Bump the npm-dependencies group with 5 updates

[dependabot]

Bumps the npm-dependencies group with 5 updates:

Package	From	To
@graphql-tools/merge	9.0.15	9.0.17
@graphql-tools/schema	10.0.14	10.0.16
graphql-yoga	5.10.8	5.10.11
uuid	11.0.3	11.0.5
wrangler	3.99.0	3.107.2

Updates @graphql-tools/merge from 9.0.15 to 9.0.17

Changelog

Sourced from @​graphql-tools/merge's changelog.

9.0.17

Patch Changes

• Updated dependencies [53bb601, 53bb601]:
  • @​graphql-tools/utils@​10.7.2

9.0.16

Patch Changes

• Updated dependencies [4912f19]:
  • @​graphql-tools/utils@​10.7.1

Commits

• b7ad4c5 chore(release): update monorepo packages versions (#6823)
• 9b0da5f chore(release): update monorepo packages versions (#6814)
• See full diff in compare view

Updates @graphql-tools/schema from 10.0.14 to 10.0.16

Changelog

Sourced from @​graphql-tools/schema's changelog.

10.0.16

Patch Changes

• Updated dependencies [53bb601, 53bb601]:
  • @​graphql-tools/utils@​10.7.2
  • @​graphql-tools/merge@​9.0.17

10.0.15

Patch Changes

• Updated dependencies [4912f19]:
  • @​graphql-tools/utils@​10.7.1
  • @​graphql-tools/merge@​9.0.16

Commits

• b7ad4c5 chore(release): update monorepo packages versions (#6823)
• 9b0da5f chore(release): update monorepo packages versions (#6814)
• See full diff in compare view

Updates graphql-yoga from 5.10.8 to 5.10.11

Changelog

Sourced from graphql-yoga's changelog.

5.10.11

Patch Changes

• #3712 1c055f5 Thanks @​ardatan! - Show deprecated input fields, arguments and all other input values in GraphiQL

5.10.10

Patch Changes

• Updated dependencies [d4cbae1, d4cbae1]:
  • @​graphql-yoga/logger@​2.0.1
  • @​graphql-yoga/subscription@​5.0.3

5.10.9

Patch Changes

• #3620 d24c5d5 Thanks @​enisdenjo! - Bump dset dependency handling the CVE-2024-21529

  https://security.snyk.io/vuln/SNYK-JS-DSET-7116691

• #3620 d24c5d5 Thanks @​enisdenjo! - dependencies updates:

  • Updated dependency dset@^3.1.4 ↗︎ (from ^3.1.1, in dependencies)

Commits

• 0430c68 chore(release): update monorepo packages versions (#3713)
• 1c055f5 fix(graphiql): show input value deprecations (#3712)
• 601491c fix(deps): update all non-major dependencies (#3701)
• 0b5f173 fix(deps): update all non-major dependencies (#3700)
• bfc6c32 chore(release): update monorepo packages versions (#3661)
• def5562 fix(deps): update all non-major dependencies (#3664)
• d4cbae1 fix(deps): update dependency graphql-ws to v6 (#3660)
• 19aab45 fix(deps): update all non-major dependencies (#3646)
• b705d96 chore(deps): update dependency graphql-sse to v2.5.4 (#3635)
• 9f25a72 chore(release): update monorepo packages versions (#3621)
• Additional commits viewable in compare view

Updates uuid from 11.0.3 to 11.0.5

Release notes

Sourced from uuid's releases.

v11.0.5

11.0.5 (2025-01-09)

Bug Fixes

• add TS unit test, pin to [email protected] (#860) (24ac2fd)

v11.0.4

11.0.4 (2025-01-05)

Bug Fixes

• docs: insure -> ensure (#843) (d2a61e1)
• exclude tests from published package (#840) (f992ff4)
• Test for invalid byte array sizes and ranges in v1(), v4(), and v7() (#845) (e0ee900)

Changelog

Sourced from uuid's changelog.

11.0.5 (2025-01-09)

Bug Fixes

• add TS unit test, pin to [email protected] (#860) (24ac2fd)

11.0.4 (2025-01-05)

Bug Fixes

• docs: insure -> ensure (#843) (d2a61e1)
• exclude tests from published package (#840) (f992ff4)
• Test for invalid byte array sizes and ranges in v1(), v4(), and v7() (#845) (e0ee900)

Commits

• 46ada3c chore(main): release 11.0.5 (#861)
• 24ac2fd fix: add TS unit test, pin to [email protected] (#860)
• e426aaa build: use npm pack tarball for local examples and testing instead of .loca...
• 050cd5b chore(main): release 11.0.4 (#842)
• e0ee900 fix: Test for invalid byte array sizes and ranges in v1(), v4(), and `v7(...
• 6e83b3a chore: update deps (#848)
• 5f58b43 docs: Ensure link to getrandomvalues-not-supported is maintained (#844)
• d2a61e1 fix(docs): insure -> ensure (#843)
• f992ff4 fix: exclude tests from published package (#840)
• 59df709 docs: add notes on platform support (#838)
• See full diff in compare view

Updates wrangler from 3.99.0 to 3.107.2

Release notes

Sourced from wrangler's releases.

[email protected]

Patch Changes

• #7988 444a630 Thanks @​edmundhung! - Fix #7985.

  This reverts the changes on #7945 that caused compatibility issues with Node 16 due to the introduction of sharp.

[email protected]

Patch Changes

• #7981 e2b3306 Thanks @​WalshyDev! - Fixes a regression introduced in Wrangler 3.107.0 in which [assets] was not being inherited from the top-level environment.

• Updated dependencies [ab49886]:

  • [email protected]

[email protected]

Minor Changes

• #7897 34f9797 Thanks @​WillTaylorDev! - chore: provides run_worker_first for Worker-script-first configuration. Deprecates experimental_serve_directly.

Patch Changes

• #7945 d758215 Thanks @​ns476! - Add Images binding (in private beta for the time being)

• #7947 f57bc4e Thanks @​dario-piotrowicz! - fix: avoid getPlatformProxy logging twice that it is using vars defined in .dev.vars files

  when getPlatformProxy is called and it retrieves values from .dev.vars files, it logs twice a message like: Using vars defined in .dev.vars, the changes here make sure that in such cases this log only appears once

• #7889 38db4ed Thanks @​emily-shen! - feat: add experimental resource auto-provisioning to versions upload

• #7864 de6fa18 Thanks @​dario-piotrowicz! - Update the unstable_getMiniflareWorkerOptions types to always include an env parameter.

  The unstable_getMiniflareWorkerOptions types, when accepting a config object as the first argument, didn't accept a second env argument. The changes here make sure they do, since the env is still relevant for picking up variables from .dev.vars files.

• #7964 bc4d6c8 Thanks @​LuisDuarte1! - Fix scripts binding to a workflow in a different script overriding workflow config

• Updated dependencies [cf4f47a]:

  • [email protected]

[email protected]

Minor Changes

• #7856 2b6f149 Thanks @​emily-shen! - feat: add sanitised error messages to Wrangler telemetry

  Error messages that have been audited for potential inclusion of personal information, and explicitly opted-in, are now included in Wrangler's telemetry collection. Collected error messages will not include any filepaths, user input or any other potentially private content.

... (truncated)

Changelog

Sourced from wrangler's changelog.

3.107.2

Patch Changes

• #7988 444a630 Thanks @​edmundhung! - Fix #7985.

  This reverts the changes on #7945 that caused compatibility issues with Node 16 due to the introduction of sharp.

3.107.1

Patch Changes

• #7981 e2b3306 Thanks @​WalshyDev! - Fixes a regression introduced in Wrangler 3.107.0 in which [assets] was not being inherited from the top-level environment.

• Updated dependencies [ab49886]:

  • [email protected]

3.107.0

Minor Changes

• #7897 34f9797 Thanks @​WillTaylorDev! - chore: provides run_worker_first for Worker-script-first configuration. Deprecates experimental_serve_directly.

Patch Changes

• #7945 d758215 Thanks @​ns476! - Add Images binding (in private beta for the time being)

• #7947 f57bc4e Thanks @​dario-piotrowicz! - fix: avoid getPlatformProxy logging twice that it is using vars defined in .dev.vars files

  when getPlatformProxy is called and it retrieves values from .dev.vars files, it logs twice a message like: Using vars defined in .dev.vars, the changes here make sure that in such cases this log only appears once

• #7889 38db4ed Thanks @​emily-shen! - feat: add experimental resource auto-provisioning to versions upload

• #7864 de6fa18 Thanks @​dario-piotrowicz! - Update the unstable_getMiniflareWorkerOptions types to always include an env parameter.

  The unstable_getMiniflareWorkerOptions types, when accepting a config object as the first argument, didn't accept a second env argument. The changes here make sure they do, since the env is still relevant for picking up variables from .dev.vars files.

• #7964 bc4d6c8 Thanks @​LuisDuarte1! - Fix scripts binding to a workflow in a different script overriding workflow config

• Updated dependencies [cf4f47a]:

  • [email protected]

3.106.0

Minor Changes

... (truncated)

Commits

• 46a16bc Version Packages (#7991)
• 444a630 Revert "Add support for Images binding (#7945)" (#7988)
• ff0d9cd Version Packages (#7979)
• e2b3306 Fix assets inheritance regression (#7981)
• ab49886 chore(deps): bump the workerd-and-workers-types group across 1 directory with...
• 01edd28 Version Packages (#7933)
• 9ba6374 Revert "fix(wrangler): handling of process.env.NODE_ENV in bundling mode (#...
• d758215 Add support for Images binding (#7945)
• fdd1303 test: quieten the logs on Wrangler retry helper tests (#7965)
• bc4d6c8 fix: make wrangler deploy not call Workflows API if it binds to a different...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

👋 Thanks for opening a pull request!

If you are new, please check out the trimmed down summary of our deployment process below:

1. 👀 Observe the CI jobs and tests to ensure they are passing

2. ✔️ Obtain an approval/review on this pull request

3. 🚀 Deploy your pull request to the development environment with .deploy to development

4. 🚀 Deploy your pull request to the production environment with .deploy

   If anything goes wrong, rollback with .deploy main

5. 🎉 Merge!

Need help? Type .help as a comment or visit the usage guide for more details

Please note, if you have a more complex change, it is advised to claim a deployment lock with .lock <environment> --reason <reason> to prevent other deployments from happening while you are working on your change.

Once your PR has been merged, you can remove the lock with .unlock <environment>.