deps: Bump eslint-config-turbo from 1.12.4 to 1.12.5

[dependabot]

Bumps eslint-config-turbo from 1.12.4 to 1.12.5.

Release notes

Sourced from eslint-config-turbo's releases.

Turborepo v1.12.5

What's Changed

Docs

• Name the file in Prisma doc. by @​anthonyshew in vercel/turbo#7426
• chore(docs): update github actions versions to support node 20 by @​robinsmith-source in vercel/turbo#7434
• chore: update docs to no longer suggest verbosity for --profile by @​chris-olszewski in vercel/turbo#7521
• Add version to package in internal packages docs for yarn by @​loctn in vercel/turbo#7626

create-turbo

• release(turborepo): 1.12.4 by @​github-actions in vercel/turbo#7383

@​turbo/repository

• chore(Turborepo): bump versions in prep for a release by @​gsoltis in vercel/turbo#7385
• refactor(turborepo): Package Detection by @​NicholasLYang in vercel/turbo#7549
• feat(@​turbo/repository): return dependencies in graph by @​mehulkar in vercel/turbo#7616
• chore(@​turbo/repository): bump version to 0.0.1-canary.8 by @​mehulkar in vercel/turbo#7636

Examples

• fix(examples): basic generator by @​dangbt in vercel/turbo#7400
• Remove barrel file from design-system-example by @​anthonyshew in vercel/turbo#7580
• Dependabot updates for examples. by @​anthonyshew in vercel/turbo#7615
• Bug fix on with-npm by @​zsh77 in vercel/turbo#7587
• dev script of ui package in example with rollup by @​zsh77 in vercel/turbo#7550
• Cleanup of with-vite example by @​zsh77 in vercel/turbo#7585
• Cleanup of with-yarn example by @​zsh77 in vercel/turbo#7589
• Guarantee typescript-eslint parser resolving. by @​anthonyshew in vercel/turbo#7634

Changelog

• perf: parse and walk globs in parallel by @​chris-olszewski in vercel/turbo#7244
• fix: do better validation for existing tokens by @​Zertsov in vercel/turbo#7358
• chore(ci): remove Makefile targets to build Go binaries by @​mehulkar in vercel/turbo#7389
• add error enum to turborepo-dirs by @​Zertsov in vercel/turbo#7277
• fix: Clippy errors by @​Zertsov in vercel/turbo#7392
• docs: Refresh daemon documentation by @​NicholasLYang in vercel/turbo#7386
• Break up Client trait by @​Zertsov in vercel/turbo#7387
• chore(turbo): delete unused goreleaser configs by @​mehulkar in vercel/turbo#7393
• Improve daemon startup times by @​arlyon in vercel/turbo#7322
• fix: reading output from orphan process by @​chris-olszewski in vercel/turbo#7402
• Add optionalwatch cookie support by @​arlyon in vercel/turbo#7379
• chore: add force flag to login command by @​Zertsov in vercel/turbo#7378
• Audit daemon error paths and ensure we are doing everything we can to handle by @​arlyon in vercel/turbo#7334
• chore: lower log level for noisy crates by @​chris-olszewski in vercel/turbo#7439
• chore: Rename daemon code by @​NicholasLYang in vercel/turbo#7440
• fix: support yarn4 semver resolutions by @​chris-olszewski in vercel/turbo#7442
• fix: More robust token validation by @​Zertsov in vercel/turbo#7407
• chore: Change daemon log location to be in repo by @​NicholasLYang in vercel/turbo#7468
• chore: remove unnecessary result on join_unix_path by @​chris-olszewski in vercel/turbo#7506
• chore: remove unused features from config crate by @​chris-olszewski in vercel/turbo#7531
• feat: task table widget by @​chris-olszewski in vercel/turbo#7470
• fix: Remove extra login popup for Vercel by @​Zertsov in vercel/turbo#7469
• feat(turborepo): Convert even more errors by @​NicholasLYang in vercel/turbo#7513
• fix: correctly call teams api by @​chris-olszewski in vercel/turbo#7533

... (truncated)

Commits

• d2a96db publish 1.12.5 to registry
• de5ebd7 release(turborepo): 1.12.5-canary.2 (#7635)
• fb038a7 release(turborepo): 1.12.5-canary.1 (#7631)
• 262fd4b release(turborepo): 1.12.5-canary.0 (#7449)
• e55f011 release(turborepo): 1.12.4 (#7383)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[trunk-io]

😎 Merged successfully - details.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@types/node@20.10.4	None	0	3.93 MB	types
npm/next@13.5.6	environment, filesystem, network, shell, unsafe	+11	1.11 GB	vercel-release-bot
npm/nextjs-14-app-dir-validate-email@0.1.0	None	0	0 B
npm/tailwindcss@3.4.1	environment, filesystem Transitive: network, shell, unsafe	+112	16.1 MB	adamwathan
npm/typescript@5.3.3	None	0	32 MB	typescript-bot

🚮 Removed packages: npm/@arcjet/analyze@1.0.0-alpha.9, npm/@arcjet/duration@1.0.0-alpha.9, npm/@arcjet/eslint-config@1.0.0-alpha.9, npm/@arcjet/ip@1.0.0-alpha.9, npm/@arcjet/logger@1.0.0-alpha.9, npm/@arcjet/next@1.0.0-alpha.9, npm/@arcjet/protocol@1.0.0-alpha.9, npm/@arcjet/rollup-config@1.0.0-alpha.9, npm/@arcjet/tsconfig@1.0.0-alpha.9, npm/@bufbuild/protobuf@1.7.2, npm/@connectrpc/connect-node@1.4.0, npm/@connectrpc/connect-web@1.4.0, npm/@connectrpc/connect@1.4.0, npm/@edge-runtime/jest-environment@2.3.10, npm/@jest/globals@29.7.0, npm/@rollup/plugin-replace@5.0.5, npm/@rollup/plugin-typescript@11.1.6, npm/@rollup/wasm-node@4.12.1, npm/@types/node@18.18.0, npm/@types/node@20.11.25, npm/arcjet@1.0.0-alpha.9, npm/eslint-config-prettier@9.1.0, npm/eslint-config-turbo@1.12.4, npm/eslint-plugin-react@7.34.0, npm/jest@29.7.0, npm/next@14.1.1, npm/next@14.1.3, npm/typeid-js@0.5.0, npm/typescript@5.4.2

View full report↗︎

[socket-security]

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring: npm/hasown@2.0.0, npm/use-sync-external-store@1.2.0

View full report↗︎

Next steps

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

[blaine-arcjet]

@SocketSecurity ignore npm/use-sync-external-store@1.2.0
@SocketSecurity ignore npm/hasown@2.0.0