From 9396f840f44ad7bebb59c9438db5262a24ff18cc Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 14 Apr 2025 08:34:55 +0000
Subject: [PATCH 1/7] build(deps-dev): bump cypress from 14.2.1 to 14.3.0 in
 the cypress group (#8366)

Bumps the cypress group with 1 update: [cypress](https://github.com/cypress-io/cypress).


Updates `cypress` from 14.2.1 to 14.3.0
- [Release notes](https://github.com/cypress-io/cypress/releases)
- [Changelog](https://github.com/cypress-io/cypress/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/cypress-io/cypress/compare/v14.2.1...v14.3.0)

---
updated-dependencies:
- dependency-name: cypress
  dependency-version: 14.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: cypress
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 package-lock.json | 8 ++++----
 package.json      | 2 +-
 yarn.lock         | 8 ++++----
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index a74a341c7..dca7be667 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -19,7 +19,7 @@
         "auto-changelog": "^2.5.0",
         "bcryptjs": "^2.4.3",
         "cross-env": "^7.0.3",
-        "cypress": "^14.2.1",
+        "cypress": "^14.3.0",
         "cypress-network-idle": "^1.15.0",
         "date-fns": "^3.6.0",
         "dotenv": "^16.5.0",
@@ -7758,9 +7758,9 @@
       "optional": true
     },
     "node_modules/cypress": {
-      "version": "14.2.1",
-      "resolved": "https://registry.npmjs.org/cypress/-/cypress-14.2.1.tgz",
-      "integrity": "sha512-5xd0E7fUp0pjjib1D7ljkmCwFDgMkWuW06jWiz8dKrI7MNRrDo0C65i4Sh+oZ9YHjMHZRJBR0XZk1DfekOhOUw==",
+      "version": "14.3.0",
+      "resolved": "https://registry.npmjs.org/cypress/-/cypress-14.3.0.tgz",
+      "integrity": "sha512-rRfPl9Z0/CczuYybBEoLbDVuT1OGkhYaJ0+urRCshgiDRz6QnoA0KQIQnPx7MJ3zy+VCsbUU1pV74n+6cbJEdg==",
       "dev": true,
       "hasInstallScript": true,
       "license": "MIT",
diff --git a/package.json b/package.json
index eaaa1e748..bba13418b 100644
--- a/package.json
+++ b/package.json
@@ -43,7 +43,7 @@
     "auto-changelog": "^2.5.0",
     "bcryptjs": "^2.4.3",
     "cross-env": "^7.0.3",
-    "cypress": "^14.2.1",
+    "cypress": "^14.3.0",
     "cypress-network-idle": "^1.15.0",
     "date-fns": "^3.6.0",
     "dotenv": "^16.5.0",
diff --git a/yarn.lock b/yarn.lock
index 67f3c5d61..8b1bf7d8f 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -4074,10 +4074,10 @@ cypress-network-idle@^1.15.0:
   resolved "https://registry.yarnpkg.com/cypress-network-idle/-/cypress-network-idle-1.15.0.tgz#e249f08695a46f1ddce18a95d5293937f277cbb3"
   integrity sha512-8zU16zhc7S3nMl1NTEEcNsZYlJy/ZzP2zPTTrngGxyXH32Ipake/xfHLZsgrzeWCieiS2AVhQsakhWqFzO3hpw==
 
-cypress@^14.2.1:
-  version "14.2.1"
-  resolved "https://registry.yarnpkg.com/cypress/-/cypress-14.2.1.tgz#2628696588d3d3961bf0ea0ad87baeb359790dcd"
-  integrity sha512-5xd0E7fUp0pjjib1D7ljkmCwFDgMkWuW06jWiz8dKrI7MNRrDo0C65i4Sh+oZ9YHjMHZRJBR0XZk1DfekOhOUw==
+cypress@^14.3.0:
+  version "14.3.0"
+  resolved "https://registry.yarnpkg.com/cypress/-/cypress-14.3.0.tgz#720923501ca0e371d344b810572cea58d5b50aec"
+  integrity sha512-rRfPl9Z0/CczuYybBEoLbDVuT1OGkhYaJ0+urRCshgiDRz6QnoA0KQIQnPx7MJ3zy+VCsbUU1pV74n+6cbJEdg==
   dependencies:
     "@cypress/request" "^3.0.8"
     "@cypress/xvfb" "^1.2.4"

From 1afd9576ce5c03feb9bc74ac8c18a4d23f958725 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 14 Apr 2025 18:43:23 +0200
Subject: [PATCH 2/7] Bump bcryptjs from 2.4.3 to 3.0.2 in /backend (#8224)

