fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@hookform/devtools (source)	4.3.2 -> 4.3.3
@prisma/client (source)	6.0.1 -> 6.1.0
@tanstack/react-query (source)	5.62.7 -> 5.62.8
@tanstack/react-query-devtools (source)	5.62.7 -> 5.62.8
@types/react (source)	19.0.1 -> 19.0.2
consola	3.2.3 -> 3.3.0
jotai	2.10.3 -> 2.10.4
lucide-react (source)	0.468.0 -> 0.469.0
msw (source)	2.6.8 -> 2.7.0
next (source)	15.1.0 -> 15.1.2
prisma (source)	6.0.1 -> 6.1.0
react-hook-form (source)	7.54.1 -> 7.54.2
tailwindcss (source)	3.4.16 -> 3.4.17
vite (source)	6.0.3 -> 6.0.5

---

Release Notes

react-hook-form/devtools (@​hookform/devtools)

v4.3.3

Compare Source

prisma/prisma (@​prisma/client)

v6.1.0

Compare Source

Today we're releasing Prisma ORM version 6.1.0

In this version our tracing Preview feature is being graduated to GA!

Highlights

Tracing goes GA

The tracing Preview feature is now stable. You now no longer have to include tracing in your set of enabled preview features.

generator client {
   provider        = "prisma-client-js"
-  previewFeatures = ["tracing"]
}

We have also changed some of the spans generated by Prisma Client. Previously, a trace would report the following spans:

prisma:client:operation
prisma:client:serialize
prisma:engine
prisma:engine:connection
prisma:engine:db_query
prisma:engine:serialize

Now, the following are reported:

prisma:client:operation
prisma:client:serialize
prisma:engine:query
prisma:engine:connection
prisma:engine:db_query
prisma:engine:serialize
prisma:engine:response_json_serialization

Additionally, we have made a few changes to our dependencies:

• @opentelemetry/api is now a peer dependency instead of a regular dependency
• registerInstrumentations in @opentelemetry/instrumentation is now re-exported by @prisma/instrumentation

After upgrading to Prisma ORM 6.1.0 you will need to add @opentelemetry/api to your dependencies if you haven't already:

npm install @​opentelemetry/api

You will also no longer need to have @opentelemetry/instrumentation if you only use registerInstrumentations. In this case you can import registerInstrumentations from @prisma/instrumentation

- import { PrismaInstrumentation } from '@​prisma/instrumentation'
+ import { PrismaInstrumentation, registerInstrumentations } from '@​prisma/instrumentation'

Bug fixes

Tracing related

As we're moving our tracing preview to GA, a number of issues have been resolved. Here are a few highlights:

• Tests for tracing expanded and improved
• Issues with Elastic APM addressed
• Issues with Datadog tracer addressed
• Prisma Client now respects suppressTracing

Other issues

We also have a number of other issues that were resolved outside of our tracing feature.

• Resolved type issues with the PrismaNeonHTTP adapter
• findUnique returns null when used instead of Promise.all
• Resolved an issue with the latest version of Alpine Linux

Fixes and improvements

Prisma

• Tracing: Detailed report and profiling informations
• Prisma Client Request Tracing Integration
• Instrumentation error in production: TypeError: parentTracer.getSpanLimits is not a function
• Prisma is using the internal Span constructor
• Prisma Client doesn't put all OTEL trace spans under one parent span
• Prisma trace has unaccounted time
• prisma:engine spans do not respect suppressTracing()
• tracing: engine spans don't pass through Sampler
• Add tests for tracing and different ways to open the first connection (including internal spans)
• Tracing: Long trailing delay in prisma:client:operation
• prisma:engine spans are missing when there are multiple new PrismaClient() invocations
• parentTracer.getSpanLimits is not a function
• Support tracers not derived from opentelemetry-sdk-trace-base (e.g. Datadog tracer)
• traceparent comments with multiple SQL statements
• Make @prisma/instrumentation dependencies peer dependencies
• Make sure db.statement attribute doesn't include the traceparent comment
• [Instrumentation] registerInstrumentations uses the global provider instead of the one passed in
• Instrumentation: Problems in working with Elastic APM
• PrismaNeonHTTP adapter breaks on some types e.g. timestamp
• Promise.all() returns null with findUnique()
• Alpine Linux 3.21: Prisma failed to detect the libssl/openssl version to use

Prisma Client

• Tracing operation duration bug under stress test
• @prisma/instrumentation Type Error: 'InstrumentionNodeModuleDefintion' is not generic

TanStack/query (@​tanstack/react-query)

v5.62.8

Compare Source

TanStack/query (@​tanstack/react-query-devtools)

v5.62.8

Compare Source

unjs/consola (consola)

v3.3.0

Compare Source

compare changes

🚀 Enhancements

• utils: formatTree utility (#​223)
• Export prompt option types (#​301)
• Support report error cause (#​308)
• prompt: Configurable cancel strategy (#​325)
• formatTree: Support max depth (#​267)

🩹 Fixes

• Use initial in select and multiselect prompts (#​232)
• Make box title color same as border (#​236)

📖 Documentation

• Update screenshot (205d9c8)
• Add vitest (#​182)
• Add note about raw method (#​271)
• Add jsdocs for utils functions (#​286)
• Add jsdocs for top-level functions (#​288)

📦 Build

• Fix subpath types (#​265)
• Add require condition for browser builds (#​243)

🌊 Types

• Fix prompt with select type return value type (#​238)

🏡 Chore

• Update dependencies (68b36c7)
• Update dependencies (dff1ef8)
• Update eslint to v9 (238d677)
• Lint (985a786)
• Update pnpm to v9 (61adfbe)
• Update ci scripts (9545b65)
• Apply automated updates (df0e555)
• Update dependencies (e851525)
• Fix lint issues (8238844)
• Update deps (093d966)
• Lint (64cd547)
• Update clack/core (e2aa5c9)

🎨 Styles

• Format repo (899173f)

🤖 CI

• Use conventional commit for autofix (#​217)

❤️ Contributors

• Guo (@​Plumbiu)
• Pooya Parsa (@​pi0)
• Kongmoumou (@​kongmoumou)
• Max (@​onmax)
• Michel EDIGHOFFER [email protected]
• Sébastien Chopin (@​atinux)
• Estéban <e.soubiran25@​gmail.com>
• Nozomu Ikuta (@​nozomuikuta)
• Maxim Molochkov (@​klaseca)
• Xjccc (@​xjccc)
• Gangan (@​shinGangan)
• Daniel Roe (@​danielroe)

pmndrs/jotai (jotai)

v2.10.4

Compare Source

A minor improvement for some edge cases. (For more information, see #​2789.)

What's Changed

• fix(store): do not recompute unmounted atoms eagerly by @​dai-shi in https://github.com/pmndrs/jotai/pull/2849

New Contributors

• @​rmillio made their first contribution in https://github.com/pmndrs/jotai/pull/2832
• @​sukvvon made their first contribution in https://github.com/pmndrs/jotai/pull/2851

Full Changelog: pmndrs/jotai@v2.10.3...v2.10.4

lucide-icons/lucide (lucide-react)

v0.469.0: New icons 0.469.0

Compare Source

Modified Icons 🔨

• snowflake (#​2610) by @​karsa-mistmere
• sun-snow (#​2610) by @​karsa-mistmere
• thermometer-snowflake (#​2610) by @​karsa-mistmere

mswjs/msw (msw)

v2.7.0

Compare Source

v2.7.0 (2024-12-17)

Features

• use picocolors instead of chalk (#​2377) (85bdd82) @​Namchee @​kettanaito

v2.6.9

Compare Source

v2.6.9 (2024-12-16)

Bug Fixes

• support SharedArrayBuffer in HttpResponse.arrayBuffer (#​2389) (41f00e1) @​danilofuchs @​kettanaito

vercel/next.js (next)

v15.1.2

Compare Source

v15.1.1

Compare Source

react-hook-form/react-hook-form (react-hook-form)

v7.54.2

Compare Source

tailwindlabs/tailwindcss (tailwindcss)

v3.4.17

Compare Source

vitejs/vite (vite)

v6.0.5

Compare Source

• fix: esbuild regression (pin to 0.24.0) (#​19027) (4359e0d), closes #​19027

v6.0.4

Compare Source

• fix: this.resolve skipSelf should not skip for different id or import (#​18903) (4727320), closes #​18903
• fix: fallback terser to main thread when function options are used (#​18987) (12b612d), closes #​18987
• fix: merge client and ssr values for pluginContainer.getModuleInfo (#​18895) (258cdd6), closes #​18895
• fix(css): escape double quotes in url() when lightningcss is used (#​18997) (3734f80), closes #​18997
• fix(css): root relative import in sass modern API on Windows (#​18945) (c4b532c), closes #​18945
• fix(css): skip non css in custom sass importer (#​18970) (21680bd), closes #​18970
• fix(deps): update all non-major dependencies (#​18967) (d88d000), closes #​18967
• fix(deps): update all non-major dependencies (#​18996) (2b4f115), closes #​18996
• fix(optimizer): keep NODE_ENV as-is when keepProcessEnv is true (#​18899) (8a6bb4e), closes #​18899
• fix(ssr): recreate ssrCompatModuleRunner on restart (#​18973) (7d6dd5d), closes #​18973
• chore: better validation error message for dts build (#​18948) (63b82f1), closes #​18948
• chore(deps): update all non-major dependencies (#​18916) (ef7a6a3), closes #​18916
• chore(deps): update dependency @​rollup/plugin-node-resolve to v16 (#​18968) (62fad6d), closes #​18968
• refactor: make internal invoke event to use the same interface with handleInvoke (#​18902) (27f691b), closes #​18902
• refactor: simplify manifest plugin code (#​18890) (1bfe21b), closes #​18890
• test: test ModuleRunnerTransport invoke API (#​18865) (e5f5301), closes #​18865
• test: test output hash changes (#​18898) (bfbb130), closes #​18898

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
next-app-starter	❌ Failed (Inspect)			Dec 20, 2024 11:00pm

[codesandbox]

Review or Edit in CodeSandbox

Open the branch in Web Editor • VS Code • Insiders

Open Preview

[changeset-bot]

⚠️ No Changeset found

Latest commit: c638b19

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@hookform/[email protected]	environment Transitive: filesystem, unsafe	+69	13.9 MB	bluebill1049
npm/@prisma/[email protected]	environment, filesystem, shell	0	8.57 MB	prismabot
npm/@tanstack/[email protected]	environment	+1	2.56 MB	tannerlinsley
npm/@tanstack/[email protected]	None	+1	2.56 MB	nksaraf, tannerlinsley
npm/@types/[email protected]	None	+1	2.04 MB	types
npm/[email protected]	None	0	320 kB	atinux, clarkdo, pi0
npm/[email protected]	None	0	439 kB	daishi
npm/[email protected]	None	0	28.6 MB	ericfennis
npm/[email protected]	environment, filesystem, shell	+49	12.6 MB	kettanaito
npm/[email protected]	environment, filesystem, network, shell, unsafe Transitive: eval	+48	1.46 GB	vercel-release-bot
npm/[email protected]	environment	+6	12.7 MB	prismabot
npm/[email protected]	None	0	916 kB	bluebill1049
npm/[email protected]	environment, filesystem	+27	8.82 MB	adamwathan, malfaitrobin, reinink
npm/[email protected]	Transitive: environment, eval, filesystem, shell	+33	235 MB	antfu, patak, soda, ...2 more

🚮 Removed packages: npm/@hookform/[email protected], npm/@prisma/[email protected], npm/@tanstack/[email protected], npm/@tanstack/[email protected], npm/@types/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

[vercel]

Deployment failed with the following error:

Resource is limited - try again in 2 hours (more than 100, code: "api-deployments-free-per-day").