Bump the frontend-backend group across 1 directory with 7 updates

[dependabot]

Bumps the frontend-backend group with 7 updates in the /frontend/backend directory:

Package	From	To
axios	1.6.2	1.7.9
fast-jwt	3.0.0	5.0.2
follow-redirects	1.13.3	1.15.9
json-web-token	3.0.1	3.2.0
payload	1.5.9	3.11.0
sharp	0.32.0	0.33.5
yaml	2.1.0	2.6.1

Updates axios from 1.6.2 to 1.7.9

Release notes

Sourced from axios's releases.

Release v1.7.9

Release notes:

Reverts

• Revert "fix(types): export CJS types from ESM (#6218)" (#6729) (c44d2f2), closes #6218 #6729

Contributors to this release

• Jay

Release v1.7.8

Release notes:

Bug Fixes

• allow passing a callback as paramsSerializer to buildURL (#6680) (eac4619)
• core: fixed config merging bug (#6668) (5d99fe4)
• fixed width form to not shrink after 'Send Request' button is clicked (#6644) (7ccd5fd)
• http: add support for File objects as payload in http adapter (#6588) (#6605) (6841d8d)
• http: fixed proxy-from-env module import (#5222) (12b3295)
• http: use globalThis.TextEncoder when available (#6634) (df956d1)
• ios11 breaks when build (#6608) (7638952)
• types: add missing types for mergeConfig function (#6590) (00de614)
• types: export CJS types from ESM (#6218) (c71811b)
• updated stream aborted error message to be more clear (#6615) (cc3217a)
• use URL API instead of DOM to fix a potential vulnerability warning; (#6714) (0a8d6e1)

Contributors to this release

• Remco Haszing
• Jay
• Aayush Yadav
• Dmitriy Mozgovoy
• Ell Bradshaw
• Amit Saini
• Tommaso Paulon
• Akki
• Sampo Silvennoinen
• Kasper Isager Dalsgarð
• Christian Clauss
• Pavan Welihinda
• Taylor Flatt
• Kenzo Wada
• Ngole Lawson
• Haven
• Shrivali Dutt
• Henco Appel

Release v1.7.7

Release notes:

Bug Fixes

... (truncated)

Changelog

Sourced from axios's changelog.

1.7.9 (2024-12-04)

Reverts

• Revert "fix(types): export CJS types from ESM (#6218)" (#6729) (c44d2f2), closes #6218 #6729

Contributors to this release

• Jay

1.7.8 (2024-11-25)

Bug Fixes

• allow passing a callback as paramsSerializer to buildURL (#6680) (eac4619)
• core: fixed config merging bug (#6668) (5d99fe4)
• fixed width form to not shrink after 'Send Request' button is clicked (#6644) (7ccd5fd)
• http: add support for File objects as payload in http adapter (#6588) (#6605) (6841d8d)
• http: fixed proxy-from-env module import (#5222) (12b3295)
• http: use globalThis.TextEncoder when available (#6634) (df956d1)
• ios11 breaks when build (#6608) (7638952)
• types: add missing types for mergeConfig function (#6590) (00de614)
• types: export CJS types from ESM (#6218) (c71811b)
• updated stream aborted error message to be more clear (#6615) (cc3217a)
• use URL API instead of DOM to fix a potential vulnerability warning; (#6714) (0a8d6e1)

Contributors to this release

• Remco Haszing
• Jay
• Aayush Yadav
• Dmitriy Mozgovoy
• Ell Bradshaw
• Amit Saini
• Tommaso Paulon
• Akki
• Sampo Silvennoinen
• Kasper Isager Dalsgarð
• Christian Clauss
• Pavan Welihinda
• Taylor Flatt
• Kenzo Wada
• Ngole Lawson
• Haven
• Shrivali Dutt
• Henco Appel

1.7.7 (2024-08-31)

... (truncated)

Commits

• b2cb45d chore(release): v1.7.9 (#6730)
• c44d2f2 Revert "fix(types): export CJS types from ESM (#6218)" (#6729)
• 415ca94 chore(release): v1.7.8 (#6715)
• 0a8d6e1 fix: use URL API instead of DOM to fix a potential vulnerability warning; (#6...
• c71811b fix(types): export CJS types from ESM (#6218)
• 4355a6d chore(sponsor): update sponsor block (#6709)
• 5d54d22 chore(sponsor): update sponsor block (#6707)
• eac4619 fix: allow passing a callback as paramsSerializer to buildURL (#6680)
• df956d1 fix(http): use globalThis.TextEncoder when available (#6634)
• 7139ce9 chore(deps): bump cookie and socket.io (#6704)
• Additional commits viewable in compare view

Updates fast-jwt from 3.0.0 to 5.0.2

Release notes

Sourced from fast-jwt's releases.

v5.0.2

What's Changed

• [OPTIC-RELEASE-AUTOMATION] release/v5.0.1 by @​optic-release-automation in nearform/fast-jwt#523
• chore(types): Add missing input type for DecodedJwt and Updated input field to return decoded 'input' by @​msgadi in nearform/fast-jwt#524

New Contributors

• @​msgadi made their first contribution in nearform/fast-jwt#524

Full Changelog: nearform/fast-jwt@v5.0.1...v5.0.2

v5.0.1

What's Changed

• [OPTIC-RELEASE-AUTOMATION] release/v5.0.0 by @​optic-release-automation in nearform/fast-jwt#515
• fix: return token as input property in verify when complete is true by @​simoneb in nearform/fast-jwt#522

Full Changelog: nearform/fast-jwt@v5.0.0...v5.0.1

v5.0.0

Breaking changes

This version supports Node 20 and above

What's Changed

• [OPTIC-RELEASE-AUTOMATION] release/v4.0.5 by @​optic-release-automation in nearform/fast-jwt#478
• chore(deps-dev): bump fastify from 4.28.1 to 5.0.0 by @​dependabot in nearform/fast-jwt#483
• chore(deps-dev): bump cronometro from 3.0.2 to 4.0.0 by @​dependabot in nearform/fast-jwt#495
• Chore/node test runner by @​ilteoood in nearform/fast-jwt#502
• feat: deprecate use new crypto by @​ilteoood in nearform/fast-jwt#508
• Chore/code improvements by @​ilteoood in nearform/fast-jwt#509
• feat: LRU cache key by @​ilteoood in nearform/fast-jwt#504

Full Changelog: nearform/fast-jwt@v4.0.5...v5.0.0

v4.0.5

What's Changed

• [OPTIC-RELEASE-AUTOMATION] release/v4.0.3 by @​optic-release-automation in nearform/fast-jwt#473
• Extend JwtHeader to allow additional fields by @​Akallabet in nearform/fast-jwt#476
• [OPTIC-RELEASE-AUTOMATION] release/v4.0.4 by @​optic-release-automation in nearform/fast-jwt#477

New Contributors

• @​Akallabet made their first contribution in nearform/fast-jwt#476

Full Changelog: nearform/fast-jwt@v4.0.3...v4.0.5

v4.0.3

What's Changed

• [OPTIC-RELEASE-AUTOMATION] release/v4.0.2 by @​optic-release-automation in nearform/fast-jwt#455
• chore(deps-dev): bump @​types/node from 20.14.13 to 22.0.0 by @​dependabot in nearform/fast-jwt#460

... (truncated)

Changelog

Sourced from fast-jwt's changelog.

2021-12-30 / 1.4.1

• feat: Release v1.4.1 (#178)
• feat: Distinguish between sync & async methods in types (#177)
• chore(deps): bump actions/setup-node from 2.5.0 to 2.5.1 (#176)
• chore: use major version of notify release action
• chore(deps): bump nearform/github-action-notify-release (#175)
• chore(deps-dev): bump @​types/node from 16.11.14 to 17.0.1 (#172)
• feat: Update release.yml to use the new token naming convention (#169)
• chore(deps): bump fastify/github-action-merge-dependabot from 2.7.1 to 3.0.2 (#168)
• chore(deps): bump fastify/github-action-merge-dependabot (#166)

2021-12-01 / 1.4.0

• feat: v1.4.0 (#163)
• feat: Added support for x509 certificate public key (#161)
• feat: Refactoring checkAreCompatibleAlgorithms function (#158)
• chore(deps): bump actions/setup-node from 2.4.1 to 2.5.0 (#156)
• chore(deps): bump actions/cache from 2.1.6 to 2.1.7 (#154)
• feat: Added JwtHeader type definition (#153)
• refactor (docs): Improve documentation (#151)
• chore(deps): bump mnemonist from 0.38.5 to 0.39.0 (#150)
• chore(deps-dev): bump tsd from 0.18.0 to 0.19.0 (#149)
• chore(deps): bump fastify/github-action-merge-dependabot (#148)
• refactor (docs): fix mutatePayload definition sentence (#146)
• chore: use main for optic action to test (#144)

2021-11-10 / 1.3.2

• feat: v1.3.2 (#141)
• feat: 1.3.1 (#140)
• chore: Updated README with missing information (#138)
• chore(deps): bump nearform/optic-release-automation from 2.1.3 to 2.1.4 (#132)
• chore(deps): bump nearform/optic-release-automation from 2.1.2 to 2.1.3 (#130)
• chore(deps): bump nearform/optic-release-automation from 2.1.0 to 2.1.2 (#128)
• fix: bump optic-release-automation (#126)
• fix: bump optic-release-automation (#124)
• fix: ci (#123)
• chore(deps): bump nearform/optic-release-automation from 1.0.1 to 2.0.0 (#122)
• fix: release ci (#121)
• chore(deps): bump actions/checkout from 2.3.5 to 2.4.0 (#120)
• feat: Add support for ES* password protected private keys (#119)

2021-11-01 / 1.3.0

• feat: Bumped v1.3.0
• feat: Support passphrase protected keys (#117)
• docs: remove readme deps badge
• chore(deps): bump actions/checkout from 2.3.4 to 2.3.5 (#114)
• chore(deps-dev): bump tsd from 0.17.0 to 0.18.0 (#112)

... (truncated)

Commits

• df839d9 Release v5.0.2
• 08a24c5 chore(types): Add missing input type for DecodedJwt and Updated input field t...
• e76ddee Release v5.0.1 (#523)
• 4d8c2cb fix: return token as input property in verify when complete is true (#522)
• 016331b Release v5.0.0 (#515)
• 8c7da41 Release v4.0.6 (#513)
• 79f367c feat: LRU cache key (#504)
• b1d56ae Chore/code improvements (#509)
• 5844024 feat: deprecate use new crypto (#508)
• 72762fd Chore/node test runner (#502)
• Additional commits viewable in compare view

Updates follow-redirects from 1.13.3 to 1.15.9

Commits

• e4e55c7 Release version 1.15.9 of the npm package.
• 31a1abf Attempt much more gentle detection.
• d2aaa97 Fix url field.
• 62558f0 Release version 1.15.8 of the npm package.
• a8d1cee Return subtlety.
• 458ca8e Fix native URL test for Node 20.
• ca49e44 Handle KeepAlive connections in tests.
• f3711d7 Test on Node 20 and 22.
• fda0faf Fix typo.
• 760757f Release version 1.15.7 of the npm package.
• Additional commits viewable in compare view

Updates json-web-token from 3.0.1 to 3.2.0

Commits

• See full diff in compare view

Updates payload from 1.5.9 to 3.11.0

Release notes

Sourced from payload's releases.

v3.11.0

v3.11.0 (2024-12-21)

🚀 Features

• db-sqlite: add autoIncrement option (#9427) (4e95353)

🐛 Bug Fixes

• ensures generated IDs persist on create (#10089) (957867f)
• db-mongodb: mongodb optimizations (#10120) (b08ff88)
• ui: join table row still shows after deletion (#9783) (a58b9fc)
• ui: ensure unpublish confirmation is reachable when opened in drawers (#10109) (ec853c4)

📚 Documentation

• remove stray backtick from Nested Docs Plugin page (#10118) (08eb13d)
• fix broken links (#10010) (2175451)

📝 Templates

• bump for v3.10.0 (#10107) (99481cb)

🤝 Contributors

• Sasha (@​r1tsuu)
• Sam (@​damnsamn)
• Alessio Gravili (@​AlessioGr)
• Said Akhrarov (@​akhrarovsaid)
• zuccs (@​zuccs)
• Jacob Fletcher (@​jacobsfletch)
• Elliot DeNolf (@​denolfe)

v3.10.0

v3.10.0 (2024-12-20)

🚀 Features

• jsdocs for generated types, by using admin.description (#9917) (b330873)

• join field with polymorphic relationships (#9990) (d03658d)

• db-postgres, db-sqlite: drizzle schema generation (#9953) (23f1ed4)

  Full type safety on payload.drizzle with a single command

  pnpm payload generate:db-schema
  

... (truncated)

Commits

• e9a330d chore(release): v3.11.0 [skip ci]
• b08ff88 fix(db-mongodb): mongodb optimizations (#10120)
• 957867f fix: ensures generated IDs persist on create (#10089)
• 4d50046 chore(release): v3.10.0 [skip ci]
• 7c4ea5b refactor: optimize database schema generation bin script (#10086)
• b330873 feat: jsdocs for generated types, by using admin.description (#9917)
• d03658d feat: join field with polymorphic relationships (#9990)
• e468292 perf(db-mongodb): improve performance of all operations, up to 50% faster (#9...
• 23f1ed4 feat(db-postgres, db-sqlite): drizzle schema generation (#9953)
• 0e5bda9 feat: make req partial and optional in DB / Local API operations (#9935)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by elliotpayload, a new releaser for payload since your current version.

Updates sharp from 0.32.0 to 0.33.5

Changelog

Sourced from sharp's changelog.

v0.33.5 - 16th August 2024

• Upgrade to libvips v8.15.3 for upstream bug fixes.

• Add pageHeight and pages to response of multi-page output. #3411

• Ensure option to force use of a globally-installed libvips works correctly. #4111 @​project0

• Minimise use of engines property to improve yarn v1 support. #4130

• Ensure sharp.format.heif includes only AVIF when using prebuilt binaries. #4132

• Add support to recomb operation for 4x4 matrices. #4147 @​ton11797

• Expose PNG text chunks as comments metadata. #4157 @​nkeynes

• Expose optional precision and minAmplitude parameters of blur operation. #4168 #4172 @​marcosc90

• Ensure keepIccProfile avoids colour transformation where possible. #4186

• TypeScript: chromaSubsampling metadata is optional. #4191 @​DavidVaness

v0.33.4 - 16th May 2024

• Remove experimental status from pipelineColourspace.

• Reduce default concurrency when musl thread over-subscription detected.

• TypeScript: add missing definitions for OverlayOptions. #4048 @​ike-gg

• Install: add advanced option to force use of a globally-installed libvips. #4060

... (truncated)

Commits

• fc32e0b Release v0.33.5
• 0546e48 Docs: changelog entry for #4191
• ab65b7a TypeScript: chromaSubsampling can be undefined (#4191)
• 2474bd4 Prerelease v0.33.5-rc.1
• ff2e689 Remove yarn v1 specifics from help text
• 6327f13 CI: Add yarn v1 to packaging tests
• f1e69a2 Prerelease v0.33.5-rc.0
• 3c14dbb Minimise use of engines property to improve yarn v1 support
• 82cebc3 Upgrade to libvips v8.15.3 for Linux ARMv6
• ad36fa0 Ensure emnapiInit function is exported
• Additional commits viewable in compare view

Updates yaml from 2.1.0 to 2.6.1

Release notes

Sourced from yaml's releases.

v2.6.1

• Do not strip :00 seconds from !!timestamp values (#578, with thanks to @​qraynaud)
• Tighten regexp for JSON !!bool (#587, with thanks to @​vra5107)
• Default to literal block scalar if folded would overflow (#585)

v2.6.0

• Use a proper tag for !!merge << keys (#580)
• Add stringKeys parse option (#581)
• Stringify a Document as a Document (#576)
• Add sponsorship by Manifest

v2.5.1

• Include range in flow sequence pair maps (#573)

v2.5.0

• Add --indent option to CLI tool (#559, with thanks to @​danielbayley)
• Require newline in all cases for props on block sequence (#557)
• Always reset indentation in lexer on ... (#558)
• Ignore minContentWidth if greater than lineWidth (#562)
• Drop unused Collection.maxFlowStringSingleLineLength (#522, #421)

v2.4.5

• Improve tab handling (#553, yaml-test-suite tests DK95 & Y79Y)

v2.4.4

With special thanks to @​RedCMD for finding and reporting all of the following:

• Allow comment after top-level block scalar with explicit indent indicator (#547)
• Allow tab as indent for line comments before nodes (#548)
• Do not allow tab before block collection (#549)
• In flow collections, allow []{} immediately after : with plain key (#550)
• Require indentation for ? explicit-key contents (#551)
• Require indentation from block scalar header & flow collections in mapping values (#553)

v2.4.3

• Improve error when parsing a non-string value (#459)
• Do not parse -.NaN or +.nan as NaN (#546)
• Support # within %TAG prefixes with trailing #comments
• Check for non-node complex keys when stringifying with simpleKeys (#541)

v2.4.2

• Restrict YAML 1.1 boolean strings to their explicit capitalization (#530)
• Add sponsorship by Scipress (#536)

v2.4.1

• cst: Do not drop trailing newline after line comment in block-map if followed by unindented block-seq value (#525)
• Stringify flow collection comments in parent (#528)
• Do not skip folding lines after the first in indented block scalars (#529)

v2.4.0

... (truncated)

Commits

• aa1898a 2.6.1
• 6be0a91 fix: Default to literal block scalar if folded would overflow (fixes #585)
• 108f699 fix: Tighten regexp for JSON !!bool (#587)
• 2e85b91 fix: Do not strip :00 seconds from !!timestamp values (#578)
• 5850600 chore: Refresh lockfile
• 16fb6e2 chore: Add .well-known/funding-manifest-urls
• 808fba3 2.6.0
• 438688f fix: Stringify a Document as a Document (fixes #576)
• baaabd0 feat: Add stringKeys parse option (#581)
• f2fa108 docs: Update Manifest logo (#582)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions