build(deps): bump the dependencies group across 1 directory with 7 updates

[dependabot]

Bumps the dependencies group with 7 updates in the / directory:

Package	From	To
@jlucaspains/sharp-recipe-parser	1.3.0	1.3.1
dexie	4.0.10	4.0.11
i18next	24.2.0	24.2.1
tesseract.js	5.1.1	6.0.0
postcss	8.4.49	8.5.1
typescript	5.7.2	5.7.3
vite	6.0.6	6.0.9

Updates @jlucaspains/sharp-recipe-parser from 1.3.0 to 1.3.1

Release notes

Sourced from @​jlucaspains/sharp-recipe-parser's releases.

v1.3.1

What's Changed

• Bump the dependencies group across 1 directory with 5 updates by @​dependabot in jlucaspains/sharp-recipe-parser#157
• Bump the dependencies group with 2 updates by @​dependabot in jlucaspains/sharp-recipe-parser#158
• Bump the dependencies group across 1 directory with 3 updates by @​dependabot in jlucaspains/sharp-recipe-parser#160
• Bump the dependencies group across 1 directory with 6 updates by @​dependabot in jlucaspains/sharp-recipe-parser#166
• Bump @​sveltejs/kit from 2.5.0 to 2.8.3 in /demo by @​dependabot in jlucaspains/sharp-recipe-parser#163
• Accept unicode dash for range and accept / for alternative ingredient by @​jlucaspains in jlucaspains/sharp-recipe-parser#168

Full Changelog: jlucaspains/sharp-recipe-parser@v1.3.0...v1.3.1

Commits

• 2fd0f9f Accept unicode dash for range and accept / for alternative ingredient (#168)
• 04dd426 Bump @​sveltejs/kit from 2.5.0 to 2.8.3 in /demo (#163)
• 2eb9dce Bump the dependencies group across 1 directory with 6 updates (#166)
• a430bb1 Bump the dependencies group across 1 directory with 3 updates (#160)
• 9690f29 Bump the dependencies group with 2 updates (#158)
• c800498 Bump the dependencies group across 1 directory with 5 updates (#157)
• See full diff in compare view

Updates dexie from 4.0.10 to 4.0.11

Release notes

Sourced from dexie's releases.

Dexie v4.0.11

Fixes issues #2103 and #2113

Make sure to upgrade both dexie and dexie-cloud-addon:

npm install dexie@latest
npm install dexie-cloud-addon@latest

Commits

• 2a51118 Build output
• 27c1a5f Merge remote-tracking branch 'origin/releases'
• b415d92 Releasing v4.0.11
• 2101655 Fix syntax error in release script (again)
• 90594f5 Fix syntax error in release script
• 3d238a4 Fix issues #2103 and #2113 (#2119)
• 7e6b5e6 Fix build issue in dexie-export-import (rollup config) (#2117)
• 216ec56 Upgrading workflow pnpm version
• See full diff in compare view

Updates i18next from 24.2.0 to 24.2.1

Release notes

Sourced from i18next's releases.

v24.2.1

• Standardize null/undefined checks across codebase 2275
• fix(typescript): make TFunction augmentable again 2279, fixes 2278

Changelog

Sourced from i18next's changelog.

24.2.1

• Standardize null/undefined checks across codebase 2275
• fix(typescript): make TFunction augmentable again 2279, fixes 2278

Commits

• 7e0b526 24.2.1
• 73940cc release
• 009c457 fix: make TFunction type augmentable (#2279)
• dd78378 update ts example
• e2797d5 prpare changelog
• 6e6d899 Standardize null/undefined checks across codebase (#2275)
• See full diff in compare view

Updates tesseract.js from 5.1.1 to 6.0.0

Release notes

Sourced from tesseract.js's releases.

v6.0.0

What's Changed

• Fixed memory leaks (#977)
  • This version fixed a long-standing issue where memory would rise over time, eventually leading to a crash.
• Reduced runtime and memory usage for most users by updating default formats (#916).
• Fixed compatibility with Electron main process (#925)
• Fixed bug where user-provided parameters were overwritten by defaults (#975).

Breaking Changes

1. All outputs formats other than text are now disabled by default.
   • To re-enable the hocr output (for example), set the following: worker.recognize(image, {}, { hocr: true })
     • See here for a list of possible output formats.
2. The JavaScript object output format (blocks) was tweaked.
   • Only the array of blocks (blocks) is returned.
     • Previous versions would automatically generate lists of every unit of text (words, symbols, etc.).
       • If needed, these should now be generated by the user.
   • Only text-based blocks are reported.
     • Previous versions reported non-text blocks when detected by Tesseract (e.g. line segments).
   • The shape of some objects were changed.
     • See the type declarations for reference on properties.
     • The main properties--text and bbox--are unchanged.
3. Various functions and options marked as depreciated previously have been removed.
   1. This includes worker.initialize and worker.loadLanguage, along with several depreciated options from v2.

See #993 for additional discussion about this release.

New Contributors

• @​IgorAufricht made their first contribution in naptha/tesseract.js#971

Full Changelog: naptha/tesseract.js@v5.1.1...v6.0.0

Commits

• 7d64af1 6.0.0
• 4fc74ce Updated readme
• 56d8238 Updated output and types per #990 (#992)
• 901d881 Bump cookie and express (#967)
• 72afa3d Remove ImageData from ImageLike (#971)
• c75a380 Bumped Tesseract.js-core version
• d196683 Bumped Tesseract.js-core version
• 34ba7d8 Updated JSON exports to match earlier format (#989)
• 6299aa5 Fixed JSON export bugs and added new tests (#987)
• d199d9c Ran linter on examples
• Additional commits viewable in compare view

Updates postcss from 8.4.49 to 8.5.1

Release notes

Sourced from postcss's releases.

8.5.1

• Fixed backwards compatibility for complex cases (by @​romainmenke).

8.5 “Duke Alloces”

PostCSS 8.5 brought API to work better with non-CSS sources like HTML, Vue.js/Svelte sources or CSS-in-JS.

@​romainmenke during his work on Stylelint added Input#document in additional to Input#css.

root.source.input.document //=> "<p>Hello</p>
                           //    <style>
                           //    p {
                           //      color: green;
                           //    }
                           //    </style>"
root.source.input.css      //=> "p {
                           //      color: green;
                           //    }"

Thanks to Sponsors

This release was possible thanks to our community.

If your company wants to support the sustainability of front-end infrastructure or wants to give some love to PostCSS, you can join our supporters by:

• Tidelift with a Spotify-like subscription model supporting all projects from your lock file.
• Direct donations at GitHub Sponsors or Open Collective.

Changelog

Sourced from postcss's changelog.

8.5.1

• Fixed backwards compatibility for complex cases (by @​romainmenke).

8.5 “Duke Alloces”

• Added Input#document for sources like CSS-in-JS or HTML (by @​romainmenke).

Commits

• 7b02c75 Release 8.5.1 version
• 4c15339 Update dependencies
• 7efe91e Improve backwards compat for Input#document (#2000)
• 6873270 Release 8.5 version
• 4223bb9 Fix 80 columns limit
• 80e2401 Add Input#document (#1996)
• 6f86879 Update dependencies
• 85cbbec Fix pnpm version on CI
• 76caa57 Update dependencies
• 46ff246 Move to pnpm 10
• Additional commits viewable in compare view

Updates typescript from 5.7.2 to 5.7.3

Release notes

Sourced from typescript's releases.

TypeScript 5.7.3

For release notes, check out the release announcement.

• fixed issues query for Typescript 5.7.0 (Beta).
• fixed issues query for Typescript 5.7.1 (RC).
• fixed issues query for Typescript 5.7.2 (Stable).
• fixed issues query for Typescript 5.7.3 (Stable).

Downloads are available on npm

Commits

• a5e123d Update LKG
• 8bc0204 🤖 Pick PR #60828 (Fix CodeQL configuration, releases) into release-5.7 (#60923)
• 7aa63df 🤖 Pick PR #60393 (Don't try to add an implicit undefi...) into release-5.7 (#...
• 9df7c36 Bump version to 5.7.3 and LKG
• e167412 🤖 Pick PR #60794 (Harden sanitizeLog against incorr...) into release-5.7 (#...
• 9ba364c Fix coverage build on release-5.7 (#60792)
• 4b7441a 🤖 Pick PR #60680 (Mark the inherited any-based index ...) into release-5.7 (#...
• e844dc3 Cherry-pick #60402, #60440, #60616 into release-5.7 (#60777)
• 21b02a1 🤖 Pick PR #60749 (Do not require import attribute on ...) into release-5.7 (#...
• b82fd16 🤖 Pick PR #60576 (Avoid incorrectly reusing assertion...) into release-5.7 (#...
• Additional commits viewable in compare view

Updates vite from 6.0.6 to 6.0.9

Release notes

Sourced from vite's releases.

v6.0.9

This version contains a breaking change due to security fixes. See GHSA-vg6x-rcgg-rjx6 for more details.

Please refer to CHANGELOG.md for details.

v6.0.8

Please refer to CHANGELOG.md for details.

v6.0.7

Please refer to CHANGELOG.md for details.

Changelog

Sourced from vite's changelog.

6.0.9 (2025-01-20)

• fix!: check host header to prevent DNS rebinding attacks and introduce server.allowedHosts (bd896fb)
• fix!: default server.cors: false to disallow fetching from untrusted origins (b09572a)
• fix: verify token for HMR WebSocket connection (029dcd6)

6.0.8 (2025-01-20)

• fix: avoid SSR HMR for HTML files (#19193) (3bd55bc), closes #19193
• fix: build time display 7m 60s (#19108) (cf0d2c8), closes #19108
• fix: don't resolve URL starting with double slash (#19059) (35942cd), closes #19059
• fix: ensure server.close() only called once (#19204) (db81c2d), closes #19204
• fix: resolve.conditions in ResolvedConfig was defaultServerConditions (#19174) (ad75c56), closes #19174
• fix: tree shake stringified JSON imports (#19189) (f2aed62), closes #19189
• fix: use shared sigterm callback (#19203) (47039f4), closes #19203
• fix(deps): update all non-major dependencies (#19098) (8639538), closes #19098
• fix(optimizer): use correct default install state path for yarn PnP (#19119) (e690d8b), closes #19119
• fix(types): improve ESBuildOptions.include / exclude type to allow readonly (string | RegExp)[] (ea53e70), closes #19146
• chore(deps): update dependency pathe to v2 (#19139) (71506f0), closes #19139

6.0.7 (2025-01-02)

• fix: fix minify when builder.sharedPlugins: true (#19025) (f7b1964), closes #19025
• fix: skip the plugin if it has been called before with the same id and importer (#19016) (b178c90), closes #19016
• fix(html): error while removing vite-ignore attribute for inline script (#19062) (a492253), closes #19062
• fix(ssr): fix semicolon injection by ssr transform (#19097) (1c102d5), closes #19097
• perf: skip globbing for static path in warmup (#19107) (677508b), closes #19107
• feat(css): show lightningcss warnings (#19076) (b07c036), closes #19076

Commits

• a55f8ba release: v6.0.9
• bd896fb fix!: check host header to prevent DNS rebinding attacks and introduce `serve...
• 029dcd6 fix: verify token for HMR WebSocket connection
• b09572a fix!: default server.cors: false to disallow fetching from untrusted origins
• c0f72a6 release: v6.0.8
• f2aed62 fix: tree shake stringified JSON imports (#19189)
• db81c2d fix: ensure server.close() only called once (#19204)
• 47039f4 fix: use shared sigterm callback (#19203)
• 3bd55bc fix: avoid SSR HMR for HTML files (#19193)
• e690d8b fix(optimizer): use correct default install state path for yarn PnP (#19119)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.