fix: codeql

This PR contains the following updates:

| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| @​types/uuid | [`^10.0.0` →
`^11.0.0`](https://renovatebot.com/diffs/npm/@types%2fuuid/10.0.0/11.0.0)
|
![age](https://developer.mend.io/api/mc/badges/age/npm/@types%2fuuid/11.0.0?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@types%2fuuid/10.0.0/11.0.0?slim=true)
|

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/toeverything/AFFiNE).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi45Mi4xIiwidXBkYXRlZEluVmVyIjoiNDIuOTIuMSIsInRhcmdldEJyYW5jaCI6ImNhbmFyeSIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

.docker/selfhost/schema.json

@@ -832,8 +832,8 @@
         },
         "versionControl.requiredVersion": {
           "type": "string",
-          "description": "Allowed version range of the app that allowed to access the server. Requires 'client/versionControl.enabled' to be true to take effect.\n@default \">=0.20.0\"",
-          "default": ">=0.20.0"
+          "description": "Allowed version range of the app that allowed to access the server. Requires 'client/versionControl.enabled' to be true to take effect.\n@default \">=0.25.0\"",
+          "default": ">=0.25.0"
         }
       }
     },

blocksuite/affine/shared/src/utils/print-to-pdf.ts

@@ -35,9 +35,28 @@ export async function printToPdf(
                 overflow: initial !important;
                 print-color-adjust: exact;
                 -webkit-print-color-adjust: exact;
+                color: #000 !important;
+                background: #fff !important;
+                color-scheme: light !important;
               }
-              ::-webkit-scrollbar {
-                display: none;
+              ::-webkit-scrollbar { 
+                display: none; 
+              }
+              :root, body {
+                --affine-text-primary: #000 !important;
+                --affine-text-secondary: #111 !important;
+                --affine-text-tertiary: #333 !important;
+                --affine-background-primary: #fff !important;
+                --affine-background-secondary: #fff !important;
+                --affine-background-tertiary: #fff !important;
+              }
+              body, [data-theme='dark'] {
+                color: #000 !important;
+                background: #fff !important;
+              }
+              body * {
+                color: #000 !important;
+                -webkit-text-fill-color: #000 !important;
               }
               :root {
                 --affine-note-shadow-box: none !important;
@@ -95,6 +114,14 @@ export async function printToPdf(
         true
       ) as HTMLDivElement;
 
+      // force light theme in print iframe
+      iframe.contentWindow.document.documentElement.setAttribute(
+        'data-theme',
+        'light'
+      );
+      iframe.contentWindow.document.body.setAttribute('data-theme', 'light');
+      importedRoot.setAttribute('data-theme', 'light');
+
       // draw saved canvas image to canvas
       const allImportedCanvas = importedRoot.getElementsByTagName('canvas');
       for (const importedCanvas of allImportedCanvas) {

packages/backend/server/package.json

@@ -140,12 +140,12 @@
     "@types/mixpanel": "^2.14.9",
     "@types/mustache": "^4.2.5",
     "@types/node": "^22.0.0",
-    "@types/nodemailer": "^6.4.17",
+    "@types/nodemailer": "^7.0.0",
     "@types/on-headers": "^1.0.3",
     "@types/react": "^19.0.1",
     "@types/react-dom": "^19.0.2",
     "@types/semver": "^7.5.8",
-    "@types/sinon": "^17.0.3",
+    "@types/sinon": "^21.0.0",
     "@types/supertest": "^6.0.2",
     "ava": "^6.4.0",
     "c8": "^10.1.3",

packages/backend/server/src/__tests__/__snapshots__/worker.e2e.ts.md

@@ -32,6 +32,16 @@ Generated by [AVA](https://avajs.dev).
 
 > Snapshot 4
 
+    {
+      code: 'Bad Request',
+      message: 'Invalid header',
+      name: 'BAD_REQUEST',
+      status: 400,
+      type: 'BAD_REQUEST',
+    }
+
+> Snapshot 5
+
     Buffer @Uint8Array [
       66616b65 20696d61 6765
     ]
@@ -56,7 +66,7 @@ Generated by [AVA](https://avajs.dev).
 
     {
       code: 'Bad Request',
-      message: 'Invalid URL',
+      message: 'Invalid header',
       name: 'BAD_REQUEST',
       status: 400,
       type: 'BAD_REQUEST',
@@ -64,6 +74,16 @@ Generated by [AVA](https://avajs.dev).
 
 > Snapshot 4
 
+    {
+      code: 'Bad Request',
+      message: 'Invalid URL',
+      name: 'BAD_REQUEST',
+      status: 400,
+      type: 'BAD_REQUEST',
+    }
+
+> Snapshot 5
+
     {
       description: 'Test Description',
       favicons: [
@@ -77,7 +97,7 @@ Generated by [AVA](https://avajs.dev).
       videos: [],
     }
 
-> Snapshot 5
+> Snapshot 6
 
     {
       charset: 'gbk',
@@ -90,7 +110,7 @@ Generated by [AVA](https://avajs.dev).
       videos: [],
     }
 
-> Snapshot 6
+> Snapshot 7
 
     {
       charset: 'shift_jis',
@@ -103,7 +123,7 @@ Generated by [AVA](https://avajs.dev).
       videos: [],
     }
 
-> Snapshot 7
+> Snapshot 8
 
     {
       charset: 'big5',
@@ -116,7 +136,7 @@ Generated by [AVA](https://avajs.dev).
       videos: [],
     }
 
-> Snapshot 8
+> Snapshot 9
 
     {
       charset: 'euc-kr',

packages/backend/server/src/__tests__/copilot.e2e.ts

@@ -922,7 +922,6 @@ test('should be able to manage context', async t => {
     const { id: fileId } = await addContextFile(
       app,
       contextId,
-      'fileId1',
       'sample.pdf',
       buffer
     );

packages/backend/server/src/__tests__/e2e/oauth/__snapshots__/resolver.spec.ts.md

@@ -39,31 +39,7 @@ Generated by [AVA](https://avajs.dev).
       },
     }
 
-## should not return apple oauth provider when client version is not specified
-
-> Snapshot 1
-
-    {
-      serverConfig: {
-        oauthProviders: [
-          'Google',
-        ],
-      },
-    }
-
-## should not return apple oauth provider in version < 0.22.0
-
-> Snapshot 1
-
-    {
-      serverConfig: {
-        oauthProviders: [
-          'Google',
-        ],
-      },
-    }
-
-## should not return apple oauth provider when client version format is not correct
+## should return apple oauth provider when client version is not specified
 
 > Snapshot 1
 
@@ -71,6 +47,7 @@ Generated by [AVA](https://avajs.dev).
       serverConfig: {
         oauthProviders: [
           'Google',
+          'Apple',
         ],
       },
     }

packages/backend/server/src/__tests__/e2e/oauth/resolver.spec.ts

@@ -71,7 +71,7 @@ e2e('should return apple oauth provider in version >= 0.22.0', async t => {
 });
 
 e2e(
-  'should not return apple oauth provider when client version is not specified',
+  'should return apple oauth provider when client version is not specified',
   async t => {
     const res = await app.gql({
       query: oauthProvidersQuery,
@@ -80,32 +80,3 @@ e2e(
     t.snapshot(res);
   }
 );
-
-e2e('should not return apple oauth provider in version < 0.22.0', async t => {
-  const res = await app.gql({
-    query: oauthProvidersQuery,
-    context: {
-      headers: {
-        'x-affine-version': '0.21.0',
-      },
-    },
-  });
-
-  t.snapshot(res);
-});
-
-e2e(
-  'should not return apple oauth provider when client version format is not correct',
-  async t => {
-    const res = await app.gql({
-      query: oauthProvidersQuery,
-      context: {
-        headers: {
-          'x-affine-version': 'mock-invalid-version',
-        },
-      },
-    });
-
-    t.snapshot(res);
-  }
-);

packages/backend/server/src/__tests__/oauth/controller.spec.ts

@@ -194,7 +194,7 @@ test('should throw if provider is invalid', async t => {
 
   await app
     .POST('/api/oauth/preflight')
-    .send({ provider: 'Invalid' })
+    .send({ provider: 'Invalid', client_nonce: 'test-nonce' })
     .expect(HttpStatus.BAD_REQUEST)
     .expect({
       status: 400,

packages/backend/server/src/__tests__/utils/copilot.ts

@@ -250,7 +250,6 @@ export async function listContext(
 export async function addContextFile(
   app: TestingApp,
   contextId: string,
-  blobId: string,
   fileName: string,
   content: Buffer
 ): Promise<{ id: string }> {
@@ -269,7 +268,7 @@ export async function addContextFile(
         `,
         variables: {
           content: null,
-          options: { contextId, blobId },
+          options: { contextId },
         },
       })
     )

packages/backend/server/src/__tests__/worker.e2e.ts

@@ -1,10 +1,14 @@
-import * as dns from 'node:dns/promises';
-
 import type { ExecutionContext, TestFn } from 'ava';
 import ava from 'ava';
+import { LookupAddress } from 'dns';
 import Sinon from 'sinon';
 import type { Response } from 'supertest';
 
+import {
+  __resetDnsLookupForTests,
+  __setDnsLookupForTests,
+  type DnsLookup,
+} from '../base/utils/ssrf';
 import { createTestingApp, TestingApp } from './utils';
 
 type TestContext = {
@@ -13,24 +17,21 @@ type TestContext = {
 
 const test = ava as TestFn<TestContext>;
 
+const LookupAddressStub = (async (_hostname, options) => {
+  const result = [{ address: '76.76.21.21', family: 4 }] as LookupAddress[];
+  const isOptions = options && typeof options === 'object';
+  if (isOptions && 'all' in options && options.all) {
+    return result;
+  }
+  return result[0];
+}) as DnsLookup;
+
 test.before(async t => {
   // @ts-expect-error test
   env.DEPLOYMENT_TYPE = 'selfhosted';
 
   // Avoid relying on real DNS during tests. SSRF protection uses dns.lookup().
-  Sinon.stub(dns, 'lookup').callsFake(async (...args: any[]) => {
-    const options = args[1];
-    const result = [{ address: '93.184.216.34', family: 4 }];
-    if (
-      options &&
-      typeof options === 'object' &&
-      'all' in options &&
-      options.all
-    ) {
-      return result as any;
-    }
-    return result[0] as any;
-  });
+  __setDnsLookupForTests(LookupAddressStub);
 
   const app = await createTestingApp();
 
@@ -39,6 +40,7 @@ test.before(async t => {
 
 test.after.always(async t => {
   Sinon.restore();
+  __resetDnsLookupForTests();
   await t.context.app.close();
 });
 
@@ -57,7 +59,7 @@ const assertAndSnapshotRaw = async (
 ) => {
   const {
     status = 200,
-    origin = 'http://localhost',
+    origin = 'http://localhost:3010',
     referer,
     method = 'GET',
     checker = () => {},

packages/backend/server/src/base/utils/ssrf.ts

@@ -9,6 +9,17 @@ const DEFAULT_ALLOWED_PROTOCOLS = new Set(['http:', 'https:']);
 const BLOCKED_IPS = new BlockList();
 const ALLOWED_IPV6 = new BlockList();
 
+export type DnsLookup = typeof dns.lookup;
+let dnsLookup: DnsLookup = dns.lookup;
+
+export function __setDnsLookupForTests(lookup: DnsLookup) {
+  dnsLookup = lookup;
+}
+
+export function __resetDnsLookupForTests() {
+  dnsLookup = dns.lookup;
+}
+
 export type SSRFBlockReason =
   | 'invalid_url'
   | 'disallowed_protocol'
@@ -112,7 +123,7 @@ async function resolveHostAddresses(hostname: string): Promise<string[]> {
     return ['127.0.0.1', '::1'];
   }
 
-  const results = await dns.lookup(hostname, {
+  const results = await dnsLookup(hostname, {
     all: true,
     verbatim: true,
   });
@@ -225,7 +236,7 @@ export async function safeFetch(
   };
 
   while (true) {
-    const response = await fetch(current.toString(), requestInit);
+    const response = await fetch(current, requestInit);
 
     if (response.status >= 300 && response.status < 400) {
       const location = response.headers.get('location');

packages/common/graphql/src/schema.ts

@@ -63,7 +63,6 @@ export interface AddContextDocInput {
 }
 
 export interface AddContextFileInput {
-  blobId?: InputMaybe<Scalars['String']['input']>;
   contextId: Scalars['String']['input'];
 }
 
@@ -978,12 +977,14 @@ export type ErrorDataUnion =
   | NoMoreSeatDataType
   | NotInSpaceDataType
   | QueryTooLongDataType
+  | ResponseTooLargeErrorDataType
   | RuntimeConfigNotFoundDataType
   | SameSubscriptionRecurringDataType
   | SpaceAccessDeniedDataType
   | SpaceNotFoundDataType
   | SpaceOwnerNotFoundDataType
   | SpaceShouldHaveOnlyOneOwnerDataType
+  | SsrfBlockedErrorDataType
   | SubscriptionAlreadyExistsDataType
   | SubscriptionNotExistsDataType
   | SubscriptionPlanNotFoundDataType
@@ -1107,6 +1108,7 @@ export enum ErrorNames {
   PASSWORD_REQUIRED = 'PASSWORD_REQUIRED',
   QUERY_TOO_LONG = 'QUERY_TOO_LONG',
   REPLY_NOT_FOUND = 'REPLY_NOT_FOUND',
+  RESPONSE_TOO_LARGE_ERROR = 'RESPONSE_TOO_LARGE_ERROR',
   RUNTIME_CONFIG_NOT_FOUND = 'RUNTIME_CONFIG_NOT_FOUND',
   SAME_EMAIL_PROVIDED = 'SAME_EMAIL_PROVIDED',
   SAME_SUBSCRIPTION_RECURRING = 'SAME_SUBSCRIPTION_RECURRING',
@@ -1116,6 +1118,7 @@ export enum ErrorNames {
   SPACE_NOT_FOUND = 'SPACE_NOT_FOUND',
   SPACE_OWNER_NOT_FOUND = 'SPACE_OWNER_NOT_FOUND',
   SPACE_SHOULD_HAVE_ONLY_ONE_OWNER = 'SPACE_SHOULD_HAVE_ONLY_ONE_OWNER',
+  SSRF_BLOCKED_ERROR = 'SSRF_BLOCKED_ERROR',
   STORAGE_QUOTA_EXCEEDED = 'STORAGE_QUOTA_EXCEEDED',
   SUBSCRIPTION_ALREADY_EXISTS = 'SUBSCRIPTION_ALREADY_EXISTS',
   SUBSCRIPTION_EXPIRED = 'SUBSCRIPTION_EXPIRED',
@@ -1622,23 +1625,17 @@ export interface Mutation {
   forkCopilotSession: Scalars['String']['output'];
   generateLicenseKey: Scalars['String']['output'];
   generateUserAccessToken: RevealedAccessToken;
-  /** @deprecated use WorkspaceType.blobUploadPartUrl */
-  getBlobUploadPartUrl: BlobUploadPart;
   grantDocUserRoles: Scalars['Boolean']['output'];
   grantMember: Scalars['Boolean']['output'];
   /** import users */
   importUsers: Array<UserImportResultType>;
   installLicense: License;
-  /** @deprecated use [inviteMembers] instead */
-  inviteBatch: Array<InviteResult>;
   inviteMembers: Array<InviteResult>;
   leaveWorkspace: Scalars['Boolean']['output'];
   linkCalendarAccount: Scalars['String']['output'];
   /** mention user in a doc */
   mentionUser: Scalars['ID']['output'];
   publishDoc: DocType;
-  /** @deprecated use publishDoc instead */
-  publishPage: DocType;
   /** queue workspace doc embedding */
   queueWorkspaceEmbedding: Scalars['Boolean']['output'];
   /** mark all notifications as read */
@@ -1668,14 +1665,10 @@ export interface Mutation {
   resolveComment: Scalars['Boolean']['output'];
   resumeSubscription: SubscriptionType;
   retryAudioTranscription: Maybe<TranscriptionResultType>;
-  /** @deprecated use [revokeMember] instead */
-  revoke: Scalars['Boolean']['output'];
   revokeDocUserRoles: Scalars['Boolean']['output'];
   revokeInviteLink: Scalars['Boolean']['output'];
   revokeMember: Scalars['Boolean']['output'];
   revokePublicDoc: DocType;
-  /** @deprecated use revokePublicDoc instead */
-  revokePublicPage: DocType;
   revokeUserAccessToken: Scalars['Boolean']['output'];
   sendChangeEmail: Scalars['Boolean']['output'];
   sendChangePasswordEmail: Scalars['Boolean']['output'];
@@ -1720,11 +1713,6 @@ export interface Mutation {
   uploadAvatar: UserType;
   /** Upload a comment attachment and return the access url */
   uploadCommentAttachment: Scalars['String']['output'];
-  /**
-   * validate app configuration
-   * @deprecated use Query.validateAppConfig
-   */
-  validateAppConfig: Array<AppConfigValidateResult>;
   verifyEmail: Scalars['Boolean']['output'];
 }
 
@@ -1925,13 +1913,6 @@ export interface MutationGenerateUserAccessTokenArgs {
   input: GenerateAccessTokenInput;
 }
 
-export interface MutationGetBlobUploadPartUrlArgs {
-  key: Scalars['String']['input'];
-  partNumber: Scalars['Int']['input'];
-  uploadId: Scalars['String']['input'];
-  workspaceId: Scalars['String']['input'];
-}
-
 export interface MutationGrantDocUserRolesArgs {
   input: GrantDocUserRolesInput;
 }
@@ -1951,12 +1932,6 @@ export interface MutationInstallLicenseArgs {
   workspaceId: Scalars['String']['input'];
 }
 
-export interface MutationInviteBatchArgs {
-  emails: Array<Scalars['String']['input']>;
-  sendInviteMail?: InputMaybe<Scalars['Boolean']['input']>;
-  workspaceId: Scalars['String']['input'];
-}
-
 export interface MutationInviteMembersArgs {
   emails: Array<Scalars['String']['input']>;
   workspaceId: Scalars['String']['input'];
@@ -1982,12 +1957,6 @@ export interface MutationPublishDocArgs {
   workspaceId: Scalars['String']['input'];
 }
 
-export interface MutationPublishPageArgs {
-  mode?: InputMaybe<PublicDocMode>;
-  pageId: Scalars['String']['input'];
-  workspaceId: Scalars['String']['input'];
-}
-
 export interface MutationQueueWorkspaceEmbeddingArgs {
   docId: Array<Scalars['String']['input']>;
   workspaceId: Scalars['String']['input'];
@@ -2052,11 +2021,6 @@ export interface MutationRetryAudioTranscriptionArgs {
   workspaceId: Scalars['String']['input'];
 }
 
-export interface MutationRevokeArgs {
-  userId: Scalars['String']['input'];
-  workspaceId: Scalars['String']['input'];
-}
-
 export interface MutationRevokeDocUserRolesArgs {
   input: RevokeDocUserRoleInput;
 }
@@ -2075,11 +2039,6 @@ export interface MutationRevokePublicDocArgs {
   workspaceId: Scalars['String']['input'];
 }
 
-export interface MutationRevokePublicPageArgs {
-  docId: Scalars['String']['input'];
-  workspaceId: Scalars['String']['input'];
-}
-
 export interface MutationRevokeUserAccessTokenArgs {
   id: Scalars['String']['input'];
 }
@@ -2212,10 +2171,6 @@ export interface MutationUploadCommentAttachmentArgs {
   workspaceId: Scalars['String']['input'];
 }
 
-export interface MutationValidateAppConfigArgs {
-  updates: Array<UpdateAppConfigInput>;
-}
-
 export interface MutationVerifyEmailArgs {
   token: Scalars['String']['input'];
 }
@@ -2401,8 +2356,6 @@ export interface PublicUserType {
 
 export interface Query {
   __typename?: 'Query';
-  /** @deprecated use currentUser.accessTokens */
-  accessTokens: Array<AccessToken>;
   /** Get workspace detail for admin */
   adminWorkspace: Maybe<AdminWorkspace>;
   /** List workspaces for admin */
@@ -2416,23 +2369,11 @@ export interface Query {
    * @deprecated use Mutation.applyDocUpdates
    */
   applyDocUpdates: Scalars['String']['output'];
-  /** @deprecated use `user.quotaUsage` instead */
-  collectAllBlobSizes: WorkspaceBlobSizes;
   /** Get current user */
   currentUser: Maybe<UserType>;
   error: ErrorDataUnion;
   /** get workspace invitation info */
   getInviteInfo: InvitationType;
-  /**
-   * Get is admin of workspace
-   * @deprecated use WorkspaceType[role] instead
-   */
-  isAdmin: Scalars['Boolean']['output'];
-  /**
-   * Get is owner of workspace
-   * @deprecated use WorkspaceType[role] instead
-   */
-  isOwner: Scalars['Boolean']['output'];
   /** List all copilot prompts */
   listCopilotPrompts: Array<CopilotPromptType>;
   prices: Array<SubscriptionPrice>;
@@ -2494,14 +2435,6 @@ export interface QueryGetInviteInfoArgs {
   inviteId: Scalars['String']['input'];
 }
 
-export interface QueryIsAdminArgs {
-  workspaceId: Scalars['String']['input'];
-}
-
-export interface QueryIsOwnerArgs {
-  workspaceId: Scalars['String']['input'];
-}
-
 export interface QueryPublicUserByIdArgs {
   id: Scalars['String']['input'];
 }
@@ -2630,6 +2563,12 @@ export interface ReplyUpdateInput {
   id: Scalars['ID']['input'];
 }
 
+export interface ResponseTooLargeErrorDataType {
+  __typename?: 'ResponseTooLargeErrorDataType';
+  limitBytes: Scalars['Int']['output'];
+  receivedBytes: Scalars['Int']['output'];
+}
+
 export interface RevealedAccessToken {
   __typename?: 'RevealedAccessToken';
   createdAt: Scalars['DateTime']['output'];
@@ -2812,6 +2751,11 @@ export interface SpaceShouldHaveOnlyOneOwnerDataType {
   spaceId: Scalars['String']['output'];
 }
 
+export interface SsrfBlockedErrorDataType {
+  __typename?: 'SsrfBlockedErrorDataType';
+  reason: Scalars['String']['output'];
+}
+
 export interface StreamObject {
   __typename?: 'StreamObject';
   args: Maybe<Scalars['JSON']['output']>;
@@ -3126,11 +3070,6 @@ export interface VersionRejectedDataType {
   version: Scalars['String']['output'];
 }
 
-export interface WorkspaceBlobSizes {
-  __typename?: 'WorkspaceBlobSizes';
-  size: Scalars['SafeInt']['output'];
-}
-
 export interface WorkspaceCalendarItemInput {
   colorOverride?: InputMaybe<Scalars['String']['input']>;
   sortOrder?: InputMaybe<Scalars['Int']['input']>;
@@ -3308,11 +3247,6 @@ export interface WorkspaceType {
   public: Scalars['Boolean']['output'];
   /** Get public docs of a workspace */
   publicDocs: Array<DocType>;
-  /**
-   * Get public page of a workspace by page id.
-   * @deprecated use [WorkspaceType.doc] instead
-   */
-  publicPage: Maybe<DocType>;
   /** quota of workspace */
   quota: WorkspaceQuotaType;
   /** Get recently updated docs of a workspace */
@@ -3378,10 +3312,6 @@ export interface WorkspaceTypePageMetaArgs {
   pageId: Scalars['String']['input'];
 }
 
-export interface WorkspaceTypePublicPageArgs {
-  pageId: Scalars['String']['input'];
-}
-
 export interface WorkspaceTypeRecentlyUpdatedDocsArgs {
   pagination: PaginationInput;
 }

packages/common/nbstore/package.json

@@ -26,7 +26,7 @@
     "lodash-es": "^4.17.21",
     "nanoid": "^5.1.6",
     "rxjs": "^7.8.2",
-    "uuid": "^11.1.0",
+    "uuid": "^13.0.0",
     "y-protocols": "^1.0.6",
     "yjs": "^13.6.27"
   },
@@ -36,7 +36,7 @@
     "@blocksuite/affine": "workspace:*",
     "fake-indexeddb": "^6.0.0",
     "idb": "^8.0.0",
-    "socket.io-client": "^4.8.1",
+    "socket.io-client": "^4.8.3",
     "vitest": "^3.2.4"
   },
   "peerDependencies": {
@@ -44,6 +44,6 @@
     "@affine/graphql": "workspace:*",
     "@blocksuite/affine": "workspace:*",
     "idb": "^8.0.0",
-    "socket.io-client": "^4.7.5"
+    "socket.io-client": "^4.8.3"
   }
 }

packages/common/nbstore/src/impls/idb/blob.ts

@@ -1,5 +1,9 @@
 import { share } from '../../connection';
-import { type BlobRecord, BlobStorageBase } from '../../storage';
+import {
+  type BlobRecord,
+  BlobStorageBase,
+  type ListedBlobRecord,
+} from '../../storage';
 import { IDBConnection, type IDBConnectionOptions } from './db';
 
 export class IndexedDBBlobStorage extends BlobStorageBase {
@@ -32,9 +36,7 @@ export class IndexedDBBlobStorage extends BlobStorageBase {
   }
 
   override async set(blob: BlobRecord) {
-    const trx = this.db.transaction(['blobs', 'blobData'], 'readwrite', {
-      durability: 'relaxed',
-    });
+    const trx = this.db.transaction(['blobs', 'blobData'], 'readwrite');
     await trx.objectStore('blobs').put({
       key: blob.key,
       mime: blob.mime,
@@ -50,15 +52,11 @@ export class IndexedDBBlobStorage extends BlobStorageBase {
 
   override async delete(key: string, permanently: boolean) {
     if (permanently) {
-      const trx = this.db.transaction(['blobs', 'blobData'], 'readwrite', {
-        durability: 'relaxed',
-      });
+      const trx = this.db.transaction(['blobs', 'blobData'], 'readwrite');
       await trx.objectStore('blobs').delete(key);
       await trx.objectStore('blobData').delete(key);
     } else {
-      const trx = this.db.transaction('blobs', 'readwrite', {
-        durability: 'relaxed',
-      });
+      const trx = this.db.transaction('blobs', 'readwrite');
       const blob = await trx.store.get(key);
       if (blob) {
         await trx.store.put({
@@ -70,37 +68,29 @@ export class IndexedDBBlobStorage extends BlobStorageBase {
   }
 
   override async release() {
-    const trx = this.db.transaction(['blobs', 'blobData'], 'readwrite', {
-      durability: 'relaxed',
-    });
+    const trx = this.db.transaction(['blobs', 'blobData'], 'readwrite');
 
-    const store = trx.objectStore('blobs');
-    const getAllRecords = store.getAllRecords?.bind(store);
-    const blobs =
-      typeof getAllRecords === 'function'
-        ? (await getAllRecords()).map(record => record.value)
-        : await store.getAll();
+    const it = trx.objectStore('blobs').iterate();
 
-    const deleted = blobs.filter(blob => blob.deletedAt);
-
-    await Promise.all(
-      deleted.map(blob =>
-        Promise.all([
-          store.delete(blob.key),
-          trx.objectStore('blobData').delete(blob.key),
-        ])
-      )
-    );
+    for await (const item of it) {
+      if (item.value.deletedAt) {
+        await item.delete();
+        await trx.objectStore('blobData').delete(item.value.key);
+      }
+    }
   }
 
   override async list() {
     const trx = this.db.transaction('blobs', 'readonly');
-    const getAllRecords = trx.store.getAllRecords?.bind(trx.store);
-    const blobs =
-      typeof getAllRecords === 'function'
-        ? (await getAllRecords()).map(record => record.value)
-        : await trx.store.getAll();
+    const it = trx.store.iterate();
 
-    return blobs.filter(blob => !blob.deletedAt);
+    const blobs: ListedBlobRecord[] = [];
+    for await (const item of it) {
+      if (!item.value.deletedAt) {
+        blobs.push(item.value);
+      }
+    }
+
+    return blobs;
   }
 }

packages/common/nbstore/src/impls/idb/db.ts

@@ -4,38 +4,6 @@ import { AutoReconnectConnection } from '../../connection';
 import type { SpaceType } from '../../utils/universal-id';
 import { type DocStorageSchema, migrator } from './schema';
 
-declare module 'idb' {
-  interface IDBPObjectStore {
-    getAllRecords?(
-      query?: IDBValidKey | IDBKeyRange | null,
-      count?: number | { direction?: IDBCursorDirection; count?: number }
-    ): Promise<IDBRecord[]>;
-  }
-  interface IDBPIndex {
-    getAllRecords?(
-      query?: IDBValidKey | IDBKeyRange | null,
-      count?: number | { direction?: IDBCursorDirection; count?: number }
-    ): Promise<IDBRecord[]>;
-  }
-  interface IDBObjectStore {
-    getAllRecords?(
-      query?: IDBValidKey | IDBKeyRange | null,
-      count?: number | { direction?: IDBCursorDirection; count?: number }
-    ): Promise<IDBRecord[]>;
-  }
-  interface IDBIndex {
-    getAllRecords?(
-      query?: IDBValidKey | IDBKeyRange | null,
-      count?: number | { direction?: IDBCursorDirection; count?: number }
-    ): Promise<IDBRecord[]>;
-  }
-  interface IDBRecord {
-    key: IDBValidKey;
-    primaryKey: IDBValidKey;
-    value: any;
-  }
-}
-
 export interface IDBConnectionOptions {
   flavour: string;
   type: SpaceType;

packages/common/nbstore/src/impls/idb/doc.ts

@@ -37,9 +37,7 @@ export class IndexedDBDocStorage extends DocStorageBase<IDBConnectionOptions> {
 
     while (true) {
       try {
-        const trx = this.db.transaction(['updates', 'clocks'], 'readwrite', {
-          durability: 'relaxed',
-        });
+        const trx = this.db.transaction(['updates', 'clocks'], 'readwrite');
 
         await trx.objectStore('updates').add({
           ...update,
@@ -105,15 +103,15 @@ export class IndexedDBDocStorage extends DocStorageBase<IDBConnectionOptions> {
   override async deleteDoc(docId: string) {
     const trx = this.db.transaction(
       ['snapshots', 'updates', 'clocks'],
-      'readwrite',
-      { durability: 'relaxed' }
+      'readwrite'
     );
 
-    const updates = trx.objectStore('updates');
-    const idx = updates.index('docId');
-    const keys = await idx.getAllKeys(IDBKeyRange.only(docId));
+    const idx = trx.objectStore('updates').index('docId');
+    const iter = idx.iterate(IDBKeyRange.only(docId));
 
-    await Promise.all(keys.map(key => updates.delete(key)));
+    for await (const { value } of iter) {
+      await trx.objectStore('updates').delete([value.docId, value.createdAt]);
+    }
 
     await trx.objectStore('snapshots').delete(docId);
     await trx.objectStore('clocks').delete(docId);
@@ -122,18 +120,6 @@ export class IndexedDBDocStorage extends DocStorageBase<IDBConnectionOptions> {
   override async getDocTimestamps(after: Date = new Date(0)) {
     const trx = this.db.transaction('clocks', 'readonly');
 
-    const getAllRecords = trx.store.getAllRecords?.bind(trx.store);
-
-    if (typeof getAllRecords === 'function') {
-      const records = await getAllRecords();
-      return records.reduce((ret, cur) => {
-        if (cur.value.timestamp > after) {
-          ret[cur.value.docId] = cur.value.timestamp;
-        }
-        return ret;
-      }, {} as DocClocks);
-    }
-
     const clocks = await trx.store.getAll();
 
     return clocks.reduce((ret, cur) => {
@@ -171,19 +157,7 @@ export class IndexedDBDocStorage extends DocStorageBase<IDBConnectionOptions> {
 
   protected override async getDocUpdates(docId: string): Promise<DocRecord[]> {
     const trx = this.db.transaction('updates', 'readonly');
-    const idx = trx.store.index('docId');
-    const getAllRecords = idx.getAllRecords?.bind(idx);
-
-    if (typeof getAllRecords === 'function') {
-      const records = await getAllRecords(IDBKeyRange.only(docId));
-      return records.map(record => ({
-        docId,
-        bin: record.value.bin,
-        timestamp: record.value.createdAt,
-      }));
-    }
-
-    const updates = await idx.getAll(docId);
+    const updates = await trx.store.index('docId').getAll(docId);
 
     return updates.map(update => ({
       docId,
@@ -196,9 +170,7 @@ export class IndexedDBDocStorage extends DocStorageBase<IDBConnectionOptions> {
     docId: string,
     updates: DocRecord[]
   ): Promise<number> {
-    const trx = this.db.transaction('updates', 'readwrite', {
-      durability: 'relaxed',
-    });
+    const trx = this.db.transaction('updates', 'readwrite');
 
     await Promise.all(
       updates.map(update => trx.store.delete([docId, update.timestamp]))

packages/frontend/apps/electron-renderer/package.json

@@ -26,7 +26,7 @@
     "react": "^19.2.1",
     "react-dom": "^19.2.1",
     "react-router-dom": "^6.30.3",
-    "uuid": "^11.1.0",
+    "uuid": "^13.0.0",
     "webm-muxer": "^5.0.3"
   },
   "devDependencies": {

packages/frontend/apps/electron/package.json

@@ -49,11 +49,11 @@
     "@electron-forge/shared-types": "^7.10.2",
     "@pengx17/electron-forge-maker-appimage": "^1.2.1",
     "@sentry/electron": "^7.0.0",
-    "@sentry/esbuild-plugin": "^3.0.0",
+    "@sentry/esbuild-plugin": "^4.0.0",
     "@sentry/react": "^9.47.1",
     "@toeverything/infra": "workspace:*",
     "@types/set-cookie-parser": "^2.4.10",
-    "@types/uuid": "^10.0.0",
+    "@types/uuid": "^11.0.0",
     "@vitejs/plugin-react-swc": "^3.7.2",
     "app-builder-lib": "^26.1.0",
     "builder-util-runtime": "^9.5.0",
@@ -73,7 +73,7 @@
     "semver": "^7.7.3",
     "tree-kill": "^1.2.2",
     "ts-node": "^10.9.2",
-    "uuid": "^11.1.0",
+    "uuid": "^13.0.0",
     "vitest": "^3.2.4",
     "zod": "^3.25.76"
   },

packages/frontend/core/package.json

@@ -91,7 +91,7 @@
     "semver": "^7.7.3",
     "ses": "^1.14.0",
     "shiki": "^3.19.0",
-    "socket.io-client": "^4.8.1",
+    "socket.io-client": "^4.8.3",
     "swr": "^2.3.7",
     "tinykeys": "patch:tinykeys@npm%3A2.1.0#~/.yarn/patches/tinykeys-npm-2.1.0-819feeaed0.patch",
     "y-protocols": "^1.0.6",

packages/frontend/i18n/src/i18n-completenesses.json

@@ -9,16 +9,16 @@
   "es-CL": 99,
   "es": 98,
   "fa": 98,
-  "fr": 100,
+  "fr": 99,
   "hi": 2,
-  "it-IT": 100,
+  "it-IT": 99,
   "it": 1,
   "ja": 98,
   "ko": 99,
   "nb-NO": 48,
   "pl": 100,
   "pt-BR": 98,
-  "ru": 100,
+  "ru": 99,
   "sv-SE": 98,
   "uk": 98,
   "ur": 2,

packages/frontend/i18n/src/i18n.gen.ts

@@ -8504,6 +8504,17 @@ export function useAFFiNEI18N(): {
     ["error.HTTP_REQUEST_ERROR"](options: {
         readonly message: string;
     }): string;
+    /**
+      * `Invalid URL`
+      */
+    ["error.SSRF_BLOCKED_ERROR"](): string;
+    /**
+      * `Response too large ({{receivedBytes}} bytes), limit is {{limitBytes}} bytes`
+      */
+    ["error.RESPONSE_TOO_LARGE_ERROR"](options: Readonly<{
+        receivedBytes: string;
+        limitBytes: string;
+    }>): string;
     /**
       * `Email service is not configured.`
       */

packages/frontend/i18n/src/resources/en.json

@@ -2131,6 +2131,8 @@
   "error.BAD_REQUEST": "Bad request.",
   "error.GRAPHQL_BAD_REQUEST": "GraphQL bad request, code: {{code}}, {{message}}",
   "error.HTTP_REQUEST_ERROR": "HTTP request error, message: {{message}}",
+  "error.SSRF_BLOCKED_ERROR": "Invalid URL",
+  "error.RESPONSE_TOO_LARGE_ERROR": "Response too large ({{receivedBytes}} bytes), limit is {{limitBytes}} bytes",
   "error.EMAIL_SERVICE_NOT_CONFIGURED": "Email service is not configured.",
   "error.QUERY_TOO_LONG": "Query is too long, max length is {{max}}.",
   "error.VALIDATION_ERROR": "Validation error, errors: {{errors}}",

packages/frontend/media-capture-playground/package.json

@@ -13,7 +13,7 @@
     "@tailwindcss/vite": "^4.0.6",
     "@types/express": "^5.0.0",
     "@types/lodash-es": "^4.17.12",
-    "@types/multer": "^1",
+    "@types/multer": "^2.0.0",
     "@types/react": "^19.0.8",
     "@types/react-dom": "^19.0.3",
     "@vitejs/plugin-react": "^4.3.4",
@@ -27,7 +27,7 @@
     "react-dom": "^19.2.1",
     "react-markdown": "^10.1.0",
     "socket.io": "^4.7.4",
-    "socket.io-client": "^4.7.4",
+    "socket.io-client": "^4.8.3",
     "swr": "^2.3.7",
     "tailwindcss": "^4.1.17",
     "tsx": "^4.19.2",

tools/cli/package.json

@@ -19,7 +19,7 @@
     "@affine/s3-compat": "workspace:*",
     "@napi-rs/simple-git": "^0.1.22",
     "@perfsee/webpack": "^1.13.0",
-    "@sentry/webpack-plugin": "^3.0.0",
+    "@sentry/webpack-plugin": "^4.0.0",
     "@swc/core": "^1.10.1",
     "@tailwindcss/postcss": "^4.0.0",
     "@vanilla-extract/webpack-plugin": "^2.3.15",

tools/playstore-auto-bump/package.json

@@ -11,7 +11,7 @@
   "dependencies": {
     "@affine-tools/cli": "workspace:*",
     "@affine-tools/utils": "workspace:*",
-    "@googleapis/androidpublisher": "^31.0.0",
+    "@googleapis/androidpublisher": "^35.0.0",
     "typescript": "^5.7.2"
   },
   "devDependencies": {

yarn.lock

@@ -119,7 +119,7 @@ __metadata:
     "@affine/s3-compat": "workspace:*"
     "@napi-rs/simple-git": "npm:^0.1.22"
     "@perfsee/webpack": "npm:^1.13.0"
-    "@sentry/webpack-plugin": "npm:^3.0.0"
+    "@sentry/webpack-plugin": "npm:^4.0.0"
     "@swc/core": "npm:^1.10.1"
     "@tailwindcss/postcss": "npm:^4.0.0"
     "@types/lodash-es": "npm:^4.17.12"
@@ -485,7 +485,7 @@ __metadata:
     semver: "npm:^7.7.3"
     ses: "npm:^1.14.0"
     shiki: "npm:^3.19.0"
-    socket.io-client: "npm:^4.8.1"
+    socket.io-client: "npm:^4.8.3"
     swr: "npm:^2.3.7"
     tinykeys: "patch:tinykeys@npm%3A2.1.0#~/.yarn/patches/tinykeys-npm-2.1.0-819feeaed0.patch"
     vitest: "npm:^3.2.4"
@@ -562,7 +562,7 @@ __metadata:
     react-dom: "npm:^19.2.1"
     react-router-dom: "npm:^6.30.3"
     typescript: "npm:^5.7.2"
-    uuid: "npm:^11.1.0"
+    uuid: "npm:^13.0.0"
     webm-muxer: "npm:^5.0.3"
   languageName: unknown
   linkType: soft
@@ -588,11 +588,11 @@ __metadata:
     "@electron-forge/shared-types": "npm:^7.10.2"
     "@pengx17/electron-forge-maker-appimage": "npm:^1.2.1"
     "@sentry/electron": "npm:^7.0.0"
-    "@sentry/esbuild-plugin": "npm:^3.0.0"
+    "@sentry/esbuild-plugin": "npm:^4.0.0"
     "@sentry/react": "npm:^9.47.1"
     "@toeverything/infra": "workspace:*"
     "@types/set-cookie-parser": "npm:^2.4.10"
-    "@types/uuid": "npm:^10.0.0"
+    "@types/uuid": "npm:^11.0.0"
     "@vitejs/plugin-react-swc": "npm:^3.7.2"
     app-builder-lib: "npm:^26.1.0"
     async-call-rpc: "npm:^6.4.2"
@@ -617,7 +617,7 @@ __metadata:
     set-cookie-parser: "npm:^2.7.1"
     tree-kill: "npm:^1.2.2"
     ts-node: "npm:^10.9.2"
-    uuid: "npm:^11.1.0"
+    uuid: "npm:^13.0.0"
     vitest: "npm:^3.2.4"
     yjs: "npm:^13.6.27"
     zod: "npm:^3.25.76"
@@ -736,7 +736,7 @@ __metadata:
     "@types/express": "npm:^5.0.0"
     "@types/fs-extra": "npm:^11"
     "@types/lodash-es": "npm:^4.17.12"
-    "@types/multer": "npm:^1"
+    "@types/multer": "npm:^2.0.0"
     "@types/react": "npm:^19.0.1"
     "@types/react-dom": "npm:^19.0.2"
     "@vitejs/plugin-react": "npm:^4.3.4"
@@ -750,7 +750,7 @@ __metadata:
     react-dom: "npm:^19.2.1"
     react-markdown: "npm:^10.1.0"
     socket.io: "npm:^4.7.4"
-    socket.io-client: "npm:^4.7.4"
+    socket.io-client: "npm:^4.8.3"
     swr: "npm:^2.3.7"
     tailwindcss: "npm:^4.1.17"
     tsx: "npm:^4.19.2"
@@ -861,8 +861,8 @@ __metadata:
     lodash-es: "npm:^4.17.21"
     nanoid: "npm:^5.1.6"
     rxjs: "npm:^7.8.2"
-    socket.io-client: "npm:^4.8.1"
-    uuid: "npm:^11.1.0"
+    socket.io-client: "npm:^4.8.3"
+    uuid: "npm:^13.0.0"
     vitest: "npm:^3.2.4"
     y-protocols: "npm:^1.0.6"
     yjs: "npm:^13.6.27"
@@ -871,7 +871,7 @@ __metadata:
     "@affine/graphql": "workspace:*"
     "@blocksuite/affine": "workspace:*"
     idb: ^8.0.0
-    socket.io-client: ^4.7.5
+    socket.io-client: ^4.8.3
   languageName: unknown
   linkType: soft
 
@@ -881,7 +881,7 @@ __metadata:
   dependencies:
     "@affine-tools/cli": "workspace:*"
     "@affine-tools/utils": "workspace:*"
-    "@googleapis/androidpublisher": "npm:^31.0.0"
+    "@googleapis/androidpublisher": "npm:^35.0.0"
     "@types/node": "npm:^22.0.0"
     typescript: "npm:^5.7.2"
   languageName: unknown
@@ -1015,12 +1015,12 @@ __metadata:
     "@types/mixpanel": "npm:^2.14.9"
     "@types/mustache": "npm:^4.2.5"
     "@types/node": "npm:^22.0.0"
-    "@types/nodemailer": "npm:^6.4.17"
+    "@types/nodemailer": "npm:^7.0.0"
     "@types/on-headers": "npm:^1.0.3"
     "@types/react": "npm:^19.0.1"
     "@types/react-dom": "npm:^19.0.2"
     "@types/semver": "npm:^7.5.8"
-    "@types/sinon": "npm:^17.0.3"
+    "@types/sinon": "npm:^21.0.0"
     "@types/supertest": "npm:^6.0.2"
     ai: "npm:^5.0.118"
     ava: "npm:^6.4.0"
@@ -5857,12 +5857,12 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@googleapis/androidpublisher@npm:^31.0.0":
-  version: 31.0.0
-  resolution: "@googleapis/androidpublisher@npm:31.0.0"
+"@googleapis/androidpublisher@npm:^35.0.0":
+  version: 35.1.1
+  resolution: "@googleapis/androidpublisher@npm:35.1.1"
   dependencies:
     googleapis-common: "npm:^8.0.0"
-  checksum: 10/85cfc9b9e1f1211939bad0349d4d893d004c8c5491824892b631b9d55011b23d1200c7c3186ac38da86b53f46e6d1de34a056a872867fb86832c38586a092402
+  checksum: 10/b16e9dba15b6fa6d5fc6c5b6a0f8cde6174d4e177434a2e53b7aeba4460e923684fde9cb95b861661717a07eeebf17c8f7f0f74ce876dad9596fb5027fe0d7a4
   languageName: node
   linkType: hard
 
@@ -15129,10 +15129,10 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@sentry/babel-plugin-component-annotate@npm:3.6.1":
-  version: 3.6.1
-  resolution: "@sentry/babel-plugin-component-annotate@npm:3.6.1"
-  checksum: 10/b65732b1be4123a0da37875b608b66fa3bef50698df90dc4d3236cd182f21708aeb50a94f9108d2cf6d199d76a55c698c52d9cb4bbdc2f859108b4d46321a15a
+"@sentry/babel-plugin-component-annotate@npm:4.8.0":
+  version: 4.8.0
+  resolution: "@sentry/babel-plugin-component-annotate@npm:4.8.0"
+  checksum: 10/7cc62dfea3dd3d895e52624c2b27a81c7c641d42a3de05ff14bf0fede9d876a9cfec11962d33bacf42dfea59ec75c4271448a6c284dc63c2c0bb634002419867
   languageName: node
   linkType: hard
 
@@ -15162,19 +15162,19 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@sentry/bundler-plugin-core@npm:3.6.1":
-  version: 3.6.1
-  resolution: "@sentry/bundler-plugin-core@npm:3.6.1"
+"@sentry/bundler-plugin-core@npm:4.8.0":
+  version: 4.8.0
+  resolution: "@sentry/bundler-plugin-core@npm:4.8.0"
   dependencies:
     "@babel/core": "npm:^7.18.5"
-    "@sentry/babel-plugin-component-annotate": "npm:3.6.1"
-    "@sentry/cli": "npm:^2.49.0"
+    "@sentry/babel-plugin-component-annotate": "npm:4.8.0"
+    "@sentry/cli": "npm:^2.57.0"
     dotenv: "npm:^16.3.1"
     find-up: "npm:^5.0.0"
-    glob: "npm:^9.3.2"
+    glob: "npm:^10.5.0"
     magic-string: "npm:0.30.8"
     unplugin: "npm:1.0.1"
-  checksum: 10/6445bda6a963acc8fedd857c3783a21aa2ca147f8c5dced5b064d8d5756e87903346ce113a1f792f47f908184332917f8e413f52441dd33d0fb0eb197d638dc1
+  checksum: 10/a19eaf1c118e273ed3383da0ede9365c23b5668871f21b89c22fb873ae29cf972464472d7c448f84afdea7e99e50dc5bf5f46579721f88696400cab994a2d123
   languageName: node
   linkType: hard
 
@@ -15234,7 +15234,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@sentry/cli@npm:^2.49.0":
+"@sentry/cli@npm:^2.57.0":
   version: 2.58.4
   resolution: "@sentry/cli@npm:2.58.4"
   dependencies:
@@ -15304,14 +15304,14 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@sentry/esbuild-plugin@npm:^3.0.0":
-  version: 3.6.1
-  resolution: "@sentry/esbuild-plugin@npm:3.6.1"
+"@sentry/esbuild-plugin@npm:^4.0.0":
+  version: 4.8.0
+  resolution: "@sentry/esbuild-plugin@npm:4.8.0"
   dependencies:
-    "@sentry/bundler-plugin-core": "npm:3.6.1"
+    "@sentry/bundler-plugin-core": "npm:4.8.0"
     unplugin: "npm:1.0.1"
     uuid: "npm:^9.0.0"
-  checksum: 10/b2b64e404d13589d98ff5ebc57a7e0a7cb9c3bada8aab20f9eb1beefb375deabf61658c96659f3a4f2a5dbd69e44ddf69fd1b5a17f31830a97ddbee8f589473a
+  checksum: 10/d5204896f1b2bc780ea9cac7e057746b9ac8a33591f16c754c03248e273e92a0bbaf46c66467d5300cb41f4763b2a82fa623bae3c853d5254dd6a68716017b2d
   languageName: node
   linkType: hard
 
@@ -15406,16 +15406,16 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@sentry/webpack-plugin@npm:^3.0.0":
-  version: 3.6.1
-  resolution: "@sentry/webpack-plugin@npm:3.6.1"
+"@sentry/webpack-plugin@npm:^4.0.0":
+  version: 4.8.0
+  resolution: "@sentry/webpack-plugin@npm:4.8.0"
   dependencies:
-    "@sentry/bundler-plugin-core": "npm:3.6.1"
+    "@sentry/bundler-plugin-core": "npm:4.8.0"
     unplugin: "npm:1.0.1"
     uuid: "npm:^9.0.0"
   peerDependencies:
     webpack: ">=4.40.0"
-  checksum: 10/2d3fbb2688398f58e859d36058a88b3668583741fc3be036ba5f09dc6ad9703ddcad486ba4f76e5fa257a8473dc66d7f0e47407e60d6b4943f8952615752d3fd
+  checksum: 10/d29568e272a3b5d4a3099ca2925ff8fa2a155b0896dfca2bd0a3b7ebaa7c6f516ed4e1f9a407045d20db90a741927a35140d9327d6bd9e0b2369498220072011
   languageName: node
   linkType: hard
 
@@ -17363,12 +17363,12 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@types/multer@npm:^1":
-  version: 1.4.12
-  resolution: "@types/multer@npm:1.4.12"
+"@types/multer@npm:^2.0.0":
+  version: 2.0.0
+  resolution: "@types/multer@npm:2.0.0"
   dependencies:
     "@types/express": "npm:*"
-  checksum: 10/3d2b32da58ddd67f972d4ef1021492f78d65f33f936b6fb25dd461bb6cc7b03bfd1de1a11562c4310680dac8054e4398038db51767a0ffbf1fe62457b3706e95
+  checksum: 10/87ddd5b39fd572b1d98f84908738eed9fef53fc20628bff066d43b3bcf70481f51010a997554ed65c97121e7b8fe44b59a24cd68ccf59c3d7c64bbffb8c5a127
   languageName: node
   linkType: hard
 
@@ -17434,12 +17434,12 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@types/nodemailer@npm:^6.4.17":
-  version: 6.4.17
-  resolution: "@types/nodemailer@npm:6.4.17"
+"@types/nodemailer@npm:^7.0.0":
+  version: 7.0.9
+  resolution: "@types/nodemailer@npm:7.0.9"
   dependencies:
     "@types/node": "npm:*"
-  checksum: 10/bd090c9a81f15ee5e1e2123de1004593bacc24d385460dd56c51ec657d61dc1cfd4f44fc71baac060a1abcb487aef5027509e0afd646e7118d7a8a13a95bad9d
+  checksum: 10/6bfca388af668a05a68e750a7acbd5736a3dcdf96f34f23bf4211ab152572d55008fd813e38bf03f944c6edbd002a7f98d6cee048343b8e840b3b91a00befac9
   languageName: node
   linkType: hard
 
@@ -17620,12 +17620,12 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@types/sinon@npm:^17.0.3":
-  version: 17.0.4
-  resolution: "@types/sinon@npm:17.0.4"
+"@types/sinon@npm:^21.0.0":
+  version: 21.0.0
+  resolution: "@types/sinon@npm:21.0.0"
   dependencies:
     "@types/sinonjs__fake-timers": "npm:*"
-  checksum: 10/286c34e66e3573673ba59a332ac81189e20dd591c5c5360c8ff3ed83a59a60bdb1d4c8f13ab8863a4d5ce636282e4b11c640b87f398663eee152988ca09b1933
+  checksum: 10/3add134347bd2b96c4d136bc41108553d31f2b4ca44c118ae69832d8bd9896d9faec07c08ba933cd25ba8699503303e8743d84fc8f5317c16b5cfb8245d0bc29
   languageName: node
   linkType: hard
 
@@ -17718,10 +17718,12 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@types/uuid@npm:^10.0.0":
-  version: 10.0.0
-  resolution: "@types/uuid@npm:10.0.0"
-  checksum: 10/e3958f8b0fe551c86c14431f5940c3470127293280830684154b91dc7eb3514aeb79fe3216968833cf79d4d1c67f580f054b5be2cd562bebf4f728913e73e944
+"@types/uuid@npm:^11.0.0":
+  version: 11.0.0
+  resolution: "@types/uuid@npm:11.0.0"
+  dependencies:
+    uuid: "npm:*"
+  checksum: 10/9f94bd34e5d220c53cc58ea9f48a0061d3bc343e29bc33a17edc705f5e21fedda21553318151f2bc227c2b2b03727bbb536da2b82a61f84d2e1ca38abc5e5c3f
   languageName: node
   linkType: hard
 
@@ -25086,7 +25088,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"glob@npm:^10.0.0, glob@npm:^10.2.2, glob@npm:^10.3.10, glob@npm:^10.4.1, glob@npm:^10.4.5":
+"glob@npm:^10.0.0, glob@npm:^10.2.2, glob@npm:^10.3.10, glob@npm:^10.4.1, glob@npm:^10.4.5, glob@npm:^10.5.0":
   version: 10.5.0
   resolution: "glob@npm:10.5.0"
   dependencies:
@@ -25145,18 +25147,6 @@ __metadata:
   languageName: node
   linkType: hard
 
-"glob@npm:^9.3.2":
-  version: 9.3.5
-  resolution: "glob@npm:9.3.5"
-  dependencies:
-    fs.realpath: "npm:^1.0.0"
-    minimatch: "npm:^8.0.2"
-    minipass: "npm:^4.2.4"
-    path-scurry: "npm:^1.6.1"
-  checksum: 10/e5fa8a58adf53525bca42d82a1fad9e6800032b7e4d372209b80cfdca524dd9a7dbe7d01a92d7ed20d89c572457f12c250092bc8817cb4f1c63efefdf9b658c0
-  languageName: node
-  linkType: hard
-
 "global-agent@npm:^3.0.0":
   version: 3.0.0
   resolution: "global-agent@npm:3.0.0"
@@ -29548,15 +29538,6 @@ __metadata:
   languageName: node
   linkType: hard
 
-"minimatch@npm:^8.0.2":
-  version: 8.0.4
-  resolution: "minimatch@npm:8.0.4"
-  dependencies:
-    brace-expansion: "npm:^2.0.1"
-  checksum: 10/aef05598ee565e1013bc8a10f53410ac681561f901c1a084b8ecfd016c9ed919f58f4bbd5b63e05643189dfb26e8106a84f0e1ff12e4a263aa37e1cae7ce9828
-  languageName: node
-  linkType: hard
-
 "minimist@npm:^1.1.3, minimist@npm:^1.2.0, minimist@npm:^1.2.5, minimist@npm:^1.2.6, minimist@npm:^1.2.7, minimist@npm:^1.2.8":
   version: 1.2.8
   resolution: "minimist@npm:1.2.8"
@@ -29648,13 +29629,6 @@ __metadata:
   languageName: node
   linkType: hard
 
-"minipass@npm:^4.2.4":
-  version: 4.2.8
-  resolution: "minipass@npm:4.2.8"
-  checksum: 10/e148eb6dcb85c980234cad889139ef8ddf9d5bdac534f4f0268446c8792dd4c74f4502479be48de3c1cce2f6450f6da4d0d4a86405a8a12be04c1c36b339569a
-  languageName: node
-  linkType: hard
-
 "minipass@npm:^5.0.0":
   version: 5.0.0
   resolution: "minipass@npm:5.0.0"
@@ -31269,7 +31243,7 @@ __metadata:
   languageName: node
   linkType: hard
 
-"path-scurry@npm:^1.11.1, path-scurry@npm:^1.6.1":
+"path-scurry@npm:^1.11.1":
   version: 1.11.1
   resolution: "path-scurry@npm:1.11.1"
   dependencies:
@@ -34590,18 +34564,6 @@ __metadata:
   languageName: node
   linkType: hard
 
-"socket.io-client@npm:^4.7.4, socket.io-client@npm:^4.8.1":
-  version: 4.8.1
-  resolution: "socket.io-client@npm:4.8.1"
-  dependencies:
-    "@socket.io/component-emitter": "npm:~3.1.0"
-    debug: "npm:~4.3.2"
-    engine.io-client: "npm:~6.6.1"
-    socket.io-parser: "npm:~4.2.4"
-  checksum: 10/7480cf1ab30eba371a96dd1ce2ce9018dcbeaf81035a066fb89d99df0d0a6388b05840c92d970317c739956b68b28b0f4833f3b18e460a24eef557b9bca127c1
-  languageName: node
-  linkType: hard
-
 "socket.io-client@npm:^4.8.3":
   version: 4.8.3
   resolution: "socket.io-client@npm:4.8.3"
@@ -36892,6 +36854,15 @@ __metadata:
   languageName: node
   linkType: hard
 
+"uuid@npm:*, uuid@npm:^13.0.0":
+  version: 13.0.0
+  resolution: "uuid@npm:13.0.0"
+  bin:
+    uuid: dist-node/bin/uuid
+  checksum: 10/2742b24d1e00257e60612572e4d28679423469998cafbaf1fe9f1482e3edf9c40754b31bfdb3d08d71b29239f227a304588f75210b3b48f2609f0673f1feccef
+  languageName: node
+  linkType: hard
+
 "uuid@npm:^11.1.0":
   version: 11.1.0
   resolution: "uuid@npm:11.1.0"