved visual alignment. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com> |
||
|
|
7123595831 |
chore: bump deps (#15059)
#### PR Dependency Tree * **PR #15059** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Configurable minimum account age before new accounts can invite members or create share links (default: 24 hours). * Sign-in now returns and caches user info for improved session handling. * **Bug Fixes** * Queue handling accepts and resolves job IDs with special characters. * Improved clipboard/rich-text caret handling and nested-list paste reliability. * Calendar tests use dynamic current-month dates. * AI search returns explicit "No matching documents" when none found. * Auth session responses are explicitly non-cacheable. * **Chores** * Dependency and toolchain bumps; admin UI config/schema exposes the new account-age setting. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
|
18471ef9b2 |
chore: bump up oxlint version to v1.67.0 (#15047)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [oxlint](https://oxc.rs/docs/guide/usage/linter) ([source](https://redirect.github.com/oxc-project/oxc/tree/HEAD/npm/oxlint)) | [`1.66.0` → `1.67.0`](https://renovatebot.com/diffs/npm/oxlint/1.66.0/1.67.0) |  |  | --- ### Release Notes <details> <summary>oxc-project/oxc (oxlint)</summary> ### [`v1.67.0`](https://redirect.github.com/oxc-project/oxc/blob/HEAD/npm/oxlint/CHANGELOG.md#1670---2026-05-26) [Compare Source](https://redirect.github.com/oxc-project/oxc/compare/oxlint_v1.66.0...oxlint_v1.67.0) ##### 🚀 Features - [`b84941e`](https://redirect.github.com/oxc-project/oxc/commit/b84941e) linter/vue: Implement no-expose-after-await rule ([#​22675](https://redirect.github.com/oxc-project/oxc/issues/22675)) (bab) - [`98b98c1`](https://redirect.github.com/oxc-project/oxc/commit/98b98c1) linter/vue: Implement no-computed-properties-in-data rule ([#​22674](https://redirect.github.com/oxc-project/oxc/issues/22674)) (bab) - [`2d4c919`](https://redirect.github.com/oxc-project/oxc/commit/2d4c919) oxlint: Support `vite-plus/resolveConfig` for vite.config.ts ([#​22456](https://redirect.github.com/oxc-project/oxc/issues/22456)) (leaysgur) - [`2a60012`](https://redirect.github.com/oxc-project/oxc/commit/2a60012) linter/vue: Implement require-render-return rule ([#​22613](https://redirect.github.com/oxc-project/oxc/issues/22613)) (bab) - [`9f227fd`](https://redirect.github.com/oxc-project/oxc/commit/9f227fd) linter/vue: Implement no-deprecated-props-default-this rule ([#​21892](https://redirect.github.com/oxc-project/oxc/issues/21892)) (bab) - [`87f065e`](https://redirect.github.com/oxc-project/oxc/commit/87f065e) linter/vue: Implement return-in-emits-validator rule ([#​21935](https://redirect.github.com/oxc-project/oxc/issues/21935)) (bab) - [`ea0380c`](https://redirect.github.com/oxc-project/oxc/commit/ea0380c) linter/unicorn: Implement `import-style` rule ([#​22173](https://redirect.github.com/oxc-project/oxc/issues/22173)) (Hao Chen) - [`dde40fe`](https://redirect.github.com/oxc-project/oxc/commit/dde40fe) linter/vue: Implement no-watch-after-await rule ([#​22006](https://redirect.github.com/oxc-project/oxc/issues/22006)) (bab) - [`a735eb0`](https://redirect.github.com/oxc-project/oxc/commit/a735eb0) linter/vue: Implement valid-next-tick rule ([#​22531](https://redirect.github.com/oxc-project/oxc/issues/22531)) (bab) - [`6dc615d`](https://redirect.github.com/oxc-project/oxc/commit/6dc615d) linter/vue: Implement no-shared-component-data rule ([#​21842](https://redirect.github.com/oxc-project/oxc/issues/21842)) (bab) - [`a656418`](https://redirect.github.com/oxc-project/oxc/commit/a656418) linter/vue: Implement valid-define-options rule ([#​22107](https://redirect.github.com/oxc-project/oxc/issues/22107)) (bab) - [`bb6f1b2`](https://redirect.github.com/oxc-project/oxc/commit/bb6f1b2) linter/vue: Implement require-slots-as-functions rule ([#​22244](https://redirect.github.com/oxc-project/oxc/issues/22244)) (bab) - [`5fa4774`](https://redirect.github.com/oxc-project/oxc/commit/5fa4774) linter/n: Implement `callback-return` rule ([#​22470](https://redirect.github.com/oxc-project/oxc/issues/22470)) (Mikhail Baev) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMDIuMSIsInVwZGF0ZWRJblZlciI6IjQzLjIwMi4xIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
f5fc7c8c00 |
chore: bump up eslint-plugin-oxlint version to v1.67.0 (#15036)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [eslint-plugin-oxlint](https://redirect.github.com/oxc-project/eslint-plugin-oxlint) | [`1.66.0` → `1.67.0`](https://renovatebot.com/diffs/npm/eslint-plugin-oxlint/1.66.0/1.67.0) |  |  | --- ### Release Notes <details> <summary>oxc-project/eslint-plugin-oxlint (eslint-plugin-oxlint)</summary> ### [`v1.67.0`](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/releases/tag/v1.67.0) [Compare Source](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.66.0...v1.67.0) *No significant changes* ##### [View changes on GitHub](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.66.0...v1.67.0) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTQuMCIsInVwZGF0ZWRJblZlciI6IjQzLjE5NC4wIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
7d3e38d652 |
chore: bump up nestjs (#15035)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@nestjs-cls/transactional](https://papooch.github.io/nestjs-cls/) ([source](https://redirect.github.com/Papooch/nestjs-cls)) | [`3.2.0` → `3.2.1`](https://renovatebot.com/diffs/npm/@nestjs-cls%2ftransactional/3.2.0/3.2.1) |  |  | | [@nestjs-cls/transactional-adapter-prisma](https://papooch.github.io/nestjs-cls/) ([source](https://redirect.github.com/Papooch/nestjs-cls)) | [`1.3.4` → `1.3.5`](https://renovatebot.com/diffs/npm/@nestjs-cls%2ftransactional-adapter-prisma/1.3.4/1.3.5) |  |  | | [@nestjs/common](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/common)) | [`11.1.23` → `11.1.24`](https://renovatebot.com/diffs/npm/@nestjs%2fcommon/11.1.23/11.1.24) |  |  | | [@nestjs/core](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/core)) | [`11.1.23` → `11.1.24`](https://renovatebot.com/diffs/npm/@nestjs%2fcore/11.1.23/11.1.24) |  |  | | [@nestjs/platform-express](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/platform-express)) | [`11.1.23` → `11.1.24`](https://renovatebot.com/diffs/npm/@nestjs%2fplatform-express/11.1.23/11.1.24) |  |  | | [@nestjs/platform-socket.io](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/platform-socket.io)) | [`11.1.23` → `11.1.24`](https://renovatebot.com/diffs/npm/@nestjs%2fplatform-socket.io/11.1.23/11.1.24) |  |  | | [@nestjs/websockets](https://redirect.github.com/nestjs/nest) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/websockets)) | [`11.1.23` → `11.1.24`](https://renovatebot.com/diffs/npm/@nestjs%2fwebsockets/11.1.23/11.1.24) |  |  | --- ### Release Notes <details> <summary>Papooch/nestjs-cls (@​nestjs-cls/transactional)</summary> ### [`v3.2.1`](https://redirect.github.com/Papooch/nestjs-cls/releases/tag/v3.2.1) [Compare Source](https://redirect.github.com/Papooch/nestjs-cls/compare/@nestjs-cls/transactional@3.2.0...@nestjs-cls/transactional@3.2.1) - fix: `has` method respects falsy values ([#​57](https://redirect.github.com/Papooch/nestjs-cls/issues/57)) [`69f06e7`](https://redirect.github.com/Papooch/nestjs-cls/commit/69f06e7) </details> <details> <summary>nestjs/nest (@​nestjs/common)</summary> ### [`v11.1.24`](https://redirect.github.com/nestjs/nest/compare/v11.1.23...v11.1.24) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.23...v11.1.24) </details> <details> <summary>nestjs/nest (@​nestjs/core)</summary> ### [`v11.1.24`](https://redirect.github.com/nestjs/nest/compare/v11.1.23...v11.1.24) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.23...v11.1.24) </details> <details> <summary>nestjs/nest (@​nestjs/platform-express)</summary> ### [`v11.1.24`](https://redirect.github.com/nestjs/nest/compare/v11.1.23...v11.1.24) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.23...v11.1.24) </details> <details> <summary>nestjs/nest (@​nestjs/platform-socket.io)</summary> ### [`v11.1.24`](https://redirect.github.com/nestjs/nest/releases/tag/v11.1.24) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.23...v11.1.24) ##### v11.1.24 (2026-05-25) ##### Bug fixes - `core` - [#​17009](https://redirect.github.com/nestjs/nest/pull/17009) fix(core): reset dependency-tree cache on metadata changes ([@​puneetdixit200](https://redirect.github.com/puneetdixit200)) ##### Enhancements - `core` - [#​16997](https://redirect.github.com/nestjs/nest/pull/16997) feat(core): warn on late websocket adapter registration ([@​hbinhng](https://redirect.github.com/hbinhng)) ##### Dependencies - `platform-ws` - [#​17011](https://redirect.github.com/nestjs/nest/pull/17011) chore(deps): bump ws from 8.20.1 to 8.21.0 ([@​dependabot\[bot\]](https://redirect.github.com/apps/dependabot)) ##### Committers: 2 - Nguyễn Hải Bình ([@​hbinhng](https://redirect.github.com/hbinhng)) - Puneet Dixit ([@​puneetdixit200](https://redirect.github.com/puneetdixit200)) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTQuMCIsInVwZGF0ZWRJblZlciI6IjQzLjE5NC4wIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
2bd920fea6 |
chore: bump up @inquirer/prompts version to v8 (#15025)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@inquirer/prompts](https://redirect.github.com/SBoudrias/Inquirer.js/blob/main/packages/prompts/README.md) ([source](https://redirect.github.com/SBoudrias/Inquirer.js)) | [`^7.10.1` → `^8.0.0`](https://renovatebot.com/diffs/npm/@inquirer%2fprompts/7.10.1/8.5.0) |  |  | --- ### Release Notes <details> <summary>SBoudrias/Inquirer.js (@​inquirer/prompts)</summary> ### [`v8.5.0`](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.4.3...5ca6d1101d5d3f8fb066cd5b389bccfdafbbe0c0) [Compare Source](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.4.3...@inquirer/prompts@8.5.0) ### [`v8.4.3`](https://redirect.github.com/SBoudrias/Inquirer.js/releases/tag/%40inquirer/prompts%408.4.3) [Compare Source](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.4.2...@inquirer/prompts@8.4.3) - Fix: Windows rendering bug - Fix: Preserve exact literal types in `choices` array (Typescript only) - Fix: Allow input `default` value to be of type `undefined` (Typescript only) - Bump dependencies ### [`v8.4.2`](https://redirect.github.com/SBoudrias/Inquirer.js/releases/tag/%40inquirer/prompts%408.4.2) [Compare Source](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.4.1...@inquirer/prompts@8.4.2) - Fix: some Windows terminals would freeze and not react to keypresses. ### [`v8.4.1`](https://redirect.github.com/SBoudrias/Inquirer.js/releases/tag/%40inquirer/prompts%408.4.1) [Compare Source](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.4.0...@inquirer/prompts@8.4.1) - Improve `expand` prompt type inferrence. ### [`v8.4.0`](https://redirect.github.com/SBoudrias/Inquirer.js/releases/tag/%40inquirer/prompts%408.4.0) [Compare Source](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.3.2...@inquirer/prompts@8.4.0) - Feat: Added a loading message while validating editor prompt input. - Type improvement: Better type inference with checkbox, search and expand prompts. - Fix: `editor` prompt not always properly handling editor path on windows. ### [`v8.3.2`](https://redirect.github.com/SBoudrias/Inquirer.js/releases/tag/%40inquirer/prompts%408.3.2) [Compare Source](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.3.1...@inquirer/prompts@8.3.2) - Fix broken 8.3.1 release process. ### [`v8.3.1`](https://redirect.github.com/SBoudrias/Inquirer.js/releases/tag/%40inquirer/prompts%408.3.1) [Compare Source](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.3.0...@inquirer/prompts@8.3.1) - Bump dependencies ### [`v8.3.0`](https://redirect.github.com/SBoudrias/Inquirer.js/releases/tag/%40inquirer/prompts%408.3.0) [Compare Source](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.2.1...@inquirer/prompts@8.3.0) - Fix: Keypresses happening before a prompt is rendered are now ignored. - Fix (checkbox): Element who're both checked and disabled are now always included in the returned array. - Feat (select/checkbox): Cursor will now hover disabled options of the list; but they still cannot be interacted with. This prevents the cursor jumping ahead in ways that can be confusing. - Feat: various new theme options to make all prompts content localizable. Finally, see our new [`@inquirer/i18n` package](https://redirect.github.com/SBoudrias/Inquirer.js/tree/main/packages/i18n)! ### [`v8.2.1`](https://redirect.github.com/SBoudrias/Inquirer.js/releases/tag/%40inquirer/prompts%408.2.1) [Compare Source](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.2.0...@inquirer/prompts@8.2.1) - chore: Switch `wrap-ansi` with `fast-wrap-ansi` ### [`v8.2.0`](https://redirect.github.com/SBoudrias/Inquirer.js/releases/tag/%40inquirer/prompts%408.2.0) [Compare Source](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.1.0...@inquirer/prompts@8.2.0) - feat(`search`): Add support for `default`. - feat(`rawlist`): Add support for `description` of choices. That information is displayed under the list when the choice is highlighted. - Bump dependencies ### [`v8.1.0`](https://redirect.github.com/SBoudrias/Inquirer.js/releases/tag/%40inquirer/prompts%408.1.0) [Compare Source](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.0.2...@inquirer/prompts@8.1.0) - Feat: `rawlist` now supports `default` option. - Fix: `select` now infer return type properly when passing a `choices` array of string literals. ### [`v8.0.2`](https://redirect.github.com/SBoudrias/Inquirer.js/releases/tag/%40inquirer/prompts%408.0.2) [Compare Source](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.0.1...@inquirer/prompts@8.0.2) - Fix Typescript not discovering types when `moduleResolution` is set to `commonjs` (you probably want to fix that in your project if it's still in your tsconfig) ### [`v8.0.1`](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.0.0...@inquirer/prompts@8.0.1) [Compare Source](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@8.0.0...@inquirer/prompts@8.0.1) ### [`v8.0.0`](https://redirect.github.com/SBoudrias/Inquirer.js/releases/tag/%40inquirer/prompts%408.0.0) [Compare Source](https://redirect.github.com/SBoudrias/Inquirer.js/compare/@inquirer/prompts@7.10.1...@inquirer/prompts@8.0.0) ### Release Notes #### 🚨 Breaking Changes This is a major release that modernizes the codebase for Node.js ≥ 20. ##### ESM Only - No More CommonJS Support **Impact:** All packages are now ESM-only. CommonJS imports are no longer supported. If you're on modern Node versions (≥ 20), this should be transparent and have no impact. ##### Node.js Version Requirement **Minimum Node.js version is now 20.x** Node.js versions below 20 are no longer supported. Please upgrade to Node.js 20 or later. Node min versions: `>=23.5.0 || ^22.13.0 || ^21.7.0 || ^20.12.0` ##### Deprecated APIs Removed The following deprecated APIs have been removed after being deprecated in previous releases: ##### `list` prompt alias removed (affects `inquirer` package only) The `list` alias has been removed from the `inquirer` package. This only impacts users of the legacy `inquirer` package, not users of `@inquirer/prompts` or individual prompt packages. ```js // ❌ No longer available (inquirer package only) import inquirer from 'inquirer'; const answer = await inquirer.prompt([ { type: 'list', name: 'choice', message: 'Pick one:', choices: ['a', 'b'] } ]); // ✅ Use 'select' instead import inquirer from 'inquirer'; const answer = await inquirer.prompt([ { type: 'select', name: 'choice', message: 'Pick one:', choices: ['a', 'b'] } ]); ``` ##### `helpMode` theme property removed ```js // ❌ No longer available const answer = await select({ theme: { helpMode: 'never' } }); // ✅ Use theme.style.keysHelpTip instead const answer = await select({ theme: { style: { keysHelpTip: () => undefined // or your custom styling function } } }); ``` This affects the following prompts: - `@inquirer/checkbox` - `@inquirer/search` - `@inquirer/select` ##### `instructions` config property removed ```js // ❌ No longer available const answer = await checkbox({ instructions: 'Custom instructions' }); // ✅ Use theme.style.keysHelpTip instead const answer = await checkbox({ theme: { style: { keysHelpTip: (text) => 'Custom instructions' } } }); ``` This affects the following prompts: - `@inquirer/checkbox` - `@inquirer/search` - `@inquirer/select` ##### `cancel()` method removed The `cancel()` method on prompt return custom `Promise` has been removed. ```js // ❌ No longer available const answerPromise = input({ message: 'Name?' }); answerPromise.cancel(); const answer = await answerPromise; // ✅ Use AbortSignal instead const controller = new AbortController(); const answer = await input( { message: 'Name?' }, { signal: controller.signal } ); controller.abort(); ``` ##### Color Library Change: yoctocolors → Node.js `styleText` **Internal change:** The project now uses Node.js built-in `util.styleText()` instead of the `yoctocolors` package for terminal colors. This makes Inquirer smaller and reduces risks of vulnerabilities coming from transitive dependencies. </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTQuMCIsInVwZGF0ZWRJblZlciI6IjQzLjE5NC4wIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
b3b9c54a89 |
chore: bump up @types/nodemailer version to v8 (#15026)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@types/nodemailer](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/nodemailer) ([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/nodemailer)) | [`^7.0.0` → `^8.0.0`](https://renovatebot.com/diffs/npm/@types%2fnodemailer/7.0.9/8.0.0) |  |  | --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTQuMCIsInVwZGF0ZWRJblZlciI6IjQzLjE5NC4wIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
95dd8d03be |
chore: bump up nestjs (#15023)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@nestjs/apollo](https://redirect.github.com/nestjs/graphql) | [`13.4.1` → `13.4.2`](https://renovatebot.com/diffs/npm/@nestjs%2fapollo/13.4.1/13.4.2) |  |  | | [@nestjs/common](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/common)) | [`11.1.21` → `11.1.23`](https://renovatebot.com/diffs/npm/@nestjs%2fcommon/11.1.21/11.1.23) |  |  | | [@nestjs/core](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/core)) | [`11.1.21` → `11.1.23`](https://renovatebot.com/diffs/npm/@nestjs%2fcore/11.1.21/11.1.23) |  |  | | [@nestjs/graphql](https://redirect.github.com/nestjs/graphql) | [`13.4.1` → `13.4.2`](https://renovatebot.com/diffs/npm/@nestjs%2fgraphql/13.4.1/13.4.2) |  |  | | [@nestjs/platform-express](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/platform-express)) | [`11.1.21` → `11.1.23`](https://renovatebot.com/diffs/npm/@nestjs%2fplatform-express/11.1.21/11.1.23) |  |  | | [@nestjs/platform-socket.io](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/platform-socket.io)) | [`11.1.21` → `11.1.23`](https://renovatebot.com/diffs/npm/@nestjs%2fplatform-socket.io/11.1.21/11.1.23) |  |  | | [@nestjs/swagger](https://redirect.github.com/nestjs/swagger) | [`11.4.3` → `11.4.4`](https://renovatebot.com/diffs/npm/@nestjs%2fswagger/11.4.3/11.4.4) |  |  | | [@nestjs/websockets](https://redirect.github.com/nestjs/nest) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/websockets)) | [`11.1.21` → `11.1.23`](https://renovatebot.com/diffs/npm/@nestjs%2fwebsockets/11.1.21/11.1.23) |  |  | --- ### Release Notes <details> <summary>nestjs/graphql (@​nestjs/apollo)</summary> ### [`v13.4.2`](https://redirect.github.com/nestjs/graphql/releases/tag/v13.4.2) [Compare Source](https://redirect.github.com/nestjs/graphql/compare/v13.4.1...v13.4.2) ##### v13.4.2 (2026-05-21) ##### Bug fixes - `graphql` - [#​4007](https://redirect.github.com/nestjs/graphql/pull/4007) fix(graphql): preserve PickType fields for dual-decorated inputs ([@​yudin-s](https://redirect.github.com/yudin-s)) ##### Committers: 1 - Serge Yudin ([@​yudin-s](https://redirect.github.com/yudin-s)) </details> <details> <summary>nestjs/nest (@​nestjs/common)</summary> ### [`v11.1.23`](https://redirect.github.com/nestjs/nest/releases/tag/v11.1.23) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.22...v11.1.23) ##### v11.1.23 (2026-05-21) ##### Bug fixes - `core` - [#​16998](https://redirect.github.com/nestjs/nest/issues/16998) fix snapshot: true eagerly instantiates Terminus transient indicators since 11.1.20 ##### Committers: 1 - Kamil Mysliwiec ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) ### [`v11.1.22`](https://redirect.github.com/nestjs/nest/releases/tag/v11.1.22) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.21...v11.1.22) ##### v11.1.22 (2026-05-21) ##### Bug fixes - `core` - [#​16993](https://redirect.github.com/nestjs/nest/pull/16993) fix(core): inflight request injection bug [#​16989](https://redirect.github.com/nestjs/nest/issues/16989) ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) ##### Enhancements - `core` - [#​16967](https://redirect.github.com/nestjs/nest/pull/16967) fix(core): identify decorator type in invalid-class-module error ([@​HarrierOnChain](https://redirect.github.com/HarrierOnChain)) - ##### Committers: 2 - Harrier ([@​HarrierOnChain](https://redirect.github.com/HarrierOnChain)) - Kamil Mysliwiec ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) </details> <details> <summary>nestjs/swagger (@​nestjs/swagger)</summary> ### [`v11.4.4`](https://redirect.github.com/nestjs/swagger/releases/tag/11.4.4) [Compare Source](https://redirect.github.com/nestjs/swagger/compare/11.4.3...11.4.4) #### 11.4.4 (2026-05-21) ##### Bug fixes - [#​3930](https://redirect.github.com/nestjs/swagger/pull/3930) fix: top-level nullable with discriminator issue ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) ##### Enhancements - [#​3921](https://redirect.github.com/nestjs/swagger/pull/3921) feat(swagger): add summary field to Tag Object (OpenAPI 3.2) ([@​frbuceta](https://redirect.github.com/frbuceta)) - [#​3924](https://redirect.github.com/nestjs/swagger/pull/3924) feat(swagger): warn when [@​ApiTags](https://redirect.github.com/ApiTags) receives hierarchy fields ([@​frbuceta](https://redirect.github.com/frbuceta)) - [#​3925](https://redirect.github.com/nestjs/swagger/pull/3925) fix(swagger): type Tag Object kind as a free-form string ([@​frbuceta](https://redirect.github.com/frbuceta)) ##### Committers: 4 - Alexander Scholz ([@​LucidityDesign](https://redirect.github.com/LucidityDesign)) - Francisco Buceta ([@​frbuceta](https://redirect.github.com/frbuceta)) - Kamil Mysliwiec ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) - Natanael dos Santos Feitosa ([@​natanfeitosa](https://redirect.github.com/natanfeitosa)) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xOTQuMCIsInVwZGF0ZWRJblZlciI6IjQzLjE5NC4wIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
6d1172ba44 | chore: bump deps | ||
|
|
adfa51a372 |
chore: bump up oxlint version to v1.66.0 (#14974)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [oxlint](https://oxc.rs/docs/guide/usage/linter) ([source](https://redirect.github.com/oxc-project/oxc/tree/HEAD/npm/oxlint)) | [`1.58.0` → `1.66.0`](https://renovatebot.com/diffs/npm/oxlint/1.58.0/1.66.0) |  |  | --- ### Release Notes <details> <summary>oxc-project/oxc (oxlint)</summary> ### [`v1.66.0`](https://redirect.github.com/oxc-project/oxc/blob/HEAD/npm/oxlint/CHANGELOG.md#1660---2026-05-18) [Compare Source](https://redirect.github.com/oxc-project/oxc/compare/oxlint_v1.65.0...oxlint_v1.66.0) ##### 🚀 Features - [`0440b0f`](https://redirect.github.com/oxc-project/oxc/commit/0440b0f) linter/eslint: Implement `id-match` rule ([#​22379](https://redirect.github.com/oxc-project/oxc/issues/22379)) (Vladislav Sayapin) - [`65bf119`](https://redirect.github.com/oxc-project/oxc/commit/65bf119) linter: Implement react no-object-type-as-default-prop ([#​22481](https://redirect.github.com/oxc-project/oxc/issues/22481)) (uhyo) - [`2a6ddce`](https://redirect.github.com/oxc-project/oxc/commit/2a6ddce) linter/eslint: Implement `no-implied-eval` rule ([#​22391](https://redirect.github.com/oxc-project/oxc/issues/22391)) (Vladislav Sayapin) - [`625758a`](https://redirect.github.com/oxc-project/oxc/commit/625758a) linter/vitest: Implement padding-around-after-all-blocks rule ([#​21788](https://redirect.github.com/oxc-project/oxc/issues/21788)) (kapobajza) - [`37680b0`](https://redirect.github.com/oxc-project/oxc/commit/37680b0) linter: Implement react no-unstable-nested-components ([#​22248](https://redirect.github.com/oxc-project/oxc/issues/22248)) (Jovi De Croock) - [`d8d9c74`](https://redirect.github.com/oxc-project/oxc/commit/d8d9c74) linter: Implement import/newline-after-import rule ([#​19142](https://redirect.github.com/oxc-project/oxc/issues/19142)) (Ryuya Yanagi) ### [`v1.65.0`](https://redirect.github.com/oxc-project/oxc/blob/HEAD/npm/oxlint/CHANGELOG.md#1650---2026-05-15) [Compare Source](https://redirect.github.com/oxc-project/oxc/compare/oxlint_v1.64.0...oxlint_v1.65.0) ##### 🚀 Features - [`5478fb5`](https://redirect.github.com/oxc-project/oxc/commit/5478fb5) linter/jsdoc: Implement `require-throws-description` rule ([#​22386](https://redirect.github.com/oxc-project/oxc/issues/22386)) (Mikhail Baev) - [`c73225e`](https://redirect.github.com/oxc-project/oxc/commit/c73225e) linter/eslint: Implement `prefer-arrow-callback` rule ([#​22312](https://redirect.github.com/oxc-project/oxc/issues/22312)) (박천(Cheon Park)) - [`de82b59`](https://redirect.github.com/oxc-project/oxc/commit/de82b59) linter: Add support for `eslint-plugin-jsx-a11y-x` ([#​22356](https://redirect.github.com/oxc-project/oxc/issues/22356)) (mehm8128) - [`f44b6c8`](https://redirect.github.com/oxc-project/oxc/commit/f44b6c8) linter: Fill schemas `DummyRuleMap` with built-in rules ([#​22288](https://redirect.github.com/oxc-project/oxc/issues/22288)) (Sysix) ### [`v1.64.0`](https://redirect.github.com/oxc-project/oxc/blob/HEAD/npm/oxlint/CHANGELOG.md#1640---2026-05-11) [Compare Source](https://redirect.github.com/oxc-project/oxc/compare/oxlint_v1.63.0...oxlint_v1.64.0) ##### 🚀 Features - [`fbb8f22`](https://redirect.github.com/oxc-project/oxc/commit/fbb8f22) linter: Support `ignores` in overrides ([#​22148](https://redirect.github.com/oxc-project/oxc/issues/22148)) (camc314) ##### 🐛 Bug Fixes - [`25b7017`](https://redirect.github.com/oxc-project/oxc/commit/25b7017) linter: Undocument override `ignores` option ([#​22213](https://redirect.github.com/oxc-project/oxc/issues/22213)) (camc314) ### [`v1.63.0`](https://redirect.github.com/oxc-project/oxc/blob/HEAD/npm/oxlint/CHANGELOG.md#1630---2026-05-05) [Compare Source](https://redirect.github.com/oxc-project/oxc/compare/oxlint_v1.62.0...oxlint_v1.63.0) ##### 📚 Documentation - [`cacbc4a`](https://redirect.github.com/oxc-project/oxc/commit/cacbc4a) linter: Fix jest settings docs. ([#​22127](https://redirect.github.com/oxc-project/oxc/issues/22127)) (connorshea) ### [`v1.62.0`](https://redirect.github.com/oxc-project/oxc/blob/HEAD/npm/oxlint/CHANGELOG.md#1620---2026-04-27) [Compare Source](https://redirect.github.com/oxc-project/oxc/compare/7a75f0d0555ee8e5012874eeb3f06f7272804e37...oxlint_v1.62.0) ##### 🚀 Features - [`348f46c`](https://redirect.github.com/oxc-project/oxc/commit/348f46c) linter: Add `respectEslintDisableDirectives` option ([#​21384](https://redirect.github.com/oxc-project/oxc/issues/21384)) (Christian Vuerings) ##### 🐛 Bug Fixes - [`8c425db`](https://redirect.github.com/oxc-project/oxc/commit/8c425db) linter: Allow string for jest version in config schema ([#​21649](https://redirect.github.com/oxc-project/oxc/issues/21649)) (camc314) ### [`v1.61.1`](https://redirect.github.com/oxc-project/oxc/compare/oxlint_v1.61.0...7a75f0d0555ee8e5012874eeb3f06f7272804e37) [Compare Source](https://redirect.github.com/oxc-project/oxc/compare/oxlint_v1.61.0...7a75f0d0555ee8e5012874eeb3f06f7272804e37) ### [`v1.61.0`](https://redirect.github.com/oxc-project/oxc/blob/HEAD/npm/oxlint/CHANGELOG.md#1610---2026-04-20) [Compare Source](https://redirect.github.com/oxc-project/oxc/compare/oxlint_v1.60.0...oxlint_v1.61.0) ##### 🚀 Features - [`38d8090`](https://redirect.github.com/oxc-project/oxc/commit/38d8090) linter/jest: Implemented jest `version` settings in config file. ([#​21522](https://redirect.github.com/oxc-project/oxc/issues/21522)) (Said Atrahouch) ### [`v1.60.0`](https://redirect.github.com/oxc-project/oxc/blob/HEAD/npm/oxlint/CHANGELOG.md#1600---2026-04-13) [Compare Source](https://redirect.github.com/oxc-project/oxc/compare/oxlint_v1.59.0...oxlint_v1.60.0) ##### 📚 Documentation - [`cfd8a4f`](https://redirect.github.com/oxc-project/oxc/commit/cfd8a4f) linter: Don't rely on old eslint doc for available globals ([#​21334](https://redirect.github.com/oxc-project/oxc/issues/21334)) (Nicolas Le Cam) ### [`v1.59.0`]() [Compare Source](https://redirect.github.com/oxc-project/oxc/compare/oxlint_v1.58.0...oxlint_v1.59.0) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNzkuMyIsInVwZGF0ZWRJblZlciI6IjQzLjE4NS4xIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
6e97aff7ba |
chore: bump up oxlint-tsgolint version to ^0.23.0 (#15007)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [oxlint-tsgolint](https://redirect.github.com/oxc-project/tsgolint) | [`^0.19.0` → `^0.23.0`](https://renovatebot.com/diffs/npm/oxlint-tsgolint/0.19.0/0.23.0) |  |  | --- ### Release Notes <details> <summary>oxc-project/tsgolint (oxlint-tsgolint)</summary> ### [`v0.23.0`](https://redirect.github.com/oxc-project/tsgolint/releases/tag/v0.23.0) [Compare Source](https://redirect.github.com/oxc-project/tsgolint/compare/v0.22.1...v0.23.0) #### What's Changed - chore(deps): update crate-ci/typos action to v1.45.2 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​915](https://redirect.github.com/oxc-project/tsgolint/pull/915) - feat: add skill for upgrading typescript-go by [@​camc314](https://redirect.github.com/camc314) in [#​918](https://redirect.github.com/oxc-project/tsgolint/pull/918) - chore(deps): update pnpm to v10.33.2 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​921](https://redirect.github.com/oxc-project/tsgolint/pull/921) - chore: update typescript-go submodule by [@​camc314](https://redirect.github.com/camc314) in [#​922](https://redirect.github.com/oxc-project/tsgolint/pull/922) - fix: attach tsconfig path to diagnostics by [@​camc314](https://redirect.github.com/camc314) in [#​923](https://redirect.github.com/oxc-project/tsgolint/pull/923) - fix(prefer-nullish-coalescing): parenthesize mixed logical fixes by [@​camc314](https://redirect.github.com/camc314) in [#​924](https://redirect.github.com/oxc-project/tsgolint/pull/924) - tests(return-await): cover non-async arrow functions by [@​camc314](https://redirect.github.com/camc314) in [#​926](https://redirect.github.com/oxc-project/tsgolint/pull/926) - chore(deps): update github.com/go-json-experiment/json digest to [`b6187a3`](https://redirect.github.com/oxc-project/tsgolint/commit/b6187a3) by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​927](https://redirect.github.com/oxc-project/tsgolint/pull/927) - chore(deps): update github actions by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​928](https://redirect.github.com/oxc-project/tsgolint/pull/928) - chore(deps): update crate-ci/typos action to v1.46.0 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​929](https://redirect.github.com/oxc-project/tsgolint/pull/929) - chore(deps): update module github.com/dlclark/regexp2 to v2 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​930](https://redirect.github.com/oxc-project/tsgolint/pull/930) - chore: update typescript-go submodule by [@​camc314](https://redirect.github.com/camc314) in [#​931](https://redirect.github.com/oxc-project/tsgolint/pull/931) - chore(deps): update typescript-go digest to [`48e2953`](https://redirect.github.com/oxc-project/tsgolint/commit/48e2953) by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​933](https://redirect.github.com/oxc-project/tsgolint/pull/933) - chore(deps): update typescript-go digest to [`5eb880f`](https://redirect.github.com/oxc-project/tsgolint/commit/5eb880f) by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​936](https://redirect.github.com/oxc-project/tsgolint/pull/936) - fix(no-misused-promises): handle empty JSX attributes by [@​camc314](https://redirect.github.com/camc314) in [#​938](https://redirect.github.com/oxc-project/tsgolint/pull/938) - fix(no-unsafe-enum-comparison): flag string literal unions by [@​camc314](https://redirect.github.com/camc314) in [#​937](https://redirect.github.com/oxc-project/tsgolint/pull/937) - chore(deps): update typescript-go digest to [`e1f8f97`](https://redirect.github.com/oxc-project/tsgolint/commit/e1f8f97) by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​939](https://redirect.github.com/oxc-project/tsgolint/pull/939) - chore(deps): update typescript-go digest to [`092b34f`](https://redirect.github.com/oxc-project/tsgolint/commit/092b34f) by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​940](https://redirect.github.com/oxc-project/tsgolint/pull/940) - chore: configure typescript-go renovate schedule by [@​camc314](https://redirect.github.com/camc314) in [#​941](https://redirect.github.com/oxc-project/tsgolint/pull/941) - chore(deps): update github actions by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​945](https://redirect.github.com/oxc-project/tsgolint/pull/945) - chore(deps): update dependency dprint-typescript to v0.96.0 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​947](https://redirect.github.com/oxc-project/tsgolint/pull/947) - chore(deps): update gomod by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​946](https://redirect.github.com/oxc-project/tsgolint/pull/946) - chore(deps): update crate-ci/typos action to v1.46.1 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​948](https://redirect.github.com/oxc-project/tsgolint/pull/948) - fix(prefer-nullish-coalescing): emit suggestion over fix by [@​camc314](https://redirect.github.com/camc314) in [#​951](https://redirect.github.com/oxc-project/tsgolint/pull/951) - chore: update packageManager to pnpm 11.0.4 by [@​Boshen](https://redirect.github.com/Boshen) in [#​953](https://redirect.github.com/oxc-project/tsgolint/pull/953) - chore: update typescript-go submodule by [@​camc314](https://redirect.github.com/camc314) in [#​955](https://redirect.github.com/oxc-project/tsgolint/pull/955) - fix(no-nullable-type-assertion-style): use suggestion instead of fix by [@​camc314](https://redirect.github.com/camc314) in [#​956](https://redirect.github.com/oxc-project/tsgolint/pull/956) - docs: Update Go version requirement to 1.26 in CONTRIBUTING.md. by [@​connorshea](https://redirect.github.com/connorshea) in [#​957](https://redirect.github.com/oxc-project/tsgolint/pull/957) - fix: allow safe promise intersection members by [@​camc314](https://redirect.github.com/camc314) in [#​959](https://redirect.github.com/oxc-project/tsgolint/pull/959) - ci: switch security workflow to ubuntu-latest by [@​Boshen](https://redirect.github.com/Boshen) in [#​962](https://redirect.github.com/oxc-project/tsgolint/pull/962) - chore(deps): update dependency vitest to v4.1.6 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​963](https://redirect.github.com/oxc-project/tsgolint/pull/963) - chore(deps): update module github.com/dlclark/regexp2/v2 to v2.0.3 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​964](https://redirect.github.com/oxc-project/tsgolint/pull/964) - chore(deps): update dependency dprint-markdown to v0.22.0 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​965](https://redirect.github.com/oxc-project/tsgolint/pull/965) - chore(deps): update github actions by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​966](https://redirect.github.com/oxc-project/tsgolint/pull/966) - perf(no-unnecessary-type-parameters): stop counting settled candidates by [@​camc314](https://redirect.github.com/camc314) in [#​967](https://redirect.github.com/oxc-project/tsgolint/pull/967) - chore: add `dprint` to pnpm `allowBuilds` by [@​camc314](https://redirect.github.com/camc314) in [#​968](https://redirect.github.com/oxc-project/tsgolint/pull/968) **Full Changelog**: <https://github.com/oxc-project/tsgolint/compare/v0.22.1...v0.23.0> ### [`v0.22.1`](https://redirect.github.com/oxc-project/tsgolint/releases/tag/v0.22.1) [Compare Source](https://redirect.github.com/oxc-project/tsgolint/compare/v0.22.0...v0.22.1) #### What's Changed - fix: clarify `AGENTS.md` submodule guidance by [@​camc314](https://redirect.github.com/camc314) in [#​909](https://redirect.github.com/oxc-project/tsgolint/pull/909) - feat(no-unsafe-enum-comparison): implement suggestion by [@​camc314](https://redirect.github.com/camc314) in [#​910](https://redirect.github.com/oxc-project/tsgolint/pull/910) - feat(no-unnecessary-template-expression): implement fix by [@​camc314](https://redirect.github.com/camc314) in [#​911](https://redirect.github.com/oxc-project/tsgolint/pull/911) - chore(deps): update dependency vitest to v4.1.5 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​912](https://redirect.github.com/oxc-project/tsgolint/pull/912) - chore(deps): update github-actions by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​913](https://redirect.github.com/oxc-project/tsgolint/pull/913) - fix(prefer-optional-chain): avoid access comparison false positive by [@​camc314](https://redirect.github.com/camc314) in [#​914](https://redirect.github.com/oxc-project/tsgolint/pull/914) **Full Changelog**: <https://github.com/oxc-project/tsgolint/compare/v0.22.0...v0.22.1> ### [`v0.22.0`](https://redirect.github.com/oxc-project/tsgolint/releases/tag/v0.22.0) [Compare Source](https://redirect.github.com/oxc-project/tsgolint/compare/v0.21.1...v0.22.0) #### What's Changed - chore: convert renovate config to json by [@​Boshen](https://redirect.github.com/Boshen) in [#​893](https://redirect.github.com/oxc-project/tsgolint/pull/893) - chore: update typescript-go submodule by [@​camc314](https://redirect.github.com/camc314) in [#​895](https://redirect.github.com/oxc-project/tsgolint/pull/895) - ci: replace OXC\_BOT\_PAT with GitHub App tokens by [@​Boshen](https://redirect.github.com/Boshen) in [#​894](https://redirect.github.com/oxc-project/tsgolint/pull/894) - ci: add security analysis workflow by [@​Boshen](https://redirect.github.com/Boshen) in [#​898](https://redirect.github.com/oxc-project/tsgolint/pull/898) - chore(deps): update github-actions by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​899](https://redirect.github.com/oxc-project/tsgolint/pull/899) - chore(deps): update module github.com/dlclark/regexp2 to v1.12.0 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​900](https://redirect.github.com/oxc-project/tsgolint/pull/900) - chore(deps): update dependency typescript to v6.0.3 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​901](https://redirect.github.com/oxc-project/tsgolint/pull/901) - ci: make security analysis required-check friendly by [@​Boshen](https://redirect.github.com/Boshen) in [#​902](https://redirect.github.com/oxc-project/tsgolint/pull/902) - feat(require-await): implement suggestions by [@​younggglcy](https://redirect.github.com/younggglcy) in [#​896](https://redirect.github.com/oxc-project/tsgolint/pull/896) - fix: add warning for unsupported tsgolint CLI entrypoint by [@​camc314](https://redirect.github.com/camc314) in [#​903](https://redirect.github.com/oxc-project/tsgolint/pull/903) - fix: resolve ancestor tsconfig for excluded nearest config by [@​camc314](https://redirect.github.com/camc314) in [#​904](https://redirect.github.com/oxc-project/tsgolint/pull/904) - chore: update typescript-go submodule by [@​camc314](https://redirect.github.com/camc314) in [#​905](https://redirect.github.com/oxc-project/tsgolint/pull/905) - fix: handle UTF-16 diagnostics by [@​camc314](https://redirect.github.com/camc314) in [#​906](https://redirect.github.com/oxc-project/tsgolint/pull/906) - fix(no-useless-default-assignment): make default assignment removal a suggestion by [@​camc314](https://redirect.github.com/camc314) in [#​907](https://redirect.github.com/oxc-project/tsgolint/pull/907) - fix(no-unnecessary-type-arguments): preserve shadowed type arguments by [@​camc314](https://redirect.github.com/camc314) in [#​908](https://redirect.github.com/oxc-project/tsgolint/pull/908) **Full Changelog**: <https://github.com/oxc-project/tsgolint/compare/v0.21.1...v0.22.0> ### [`v0.21.1`](https://redirect.github.com/oxc-project/tsgolint/releases/tag/v0.21.1) [Compare Source](https://redirect.github.com/oxc-project/tsgolint/compare/v0.21.0...v0.21.1) ##### What's Changed - fix(no-unnecessary-condition): handle null overlap in narrowed generic intersections by [@​camc314](https://redirect.github.com/camc314) in [#​891](https://redirect.github.com/oxc-project/tsgolint/pull/891) - revert(no-unnecessary-type-arguments): drop inference reporting by [@​camc314](https://redirect.github.com/camc314) in [#​892](https://redirect.github.com/oxc-project/tsgolint/pull/892) **Full Changelog**: <https://github.com/oxc-project/tsgolint/compare/v0.21.0...v0.21.1> ### [`v0.21.0`](https://redirect.github.com/oxc-project/tsgolint/releases/tag/v0.21.0) [Compare Source](https://redirect.github.com/oxc-project/tsgolint/compare/v0.20.0...v0.21.0) ##### What's Changed - chore: migrate gen-json-schemas to TS by [@​camc314](https://redirect.github.com/camc314) in [#​874](https://redirect.github.com/oxc-project/tsgolint/pull/874) - chore: update typescript-go submodule by [@​camc314](https://redirect.github.com/camc314) in [#​879](https://redirect.github.com/oxc-project/tsgolint/pull/879) - chore(deps): update github-actions by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​883](https://redirect.github.com/oxc-project/tsgolint/pull/883) - chore(deps): update gomod by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​884](https://redirect.github.com/oxc-project/tsgolint/pull/884) - chore(deps): update npm packages by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​885](https://redirect.github.com/oxc-project/tsgolint/pull/885) - feat: improve `consistent-type-exports` diagnostics quality by [@​camchenry](https://redirect.github.com/camchenry) in [#​880](https://redirect.github.com/oxc-project/tsgolint/pull/880) - chore(deps): update softprops/action-gh-release action to v3 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​886](https://redirect.github.com/oxc-project/tsgolint/pull/886) - feat: enrich the `no-array-delete` diagnostic by [@​camchenry](https://redirect.github.com/camchenry) in [#​881](https://redirect.github.com/oxc-project/tsgolint/pull/881) - feat: enrich `no-duplicate-type-constituents` diagnostic by [@​camchenry](https://redirect.github.com/camchenry) in [#​882](https://redirect.github.com/oxc-project/tsgolint/pull/882) - fix(no-meaningless-void-operator): align with typescript-eslint union handling by [@​camc314](https://redirect.github.com/camc314) in [#​887](https://redirect.github.com/oxc-project/tsgolint/pull/887) - chore(deps): update crate-ci/typos action to v1.45.1 by [@​renovate](https://redirect.github.com/renovate)\[bot] in [#​888](https://redirect.github.com/oxc-project/tsgolint/pull/888) - fix(no-deprecated): avoid false positive on array destructuring bindings by [@​camc314](https://redirect.github.com/camc314) in [#​890](https://redirect.github.com/oxc-project/tsgolint/pull/890) **Full Changelog**: <https://github.com/oxc-project/tsgolint/compare/v0.20.0...v0.21.0> ### [`v0.20.0`]() [Compare Source](https://redirect.github.com/oxc-project/tsgolint/compare/v0.19.0...v0.20.0) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xODUuMSIsInVwZGF0ZWRJblZlciI6IjQzLjE4NS4xIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
276b0db625 |
chore: bump up eslint-plugin-oxlint version to v1.66.0 (#15006)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [eslint-plugin-oxlint](https://redirect.github.com/oxc-project/eslint-plugin-oxlint) | [`1.64.0` → `1.66.0`](https://renovatebot.com/diffs/npm/eslint-plugin-oxlint/1.64.0/1.66.0) |  |  | --- ### Release Notes <details> <summary>oxc-project/eslint-plugin-oxlint (eslint-plugin-oxlint)</summary> ### [`v1.66.0`](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/releases/tag/v1.66.0) [Compare Source](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.65.0...v1.66.0) *No significant changes* ##### [View changes on GitHub](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.65.0...v1.66.0) ### [`v1.65.0`](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/releases/tag/v1.65.0) [Compare Source](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.64.0...v1.65.0) *No significant changes* ##### [View changes on GitHub](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.64.0...v1.65.0) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xODUuMSIsInVwZGF0ZWRJblZlciI6IjQzLjE4NS4xIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
bac346f304 | chore: bump up nestjs to v13.4.1 (#15002) | ||
|
|
0f5778ac89 |
feat(editor): calendar view for database block (#14984)
fix #13663 #### PR Dependency Tree * **PR #14984** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Calendar view for database blocks (month layout, entry cards, external-source support) * Workspace calendar integration and new slash-menu "Calendar View" * **Improvements** * Create/manage database rows from calendar UI; preserve durations when moving/resizing ranges * Drag-and-drop, drop-preview, and hit-testing support for calendar and docs * Redesigned in-menu View settings with multi-page navigation * Context-menu input autofocus toggle and conditional back-navigation * **Tests** * New unit and E2E suites covering calendar layout, interactions, sources, and slash-menu integration <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
|
661d5d3831 |
chore: bump up eslint-plugin-oxlint version to v1.64.0 (#14972)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [eslint-plugin-oxlint](https://redirect.github.com/oxc-project/eslint-plugin-oxlint) | [`1.60.0` → `1.64.0`](https://renovatebot.com/diffs/npm/eslint-plugin-oxlint/1.60.0/1.64.0) |  |  | --- ### Release Notes <details> <summary>oxc-project/eslint-plugin-oxlint (eslint-plugin-oxlint)</summary> ### [`v1.64.0`](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/releases/tag/v1.64.0) [Compare Source](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.63.0...v1.64.0) *No significant changes* ##### [View changes on GitHub](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.63.0...v1.64.0) ### [`v1.63.0`](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/releases/tag/v1.63.0) [Compare Source](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.62.0...v1.63.0) ##### 🐞 Bug Fixes - Ignore [@​typescript-eslint/consistent-type-imports](https://redirect.github.com/typescript-eslint/consistent-type-imports) for vue, astro, and svelte files - by [@​Sysix](https://redirect.github.com/Sysix) in [#​710](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/issues/710) [<samp>(e9eb2)</samp>](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/commit/e9eb236) ##### [View changes on GitHub](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.62.0...v1.63.0) ### [`v1.62.0`](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/releases/tag/v1.62.0) [Compare Source](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.61.0...v1.62.0) *No significant changes* ##### [View changes on GitHub](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.61.0...v1.62.0) ### [`v1.61.0`](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/releases/tag/v1.61.0) [Compare Source](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.60.0...v1.61.0) *No significant changes* ##### [View changes on GitHub](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.60.0...v1.61.0) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNzkuMyIsInVwZGF0ZWRJblZlciI6IjQzLjE3OS4zIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
d9cebdfc95 |
chore: bump up nestjs (#14968)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@nestjs/common](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/common)) | [`11.1.20` → `11.1.21`](https://renovatebot.com/diffs/npm/@nestjs%2fcommon/11.1.20/11.1.21) |  |  | | [@nestjs/core](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/core)) | [`11.1.20` → `11.1.21`](https://renovatebot.com/diffs/npm/@nestjs%2fcore/11.1.20/11.1.21) |  |  | | [@nestjs/platform-express](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/platform-express)) | [`11.1.20` → `11.1.21`](https://renovatebot.com/diffs/npm/@nestjs%2fplatform-express/11.1.20/11.1.21) |  |  | | [@nestjs/platform-socket.io](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/platform-socket.io)) | [`11.1.20` → `11.1.21`](https://renovatebot.com/diffs/npm/@nestjs%2fplatform-socket.io/11.1.20/11.1.21) |  |  | | [@nestjs/swagger](https://redirect.github.com/nestjs/swagger) | [`11.4.2` → `11.4.3`](https://renovatebot.com/diffs/npm/@nestjs%2fswagger/11.4.2/11.4.3) |  |  | | [@nestjs/websockets](https://redirect.github.com/nestjs/nest) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/websockets)) | [`11.1.20` → `11.1.21`](https://renovatebot.com/diffs/npm/@nestjs%2fwebsockets/11.1.20/11.1.21) |  |  | --- ### Release Notes <details> <summary>nestjs/nest (@​nestjs/common)</summary> ### [`v11.1.21`](https://redirect.github.com/nestjs/nest/compare/v11.1.20...983dd52c4927753be3421162fc43e4fde8d3fcde) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.20...v11.1.21) </details> <details> <summary>nestjs/nest (@​nestjs/core)</summary> ### [`v11.1.21`](https://redirect.github.com/nestjs/nest/compare/v11.1.20...983dd52c4927753be3421162fc43e4fde8d3fcde) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.20...v11.1.21) </details> <details> <summary>nestjs/nest (@​nestjs/platform-express)</summary> ### [`v11.1.21`](https://redirect.github.com/nestjs/nest/compare/v11.1.20...983dd52c4927753be3421162fc43e4fde8d3fcde) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.20...v11.1.21) </details> <details> <summary>nestjs/nest (@​nestjs/platform-socket.io)</summary> ### [`v11.1.21`](https://redirect.github.com/nestjs/nest/compare/v11.1.20...983dd52c4927753be3421162fc43e4fde8d3fcde) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.20...v11.1.21) </details> <details> <summary>nestjs/swagger (@​nestjs/swagger)</summary> ### [`v11.4.3`](https://redirect.github.com/nestjs/swagger/compare/11.4.2...0d79a3c9dea89236314609f8b18ec98b12c18692) [Compare Source](https://redirect.github.com/nestjs/swagger/compare/11.4.2...11.4.3) </details> <details> <summary>nestjs/nest (@​nestjs/websockets)</summary> ### [`v11.1.21`](https://redirect.github.com/nestjs/nest/compare/v11.1.20...983dd52c4927753be3421162fc43e4fde8d3fcde) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.20...v11.1.21) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNzMuNiIsInVwZGF0ZWRJblZlciI6IjQzLjE3My42IiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
97d9ae3183 |
chore: bump up @opentelemetry/semantic-conventions version to v1.41.1 (#14962)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@opentelemetry/semantic-conventions](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/semantic-conventions) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`1.40.0` → `1.41.1`](https://renovatebot.com/diffs/npm/@opentelemetry%2fsemantic-conventions/1.40.0/1.41.1) |  |  | --- ### Release Notes <details> <summary>open-telemetry/opentelemetry-js (@​opentelemetry/semantic-conventions)</summary> ### [`v1.41.1`](https://redirect.github.com/open-telemetry/opentelemetry-js/compare/ed6bd6d5f3a1f68b65ae25b1a8aae9c285ae83de...013c60085b84351a4c1e4e4f79e3dd67c56661cd) [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-js/compare/ed6bd6d5f3a1f68b65ae25b1a8aae9c285ae83de...013c60085b84351a4c1e4e4f79e3dd67c56661cd) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNzMuNiIsInVwZGF0ZWRJblZlciI6IjQzLjE3My42IiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
542da0b347 |
feat(editor): improve latex editing support (#14924)
## Summary - support converting selected text into inline LaTeX equations - support turning text blocks into LaTeX equation blocks - add equation entries to editor toolbars while keeping inline equation with text formatting actions ## Tests - yarn tsc -b blocksuite/affine/inlines/latex/tsconfig.json blocksuite/affine/blocks/note/tsconfig.json blocksuite/affine/blocks/root/tsconfig.json blocksuite/affine/rich-text/tsconfig.json blocksuite/affine/widgets/keyboard-toolbar/tsconfig.json --pretty false - git diff --check origin/canary...HEAD <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Equation block support with conversion from existing blocks. * Inline LaTeX insertion added to the inline formatting toolbar. * Equation action added to the keyboard toolbar; Equation blocks searchable via math/equation/latex aliases. * **Improvements** * Inline LaTeX editor opens and syncs more reliably; selection/convert flow preserves distinct LaTeX values when converting in reverse order. * **Tests** * New e2e tests for inline LaTeX conversions and value preservation. <!-- review_stack_entry_start --> [](https://app.coderabbit.ai/change-stack/toeverything/AFFiNE/pull/14924) <!-- review_stack_entry_end --> <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
|
1201f7c350 |
chore: bump rspack (#14957)
#### PR Dependency Tree * **PR #14957** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Updated minimum Node version requirement to 22.12.0 or later. * Updated build tool dependencies including rspack and related packages. * Removed CI-specific logging behavior from development server. * Migrated to native HTML plugin integration for improved build efficiency. * Simplified build configuration by removing unused experimental options. <!-- review_stack_entry_start --> [](https://app.coderabbit.ai/change-stack/toeverything/AFFiNE/pull/14957) <!-- review_stack_entry_end --> <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
|
2b22fe4692 |
chore: bump up nestjs (#13791)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@nestjs/apollo](https://redirect.github.com/nestjs/graphql) | [`13.2.4` → `13.4.0`](https://renovatebot.com/diffs/npm/@nestjs%2fapollo/13.2.4/13.4.0) |  |  | | [@nestjs/common](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/common)) | [`11.1.18` → `11.1.20`](https://renovatebot.com/diffs/npm/@nestjs%2fcommon/11.1.18/11.1.20) |  |  | | [@nestjs/core](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/core)) | [`11.1.18` → `11.1.20`](https://renovatebot.com/diffs/npm/@nestjs%2fcore/11.1.18/11.1.20) |  |  | | [@nestjs/graphql](https://redirect.github.com/nestjs/graphql) | [`13.2.5` → `13.4.0`](https://renovatebot.com/diffs/npm/@nestjs%2fgraphql/13.2.5/13.4.0) |  |  | | [@nestjs/platform-express](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/platform-express)) | [`11.1.18` → `11.1.20`](https://renovatebot.com/diffs/npm/@nestjs%2fplatform-express/11.1.18/11.1.20) |  |  | | [@nestjs/platform-socket.io](https://nestjs.com) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/platform-socket.io)) | [`11.1.18` → `11.1.20`](https://renovatebot.com/diffs/npm/@nestjs%2fplatform-socket.io/11.1.18/11.1.20) |  |  | | [@nestjs/schedule](https://redirect.github.com/nestjs/schedule) | [`6.1.1` → `6.1.3`](https://renovatebot.com/diffs/npm/@nestjs%2fschedule/6.1.1/6.1.3) |  |  | | [@nestjs/swagger](https://redirect.github.com/nestjs/swagger) | [`11.2.7` → `11.4.2`](https://renovatebot.com/diffs/npm/@nestjs%2fswagger/11.2.7/11.4.2) |  |  | | [@nestjs/websockets](https://redirect.github.com/nestjs/nest) ([source](https://redirect.github.com/nestjs/nest/tree/HEAD/packages/websockets)) | [`11.1.18` → `11.1.20`](https://renovatebot.com/diffs/npm/@nestjs%2fwebsockets/11.1.18/11.1.20) |  |  | --- ### Release Notes <details> <summary>nestjs/graphql (@​nestjs/apollo)</summary> ### [`v13.4.0`](https://redirect.github.com/nestjs/graphql/releases/tag/v13.4.0) [Compare Source](https://redirect.github.com/nestjs/graphql/compare/v13.3.0...v13.4.0) #### 13.4.0 (2026-04-30) ##### Features - `apollo`, `graphql`, `mercurius` - [#​3811](https://redirect.github.com/nestjs/graphql/pull/3811) feat(graphql): Add registerIn option for module-scoped type filtering ([@​joe-re](https://redirect.github.com/joe-re)) ##### Bug fixes - `graphql` - [#​3959](https://redirect.github.com/nestjs/graphql/pull/3959) fix([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): stop double-registering PickType inputs ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [#​3960](https://redirect.github.com/nestjs/graphql/pull/3960) fix([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): de-duplicate per-target metadata in TargetMetadataCollection ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - `apollo`, `graphql` - [#​3962](https://redirect.github.com/nestjs/graphql/pull/3962) fix([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): restore Timestamp scalar parsers in federation factory ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) ##### Enhancements - `graphql` - [#​3963](https://redirect.github.com/nestjs/graphql/pull/3963) fix([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): validate registerEnumType/createUnionType options eagerly ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) ##### Dependencies - `graphql` - [#​3954](https://redirect.github.com/nestjs/graphql/pull/3954) fix(deps): update graphql-tools monorepo ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) ##### Committers: 3 - Masato Noguchi ([@​joe-re](https://redirect.github.com/joe-re)) - Mateus Welter Goettems ([@​mateuswgoettems](https://redirect.github.com/mateuswgoettems)) - Yogeshwaran C ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) ### [`v13.3.0`](https://redirect.github.com/nestjs/graphql/releases/tag/v13.3.0) [Compare Source](https://redirect.github.com/nestjs/graphql/compare/v13.2.5...v13.3.0) #### 13.3.0 (2026-04-22) ##### Bug fixes - `graphql` - [#​3949](https://redirect.github.com/nestjs/graphql/pull/3949) fix([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): count args for parenless arrow functions ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [#​3952](https://redirect.github.com/nestjs/graphql/pull/3952) fix([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): keep class directive when a field has the same SDL ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [#​3946](https://redirect.github.com/nestjs/graphql/pull/3946) fix([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): emit enum key for Args defaultValue in generated SDL ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [#​3934](https://redirect.github.com/nestjs/graphql/pull/3934) fix([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): treat single-key string enums as enums in plugin type detection ([@​maruthang](https://redirect.github.com/maruthang)) - [#​3939](https://redirect.github.com/nestjs/graphql/pull/3939) fix([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): preserve ResolveField options for all overloads ([@​maruthang](https://redirect.github.com/maruthang)) - `apollo` - [#​3940](https://redirect.github.com/nestjs/graphql/pull/3940) fix(apollo): preserve HTTP 200 for execution-level GraphQL errors ([@​maruthang](https://redirect.github.com/maruthang)) ##### Enhancements - `graphql` - [#​3838](https://redirect.github.com/nestjs/graphql/pull/3838) perf(graphql): bypass ExternalContextCreator for scalar ResolveField fast-path ([@​ArielSafar](https://redirect.github.com/ArielSafar)) - [#​3950](https://redirect.github.com/nestjs/graphql/pull/3950) feat([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): forward specifiedByURL and extensions on custom scalars ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [#​3951](https://redirect.github.com/nestjs/graphql/pull/3951) feat([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): accept array of SDL strings in [@​Directive](https://redirect.github.com/Directive) ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [#​3944](https://redirect.github.com/nestjs/graphql/pull/3944) fix([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): emit clearer error when nested object type is used in mapped input ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [#​3943](https://redirect.github.com/nestjs/graphql/pull/3943) feat([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): add conditional exports for browser shim ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [#​3942](https://redirect.github.com/nestjs/graphql/pull/3942) feat([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): default federation to v2.12 directives ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [#​3936](https://redirect.github.com/nestjs/graphql/pull/3936) fix([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): allow CustomScalar methods to return null ([@​maruthang](https://redirect.github.com/maruthang)) - `apollo`, `graphql` - [#​3948](https://redirect.github.com/nestjs/graphql/pull/3948) feat([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): support directives on enums and unions ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) ##### Dependencies - `graphql` - [#​3925](https://redirect.github.com/nestjs/graphql/pull/3925) chore(deps): update dependency ts-morph to v28 ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) - [#​3918](https://redirect.github.com/nestjs/graphql/pull/3918) fix(deps): update graphql-tools monorepo ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) - `mercurius` - [#​3928](https://redirect.github.com/nestjs/graphql/pull/3928) chore(deps): update dependency fastify to v5.8.5 ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) - [#​3858](https://redirect.github.com/nestjs/graphql/pull/3858) chore(deps): update dependency [@​mercuriusjs/gateway](https://redirect.github.com/mercuriusjs/gateway) to v5.2.0 ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) - [#​3920](https://redirect.github.com/nestjs/graphql/pull/3920) chore(deps): update dependency mercurius to v16.9.0 ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) ##### Committers: 3 - Ariel Safar ([@​ArielSafar](https://redirect.github.com/ArielSafar)) - Maruthan G ([@​maruthang](https://redirect.github.com/maruthang)) - Yogeshwaran C ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) ### [`v13.2.5`](https://redirect.github.com/nestjs/graphql/releases/tag/v13.2.5) [Compare Source](https://redirect.github.com/nestjs/graphql/compare/v13.2.4...v13.2.5) ##### 13.2.5 (2026-04-09) ##### Bug fixes - `graphql` - [#​3846](https://redirect.github.com/nestjs/graphql/pull/3846) fix([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): handle definitions factory typename option ([@​NicolasGn](https://redirect.github.com/NicolasGn)) ##### Enhancements - `graphql` - [#​3889](https://redirect.github.com/nestjs/graphql/pull/3889) feat([@​nestjs/graphql](https://redirect.github.com/nestjs/graphql)): add stopOnApplicationShutdown option for graceful shutdown ([@​dgfh0450](https://redirect.github.com/dgfh0450)) ##### Dependencies - `graphql` - [#​3894](https://redirect.github.com/nestjs/graphql/pull/3894) fix(deps): update dependency graphql-ws to v6.0.8 ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) - [#​3852](https://redirect.github.com/nestjs/graphql/pull/3852) chore(deps): update dependency graphql to v16.13.2 ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) - [#​3888](https://redirect.github.com/nestjs/graphql/pull/3888) fix(deps): update dependency ws to v8.20.0 ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) - [#​3901](https://redirect.github.com/nestjs/graphql/pull/3901) fix(deps): update dependency [@​nestjs/mapped-types](https://redirect.github.com/nestjs/mapped-types) to v2.1.1 ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) - [#​3904](https://redirect.github.com/nestjs/graphql/pull/3904) fix(deps): update dependency lodash to v4.18.1 \[security] ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) - `apollo` - [#​3902](https://redirect.github.com/nestjs/graphql/pull/3902) fix(deps): update dependency lodash.omit to v4.18.0 ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) - [#​3897](https://redirect.github.com/nestjs/graphql/pull/3897) chore(deps): update dependency [@​apollo/server](https://redirect.github.com/apollo/server) to v5.5.0 \[security] ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) - [#​3881](https://redirect.github.com/nestjs/graphql/pull/3881) chore(deps): update dependency [@​apollo/gateway](https://redirect.github.com/apollo/gateway) to v2.10.5 \[security] ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) - `mercurius` - [#​3899](https://redirect.github.com/nestjs/graphql/pull/3899) chore(deps): update dependency [@​mercuriusjs/federation](https://redirect.github.com/mercuriusjs/federation) to v5.1.1 ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) - [#​3890](https://redirect.github.com/nestjs/graphql/pull/3890) chore(deps): update dependency fastify to v5.8.4 ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) - [#​3868](https://redirect.github.com/nestjs/graphql/pull/3868) chore(deps): update dependency mercurius to v16.8.0 ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) ##### Committers: 2 - Nicolas Guégan ([@​NicolasGn](https://redirect.github.com/NicolasGn)) - YoonDH ([@​dgfh0450](https://redirect.github.com/dgfh0450)) </details> <details> <summary>nestjs/nest (@​nestjs/common)</summary> ### [`v11.1.20`](https://redirect.github.com/nestjs/nest/compare/v11.1.19...7caeb3fb70de81085c4c3e8502a2a0e62e4f8eda) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.19...v11.1.20) ### [`v11.1.19`](https://redirect.github.com/nestjs/nest/releases/tag/v11.1.19) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.18...v11.1.19) #### v11.1.19 (2026-04-13) ##### Bug fixes - `microservices` - [#​16762](https://redirect.github.com/nestjs/nest/pull/16762) fix(microservices): use backing field for consumer CRASH event listener ([@​burhanharoon](https://redirect.github.com/burhanharoon)) - [#​16764](https://redirect.github.com/nestjs/nest/pull/16764) fix(microservices): prevent stack overflow in jsonsocket.handledata() ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) ##### Committers: 2 - Burhan Haroon⚡ ([@​burhanharoon](https://redirect.github.com/burhanharoon)) - Kamil Mysliwiec ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) </details> <details> <summary>nestjs/nest (@​nestjs/core)</summary> ### [`v11.1.20`](https://redirect.github.com/nestjs/nest/compare/v11.1.19...7caeb3fb70de81085c4c3e8502a2a0e62e4f8eda) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.19...v11.1.20) ### [`v11.1.19`](https://redirect.github.com/nestjs/nest/releases/tag/v11.1.19) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.18...v11.1.19) ##### v11.1.19 (2026-04-13) ##### Bug fixes - `microservices` - [#​16762](https://redirect.github.com/nestjs/nest/pull/16762) fix(microservices): use backing field for consumer CRASH event listener ([@​burhanharoon](https://redirect.github.com/burhanharoon)) - [#​16764](https://redirect.github.com/nestjs/nest/pull/16764) fix(microservices): prevent stack overflow in jsonsocket.handledata() ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) ##### Committers: 2 - Burhan Haroon⚡ ([@​burhanharoon](https://redirect.github.com/burhanharoon)) - Kamil Mysliwiec ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) </details> <details> <summary>nestjs/nest (@​nestjs/platform-express)</summary> ### [`v11.1.20`](https://redirect.github.com/nestjs/nest/compare/v11.1.19...7caeb3fb70de81085c4c3e8502a2a0e62e4f8eda) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.19...v11.1.20) ### [`v11.1.19`](https://redirect.github.com/nestjs/nest/releases/tag/v11.1.19) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.18...v11.1.19) ##### v11.1.19 (2026-04-13) ##### Bug fixes - `microservices` - [#​16762](https://redirect.github.com/nestjs/nest/pull/16762) fix(microservices): use backing field for consumer CRASH event listener ([@​burhanharoon](https://redirect.github.com/burhanharoon)) - [#​16764](https://redirect.github.com/nestjs/nest/pull/16764) fix(microservices): prevent stack overflow in jsonsocket.handledata() ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) ##### Committers: 2 - Burhan Haroon⚡ ([@​burhanharoon](https://redirect.github.com/burhanharoon)) - Kamil Mysliwiec ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) </details> <details> <summary>nestjs/nest (@​nestjs/platform-socket.io)</summary> ### [`v11.1.20`](https://redirect.github.com/nestjs/nest/releases/tag/v11.1.20) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.19...v11.1.20) ##### v11.1.20 (2026-05-13) ##### Bug fixes - `core`, `testing` - [#​16939](https://redirect.github.com/nestjs/nest/pull/16939) fix(core): fix deeply nested transient providers resolution ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) - `core` - [#​16861](https://redirect.github.com/nestjs/nest/pull/16861) fix(core): fix [@​Sse](https://redirect.github.com/Sse) losing events on complete ([@​MatthiasBrehmer](https://redirect.github.com/MatthiasBrehmer)) - [#​16753](https://redirect.github.com/nestjs/nest/pull/16753) fix(core): defer sse writehead until after lifecycle completes ([@​jkalberer](https://redirect.github.com/jkalberer)) - [#​16782](https://redirect.github.com/nestjs/nest/pull/16782) fix(core): use strict null check for SSE message id ([@​burhanharoon](https://redirect.github.com/burhanharoon)) - `microservices` - [#​16850](https://redirect.github.com/nestjs/nest/pull/16850) fix(microservices): ServerRMQ crashes at boot when [@​MessagePattern](https://redirect.github.com/MessagePattern)(undefined) is combined with wildcards: true ([@​lavieennoir](https://redirect.github.com/lavieennoir)) - `common` - [#​16845](https://redirect.github.com/nestjs/nest/pull/16845) fix(common): accept zero timestamp in parse date pipe ([@​Mysh3ll](https://redirect.github.com/Mysh3ll)) - `platform-socket.io` - [#​16742](https://redirect.github.com/nestjs/nest/pull/16742) fix(socket.io): Deduplicate disconnect listener in bindMessageHandlers ([@​fru1tworld](https://redirect.github.com/fru1tworld)) ##### Enhancements - `microservices` - [#​16676](https://redirect.github.com/nestjs/nest/pull/16676) feat(microservices): add return buffers option for binary data ([@​Forceres](https://redirect.github.com/Forceres)) - [#​16826](https://redirect.github.com/nestjs/nest/pull/16826) feat(microservices): handle rmq blocked/unblocked connection events ([@​thisalihassan](https://redirect.github.com/thisalihassan)) - `common` - [#​16902](https://redirect.github.com/nestjs/nest/pull/16902) fix(common): filetype validator buffer message ([@​QusaiAlbonni](https://redirect.github.com/QusaiAlbonni)) - `platform-express` - [#​16844](https://redirect.github.com/nestjs/nest/pull/16844) feat(platform-express): add defParamCharset to MulterOptions ([@​starnayuta](https://redirect.github.com/starnayuta)) ##### Dependencies - `platform-ws` - [#​16941](https://redirect.github.com/nestjs/nest/pull/16941) chore(deps): bump ws from 8.20.0 to 8.20.1 ([@​dependabot\[bot\]](https://redirect.github.com/apps/dependabot)) ##### Committers: 13 - Ali Hassan ([@​thisalihassan](https://redirect.github.com/thisalihassan)) - Burhan Haroon⚡ ([@​burhanharoon](https://redirect.github.com/burhanharoon)) - Dmytro Khyzhniak ([@​lavieennoir](https://redirect.github.com/lavieennoir)) - Harsh Rathod ([@​harshrathod50](https://redirect.github.com/harshrathod50)) - IlyaCredo ([@​Forceres](https://redirect.github.com/Forceres)) - Kamil Mysliwiec ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) - Mysh3ll ([@​Mysh3ll](https://redirect.github.com/Mysh3ll)) - [@​MatthiasBrehmer](https://redirect.github.com/MatthiasBrehmer) - [@​QusaiAlbonni](https://redirect.github.com/QusaiAlbonni) - [@​jkalberer](https://redirect.github.com/jkalberer) - [@​pazaderey](https://redirect.github.com/pazaderey) - fru1tworld ([@​fru1tworld](https://redirect.github.com/fru1tworld)) - starnayuta ([@​starnayuta](https://redirect.github.com/starnayuta)) ### [`v11.1.19`](https://redirect.github.com/nestjs/nest/releases/tag/v11.1.19) [Compare Source](https://redirect.github.com/nestjs/nest/compare/v11.1.18...v11.1.19) #### v11.1.19 (2026-04-13) ##### Bug fixes - `microservices` - [#​16762](https://redirect.github.com/nestjs/nest/pull/16762) fix(microservices): use backing field for consumer CRASH event listener ([@​burhanharoon](https://redirect.github.com/burhanharoon)) - [#​16764](https://redirect.github.com/nestjs/nest/pull/16764) fix(microservices): prevent stack overflow in jsonsocket.handledata() ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) ##### Committers: 2 - Burhan Haroon⚡ ([@​burhanharoon](https://redirect.github.com/burhanharoon)) - Kamil Mysliwiec ([@​kamilmysliwiec](https://redirect.github.com/kamilmysliwiec)) </details> <details> <summary>nestjs/schedule (@​nestjs/schedule)</summary> ### [`v6.1.3`](https://redirect.github.com/nestjs/schedule/releases/tag/6.1.3) [Compare Source](https://redirect.github.com/nestjs/schedule/compare/6.1.2...6.1.3) #### What's Changed - feat(cron): add initialDelay option to defer first job execution by [@​kyungseopk1m](https://redirect.github.com/kyungseopk1m) in [#​2251](https://redirect.github.com/nestjs/schedule/pull/2251) **Full Changelog**: <https://github.com/nestjs/schedule/compare/6.1.2...6.1.3> ### [`v6.1.2`](https://redirect.github.com/nestjs/schedule/releases/tag/6.1.2) [Compare Source](https://redirect.github.com/nestjs/schedule/compare/6.1.1...6.1.2) - Merge pull request [#​2247](https://redirect.github.com/nestjs/schedule/issues/2247) from kyungseopk1m/feat/cron-initial-delay ([`a57ce2c`](https://redirect.github.com/nestjs/schedule/commit/a57ce2c)) - chore(deps): update dependency prettier to v3.8.3 ([#​2248](https://redirect.github.com/nestjs/schedule/issues/2248)) ([`bb3490d`](https://redirect.github.com/nestjs/schedule/commit/bb3490d)) - feat(cron): add initialDelay option to defer first job execution ([`1c5677f`](https://redirect.github.com/nestjs/schedule/commit/1c5677f)) - Merge pull request [#​2245](https://redirect.github.com/nestjs/schedule/issues/2245) from nestjs/renovate/nest-monorepo ([`59046bd`](https://redirect.github.com/nestjs/schedule/commit/59046bd)) - Merge pull request [#​2246](https://redirect.github.com/nestjs/schedule/issues/2246) from nestjs/renovate/oxlint-monorepo ([`be4eee3`](https://redirect.github.com/nestjs/schedule/commit/be4eee3)) - chore(deps): update dependency oxlint to v1.60.0 ([`32a9ce2`](https://redirect.github.com/nestjs/schedule/commit/32a9ce2)) - chore(deps): update nest monorepo to v11.1.19 ([`7d3844f`](https://redirect.github.com/nestjs/schedule/commit/7d3844f)) - chore: migrate to oxlint, vitest, ts6 ([`29de71b`](https://redirect.github.com/nestjs/schedule/commit/29de71b)) - chore(deps): update dependency globals to v17.5.0 ([#​2244](https://redirect.github.com/nestjs/schedule/issues/2244)) ([`6c62cca`](https://redirect.github.com/nestjs/schedule/commit/6c62cca)) - chore(deps): update dependency sinon to v21.1.2 ([#​2243](https://redirect.github.com/nestjs/schedule/issues/2243)) ([`ee3b31a`](https://redirect.github.com/nestjs/schedule/commit/ee3b31a)) - chore(deps): update dependency sinon to v21.1.1 ([#​2241](https://redirect.github.com/nestjs/schedule/issues/2241)) ([`eba9799`](https://redirect.github.com/nestjs/schedule/commit/eba9799)) - Merge pull request [#​2242](https://redirect.github.com/nestjs/schedule/issues/2242) from nestjs/renovate/prettier-3.x ([`c3ad0f7`](https://redirect.github.com/nestjs/schedule/commit/c3ad0f7)) - chore(deps): update dependency prettier to v3.8.2 ([`798e2a9`](https://redirect.github.com/nestjs/schedule/commit/798e2a9)) - Merge pull request [#​2199](https://redirect.github.com/nestjs/schedule/issues/2199) from nestjs/renovate/cimg-node-24.x ([`a05354a`](https://redirect.github.com/nestjs/schedule/commit/a05354a)) - chore(deps): update dependency typescript-eslint to v8.58.1 ([#​2240](https://redirect.github.com/nestjs/schedule/issues/2240)) ([`0367ac1`](https://redirect.github.com/nestjs/schedule/commit/0367ac1)) - chore(deps): update dependency eslint to v10.2.0 ([#​2239](https://redirect.github.com/nestjs/schedule/issues/2239)) ([`fa93e06`](https://redirect.github.com/nestjs/schedule/commit/fa93e06)) - chore(deps): update nest monorepo to v11.1.18 ([#​2238](https://redirect.github.com/nestjs/schedule/issues/2238)) ([`8cd4c02`](https://redirect.github.com/nestjs/schedule/commit/8cd4c02)) - chore(deps): update dependency [@​types/node](https://redirect.github.com/types/node) to v24.12.2 ([#​2237](https://redirect.github.com/nestjs/schedule/issues/2237)) ([`01482df`](https://redirect.github.com/nestjs/schedule/commit/01482df)) - chore(deps): update dependency [@​types/sinon](https://redirect.github.com/types/sinon) to v21.0.1 ([#​2236](https://redirect.github.com/nestjs/schedule/issues/2236)) ([`f05b5bd`](https://redirect.github.com/nestjs/schedule/commit/f05b5bd)) - chore(deps): update dependency ts-jest to v29.4.9 ([#​2235](https://redirect.github.com/nestjs/schedule/issues/2235)) ([`af545e6`](https://redirect.github.com/nestjs/schedule/commit/af545e6)) - chore(deps): update dependency typescript-eslint to v8.58.0 ([#​2233](https://redirect.github.com/nestjs/schedule/issues/2233)) ([`4dad22a`](https://redirect.github.com/nestjs/schedule/commit/4dad22a)) - chore(deps): update node.js to v24.14.1 ([`28db9bc`](https://redirect.github.com/nestjs/schedule/commit/28db9bc)) - chore(deps): update dependency eslint to v10.1.0 ([#​2232](https://redirect.github.com/nestjs/schedule/issues/2232)) ([`413f390`](https://redirect.github.com/nestjs/schedule/commit/413f390)) - chore(deps): update nest monorepo to v11.1.17 ([#​2230](https://redirect.github.com/nestjs/schedule/issues/2230)) ([`46c2bc5`](https://redirect.github.com/nestjs/schedule/commit/46c2bc5)) - chore(deps): update dependency typescript-eslint to v8.57.1 ([#​2231](https://redirect.github.com/nestjs/schedule/issues/2231)) ([`8fd063b`](https://redirect.github.com/nestjs/schedule/commit/8fd063b)) - chore(deps): update dependency sinon to v21.0.3 ([#​2229](https://redirect.github.com/nestjs/schedule/issues/2229)) ([`1671ad9`](https://redirect.github.com/nestjs/schedule/commit/1671ad9)) - chore(deps): update commitlint monorepo to v20.5.0 ([#​2228](https://redirect.github.com/nestjs/schedule/issues/2228)) ([`2ecd2f1`](https://redirect.github.com/nestjs/schedule/commit/2ecd2f1)) - chore(deps): update dependency lint-staged to v16.4.0 ([#​2227](https://redirect.github.com/nestjs/schedule/issues/2227)) ([`aa0de01`](https://redirect.github.com/nestjs/schedule/commit/aa0de01)) - chore(deps): update commitlint monorepo to v20.4.4 ([#​2226](https://redirect.github.com/nestjs/schedule/issues/2226)) ([`75034fe`](https://redirect.github.com/nestjs/schedule/commit/75034fe)) - chore(deps): update dependency lint-staged to v16.3.3 ([#​2225](https://redirect.github.com/nestjs/schedule/issues/2225)) ([`f1c7d31`](https://redirect.github.com/nestjs/schedule/commit/f1c7d31)) - chore(deps): update dependency jest to v30.3.0 ([#​2224](https://redirect.github.com/nestjs/schedule/issues/2224)) ([`1a208d4`](https://redirect.github.com/nestjs/schedule/commit/1a208d4)) - chore(deps): update dependency typescript-eslint to v8.57.0 ([#​2223](https://redirect.github.com/nestjs/schedule/issues/2223)) ([`60dd2c9`](https://redirect.github.com/nestjs/schedule/commit/60dd2c9)) - chore(deps): update dependency eslint to v10.0.3 ([#​2221](https://redirect.github.com/nestjs/schedule/issues/2221)) ([`791b6ba`](https://redirect.github.com/nestjs/schedule/commit/791b6ba)) - chore(deps): update dependency [@​eslint/eslintrc](https://redirect.github.com/eslint/eslintrc) to v3.3.5 ([#​2220](https://redirect.github.com/nestjs/schedule/issues/2220)) ([`0da1ca7`](https://redirect.github.com/nestjs/schedule/commit/0da1ca7)) - chore(deps): update dependency [@​types/node](https://redirect.github.com/types/node) to v24.12.0 ([#​2219](https://redirect.github.com/nestjs/schedule/issues/2219)) ([`934a93e`](https://redirect.github.com/nestjs/schedule/commit/934a93e)) - chore(deps): update nest monorepo to v11.1.16 ([#​2218](https://redirect.github.com/nestjs/schedule/issues/2218)) ([`5f44e9b`](https://redirect.github.com/nestjs/schedule/commit/5f44e9b)) - chore(deps): update dependency sinon to v21.0.2 ([#​2217](https://redirect.github.com/nestjs/schedule/issues/2217)) ([`b807746`](https://redirect.github.com/nestjs/schedule/commit/b807746)) - chore(deps): update dependency lint-staged to v16.3.2 ([#​2216](https://redirect.github.com/nestjs/schedule/issues/2216)) ([`4ca32bd`](https://redirect.github.com/nestjs/schedule/commit/4ca32bd)) - chore(deps): update commitlint monorepo to v20.4.3 ([#​2215](https://redirect.github.com/nestjs/schedule/issues/2215)) ([`d3ceb76`](https://redirect.github.com/nestjs/schedule/commit/d3ceb76)) - chore(deps): update nest monorepo to v11.1.15 ([#​2214](https://redirect.github.com/nestjs/schedule/issues/2214)) ([`b084ffc`](https://redirect.github.com/nestjs/schedule/commit/b084ffc)) - chore(deps): update dependency lint-staged to v16.3.1 ([#​2213](https://redirect.github.com/nestjs/schedule/issues/2213)) ([`8a201b2`](https://redirect.github.com/nestjs/schedule/commit/8a201b2)) - chore(deps): update dependency globals to v17.4.0 ([#​2212](https://redirect.github.com/nestjs/schedule/issues/2212)) ([`6f61793`](https://redirect.github.com/nestjs/schedule/commit/6f61793)) - chore(deps): update dependency lint-staged to v16.3.0 ([#​2211](https://redirect.github.com/nestjs/schedule/issues/2211)) ([`aa9213a`](https://redirect.github.com/nestjs/schedule/commit/aa9213a)) - chore(deps): update dependency [@​types/node](https://redirect.github.com/types/node) to v24.11.0 ([#​2210](https://redirect.github.com/nestjs/schedule/issues/2210)) ([`c70b928`](https://redirect.github.com/nestjs/schedule/commit/c70b928)) - chore(deps): update dependency [@​types/node](https://redirect.github.com/types/node) to v24.10.15 ([#​2209](https://redirect.github.com/nestjs/schedule/issues/2209)) ([`0f596b9`](https://redirect.github.com/nestjs/schedule/commit/0f596b9)) - chore(deps): update dependency [@​types/node](https://redirect.github.com/types/node) to v24.10.14 ([#​2208](https://redirect.github.com/nestjs/schedule/issues/2208)) ([`dac8cca`](https://redirect.github.com/nestjs/schedule/commit/dac8cca)) - chore(deps): update dependency eslint to v10.0.2 ([#​2207](https://redirect.github.com/nestjs/schedule/issues/2207)) ([`abe6fce`](https://redirect.github.com/nestjs/schedule/commit/abe6fce)) - chore(deps): update dependency [@​eslint/eslintrc](https://redirect.github.com/eslint/eslintrc) to v3.3.4 ([#​2206](https://redirect.github.com/nestjs/schedule/issues/2206)) ([`cb32a40`](https://redirect.github.com/nestjs/schedule/commit/cb32a40)) - chore(deps): update dependency typescript-eslint to v8.56.1 ([#​2205](https://redirect.github.com/nestjs/schedule/issues/2205)) ([`88e1e6c`](https://redirect.github.com/nestjs/schedule/commit/88e1e6c)) - chore(deps): update dependency eslint to v10.0.1 ([#​2204](https://redirect.github.com/nestjs/schedule/issues/2204)) ([`55e5406`](https://redirect.github.com/nestjs/schedule/commit/55e5406)) - chore(deps): update commitlint monorepo to v20.4.2 ([#​2203](https://redirect.github.com/nestjs/schedule/issues/2203)) ([`4e55d62`](https://redirect.github.com/nestjs/schedule/commit/4e55d62)) - chore(deps): update nest monorepo to v11.1.14 ([#​2202](https://redirect.github.com/nestjs/schedule/issues/2202)) ([`d23ea1a`](https://redirect.github.com/nestjs/schedule/commit/d23ea1a)) - chore(deps): update eslint monorepo to v10 ([#​2195](https://redirect.github.com/nestjs/schedule/issues/2195)) ([`c2fcbc3`](https://redirect.github.com/nestjs/schedule/commit/c2fcbc3)) - chore(deps): update dependency typescript-eslint to v8.56.0 ([#​2201](https://redirect.github.com/nestjs/schedule/issues/2201)) ([`a93ebc4`](https://redirect.github.com/nestjs/schedule/commit/a93ebc4)) - chore(deps): update dependency rimraf to v6.1.3 ([#​2200](https://redirect.github.com/nestjs/schedule/issues/2200)) ([`1906e80`](https://redirect.github.com/nestjs/schedule/commit/1906e80)) - chore(deps): update dependency [@​types/node](https://redirect.github.com/types/node) to v24.10.13 ([#​2198](https://redirect.github.com/nestjs/schedule/issues/2198)) ([`244cb84`](https://redirect.github.com/nestjs/schedule/commit/244cb84)) - chore(deps): update dependency typescript-eslint to v8.55.0 ([#​2197](https://redirect.github.com/nestjs/schedule/issues/2197)) ([`6b00083`](https://redirect.github.com/nestjs/schedule/commit/6b00083)) - chore(deps): update dependency [@​types/node](https://redirect.github.com/types/node) to v24.10.12 ([#​2196](https://redirect.github.com/nestjs/schedule/issues/2196)) ([`b310c95`](https://redirect.github.com/nestjs/schedule/commit/b310c95)) - chore(deps): update dependency [@​types/node](https://redirect.github.com/types/node) to v24.10.11 ([#​2194](https://redirect.github.com/nestjs/schedule/issues/2194)) ([`d05dca5`](https://redirect.github.com/nestjs/schedule/commit/d05dca5)) </details> <details> <summary>nestjs/swagger (@​nestjs/swagger)</summary> ### [`v11.4.2`](https://redirect.github.com/nestjs/swagger/compare/11.4.1...b0a35f3b20bedc6e6756f476cee182700a199b6e) [Compare Source](https://redirect.github.com/nestjs/swagger/compare/11.4.1...11.4.2) ### [`v11.4.1`](https://redirect.github.com/nestjs/swagger/compare/11.4.0...14bd8f58d6011a1be03e266e39e472be0d4d3795) [Compare Source](https://redirect.github.com/nestjs/swagger/compare/11.4.0...11.4.1) ### [`v11.4.0`](https://redirect.github.com/nestjs/swagger/releases/tag/11.4.0) [Compare Source](https://redirect.github.com/nestjs/swagger/compare/11.3.2...11.4.0) #### 11.4.0 (2026-04-22) ##### Features - [#​3868](https://redirect.github.com/nestjs/swagger/pull/3868) feat(plugin): auto-mark optional [@​Query](https://redirect.github.com/Query) parameters as required: false ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [#​3725](https://redirect.github.com/nestjs/swagger/pull/3725) feat(swagger): add OpenAPI 3.2 hierarchical tags support ([@​apt-bh](https://redirect.github.com/apt-bh)) ##### Bug fixes - [#​3874](https://redirect.github.com/nestjs/swagger/pull/3874) fix(document-builder): accept multi-digit OpenAPI version segments ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [#​3873](https://redirect.github.com/nestjs/swagger/pull/3873) fix(plugin): strip regex delimiters and flags from [@​Matches](https://redirect.github.com/Matches) patterns ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [#​3870](https://redirect.github.com/nestjs/swagger/pull/3870) fix(decorators): forward all OpenAPI parameter fields in [@​ApiHeader](https://redirect.github.com/ApiHeader) ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [#​3872](https://redirect.github.com/nestjs/swagger/pull/3872) fix(plugin): emit [@​throws](https://redirect.github.com/throws) descriptions as proper string literals ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [#​3782](https://redirect.github.com/nestjs/swagger/pull/3782) fix(schema): preserve example metadata for non-body params with named types ([@​maruthang](https://redirect.github.com/maruthang)) - [#​3761](https://redirect.github.com/nestjs/swagger/pull/3761) fix(plugin): support boolean literal types and boolean enum values ([@​lucreiss](https://redirect.github.com/lucreiss)) ##### Enhancements - [#​3865](https://redirect.github.com/nestjs/swagger/pull/3865) feat(schema-object-factory): include class name chain in circular dependency errors ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) ##### Committers: 4 - Lu R A ([@​lucreiss](https://redirect.github.com/lucreiss)) - Maruthan G ([@​maruthang](https://redirect.github.com/maruthang)) - Yogeshwaran C ([@​yogeshwaran-c](https://redirect.github.com/yogeshwaran-c)) - [@​apt-bh](https://redirect.github.com/apt-bh) ### [`v11.3.2`](https://redirect.github.com/nestjs/swagger/compare/11.3.1...b16a1e19a8b7161e13c01c636acf3a187eabbd06) [Compare Source](https://redirect.github.com/nestjs/swagger/compare/11.3.1...11.3.2) ### [`v11.3.1`](https://redirect.github.com/nestjs/swagger/compare/11.3.0...93744af0bb923daeebcc2b674bc7957d778d3953) [Compare Source](https://redirect.github.com/nestjs/swagger/compare/11.3.0...11.3.1) ### [`v11.3.0`](https://redirect.github.com/nestjs/swagger/releases/tag/11.3.0) [Compare Source](https://redirect.github.com/nestjs/swagger/compare/11.2.7...11.3.0) #### 11.3.0 (2026-04-15) ##### Bug fixes - [#​3826](https://redirect.github.com/nestjs/swagger/pull/3826) fix: support nullable field in [@​ApiResponse](https://redirect.github.com/ApiResponse) decorator ([@​Nedunchezhiyan-M](https://redirect.github.com/Nedunchezhiyan-M)) - [#​3784](https://redirect.github.com/nestjs/swagger/pull/3784) fix(schema): include type field when nullable is used with allOf ([@​maruthang](https://redirect.github.com/maruthang)) - [#​3774](https://redirect.github.com/nestjs/swagger/pull/3774) fix enum issue ([@​SupunGeethanjana](https://redirect.github.com/SupunGeethanjana)) - [#​3798](https://redirect.github.com/nestjs/swagger/pull/3798) fix(plugin): normalize workspace package import paths in metadata generator ([@​maruthang](https://redirect.github.com/maruthang)) - [#​3821](https://redirect.github.com/nestjs/swagger/pull/3821) fix(plugin): handle same-file type references in SWC readonly metadata generation ([@​maruthang](https://redirect.github.com/maruthang)) - [#​3822](https://redirect.github.com/nestjs/swagger/pull/3822) fix(type-helpers): eagerly apply plugin metadata properties in mapped type helpers ([@​maruthang](https://redirect.github.com/maruthang)) - [#​3840](https://redirect.github.com/nestjs/swagger/pull/3840) fix: use child class type when re-declaring an inherited [@​ApiProperty](https://redirect.github.com/ApiProperty) ([@​Nedunchezhiyan-M](https://redirect.github.com/Nedunchezhiyan-M)) ##### Enhancements - [#​3449](https://redirect.github.com/nestjs/swagger/pull/3449) feat(api-header): add example property to ApiHeader decorator ([@​leemhoon00](https://redirect.github.com/leemhoon00)) - [#​3787](https://redirect.github.com/nestjs/swagger/pull/3787) feat(decorators): support RegExp instances in [@​ApiProperty](https://redirect.github.com/ApiProperty)({ pattern }) ([@​temrjan](https://redirect.github.com/temrjan)) - [#​3699](https://redirect.github.com/nestjs/swagger/pull/3699) feat(api-body): add support for encoding in ApiBody decorator ([@​lamuertepeluda](https://redirect.github.com/lamuertepeluda)) - [#​3824](https://redirect.github.com/nestjs/swagger/pull/3824) feat: support async patchDocumentOnRequest hook ([@​Nedunchezhiyan-M](https://redirect.github.com/Nedunchezhiyan-M)) - [#​3834](https://redirect.github.com/nestjs/swagger/pull/3834) feat: expose generateSchema utility for programmatic schema access ([@​Nedunchezhiyan-M](https://redirect.github.com/Nedunchezhiyan-M)) - [#​3836](https://redirect.github.com/nestjs/swagger/pull/3836) feat(plugin): add autoFillEnumName option to suppress duplicate enum schemas ([@​Nedunchezhiyan-M](https://redirect.github.com/Nedunchezhiyan-M)) - [#​3837](https://redirect.github.com/nestjs/swagger/pull/3837) feat: merge descriptions when multiple decorators share the same HTTP status code ([@​Nedunchezhiyan-M](https://redirect.github.com/Nedunchezhiyan-M)) - [#​3839](https://redirect.github.com/nestjs/swagger/pull/3839) feat: add excludeDynamicDefaults option to strip runtime-evaluated schema defaults ([@​Nedunchezhiyan-M](https://redirect.github.com/Nedunchezhiyan-M)) - [#​3841](https://redirect.github.com/nestjs/swagger/pull/3841) feat: add DeepPartialType mapped-type helper for recursive optional properties ([@​Nedunchezhiyan-M](https://redirect.github.com/Nedunchezhiyan-M)) ##### Dependencies - [#​3850](https://redirect.github.com/nestjs/swagger/pull/3850) fix(deps): update dependency swagger-ui-dist to v5.32.4 ([@​renovate\[bot\]](https://redirect.github.com/apps/renovate)) ##### Committers: 7 - JongHun Lim ([@​leemhoon00](https://redirect.github.com/leemhoon00)) - Maruthan G ([@​maruthang](https://redirect.github.com/maruthang)) - Rajasekar Janakiraman ([@​rajasekar33](https://redirect.github.com/rajasekar33)) - Supun Geethanjana Jayasinghe ([@​SupunGeethanjana](https://redirect.github.com/SupunGeethanjana)) - Temrjan ([@​temrjan](https://redirect.github.com/temrjan)) - Vito Macchia ([@​lamuertepeluda](https://redirect.github.com/lamuertepeluda)) - [@​Nedunchezhiyan-M](https://redirect.github.com/Nedunchezhiyan-M) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xNTYuMSIsInVwZGF0ZWRJblZlciI6IjQzLjE3My42IiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
659072183c | chore: bump deps | ||
|
|
f19a922793 |
chore: bump up @opentelemetry/sdk-node version to ^0.217.0 [SECURITY] (#14945)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@opentelemetry/sdk-node](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/experimental/packages/opentelemetry-sdk-node) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`^0.215.0` → `^0.217.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2fsdk-node/0.215.0/0.217.0) |  |  | --- ### Prometheus exporter process crash via malformed HTTP request [CVE-2026-44902](https://nvd.nist.gov/vuln/detail/CVE-2026-44902) / [GHSA-q7rr-3cgh-j5r3](https://redirect.github.com/advisories/GHSA-q7rr-3cgh-j5r3) <details> <summary>More information</summary> #### Details ##### Summary A single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics endpoint (default `0.0.0.0:9464`) has no error handling around URL parsing, so a request with an invalid URI causes an uncaught `TypeError` that terminates the process. **You are affected by this vulnerability if either of the following apply to your application:** * you directly use `@opentelemetry/exporter-prometheus` in your code through its built-in server. * your `OTEL_METRICS_EXPORTER` environment variable includes `prometheus` **AND** * you use `@opentelemetry/sdk-node` * you use `@opentelemetry/auto-instrumentations-node` via `--require @​opentelemetry/auto-instrumentations-node/register`/`--import @​opentelemetry/auto-instrumentations-node/register` ##### Impact **Denial of service.** Any application using the OpenTelemetry Prometheus exporter’s built-in server can be crashed by a single unauthenticated network packet sent to the metrics port. No authentication, special privileges, or prior access is required. ##### Remediation ##### Update to the fixed version Update `@opentelemetry/exporter-prometheus` and `@opentelemetry/sdk-node` to version **0.217.0** or later. Update `@opentelemetry/auto-instrumentations-node` to version **0.75.0** or later. This release adds proper error handling around the URL constructor, returning an HTTP `400` response on parse failure rather than allowing the exception to propagate and crash the process. ``` npm install @​opentelemetry/exporter-prometheus@latest ``` ##### Do Not Expose the Endpoint to Untrusted Users > [!IMPORTANT] > The following mitigations reduce exposure but do not fully remediate the vulnerability. Any client that *can* reach the metrics endpoint - including your own Prometheus scraper host if compromised - could still trigger the crash. Updating to **0.217.0** is the recommended resolution. If updating is not immediately feasible, restrict access to the metrics endpoint so that it is not reachable by untrusted or unauthenticated network clients. For example: * **Bind to localhost only** by setting the `host` option to `127.0.0.1` when configuring the `PrometheusExporter`, so the port is not exposed on public or shared network interfaces * **Use a firewall or network policy** to restrict access to port `9464` (or whichever port you have configured) to only trusted Prometheus scrape hosts * **Place the endpoint behind a reverse proxy** that filters or validates incoming requests before they reach the exporter ##### Details In `PrometheusExporter.ts`, the `_requestHandler` calls `new URL(request.url, this._baseUrl)` without any error handling. Node's HTTP parser accepts absolute-form URIs (e.g. `http://`) for proxy compatibility, including malformed ones. When `request.url` is `"http://"`, the `URL` constructor throws `TypeError: Invalid URL`. Since there is no try-catch in the handler, the exception propagates as an uncaught exception and crashes the process. The Prometheus metrics endpoint is unauthenticated by design (Prometheus scrapes it) and binds to `0.0.0.0` by default, meaning it is reachable by any network client that can connect to the metrics port. ##### Proof of Concept Start any Node.js application with the Prometheus exporter running on the default port `9464`, then send a single raw TCP packet: ``` echo -ne 'GET http:// HTTP/1.1\r\nHost: localhost\r\n\r\n' | nc localhost 9464 ``` The process crashes immediately with: ``` TypeError: Invalid URL at new URL (...) at PrometheusExporter._requestHandler (...) ``` #### Severity - CVSS Score: 7.5 / 10 (High) - Vector String: `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H` #### References - [https://github.com/open-telemetry/opentelemetry-js/security/advisories/GHSA-q7rr-3cgh-j5r3](https://redirect.github.com/open-telemetry/opentelemetry-js/security/advisories/GHSA-q7rr-3cgh-j5r3) - [https://github.com/advisories/GHSA-q7rr-3cgh-j5r3](https://redirect.github.com/advisories/GHSA-q7rr-3cgh-j5r3) This data is provided by the [GitHub Advisory Database](https://redirect.github.com/advisories/GHSA-q7rr-3cgh-j5r3) ([CC-BY 4.0](https://redirect.github.com/github/advisory-database/blob/main/LICENSE.md)). </details> --- ### Release Notes <details> <summary>open-telemetry/opentelemetry-js (@​opentelemetry/sdk-node)</summary> ### [`v0.217.0`](https://redirect.github.com/open-telemetry/opentelemetry-js/compare/2400d8389a4469f7a81ccd3be2f0b2c2dd6faaf7...74cde1b674508ccc0ed2601ac43a80ff2d35114c) [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-js/compare/2400d8389a4469f7a81ccd3be2f0b2c2dd6faaf7...74cde1b674508ccc0ed2601ac43a80ff2d35114c) ### [`v0.216.0`](https://redirect.github.com/open-telemetry/opentelemetry-js/compare/a0476eef3cb973bfcc0c2e41f868dd7b484c2ed8...2400d8389a4469f7a81ccd3be2f0b2c2dd6faaf7) [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-js/compare/a0476eef3cb973bfcc0c2e41f868dd7b484c2ed8...2400d8389a4469f7a81ccd3be2f0b2c2dd6faaf7) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNTkuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE1OS4yIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
ac6d0d35af |
chore: bump up @opentelemetry/exporter-prometheus version to ^0.217.0 [SECURITY] (#14944)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@opentelemetry/exporter-prometheus](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/experimental/packages/opentelemetry-exporter-prometheus) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`^0.215.0` → `^0.217.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2fexporter-prometheus/0.215.0/0.217.0) |  |  | --- ### Prometheus exporter process crash via malformed HTTP request [CVE-2026-44902](https://nvd.nist.gov/vuln/detail/CVE-2026-44902) / [GHSA-q7rr-3cgh-j5r3](https://redirect.github.com/advisories/GHSA-q7rr-3cgh-j5r3) <details> <summary>More information</summary> #### Details ##### Summary A single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics endpoint (default `0.0.0.0:9464`) has no error handling around URL parsing, so a request with an invalid URI causes an uncaught `TypeError` that terminates the process. **You are affected by this vulnerability if either of the following apply to your application:** * you directly use `@opentelemetry/exporter-prometheus` in your code through its built-in server. * your `OTEL_METRICS_EXPORTER` environment variable includes `prometheus` **AND** * you use `@opentelemetry/sdk-node` * you use `@opentelemetry/auto-instrumentations-node` via `--require @​opentelemetry/auto-instrumentations-node/register`/`--import @​opentelemetry/auto-instrumentations-node/register` ##### Impact **Denial of service.** Any application using the OpenTelemetry Prometheus exporter’s built-in server can be crashed by a single unauthenticated network packet sent to the metrics port. No authentication, special privileges, or prior access is required. ##### Remediation ##### Update to the fixed version Update `@opentelemetry/exporter-prometheus` and `@opentelemetry/sdk-node` to version **0.217.0** or later. Update `@opentelemetry/auto-instrumentations-node` to version **0.75.0** or later. This release adds proper error handling around the URL constructor, returning an HTTP `400` response on parse failure rather than allowing the exception to propagate and crash the process. ``` npm install @​opentelemetry/exporter-prometheus@latest ``` ##### Do Not Expose the Endpoint to Untrusted Users > [!IMPORTANT] > The following mitigations reduce exposure but do not fully remediate the vulnerability. Any client that *can* reach the metrics endpoint - including your own Prometheus scraper host if compromised - could still trigger the crash. Updating to **0.217.0** is the recommended resolution. If updating is not immediately feasible, restrict access to the metrics endpoint so that it is not reachable by untrusted or unauthenticated network clients. For example: * **Bind to localhost only** by setting the `host` option to `127.0.0.1` when configuring the `PrometheusExporter`, so the port is not exposed on public or shared network interfaces * **Use a firewall or network policy** to restrict access to port `9464` (or whichever port you have configured) to only trusted Prometheus scrape hosts * **Place the endpoint behind a reverse proxy** that filters or validates incoming requests before they reach the exporter ##### Details In `PrometheusExporter.ts`, the `_requestHandler` calls `new URL(request.url, this._baseUrl)` without any error handling. Node's HTTP parser accepts absolute-form URIs (e.g. `http://`) for proxy compatibility, including malformed ones. When `request.url` is `"http://"`, the `URL` constructor throws `TypeError: Invalid URL`. Since there is no try-catch in the handler, the exception propagates as an uncaught exception and crashes the process. The Prometheus metrics endpoint is unauthenticated by design (Prometheus scrapes it) and binds to `0.0.0.0` by default, meaning it is reachable by any network client that can connect to the metrics port. ##### Proof of Concept Start any Node.js application with the Prometheus exporter running on the default port `9464`, then send a single raw TCP packet: ``` echo -ne 'GET http:// HTTP/1.1\r\nHost: localhost\r\n\r\n' | nc localhost 9464 ``` The process crashes immediately with: ``` TypeError: Invalid URL at new URL (...) at PrometheusExporter._requestHandler (...) ``` #### Severity - CVSS Score: 7.5 / 10 (High) - Vector String: `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H` #### References - [https://github.com/open-telemetry/opentelemetry-js/security/advisories/GHSA-q7rr-3cgh-j5r3](https://redirect.github.com/open-telemetry/opentelemetry-js/security/advisories/GHSA-q7rr-3cgh-j5r3) - [https://github.com/advisories/GHSA-q7rr-3cgh-j5r3](https://redirect.github.com/advisories/GHSA-q7rr-3cgh-j5r3) This data is provided by the [GitHub Advisory Database](https://redirect.github.com/advisories/GHSA-q7rr-3cgh-j5r3) ([CC-BY 4.0](https://redirect.github.com/github/advisory-database/blob/main/LICENSE.md)). </details> --- ### Release Notes <details> <summary>open-telemetry/opentelemetry-js (@​opentelemetry/exporter-prometheus)</summary> ### [`v0.217.0`](https://redirect.github.com/open-telemetry/opentelemetry-js/compare/2400d8389a4469f7a81ccd3be2f0b2c2dd6faaf7...74cde1b674508ccc0ed2601ac43a80ff2d35114c) [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-js/compare/2400d8389a4469f7a81ccd3be2f0b2c2dd6faaf7...74cde1b674508ccc0ed2601ac43a80ff2d35114c) ### [`v0.216.0`](https://redirect.github.com/open-telemetry/opentelemetry-js/compare/a0476eef3cb973bfcc0c2e41f868dd7b484c2ed8...2400d8389a4469f7a81ccd3be2f0b2c2dd6faaf7) [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-js/compare/a0476eef3cb973bfcc0c2e41f868dd7b484c2ed8...2400d8389a4469f7a81ccd3be2f0b2c2dd6faaf7) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNTkuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE1OS4yIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
6b720206c6 |
chore: bump up mermaid version to v11.15.0 [SECURITY] (#14946)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [mermaid](https://redirect.github.com/mermaid-js/mermaid) | [`11.13.0` → `11.15.0`](https://renovatebot.com/diffs/npm/mermaid/11.13.0/11.15.0) |  |  | --- ### Mermaid: Improper sanitization of `classDef` in state diagrams leads to HTML injection [CVE-2026-41149](https://nvd.nist.gov/vuln/detail/CVE-2026-41149) / [GHSA-ghcm-xqfw-q4vr](https://redirect.github.com/advisories/GHSA-ghcm-xqfw-q4vr) <details> <summary>More information</summary> #### Details ##### Impact Under the default configuration, Mermaid state diagram's `classDef` allow DOM injection that escapes the SVG, although `<script>` tags are removed, preventing XSS. ##### Proof-of-concept ``` stateDiagram-v2 classDef xss fill:red</style></svg><style>*{x:x;y:y;overflow:visible!important;contain:none!important;transform:none!important;filter:none!important;clip-path:none!important}</style><div style="x:x;y:y;color:red;font:5em/1 monospace;display:grid;place-items:center;z-index:2147483647;width:100vw;height:100vh;position:fixed;top:0;left:0;background:black">HACKED</div><svg><style>a:b [*] --> A:::xss ``` ##### Patches - [v11.15.0](https://redirect.github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0) (see [37ff937f1da2e19f882fd1db01235db4d01f4056](https://redirect.github.com/mermaid-js/mermaid/commit/37ff937f1da2e19f882fd1db01235db4d01f4056)) - [v10.9.6](https://redirect.github.com/mermaid-js/mermaid/releases/tag/v10.9.6) (see [4e2d512bf5bf6f9de1a8f0a48da78dc4d09ac4f3](https://redirect.github.com/mermaid-js/mermaid/commit/4e2d512bf5bf6f9de1a8f0a48da78dc4d09ac4f3)) ##### Workarounds If you can not update to a patched version, setting [`"securityLevel": "sandbox"`](https://mermaid.js.org/config/schema-docs/config.html#securitylevel) will prevent this, by rendering the mermaid diagram in a sandboxed `<iframe>`. ##### Credits Thanks to @​zsxsoft from @​KeenSecurityLab for reporting this vulnerability. #### Severity - CVSS Score: 5.3 / 10 (Medium) - Vector String: `CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L` #### References - [https://github.com/mermaid-js/mermaid/security/advisories/GHSA-ghcm-xqfw-q4vr](https://redirect.github.com/mermaid-js/mermaid/security/advisories/GHSA-ghcm-xqfw-q4vr) - [https://github.com/mermaid-js/mermaid/commit/37ff937f1da2e19f882fd1db01235db4d01f4056](https://redirect.github.com/mermaid-js/mermaid/commit/37ff937f1da2e19f882fd1db01235db4d01f4056) - [https://github.com/mermaid-js/mermaid/commit/4e2d512bf5bf6f9de1a8f0a48da78dc4d09ac4f3](https://redirect.github.com/mermaid-js/mermaid/commit/4e2d512bf5bf6f9de1a8f0a48da78dc4d09ac4f3) - [https://github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0](https://redirect.github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0) - [https://github.com/mermaid-js/mermaid/releases/tag/v10.9.6](https://redirect.github.com/mermaid-js/mermaid/releases/tag/v10.9.6) - [https://mermaid.js.org/config/schema-docs/config.html#securitylevel](https://mermaid.js.org/config/schema-docs/config.html#securitylevel) - [https://github.com/advisories/GHSA-ghcm-xqfw-q4vr](https://redirect.github.com/advisories/GHSA-ghcm-xqfw-q4vr) This data is provided by the [GitHub Advisory Database](https://redirect.github.com/advisories/GHSA-ghcm-xqfw-q4vr) ([CC-BY 4.0](https://redirect.github.com/github/advisory-database/blob/main/LICENSE.md)). </details> --- ### Mermaid: Improper sanitization of `classDefs` in diagrams leads to CSS injection [CVE-2026-41148](https://nvd.nist.gov/vuln/detail/CVE-2026-41148) / [GHSA-xcj9-5m2h-648r](https://redirect.github.com/advisories/GHSA-xcj9-5m2h-648r) <details> <summary>More information</summary> #### Details ##### Details The state diagram and any other diagram type that routes user-controlled style strings through createCssStyles parser for Mermaid v11.14.0 and earlier captures `classDef` values with an unrestricted regex: ```jison // packages/mermaid/src/diagrams/state/parser/stateDiagram.jison:83 <CLASSDEFID>[^\n]* { this.popState(); return 'CLASSDEF_STYLEOPTS' } ``` The value passes unsanitized through `addStyleClass()` -> `createCssStyles()` -> `style.innerHTML` (mermaidAPI.ts:418). A `}` in the value closes the generated CSS selector, and everything after becomes a new CSS rule on the page. ##### PoC ``` stateDiagram-v2 classDef x }*{ background-image: url("http://media.giphy.com/media/SggILpMXO7Xt6/giphy.gif")} ``` Live demo: <https://mermaid.live/edit#pako:eNpFjzFvgzAQhf-KdVNbEcBgMHhtlkqtOnSJKi8ONsYKBmRMlRTx3-skanvTfbp7996t0IxSAYPZC6_2Rmgn7O4rQ00v5nmvWnRG29OKjqI5aTcug9wZK7RiaHH9A4fO-4kliVXSiFibqbvEzWjvnHxo_fI6vR3e6cGXyX2qTcvhcYMItDMSmHeLisAqZ8UVYeUDQhx8p6ziwEIrhTtx4MNVM4nhcxztrywE0h2wVvRzoGWS_z_8rahBKvcckntgmN5OAFvhDIzUNCZZQXCR5nVaZkUEF2BVFpOcEkoxxhUuyRbB980yjStapKHqoKFlhvPtB7BFZEU> ##### Patches This has been patched in: - [v11.15.0](https://redirect.github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0) (see [e9b0f34d8d82a6260077764ee45e1d7d90957a0f](https://redirect.github.com/mermaid-js/mermaid/commit/e9b0f34d8d82a6260077764ee45e1d7d90957a0f)) - [v10.9.6](https://redirect.github.com/mermaid-js/mermaid/releases/tag/v10.9.6) (see [8fead23c59166b7bab6a39eac81acebee2859102](https://redirect.github.com/mermaid-js/mermaid/commit/8fead23c59166b7bab6a39eac81acebee2859102)) ##### Workarounds Setting [`"securityLevel": "sandbox"`](https://mermaid.js.org/config/schema-docs/config.html#securitylevel) will prevent this, by rendering the mermaid diagram in a sandboxed `<iframe>`. ##### Impact Enables page defacement, user tracking via `url()` callbacks, and DOM attribute exfiltration via CSS `:has()` selectors. #### Severity - CVSS Score: 5.3 / 10 (Medium) - Vector String: `CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L` #### References - [https://github.com/mermaid-js/mermaid/security/advisories/GHSA-xcj9-5m2h-648r](https://redirect.github.com/mermaid-js/mermaid/security/advisories/GHSA-xcj9-5m2h-648r) - [https://github.com/mermaid-js/mermaid/commit/8fead23c59166b7bab6a39eac81acebee2859102](https://redirect.github.com/mermaid-js/mermaid/commit/8fead23c59166b7bab6a39eac81acebee2859102) - [https://github.com/mermaid-js/mermaid/commit/e9b0f34d8d82a6260077764ee45e1d7d90957a0f](https://redirect.github.com/mermaid-js/mermaid/commit/e9b0f34d8d82a6260077764ee45e1d7d90957a0f) - [https://github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0](https://redirect.github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0) - [https://github.com/mermaid-js/mermaid/releases/tag/v10.9.6](https://redirect.github.com/mermaid-js/mermaid/releases/tag/v10.9.6) - [https://mermaid.js.org/config/schema-docs/config.html#securitylevel](https://mermaid.js.org/config/schema-docs/config.html#securitylevel) - [https://github.com/advisories/GHSA-xcj9-5m2h-648r](https://redirect.github.com/advisories/GHSA-xcj9-5m2h-648r) This data is provided by the [GitHub Advisory Database](https://redirect.github.com/advisories/GHSA-xcj9-5m2h-648r) ([CC-BY 4.0](https://redirect.github.com/github/advisory-database/blob/main/LICENSE.md)). </details> --- ### Mermaid: Improper sanitization of configuration leads to CSS injection [CVE-2026-41159](https://nvd.nist.gov/vuln/detail/CVE-2026-41159) / [GHSA-87f9-hvmw-gh4p](https://redirect.github.com/advisories/GHSA-87f9-hvmw-gh4p) <details> <summary>More information</summary> #### Details ##### Impact Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the `fontFamily`, `themeCSS`, and `altFontFamily` configuration options. Live demo: [mermaid.live](https://mermaid.live/edit#pako:eNpNjktLxDAUhf9KvFBR6JS-60QQfODKlUvJ5k6TtsEmKTHFGUP-u-mI6Nmdy3fOPR56wwVQSBIvtXSUeAaD0e4ZlZxPDChhcLxFfwiEauOuLq_9Afv30ZpVczpaITS5kGox1qF2gfSeBwYhJAnThAyz-ewntI68vG5-0z3Z7e7IA9OQwmglB-rsKlJQwircLPgNZeAmocTPAi4GXGfHgOkQYwvqN2PUbzJuGSegA84f0a0LRyeeJI4W_xChubCPcbQD2pwbgHo4Aq2aKmvbqq3zoiu7pizqFE6RybN9VFfFY1HWXRVS-Dr_zLObrt7_V_gGGXZlGg) Example code: ``` %%{init: {"fontFamily": "x;a{b} :not(&){background:green !important} c{d}"}}%% flowchart LR A --> B ``` The injected CSS exploits stylis's `&` (scope reference) handling. `:not(&)` escapes the `#mermaid-xxx` automatic scoping, applying styles to all page elements. Global at-rules (`@font-face`, `@keyframes`, `@counter-style`) are also injectable as stylis hoists them to top level. This allows page defacement and DOM attribute exfiltration via CSS `:has()` selectors. ##### Patches - [v11.15.0](https://redirect.github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0) (see [64769738d5b59211e1decb471ffbaca8afec51aa](https://redirect.github.com/mermaid-js/mermaid/commit/64769738d5b59211e1decb471ffbaca8afec51aa)) - [v10.9.6](https://redirect.github.com/mermaid-js/mermaid/releases/tag/v10.9.6) (see [a9d9f0d8eb790349121508688cd338253fd80d76](https://redirect.github.com/mermaid-js/mermaid/commit/a9d9f0d8eb790349121508688cd338253fd80d76)) ##### Workarounds If you can't upgrade mermaid, you can set the [`secure`](https://mermaid.js.org/config/schema-docs/config.html#secure) config value in the mermaid config to avoid allowing diagrams to modify `fontFamily`, `themeCSS`, `altFontFamily`, and `themeVariables`. Setting [`"securityLevel": "sandbox"`](https://mermaid.js.org/config/schema-docs/config.html#securitylevel) will also prevent this. ##### Credits Reported by @​zsxsoft on behalf of @​KeenSecurityLab #### Severity - CVSS Score: 5.3 / 10 (Medium) - Vector String: `CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L` #### References - [https://github.com/mermaid-js/mermaid/security/advisories/GHSA-87f9-hvmw-gh4p](https://redirect.github.com/mermaid-js/mermaid/security/advisories/GHSA-87f9-hvmw-gh4p) - [https://github.com/mermaid-js/mermaid/commit/64769738d5b59211e1decb471ffbaca8afec51aa](https://redirect.github.com/mermaid-js/mermaid/commit/64769738d5b59211e1decb471ffbaca8afec51aa) - [https://github.com/mermaid-js/mermaid/commit/a9d9f0d8eb790349121508688cd338253fd80d76](https://redirect.github.com/mermaid-js/mermaid/commit/a9d9f0d8eb790349121508688cd338253fd80d76) - [https://github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0](https://redirect.github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0) - [https://github.com/mermaid-js/mermaid/releases/tag/v10.9.6](https://redirect.github.com/mermaid-js/mermaid/releases/tag/v10.9.6) - [https://github.com/advisories/GHSA-87f9-hvmw-gh4p](https://redirect.github.com/advisories/GHSA-87f9-hvmw-gh4p) This data is provided by the [GitHub Advisory Database](https://redirect.github.com/advisories/GHSA-87f9-hvmw-gh4p) ([CC-BY 4.0](https://redirect.github.com/github/advisory-database/blob/main/LICENSE.md)). </details> --- ### Mermaid Gantt Charts are vulnerable to an Infinite Loop DoS [CVE-2026-41150](https://nvd.nist.gov/vuln/detail/CVE-2026-41150) / [GHSA-6m6c-36f7-fhxh](https://redirect.github.com/advisories/GHSA-6m6c-36f7-fhxh) <details> <summary>More information</summary> #### Details ##### Impact Mermaid v11.14.0 and earlier are vulnerable to a denial-of-service attack when rendering gantt charts, if they use the [`excludes` attribute](https://mermaid.js.org/syntax/gantt.html?#excludes) to exclude all dates. Example: ``` gantt excludes monday,tuesday,wednesday,thursday,friday,saturday,sunday DoS :2025-01-01, 1d ``` `mermaid.parse` is unaffected, unless you then call the `ganttDb.getTasks()` (which is called when rendering a diagram). ##### Patches This has been patched in: - [v11.15.0](https://redirect.github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0) (see [faafb5d49106dd32c367f3882505f2dd625aa30e](https://redirect.github.com/mermaid-js/mermaid/commit/faafb5d49106dd32c367f3882505f2dd625aa30e)) - [v10.9.6](https://redirect.github.com/mermaid-js/mermaid/releases/tag/v10.9.6) (see [a59ea56174712ee5430dfd5bc877cb5151f501a6](https://redirect.github.com/mermaid-js/mermaid/commit/a59ea56174712ee5430dfd5bc877cb5151f501a6)) ##### Workarounds There are no workarounds available without updating to a newer version of mermaid. #### Severity - CVSS Score: 5.3 / 10 (Medium) - Vector String: `CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L` #### References - [https://github.com/mermaid-js/mermaid/security/advisories/GHSA-6m6c-36f7-fhxh](https://redirect.github.com/mermaid-js/mermaid/security/advisories/GHSA-6m6c-36f7-fhxh) - [https://github.com/mermaid-js/mermaid/commit/a59ea56174712ee5430dfd5bc877cb5151f501a6](https://redirect.github.com/mermaid-js/mermaid/commit/a59ea56174712ee5430dfd5bc877cb5151f501a6) - [https://github.com/mermaid-js/mermaid/commit/faafb5d49106dd32c367f3882505f2dd625aa30e](https://redirect.github.com/mermaid-js/mermaid/commit/faafb5d49106dd32c367f3882505f2dd625aa30e) - [https://github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0](https://redirect.github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0) - [https://github.com/mermaid-js/mermaid/releases/tag/v10.9.6](https://redirect.github.com/mermaid-js/mermaid/releases/tag/v10.9.6) - [https://github.com/advisories/GHSA-6m6c-36f7-fhxh](https://redirect.github.com/advisories/GHSA-6m6c-36f7-fhxh) This data is provided by the [GitHub Advisory Database](https://redirect.github.com/advisories/GHSA-6m6c-36f7-fhxh) ([CC-BY 4.0](https://redirect.github.com/github/advisory-database/blob/main/LICENSE.md)). </details> --- ### Release Notes <details> <summary>mermaid-js/mermaid (mermaid)</summary> ### [`v11.15.0`](https://redirect.github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.15.0) [Compare Source](https://redirect.github.com/mermaid-js/mermaid/compare/mermaid@11.14.0...mermaid@11.15.0) ##### Minor Changes - [#​7174](https://redirect.github.com/mermaid-js/mermaid/pull/7174) [`0aca217`](https://redirect.github.com/mermaid-js/mermaid/commit/0aca21739c0d1fcaaa206e04a6cd574ebc415483) Thanks [@​milesspencer35](https://redirect.github.com/milesspencer35)! - feat(sequence): Add support for decimal start and increment values in the `autonumber` directive - [#​7512](https://redirect.github.com/mermaid-js/mermaid/pull/7512) [`8e17492`](https://redirect.github.com/mermaid-js/mermaid/commit/8e17492f7365ba50896382feb69a23efd9d8a22d) Thanks [@​aruncveli](https://redirect.github.com/aruncveli)! - feat(flowchart): add datastore shape In Data flow diagrams, a datastore/warehouse/file/database is used to represent data persistence. It is denoted by a rectangle with only top and bottom borders, and can be used in flowcharts with `A@{ shape: datastore, label: "Datastore" }`. - [#​6440](https://redirect.github.com/mermaid-js/mermaid/pull/6440) [`9ad8dde`](https://redirect.github.com/mermaid-js/mermaid/commit/9ad8dde6d049adde85d8ed2d476c09b5820f3f4b) Thanks [@​yordis](https://redirect.github.com/yordis), [@​lgazo](https://redirect.github.com/lgazo)! - feat: add Event Modeling diagram - [#​7707](https://redirect.github.com/mermaid-js/mermaid/pull/7707) [`27db774`](https://redirect.github.com/mermaid-js/mermaid/commit/27db774627be1cee881961dfd0d2cb21cd01b79d) Thanks [@​txmxthy](https://redirect.github.com/txmxthy)! - feat(architecture): expose four fcose layout knobs for `architecture-beta` diagrams (`nodeSeparation`, `idealEdgeLengthMultiplier`, `edgeElasticity`, `numIter`) so authors can tune layout density and spread overlapping siblings without changing diagram source - [#​7604](https://redirect.github.com/mermaid-js/mermaid/pull/7604) [`bf9502f`](https://redirect.github.com/mermaid-js/mermaid/commit/bf9502fb6012a4b724679b401ac928f5ee55161c) Thanks [@​M-a-c](https://redirect.github.com/M-a-c)! - feat(class): add nested namespace support for class diagrams via dot notation and syntactic nesting If you have namespaces in class diagrams that use `.`s already and want to render them without nesting (≤v11.14.0 behaviour), you can use set `class.hierarchicalNamespaces=false` in your mermaid config: ```yaml config: class: hierarchicalNamespaces: false ``` - [#​7272](https://redirect.github.com/mermaid-js/mermaid/pull/7272) [`88cdd3d`](https://redirect.github.com/mermaid-js/mermaid/commit/88cdd3dc0aab9577174561b04e14760c565a232b) Thanks [@​xinbenlv](https://redirect.github.com/xinbenlv)! - feat(sankey): add outlined label style, configurable nodeWidth/nodePadding, and custom node colors ##### Patch Changes - [#​7737](https://redirect.github.com/mermaid-js/mermaid/pull/7737) [`e9b0f34`](https://redirect.github.com/mermaid-js/mermaid/commit/e9b0f34d8d82a6260077764ee45e1d7d90957a0f) Thanks [@​ashishjain0512](https://redirect.github.com/ashishjain0512)! - fix: prevent unbalanced CSS styles in classDefs - [#​7737](https://redirect.github.com/mermaid-js/mermaid/pull/7737) [`37ff937`](https://redirect.github.com/mermaid-js/mermaid/commit/37ff937f1da2e19f882fd1db01235db4d01f4056) Thanks [@​ashishjain0512](https://redirect.github.com/ashishjain0512)! - fix: create CSS styles using the CSSOM This removes some invalid CSS and normalizes some CSS formatting. - [#​7508](https://redirect.github.com/mermaid-js/mermaid/pull/7508) [`bfe60cc`](https://redirect.github.com/mermaid-js/mermaid/commit/bfe60cc67b9a6dec64f9161f58e4d24a06c42b65) Thanks [@​biiab](https://redirect.github.com/biiab)! - fix(stateDiagram): `end note` now only closes a note when used on a new line - [#​7737](https://redirect.github.com/mermaid-js/mermaid/pull/7737) [`faafb5d`](https://redirect.github.com/mermaid-js/mermaid/commit/faafb5d49106dd32c367f3882505f2dd625aa30e) Thanks [@​ashishjain0512](https://redirect.github.com/ashishjain0512)! - fix(gantt): add iteration limit for `excludes` field - [#​7737](https://redirect.github.com/mermaid-js/mermaid/pull/7737) [`65f8be2`](https://redirect.github.com/mermaid-js/mermaid/commit/65f8be2a42faf869b811469571983cba7eeeca99) Thanks [@​ashishjain0512](https://redirect.github.com/ashishjain0512)! - fix: disallow some CSS at-rules in custom CSS - [#​7726](https://redirect.github.com/mermaid-js/mermaid/pull/7726) [`1502f32`](https://redirect.github.com/mermaid-js/mermaid/commit/1502f32f3c5fb944925b0c527fbbde3c4f041824) Thanks [@​aloisklink](https://redirect.github.com/aloisklink)! - fix(wardley): fix unnecessary sanitization of text - [#​7578](https://redirect.github.com/mermaid-js/mermaid/pull/7578) [`1f98db8`](https://redirect.github.com/mermaid-js/mermaid/commit/1f98db8e326299ac97a2fa60abfd509d8f5f16e2) Thanks [@​Gaston202](https://redirect.github.com/Gaston202)! - fix(class): self-referential class multiplicity labels no longer rendered multiple times Fixes [#​7560](https://redirect.github.com/mermaid-js/mermaid/issues/7560). Resolves an issue where cardinality labels on self-referential class relationships were rendered three times due to edge splitting in the dagre layout. The fix ensures that each sub-edge only carries its relevant label positions. - [#​7592](https://redirect.github.com/mermaid-js/mermaid/pull/7592) [`2343e38`](https://redirect.github.com/mermaid-js/mermaid/commit/2343e38498a3b31f8ce5e79f1f009e0b56fbe086) Thanks [@​knsv-bot](https://redirect.github.com/knsv-bot)! - fix(sequence): add background box behind alt/else section title labels in sequence diagrams - [#​7589](https://redirect.github.com/mermaid-js/mermaid/pull/7589) [`7fb9509`](https://redirect.github.com/mermaid-js/mermaid/commit/7fb9509b8b5cb1dc48519dc60cf6cdc6afba0462) Thanks [@​NYCU-Chung](https://redirect.github.com/NYCU-Chung)! - fix(block): prevent column widths from shrinking when mixing different column spans - [#​7632](https://redirect.github.com/mermaid-js/mermaid/pull/7632) [`3f9e0f1`](https://redirect.github.com/mermaid-js/mermaid/commit/3f9e0f15bedc1e2c71ddb6b34192d1a21124cfc2) Thanks [@​ekiauhce](https://redirect.github.com/ekiauhce)! - fix(sequence): correct messageAlign label position for right-to-left arrows in sequence diagrams - [#​7642](https://redirect.github.com/mermaid-js/mermaid/pull/7642) [`7a8fb85`](https://redirect.github.com/mermaid-js/mermaid/commit/7a8fb8532c57ecc55b3711454ab0e505a4291445) Thanks [@​tractorjuice](https://redirect.github.com/tractorjuice)! - fix(wardley): allow hyphens in unquoted component names Multi-word names containing hyphens — e.g. `real-time processing`, `end-user`, `on-call engineer` — now parse without quoting, bringing the grammar in line with the OnlineWardleyMaps (OWM) convention. `A->B` (no-space arrow) still tokenises correctly. - [#​7523](https://redirect.github.com/mermaid-js/mermaid/pull/7523) [`5144ed4`](https://redirect.github.com/mermaid-js/mermaid/commit/5144ed4b138ae0f4836bab4c163c575e0a767dd3) Thanks [@​darshanr0107](https://redirect.github.com/darshanr0107)! - fix(block): Arrow blocks in block-beta diagrams not spanning the specified number of columns when using `:n` syntax. - [#​7262](https://redirect.github.com/mermaid-js/mermaid/pull/7262) [`13d9bfa`](https://redirect.github.com/mermaid-js/mermaid/commit/13d9bfa4748e845a9eec7d6265ba496d2278f26e) Thanks [@​darshanr0107](https://redirect.github.com/darshanr0107)! - fix(block): Ensure block diagram hexagon blocks respect column spanning syntax - [#​7684](https://redirect.github.com/mermaid-js/mermaid/pull/7684) [`e14bb88`](https://redirect.github.com/mermaid-js/mermaid/commit/e14bb88bdb940124cdb0a107025653bf93745c99) Thanks [@​aloisklink](https://redirect.github.com/aloisklink)! - fix: loosen `uuid` dependency range to allow v14 Mermaid does not use any of the vulnerable code in CVE-2026-41907, but this allows users to silence any `npm audit` alerts on it. - [#​7633](https://redirect.github.com/mermaid-js/mermaid/pull/7633) [`9217c0d`](https://redirect.github.com/mermaid-js/mermaid/commit/9217c0d8b221b423af80e420b7adae901acf6c8c) Thanks [@​Felix-Garci](https://redirect.github.com/Felix-Garci)! - fix(block): add support for all arrow types in block diagrams - [#​7587](https://redirect.github.com/mermaid-js/mermaid/pull/7587) [`5e7eb62`](https://redirect.github.com/mermaid-js/mermaid/commit/5e7eb62e3aba6b5df559f5c839a868e5b7f40e72) Thanks [@​MaddyGuthridge](https://redirect.github.com/MaddyGuthridge)! - chore: drop lodash-es in favour of es-toolkit - [#​7693](https://redirect.github.com/mermaid-js/mermaid/pull/7693) [`afaf306`](https://redirect.github.com/mermaid-js/mermaid/commit/afaf3062381d115d66744413151b642f124dd9ba) Thanks [@​dull-bird](https://redirect.github.com/dull-bird)! - fix(quadrant-chart): allow CJK, emoji, Latin-1 accented characters, and other non-ASCII text in unquoted axis/quadrant/point labels. Previously the lexer only matched ASCII `[A-Za-z]+` for text tokens, even though the grammar referenced `UNICODE_TEXT`. Bare Chinese, Japanese, Korean, emoji, and accented Latin characters in labels caused a parse error. Added a `[^\x00-\x7F]+` lexer rule to emit `UNICODE_TEXT` and included it in the `alphaNumToken` grammar rule. Fixes [#​7120](https://redirect.github.com/mermaid-js/mermaid/issues/7120). - [#​7737](https://redirect.github.com/mermaid-js/mermaid/pull/7737) [`4755553`](https://redirect.github.com/mermaid-js/mermaid/commit/4755553d5fb6d1217809e43ffb8fc54d6a73e482) Thanks [@​ashishjain0512](https://redirect.github.com/ashishjain0512)! - fix: improve D3 types for mermaidAPI funcs - [#​7737](https://redirect.github.com/mermaid-js/mermaid/pull/7737) [`6476973`](https://redirect.github.com/mermaid-js/mermaid/commit/64769738d5b59211e1decb471ffbaca8afec51aa) Thanks [@​ashishjain0512](https://redirect.github.com/ashishjain0512)! - fix: handle `&` when namespacing CSS rules - [#​7520](https://redirect.github.com/mermaid-js/mermaid/pull/7520) [`8c1a0c1`](https://redirect.github.com/mermaid-js/mermaid/commit/8c1a0c1fd19587c6772d6966fe9d217e5cd1356c) Thanks [@​RodrigojndSantos](https://redirect.github.com/RodrigojndSantos)! - fix(stateDiagram): comments starting with one `%` are no longer treated as comments Switch to using two `%%` if you want to write a comment. - Updated dependencies \[[`7a8fb85`](https://redirect.github.com/mermaid-js/mermaid/commit/7a8fb8532c57ecc55b3711454ab0e505a4291445), [`675a64c`](https://redirect.github.com/mermaid-js/mermaid/commit/675a64ca0e3cde8728ca715991623c3fc055ce88)]: - [@​mermaid-js/parser](https://redirect.github.com/mermaid-js/parser)@​1.1.1 ### [`v11.14.0`](https://redirect.github.com/mermaid-js/mermaid/releases/tag/mermaid%4011.14.0) [Compare Source](https://redirect.github.com/mermaid-js/mermaid/compare/mermaid@11.13.0...mermaid@11.14.0) Thanks to our awesome mermaid community that contributed to this release: [@​ashishjain0512](https://redirect.github.com/ashishjain0512), [@​tractorjuice](https://redirect.github.com/tractorjuice), [@​autofix-ci\[bot\]](https://redirect.github.com/autofix-ci%5Bbot%5D), [@​aloisklink](https://redirect.github.com/aloisklink), [@​knsv](https://redirect.github.com/knsv), [@​kibanana](https://redirect.github.com/kibanana), [@​chandershekhar22](https://redirect.github.com/chandershekhar22), [@​khalil](https://redirect.github.com/khalil), [@​ytatsuno](https://redirect.github.com/ytatsuno), [@​sidharthv96](https://redirect.github.com/sidharthv96), [@​github-actions\[bot\]](https://redirect.github.com/github-actions%5Bbot%5D), [@​dripcoding](https://redirect.github.com/dripcoding), [@​knsv-bot](https://redirect.github.com/knsv-bot), [@​jeroensmink98](https://redirect.github.com/jeroensmink98), [@​Alex9583](https://redirect.github.com/Alex9583), [@​GhassenS](https://redirect.github.com/GhassenS), [@​omkarht](https://redirect.github.com/omkarht), [@​darshanr0107](https://redirect.github.com/darshanr0107), [@​leentaylor](https://redirect.github.com/leentaylor), [@​lee-treehouse](https://redirect.github.com/lee-treehouse), [@​veeceey](https://redirect.github.com/veeceey), [@​turntrout](https://redirect.github.com/turntrout), [@​Mermaid-Chart](https://redirect.github.com/Mermaid-Chart), [@​BambioGaming](https://redirect.github.com/BambioGaming), Claude ### Releases #### [@​mermaid-js/examples](https://redirect.github.com/mermaid-js/examples)@​1.2.0 ##### Minor Changes - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - add new TreeView diagram #### mermaid\@​11.14.0 ##### Minor Changes - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - Add Wardley Maps diagram type (beta) Adds Wardley Maps as a new diagram type to Mermaid (available as `wardley-beta`). Wardley Maps are visual representations of business strategy that help map value chains and component evolution. Features: - Component positioning with \[visibility, evolution] coordinates (OWM format) - Anchors for users/customers - Multiple link types: dependencies, flows, labeled links - Evolution arrows and trend indicators - Custom evolution stages with optional dual labels - Custom stage widths using [@​boundary](https://redirect.github.com/boundary) notation - Pipeline components with visibility inheritance - Annotations, notes, and visual elements - Source strategy markers: build, buy, outsource, market - Inertia indicators - Theme integration Implementation includes parser, D3.js renderer, unit tests, E2E tests, and comprehensive documentation. - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look styling for state diagrams - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look support for sequence diagrams with drop shadows, and enhanced styling - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: add `randomize` config option for architecture diagrams, defaulting to `false` for deterministic layout - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: Add option to change timeline direction - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - Fix duplicate SVG element IDs when rendering multiple diagrams on the same page. Internal element IDs (nodes, edges, markers, clusters) are now prefixed with the diagram's SVG element ID across all diagram types. Custom CSS or JS using exact ID selectors like `#arrowhead` should use attribute-ending selectors like `[id$="-arrowhead"]` instead. - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look styling for ER diagrams - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look styling for requirement diagrams - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: add theme support for data label colour in xy chart - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look styling for mindmap diagrams - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look for mermaid flowchart diagrams - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look and themes for class diagram - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: add showDataLabelOutsideBar option for xy chart - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look support for timeline diagram with drop shadows, additoinal redux themes and enhanced styling - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look and themes for gitGraph diagram - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - add new TreeView diagram ##### Patch Changes - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - add link to ishikawa diagram on mermaid.js.org - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - docs: document valid duration token formats in gantt.md - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: ER diagram parsing when using "1" as entity identifier on right side The parser was incorrectly tokenizing the second "1" in patterns like `a many to 1 1:` because the lookahead rule only checked for alphabetic characters after whitespace, not digits. Added a new lookahead pattern `"1"(?=\s+[0-9])` to correctly identify the cardinality alias before a numeric entity name. Fixes [#​7472](https://redirect.github.com/mermaid-js/mermaid/issues/7472) - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: scope cytoscape label style mapping to edges with labels to prevent console warnings - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: support inline annotation syntax in class diagrams (class Shape <<interface>>) - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: Align branch label background with text for multi-line labels in LR GitGraph layout - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: preserve cause hierarchy when ishikawa effect is indented more than causes - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - refactor: remove unused createGraphWithElements function and add regression test for open edge arrowheads - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: Prevent long pie chart titles from being clipped by expanding the viewBox - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: prevent sequence diagram hang when "as" is used without a trailing space in participant declarations - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: warn when `style` statement targets a non-existent node in flowcharts - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: group state diagram SVG children under single root <g> element - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: Allow :::className syntax inside composite state blocks - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) Thanks [@​aloisklink](https://redirect.github.com/aloisklink), [@​BambioGaming](https://redirect.github.com/BambioGaming)! - fix: prevent escaping `<` and `&` when `htmlLabels: false` - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: treemap title and labels use theme-aware colors for dark backgrounds - Updated dependencies \[[`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519)]: - [@​mermaid-js/parser](https://redirect.github.com/mermaid-js/parser)@​1.1.0 #### [@​mermaid-js/parser](https://redirect.github.com/mermaid-js/parser)@​1.1.0 ##### Minor Changes - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - add new TreeView diagram #### [@​mermaid-js/tiny](https://redirect.github.com/mermaid-js/tiny)@​11.14.0 ##### Minor Changes - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - Add Wardley Maps diagram type (beta) Adds Wardley Maps as a new diagram type to Mermaid (available as `wardley-beta`). Wardley Maps are visual representations of business strategy that help map value chains and component evolution. Features: - Component positioning with \[visibility, evolution] coordinates (OWM format) - Anchors for users/customers - Multiple link types: dependencies, flows, labeled links - Evolution arrows and trend indicators - Custom evolution stages with optional dual labels - Custom stage widths using [@​boundary](https://redirect.github.com/boundary) notation - Pipeline components with visibility inheritance - Annotations, notes, and visual elements - Source strategy markers: build, buy, outsource, market - Inertia indicators - Theme integration Implementation includes parser, D3.js renderer, unit tests, E2E tests, and comprehensive documentation. - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look styling for state diagrams - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look support for sequence diagrams with drop shadows, and enhanced styling - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: add `randomize` config option for architecture diagrams, defaulting to `false` for deterministic layout - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: Add option to change timeline direction - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - Fix duplicate SVG element IDs when rendering multiple diagrams on the same page. Internal element IDs (nodes, edges, markers, clusters) are now prefixed with the diagram's SVG element ID across all diagram types. Custom CSS or JS using exact ID selectors like `#arrowhead` should use attribute-ending selectors like `[id$="-arrowhead"]` instead. - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look styling for ER diagrams - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look styling for requirement diagrams - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: add theme support for data label colour in xy chart - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look styling for mindmap diagrams - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look for mermaid flowchart diagrams - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look and themes for class diagram - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: add showDataLabelOutsideBar option for xy chart - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look support for timeline diagram with drop shadows, additoinal redux themes and enhanced styling - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - feat: implement neo look and themes for gitGraph diagram - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - add new TreeView diagram ##### Patch Changes - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - add link to ishikawa diagram on mermaid.js.org - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - docs: document valid duration token formats in gantt.md - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: ER diagram parsing when using "1" as entity identifier on right side The parser was incorrectly tokenizing the second "1" in patterns like `a many to 1 1:` because the lookahead rule only checked for alphabetic characters after whitespace, not digits. Added a new lookahead pattern `"1"(?=\s+[0-9])` to correctly identify the cardinality alias before a numeric entity name. Fixes [#​7472](https://redirect.github.com/mermaid-js/mermaid/issues/7472) - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: scope cytoscape label style mapping to edges with labels to prevent console warnings - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: support inline annotation syntax in class diagrams (class Shape <<interface>>) - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: Align branch label background with text for multi-line labels in LR GitGraph layout - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: preserve cause hierarchy when ishikawa effect is indented more than causes - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - refactor: remove unused createGraphWithElements function and add regression test for open edge arrowheads - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: Prevent long pie chart titles from being clipped by expanding the viewBox - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: prevent sequence diagram hang when "as" is used without a trailing space in participant declarations - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: warn when `style` statement targets a non-existent node in flowcharts - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: group state diagram SVG children under single root <g> element - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: Allow :::className syntax inside composite state blocks - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) Thanks [@​aloisklink](https://redirect.github.com/aloisklink), [@​BambioGaming](https://redirect.github.com/BambioGaming)! - fix: prevent escaping `<` and `&` when `htmlLabels: false` - [#​7526](https://redirect.github.com/mermaid-js/mermaid/pull/7526) [`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519) - fix: treemap title and labels use theme-aware colors for dark backgrounds - Updated dependencies \[[`efe218a`](https://redirect.github.com/mermaid-js/mermaid/commit/efe218a47fb5a4c2bd5489b48ce69213b141e519)]: - [@​mermaid-js/parser](https://redirect.github.com/mermaid-js/parser)@​1.1.0 </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNTkuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE1OS4yIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
8cf00738c2 |
feat(server): realtime notification & task status (#14934)
#### PR Dependency Tree * **PR #14934** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Full realtime platform added: live notifications, comments, embedding progress, and transcription task updates via realtime subscriptions. * **Chores** * Frontend switched from polling/GraphQL queries to realtime channels; legacy query fields marked deprecated and client libs updated to use realtime APIs. [](https://app.coderabbit.ai/change-stack/toeverything/AFFiNE/pull/14934) <!-- end of auto-generated comment: release notes by coderabbit.ai --> #### PR Dependency Tree * **PR #14934** 👈 * **PR #14936** This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) |
||
|
|
ac37d07e74 |
feat(editor): add Bear backup import and markdown zip folder hierarchy (#14599)
## Summary
- Add Bear `.bear2bk` backup importer (TextBundle-based zip format)
- Enhance markdown zip import to preserve folder structure from zip
paths
- Add colored highlight (`<mark data-color="...">`) support to HTML
adapter
### Bear Import Details
Bear backups are zip archives of TextBundle directories. The importer:
- Parses Bear-specific markdown (highlights `==text==`, callouts `>
[!NOTE]`, inline tags `#tag`)
- Extracts creation/modification dates from `info.json` metadata
- Filters out trashed notes
- Converts Bear tags to AFFiNE tags (consolidated by root segment)
- Builds folder hierarchy from nested tag paths (e.g.,
`#work/projects/alpha`)
- Uses JSZip for lazy decompression to handle large backups without OOM
### Markdown Zip Folder Hierarchy
`importMarkdownZip` now returns `{ docIds, folderHierarchy }` instead of
just `docIds[]`, enabling the UI to recreate the zip's directory
structure as AFFiNE folders.
## Related Issues
- Implements the TextBundle-based import approach suggested in #14115 /
Discussion #14142
- Addresses folder structure preservation requested in #10003
- Partially addresses frontmatter metadata import from #11286
## Test Plan
- [ ] Import a Bear `.bear2bk` backup file via the import dialog
- [ ] Verify tags are created and assigned to documents
- [ ] Verify folder hierarchy matches Bear's nested tag structure
- [ ] Verify creation/modification dates are preserved
- [ ] Verify highlighted text and callouts render correctly
- [ ] Verify images and attachments are imported
- [ ] Import a markdown zip with nested folders, verify folder structure
is recreated
- [ ] Verify trashed Bear notes are excluded
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Bear (.bear2bk) backup import: bulk import notes, convert/dedupe tags,
create nested folders, and return imported doc IDs plus folder
hierarchy; UI import option and progress integrated.
* Markdown ZIP import now returns an optional folder hierarchy alongside
created doc IDs.
* **Bug Fixes / Improvements**
* Highlighting: mark elements validate color names, default safely, and
apply consistent background styling.
* **Chores**
* Added runtime dependency for ZIP handling.
* **Documentation**
* Added localization strings and i18n accessors for Bear import UI.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com>
|
||
|
|
429e7f495d |
chore: bump up link-preview-js version to v4.0.1 [SECURITY] (#14917)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [link-preview-js](https://redirect.github.com/OP-Engineering/link-preview-js) | [`4.0.0` → `4.0.1`](https://renovatebot.com/diffs/npm/link-preview-js/4.0.0/4.0.1) |  |  | --- ### link-preview-js vulnerable to IPv6 and internal loopback attacks [CVE-2026-43897](https://nvd.nist.gov/vuln/detail/CVE-2026-43897) / [GHSA-4gp8-rjrq-ch6q](https://redirect.github.com/advisories/GHSA-4gp8-rjrq-ch6q) <details> <summary>More information</summary> #### Details ##### Impact The library did not check for IPv6 loopback attacks. There was also a DNS attack, where an address could be resolved into an internal IP. This could cause internal data leaks. ##### Patches Problem has been patched in version 4.0.1. However, it cannot be completely solved by the package alone. The regex used for validation has been tightened for IPv6 addresses. The DNS resolving, however, is more difficult. The regex has been tightened to prohibit .internal, .local, .nip.io and .sslip.io addresses, however there can be other services not on the list, therefore it is imperative that users use the resolveDNSHost option to do DNS resolution before fetching content. To that regard a (scary) error message has been added when the option is not set. ##### Workarounds Users can do their own validation before fetching content. Reported by https://github.com/Andrew-most-likely #### Severity - CVSS Score: 8.7 / 10 (High) - Vector String: `CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N` #### References - [https://github.com/OP-Engineering/link-preview-js/security/advisories/GHSA-4gp8-rjrq-ch6q](https://redirect.github.com/OP-Engineering/link-preview-js/security/advisories/GHSA-4gp8-rjrq-ch6q) - [https://github.com/OP-Engineering/link-preview-js/pull/179](https://redirect.github.com/OP-Engineering/link-preview-js/pull/179) - [https://github.com/OP-Engineering/link-preview-js/commit/4396d48909fab37553c0e93e26447fe218363ede](https://redirect.github.com/OP-Engineering/link-preview-js/commit/4396d48909fab37553c0e93e26447fe218363ede) - [https://github.com/OP-Engineering/link-preview-js/releases/tag/4.0.1](https://redirect.github.com/OP-Engineering/link-preview-js/releases/tag/4.0.1) - [https://github.com/advisories/GHSA-4gp8-rjrq-ch6q](https://redirect.github.com/advisories/GHSA-4gp8-rjrq-ch6q) This data is provided by the [GitHub Advisory Database](https://redirect.github.com/advisories/GHSA-4gp8-rjrq-ch6q) ([CC-BY 4.0](https://redirect.github.com/github/advisory-database/blob/main/LICENSE.md)). </details> --- ### Release Notes <details> <summary>OP-Engineering/link-preview-js (link-preview-js)</summary> ### [`v4.0.1`](https://redirect.github.com/OP-Engineering/link-preview-js/releases/tag/4.0.1) [Compare Source](https://redirect.github.com/OP-Engineering/link-preview-js/compare/4.0.0...4.0.1) #### What's Changed - Loopback fixes by [@​ospfranco](https://redirect.github.com/ospfranco) in [#​179](https://redirect.github.com/OP-Engineering/link-preview-js/pull/179) **Full Changelog**: <https://github.com/OP-Engineering/link-preview-js/compare/4.0.0...4.0.1> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNTkuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE1OS4yIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
440ff0c342 |
fix(editor): resolve UX inconsistencies in the AI chat interface (#14850)
# Closes #14189. Fixes the three UX issues reported in the original bug report, plus one small adjacent polish on the right-sidebar toggle that was requested during review. Each concern in the issue is addressed end-to-end, with the same treatment applied to both places the AI chat panel lives: the **sidebar chat panel** (right panel on a doc page) and the **standalone `/chat` page**. --- ## 1. `+` button → persistent multi-session tabs (issue point 1) **Before:** clicking `+` called `createFreshSession()` (standalone) or `newSession()` (sidebar), both of which tore down the current chat content and replaced it in place. There was no way to keep two chats open at once. **After:** a browser/IDE-style tab strip lives above the chat content. Each open session gets its own tab with a close `×`; the active tab is highlighted; `+` now adds a tab rather than replacing the chat. ### Details - New Lit component `ai-chat-tabs` ([packages/frontend/core/src/blocksuite/ai/components/ai-chat-toolbar/ai-chat-tabs.ts](packages/frontend/core/src/blocksuite/ai/components/ai-chat-toolbar/ai-chat-tabs.ts)). - Tab title is derived from `session.title` → first user message → `"New chat"`. - Horizontal scroll when tabs overflow, with a `wheel` handler that converts mouse wheel / trackpad vertical swipe into horizontal scroll (native horizontal trackpad swipes also work natively via `overflow-x: auto`). - Auto `scrollIntoView({ inline: 'nearest' })` on active tab change, so a newly created or newly selected tab slides into view instead of staying hidden behind the toolbar. - Close `×` removes the tab from the strip but leaves the session on the server (matches the existing **Chat history** dropdown semantics — the session is still reachable there). Closing the active tab switches to an adjacent one; closing the last tab starts a fresh session. - Persistence: open session IDs are saved per-workspace in `localStorage` under `ai-chat-open-tabs:{workspaceId}`. On mount, the React pages hydrate those IDs via `AIProvider.session.getSession` / `CopilotClient.getSession` — no new backend or schema work. - Wiring: identical effects on both variants ([chat.tsx (sidebar)](packages/frontend/core/src/desktop/pages/workspace/detail-page/tabs/chat.tsx) and [chat/index.tsx (standalone)](packages/frontend/core/src/desktop/pages/workspace/chat/index.tsx)) — hydrate → sync active session into tabs → persist. - The tab strip sits on the same row as the existing toolbar icons (pin / history / `+`), separated by `flex: 1` + `min-width: 0` so the tabs scroll cleanly up to the toolbar boundary. - The `ShadowlessElement` base class injects its static CSS globally, and the `:host` selector does not match in a React-rooted DOM — the component uses tag-selector CSS (`ai-chat-tabs { display: flex; … }`) instead. ## 2. Drag-and-drop attachments (issue point 2) **Before:** the chat input accepted no DnD. Attaching anything required the `+` → file-picker flow. **After:** the chat input accepts OS files via native HTML5 DnD and AFFiNE documents via the repo's existing pragmatic-drag-and-drop infrastructure. ### Details - Native handlers (`dragenter/over/leave/drop`) on [ai-chat-input.ts](packages/frontend/core/src/blocksuite/ai/components/ai-chat-input/ai-chat-input.ts) accept OS files: images go into the image preview grid, other files become attachment chips, with the same 50 MB per-file cap as the `+` picker. - Internal AFFiNE document drags from the nav panel land as doc chips, handled via `dropTargetForElements` from `@atlaskit/pragmatic-drag-and-drop` (same library the rest of the app already uses for internal DnD). - A "Drop to attach" overlay appears during drag, reusing the existing focused-border token (`--affine-v2-layer-insideBorder-primaryBorder`) for visual consistency with the focused state. - The image/file routing logic that previously lived inline in `add-popover.ts` was factored into a shared helper [attachment-utils.ts](packages/frontend/core/src/blocksuite/ai/components/ai-chat-chips/attachment-utils.ts) (`addFilesToChat`), so the `+` picker and the drop handler stay in lockstep. - Analytics: extended the `addEmbeddingDoc.control` union in [events.ts](packages/frontend/track/src/events.ts) with `'dragDrop'` so drag-originated attachments are distinguishable from button-initiated ones in telemetry. - `@atlaskit/pragmatic-drag-and-drop` is promoted from a transitive dependency (via `@affine/component`) to a direct dependency of `@affine/core` and `yarn.lock` is refreshed accordingly. ## 3. Chat-history tooltip + icon (issue point 3) **Before:** hovering the chat-history button showed a tooltip whose background did not invert for dark theme (`--affine-tooltip` is not theme-aware), and the icon was `ArrowDownSmallIcon` — a chevron that does not convey "history." **After:** the tooltip primitive itself is theme-aware (every tooltip in the app benefits, not just the chat one), and the icon is the semantically-clear `HistoryIcon`. ### Details - [tooltip.ts](blocksuite/affine/components/src/tooltip/tooltip.ts) now uses `var(--affine-v2-tooltips-background, var(--affine-tooltip))` and `var(--affine-v2-tooltips-foreground, var(--affine-white))`. The V2 tokens auto-invert with theme; the old vars remain as fallbacks so components that override via the existing `tooltipStyle` escape hatch continue to work. - Triangle arrow colors updated to use the same V2 token. - [ai-chat-toolbar.ts](packages/frontend/core/src/blocksuite/ai/components/ai-chat-toolbar/ai-chat-toolbar.ts): `ArrowDownSmallIcon` → `HistoryIcon`; added `data-testid="ai-panel-chat-history"` for future e2e coverage. ## 4. Right-sidebar toggle: tooltips + open-state icon *(adjacent polish)* Not part of the original issue, but surfaced while testing the tab strip — neither of the two right-sidebar toggle buttons had hover affordance, and both used the same icon regardless of the sidebar's state. - Added `tooltip="Open sidebar"` on the route-container button shown when the sidebar is hidden. - Added `tooltip="Close sidebar"` on the sidebar-header button shown when the sidebar is expanded. - The close button now renders a small inline `RightSidebarOpenIcon` variant: same outline as `RightSidebarIcon`, but with the right panel filled in the AFFiNE accent color to convey the open state. Icon shape change is self-contained — no new icon asset added to `@blocksuite/icons`. --- ## Commits - `2adc0c7` — fix(ai-chat): theme-aware tooltip + semantic chat-history icon *(2 files)* - `bf26974` — feat(ai-chat): drag-and-drop file and doc attachments in chat input *(7 files)* - `fca29c8` — feat(ai-chat): persistent multi-session tab strip *(8 files)* - `7d5dffe` — feat(workbench): tooltips and open-state icon for the right-sidebar toggle *(2 files)* Kept ordered smallest → largest blast radius so the history is easy to bisect. --- ## Test plan Verified locally against a fresh server stack (postgres / redis / mailpit via compose, migrations run) signed in as `dev@affine.pro`, in both `/chat` and the sidebar chat on a doc page, in light and dark themes: - [x] Tooltip: hover the chat-history icon in dark mode → tooltip is dark-on-light; toggle to light mode → tooltip is light-on-dark. Existing tooltips on other surfaces (slash menu, edgeless, linked-doc) still render correctly. - [x] Icon: chat-history button renders the history glyph (clock), not a chevron. - [x] Drag-and-drop (OS file): drop a PDF / PNG / TXT onto the input → overlay shows → chips/images appear; file > 50 MB → rejected silently (same as `+` picker). - [x] Drag-and-drop (internal doc): drag an AFFiNE doc from the nav panel → becomes a doc chip. - [x] Pin-picker, `+` picker, paste-image — all unchanged. - [x] Tab strip: first chat auto-becomes a tab on first message; `+` adds tab; click tab switches chat; `×` removes tab and switches to adjacent; close last tab → new fresh tab spawns. - [x] Reload browser → tab strip rehydrates from localStorage with the same sessions. - [x] Tab overflow: 12+ tabs → horizontal scroll via trackpad vertical swipe, trackpad horizontal swipe, and mouse wheel; active tab auto-scrolls into view on `+` click. - [x] Right-sidebar: hover both toggle buttons → tooltips appear; open the sidebar → close button shows the filled right-panel icon. - [x] `yarn lint:ox` and lint-staged both clean on every commit. Not verified locally (no local model key configured): the assistant actually streams a response. Drop/chip flow is independent of that path. ## Out of scope / follow-ups - No new unit or Playwright tests — the fixes are visually verifiable and reuse existing reducer / state paths. Happy to add tests if reviewers prefer. - `@affine/native` is not required for the web dev stack; I only built `@affine/server-native`. Irrelevant to the PR diff. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Multi-tab chat UI with a tabs component, open/close/switch actions, and per-workspace persistence/restoration. * Drag-and-drop attachments into chat input (files and docs). * **UI/UX** * Tooltip theming moved to v2 variables (includes arrow color). * Sidebar toggle/close buttons now show tooltips. * “Drop to attach” overlay and updated history icon. * **Behavior** * Unified attachment handling with 50MB validation and toast notices. * **Analytics** * Attachment events record drag-and-drop as a control method. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com> |
||
|
|
d64f368623 |
feat(server): refactor copilot (#14892)
#### PR Dependency Tree * **PR #14892** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) |
||
|
|
fb6291cb15 | fix: deps dedup | ||
|
|
0ccfacbc29 | feat(docs): migrate bs docs | ||
|
|
bf6fc66943 |
chore: bump up postcss version to v8.5.10 [SECURITY] (#14877)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [postcss](https://postcss.org/) ([source](https://redirect.github.com/postcss/postcss)) | [`8.5.6` → `8.5.10`](https://renovatebot.com/diffs/npm/postcss/8.5.6/8.5.10) |  |  | --- ### PostCSS has XSS via Unescaped </style> in its CSS Stringify Output [CVE-2026-41305](https://nvd.nist.gov/vuln/detail/CVE-2026-41305) / [GHSA-qx2v-qp2m-jg93](https://redirect.github.com/advisories/GHSA-qx2v-qp2m-jg93) <details> <summary>More information</summary> #### Details ##### PostCSS: XSS via Unescaped `</style>` in CSS Stringify Output ##### Summary PostCSS v8.5.5 (latest) does not escape `</style>` sequences when stringifying CSS ASTs. When user-submitted CSS is parsed and re-stringified for embedding in HTML `<style>` tags, `</style>` in CSS values breaks out of the style context, enabling XSS. ##### Proof of Concept ```javascript const postcss = require('postcss'); // Parse user CSS and re-stringify for page embedding const userCSS = 'body { content: "</style><script>alert(1)</script><style>"; }'; const ast = postcss.parse(userCSS); const output = ast.toResult().css; const html = `<style>${output}</style>`; console.log(html); // <style>body { content: "</style><script>alert(1)</script><style>"; }</style> // // Browser: </style> closes the style tag, <script> executes ``` **Tested output** (Node.js v22, postcss v8.5.5): ``` Input: body { content: "</style><script>alert(1)</script><style>"; } Output: body { content: "</style><script>alert(1)</script><style>"; } Contains </style>: true ``` ##### Impact Impact non-bundler use cases since bundlers for XSS on their own. Requires some PostCSS plugin to have malware code, which can inject XSS to website. ##### Suggested Fix Escape `</style` in all stringified output values: ```javascript output = output.replace(/<\/(style)/gi, '<\\/$1'); ``` ##### Credits Discovered and reported by [Sunil Kumar](https://tharvid.in) ([@​TharVid](https://redirect.github.com/TharVid)) #### Severity - CVSS Score: 6.1 / 10 (Medium) - Vector String: `CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N` #### References - [https://github.com/postcss/postcss/security/advisories/GHSA-qx2v-qp2m-jg93](https://redirect.github.com/postcss/postcss/security/advisories/GHSA-qx2v-qp2m-jg93) - [https://nvd.nist.gov/vuln/detail/CVE-2026-41305](https://nvd.nist.gov/vuln/detail/CVE-2026-41305) - [https://github.com/postcss/postcss/releases/tag/8.5.10](https://redirect.github.com/postcss/postcss/releases/tag/8.5.10) - [https://github.com/advisories/GHSA-qx2v-qp2m-jg93](https://redirect.github.com/advisories/GHSA-qx2v-qp2m-jg93) This data is provided by the [GitHub Advisory Database](https://redirect.github.com/advisories/GHSA-qx2v-qp2m-jg93) ([CC-BY 4.0](https://redirect.github.com/github/advisory-database/blob/main/LICENSE.md)). </details> --- ### Release Notes <details> <summary>postcss/postcss (postcss)</summary> ### [`v8.5.10`](https://redirect.github.com/postcss/postcss/blob/HEAD/CHANGELOG.md#8510) [Compare Source](https://redirect.github.com/postcss/postcss/compare/8.5.9...8.5.10) - Fixed XSS via unescaped `</style>` in non-bundler cases (by [@​TharVid](https://redirect.github.com/TharVid)). ### [`v8.5.9`](https://redirect.github.com/postcss/postcss/blob/HEAD/CHANGELOG.md#859) [Compare Source](https://redirect.github.com/postcss/postcss/compare/8.5.8...8.5.9) - Speed up source map encoding paring in case of the error. ### [`v8.5.8`](https://redirect.github.com/postcss/postcss/blob/HEAD/CHANGELOG.md#858) [Compare Source](https://redirect.github.com/postcss/postcss/compare/8.5.7...8.5.8) - Fixed `Processor#version`. ### [`v8.5.7`](https://redirect.github.com/postcss/postcss/blob/HEAD/CHANGELOG.md#857) [Compare Source](https://redirect.github.com/postcss/postcss/compare/8.5.6...8.5.7) - Improved source map annotation cleaning performance (by CodeAnt AI). </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNDEuMyIsInVwZGF0ZWRJblZlciI6IjQzLjE0MS4zIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
df482c9cf2 |
chore: bump up uuid version to v14 [SECURITY] (#14870)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [uuid](https://redirect.github.com/uuidjs/uuid) | [`^13.0.0` → `^14.0.0`](https://renovatebot.com/diffs/npm/uuid/13.0.0/14.0.0) |  |  | --- ### uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided [GHSA-w5hq-g745-h8pq](https://redirect.github.com/advisories/GHSA-w5hq-g745-h8pq) <details> <summary>More information</summary> #### Details ##### Summary `v3`, `v5`, and `v6` accept external output buffers but do not reject out-of-range writes (small `buf` or large `offset`). By contrast, `v4`, `v1`, and `v7` explicitly throw `RangeError` on invalid bounds. This inconsistency allows **silent partial writes** into caller-provided buffers. ##### Affected code - `src/v35.ts` (`v3`/`v5` path) writes `buf[offset + i]` without bounds validation. - `src/v6.ts` writes `buf[offset + i]` without bounds validation. ##### Reproducible PoC ```bash cd /home/StrawHat/uuid npm ci npm run build node --input-type=module -e " import {v4,v5,v6} from './dist-node/index.js'; const ns='6ba7b810-9dad-11d1-80b4-00c04fd430c8'; for (const [name,fn] of [ ['v4',()=>v4({},new Uint8Array(8),4)], ['v5',()=>v5('x',ns,new Uint8Array(8),4)], ['v6',()=>v6({},new Uint8Array(8),4)], ]) { try { fn(); console.log(name,'NO_THROW'); } catch(e){ console.log(name,'THREW',e.name); } }" ``` Observed: - `v4 THREW RangeError` - `v5 NO_THROW` - `v6 NO_THROW` Example partial overwrite evidence captured during audit: ```text same true buf [ 170, 170, 170, 170, 75, 224, 100, 63 ] v6 [ 187, 187, 187, 187, 31, 19, 185, 64 ] ``` ##### Security impact - **Primary**: integrity/robustness issue (silent partial output). - If an application assumes full UUID writes into preallocated buffers, this can produce malformed/truncated/partially stale identifiers without error. - In systems where caller-controlled offsets/buffer sizes are exposed indirectly, this may become a security-relevant logic flaw. ##### Suggested fix Add the same guard used by `v4`/`v1`/`v7`: ```ts if (offset < 0 || offset + 16 > buf.length) { throw new RangeError(`UUID byte range ${offset}:${offset + 15} is out of buffer bounds`); } ``` Apply to: - `src/v35.ts` (covers `v3` and `v5`) - `src/v6.ts` #### Severity - CVSS Score: 6.3 / 10 (Medium) - Vector String: `CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N` #### References - [https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq](https://redirect.github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq) - [https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34](https://redirect.github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34) - [https://github.com/uuidjs/uuid/releases/tag/v14.0.0](https://redirect.github.com/uuidjs/uuid/releases/tag/v14.0.0) - [https://github.com/advisories/GHSA-w5hq-g745-h8pq](https://redirect.github.com/advisories/GHSA-w5hq-g745-h8pq) This data is provided by the [GitHub Advisory Database](https://redirect.github.com/advisories/GHSA-w5hq-g745-h8pq) ([CC-BY 4.0](https://redirect.github.com/github/advisory-database/blob/main/LICENSE.md)). </details> --- ### Release Notes <details> <summary>uuidjs/uuid (uuid)</summary> ### [`v14.0.0`](https://redirect.github.com/uuidjs/uuid/blob/HEAD/CHANGELOG.md#1400-2026-04-19) [Compare Source](https://redirect.github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0) ##### Security - Fixes [GHSA-w5hq-g745-h8pq](https://redirect.github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq): `v3()`, `v5()`, and `v6()` did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid `offset` was provided. A `RangeError` is now thrown if `offset < 0` or `offset + 16 > buf.length`. ##### ⚠ BREAKING CHANGES - `crypto` is now expected to be globally defined (requires node\@​20+) ([#​935](https://redirect.github.com/uuidjs/uuid/issues/935)) - drop node\@​18 support ([#​934](https://redirect.github.com/uuidjs/uuid/issues/934)) - upgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMzkuNCIsInVwZGF0ZWRJblZlciI6IjQzLjEzOS40IiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
557b1e4dfc |
chore: bump up eslint-plugin-oxlint version to v1.60.0 (#14853)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [eslint-plugin-oxlint](https://redirect.github.com/oxc-project/eslint-plugin-oxlint) | [`1.58.0` → `1.60.0`](https://renovatebot.com/diffs/npm/eslint-plugin-oxlint/1.58.0/1.60.0) |  |  | --- ### Release Notes <details> <summary>oxc-project/eslint-plugin-oxlint (eslint-plugin-oxlint)</summary> ### [`v1.60.0`](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/releases/tag/v1.60.0) [Compare Source](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.59.0...v1.60.0) *No significant changes* ##### [View changes on GitHub](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.59.0...v1.60.0) ### [`v1.59.0`](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/releases/tag/v1.59.0) [Compare Source](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.58.0...v1.59.0) *No significant changes* ##### [View changes on GitHub](https://redirect.github.com/oxc-project/eslint-plugin-oxlint/compare/v1.58.0...v1.59.0) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMjMuOCIsInVwZGF0ZWRJblZlciI6IjQzLjEyMy44IiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
cc79fa3c6d |
chore: bump up opentelemetry (#14844)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [@opentelemetry/api](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/api) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`1.9.0` → `1.9.1`](https://renovatebot.com/diffs/npm/@opentelemetry%2fapi/1.9.0/1.9.1) |  |  | | [@opentelemetry/core](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/packages/opentelemetry-core) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`2.6.0` → `2.7.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2fcore/2.6.0/2.7.0) |  |  | | [@opentelemetry/exporter-prometheus](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/experimental/packages/opentelemetry-exporter-prometheus) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`^0.213.0` → `^0.215.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2fexporter-prometheus/0.213.0/0.215.0) |  |  | | [@opentelemetry/exporter-zipkin](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/packages/opentelemetry-exporter-zipkin) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`2.6.0` → `2.7.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2fexporter-zipkin/2.6.0/2.7.0) |  |  | | [@opentelemetry/instrumentation](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/experimental/packages/opentelemetry-instrumentation) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`^0.213.0` → `^0.215.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2finstrumentation/0.213.0/0.215.0) |  |  | | [@opentelemetry/instrumentation-graphql](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/main/packages/instrumentation-graphql#readme) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/instrumentation-graphql)) | [`^0.61.0` → `^0.63.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2finstrumentation-graphql/0.61.0/0.63.0) |  |  | | [@opentelemetry/instrumentation-http](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/experimental/packages/opentelemetry-instrumentation-http) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`^0.213.0` → `^0.215.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2finstrumentation-http/0.213.0/0.215.0) |  |  | | [@opentelemetry/instrumentation-ioredis](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/main/packages/instrumentation-ioredis#readme) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/instrumentation-ioredis)) | [`^0.61.0` → `^0.63.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2finstrumentation-ioredis/0.61.0/0.63.0) |  |  | | [@opentelemetry/instrumentation-nestjs-core](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/main/packages/instrumentation-nestjs-core#readme) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/instrumentation-nestjs-core)) | [`^0.59.0` → `^0.61.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2finstrumentation-nestjs-core/0.59.0/0.61.0) |  |  | | [@opentelemetry/instrumentation-socket.io](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/main/packages/instrumentation-socket.io#readme) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/tree/HEAD/packages/instrumentation-socket.io)) | [`^0.60.0` → `^0.62.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2finstrumentation-socket.io/0.60.0/0.62.0) |  |  | | [@opentelemetry/resources](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/packages/opentelemetry-resources) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`2.6.0` → `2.7.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2fresources/2.6.0/2.7.0) |  |  | | [@opentelemetry/sdk-metrics](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/packages/sdk-metrics) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`2.6.0` → `2.7.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2fsdk-metrics/2.6.0/2.7.0) |  |  | | [@opentelemetry/sdk-node](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/experimental/packages/opentelemetry-sdk-node) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`^0.213.0` → `^0.215.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2fsdk-node/0.213.0/0.215.0) |  |  | | [@opentelemetry/sdk-trace-node](https://redirect.github.com/open-telemetry/opentelemetry-js/tree/main/packages/opentelemetry-sdk-trace-node) ([source](https://redirect.github.com/open-telemetry/opentelemetry-js)) | [`2.6.0` → `2.7.0`](https://renovatebot.com/diffs/npm/@opentelemetry%2fsdk-trace-node/2.6.0/2.7.0) |  |  | --- ### Release Notes <details> <summary>open-telemetry/opentelemetry-js (@​opentelemetry/api)</summary> ### [`v1.9.1`](https://redirect.github.com/open-telemetry/opentelemetry-js/blob/HEAD/CHANGELOG.md#191) [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-js/compare/v1.9.0...v1.9.1) ##### 🐛 (Bug Fix) - fix: avoid grpc types dependency [#​3551](https://redirect.github.com/open-telemetry/opentelemetry-js/pull/3551) [@​flarna](https://redirect.github.com/flarna) - fix(otlp-proto-exporter-base): Match Accept header with Content-Type in the proto exporter [#​3562](https://redirect.github.com/open-telemetry/opentelemetry-js/pull/3562) [@​scheler](https://redirect.github.com/scheler) - fix: include tracestate in export [#​3569](https://redirect.github.com/open-telemetry/opentelemetry-js/pull/3569) [@​flarna](https://redirect.github.com/flarna) ##### 🏠 (Internal) - chore: fix cross project links and missing implicitly exported types [#​3533](https://redirect.github.com/open-telemetry/opentelemetry-js/pull/3533) [@​legendecas](https://redirect.github.com/legendecas) - feat(sdk-metrics): add exponential histogram mapping functions [#​3504](https://redirect.github.com/open-telemetry/opentelemetry-js/pull/3504) [@​mwear](https://redirect.github.com/mwear) </details> <details> <summary>open-telemetry/opentelemetry-js-contrib (@​opentelemetry/instrumentation-graphql)</summary> ### [`v0.63.0`](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/blob/HEAD/packages/instrumentation-graphql/CHANGELOG.md#0630-2026-04-17) [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/compare/ed97091c9890dd18e52759f2ea98e9d7593b3ae4...bd017c86bcdf369d7bc1b490e455f95b25385779) ##### Features - **deps:** update deps matching '@​opentelemetry/\*' ([#​3479](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/issues/3479)) ([8891261](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/commit/8891261cb590efcb661bd9f8afec4d1adf885ad8)) ### [`v0.62.0`](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/blob/HEAD/packages/instrumentation-graphql/CHANGELOG.md#0620-2026-03-25) [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/compare/39f08c313dc4d929c110ab7c43771c3cdbf8aa4c...ed97091c9890dd18e52759f2ea98e9d7593b3ae4) ##### Features - **deps:** update deps matching '@​opentelemetry/\*' ([#​3450](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/issues/3450)) ([c8df394](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/commit/c8df394f02d68ae48a79a50258682c09dac13b8b)) </details> <details> <summary>open-telemetry/opentelemetry-js-contrib (@​opentelemetry/instrumentation-ioredis)</summary> ### [`v0.63.0`](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/blob/HEAD/packages/instrumentation-ioredis/CHANGELOG.md#0630-2026-04-17) [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/compare/ed97091c9890dd18e52759f2ea98e9d7593b3ae4...bd017c86bcdf369d7bc1b490e455f95b25385779) ##### Features - **deps:** update deps matching '@​opentelemetry/\*' ([#​3479](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/issues/3479)) ([8891261](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/commit/8891261cb590efcb661bd9f8afec4d1adf885ad8)) ##### Bug Fixes - **redis-common:** expand redaction to include ACL, CONFIG, PSETEX, GETSET ([#​3472](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/issues/3472)) ([39193ca](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/commit/39193cac4124eedc9e8fa5ae16ba960b5ab7a36b)) ##### Dependencies - The following workspace dependencies were updated - dependencies - [@​opentelemetry/redis-common](https://redirect.github.com/opentelemetry/redis-common) bumped from ^0.38.2 to ^0.38.3 - devDependencies - [@​opentelemetry/contrib-test-utils](https://redirect.github.com/opentelemetry/contrib-test-utils) bumped from ^0.61.0 to ^0.62.0 ### [`v0.62.0`](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/blob/HEAD/packages/instrumentation-ioredis/CHANGELOG.md#0620-2026-03-25) [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/compare/39f08c313dc4d929c110ab7c43771c3cdbf8aa4c...ed97091c9890dd18e52759f2ea98e9d7593b3ae4) ##### Features - **deps:** update deps matching '@​opentelemetry/\*' ([#​3450](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/issues/3450)) ([c8df394](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/commit/c8df394f02d68ae48a79a50258682c09dac13b8b)) ##### Dependencies - The following workspace dependencies were updated - devDependencies - [@​opentelemetry/contrib-test-utils](https://redirect.github.com/opentelemetry/contrib-test-utils) bumped from ^0.60.0 to ^0.61.0 </details> <details> <summary>open-telemetry/opentelemetry-js-contrib (@​opentelemetry/instrumentation-nestjs-core)</summary> ### [`v0.61.0`](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/blob/HEAD/packages/instrumentation-nestjs-core/CHANGELOG.md#0610-2026-04-17) [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/compare/ed97091c9890dd18e52759f2ea98e9d7593b3ae4...bd017c86bcdf369d7bc1b490e455f95b25385779) ##### Features - **deps:** update deps matching '@​opentelemetry/\*' ([#​3479](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/issues/3479)) ([8891261](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/commit/8891261cb590efcb661bd9f8afec4d1adf885ad8)) ### [`v0.60.0`](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/blob/HEAD/packages/instrumentation-nestjs-core/CHANGELOG.md#0600-2026-03-25) [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/compare/39f08c313dc4d929c110ab7c43771c3cdbf8aa4c...ed97091c9890dd18e52759f2ea98e9d7593b3ae4) ##### Features - **deps:** update deps matching '@​opentelemetry/\*' ([#​3450](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/issues/3450)) ([c8df394](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/commit/c8df394f02d68ae48a79a50258682c09dac13b8b)) </details> <details> <summary>open-telemetry/opentelemetry-js-contrib (@​opentelemetry/instrumentation-socket.io)</summary> ### [`v0.62.0`](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/blob/HEAD/packages/instrumentation-socket.io/CHANGELOG.md#0620-2026-04-17) [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/compare/ed97091c9890dd18e52759f2ea98e9d7593b3ae4...bd017c86bcdf369d7bc1b490e455f95b25385779) ##### Features - **deps:** update deps matching '@​opentelemetry/\*' ([#​3479](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/issues/3479)) ([8891261](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/commit/8891261cb590efcb661bd9f8afec4d1adf885ad8)) ##### Dependencies - The following workspace dependencies were updated - devDependencies - [@​opentelemetry/contrib-test-utils](https://redirect.github.com/opentelemetry/contrib-test-utils) bumped from ^0.61.0 to ^0.62.0 ### [`v0.61.0`](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/blob/HEAD/packages/instrumentation-socket.io/CHANGELOG.md#0610-2026-03-25) [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/compare/39f08c313dc4d929c110ab7c43771c3cdbf8aa4c...ed97091c9890dd18e52759f2ea98e9d7593b3ae4) ##### Features - **deps:** update deps matching '@​opentelemetry/\*' ([#​3450](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/issues/3450)) ([c8df394](https://redirect.github.com/open-telemetry/opentelemetry-js-contrib/commit/c8df394f02d68ae48a79a50258682c09dac13b8b)) ##### Dependencies - The following workspace dependencies were updated - devDependencies - [@​opentelemetry/contrib-test-utils](https://redirect.github.com/opentelemetry/contrib-test-utils) bumped from ^0.60.0 to ^0.61.0 </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMjMuOCIsInVwZGF0ZWRJblZlciI6IjQzLjEyMy44IiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
0849b342fa |
chore: bump up dompurify version to v3.4.0 [SECURITY] (#14833)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [dompurify](https://redirect.github.com/cure53/DOMPurify) | [`3.3.3` → `3.4.0`](https://renovatebot.com/diffs/npm/dompurify/3.3.3/3.4.0) |  |  | ### GitHub Vulnerability Alerts #### [GHSA-39q2-94rc-95cp](https://redirect.github.com/cure53/DOMPurify/security/advisories/GHSA-39q2-94rc-95cp) ## Summary In `src/purify.ts:1117-1123`, `ADD_TAGS` as a function (via `EXTRA_ELEMENT_HANDLING.tagCheck`) bypasses `FORBID_TAGS` due to short-circuit evaluation. The condition: ``` !(tagCheck(tagName)) && (!ALLOWED_TAGS[tagName] || FORBID_TAGS[tagName]) ``` When `tagCheck(tagName)` returns `true`, the entire condition is `false` and the element is kept — `FORBID_TAGS[tagName]` is never evaluated. ## Inconsistency This contradicts the attribute-side pattern at line 1214 where `FORBID_ATTR` explicitly wins first: ``` if (FORBID_ATTR[lcName]) { continue; } ``` For tags, FORBID should also take precedence over ADD. ## Impact Applications using both `ADD_TAGS` as a function and `FORBID_TAGS` simultaneously get unexpected behavior — forbidden tags are allowed through. Config-dependent but a genuine logic inconsistency. ## Suggested Fix Check `FORBID_TAGS` before `tagCheck`: ``` if (FORBID_TAGS[tagName]) { /* remove */ } else if (tagCheck(tagName) || ALLOWED_TAGS[tagName]) { /* keep */ } ``` ## Affected Version v3.3.3 (commit 883ac15) ##### Severity - CVSS Score: 5.3 / 10 (Medium) - Vector String: `CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N` --- ### Release Notes <details> <summary>cure53/DOMPurify (dompurify)</summary> ### [`v3.4.0`](https://redirect.github.com/cure53/DOMPurify/releases/tag/3.4.0): DOMPurify 3.4.0 [Compare Source](https://redirect.github.com/cure53/DOMPurify/compare/3.3.3...3.4.0) **Most relevant changes:** - Fixed a problem with `FORBID_TAGS` not winning over `ADD_TAGS`, thanks [@​kodareef5](https://redirect.github.com/kodareef5) - Fixed several minor problems and typos regarding MathML attributes, thanks [@​DavidOliver](https://redirect.github.com/DavidOliver) - Fixed `ADD_ATTR`/`ADD_TAGS` function leaking into subsequent array-based calls, thanks [@​1Jesper1](https://redirect.github.com/1Jesper1) - Fixed a missing `SAFE_FOR_TEMPLATES` scrub in `RETURN_DOM` path, thanks [@​bencalif](https://redirect.github.com/bencalif) - Fixed a prototype pollution via `CUSTOM_ELEMENT_HANDLING`, thanks [@​trace37labs](https://redirect.github.com/trace37labs) - Fixed an issue with `ADD_TAGS` function form bypassing `FORBID_TAGS`, thanks [@​eddieran](https://redirect.github.com/eddieran) - Fixed an issue with `ADD_ATTR` predicates skipping URI validation, thanks [@​christos-eth](https://redirect.github.com/christos-eth) - Fixed an issue with `USE_PROFILES` prototype pollution, thanks [@​christos-eth](https://redirect.github.com/christos-eth) - Fixed an issue leading to possible mXSS via Re-Contextualization, thanks [@​researchatfluidattacks](https://redirect.github.com/researchatfluidattacks) and others - Fixed a problem with the type dentition patcher after Node version bump - Fixed freezing BS runs by reducing the tested browsers array - Bumped several dependencies where possible - Added needed files for OpenSSF scorecard checks **Published Advisories are here:** <https://github.com/cure53/DOMPurify/security/advisories?state=published> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - "" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/toeverything/AFFiNE). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMjAuMiIsInVwZGF0ZWRJblZlciI6IjQzLjEyMC4yIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5IiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> |
||
|
|
a109f069b0 | chore: bump deps | ||
|
|
c6a99eb9cb |
chore: bump deps (#14810)
<!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Updated developer tooling dependencies used for local testing to newer patch versions for improved stability. * Bumped backend framework and related packages to newer patch releases to address fixes and maintain compatibility. * No functional or public API changes; updates are non-breaking dependency version bumps. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
|
fee0cfa3f4 |
chore: bump deps (#14785)
#### PR Dependency Tree * **PR #14785** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Updated error-tracking SDK versions across frontend packages. * Upgraded Electron build toolchain and front-end build plugins for improved compatibility. * Replaced a SWC-based React plugin with the standard React Vite plugin. * Removed unused development dependencies from CLI tooling. * Bumped a Rust workspace dependency to a patch release. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
|
ffc27af3ba |
fix(server): update version check (#14784)
fix #14780 #### PR Dependency Tree * **PR #14784** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit ## Release Notes * **Bug Fixes** * Improved upgrade availability detection to properly compare semantic versions, including support for prerelease and canary versions. The system now accurately identifies when new versions are available, ensuring users receive timely update notifications. * **Tests** * Added comprehensive unit tests for version comparison and upgrade detection functionality. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|
|
5a6c65085a |
feat(mobile): adapt new endpoint (#14778)
#### PR Dependency Tree * **PR #14778** 👈 This tree was auto-generated by [Charcoal](https://github.com/danerwilliams/charcoal) |