Bump the minor group across 1 directory with 10 updates

[dependabot]

Bumps the minor group with 10 updates in the / directory:

Package	From	To
@ministryofjustice/frontend	2.1.3	2.2.0
@ministryofjustice/hmpps-audit-client	1.0.21	1.1.1
@sentry/cli	2.33.0	2.33.1
@sentry/node	8.20.0	8.24.0
luxon	3.4.4	3.5.0
redis	4.6.15	4.7.0
cypress	13.13.1	13.13.2
husky	9.1.1	9.1.4
lint-staged	15.2.7	15.2.8
ts-jest	29.2.3	29.2.4

Updates @ministryofjustice/frontend from 2.1.3 to 2.2.0

Release notes

Sourced from @​ministryofjustice/frontend's releases.

v2.2.0

2.2.0 (2024-07-31)

You can find out how to stay up-to-date with new releases.

New feature: use the date picker component to help users select dates

The date picker component enables users to:

• select a date from the calendar view
• also enter a date using a text input
• identify available dates

Changelog

Sourced from @​ministryofjustice/frontend's changelog.

2.2.0 (2024-07-31)

Features

• date picker: add date picker component (#601) (0f52877)

Commits

• 674898e chore(release): 2.2.0 [skip ci]
• 0f52877 feat(date picker): add date picker component (#601)
• 51053d4 docs(documentation update): updating content within Ethics guidance (#604)
• 07ab9af build(dev workflow improvements) (#602)
• 39f2e32 docs(documentation removal): deleting inactive pages (#598)
• 68f0cd7 docs(removing inactive pages): removing community pages that are inactive (#593)
• See full diff in compare view

Updates @ministryofjustice/hmpps-audit-client from 1.0.21 to 1.0.23

Updates @sentry/cli from 2.33.0 to 2.33.1

Release notes

Sourced from @​sentry/cli's releases.

2.33.1

Security fix

This release contains a fix for a bug where auth tokens would, under the following circumstances, be logged to stdout:

• The auth token was passed as a command line argument to Sentry CLI (via --auth-token)
• The log level was set to info or debug
  • The default log level is warn, so users using the default log level were unaffected by this bug

We now redact the --auth-token argument and anything else that looks like it might be an auth token when logging the arguments that the Sentry CLI was called with (see #2115 and #2118 for details).

Other fixes & improvements

• ref(token): Use secrecy crate to store auth token (#2116) by @​szokeasaurusrex
• fix: Improve "project not found" message (#2112) by @​szokeasaurusrex
• fix: Improve "release not found" message (#2112) by @​szokeasaurusrex
• Fall back to co-location heuristic if sourcemap url appears remote (#1871) by @​brettdh
• fix(sourcebundle): Skip non-UTF8 files (#2109) by @​loewenheim

Changelog

Sourced from @​sentry/cli's changelog.

2.33.1

Security fix

This release contains a fix for a bug where auth tokens would, under the following circumstances, be logged to stdout:

• The auth token was passed as a command line argument to Sentry CLI (via --auth-token)
• The log level was set to info or debug
  • The default log level is warn, so users using the default log level were unaffected by this bug

We now redact the --auth-token argument and anything else that looks like it might be an auth token when logging the arguments that the Sentry CLI was called with (see #2115 and #2118 for details).

Other fixes & improvements

• ref(token): Use secrecy crate to store auth token (#2116) by @​szokeasaurusrex
• fix: Improve "project not found" message (#2112) by @​szokeasaurusrex
• fix: Improve "release not found" message (#2112) by @​szokeasaurusrex
• Fall back to co-location heuristic if sourcemap url appears remote (#1871) by @​brettdh
• fix(sourcebundle): Skip non-UTF8 files (#2109) by @​loewenheim

Commits

• 5aaf7c1 Update CHANGELOG.md
• eac9527 release: 2.33.1
• acb5700 meta: Revert upload-artifact bump (#2110) (#2119)
• 5c1ac1f fix: Improve token redaction in CLI arg logging
• 8b89630 ref(token): Use secrecy crate to store auth token (#2116)
• 3d05326 test(tokens): Add test to ensure tokens redacted
• 2665d8a fix: Redact auth tokens when logging CLI args
• 61a3294 test: Delete apparently-unnecessary test
• 8ce98a0 ref(token): Separate validation warning from parsing
• 8343763 fix: Improve "project not found" message (#2112)
• Additional commits viewable in compare view

Updates @sentry/node from 8.20.0 to 8.24.0

Release notes

Sourced from @​sentry/node's releases.

