fix(crowdin): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	OpenSSF
@crowdin/crowdin-api-client	dependencies	minor	1.34.0 -> 1.35.0
@mantine/carousel (source)	peerDependencies	patch	6.0.21 -> 6.0.22
@mantine/carousel (source)	devDependencies	patch	6.0.21 -> 6.0.22
@mantine/carousel (source)	dependencies	patch	6.0.21 -> 6.0.22
@mantine/core (source)	peerDependencies	patch	6.0.21 -> 6.0.22
@mantine/core (source)	devDependencies	patch	6.0.21 -> 6.0.22
@mantine/core (source)	dependencies	patch	6.0.21 -> 6.0.22
@mantine/dates (source)	peerDependencies	patch	6.0.21 -> 6.0.22
@mantine/dates (source)	devDependencies	patch	6.0.21 -> 6.0.22
@mantine/dates (source)	dependencies	patch	6.0.21 -> 6.0.22
@mantine/form (source)	peerDependencies	patch	6.0.21 -> 6.0.22
@mantine/form (source)	devDependencies	patch	6.0.21 -> 6.0.22
@mantine/form (source)	dependencies	patch	6.0.21 -> 6.0.22
@mantine/hooks (source)	peerDependencies	patch	6.0.21 -> 6.0.22
@mantine/hooks (source)	devDependencies	patch	6.0.21 -> 6.0.22
@mantine/hooks (source)	dependencies	patch	6.0.21 -> 6.0.22
@mantine/next (source)	peerDependencies	patch	6.0.21 -> 6.0.22
@mantine/next (source)	devDependencies	patch	6.0.21 -> 6.0.22
@mantine/next (source)	dependencies	patch	6.0.21 -> 6.0.22
@mantine/notifications (source)	peerDependencies	patch	6.0.21 -> 6.0.22
@mantine/notifications (source)	devDependencies	patch	6.0.21 -> 6.0.22
@mantine/notifications (source)	dependencies	patch	6.0.21 -> 6.0.22
@mantine/nprogress (source)	peerDependencies	patch	6.0.21 -> 6.0.22
@mantine/nprogress (source)	devDependencies	patch	6.0.21 -> 6.0.22
@mantine/nprogress (source)	dependencies	patch	6.0.21 -> 6.0.22
@mantine/utils (source)	peerDependencies	patch	6.0.21 -> 6.0.22
@mantine/utils (source)	devDependencies	patch	6.0.21 -> 6.0.22
@mantine/utils (source)	dependencies	patch	6.0.21 -> 6.0.22
@storybook/addon-a11y (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/addon-actions (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/addon-essentials (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/addon-interactions (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/addon-links (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/addon-mdx-gfm (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/addon-viewport (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/components (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/core-events (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/manager-api (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/nextjs (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/preview-api (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/react (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/test (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/test-runner	devDependencies	patch	0.19.0 -> 0.19.1
@storybook/theming (source)	devDependencies	patch	8.2.2 -> 8.2.3
@storybook/types (source)	devDependencies	patch	8.2.2 -> 8.2.3
@swc/helpers (source)	devDependencies	patch	0.5.11 -> 0.5.12
@tanstack/react-table (source)	peerDependencies	patch	8.19.2 -> 8.19.3
@tanstack/react-table (source)	devDependencies	patch	8.19.2 -> 8.19.3
@tanstack/react-table (source)	dependencies	patch	8.19.2 -> 8.19.3
@tanstack/react-table-devtools (source)	devDependencies	patch	8.19.2 -> 8.19.3
ajv (source)	dependencies	minor	8.16.0 -> 8.17.1
eslint-plugin-i18next	devDependencies	patch	6.0.7 -> 6.0.9
eslint-plugin-react	devDependencies	patch	7.34.3 -> 7.34.4
i18next (source)	peerDependencies	minor	23.11.5 -> 23.12.1
i18next (source)	devDependencies	minor	23.11.5 -> 23.12.1
i18next (source)	dependencies	minor	23.11.5 -> 23.12.1
knip (source)	devDependencies	minor	5.25.2 -> 5.26.0
object-sizeof	dependencies	patch	2.6.4 -> 2.6.5
prettier (source)	devDependencies	patch	3.3.2 -> 3.3.3
storybook (source)	devDependencies	patch	8.2.2 -> 8.2.3

---

Release Notes

crowdin/crowdin-api-client-js (@​crowdin/crowdin-api-client)

v1.35.0

Compare Source

What's Changed

• feat: report archives api by @​yevheniyJ in https://github.com/crowdin/crowdin-api-client-js/pull/405
• feat: create task types updates by @​yevheniyJ in https://github.com/crowdin/crowdin-api-client-js/pull/406
• feat: files import/export options update by @​yevheniyJ in https://github.com/crowdin/crowdin-api-client-js/pull/407
• feat: user api new endpoints by @​yevheniyJ in https://github.com/crowdin/crowdin-api-client-js/pull/408
• feat: teams api new methods by @​yevheniyJ in https://github.com/crowdin/crowdin-api-client-js/pull/409
• feat: branch new api methods by @​yevheniyJ in https://github.com/crowdin/crowdin-api-client-js/pull/410

Full Changelog: crowdin/crowdin-api-client-js@1.34.0...1.35.0

mantinedev/mantine (@​mantine/carousel)

v6.0.22

Compare Source

6.x patch

This is a patch for the previous major version, it does not impact 7.x releases.

Changes

• [@mantine/core] Popover: Add size popover middleware to fix overflow issues in Popover.Dropdown (#​5214)
• [@mantine/core] Menu: Fix broken focus logic when keepMounted is set (#​5565)
• [@mantine/core] Switch: fix accessibility issues (#​5755)
• [@mantine/core] Fix Typescript 5.5 compatibility

Full Changelog: mantinedev/mantine@6.0.21...6.0.22

storybookjs/storybook (@​storybook/addon-a11y)

v8.2.3

Compare Source

• Bug: Fix invalid docs links in Configure.mdx template page - #​28560, thanks @​kylegach!
• CLI: Add "missing-storybook-dependencies" automigration - #​28579, thanks @​yannbf!
• CPC: Add theming/create aliases in docs preset - #​28570, thanks @​ndelangen!
• CPC: Fix incorrect re-export in core-events - #​28573, thanks @​ndelangen!
• CPC: Fix Vite builder had wrong conditions - #​28581, thanks @​ndelangen!
• CSF: Fix small typing issue - #​28587, thanks @​valentinpalkovic!
• Portable stories: Remove unused types - #​28548, thanks @​kasperpeulen!
• Webpack: Fix sourceMap generation in csf-tools - #​28585, thanks @​valentinpalkovic!

storybookjs/test-runner (@​storybook/test-runner)

v0.19.1

Compare Source

🐛 Bug Fix

• Release 0.19.1 #​493 (@​paulgv @​yannbf)
• fix(deps): upgrade @storybook/csf to v0.1.11 #​491 (@​paulgv)

Authors: 2

• Paul Gascou-Vaillancourt (@​paulgv)
• Yann Braga (@​yannbf)

swc-project/swc (@​swc/helpers)

v0.5.12

Compare Source

TanStack/table (@​tanstack/react-table)

v8.19.3

Compare Source

Version 8.19.3 - 7/14/24, 8:44 AM

Changes

Fix

• table-core: assign unassign parentId in grouped row model (#​5657) (a71ce10) by PiR

Ci

• enable npm provenance (#​5654) (0054eb3) by Lachlan Collins
• Add pkg-pr-new previews (#​5648) (241f26f) by Lachlan Collins

Docs

• use @​tanstack/lit-virtual for the virtualized table example (#​5655) (bb0a536) by @​kadoshms
• Fix typo in docs/guide/data.md (#​5642) (6a4a10d) by Joseph Markus
• vue: vue filters example (#​5644) (e749f31) by Radu Suciu
• fix rowpinningstate (7548860) by Kevin Vandy

Packages

• @​tanstack/table-core@​8.19.3
• @​tanstack/angular-table@​8.19.3
• @​tanstack/lit-table@​8.19.3
• @​tanstack/qwik-table@​8.19.3
• @​tanstack/react-table@​8.19.3
• @​tanstack/solid-table@​8.19.3
• @​tanstack/svelte-table@​8.19.3
• @​tanstack/vue-table@​8.19.3
• @​tanstack/react-table-devtools@​8.19.3

ajv-validator/ajv (ajv)

v8.17.1

Compare Source

What's Changed

• bump version to 8.17.1 by @​jasoniangreen in https://github.com/ajv-validator/ajv/pull/2472

Full Changelog: ajv-validator/ajv@v8.17.0...v8.17.1

Plus everything in 8.17.0 which failed to release

The only functional change is to switch from uri-js (which is no longer supported), to fast-uri. This is the second attempt and the team on fast-uri have been really helpful addressing the issues we found last time.

Revert "Revert fast-uri change (https://github.com/ajv-validator/ajv/pull/2444)" by @​gurgunday in https://github.com/ajv-validator/ajv/pull/2448
fix: ignore new eslint error for @​typescript-eslint/no-extraneous-class by @​jasoniangreen in https://github.com/ajv-validator/ajv/pull/2455
docs: clarify behaviour of addVocabulary by @​jasoniangreen in https://github.com/ajv-validator/ajv/pull/2454
docs: refactor to improve legibility by @​blottn in https://github.com/ajv-validator/ajv/pull/2432
Fix grammatical typo in managing-schemas.md by @​wetneb in https://github.com/ajv-validator/ajv/pull/2305
docs: Fix broken strict-mode link by @​alexanderjsx in https://github.com/ajv-validator/ajv/pull/2459
feat: add test for encoded refs and bump fast-uri by @​jasoniangreen in https://github.com/ajv-validator/ajv/pull/2449
fix: changes for @​typescript-eslint/array-type rule by @​jasoniangreen in https://github.com/ajv-validator/ajv/pull/2467
fixes https://github.com/ajv-validator/ajv/issues/2217 - clarify custom keyword naming by @​jasoniangreen in https://github.com/ajv-validator/ajv/pull/2457

edvardchen/eslint-plugin-i18next (eslint-plugin-i18next)

v6.0.9

Compare Source

jsx-eslint/eslint-plugin-react (eslint-plugin-react)

v7.34.4

Compare Source

Fixed

• [prop-types]: fix className missing in prop validation false negative (#​3749 @​akulsr0)
• [sort-prop-types]: Check for undefined before accessing node.typeAnnotation.typeAnnotation (#​3779 @​tylerlaprade)

i18next/i18next (i18next)

v23.12.1

Compare Source

• Use explicit imports for utils 2212

v23.12.0

Compare Source

• feat: Add posibility to override keyPrefix for certain translation. 2211

webpro-nl/knip (knip)

v5.26.0

Compare Source

miktam/sizeof (object-sizeof)

v2.6.5

Compare Source

prettier/prettier (prettier)

v3.3.3

Compare Source

diff

Add parentheses for nullish coalescing in ternary (#​16391 by @​cdignam-segment)

This change adds clarity to operator precedence.

// Input
foo ? bar ?? foo : baz;
foo ?? bar ? a : b;
a ? b : foo ?? bar;

// Prettier 3.3.2
foo ? bar ?? foo : baz;
foo ?? bar ? a : b;
a ? b : foo ?? bar;

// Prettier 3.3.3
foo ? (bar ?? foo) : baz;
(foo ?? bar) ? a : b;
a ? b : (foo ?? bar);

Add parentheses for decorator expressions (#​16458 by @​y-schneider)

Prevent parentheses around member expressions or tagged template literals from being removed to follow the stricter parsing rules of TypeScript 5.5.

// Input
@​(foo`tagged template`)
class X {}

// Prettier 3.3.2
@​foo`tagged template`
class X {}

// Prettier 3.3.3
@​(foo`tagged template`)
class X {}

Support @let declaration syntax (#​16474 by @​sosukesuzuki)

Adds support for Angular v18 @let declaration syntax.

Please see the following code example. The @let declaration allows you to define local variables within the template:

@​let name = 'Frodo';

<h1>Dashboard for {{name}}</h1>
Hello, {{name}}

For more details, please refer to the excellent blog post by the Angular Team: Introducing @​let in Angular.

We also appreciate the Angular Team for kindly answering our questions to implement this feature.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
inreach-app	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jul 15, 2024 3:16pm

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[relativeci]

#892 Bundle Size — 3.45MiB (+0.02%).

fad7e33(current) vs c68e62d dev#878(baseline)

Warning

Bundle contains 8 duplicate packages – View duplicate packages

Bundle metrics   2 changes 1 regression

	Current #892	Baseline #878
Initial JS	3.06MiB(+0.02%)	3.06MiB
Initial CSS	9.54KiB	9.54KiB
Cache Invalidation	69.63%	34.53%
Chunks	66	66
Assets	79	79
Modules	2005	2005
Duplicate Modules	259	259
Duplicate Code	7.35%	7.35%
Packages	213	213
Duplicate Packages	8	8

Bundle size by type   2 changes 2 regressions

	Current #892	Baseline #878
JS	3.33MiB (+0.02%)	3.33MiB
Fonts	94.54KiB	94.54KiB
Other	9.6KiB (+0.25%)	9.58KiB
CSS	9.54KiB	9.54KiB
IMG	8.57KiB	8.57KiB

---

Bundle analysis report Branch renovate/all-minor-patch Project dashboard

[github-actions]

📦 Next.js Bundle Analysis for @weareinreach/app

This analysis was generated by the Next.js Bundle Analysis action. 🤖

This PR introduced no changes to the JavaScript bundle! 🙌

[alwaysmeticulous]

🤖 No test run has been triggered as your Meticulous project has been deactivated (since you haven't viewed any test results in a while). Click here to reactivate.

_{Last updated for commit 068c922. This comment will update as new commits are pushed.}

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/i18next@23.12.1	None	0	635 kB	adrai
npm/jiti@1.21.6	environment, filesystem, unsafe	0	1.95 MB	pi0

🚮 Removed packages: npm/@terraformer/wkt@2.2.1, npm/@trpc/server@10.45.2, npm/@types/luxon@3.4.2, npm/@types/node@18.19.39, npm/crud-object-diff@2.3.6, npm/flat@6.0.1, npm/i18next@23.11.5, npm/just-group-by@2.2.0, npm/libphonenumber-js@1.11.4, npm/luxon@3.4.4, npm/pretty-bytes@6.1.1, npm/slugify@1.6.6, npm/social-links@1.14.0, npm/typescript@4.9.5

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Install scripts	npm/@vercel/speed-insights@1.0.12	Install script: postinstall Source: node scripts/postinstall.mjs	orphan: npm/@vercel/speed-insights@1.0.12	🚫

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/@vercel/speed-insights@1.0.12

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud