[Snyk] Upgrade valibot from 0.38.0 to 0.42.1

[rayston92]

Snyk has created this PR to upgrade valibot from 0.38.0 to 0.42.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 5 versions ahead of your current version.

• The recommended version was released 7 months ago.

Release notes

Package name: valibot

• 0.42.1 - 2024-09-20
  
  • Fix function type declaration of _run property
• 0.42.0 - 2024-09-15
  

  Many thanks to @ ajfhs812, @ andrew-d-jackson and @ declanlscott for contributing to this release.

  • Add metadata action to add custom metadata to a schema
  • Add title metadata action to add a title to a schema (discussion #826)
  • Add decimal action to validate integer and float strings (pull request #823)
  • Rename decimal action to digits (pull request #823)
  • Rename NoPipe type to SchemaWithoutPipe
  • Fix inference of generics in IssueDotPath type (issue #814)
• 0.41.0 - 2024-09-01
  

  Many thanks to @ EltonLobo07, @ ZerNico, @ Andarist, @ ruiaraujo012 and @ merodiro for contributing to this release.

  • Change reference property of all action base types to be less strict (issue #799)
  • Change implementation of variant and variantAsync to improve performance and issues generation for nested variants with different discriminators (pull request #809)
• 0.40.0 - 2024-08-29
  

  Many thanks to @ jasperteo, @ alecmev and @ cruzdanilo for contributing to this release.

  • Add nanoid action to validate Nano IDs (pull request #789)
  • Add undefinedable and undefinedableAsync schema (issue #385)
  • Fix invalid output type for transformed optional object entries (issue #806)
• 0.39.0 - 2024-08-24
  

  Many thanks to @ tpetry, @ incompletude, @ ComradeVanti, @ istonikula and @ ShlokDesai33 for contributing to this release.

  • Add support for exactOptionalPropertyTypes config (issue #385)
  • Fix IssueDotPath type for pipe and pipeAsync method (issue #793)
  • Fix IssueDotPath type for variant and variantAsync schema (issue #700)
• 0.38.0 - 2024-08-20
  

  Many thanks to @ EltonLobo07, @ samuba, @ alecmev, @ gflohr, @ threehams and @ carcinocron for contributing to this release.

  • Change expects and expected property by enclosing combined values in parentheses
  • Change question mark handling for optional, optionalAsync, nullish and nullishAsync schemas in objects
  • Fix TypeScript errors in TuplePath and QuestionMarkSchema type (issue #659, #776)
  • Fix missing TypeScript errors in pipe and pipeAsync method (pull request #785)

from valibot GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary or Summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​onekeyfe/​bitcoinforksjs-lib@​7.0.0-rc.0
	valibot@​0.38.0 ⏵ 0.42.1	+1		+1

View full report