8.24.0

• feat(nestjs): Filter RPC exceptions (#13227)
• fix: Guard getReader function for other fetch implementations (#13246)
• fix(feedback): Ensure feedback can be lazy loaded in CDN bundles (#13241)

8.23.0

Important Changes

• feat(cloudflare): Add Cloudflare D1 instrumentation (#13142)

This release includes support for Cloudflare D1, Cloudflare's serverless SQL database. To instrument your Cloudflare D1 database, use the instrumentD1WithSentry method as follows:

// env.DB is the D1 DB binding configured in your `wrangler.toml`
const db = instrumentD1WithSentry(env.DB);
// Now you can use the database as usual
await db.prepare('SELECT * FROM table WHERE id = ?').bind(1).run();

Other Changes

• feat(cloudflare): Allow users to pass handler to sentryPagesPlugin (#13192)
• feat(cloudflare): Instrument scheduled handler (#13114)
• feat(core): Add getTraceData function (#13134)
• feat(nestjs): Automatic instrumentation of nestjs interceptors before route execution (#13153)
• feat(nestjs): Automatic instrumentation of nestjs pipes (#13137)
• feat(nuxt): Filter out Nuxt build assets (#13148)
• feat(profiling): Attach sdk info to chunks (#13145)
• feat(solidstart): Add sentry onBeforeResponse middleware to enable distributed tracing (#13221)
• feat(solidstart): Filter out low quality transactions for build assets (#13222)
• fix(browser): Avoid showing browser extension error message in non-window global scopes (#13156)
• fix(feedback): Call dialog.close() in dialog close callbacks in \_loadAndRenderDialog (#13203)
• fix(nestjs): Inline Observable type to resolve missing 'rxjs' dependency (#13166)
• fix(nuxt): Detect pageload by adding flag in Vue router (#13171)
• fix(utils): Handle when requests get aborted in fetch instrumentation (#13202)
• ref(browser): Improve browserMetrics collection (#13062)

Work in this release was contributed by @​horochx. Thank you for your contribution!

8.22.0

Important Changes

• feat(cloudflare): Add plugin for cloudflare pages (#13123)

This release adds support for Cloudflare Pages to @sentry/cloudflare, our SDK for the Cloudflare Workers JavaScript Runtime! For details on how to use it, please see the README. Any feedback/bug reports are greatly appreciated, please reach out on GitHub.

... (truncated)

Changelog

Sourced from @​sentry/node's changelog.

8.24.0

• feat(nestjs): Filter RPC exceptions (#13227)
• fix: Guard getReader function for other fetch implementations (#13246)
• fix(feedback): Ensure feedback can be lazy loaded in CDN bundles (#13241)

8.23.0

Important Changes

• feat(cloudflare): Add Cloudflare D1 instrumentation (#13142)

This release includes support for Cloudflare D1, Cloudflare's serverless SQL database. To instrument your Cloudflare D1 database, use the instrumentD1WithSentry method as follows:

// env.DB is the D1 DB binding configured in your `wrangler.toml`
const db = instrumentD1WithSentry(env.DB);
// Now you can use the database as usual
await db.prepare('SELECT * FROM table WHERE id = ?').bind(1).run();

Other Changes

• feat(cloudflare): Allow users to pass handler to sentryPagesPlugin (#13192)
• feat(cloudflare): Instrument scheduled handler (#13114)
• feat(core): Add getTraceData function (#13134)
• feat(nestjs): Automatic instrumentation of nestjs interceptors before route execution (#13153)
• feat(nestjs): Automatic instrumentation of nestjs pipes (#13137)
• feat(nuxt): Filter out Nuxt build assets (#13148)
• feat(profiling): Attach sdk info to chunks (#13145)
• feat(solidstart): Add sentry onBeforeResponse middleware to enable distributed tracing (#13221)
• feat(solidstart): Filter out low quality transactions for build assets (#13222)
• fix(browser): Avoid showing browser extension error message in non-window global scopes (#13156)
• fix(feedback): Call dialog.close() in dialog close callbacks in \_loadAndRenderDialog (#13203)
• fix(nestjs): Inline Observable type to resolve missing 'rxjs' dependency (#13166)
• fix(nuxt): Detect pageload by adding flag in Vue router (#13171)
• fix(utils): Handle when requests get aborted in fetch instrumentation (#13202)
• ref(browser): Improve browserMetrics collection (#13062)

Work in this release was contributed by @​horochx. Thank you for your contribution!

8.22.0

Important Changes

• feat(cloudflare): Add plugin for cloudflare pages (#13123)

This release adds support for Cloudflare Pages to @sentry/cloudflare, our SDK for the Cloudflare Workers JavaScript Runtime! For details on how to use it,

... (truncated)

Commits

• 7730bef release: 8.24.0
• d73daeb Merge pull request #13249 from getsentry/prepare-release/8.24.0
• 7c7e2e2 meta: Update changelog for 8.24.0
• 7fc479f ref(core): Reduce hasTracingEnabled size (#13232)
• ddff302 fix: Guard getReader function for other fetch implementations (#13246)
• d125ff2 build(deps): bump nuxt from 3.11.2 to 3.12.4 in /dev-packages/e2e-tests/test-...
• c8054cc tests(e2e): Remove await timeout in nest e2e tests (#13243)
• 22905fe fix(feedback): Ensure feedback can be lazy loaded in CDN bundles (#13241)
• ea20c21 test(e2e): Fix event buffering (#13233)
• 420aaf8 test(nuxt): Unit tests for event filter (#13229)
• Additional commits viewable in compare view

Updates luxon from 3.4.4 to 3.5.0

Changelog

Sourced from luxon's changelog.

3.5.0 (2024-08-03)

• Various performance improvements
• throwOnInvalid causes the constructor to throw if the year is invalid

Commits

• a4044fe bump to 3.5.0
• cea7b5f Documented weekSettings opt in DateTime (#1640)
• 2008075 Fixed duplicate word in comment in datetime.js (#1623)
• cafc4ee Perf: Cache ts offset guesses for quickDT (#1579)
• 73c4438 fix cutoff year docs
• 895a749 Added some JS doc for time zones (#1499)
• 080e813 Alias DateTime in documentation site (#1546)
• 55bdb08 add DATETIME_MED_WITH_WEEKDAY to formatting.md (#1554)
• 1616114 format
• 5763215 Update interval.js doc per #742 (#1565)
• Additional commits viewable in compare view

Updates redis from 4.6.15 to 4.7.0

Release notes

Sourced from redis's releases.

[email protected]

Enhancements

• Upgrade @redis/client from 1.5.16 to 1.6.0
• Upgrade @redis/json from 1.0.6 to 1.0.7
• Upgrade @redis/search from 1.1.6 to 1.2.0
• Upgrade @redis/time-series from 1.0.5 to 1.1.0

Commits

• 2fc79bd Release [email protected]
• 878fb69 upgrade deps
• b493afa Release [email protected]
• 268ceda Release [email protected]
• fff7b00 Release [email protected]
• 18ccc28 fix hash expiration tests
• 49ef273 Update tests.yml
• 3973fa2 Release [email protected]
• 840ec57 small refactor per discussion with leibele (#2801)
• 179b9e0 fix: json.mget should be readonly (#2807) (#2808)
• Additional commits viewable in compare view

Updates cypress from 13.13.1 to 13.13.2

Release notes

Sourced from cypress's releases.

v13.13.2

Changelog: https://docs.cypress.io/guides/references/changelog#13-13-2

Commits

• e9026dd chore: bump circle cache (#29941)
• dddd2d5 perf: remove listener to fix log memory leak (#29939)
• f4052f1 dependency: update dependency chrome-remote-interface to v0.33.2 (#29932)
• 40de87d chore: release @​cypress/webpack-batteries-included-preprocessor-v3.0.4
• 42b3f6e chore: release 13.13.2 (#29937)
• dc0c237 chore: Update v8 snapshot cache (#29933)
• 0d5065a dependency: update dependency strip-ansi to v6.0.1 (#29931)
• 3540a01 chore: Update v8 snapshot cache (#29929)
• f7148b9 chore: Update v8 snapshot cache (#29928)
• 8260150 perf: optimize parseCspHeaders (#29887)
• Additional commits viewable in compare view

Updates husky from 9.1.1 to 9.1.4

Release notes

Sourced from husky's releases.

v9.1.4

• Improve deprecation notice

v9.1.3

• fix: better handle space in PATH

v9.1.2

Show a message instead of automatically removing deprecated code.

This only concerns projects that still have the following code in their hooks:

- #!/usr/bin/env sh # <- This is deprecated, remove it
- . "$(dirname -- "$0")/_/husky.sh"  # <- This is deprecated, remove it
Rest of your hook code

Hooks with these lines will fail in v10.0.0

Commits

• fc549e0 9.1.4
• 9891ace clarify deprecation message
• 712cb00 9.1.3
• 7d29633 fix: better handle spaces in PATH
• 35fba84 9.1.2
• 2060317 show message instead of automatically remove deprecated code
• f6cc410 Update troubleshoot.md
• 0c71e73 update package-lock.json
• See full diff in compare view

Updates lint-staged from 15.2.7 to 15.2.8

Release notes

Sourced from lint-staged's releases.

v15.2.8

Patch Changes

• f0480f0 Thanks @​iiroj! - In the previous version the native git rev-parse --show-toplevel command was taken into use for resolving the current git repo root. This version switched the --show-toplevel flag with --show-cdup, because on Git installed via MSYS2 the former was returning absolute paths that do not work with Node.js child_process. The new flag returns a path relative to the working directory, avoiding the issue.

  The GitHub Actions workflow has been updated to install Git via MSYS2, to ensure better future compatibility; using the default Git binary in the GitHub Actions runner was working correctly even with MSYS2.

Changelog

Sourced from lint-staged's changelog.

15.2.8

Patch Changes

• f0480f0 Thanks @​iiroj! - In the previous version the native git rev-parse --show-toplevel command was taken into use for resolving the current git repo root. This version switched the --show-toplevel flag with --show-cdup, because on Git installed via MSYS2 the former was returning absolute paths that do not work with Node.js child_process. The new flag returns a path relative to the working directory, avoiding the issue.

  The GitHub Actions workflow has been updated to install Git via MSYS2, to ensure better future compatibility; using the default Git binary in the GitHub Actions runner was working correctly even with MSYS2.

Commits

• 52f6eef chore(changeset): release (#1462)
• 8d8fe23 build: update repository url in package.json
• f0480f0 Revert "chore(changeset): release (#1461)"
• 1da81c0 chore(changeset): release (#1461)
• cc04e08 ci: add required permission for provenance generation
• fa2dac8 Revert "chore(changeset): release (#1455)"
• 8325985 chore(changeset): release (#1455)
• 92f295f build(deps): update dependencies (#1460)
• 5293c09 build: generate provenance statements for npm package (#1459)
• f184fff Merge pull request #1454 from Falcion/master
• Additional commits viewable in compare view

Updates ts-jest from 29.2.3 to 29.2.4

Release notes

Sourced from ts-jest's releases.

v29.2.4

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.2.4 (2024-08-01)

Bug Fixes

• fix: revert support implementation for Node16/NodeNext (70b9530), closes #4468 #4473

Commits

• 0977789 chore(release): 29.2.4
• 70b9530 fix: revert support implementation for Node16/NodeNext
• 86398c7 build(deps): Update dependency @​babel/preset-env to ^7.25.3
• 2b07e2b build(deps): Update dependency eslint-plugin-jsdoc to ^48.10.2
• 5cc1333 build(deps): Update babel monorepo to ^7.25.2
• 46fa736 build(deps): Update ESLint packages to ^7.18.0
• e1aad14 build(deps): Update dependency eslint-plugin-jsdoc to ^48.9.2
• 19473a2 build(deps): Update dependency eslint-plugin-jsdoc to ^48.9.1
• a40a791 build(deps): Update dependency eslint-plugin-jsdoc to ^48.9.0
• 6d8063a test: refactor example apps to be in one project
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
@ministryofjustice/hmpps-audit-client	[>= 1.0.22.a, < 1.0.23]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[marcus-bcl]

@dependabot recreate

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud