deps(example): Bump the dependencies group in /examples/nextjs-14-clerk-shield with 8 updates

[dependabot]

Bumps the dependencies group in /examples/nextjs-14-clerk-shield with 8 updates:

Package	From	To
@clerk/nextjs	4.29.9	4.29.11
next	14.1.3	14.1.4
@types/react	18.2.65	18.2.74
@types/react-dom	18.2.21	18.2.24
autoprefixer	10.4.18	10.4.19
eslint-config-next	14.1.3	14.1.4
postcss	8.4.35	8.4.38
tailwindcss	3.4.1	3.4.3

Updates @clerk/nextjs from 4.29.9 to 4.29.11

Release notes

Sourced from @​clerk/nextjs's releases.

@​clerk/nextjs@​4.29.11

Patch Changes

• Enable support for older browsers starting with Safari 12 by switching the compilation target to es2019 for all client-side SDKs (#3113) by @​nikosdouvlis

• Updated dependencies [d9612801c]:

  • @​clerk/shared@​1.4.1
  • @​clerk/clerk-react@​4.30.9
  • @​clerk/backend@​0.38.5
  • @​clerk/clerk-sdk-node@​4.13.13

@​clerk/nextjs@​4.29.10

Patch Changes

• Updated dependencies [cd2bf9dce, b47264367, 089eee519]:
  • @​clerk/types@​3.63.0
  • @​clerk/shared@​1.4.0
  • @​clerk/backend@​0.38.4
  • @​clerk/clerk-react@​4.30.8
  • @​clerk/clerk-sdk-node@​4.13.12

Changelog

Sourced from @​clerk/nextjs's changelog.

4.29.11

Patch Changes

• Enable support for older browsers starting with Safari 12 by switching the compilation target to es2019 for all client-side SDKs (#3113) by @​nikosdouvlis

• Updated dependencies [d9612801c]:

  • @​clerk/shared@​1.4.1
  • @​clerk/clerk-react@​4.30.9
  • @​clerk/backend@​0.38.5
  • @​clerk/clerk-sdk-node@​4.13.13

4.29.10

Patch Changes

• Updated dependencies [cd2bf9dce, b47264367, 089eee519]:
  • @​clerk/types@​3.63.0
  • @​clerk/shared@​1.4.0
  • @​clerk/backend@​0.38.4
  • @​clerk/clerk-react@​4.30.8
  • @​clerk/clerk-sdk-node@​4.13.12

Commits

• 064af2c chore(repo): Version packages (#3114)
• d961280 fix(*): Switch the compilation target to es2019 for all client-side SDK (#3113)
• eebb09b chore(repo): Version packages (#3072)
• See full diff in compare view

Updates next from 14.1.3 to 14.1.4

Release notes

Sourced from next's releases.

v14.1.4

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Update React from 60a927d04 to 4b84f11 (#63476) @​ztanner
• fix revalidation issue with route handlers (#63213) @​ztanner
• ensure mpa navigations to the same URL work after restoring from bfcache (#63155) @​ztanner
• Ensure PromiseLikeOfReactNode is not included in .d.ts files (#63185) @​timneutkens
• Fix metadata url cases should not append with trailing slash (#63050) @​huozhi
• feat: add deploymentId config (#63198) @​styfle
• fix: bump @​vercel/nft@​0.26.3 (#61538) @​styfle
• fix x-forwarded-port header (#63303) @​Ethan-Arrowood
• fix: x-forwarded-port header is 'undefined' when no port in url (#60484) @​yuvalotem

Test Changes

• test: switch order of tests to avoid flakniess (#63482) @​huozhi
• fix broken create-next-app tests (#63019) @​ztanner

Commits

• f1fc357 v14.1.4
• e6a117b (backport) Update React from 60a927d04 to 4b84f1161 (#63476)
• c227315 update assertion due to stack trace change
• 3aae252 test: switch order of tests to avoid flakniess (#63482)
• 4804982 fix broken create-next-app tests (#63019)
• 81114f3 fix revalidation issue with route handlers (#63213)
• 944a84c ensure mpa navigations to the same URL work after restoring from bfcache (#63...
• 21e11f1 Ensure PromiseLikeOfReactNode is not included in .d.ts files (#63185)
• 531cdb5 Fix metadata url cases should not append with trailing slash (#63050)
• a3707f5 feat: add deploymentId config (#63198)
• Additional commits viewable in compare view

Updates @types/react from 18.2.65 to 18.2.74

Commits

• See full diff in compare view

Updates @types/react-dom from 18.2.21 to 18.2.24

Commits

• See full diff in compare view

Updates autoprefixer from 10.4.18 to 10.4.19

Release notes

Sourced from autoprefixer's releases.

10.4.19

• Removed end value has mixed support, consider using flex-end warning since end/start now have good support.

Changelog

Sourced from autoprefixer's changelog.

10.4.19

• Removed end value has mixed support, consider using flex-end warning since end/start now have good support.

Commits

• 8060e33 Release 10.4.19 version
• fe7bae4 Remove end→flex-end warning
• 5f6f362 Update dependencies
• 13a86df Move to flat ESLint config
• b3e0579 Update dependencies
• See full diff in compare view

Updates eslint-config-next from 14.1.3 to 14.1.4

Release notes

Sourced from eslint-config-next's releases.

v14.1.4

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• Update React from 60a927d04 to 4b84f11 (#63476) @​ztanner
• fix revalidation issue with route handlers (#63213) @​ztanner
• ensure mpa navigations to the same URL work after restoring from bfcache (#63155) @​ztanner
• Ensure PromiseLikeOfReactNode is not included in .d.ts files (#63185) @​timneutkens
• Fix metadata url cases should not append with trailing slash (#63050) @​huozhi
• feat: add deploymentId config (#63198) @​styfle
• fix: bump @​vercel/nft@​0.26.3 (#61538) @​styfle
• fix x-forwarded-port header (#63303) @​Ethan-Arrowood
• fix: x-forwarded-port header is 'undefined' when no port in url (#60484) @​yuvalotem

Test Changes

• test: switch order of tests to avoid flakniess (#63482) @​huozhi
• fix broken create-next-app tests (#63019) @​ztanner

Commits

• f1fc357 v14.1.4
• See full diff in compare view

Updates postcss from 8.4.35 to 8.4.38

Release notes

Sourced from postcss's releases.

8.4.38

• Fixed endIndex: 0 in errors and warnings (by @​romainmenke).

8.4.37

• Fixed original.column are not numbers error in another case.

8.4.36

• Fixed original.column are not numbers error on broken previous source map.

Changelog

Sourced from postcss's changelog.

8.4.38

• Fixed endIndex: 0 in errors and warnings (by @​romainmenke).

8.4.37

• Fixed original.column are not numbers error in another case.

8.4.36

• Fixed original.column are not numbers error on broken previous source map.

Commits

• a69d45e Release 8.4.38 version
• 64e35d9 Update dependencies
• c1ad8fb Merge pull request #1932 from romainmenke/fix-warning-end-index--inventive-nu...
• b45e7e9 fix endIndex
• 1bea246 failing test: for endIndex 0 in rangeBy
• 0fd1d86 Add changelog auto release on Github
• 49c906e Release 8.4.37 version
• b5bd92c Fix another broken prev source map issue
• 2882039 Update dependencies
• e5ad939 Release 8.4.36 version
• Additional commits viewable in compare view

Updates tailwindcss from 3.4.1 to 3.4.3

Release notes

Sourced from tailwindcss's releases.

v3.4.3

Fixed

• Revert changes to glob handling (#13384)

v3.4.2

Fixed

• Ensure max specificity of 0,0,1 for button and input Preflight rules (#12735)
• Improve glob handling for folders with (, ), [ or ] in the file path (#12715)
• Split :has rules when using experimental.optimizeUniversalDefaults (#12736)
• Sort arbitrary properties alphabetically across multiple class lists (#12911)
• Add mix-blend-plus-darker utility (#12923)
• Ensure dashes are allowed in variant modifiers (#13303)
• Fix crash showing completions in Intellisense when using a custom separator (#13306)
• Transpile import.meta.url in config files (#13322)
• Reset letter spacing for form elements (#13150)
• Fix missing xx-large and remove double x-large absolute size (#13324)
• Don't error when encountering nested CSS unless trying to @apply a class that uses nesting (#13325)
• Ensure that arbitrary properties respect important configuration (#13353)
• Change dark mode selector so @apply works correctly with pseudo elements (#13379)

Changelog

Sourced from tailwindcss's changelog.

[3.4.3] - 2024-03-27

Fixed

• Revert changes to glob handling (#13384)

[3.4.2] - 2024-03-27

Fixed

• Ensure max specificity of 0,0,1 for button and input Preflight rules (#12735)
• Improve glob handling for folders with (, ), [ or ] in the file path (#12715)
• Split :has rules when using experimental.optimizeUniversalDefaults (#12736)
• Sort arbitrary properties alphabetically across multiple class lists (#12911)
• Add mix-blend-plus-darker utility (#12923)
• Ensure dashes are allowed in variant modifiers (#13303)
• Fix crash showing completions in Intellisense when using a custom separator (#13306)
• Transpile import.meta.url in config files (#13322)
• Reset letter spacing for form elements (#13150)
• Fix missing xx-large and remove double x-large absolute size (#13324)
• Don't error when encountering nested CSS unless trying to @apply a class that uses nesting (#13325)
• Ensure that arbitrary properties respect important configuration (#13353)
• Change dark mode selector so @apply works correctly with pseudo elements (#13379)

Commits

• f1f419a 3.4.3
• e6c1082 Revert changes to glob handling (#13384)
• 8430d8b 3.4.2
• 8b4a2a6 Change dark selector so @apply works correctly with pseudo elements (#13379)
• 97607f1 Ensure that arbitrary properties respect important configuration (#13353)
• c033f10 Update CHANGELOG.md
• bda8421 Only detect nesting when using @apply (#13325)
• 3ba51d1 Remove leading space in box-shadow's addDefaults call (#13334)
• a53d854 Fix missing xx-large and remove double x-large absolute size (#13324)
• ea90d3a Reset letter spacing for form elements (#13150)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[trunk-io]

😎 Merged successfully - details.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@arcjet/analyze@1.0.0-alpha.10	environment, network	0	5.67 MB	blaine-arcjet
npm/@arcjet/duration@1.0.0-alpha.10	None	0	25.7 kB	blaine-arcjet
npm/@arcjet/eslint-config@1.0.0-alpha.10	None	0	14 kB	blaine-arcjet
npm/@arcjet/ip@1.0.0-alpha.10	None	0	56.3 kB	blaine-arcjet
npm/@arcjet/logger@1.0.0-alpha.10	environment	0	18.6 kB	blaine-arcjet
npm/@arcjet/next@1.0.0-alpha.10	environment, network	0	45.6 kB	blaine-arcjet
npm/@arcjet/node@1.0.0-alpha.10	None	0	31.2 kB	blaine-arcjet
npm/@types/node@20.12.4	None	0	2.03 MB	types
npm/arcjet@1.0.0-alpha.10	environment	0	97.1 kB	blaine-arcjet

🚮 Removed packages: npm/@types/node@20.11.25, npm/express@4.19.2, npm/nextjs-14-pages-wrap@0.1.0

View full report↗︎

[socket-security]

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring: npm/@arcjet/analyze@1.0.0-alpha.10, npm/@arcjet/next@1.0.0-alpha.10, npm/escape-string-regexp@1.0.5, npm/has-flag@3.0.0

View full report↗︎

Next steps

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

[blaine-arcjet]

Since next.js is still a peerDep, it exists in our root lockfile. When this is not the same version as the Clerk example there is a type mismatch with their internal symbol. I've updated the root lock and it seems to build correctly now.

Note: this only happens because we use the file:../../arcjet-next specifier to avoid having the example deps in our root lockfile.

[blaine-arcjet]

@SocketSecurity ignore npm/has-flag@3.0.0
@SocketSecurity ignore npm/escape-string-regexp@1.0.5
@SocketSecurity ignore npm/@arcjet/next@1.0.0-alpha.10
@SocketSecurity ignore npm/@arcjet/analyze@1.0.0-alpha.10