Bumps [bcryptjs](https://github.com/dcodeIO/bcrypt.js) from 2.4.3 to 3.0.2.
- [Release notes](https://github.com/dcodeIO/bcrypt.js/releases)
- [Commits](https://github.com/dcodeIO/bcrypt.js/compare/2.4.3...v3.0.2)

---
updated-dependencies:
- dependency-name: bcryptjs
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 backend/package.json | 2 +-
 backend/yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index 516d763ec..b5a9e2bf8 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -42,7 +42,7 @@
     "babel-eslint": "~10.1.0",
     "babel-jest": "~29.7.0",
     "babel-plugin-transform-runtime": "^6.23.0",
-    "bcryptjs": "~2.4.3",
+    "bcryptjs": "~3.0.2",
     "body-parser": "^1.20.3",
     "cheerio": "~1.0.0",
     "cors": "~2.8.5",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index 628eea48d..27e97ce0a 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -3164,10 +3164,10 @@ bcrypt-pbkdf@^1.0.0:
   dependencies:
     tweetnacl "^0.14.3"
 
-bcryptjs@~2.4.3:
-  version "2.4.3"
-  resolved "https://registry.yarnpkg.com/bcryptjs/-/bcryptjs-2.4.3.tgz#9ab5627b93e60621ff7cdac5da9733027df1d0cb"
-  integrity sha1-mrVie5PmBiH/fNrF2pczAn3x0Ms=
+bcryptjs@~3.0.2:
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/bcryptjs/-/bcryptjs-3.0.2.tgz#caadcca1afefe372ed6e20f86db8e8546361c1ca"
+  integrity sha512-k38b3XOZKv60C4E2hVsXTolJWfkGRMbILBIe2IBITXciy5bOsTKot5kDrf3ZfufQtQOUN5mXceUEpU1rTl9Uog==
 
 binary-extensions@^2.0.0:
   version "2.0.0"

From 45096332484673653bbc816524f2328456a93424 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 14 Apr 2025 17:15:57 +0000
Subject: [PATCH 3/7] Bump bcryptjs from 2.4.3 to 3.0.2 (#8218)

Bumps [bcryptjs](https://github.com/dcodeIO/bcrypt.js) from 2.4.3 to 3.0.2.
- [Release notes](https://github.com/dcodeIO/bcrypt.js/releases)
- [Commits](https://github.com/dcodeIO/bcrypt.js/compare/2.4.3...v3.0.2)

---
updated-dependencies:
- dependency-name: bcryptjs
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 package-lock.json | 14 +++++++++-----
 package.json      |  2 +-
 yarn.lock         |  8 ++++----
 3 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index dca7be667..4e02f555e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -17,7 +17,7 @@
         "@cypress/browserify-preprocessor": "^3.0.2",
         "@faker-js/faker": "9.6.0",
         "auto-changelog": "^2.5.0",
-        "bcryptjs": "^2.4.3",
+        "bcryptjs": "^3.0.2",
         "cross-env": "^7.0.3",
         "cypress": "^14.3.0",
         "cypress-network-idle": "^1.15.0",
@@ -6597,10 +6597,14 @@
       }
     },
     "node_modules/bcryptjs": {
-      "version": "2.4.3",
-      "resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-2.4.3.tgz",
-      "integrity": "sha512-V/Hy/X9Vt7f3BbPJEi8BdVFMByHi+jNXrYkW3huaybV/kQ0KJg0Y6PkEMbn+zeT+i+SiKZ/HMqJGIIt4LZDqNQ==",
-      "dev": true
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-3.0.2.tgz",
+      "integrity": "sha512-k38b3XOZKv60C4E2hVsXTolJWfkGRMbILBIe2IBITXciy5bOsTKot5kDrf3ZfufQtQOUN5mXceUEpU1rTl9Uog==",
+      "dev": true,
+      "license": "BSD-3-Clause",
+      "bin": {
+        "bcrypt": "bin/bcrypt"
+      }
     },
     "node_modules/binary-extensions": {
       "version": "2.2.0",
diff --git a/package.json b/package.json
index bba13418b..7ddc60707 100644
--- a/package.json
+++ b/package.json
@@ -41,7 +41,7 @@
     "@cypress/browserify-preprocessor": "^3.0.2",
     "@faker-js/faker": "9.6.0",
     "auto-changelog": "^2.5.0",
-    "bcryptjs": "^2.4.3",
+    "bcryptjs": "^3.0.2",
     "cross-env": "^7.0.3",
     "cypress": "^14.3.0",
     "cypress-network-idle": "^1.15.0",
diff --git a/yarn.lock b/yarn.lock
index 8b1bf7d8f..768fbb1a7 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3171,10 +3171,10 @@ bcrypt-ts@^5.0.2:
   resolved "https://registry.yarnpkg.com/bcrypt-ts/-/bcrypt-ts-5.0.2.tgz#8068af00de29cc6dce02766c46332158677643e1"
   integrity sha512-gDwQ5784AkkfhHACh3jGcg1hUubyZyeq9AtVd5gXkcyHGVOC+mORjRIHSj+fHfqwY5vxwyBLXQpcfk8MpK0ROg==
 
