deps(monorepo): update auto-merge non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@dotenvx/dotenvx	^1.6.4 -> ^1.9.0					devDependencies	minor
alloy-dyn-abi (source)	0.7.0 -> 0.8.0					workspace.dependencies	minor
alloy-json-abi (source)	0.7.0 -> 0.8.0					workspace.dependencies	minor
alloy-primitives (source)	0.7.0 -> 0.8.0					workspace.dependencies	minor
alloy-rlp (source)	0.3.4 -> 0.3.8					workspace.dependencies	patch
alloy-rlp-derive (source)	0.3.4 -> 0.3.8					workspace.dependencies	patch
alloy-sol-macro (source)	0.7.0 -> 0.8.0					workspace.dependencies	minor
alloy-sol-types (source)	0.7.0 -> 0.8.0					workspace.dependencies	minor
anyhow	1.0.44 -> 1.0.86					workspace.dependencies	patch
async-trait	0.1.73 -> 0.1.81					workspace.dependencies	patch
auto_impl	1.1.0 -> 1.2.0					workspace.dependencies	patch
aws-sdk-sns	1.39.0 -> 1.40.0					dependencies	minor
backon	0.4.4 -> 0.5.0					workspace.dependencies	minor
bitflags	2.4 -> 2.6.0					dependencies	patch
bitflags	2.5.0 -> 2.6.0					workspace.dependencies	patch
bytes	1.5 -> 1.7.1					workspace.dependencies	patch
c-kzg	0.4.0 -> 0.4.2					workspace.dependencies	patch
chrono	0.4.19 -> 0.4.38					workspace.dependencies	patch
clap	4.4.6 -> 4.5.16					workspace.dependencies	patch
colored	2.0 -> 2.1.0					workspace.dependencies	patch
derive_more	0.99.17 -> 0.99.18					workspace.dependencies	patch
dyn-clone	1.0.16 -> 1.0.17					dependencies	patch
env_logger	0.10.0 -> 0.11.5					workspace.dependencies	minor
erased-serde	0.3.31 -> 0.4.5					dependencies	minor
esbuild	0.21.5 -> 0.23.1					dependencies	minor
esbuild-register	3.5.0 -> 3.6.0					dependencies	minor
eslint (source)	9.5.0 -> 9.9.0					dependencies	minor
eyre	0.6 -> 0.6.12					dependencies	patch
eyre	0.6.8 -> 0.6.12					dependencies	patch
eyre	0.6.8 -> 0.6.12					workspace.dependencies	patch
flate2	1.0.30 -> 1.0.32					workspace.dependencies	patch
futures (source)	0.3.28 -> 0.3.30					workspace.dependencies	patch
hyper (source)	0.14.25 -> 0.14.30					workspace.dependencies	patch
hyper-tls (source)	0.5.0 -> 0.6.0					workspace.dependencies	minor
indoc	2 -> 2.0.5					dependencies	patch
itertools	0.11.0 -> 0.13.0					workspace.dependencies	minor
jaxxstorm/action-install-gh-release	v1.9.0 -> v1.12.0					action	minor
knip (source)	5.25.2 -> 5.27.3					dependencies	minor
lazy_static	1.4.0 -> 1.5.0					workspace.dependencies	patch
lefthook	1.6.18 -> 1.7.14					dependencies	minor
malachite (source)	0.4.0 -> 0.4.15					workspace.dependencies	patch
malachite-q (source)	0.4.0 -> 0.4.15					workspace.dependencies	patch
metrics	0.21.1 -> 0.23.0					workspace.dependencies	minor
metrics-exporter-prometheus	=0.12.1 -> =0.15.3					workspace.dependencies	minor
metrics-process	=1.0.14 -> =1.2.1					workspace.dependencies	minor
metrics-util	0.15.0 -> 0.17.0					workspace.dependencies	minor
num	0.4.1 -> 0.4.3					dependencies	patch
once_cell	1.18.0 -> 1.19.0					workspace.dependencies	patch
opentofu	1.8.0 -> 1.8.1						patch
parking_lot	0.12.1 -> 0.12.3					workspace.dependencies	patch
paste	1.0.14 -> 1.0.15					dependencies	patch
pin-project	1.1.4 -> 1.1.5					dependencies	patch
plotters (source)	0.3.5 -> 0.3.6					dependencies	patch
pnpm (source)	9.6.0 -> 9.8.0					packageManager	minor
pnpm (source)	>=9.6.0 -> >=9.8.0					engines	minor
polars (source)	0.38.3 -> 0.42.0					workspace.dependencies	minor
prettier (source)	3.3.2 -> 3.3.3					dependencies	patch
rayon	1.7.0 -> 1.10.0					workspace.dependencies	patch
regex	1.10 -> 1.10.6					dependencies	patch
reqwest	0.12.2 -> 0.12.7					workspace.dependencies	patch
revm-primitives	3.1 -> 3.1.1					workspace.dependencies	patch
rimraf	5.0.7 -> 5.0.10					dependencies	patch
ruint	1.9.0 -> 1.12.3					workspace.dependencies	patch
rust_decimal	1.34.3 -> 1.36.0					dependencies	patch
semver	1.0 -> 1.0.23					workspace.dependencies	patch
serde (source)	^1.0 -> ^1.0.208					dependencies	patch
serde (source)	1.0.205 -> 1.0.208					workspace.dependencies	patch
serde_derive (source)	^1.0 -> ^1.0.208					dependencies	patch
serde_json	^1.0 -> ^1.0.125					dependencies	patch
serde_json	1.0.1 -> 1.0.125					workspace.dependencies	patch
serde_repr	0.1.16 -> 0.1.19					workspace.dependencies	patch
serde_with	3.4.0 -> 3.9.0					workspace.dependencies	patch
sherif	0.10.0 -> 0.11.0					dependencies	minor
statrs	0.16 -> 0.17.1					dependencies	minor
strum	0.25.0 -> 0.26.3					workspace.dependencies	minor
terragrunt	0.63.6 -> 0.66.9						minor
thiserror	1.0.44 -> 1.0.63					workspace.dependencies	patch
tokio (source)	1.28.2 -> 1.39.3					dependencies	patch
tokio (source)	1.13.0 -> 1.39.3					workspace.dependencies	patch
toml	0.8.2 -> 0.8.19					workspace.dependencies	patch
tracing (source)	0.1.37 -> 0.1.40					workspace.dependencies	patch
tracing-bunyan-formatter	0.3.4 -> 0.3.9					dependencies	patch
tracing-subscriber (source)	0.3.17 -> 0.3.18	[](https://docs

[github-actions]

Hello, I'm 🤖 Stormie-Bot! The Storm team sincerely appreciates your effort/interest in contributing to this project. A Storm developer will review this change and get back to you ASAP. Please feel free to reach out to the Storm team (contact@stormsoftware.com) if you have any questions/comments.

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@dotenvx/dotenvx@1.9.0	environment, filesystem, shell	+7	3.82 MB	motdotenv
npm/esbuild-register@3.6.0	environment, eval, filesystem, unsafe	+1	225 kB	egoist
npm/esbuild@0.23.1	None	0	134 kB	esbuild, evanw
npm/eslint-config-prettier@9.1.0	None	0	20.8 kB	lydell
npm/eslint@9.9.0	environment Transitive: eval, filesystem, shell, unsafe	+29	7.95 MB	eslintbot

🚮 Removed packages: npm/@dotenvx/dotenvx@1.6.4)

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Install scripts	npm/esbuild@0.8.57	Install script: postinstall Source: node install.js	Source	🚫
Install scripts	npm/esbuild@0.19.12	Install script: postinstall Source: node install.js	Source	🚫
Install scripts	npm/esbuild@0.21.5	Install script: postinstall Source: node install.js	package.json pnpm-lock.yaml	🚫

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/esbuild@0.8.57
• @SocketSecurity ignore npm/esbuild@0.19.12
• @SocketSecurity ignore npm/esbuild@0.21.5

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

[sullivanpj]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package Note Source CI
Install scripts npm/esbuild@0.8.57

• Install script: postinstall

• Source: node install.js

• Source

🚫
Install scripts npm/esbuild@0.19.12

• Install script: postinstall

• Source: node install.js

• Source

🚫
Install scripts npm/esbuild@0.21.5

• Install script: postinstall

• Source: node install.js

• package.json

• pnpm-lock.yaml

🚫
View full report↗︎

Next steps

** What is an install script? **
Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

** Take a deeper look at the dependency **
** Remove the package **
Mark a package as acceptable risk

@SocketSecurity ignore-all