Bump the npm_and_yarn group across 12 directories with 13 updates

[dependabot]

Bumps the npm_and_yarn group with 2 updates in the / directory: semver and axios.
Bumps the npm_and_yarn group with 1 update in the /examples/with-nestjs directory: next.
Bumps the npm_and_yarn group with 1 update in the /examples/with-npm directory: next.
Bumps the npm_and_yarn group with 5 updates in the /examples/with-prisma directory:

Package	From	To
cross-spawn	7.0.3	7.0.6
micromatch	4.0.7	4.0.8
rollup	4.18.0	4.34.2
next	14.2.3	14.2.21
nanoid	3.3.7	3.3.8

Bumps the npm_and_yarn group with 2 updates in the /examples/with-react-native-web directory: rollup and next.
Bumps the npm_and_yarn group with 2 updates in the /examples/with-rollup directory: rollup and next.
Bumps the npm_and_yarn group with 1 update in the /examples/with-typeorm directory: next.
Bumps the npm_and_yarn group with 1 update in the /examples/with-vite directory: vite.
Bumps the npm_and_yarn group with 1 update in the /examples/with-vite-react directory: braces.
Bumps the npm_and_yarn group with 3 updates in the /examples/with-vue-nuxt directory: vite, @nuxt/devtools and nuxt.
Bumps the npm_and_yarn group with 4 updates in the /examples/with-yarn directory: cross-spawn, micromatch, next and nanoid.
Bumps the npm_and_yarn group with 2 updates in the /packages/turbo-codemod directory: axios and follow-redirects.

Updates semver from 7.5.0 to 7.5.2

Release notes

Sourced from semver's releases.

v7.5.2

7.5.2 (2023-06-15)

Bug Fixes

• 58c791f #566 diff when detecting major change from prerelease (#566) (@​lukekarrys)
• 5c8efbc #565 preserve build in raw after inc (#565) (@​lukekarrys)
• 717534e #564 better handling of whitespace (#564) (@​lukekarrys)

v7.5.1

7.5.1 (2023-05-12)

Bug Fixes

• d30d25a #559 show type on invalid semver error (#559) (@​tjenkinson)

Changelog

Sourced from semver's changelog.

7.5.2 (2023-06-15)

Bug Fixes

• 58c791f #566 diff when detecting major change from prerelease (#566) (@​lukekarrys)
• 5c8efbc #565 preserve build in raw after inc (#565) (@​lukekarrys)
• 717534e #564 better handling of whitespace (#564) (@​lukekarrys)

7.5.1 (2023-05-12)

Bug Fixes

• d30d25a #559 show type on invalid semver error (#559) (@​tjenkinson)

Commits

• e7b78de chore: release 7.5.2
• 58c791f fix: diff when detecting major change from prerelease (#566)
• 5c8efbc fix: preserve build in raw after inc (#565)
• 717534e fix: better handling of whitespace (#564)
• 2f738e9 chore: bump @​npmcli/template-oss from 4.14.1 to 4.15.1 (#558)
• aa016a6 chore: release 7.5.1
• d30d25a fix: show type on invalid semver error (#559)
• 09c69e2 chore: bump @​npmcli/template-oss from 4.13.0 to 4.14.1 (#555)
• See full diff in compare view

Updates axios from 0.27.2 to 0.28.0

Release notes

Sourced from axios's releases.

Release v0.28.0

Release notes:

Bug Fixes

• fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

• Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
• Fixing content-type header repeated #4745
• Fixed timeout error message for HTTP 4738
• Added axios.formToJSON method (#4735)
• URL params serializer (#4734)
• Fixed toFormData Blob issue on node>v17 #4728
• Adding types for progress event callbacks #4675
• Fixed max body length defaults #4731
• Added data URL support for node.js (#4725)
• Added isCancel type assert (#4293)
• Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)
• Add string[] to AxiosRequestHeaders type (#4322)
• Allow type definition for axios instance methods (#4224)
• Fixed AxiosError stack capturing; (#4718)
• Fixed AxiosError status code type; (#4717)
• Adding Canceler parameters config and request (#4711)
• fix(types): allow to specify partial default headers for instance creation (#4185)
• Added blob to the list of protocols supported by the browser (#4678)
• Fixing Z_BUF_ERROR when no content (#4701)
• Fixed race condition on immediate requests cancellation (#4261)
• Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248
• Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)
• Fix TS definition for AxiosRequestTransformer (#4201)
• Use type alias instead of interface for AxiosPromise (#4505)
• Include request and config when creating a CanceledError instance (#4659)
• Added generic TS types for the exposed toFormData helper (#4668)
• Optimized the code that checks cancellation (#4587)
• Replaced webpack with rollup (#4596)
• Added stack trace to AxiosError (#4624)
• Updated AxiosError.config to be optional in the type definition (#4665)
• Removed incorrect argument for NetworkError constructor (#4656)

Changelog

Sourced from axios's changelog.

0.28.0 (2024-02-12)

Release notes:

Bug Fixes

• fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

• Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
• Fixing content-type header repeated #4745
• Fixed timeout error message for HTTP 4738
• Added axios.formToJSON method (#4735)
• URL params serializer (#4734)
• Fixed toFormData Blob issue on node>v17 #4728
• Adding types for progress event callbacks #4675
• Fixed max body length defaults #4731
• Added data URL support for node.js (#4725)
• Added isCancel type assert (#4293)
• Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)
• Add string[] to AxiosRequestHeaders type (#4322)
• Allow type definition for axios instance methods (#4224)
• Fixed AxiosError stack capturing; (#4718)
• Fixed AxiosError status code type; (#4717)
• Adding Canceler parameters config and request (#4711)
• fix(types): allow to specify partial default headers for instance creation (#4185)
• Added blob to the list of protocols supported by the browser (#4678)
• Fixing Z_BUF_ERROR when no content (#4701)
• Fixed race condition on immediate requests cancellation (#4261)
• Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248
• Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)
• Fix TS definition for AxiosRequestTransformer (#4201)
• Use type alias instead of interface for AxiosPromise (#4505)
• Include request and config when creating a CanceledError instance (#4659)
• Added generic TS types for the exposed toFormData helper (#4668)
• Optimized the code that checks cancellation (#4587)
• Replaced webpack with rollup (#4596)
• Added stack trace to AxiosError (#4624)
• Updated AxiosError.config to be optional in the type definition (#4665)
• Removed incorrect argument for NetworkError constructor (#4656)

Commits

• 3b7635a [Release] v0.28.0 (#6211)
• 27c0076 feat(backport): added ability for paramsSerializer to handle function; (#6227)
• 80c3d74 chore(ci): backported publish action; (#6224)
• 2755df5 fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to ...
• 880b42e docs: Fix a typo in README
• c4bf0a4 Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
• 1e2679f fix: [Types] Type of header in AxiosRequestConfig / for Axios.create is incor...
• 80b546c fix: loosing request header (#4858) (#4871)
• 6acb5ef feat: brower platform add data protocol. (#4814)
• bbb2264 fix(typing): axios response headers can be undefined (#4813)
• Additional commits viewable in compare view

Updates follow-redirects from 1.15.1 to 1.15.9

Commits

• e4e55c7 Release version 1.15.9 of the npm package.
• 31a1abf Attempt much more gentle detection.
• d2aaa97 Fix url field.
• 62558f0 Release version 1.15.8 of the npm package.
• a8d1cee Return subtlety.
• 458ca8e Fix native URL test for Node 20.
• ca49e44 Handle KeepAlive connections in tests.
• f3711d7 Test on Node 20 and 22.
• fda0faf Fix typo.
• 760757f Release version 1.15.7 of the npm package.
• Additional commits viewable in compare view

Updates next from 14.1.1 to 14.2.21

Release notes

Sourced from next's releases.

v14.2.21

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Upgrade React from 14898b6a9 to 178c267a4e: vercel/next.js#74115
• Fix unstable_allowDynamic when used with pnpm: vercel/next.js#73765

Misc Changes

• chore(docs): add missing search: '' on remotePatterns: vercel/next.js#73927
• chore(docs): update version history of next/image: vercel/next.js#73926

Credits

Huge thanks to @​unstubbable, @​ztanner, and @​styfle for helping!

v14.2.20

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Fix fetch cloning bug (vercel/next.js#73532)

Credits

Huge thanks to @​wyattjoh for helping!

v14.2.19

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• ensure worker exits bubble to parent process (#73433)
• Increase max cache tags to 128 (#73125)

Misc Changes

• Update max tag items limit in docs (#73445)

Credits

Huge thanks to @​ztanner and @​ijjk for helping!

Commits

• 2655f6e v14.2.21
• 8803d2b Backport (v14): Upgrade React from 14898b6a9 to 178c267a4e (#74115)
• 6e35243 chore(docs): add missing search: '' on remotePatterns (#73925) (#73927)
• 54919d2 chore(docs): update version history of next/image (#73926)
• 049a690 Backport: Fix unstable_allowDynamic when used with pnpm (#73765)
• 663fa9c Fix SWC and React versions for 14-2-1 branch (#73791)
• ed78a4a v14.2.20
• 530421d [backport] Fix/dedupe fetch clone (#73532)
• cbc62ad v14.2.19
• 92280dc [backport] Update max tag items limit in docs (#73445)
• Additional commits viewable in compare view

Updates nanoid from 3.3.7 to 3.3.8

Changelog

Sourced from nanoid's changelog.

3.3.8

• Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

Commits

• 3044cd5 Release 3.3.8 version
• 4fe3495 Update size limit
• d643045 Fix pool pollution, infinite loop (#510)
• See full diff in compare view

Updates next from 14.1.1 to 14.2.21

Release notes

Sourced from next's releases.

v14.2.21

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Upgrade React from 14898b6a9 to 178c267a4e: vercel/next.js#74115
• Fix unstable_allowDynamic when used with pnpm: vercel/next.js#73765

Misc Changes

• chore(docs): add missing search: '' on remotePatterns: vercel/next.js#73927
• chore(docs): update version history of next/image: vercel/next.js#73926

Credits

Huge thanks to @​unstubbable, @​ztanner, and @​styfle for helping!

v14.2.20

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Fix fetch cloning bug (vercel/next.js#73532)

Credits

Huge thanks to @​wyattjoh for helping!

v14.2.19

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• ensure worker exits bubble to parent process (#73433)
• Increase max cache tags to 128 (#73125)

Misc Changes

• Update max tag items limit in docs (#73445)

Credits

Huge thanks to @​ztanner and @​ijjk for helping!

Commits

• 2655f6e v14.2.21
• 8803d2b Backport (v14): Upgrade React from 14898b6a9 to 178c267a4e (#74115)
• 6e35243 chore(docs): add missing search: '' on remotePatterns (#73925) (#73927)
• 54919d2 chore(docs): update version history of next/image (#73926)
• 049a690 Backport: Fix unstable_allowDynamic when used with pnpm (#73765)
• 663fa9c Fix SWC and React versions for 14-2-1 branch (#73791)
• ed78a4a v14.2.20
• 530421d [backport] Fix/dedupe fetch clone (#73532)
• cbc62ad v14.2.19
• 92280dc [backport] Update max tag items limit in docs (#73445)
• Additional commits viewable in compare view

Updates cross-spawn from 7.0.3 to 7.0.6

Changelog

Sourced from cross-spawn's changelog.

7.0.6 (2024-11-18)

Bug Fixes

• update cross-spawn version to 7.0.5 in package-lock.json (f700743)

7.0.5 (2024-11-07)

Bug Fixes

• fix escaping bug introduced by backtracking (640d391)

7.0.4 (2024-11-07)

Bug Fixes

• disable regexp backtracking (#160) (5ff3a07)

Commits

• 77cd97f chore(release): 7.0.6
• 6717de4 chore: upgrade standard-version
• f700743 fix: update cross-spawn version to 7.0.5 in package-lock.json
• 9a7e3b2 chore: fix build status badge
• 0852683 chore(release): 7.0.5
• 640d391 fix: fix escaping bug introduced by backtracking
• bff0c87 chore: remove codecov
• a7c6abc chore: replace travis with github workflows
• 9b9246e chore(release): 7.0.4
• 5ff3a07 fix: disable regexp backtracking (#160)
• Additional commits viewable in compare view

Updates micromatch from 4.0.7 to 4.0.8

Release notes

Sourced from micromatch's releases.

4.0.8

Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.

Changelog

Sourced from micromatch's changelog.

[4.0.8] - 2024-08-22

• backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch

Commits

• 8bd704e 4.0.8
• a0e6841 run verb to generate README documentation
• 4ec2884 Merge branch 'v4' into hauserkristof-feature/v4.0.8
• 03aa805 Merge pull request #266 from hauserkristof/feature/v4.0.8
• 814f5f7 lint
• 67fcce6 fix: CHANGELOG about braces & CVE-2024-4068, v4.0.5
• 113f2e3 fix: CVE numbers in CHANGELOG
• d9dbd9a feat: updated CHANGELOG
• 2ab1315 fix: use actions/setup-node@v4
• 1406ea3 feat: rework test to work on macos with node 10,12 and 14
• Additional commits viewable in compare view

Updates rollup from 4.18.0 to 4.34.2

Release notes

Sourced from rollup's releases.

v4.34.2

4.34.2

2025-02-04

Bug Fixes

• Fix an issue where not all usages of a function were properly detected (#5827)

Pull Requests

• #5827: Ensure that functions provided to a constructor are properly deoptimized (@​lukastaegert)

v4.34.1

4.34.1

2025-02-03

Bug Fixes

• Ensure throwing objects includes the entire object (#5825)

Pull Requests

• #5825: Ensure that all properties of throw statements are included (@​lukastaegert)

v4.34.0

4.34.0

2025-02-01

Features

• Tree-shake unused properties in object literals (re-implements #5420) (#5737)

Pull Requests

• #5737: Reapply object tree-shaking (@​lukastaegert, @​TrickyPi)

v4.33.0

4.33.0

2025-02-01

Features

• Correctly detect literal value of more negated expressions (#5812)

Bug Fixes

... (truncated)

Changelog

Sourced from rollup's changelog.

4.34.2

2025-02-04

Bug Fixes

• Fix an issue where not all usages of a function were properly detected (#5827)

Pull Requests

• #5827: Ensure that functions provided to a constructor are properly deoptimized (@​lukastaegert)

4.34.1

2025-02-03

Bug Fixes

• Ensure throwing objects includes the entire object (#5825)

Pull Requests

• #5825: Ensure that all properties of throw statements are included (@​lukastaegert)

4.34.0

2025-02-01

Features

• Tree-shake unused properties in object literals (re-implements #5420) (#5737)

Pull Requests

• #5737: Reapply object tree-shaking (@​lukastaegert, @​TrickyPi)

4.33.0

2025-02-01

Features

• Correctly detect literal value of more negated expressions (#5812)

Bug Fixes

• Use the correct with/assert attribute key in dynamic imports (#5818)
• Fix an issue where logical expressions were considered to have the wrong value (#5819)

Pull Requests

... (truncated)

Commits

• 615efa0 4.34.2
• 17346a9 Ensure that functions provided to a constructor are properly deoptimized (#5827)
• 0f20524 4.34.1
• 32504b3 Ensure that all properties of throw statements are included (#5825)
• 979d628 4.34.0
• d7062ef Reapply object tree-shaking (#5737)
• 494483e 4.33.0
• 74a251f return null (#5820)
• 93c9c0e support for changing the attributes key for dynamic imports (#5818)
• caeffb3 Return UnknownValue if getLiteralValueAtPath is called recursively within log...
• Additional commits viewable in compare view

Updates next from 14.2.3 to 14.2.21

Release notes

Sourced from next's releases.

v14.2.21

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Upgrade React from 14898b6a9 to 178c267a4e: vercel/next.js#74115
• Fix unstable_allowDynamic when used with pnpm: vercel/next.js#73765

Misc Changes

• chore(docs): add missing search: '' on remotePatterns: vercel/next.js#73927
• chore(docs): update version history of next/image: vercel/next.js#73926

Credits

Huge thanks to @​unstubbable, @​ztanner, and @​styfle for helping!

v14.2.20

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Fix fetch cloning bug (vercel/next.js#73532)

Credits

Huge thanks to @​wyattjoh for helping!

v14.2.19

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• ensure worker exits bubble to parent process (#73433)
• Increase max cache tags to 128 (#73125)

Misc Changes

• Update max tag items limit in docs (#73445)

Credits

Huge thanks to @​ztanner and @​ijjk for helping!

Commits

• 2655f6e v14.2.21
• 8803d2b Backport (v14): Upgrade React from 14898b6a9 to 178c267a4e (#74115)
• 6e35243 chore(docs): add missing search: '' on remotePatterns (#73925) (#73927)
• 54919d2 chore(docs): update version history of next/image (#73926)
• 049a690 Backport: Fix unstable_allowDynamic when used with pnpm (#73765)
• 663fa9c Fix SWC and React versions for 14-2-1 branch (#73791)
• ed78a4a v14.2.20
• 530421d [backport] Fix/dedupe fetch clone (#73532)
• cbc62ad v14.2.19
• 92280dc [backport] Update max tag items limit in docs (#73445)
• Additional commits viewable in compare view

Updates nanoid from 3.3.7 to 3.3.8

Changelog

Sourced from nanoid's changelog.

3.3.8

• Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

Commits

• 3044cd5 Release 3.3.8 version
• 4fe3495 Update size limit
• d643045 Fix pool pollution, infinite loop (#510)
• See full diff in compare view

Updates rollup from 4.34.0 to 4.34.2

Release notes

Sourced from rollup's releases.

v4.34.2

4.34.2

2025-02-04

Bug Fixes

• Fix an issue where not all usages of a function were properly detected (#5827)

Pull Requests

• #5827: Ensure that functions provided to a constructor are properly deoptimized (@​lukastaegert)

v4.34.1

4.34.1

2025-02-03

Bug Fixes

• Ensure throwing objects includes the entire object (#5825)

Pull Requests

• #5825: Ensure that all properties of throw statements are included (@​lukastaegert)

v4.34.0

4.34.0

2025-02-01

Features

• Tree-shake unused properties in object literals (re-implements #5420) (#5737)

Pull Requests

• #5737: Reapply object tree-shaking (@​lukastaegert, @​TrickyPi)

v4.33.0

4.33.0

2025-02-01

Features

• Correctly detect literal value of more negated expressions (#5812)

Bug Fixes

... (truncated)

Changelog

Sourced from rollup's changelog.

4.34.2

2025-02-04

Bug Fixes

• Fix an issue where not all usages of a function were properly detected (#5827)

Pull Requests

• #5827: Ensure that functions provided to a constructor are properly deoptimized (@​lukastaegert)

4.34.1

2025-02-03

Bug Fixes

• Ensure throwing objects includes the entire object (#5825)

Pull Requests

• #5825: Ensure that all properties of throw statements are included (@​lukastaegert)

4.34.0

2025-02-01

Features

• Tree-shake unused properties in object literals (re-implements #5420) (#5737)

Pull Requests

• #5737: Reapply object tree-shaking (@​lukastaegert, @​TrickyPi)

4.33.0

2025-02-01

Features

• Correctly detect literal value of more negated expressions (#5812)

Bug Fixes

• Use the correct with/assert attribute key in dynamic imports (#5818)
• Fix an issue where logical expressions were considered to have the wrong value (#5819)

Pull Requests

... (truncated)

Commits

• 615efa0 4.34.2
• 17346a9 Ensure that functions provided to a constructor are properly deoptimized (#5827)
• 0f20524 4.34.1
• 32504b3 Ensure that all properties of throw statements are included (#5825)
• 979d628 4.34.0
• d7062ef Reapply object tree-shaking (#5737)
• 494483e 4.33.0
• 74a251f return null (#5820)
• 93c9c0e support for changing the attributes key for dynamic imports (#5818)
• caeffb3 Return UnknownValue if getLiteralValueAtPath is called recursively within log...
• Additional commits viewable in compare view

Updates next from 14.2.23 to 15.1.6

Release notes

Sourced from next's releases.

v14.2.21

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Upgrade React from 14898b6a9 to 178c267a4e: vercel/next.js#74115
• Fix unstable_allowDynamic when used with pnpm: vercel/next.js#73765

Misc Changes

• chore(docs): add missing search: '' on remotePatterns: vercel/next.js#73927
• chore(docs): update version history of next/image: vercel/next.js#73926

Credits

Huge thanks to @​unstubbable, @​ztanner, and @​styfle for helping!

v14.2.20

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Fix fetch cloning bug (vercel/next.js#73532)

Credits

Huge thanks to @​wyattjoh for helping!

v14.2.19

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• ensure worker exits bubble to parent process (#73433)
• Increase max cache tags to 128 (#73125)

Misc Changes

• Update max tag items limit in docs (#73445)

Credits

Huge thanks to @​ztanner and @​ijjk for helping!

Commits

• 2655f6e v14.2.21
• 8803d2b Backport (v14): Upgrade React from 14898b6a9 to 178c267a4e (#74115)
• 6e35243 chore(docs): add missing search: '' on remotePatterns (#73925) (#73927)
• 54919d2 chore(docs): update version history of next/image (#73926)
• 049a690 Backport: Fix unstable_allowDynamic when used with pnpm (#73765)
• 663fa9c Fix SWC and React versions for 14-2-1 branch (#73791)
• ed78a4a v14.2.20
• 530421d [backport] Fix/dedupe fetch clone (#73532)
• cbc62ad v14.2.19
• 92280dc [backport] Update max tag items limit in docs (#73445)
• Additional commits viewable in compare view

Updates rollup from 4.18.0 to 4.22.4

Release notes

Sourced from rollup's releases.

v4.34.2

4.34.2

2025-02-04

Bug Fixes

• Fix an issue where not all usages of a function were properly detected (#5827)

Pull Requests

• #5827: Ensure that functions provided to a constructor are properly deoptimized (@​lukastaegert)

v4.34.1

4.34.1

2025-02-03

Bug Fixes

• Ensure throwing objects includes the entire object (#5825)

Pull Requests

• #5825: Ensure that all properties of throw statements are included (@​lukastaegert)
Description has been truncated

Summary by Sourcery

Update various dependencies across multiple examples and packages. Update semver to 7.5.2, axios to 0.28.0, follow-redirects to 1.15.9, next to 14.2.21, nanoid to 3.3.8, cross-spawn to 7.0.6, micromatch to 4.0.8, rollup to 4.34.2, vite to 5.4.14, prettier to 3.4.2, turbo to 2.4.0, @types/react to 19.0.8, @types/react-dom to 19.0.3, @typescript-eslint/eslint-plugin to 7.18.0, @typescript-eslint/parser to 7.18.0, nuxt to 3.12.4, @nuxt/devtools, and braces.

Build:

• Update pnpm-lock file to version 6.0 from 9.0.

Chores:

• Update lockfileVersion to 6.0 in pnpm-lock.yaml.

[sourcery-ai]

Reviewer's Guide by Sourcery

This PR bumps several dependencies across multiple packages and examples. The most notable updates are to next, rollup, axios, and other core dependencies. The changes primarily involve updating version numbers in package.json and pnpm-lock.yaml files.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change	Details	Files
Bumps npm dependencies across multiple directories.	Updates next from 14.1.1 to 14.2.21 in several examples. Updates rollup from 4.12.0 to 4.22.4 in the with-rollup package. Updates axios from 0.27.2 to 0.28.0 in turbo-codemod. Updates various other dependencies like cross-spawn, micromatch, and nanoid. Updates vite in with-vite and with-vue-nuxt examples. Updates nuxt and @nuxt/devtools in with-vue-nuxt example.	examples/with-vite-react/pnpm-lock.yaml examples/with-nestjs/pnpm-lock.yaml examples/with-npm/apps/docs/package.json examples/with-npm/apps/web/package.json examples/with-prisma/apps/web/package.json examples/with-react-native-web/apps/web/package.json examples/with-rollup/apps/web/package.json examples/with-rollup/packages/ui/package.json examples/with-typeorm/apps/docs/package.json examples/with-typeorm/apps/web/package.json examples/with-vite/apps/docs/package.json examples/with-vite/apps/web/package.json examples/with-vue-nuxt/apps/docs/package.json examples/with-vue-nuxt/apps/web/package.json examples/with-yarn/apps/docs/package.json examples/with-yarn/apps/web/package.json package.json packages/create-turbo/package.json packages/turbo-codemod/package.json packages/turbo-workspaces/package.json

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!
• Generate a plan of action for an issue: Comment @sourcery-ai plan on
  an issue to generate a plan of action for it.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[sourcery-ai]

We have skipped reviewing this pull request. It seems to have been created by a bot (hey, dependabot[bot]!). We assume it knows what it's doing!

[codiumai-pr-agent-free]

CI Feedback 🧐

(Feedback updated until commit 3e96672)

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: Validate PR title

Failed stage: Run amannn/action-semantic-pull-request@v5 [❌]

Failed test name: Validate PR title

Failure summary: The action failed because the PR title "Bump the npm_and_yarn group across 12 directories with 13 updates" does not follow the conventional commits format. The title needs to start with a prefix indicating the type of release (e.g., 'feat:', 'fix:', 'chore:', etc.) according to the Conventional Commits specification.

Relevant error logs: 1: ##[group]Operating System 2: Ubuntu ... 21: Prepare all required actions 22: Getting action download info 23: Download action repository 'amannn/action-semantic-pull-request@v5' (SHA:0723387faaf9b38adef4775cd42cfd5155ed6017) 24: Complete job name: Validate PR title 25: ##[group]Run amannn/action-semantic-pull-request@v5 26: with: 27: requireScope: false 28: subjectPattern: ^[^A-Z].*$ 29: subjectPatternError: The subject "{subject}" found in the pull request title "{title}" doesn't match the configured pattern. 30: Please ensure that the subject doesn't start with an uppercase character. 31: 32: githubBaseUrl: https://api.github.com 33: env: 34: GITHUB_TOKEN: *** 35: ##[endgroup] 36: ##[error]No release type found in pull request title "Bump the npm_and_yarn group across 12 directories with 13 updates". Add a prefix to indicate what kind of release this pull request corresponds to. For reference, see https://www.conventionalcommits.org/

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.