apps/api(deps-dev): bump the dev-deps group across 1 directory with 10 updates

[dependabot]

Bumps the dev-deps group with 10 updates in the /apps/api directory:

Package	From	To
@tsconfig/recommended	1.0.6	1.0.8
@types/cors	2.8.17	2.8.18
@types/jest	29.5.12	29.5.14
@types/lodash	4.17.14	4.17.16
@types/node	20.14.1	22.15.17
@types/pdf-parse	1.1.4	1.1.5
nodemon	2.0.22	3.1.10
prettier	3.4.2	3.5.3
supertest	6.3.4	7.1.0
ts-jest	29.1.4	29.3.2

Updates @tsconfig/recommended from 1.0.6 to 1.0.8

Commits

• See full diff in compare view

Updates @types/cors from 2.8.17 to 2.8.18

Commits

• See full diff in compare view

Updates @types/jest from 29.5.12 to 29.5.14

Commits

• See full diff in compare view

Updates @types/lodash from 4.17.14 to 4.17.16

Commits

• See full diff in compare view

Updates @types/node from 20.14.1 to 22.15.17

Commits

• See full diff in compare view

Updates @types/pdf-parse from 1.1.4 to 1.1.5

Commits

• See full diff in compare view

Updates nodemon from 2.0.22 to 3.1.10

Release notes

Sourced from nodemon's releases.

v3.1.10

3.1.10 (2025-04-23)

Bug Fixes

• update types and jsdocs (#2232) (297c7c7), closes #2231

v3.1.9

3.1.9 (2024-12-13)

Bug Fixes

• maintain backward support for exitcrash (9c9de6e)

v3.1.8

3.1.8 (2024-12-13)

Bug Fixes

• types updated (cb91187)

v3.1.7

3.1.7 (2024-09-20)

Bug Fixes

• types for export on ESModule (#2211) (9b0606a)

v3.1.6

3.1.6 (2024-09-19)

Bug Fixes

• watch nested paths (11fcaaa), closes #2216

v3.1.5

3.1.5 (2024-09-17)

Bug Fixes

• add missing ignore option to type defintion of config (#2224) (254c2ab)

v3.1.4

3.1.4 (2024-06-20)

... (truncated)

Commits

• 297c7c7 fix: update types and jsdocs (#2232)
• f7661d9 chore: website
• 8fc12e8 Merge branch 'main' of github.com:remy/nodemon
• 8b535a0 chore: fix JQ rendering for site
• 59d5350 chore: website
• 9954aff chore: website
• d147fb6 chore: website
• 53d2dfd chore: website
• 60f1474 chore: website
• af51f77 Merge branch 'main' of github.com:remy/nodemon
• Additional commits viewable in compare view

Updates prettier from 3.4.2 to 3.5.3

Release notes

Sourced from prettier's releases.

3.5.3

🔗 Changelog

3.5.2

🔗 Changelog

3.5.1

🔗 Changelog

3.5.0

diff

🔗 Release note

Changelog

Sourced from prettier's changelog.

3.5.3

diff

Flow: Fix missing parentheses in ConditionalTypeAnnotation (#17196 by @​fisker)

// Input
type T<U> = 'a' | ('b' extends U ? 'c' : empty);
type T<U> = 'a' & ('b' extends U ? 'c' : empty);
// Prettier 3.5.2
type T<U> = "a" | "b" extends U ? "c" : empty;
type T<U> = "a" & "b" extends U ? "c" : empty;
// Prettier 3.5.3
type T<U> = "a" | ("b" extends U ? "c" : empty);
type T<U> = "a" & ("b" extends U ? "c" : empty);

3.5.2

diff

Remove module-sync condition (#17156 by @​fisker)

In Prettier 3.5.0, we added module-sync condition to package.json, so that require("prettier") can use ESM version, but turns out it doesn't work if CommonJS and ESM plugins both imports builtin plugins. To solve this problem, we decide simply remove the module-sync condition, so require("prettier") will still use the CommonJS version, we'll revisit until require(ESM) feature is more stable.

3.5.1

diff

Fix CLI crash when cache for old version exists (#17100 by @​sosukesuzuki)

Prettier 3.5 uses a different cache format than previous versions, Prettier 3.5.0 crashes when reading existing cache file, Prettier 3.5.1 fixed the problem.

Support dockercompose and github-actions-workflow in VSCode (#17101 by @​remcohaszing)

Prettier now supports the dockercompose and github-actions-workflow languages in Visual Studio Code.

3.5.0

diff

🔗 Release Notes

Commits

• 4ff5dc5 Release 3.5.3
• a2e560e Fix missing parentheses in ConditionalTypeAnnotation (#17196)
• fa95c97 Add mergeBlogPost step to release script (#17199)
• b47cd50 Add title to patch release changelog (#17197)
• de30788 Minor fix in release script
• ecee6a0 Clean changelog_unreleased
• fd06512 Bump Prettier dependency to 3.5.2
• 1f74dd5 Update dependents count
• 399f427 Release 3.5.2
• bf5aab8 Revert "Use ESM entrypoint for require(ESM)" (#17156)
• Additional commits viewable in compare view

Updates supertest from 6.3.4 to 7.1.0

Release notes

Sourced from supertest's releases.

v7.1.0

• Merge pull request #852 from alxndrsn/econnreset de045d4
• Merge pull request #845 from ikonst/master be0d5c7
• Merge pull request #854 from alxndrsn/commitlint 35ac86f
• fix(dev): commitlint dev dependency & config e67fcb2
• fix: avoid server re-use race conditions 96c06e3
• test: fix test failure due to localhost being also ipv6 92079a0

ladjs/supertest@v7.0.0...v7.1.0

v7.0.0

• Merge pull request #834 from Bruception/master 225118c
• Fix TestAgent not inheriting Agent properties f290431
• fix: bump deps, drop Node.js v<14.16.0 1e18c20

ladjs/supertest@v6.3.4...v7.0.0

Commits

• 359bc52 7.1.0
• de045d4 Merge pull request #852 from alxndrsn/econnreset
• be0d5c7 Merge pull request #845 from ikonst/master
• 35ac86f Merge pull request #854 from alxndrsn/commitlint
• e67fcb2 fix(dev): commitlint dev dependency & config
• 96c06e3 fix: avoid server re-use race conditions
• 92079a0 test: fix test failure due to localhost being also ipv6
• 2ae1c36 7.0.0
• 225118c Merge pull request #834 from Bruception/master
• f290431 Fix TestAgent not inheriting Agent properties
• Additional commits viewable in compare view

Updates ts-jest from 29.1.4 to 29.3.2

Release notes

Sourced from ts-jest's releases.

v29.3.2

Please refer to CHANGELOG.md for details.

v29.3.1

Please refer to CHANGELOG.md for details.

v29.3.0

Please refer to CHANGELOG.md for details.

v29.2.6

Please refer to CHANGELOG.md for details.

v29.2.5

Please refer to CHANGELOG.md for details.

v29.2.4

Please refer to CHANGELOG.md for details.

v29.2.3

Please refer to CHANGELOG.md for details.

v29.2.2

Please refer to CHANGELOG.md for details.

v29.2.1

Please refer to CHANGELOG.md for details.

v29.2.0

Please refer to CHANGELOG.md for details.

v29.1.5

Please refer to CHANGELOG.md for details.

Changelog

Sourced from ts-jest's changelog.

29.3.2 (2025-04-12)

Bug Fixes

• fix: transpile js files from node_modules whenever Jest asks (968370e), closes #4637

29.3.1 (2025-03-31)

Bug Fixes

• fix: allow isolatedModules mode to have ts.Program under Node16/Next (25157eb)
• fix: improve message for isolatedModules of ts-jest config (547eb6f)

29.3.0 (2025-03-21)

Features

• feat: support hybrid module values for isolatedModules: true (f372121)

Bug Fixes

• fix: set customConditions to undefined in TsCompiler (b091d70), closes #4620

Code Refactoring

• refactor: remove manual version checker (89458fc)
• refactor: remove patching deps based on version checker (bac4c43)
• refactor: deprecate RawCompilerOptions interface (2b1b6cd)
• refactor: deprecate transform option isolatedModules (7dfef71)

DEPRECATIONS

• RawCompilerOptions is deprecated in favor of TsConfigJson.CompilerOptions from type-fest
• isolatedModules transform option is deprecated in favor of https://www.typescriptlang.org/tsconfig/#isolatedModules

29.2.6 (2025-02-22)

... (truncated)

Commits

• e1c6017 chore(release): 29.3.2
• 968370e fix: transpile js files from node_modules whenever Jest asks (#4791)
• ddfd812 build(deps): Update dependency lint-staged to ^15.5.1
• efd5274 build: use faster mode to build/serve doc
• ccd9a0e build: fix npm audit issue for website
• 7e730d3 docs: add Hybrid Node module doc about Node16/NodeNext
• 39a1222 test: add dynamic import code test for transpile-module
• 5a21aca build(deps): Update dependency eslint-config-prettier to ^10.1.2
• e10053f build(deps): Update dependency vite to ^6.2.6
• a83170c build(deps): Update ESLint packages to ^8.29.1
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[entelligence-ai-reviews]

Walkthrough

This pull request updates development and core dependencies for the API application to their latest versions, focusing on modernizing the dependency tree, addressing deprecations, and improving compatibility with newer Node.js versions. The changes are limited to version bumps and lockfile updates, with no modifications to application logic or runtime dependencies. The updates also include the removal of deprecated packages and the addition of new transitive dependencies as required by the upgraded packages.

Changes

File(s)	Summary
apps/api/package.json	Upgraded development dependencies to newer versions (e.g., @tsconfig/recommended, @types/cors, @types/jest, @types/lodash, @types/node, @types/pdf-parse, nodemon, prettier, supertest, ts-jest); no additions or removals of dependencies.
apps/api/pnpm-lock.yaml	Updated lockfile to reflect upgraded dependencies, added new transitive dependencies (e.g., @noble/hashes, @paralleldrive/cuid2, [email protected]), removed deprecated packages (e.g., hexoid, [email protected], [email protected]), and updated dependency trees for improved compatibility.

Sequence Diagram

This diagram shows the interactions between components:

sequenceDiagram
    title API Dependency Update Process
    
    actor Developer
    participant PackageManager as "Package Manager (pnpm)"
    participant package.json
    participant pnpm-lock.yaml
    participant NodeModules as "node_modules"
    participant APIApplication as "API Application"
    participant TestRunner as "Test Runner (Jest)"
    
    Developer->>PackageManager: Update dependencies
    activate PackageManager
    
    PackageManager->>package.json: Update dependency versions
    Note over package.json: Update dev dependencies:<br/>@tsconfig/recommended: 1.0.3 → 1.0.8<br/>@types/cors: 2.8.13 → 2.8.18<br/>@types/jest: 29.5.12 → 29.5.14<br/>@types/lodash: 4.17.14 → 4.17.17<br/>@types/node: 20.14.1 → 22.15.21<br/>@types/pdf-parse: 1.1.4 → 1.1.5<br/>nodemon: 2.0.20 → 3.1.10<br/>prettier: 3.4.2 → 3.5.3<br/>supertest: 6.3.3 → 7.1.1<br/>ts-jest: 29.1.1 → 29.3.4
    
    PackageManager->>pnpm-lock.yaml: Update lock file
    Note over pnpm-lock.yaml: Regenerate with updated dependency tree<br/>and transitive dependencies
    
    PackageManager->>NodeModules: Install updated packages
    deactivate PackageManager
    
    Developer->>TestRunner: Run tests to verify compatibility
    activate TestRunner
    TestRunner->>APIApplication: Execute test suite
    APIApplication-->>TestRunner: Return test results
    TestRunner-->>Developer: Report test status
    deactivate TestRunner
    
    alt Tests pass
        Developer->>Developer: Commit changes
        Developer->>Developer: Create PR
    else Tests fail
        Developer->>package.json: Revert problematic dependencies
        Developer->>PackageManager: Reinstall with compatible versions
        Note over Developer: Investigate compatibility issues
    end
    
    Note over APIApplication: Major version changes:<br/>- nodemon: v2 → v3<br/>- @types/node: v20 → v22<br/>- supertest: v6 → v7

Loading

▶️ ⚡ AI Code Reviews for VS Code, Cursor, Windsurf
Install the extension

Note for Windsurf

Please change the default marketplace provider to the following in the windsurf settings:

Marketplace Extension Gallery Service URL: https://marketplace.visualstudio.com/_apis/public/gallery

Marketplace Gallery Item URL: https://marketplace.visualstudio.com/items

Entelligence.ai can learn from your feedback. Simply add 👍 / 👎 emojis to teach it your preferences. More shortcuts below

Emoji Descriptions:

• ⚠️ Potential Issue - May require further investigation.
• 🔒 Security Vulnerability - Fix to ensure system safety.
• 💻 Code Improvement - Suggestions to enhance code quality.
• 🔨 Refactor Suggestion - Recommendations for restructuring code.
• ℹ️ Others - General comments and information.

Interact with the Bot:

• Send a message or request using the format:
  @entelligenceai + *your message*

Example: @entelligenceai Can you suggest improvements for this code?

• Help the Bot learn by providing feedback on its responses.
  @entelligenceai + *feedback*

Example: @entelligenceai Do not comment on `save_auth` function !

Also you can trigger various commands with the bot by doing
@entelligenceai command

The current supported commands are

1. config - shows the current config
2. retrigger_review - retriggers the review

More commands to be added soon.