Skip to content

Bump the npm_and_yarn group across 1 directory with 8 updates #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the npm_and_yarn group across 1 directory with 8 updates #2

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Jun 3, 2025
edited by korbit-ai bot
Loading

Bumps the npm_and_yarn group with 8 updates in the / directory:

Package From To
@auth/core 0.34.1 0.39.1
@auth/drizzle-adapter 1.4.1 1.9.1
hono 4.4.13 4.7.11
next 14.2.4 15.3.3
next-auth 5.0.0-beta.19 5.0.0-beta.28
drizzle-kit 0.22.8 0.31.1
@babel/runtime 7.24.7 7.27.4
nanoid 3.3.7 3.3.11

Updates @auth/core from 0.34.1 to 0.39.1

Release notes

Sourced from @​auth/core's releases.

@​auth/core@​0.39.1

Bugfixes

  • core: AuthError.type should not be internal (#12946) (4155eee8)

Other

  • fix typo in Asgardeo provider (#12943)

@​auth/core@​0.39.0

Features

  • providers: Add HuggingFace provider (#12884) (c1f89ea4)
  • providers: Improve error validation for Microsoft EntraID provider errors before decoding token (#12876) (a05451d4)

Other

@​auth/core@​0.38.0

Features

  • core: add default cache control headers for GET endpoints (#11667) (af2cceac)
  • provider: add Figma provider (#12529) (14dfaf36)
  • provider: add Logto provider (#12534) (dcaaf1ab)
  • provider: add Bitbucket provider (#12198) (6a72f3d0)
  • provider: add Frontegg provider (#11342) (517c877e)
  • providers: Add Loops Email Provider and Documentation (#11197) (3ec06842)

Bugfixes

  • core: handle an error inside parseProviders() when providerId not found in config (#12438) (80a2c147)
  • pages: recouple button theme to colorScheme and fix appearance for some logos in dark mode (#12537) (b0f15383)
  • ts: make User interface overridable using module augmentation (#12472) (77723759)
  • "state is not specified" error when using LINE provider (#12703)
  • add a missed instance of allowInsecureRequests (#12276)
  • More descriptive error in case that discovery endpoint returns an invalid issuer (#12611)
  • improve client-side submodules (#12249)

Other

  • deps: bump oauth4webapi from 3.1.4 to 3.3.0 (#12698) (5a2f595c)
  • deps: bump jose from 5.9.6 to 6.0.6 (#12699) (6aefefd3)
  • deps: bump oauth4webapi from 3.1.3 to 3.1.4 (#12359) (e2311681)
  • deps: bump oauth4webapi from 3.1.1 to 3.1.3 (#12261) (9411046e)
  • docs: fixes appearance for some logos in dark mode (#12379) (2f86dfdc)
  • docs: add missing bracket and run format (#12302) (7c20f022)
  • providers: formatting tiktok (507aadda)
  • providers: Downgrade requested OAuth scope of TikTok provider (#12608) (2465101a)
  • providers: remove console.log in WeChat provider (#12431) (9dbc9ba7)

... (truncated)

Commits
  • 2cbbbeb chore(release): bump package version(s) [skip ci]
  • baa15f4 docs: filename in google getting started doc (#12938)
  • faee6af docs: correct typo in signin.mdx (#12939)
  • 9f09e30 fix(qwik): don't build server deps on client (#12723)
  • 4155eee fix(core): AuthError.type should not be internal (#12946)
  • 30797e3 docs: fix typo in Asgardeo provider (#12943)
  • c7409f3 fix(adapter-prisma): import PrismaClientKnownRequestError for edge runtime ...
  • 6a0fa0c chore: update sveltekit example lock file
  • 5664a65 chore: update sveltekit example lock file
  • 262db25 docs: improve documentation in Credentials provider (#12873)
  • Additional commits viewable in compare view

Updates @auth/drizzle-adapter from 1.4.1 to 1.9.1

Release notes

Sourced from @​auth/drizzle-adapter's releases.

@​auth/drizzle-adapter@​1.9.1

Other

  • @​auth/core: dependency update (4155eee8)

@​auth/drizzle-adapter@​1.9.0

Other

  • @​auth/core: dependency update (c1f89ea4)

@​auth/drizzle-adapter@​1.8.0

Other

  • @​auth/core: dependency update (887c28c1)
Commits
  • 2cbbbeb chore(release): bump package version(s) [skip ci]
  • baa15f4 docs: filename in google getting started doc (#12938)
  • faee6af docs: correct typo in signin.mdx (#12939)
  • 9f09e30 fix(qwik): don't build server deps on client (#12723)
  • 4155eee fix(core): AuthError.type should not be internal (#12946)
  • 30797e3 docs: fix typo in Asgardeo provider (#12943)
  • c7409f3 fix(adapter-prisma): import PrismaClientKnownRequestError for edge runtime ...
  • 6a0fa0c chore: update sveltekit example lock file
  • 5664a65 chore: update sveltekit example lock file
  • 262db25 docs: improve documentation in Credentials provider (#12873)
  • Additional commits viewable in compare view

Updates hono from 4.4.13 to 4.7.11

Release notes

Sourced from hono's releases.

v4.7.11

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.7.10...v4.7.11

v4.7.10

What's Changed

Full Changelog: honojs/hono@v4.7.9...v4.7.10

v4.7.9

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.7.8...v4.7.9

v4.7.8

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.7.7...v4.7.8

v4.7.7

What's Changed

... (truncated)

Commits
  • 53656e1 4.7.11
  • c12956b fix(base): use c.newResponse() for the response of err.getResponse() (#4181)
  • 4eb7979 docs(readme): Added Deepwiki link in README (#4179)
  • 091ecb7 fix(middleware/etag): should return 304 when weak etag is passed in 'If-None...
  • 2590c60 chore: ignore Claude Code local files in gitignore (#4176)
  • 1197688 CI: add type benchmark with typescript-go preview (#4161)
  • 2805d32 ci: skip lib check in type check benchmark (#4162)
  • bb7afac chore(benchmark): add URLSearchParams to the query-params benchmark (#4149)
  • dfacf89 4.7.10
  • 5facfad fix(jwt): use header.alg as fallback in verifyFromJwks (#4144)
  • Additional commits viewable in compare view

Updates next from 14.2.4 to 15.3.3

Release notes

Sourced from next's releases.

v15.3.3

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • Reinstate vary (#79939)
  • fix(next-swc): Fix interestingness detection for React Compiler (#79558)
  • fix(next-swc): Fix react compiler usefulness detector (#79480)
  • fix(dev-overlay): Better handle edge-case file paths in launchEditor (#79526)
  • Client router should discard stale prefetch entries for static pages (#79362)

Credits

Huge thanks to @​gaojude, @​kdy1, @​bgw, and @​unstubbable for helping!

v15.3.2

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • backport: fix(turbopack): Store persistence of wrapped task on RawVc::LocalOutput (#78488) (#78883)
  • @​next/mdx: Use stable turbopack config options (#78880)
  • Fix react-compiler: Fix detection of interest (#78879)
  • Fix turbopack: Backport sourcemap bugfix (#78881)
  • [next-server] preserve rsc query for rsc redirects (#78876)
  • Update middleware public/static matching (#78875)

Credits

Huge thanks to @​ijjk, @​huozhi, @​kdy1, @​wbinnssmith, and @​bgw for helping!

v15.3.1

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

  • chore: Backport SWC-based RC optimization (#78260)
  • fix: bump image-size@1.2.1 (#78164)

Credits

Huge thanks to @​kdy1 and @​styfle for helping!

v15.3.1-canary.15

Core Changes

... (truncated)

Commits
  • 3ab8db7 v15.3.3
  • 18c8113 [backport] Reinstate vary (#79939)
  • e18212f re-enable vary header deploy test (#79753)
  • ec202ec Revert "[next-server] skip setting vary header for basic routes" (#79426)
  • e2f264f fix(next-swc): Fix interestingness detection for React Compiler (15.3) (#79558)
  • 562fac7 fix(next-swc): Fix react compiler usefulness detector (15.3) (#79480)
  • 06097fd fix(dev-overlay): Better handle edge-case file paths in launchEditor (#79526)
  • bda731f Client router should discard stale prefetch entries for static pages (#79362)
  • d9ec4a4 v15.3.2
  • 3def5ff backport: fix(turbopack): Store persistence of wrapped task on RawVc::LocalOu...
  • Additional commits viewable in compare view

Updates next-auth from 5.0.0-beta.19 to 5.0.0-beta.28

Release notes

Sourced from next-auth's releases.

next-auth@5.0.0-beta.28

What's Changed

New Contributors

Full Changelog: https://github.com/nextauthjs/next-auth/compare/next-auth@5.0.0-beta.27...next-auth@5.0.0-beta.28

next-auth@5.0.0-beta.27

What's Changed

Full Changelog: https://github.com/nextauthjs/next-auth/compare/next-auth@5.0.0-beta.26...next-auth@5.0.0-beta.27

next-auth@5.0.0-beta.26

What's Changed

... (truncated)

Commits
  • 24b82d9 chore(release): bump version [skip ci]
  • 2cbbbeb chore(release): bump package version(s) [skip ci]
  • baa15f4 docs: filename in google getting started doc (#12938)
  • faee6af docs: correct typo in signin.mdx (#12939)
  • 9f09e30 fix(qwik): don't build server deps on client (#12723)
  • 4155eee fix(core): AuthError.type should not be internal (#12946)
  • 30797e3 docs: fix typo in Asgardeo provider (#12943)
  • c7409f3 fix(adapter-prisma): import PrismaClientKnownRequestError for edge runtime ...
  • 6a0fa0c chore: update sveltekit example lock file
  • 5664a65 chore: update sveltekit example lock file
  • Additional commits viewable in compare view

Updates drizzle-kit from 0.22.8 to 0.31.1

Release notes

Sourced from drizzle-kit's releases.

drizzle-kit@0.31.1

Fixed drizzle-kit pull bugs when using Gel extensions.

Because Gel extensions create schema names containing :: (for example, ext::auth), Drizzle previously handled these names incorrectly. Starting with this release, you can use Gel extensions without any problems. Here’s what you should do:

  1. Enable extensions schemas in drizzle.config.ts
import  { defineConfig } from "drizzle-kit";
export default defineConfig({
dialect: 'gel',
schemaFilter: ['ext::auth', 'public']
});

  1. Run drizzle-kit pull

  2. Done!

drizzle-kit@0.31.0

Features and improvements

Enum DDL improvements

For situations where you drop an enum value or reorder values in an enum, there is no native way to do this in PostgreSQL. To handle these cases, drizzle-kit used to:

  • Change the column data types from the enum to text
  • Drop the old enum
  • Add the new enum
  • Change the column data types back to the new enum

However, there were a few scenarios that weren’t covered: PostgreSQL wasn’t updating default expressions for columns when their data types changed

Therefore, for cases where you either change a column’s data type from an enum to some other type, drop an enum value, or reorder enum values, we now do the following:

  • Change the column data types from the enum to text
  • Set the default using the ::text expression
  • Drop the old enum
  • Add the new enum
  • Change the column data types back to the new enum
  • Set the default using the :: expression

esbuild version upgrade

For drizzle-kit we upgraded the version to latest (0.25.2), thanks @​paulmarsicloud

Bug fixes

... (truncated)

Commits

Updates @babel/runtime from 7.24.7 to 7.27.4

Release notes

Sourced from @​babel/runtime's releases.

v7.27.4 (2025-05-30)

👓 Spec Compliance

  • babel-parser, babel-plugin-proposal-explicit-resource-management

💅 Polish

🔬 Output optimization

  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3
  • babel-core, babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone

Committers: 4

v7.27.3 (2025-05-27)

🐛 Bug Fix

  • babel-generator
  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3
  • babel-plugin-proposal-explicit-resource-management
  • babel-plugin-proposal-decorators, babel-types
    • #17321 fix(converter): Remove abstract modifiers in class declaration to expression conversion (@​magic-akari)
  • babel-helper-module-transforms, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd
    • #17257 Preserve class id when transforming using declarations with exported class (@​JLHwung)
  • babel-parser
  • babel-generator, babel-parser

Committers: 7

... (truncated)

Changelog

Sourced from @​babel/runtime's changelog.

v7.27.4 (2025-05-30)

👓 Spec Compliance

  • babel-parser, babel-plugin-proposal-explicit-resource-management

💅 Polish

🔬 Output optimization

  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs3
  • babel-core, babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-async-to-generator, babel-plugin-transform-block-scoping, babel-plugin-transform-classes, babel-plugin-transform-destructuring, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime, babel-standalone

v7.27.3 (2025-05-27)

🐛 Bug Fix

  • babel-generator
  • babel-helpers, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-preset-env, babel-runtime-corejs3
  • babel-plugin-proposal-explicit-resource-management
  • babel-plugin-proposal-decorators, babel-types
    • #17321 fix(converter): Remove abstract modifiers in class declaration to expression conversion (@​magic-akari)
  • babel-helper-module-transforms, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-modules-amd, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-umd
    • #17257 Preserve class id when transforming using declarations with exported class (@​JLHwung)
  • babel-parser
  • babel-generator, babel-parser

v7.27.2 (2025-05-06)

🐛 Bug Fix

  • babel-parser
  • babel-plugin-transform-object-rest-spread
  • babel-plugin-transform-modules-commonjs, babel-template

🏃‍♀️ Performance

  • babel-cli

... (truncated)

Commits

Updates nanoid from 3.3.7 to 3.3.11

Release notes

Sourced from nanoid's releases.

3.3.11

  • Fixed React Native support.

3.3.10

3.3.9

  • Reduced npm package size.
Changelog

Sourced from nanoid's changelog.

3.3.11

  • Fixed React Native support.

3.3.10

3.3.9

  • Reduced npm package size.

3.3.8

  • Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Description by Korbit AI

What change is being made?

Update eight dependencies in the package.json file, including major and minor version increments for @auth/core, @auth/drizzle-adapter, hono, next, next-auth, and drizzle-kit.

Why are these changes being made?

These updates address compatibility issues and improve performance by incorporating the latest features and patches from the updated packages, ensuring our application stays up-to-date and stable against potential security vulnerabilities present in older versions.

Is this description stale? Ask me to generate a new description by commenting /korbit-generate-pr-description

@dependabot
Bump the npm_and_yarn group across 1 directory with 8 updates
89bfcbc 
Bumps the npm_and_yarn group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [@auth/core](https://github.com/nextauthjs/next-auth) | `0.34.1` | `0.39.1` |
| [@auth/drizzle-adapter](https://github.com/nextauthjs/next-auth) | `1.4.1` | `1.9.1` |
| [hono](https://github.com/honojs/hono) | `4.4.13` | `4.7.11` |
| [next](https://github.com/vercel/next.js) | `14.2.4` | `15.3.3` |
| [next-auth](https://github.com/nextauthjs/next-auth) | `5.0.0-beta.19` | `5.0.0-beta.28` |
| [drizzle-kit](https://github.com/drizzle-team/drizzle-orm) | `0.22.8` | `0.31.1` |
| [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) | `7.24.7` | `7.27.4` |
| [nanoid](https://github.com/ai/nanoid) | `3.3.7` | `3.3.11` |



Updates `@auth/core` from 0.34.1 to 0.39.1
- [Release notes](https://github.com/nextauthjs/next-auth/releases)
- [Commits](https://github.com/nextauthjs/next-auth/compare/@auth/core@0.34.1...@auth/core@0.39.1)

Updates `@auth/drizzle-adapter` from 1.4.1 to 1.9.1
- [Release notes](https://github.com/nextauthjs/next-auth/releases)
- [Commits](https://github.com/nextauthjs/next-auth/compare/@auth/drizzle-adapter@1.4.1...@auth/drizzle-adapter@1.9.1)

Updates `hono` from 4.4.13 to 4.7.11
- [Release notes](https://github.com/honojs/hono/releases)
- [Commits](honojs/hono@v4.4.13...v4.7.11)

Updates `next` from 14.2.4 to 15.3.3
- [Release notes](https://github.com/vercel/next.js/releases)
- [Changelog](https://github.com/vercel/next.js/blob/canary/release.js)
- [Commits](vercel/next.js@v14.2.4...v15.3.3)

Updates `next-auth` from 5.0.0-beta.19 to 5.0.0-beta.28
- [Release notes](https://github.com/nextauthjs/next-auth/releases)
- [Commits](https://github.com/nextauthjs/next-auth/compare/next-auth@5.0.0-beta.19...next-auth@5.0.0-beta.28)

Updates `drizzle-kit` from 0.22.8 to 0.31.1
- [Release notes](https://github.com/drizzle-team/drizzle-orm/releases)
- [Commits](https://github.com/drizzle-team/drizzle-orm/commits/drizzle-kit@0.31.1)

Updates `@babel/runtime` from 7.24.7 to 7.27.4
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.27.4/packages/babel-runtime)

Updates `nanoid` from 3.3.7 to 3.3.11
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](ai/nanoid@3.3.7...3.3.11)

---
updated-dependencies:
- dependency-name: "@auth/core"
  dependency-version: 0.39.1
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@auth/drizzle-adapter"
  dependency-version: 1.9.1
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: hono
  dependency-version: 4.7.11
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: next
  dependency-version: 15.3.3
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: next-auth
  dependency-version: 5.0.0-beta.28
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: drizzle-kit
  dependency-version: 0.31.1
  dependency-type: direct:development
  dependency-group: npm_and_yarn
- dependency-name: "@babel/runtime"
  dependency-version: 7.27.4
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: nanoid
  dependency-version: 3.3.11
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 3, 2025
@korbit-ai
Copy link

korbit-ai bot commented Jun 3, 2025

By default, I don't review pull requests opened by bots. If you would like me to review this pull request anyway, you can request a review via the /korbit-review command in a comment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant