Bump tslib from 2.6.3 to 2.8.1 in /frontend

[dependabot]

Bumps tslib from 2.6.3 to 2.8.1.

Release notes

Sourced from tslib's releases.

v2.8.1

What's Changed

• Fix publish workflow by @​andrewbranch in microsoft/tslib#271
• Include non-enumerable keys in __importStar helper by @​rbuckton in microsoft/tslib#272
• Remove use of ES2015 syntax by @​andrewbranch in microsoft/tslib#275

Full Changelog: microsoft/tslib@v2.8.0...v2.8.1

v2.8.0

What's Changed

• Validate export structure of every entrypoint by @​andrewbranch in microsoft/tslib#269
• Add rewriteRelativeImportExtension helper by @​andrewbranch in microsoft/tslib#270

Full Changelog: microsoft/tslib@v2.7.0...v2.8.0

v2.7.0

What's Changed

• Implement deterministic collapse of await in await using by @​rbuckton in microsoft/tslib#262
• Use global 'Iterator.prototype' for downlevel generators by @​rbuckton in microsoft/tslib#267

Full Changelog: microsoft/tslib@v2.6.3...v2.7.0

Commits

• d72d6f7 2.8.1
• 11fa982 Merge pull request #275 from microsoft/bug/es5-compat
• 3c532eb Remove use of ES2015 syntax
• b0076c4 Include non-enumerable keys in __importStar helper (#272)
• 7c11588 Add missing registry-url parameter
• 1fec667 Merge pull request #271 from microsoft/fix-publish
• 097e99e Fix publish workflow
• ca5f7fb 2.8.0
• 2334267 Merge pull request #270 from microsoft/rewriteRelativeImportExtension
• c4cde74 Missed update
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
capy-life	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Nov 4, 2024 5:29pm

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/tslib@2.8.1	None	0	90.4 kB	typescript-bot
pypi/mako@1.2.4	environment, eval, filesystem, network	0	2.26 MB	CaselIT, bourke
pypi/markdown-it-py@3.0.0	eval, filesystem, shell	0	264 kB	cjsewell, ebp-bot
pypi/markupsafe@2.1.3	environment, unsafe	0	142 kB
pypi/mdurl@0.1.2	None	0	25.7 kB	hukkin
pypi/motor-types@1.0.0b4	None	0	77.5 kB	Lord-Zero
pypi/motor@3.5.1	environment, filesystem, network	0	1.1 MB	10gen, emptysquare
pypi/motor@3.6.0	None	0	0 B
pypi/msgspec@0.16.0	environment, filesystem, shell, unsafe	0	893 kB	jcrist
pypi/multidict@6.0.4	environment, filesystem, unsafe	0	621 kB	Andrew.Svetlov, webknjaz
pypi/mypy-extensions@1.0.0	None	0	11.5 kB	guido, hauntsaninja, ilevkivskyi, ...2 more
pypi/mypy@1.10.1	environment, eval, filesystem, network, shell, unsafe	0	45.2 MB	ambv, guido, hauntsaninja, ...8 more
pypi/mypy@1.13.0	environment, eval, filesystem, network, shell, unsafe	0	46.2 MB	ambv, guido, hauntsaninja, ...8 more
pypi/names@0.3.0	filesystem	0	3.32 MB	treyhunner
pypi/nanoid@2.0.0	filesystem	0	14.5 kB	puyuan
pypi/opentelemetry-api@1.18.0	environment, eval, unsafe	0	309 kB	LeightonC, opentelemetry
pypi/opentelemetry-instrumentation-asgi@0.41b0	environment, eval, network	0	91.9 kB	LeightonC, codeboten, opentelemetry
pypi/opentelemetry-instrumentation@0.41b0	environment, filesystem, network, shell	0	102 kB	LeightonC, codeboten, opentelemetry
pypi/opentelemetry-semantic-conventions@0.41b0	environment	0	80 kB	LeightonC, opentelemetry

🚮 Removed packages: npm/tslib@2.6.3

View full report↗︎

[socket-security]

Report is too large to display inline.
View full report↗︎

Next steps

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore pypi/markupsafe@2.1.3
• @SocketSecurity ignore pypi/multidict@6.0.4
• @SocketSecurity ignore pypi/mypy-extensions@1.0.0
• @SocketSecurity ignore pypi/mako@1.2.4
• @SocketSecurity ignore pypi/markdown-it-py@3.0.0
• @SocketSecurity ignore pypi/opentelemetry-instrumentation@0.41b0
• @SocketSecurity ignore pypi/opentelemetry-instrumentation-asgi@0.41b0
• @SocketSecurity ignore pypi/nanoid@2.0.0
• @SocketSecurity ignore pypi/msgspec@0.16.0
• @SocketSecurity ignore pypi/mypy@1.10.1
• @SocketSecurity ignore pypi/motor@3.5.1
• @SocketSecurity ignore pypi/mypy@1.13.0