chore(deps): bump the npm_and_yarn group across 2 directories with 5 updates

[dependabot]

Bumps the npm_and_yarn group with 1 update in the / directory: nanoid.
Bumps the npm_and_yarn group with 5 updates in the /keep-ui directory:

Package	From	To
nanoid	3.3.7	3.3.9
cookie	0.5.0	1.0.2
next-auth	4.24.7	4.24.11
cross-spawn	7.0.3	7.0.6
next	14.2.12	14.2.24

Updates nanoid from 3.3.7 to 3.3.9

Release notes

Sourced from nanoid's releases.

3.3.9

• Reduced npm package size.

Changelog

Sourced from nanoid's changelog.

3.3.9

• Reduced npm package size.

3.3.8

• Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

Commits

• adf9b0c Release 3.3.9 version
• 1c6f088 Remove dev file from npm package
• 3044cd5 Release 3.3.8 version
• 4fe3495 Update size limit
• d643045 Fix pool pollution, infinite loop (#510)
• See full diff in compare view

Updates nanoid from 3.3.7 to 3.3.9

Release notes

Sourced from nanoid's releases.

3.3.9

• Reduced npm package size.

Changelog

Sourced from nanoid's changelog.

3.3.9

• Reduced npm package size.

3.3.8

• Fixed a way to break Nano ID by passing non-integer size (by @​myndzi).

Commits

• adf9b0c Release 3.3.9 version
• 1c6f088 Remove dev file from npm package
• 3044cd5 Release 3.3.8 version
• 4fe3495 Update size limit
• d643045 Fix pool pollution, infinite loop (#510)
• See full diff in compare view

Updates cookie from 0.5.0 to 1.0.2

Release notes

Sourced from cookie's releases.

v1.0.2

Fixed

• Loosen cookie name/value validation (#210)
• fix: options.priority used incorrect fallback (#207) by @​jonchurch

Added

• Add import example to README (#190) by @​isnifer

jshttp/cookie@v1.0.1...v1.0.2

v1.0.1

Added

• Allow case insensitive options (#194) 3bed080

jshttp/cookie@v1.0.0...v1.0.1

v1.0.0

Breaking changes

• Use modern JS features, ship TypeScript definition (#175) 1cc64ff
  • Adds __esModule marker, imports need to use import { parse, serialize } or import * as cookie
• Minimum node.js v18
• Uses null prototype object for parse return value
• Changes strict and priority to match the lower case strings (i.e. low, not LOW or Low)
• Require maxAge to be an integer using Number.isInteger check
• Delegates decode implementation details to decode option (i.e. error handling and quote parsing is defined by decode)
  • Delegate quote parsing to decode (#180) c4a2597
  • Shift try/catch to decode (#179) 93a5b97
• Improve arg/option error messages (#162) e206fd5 @​MaoShizhong

Other

• Remove hasOwnProperty, use undefined check for performance (#183) 8f3ee9e @​gurgunday

jshttp/cookie@v0.7.2...v1.0.0

v0.7.2

Fixed

• Fix object assignment of hasOwnProperty (#177) bc38ffd

jshttp/cookie@v0.7.1...v0.7.2

0.7.1

Fixed

• Allow leading dot for domain (#174)

... (truncated)

Commits

• e739f41 1.0.2
• 8be4b82 Loosen cookie name/value validation (#210)
• 94ba436 Fix codecov workflow in PRs (#209)
• 4898ba2 fix: options.priority used incorrect fallback (#207)
• 408c2b4 Add import example to README (#190)
• ba9e677 1.0.1
• 3bed080 Allow case insensitive options (#194)
• bc66a7e Generate cookie outside benchmarks (#187)
• c69cef6 1.0.0
• 42025f7 Use workflow status for badge
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by blakeembrey, a new releaser for cookie since your current version.

Updates next-auth from 4.24.7 to 4.24.11

Release notes

Sourced from next-auth's releases.

next-auth@4.24.10

What's Changed

• fix: functions that return promises must be async by @​thomaslindstrom in nextauthjs/next-auth#12105
• fix: support AUTH_SECRET for compat with npx auth secret by @​balazsorban44 in nextauthjs/next-auth@490a033

Full Changelog: https://github.com/nextauthjs/next-auth/compare/next-auth@4.24.9...next-auth@4.24.10

next-auth@4.24.9

What's Changed

• chore(docs): fix typo in WorkOS documentation by @​outofgamut in nextauthjs/next-auth#11959
• chore(v4): add neon sponsor by @​ndom91 in nextauthjs/next-auth#12008
• cookie package upgraded by @​talyuk in nextauthjs/next-auth#12046
• Allow Next.js v15 peer dependency by @​thomaslindstrom in nextauthjs/next-auth#12098
• await dynamic APIs as per Next.js 15 changes by @​balazsorban44 in nextauthjs/next-auth@4d143c5

New Contributors

• @​outofgamut made their first contribution in nextauthjs/next-auth#11959
• @​talyuk made their first contribution in nextauthjs/next-auth#12046
• @​thomaslindstrom made their first contribution in nextauthjs/next-auth#12098

Full Changelog: https://github.com/nextauthjs/next-auth/compare/next-auth@4.24.8...next-auth@4.24.9

Commits

• 6bca388 chore(release): bump version [skip ci]
• c46fd4f chore(deps): allow react v19 as peer deps (#12352)
• 3dfe5d5 chore: Update docusaurus.config.js
• 0447db0 chore(v4): add sent.dm sponsor (#12172)
• 5a5859a docs: Update options.md
• 5ad7fb4 docs: Update options.md
• c7ea50d chore(release): bump version [skip ci]
• 490a033 fix: support AUTH_SECRET for compat with npx auth secret
• 1e6be72 fix: functions that return promises must be async (#12105)
• ddab3cc chore(release): bump version [skip ci]
• Additional commits viewable in compare view

Updates cross-spawn from 7.0.3 to 7.0.6

Changelog

Sourced from cross-spawn's changelog.

7.0.6 (2024-11-18)

Bug Fixes

• update cross-spawn version to 7.0.5 in package-lock.json (f700743)

7.0.5 (2024-11-07)

Bug Fixes

• fix escaping bug introduced by backtracking (640d391)

7.0.4 (2024-11-07)

Bug Fixes

• disable regexp backtracking (#160) (5ff3a07)

Commits

• 77cd97f chore(release): 7.0.6
• 6717de4 chore: upgrade standard-version
• f700743 fix: update cross-spawn version to 7.0.5 in package-lock.json
• 9a7e3b2 chore: fix build status badge
• 0852683 chore(release): 7.0.5
• 640d391 fix: fix escaping bug introduced by backtracking
• bff0c87 chore: remove codecov
• a7c6abc chore: replace travis with github workflows
• 9b9246e chore(release): 7.0.4
• 5ff3a07 fix: disable regexp backtracking (#160)
• Additional commits viewable in compare view

Updates next from 14.2.12 to 14.2.24

Release notes

Sourced from next's releases.

v14.2.24

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• fix: ensure lint worker errors aren't silenced (#75779)
• add additional x-middleware-set-cookie filtering (#75561 & #73482)

Credits

Huge thanks to @​ztanner for helping!

v14.2.23

[!NOTE]
This release is backporting bug fixes. It does not include all pending features/changes on canary.

Core Changes

• backport: force module format for virtual client-proxy (#74590)
• Backport: Use provided waitUntil for pending revalidates (#74573)
• Feature: next/image: add support for images.qualities in next.config (#74500)

Credits

Huge thanks to @​styfle, @​ijjk and @​lubieowoce for helping!

Commits

• 756be15 v14.2.24
• ba6453d fix corepack keys
• c482c20 [backport v14] fix: ensure lint worker errors aren't silenced (#75766) (#75779)
• 5791cb6 [Backport v14] add additional x-middleware-set-cookie filtering (#75561) (#75...
• 8129a61 test: fix eslint plugin test (#75687)
• f27ce02 v14.2.23
• c4bf4ac backport: force module format for virtual client-proxy (#74162) (#74590)
• d60bb1b Backport: Use provided waitUntil for pending revalidates (#74164) (#74573)
• a85f441 feat(next/image): add support for images.qualities in next.config (#74500)
• adfe537 v14.2.22
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.