-bcryptjs@^2.4.3:
-  version "2.4.3"
-  resolved "https://registry.yarnpkg.com/bcryptjs/-/bcryptjs-2.4.3.tgz#9ab5627b93e60621ff7cdac5da9733027df1d0cb"
-  integrity sha512-V/Hy/X9Vt7f3BbPJEi8BdVFMByHi+jNXrYkW3huaybV/kQ0KJg0Y6PkEMbn+zeT+i+SiKZ/HMqJGIIt4LZDqNQ==
+bcryptjs@^3.0.2:
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/bcryptjs/-/bcryptjs-3.0.2.tgz#caadcca1afefe372ed6e20f86db8e8546361c1ca"
+  integrity sha512-k38b3XOZKv60C4E2hVsXTolJWfkGRMbILBIe2IBITXciy5bOsTKot5kDrf3ZfufQtQOUN5mXceUEpU1rTl9Uog==
 
 binary-extensions@^2.0.0:
   version "2.2.0"

From fb12a139bc8e3922deea813f6a6b8acbefb2ea16 Mon Sep 17 00:00:00 2001
From: Max <maxharz@gmail.com>
Date: Mon, 14 Apr 2025 19:56:29 +0200
Subject: [PATCH 4/7] fix(webapp): better settings ux (#8347)

* Scroll to notification settings when opened (for mobile)

* scroll to settings content when clicking on menu entry

* Scroll to settings content on mobile and fix weird loading state

* Add fail-safety

* Fix linting
---
 webapp/pages/settings.vue                     | 29 ++++++++++++++++---
 webapp/pages/settings/blocked-users.vue       |  2 ++
 webapp/pages/settings/data-download.vue       |  2 ++
 webapp/pages/settings/delete-account.vue      |  2 ++
 webapp/pages/settings/embeds.vue              |  2 ++
 webapp/pages/settings/index.vue               |  2 ++
 webapp/pages/settings/invites.vue             |  2 ++
 webapp/pages/settings/languages.vue           |  2 ++
 webapp/pages/settings/muted-users.vue         |  2 ++
 .../pages/settings/my-email-address/index.vue |  2 ++
 webapp/pages/settings/my-organizations.vue    |  2 ++
 webapp/pages/settings/my-social-media.vue     |  2 ++
 webapp/pages/settings/notifications.vue       |  2 ++
 webapp/pages/settings/privacy.vue             |  2 ++
 webapp/pages/settings/scroll-to-content.js    | 13 +++++++++
 webapp/pages/settings/security.vue            |  2 ++
 16 files changed, 66 insertions(+), 4 deletions(-)
 create mode 100644 webapp/pages/settings/scroll-to-content.js

diff --git a/webapp/pages/settings.vue b/webapp/pages/settings.vue
index 1fce64d8f..5d526c3cc 100644
--- a/webapp/pages/settings.vue
+++ b/webapp/pages/settings.vue
@@ -5,14 +5,14 @@
     </ds-space>
     <ds-space margin="large" />
     <ds-flex gutter="small">
-      <ds-flex-item :width="{ base: '100%', md: '200px' }">
+      <div class="menu-container">
         <ds-menu :routes="routes" :is-exact="() => true" />
-      </ds-flex-item>
-      <ds-flex-item :width="{ base: '100%', md: 1 }">
+      </div>
+      <div class="settings-content" id="settings-content">
         <transition name="slide-up" appear>
           <nuxt-child />
         </transition>
-      </ds-flex-item>
+      </div>
     </ds-flex>
   </div>
 </template>
@@ -87,3 +87,24 @@ export default {
   },
 }
 </script>
+
+<style scoped>
+.menu-container {
+  width: 100%;
+}
+.settings-content {
+  flex: 1;
+  padding: 0 24px;
+  margin-top: 32px;
+}
+
+@media screen and (min-width: 600px) {
+  .settings-content {
+    margin-top: 0;
+  }
+
+  .menu-container {
+    width: 200px;
+  }
+}
+</style>
diff --git a/webapp/pages/settings/blocked-users.vue b/webapp/pages/settings/blocked-users.vue
index 90519452f..0eed6d370 100644
--- a/webapp/pages/settings/blocked-users.vue
+++ b/webapp/pages/settings/blocked-users.vue
@@ -75,8 +75,10 @@
 <script>
 import { blockedUsers, unblockUser } from '~/graphql/settings/BlockedUsers'
 import ProfileAvatar from '~/components/_new/generic/ProfileAvatar/ProfileAvatar'
+import scrollToContent from './scroll-to-content.js'
 
 export default {
+  mixins: [scrollToContent],
   components: {
     ProfileAvatar,
   },
diff --git a/webapp/pages/settings/data-download.vue b/webapp/pages/settings/data-download.vue
index ca6755bd5..c3710dbd7 100644
--- a/webapp/pages/settings/data-download.vue
+++ b/webapp/pages/settings/data-download.vue
@@ -26,8 +26,10 @@ import { mapGetters } from 'vuex'
 import { userDataQuery } from '~/graphql/User'
 import BaseButton from '~/components/_new/generic/BaseButton/BaseButton.vue'
 import isEmpty from 'lodash/isEmpty'
+import scrollToContent from './scroll-to-content.js'
 
 export default {
+  mixins: [scrollToContent],
   components: {
     BaseButton,
   },
diff --git a/webapp/pages/settings/delete-account.vue b/webapp/pages/settings/delete-account.vue
index e1872bf4c..e3d29d6d7 100644
--- a/webapp/pages/settings/delete-account.vue
+++ b/webapp/pages/settings/delete-account.vue
@@ -4,8 +4,10 @@
 
 <script>
 import DeleteData from '~/components/DeleteData/DeleteData.vue'
+import scrollToContent from './scroll-to-content.js'
 
 export default {
+  mixins: [scrollToContent],
   components: {
     DeleteData,
   },
diff --git a/webapp/pages/settings/embeds.vue b/webapp/pages/settings/embeds.vue
index 4b0ef95d7..53db65e5e 100644
--- a/webapp/pages/settings/embeds.vue
+++ b/webapp/pages/settings/embeds.vue
@@ -39,8 +39,10 @@
 import axios from 'axios'
 import { mapGetters, mapMutations } from 'vuex'
 import { updateUserMutation } from '~/graphql/User.js'
+import scrollToContent from './scroll-to-content.js'
 
 export default {
+  mixins: [scrollToContent],
   head() {
     return {
       title: this.$t('settings.embeds.name'),
diff --git a/webapp/pages/settings/index.vue b/webapp/pages/settings/index.vue
index 6cae7e44c..5c66eb3cf 100644
--- a/webapp/pages/settings/index.vue
+++ b/webapp/pages/settings/index.vue
@@ -47,10 +47,12 @@ import { mapGetters, mapMutations } from 'vuex'
 import UniqueSlugForm from '~/components/utils/UniqueSlugForm'
 import { updateUserMutation } from '~/graphql/User'
 import { queryLocations } from '~/graphql/location'
+import scrollToContent from './scroll-to-content.js'
 
 let timeout
 
 export default {
+  mixins: [scrollToContent],
   name: 'NewsFeed',
   data() {
     return {
diff --git a/webapp/pages/settings/invites.vue b/webapp/pages/settings/invites.vue
index 0871084e3..9ec276a36 100644
--- a/webapp/pages/settings/invites.vue
+++ b/webapp/pages/settings/invites.vue
@@ -7,8 +7,10 @@
 
 <script>
 import HcEmpty from '~/components/Empty/Empty'
+import scrollToContent from './scroll-to-content.js'
 
 export default {
+  mixins: [scrollToContent],
   components: {
     HcEmpty,
   },
diff --git a/webapp/pages/settings/languages.vue b/webapp/pages/settings/languages.vue
index e60cc456a..15889f4c3 100644
--- a/webapp/pages/settings/languages.vue
+++ b/webapp/pages/settings/languages.vue
@@ -7,8 +7,10 @@
 
 <script>
 import HcEmpty from '~/components/Empty/Empty'
+import scrollToContent from './scroll-to-content.js'
 
 export default {
+  mixins: [scrollToContent],
   components: {
     HcEmpty,
   },
diff --git a/webapp/pages/settings/muted-users.vue b/webapp/pages/settings/muted-users.vue
index d314d31d4..bb0314672 100644
--- a/webapp/pages/settings/muted-users.vue
+++ b/webapp/pages/settings/muted-users.vue
@@ -72,8 +72,10 @@
 <script>
 import { mutedUsers, unmuteUser } from '~/graphql/settings/MutedUsers'
 import ProfileAvatar from '~/components/_new/generic/ProfileAvatar/ProfileAvatar'
+import scrollToContent from './scroll-to-content.js'
 
 export default {
+  mixins: [scrollToContent],
   components: {
     ProfileAvatar,
   },
diff --git a/webapp/pages/settings/my-email-address/index.vue b/webapp/pages/settings/my-email-address/index.vue
index 2d2cc406f..e46746e62 100644
--- a/webapp/pages/settings/my-email-address/index.vue
+++ b/webapp/pages/settings/my-email-address/index.vue
@@ -31,8 +31,10 @@ import { mapGetters } from 'vuex'
 import { AddEmailAddressMutation } from '~/graphql/EmailAddress.js'
 import { SweetalertIcon } from 'vue-sweetalert-icons'
 import normalizeEmail from '~/components/utils/NormalizeEmail'
+import scrollToContent from '../scroll-to-content.js'
 
 export default {
+  mixins: [scrollToContent],
   components: {
     SweetalertIcon,
   },
diff --git a/webapp/pages/settings/my-organizations.vue b/webapp/pages/settings/my-organizations.vue
index 194fa3f7e..12b852cf2 100644
--- a/webapp/pages/settings/my-organizations.vue
+++ b/webapp/pages/settings/my-organizations.vue
@@ -7,8 +7,10 @@
 
 <script>
 import HcEmpty from '~/components/Empty/Empty'
+import scrollToContent from './scroll-to-content.js'
 
 export default {
+  mixins: [scrollToContent],
   components: {
     HcEmpty,
   },
diff --git a/webapp/pages/settings/my-social-media.vue b/webapp/pages/settings/my-social-media.vue
index aa303e74c..b1d4f3be5 100644
--- a/webapp/pages/settings/my-social-media.vue
+++ b/webapp/pages/settings/my-social-media.vue
@@ -35,8 +35,10 @@ import {
 } from '~/graphql/SocialMedia.js'
 import MySomethingList from '~/components/_new/features/MySomethingList/MySomethingList.vue'
 import SocialMediaListItem from '~/components/_new/features/SocialMedia/SocialMediaListItem.vue'
+import scrollToContent from './scroll-to-content.js'
 
 export default {
+  mixins: [scrollToContent],
   components: {
     MySomethingList,
     SocialMediaListItem,
diff --git a/webapp/pages/settings/notifications.vue b/webapp/pages/settings/notifications.vue
index 35249a37d..36e0d9081 100644
--- a/webapp/pages/settings/notifications.vue
+++ b/webapp/pages/settings/notifications.vue
@@ -29,8 +29,10 @@
 <script>
 import { mapGetters, mapMutations } from 'vuex'
 import { updateUserMutation } from '~/graphql/User'
+import scrollToContent from './scroll-to-content.js'
 
 export default {
+  mixins: [scrollToContent],
   data() {
     return {
       emailNotificationSettings: [],
diff --git a/webapp/pages/settings/privacy.vue b/webapp/pages/settings/privacy.vue
index 71fd31946..d824933ec 100644
--- a/webapp/pages/settings/privacy.vue
+++ b/webapp/pages/settings/privacy.vue
@@ -12,8 +12,10 @@
 <script>
 import { mapGetters, mapMutations } from 'vuex'
 import { updateUserMutation } from '~/graphql/User'
+import scrollToContent from './scroll-to-content.js'
 
 export default {
+  mixins: [scrollToContent],
   data() {
     return {
       shoutsAllowed: false,
diff --git a/webapp/pages/settings/scroll-to-content.js b/webapp/pages/settings/scroll-to-content.js
new file mode 100644
index 000000000..32bf71e1c
--- /dev/null
+++ b/webapp/pages/settings/scroll-to-content.js
@@ -0,0 +1,13 @@
+export default {
+  mounted() {
+    if (document.documentElement.clientWidth >= 600) return
+
+    const content = document.getElementById('settings-content')
+
+    if (!content) return
+
+    content.scrollIntoView({
+      behavior: 'smooth',
+    })
+  },
+}
diff --git a/webapp/pages/settings/security.vue b/webapp/pages/settings/security.vue
index e8754ada9..f3e4f065c 100644
--- a/webapp/pages/settings/security.vue
+++ b/webapp/pages/settings/security.vue
@@ -7,8 +7,10 @@
 
 <script>
 import ChangePassword from '~/components/Password/Change'
+import scrollToContent from './scroll-to-content.js'
 
 export default {
+  mixins: [scrollToContent],
   components: {
     ChangePassword,
   },

From c2fd4484d25864486602c1ee0326dfa610a86b2d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 14 Apr 2025 19:14:18 +0000
Subject: [PATCH 5/7] Bump graphql from 14.7.0 to 15.10.1 in /webapp (#8157)

Bumps [graphql](https://github.com/graphql/graphql-js) from 14.7.0 to 15.10.1.
- [Release notes](https://github.com/graphql/graphql-js/releases)
- [Commits](https://github.com/graphql/graphql-js/compare/v14.7.0...v15.10.1)

---
updated-dependencies:
- dependency-name: graphql
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 webapp/package.json |  2 +-
 webapp/yarn.lock    | 10 +++++-----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/webapp/package.json b/webapp/package.json
index 0f3371b95..c56684325 100644
--- a/webapp/package.json
+++ b/webapp/package.json
@@ -39,7 +39,7 @@
     "cross-env": "~7.0.3",
     "date-fns": "2.22.1",
     "express": "~5.1.0",
-    "graphql": "~14.7.0",
+    "graphql": "~15.10.1",
     "intersection-observer": "^0.12.0",
     "jest-serializer-vue": "^3.1.0",
     "jsonwebtoken": "~9.0.2",
diff --git a/webapp/yarn.lock b/webapp/yarn.lock
index 6295a5bc0..1c3212c89 100644
--- a/webapp/yarn.lock
+++ b/webapp/yarn.lock
@@ -11196,17 +11196,17 @@ graphql-upload@^8.0.2:
     http-errors "^1.7.3"
     object-path "^0.11.4"
 
-"graphql@14.0.2 - 14.2.0 || ^14.3.1", graphql@^14.5.8, graphql@~14.7.0:
+"graphql@14.0.2 - 14.2.0 || ^14.3.1", graphql@^14.5.8:
   version "14.7.0"
   resolved "https://registry.yarnpkg.com/graphql/-/graphql-14.7.0.tgz#7fa79a80a69be4a31c27dda824dc04dac2035a72"
   integrity sha512-l0xWZpoPKpppFzMfvVyFmp9vLN7w/ZZJPefUicMCepfJeQ8sMcztloGYY9DfjVPo6tIUDzU5Hw3MUbIjj9AVVA==
   dependencies:
     iterall "^1.2.2"
 
-graphql@^15.3.0:
-  version "15.4.0"
-  resolved "https://registry.yarnpkg.com/graphql/-/graphql-15.4.0.tgz#e459dea1150da5a106486ba7276518b5295a4347"
-  integrity sha512-EB3zgGchcabbsU9cFe1j+yxdzKQKAbGUWRb13DsrsMN1yyfmmIq+2+L5MqVWcDCE4V89R5AyUOi7sMOGxdsYtA==
+graphql@^15.3.0, graphql@~15.10.1:
+  version "15.10.1"
+  resolved "https://registry.yarnpkg.com/graphql/-/graphql-15.10.1.tgz#e9ff3bb928749275477f748b14aa5c30dcad6f2f"
+  integrity sha512-BL/Xd/T9baO6NFzoMpiMD7YUZ62R6viR5tp/MULVEnbYJXZA//kRNW7J0j1w/wXArgL0sCxhDfK5dczSKn3+cg==
 
 grid-index@^1.1.0:
   version "1.1.0"

From adcbf81a530668a68cb8e47c9e4baf4ff0056b0f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 14 Apr 2025 20:29:58 +0000
Subject: [PATCH 6/7] build(deps-dev): bump the typescript group across 1
 directory with 2 updates (#8383)

Bumps the typescript group with 2 updates in the /backend directory: [ts-jest](https://github.com/kulshekhar/ts-jest) and [tsc-alias](https://github.com/justkey007/tsc-alias).


Updates `ts-jest` from 29.3.1 to 29.3.2
- [Release notes](https://github.com/kulshekhar/ts-jest/releases)
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/kulshekhar/ts-jest/compare/v29.3.1...v29.3.2)

Updates `tsc-alias` from 1.8.14 to 1.8.15
- [Release notes](https://github.com/justkey007/tsc-alias/releases)
- [Commits](https://github.com/justkey007/tsc-alias/compare/v1.8.14...v1.8.15)

---
updated-dependencies:
- dependency-name: ts-jest
  dependency-version: 29.3.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: typescript
- dependency-name: tsc-alias
  dependency-version: 1.8.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: typescript
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 backend/package.json |  4 ++--
 backend/yarn.lock    | 20 ++++++++++----------
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index b5a9e2bf8..4038c110d 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -122,9 +122,9 @@
     "prettier": "^3.5.3",
     "require-json5": "^1.3.0",
     "rosie": "^2.1.1",
-    "ts-jest": "^29.3.1",
+    "ts-jest": "^29.3.2",
     "ts-node": "^10.9.2",
-    "tsc-alias": "^1.8.14",
+    "tsc-alias": "^1.8.15",
     "tsconfig-paths": "^4.2.0",
     "typescript": "^5.8.3"
   },
diff --git a/backend/yarn.lock b/backend/yarn.lock
index 27e97ce0a..d6a21156d 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -9743,10 +9743,10 @@ ts-invariant@^0.4.0:
   dependencies:
     tslib "^1.9.3"
 
-ts-jest@^29.3.1:
-  version "29.3.1"
-  resolved "https://registry.yarnpkg.com/ts-jest/-/ts-jest-29.3.1.tgz#2e459e1f94a833bd8216ba4b045fac948e265937"
-  integrity sha512-FT2PIRtZABwl6+ZCry8IY7JZ3xMuppsEV9qFVHOVe8jDzggwUZ9TsM4chyJxL9yi6LvkqcZYU3LmapEE454zBQ==
+ts-jest@^29.3.2:
+  version "29.3.2"
+  resolved "https://registry.yarnpkg.com/ts-jest/-/ts-jest-29.3.2.tgz#0576cdf0a507f811fe73dcd16d135ce89f8156cb"
+  integrity sha512-bJJkrWc6PjFVz5g2DGCNUo8z7oFEYaz1xP1NpeDU7KNLMWPpEyV8Chbpkn8xjzgRDpQhnGMyvyldoL7h8JXyug==
   dependencies:
     bs-logger "^0.2.6"
     ejs "^3.1.10"
@@ -9756,7 +9756,7 @@ ts-jest@^29.3.1:
     lodash.memoize "^4.1.2"
     make-error "^1.3.6"
     semver "^7.7.1"
-    type-fest "^4.38.0"
+    type-fest "^4.39.1"
     yargs-parser "^21.1.1"
 
 ts-node@^10.9.2:
@@ -9778,10 +9778,10 @@ ts-node@^10.9.2:
     v8-compile-cache-lib "^3.0.1"
     yn "3.1.1"
 
-tsc-alias@^1.8.14:
-  version "1.8.14"
-  resolved "https://registry.yarnpkg.com/tsc-alias/-/tsc-alias-1.8.14.tgz#cbe9566bcb4b014c32d0704ac495ab3361436edc"
-  integrity sha512-abPL5KpLkZCR06QkgyOBaswNPgNL/Ub/am16tvQ0kTsmPx3FEhBOAsvIPUU8OkYrLv0JlzJEaJ1r6XkJBIQvYg==
+tsc-alias@^1.8.15:
+  version "1.8.15"
+  resolved "https://registry.yarnpkg.com/tsc-alias/-/tsc-alias-1.8.15.tgz#7a07a77a4157872f834841a2a1647fad9464884d"
+  integrity sha512-yKLVx8ddUurRwhVcS6JFF2ZjksOX2ZWDRIdgt+PQhJBDegIdAdilptiHsuAbx9UFxa16GFrxeKQ2kTcGvR6fkQ==
   dependencies:
     chokidar "^3.5.3"
     commander "^9.0.0"
@@ -9866,7 +9866,7 @@ type-fest@^0.21.3:
   resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.21.3.tgz#d260a24b0198436e133fa26a524a6d65fa3b2e37"
   integrity sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==
 
-type-fest@^4.38.0:
+type-fest@^4.39.1:
   version "4.39.1"
   resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-4.39.1.tgz#7521f6944e279abaf79cf60cfbc4823f4858083e"
   integrity sha512-uW9qzd66uyHYxwyVBYiwS4Oi0qZyUqwjU+Oevr6ZogYiXt99EOYtwvzMSLw1c3lYo2HzJsep/NB23iEVEgjG/w==

From b31a439c8baffd2641303ef86df560091f6990a4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 15 Apr 2025 01:10:42 +0000
Subject: [PATCH 7/7] build(deps): bump graphql-upload from 11.0.0 to 13.0.0 in
 /backend (#8375)

Bumps [graphql-upload](https://github.com/jaydenseric/graphql-upload) from 11.0.0 to 13.0.0.
- [Release notes](https://github.com/jaydenseric/graphql-upload/releases)
- [Changelog](https://github.com/jaydenseric/graphql-upload/blob/master/changelog.md)
- [Commits](https://github.com/jaydenseric/graphql-upload/compare/v11.0.0...v13.0.0)

---
updated-dependencies:
- dependency-name: graphql-upload
  dependency-version: 13.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 backend/package.json |  2 +-
 backend/yarn.lock    | 40 ++++++++++++++++++++--------------------
 2 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/backend/package.json b/backend/package.json
index 4038c110d..b6cadf0b9 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -56,7 +56,7 @@
     "graphql-shield": "~7.2.2",
     "graphql-subscriptions": "^1.1.0",
     "graphql-tag": "~2.10.3",
-    "graphql-upload": "^11.0.0",
+    "graphql-upload": "^13.0.0",
     "helmet": "~8.1.0",
     "ioredis": "^5.6.1",
     "jsonwebtoken": "~8.5.1",
diff --git a/backend/yarn.lock b/backend/yarn.lock
index d6a21156d..9e64960ff 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -5637,6 +5637,16 @@ graphql-upload@^11.0.0, graphql-upload@^8.0.2:
     isobject "^4.0.0"
     object-path "^0.11.4"
 
+graphql-upload@^13.0.0:
+  version "13.0.0"
+  resolved "https://registry.yarnpkg.com/graphql-upload/-/graphql-upload-13.0.0.tgz#1a255b64d3cbf3c9f9171fa62a8fb0b9b59bb1d9"
+  integrity sha512-YKhx8m/uOtKu4Y1UzBFJhbBGJTlk7k4CydlUUiNrtxnwZv0WigbRHP+DVhRNKt7u7DXOtcKZeYJlGtnMXvreXA==
+  dependencies:
+    busboy "^0.3.1"
+    fs-capacitor "^6.2.0"
+    http-errors "^1.8.1"
+    object-path "^0.11.8"
+
 graphql@^14.2.1, graphql@^14.5.3, graphql@^14.6.0:
   version "14.6.0"
   resolved "https://registry.yarnpkg.com/graphql/-/graphql-14.6.0.tgz#57822297111e874ea12f5cd4419616930cd83e49"
@@ -5846,16 +5856,16 @@ http-errors@2.0.0, http-errors@^2.0.0:
     statuses "2.0.1"
     toidentifier "1.0.1"
 
-http-errors@^1.7.3:
-  version "1.7.3"
-  resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.7.3.tgz#6c619e4f9c60308c38519498c14fbb10aacebb06"
-  integrity sha512-ZTTX0MWrsQ2ZAhA1cejAwDLycFsd7I7nVtnkT3Ol0aqodaKW+0CTZDQ1uBv5whptCnc8e8HeRRJxRs0kmm/Qfw==
+http-errors@^1.7.3, http-errors@^1.8.1:
+  version "1.8.1"
+  resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.8.1.tgz#7c3f28577cbc8a207388455dbd62295ed07bd68c"
+  integrity sha512-Kpk9Sm7NmI+RHhnj6OIWDI1d6fIoFAtFt9RLaTMRlg/8w49juAStsrBgp0Dp4OdxdVbRIeKhtCUvoi/RuAhO4g==
   dependencies:
     depd "~1.1.2"
     inherits "2.0.4"
-    setprototypeof "1.1.1"
+    setprototypeof "1.2.0"
     statuses ">= 1.5.0 < 2"
-    toidentifier "1.0.0"
+    toidentifier "1.0.1"
 
 http-proxy-agent@^7.0.0, http-proxy-agent@^7.0.2:
   version "7.0.2"
@@ -7971,10 +7981,10 @@ object-keys@^1.0.11, object-keys@^1.0.12, object-keys@^1.1.1:
   resolved "https://registry.yarnpkg.com/object-keys/-/object-keys-1.1.1.tgz#1c47f272df277f3b1daf061677d9c82e2322c60e"
   integrity sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==
 
-object-path@^0.11.4:
-  version "0.11.5"
-  resolved "https://registry.yarnpkg.com/object-path/-/object-path-0.11.5.tgz#d4e3cf19601a5140a55a16ad712019a9c50b577a"
-  integrity sha512-jgSbThcoR/s+XumvGMTMf81QVBmah+/Q7K7YduKeKVWL7N111unR2d6pZZarSk6kY/caeNxUDyxOvMWyzoU2eg==
+object-path@^0.11.4, object-path@^0.11.8:
+  version "0.11.8"
+  resolved "https://registry.yarnpkg.com/object-path/-/object-path-0.11.8.tgz#ed002c02bbdd0070b78a27455e8ae01fc14d4742"
+  integrity sha512-YJjNZrlXJFM42wTBn6zgOJVar9KFJvzx6sTWDte8sWZF//cnjl0BxHNpfZx+ZffXX63A9q0b1zsFiBX4g4X5KA==
 
 object.assign@^4.1.0:
   version "4.1.0"
@@ -9041,11 +9051,6 @@ set-function-name@^2.0.1:
     functions-have-names "^1.2.3"
     has-property-descriptors "^1.0.2"
 
-setprototypeof@1.1.1:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.1.1.tgz#7e95acb24aa92f5885e0abef5ba131330d4ae683"
-  integrity sha512-JvdAWfbXeIGaZ9cILp38HntZSFSo3mWg6xGcJJsd+d4aRMOqauag1C63dJfDw7OaMYwEbHMOxEZ1lqVRYP2OAw==
-
 setprototypeof@1.2.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.2.0.tgz#66c9a24a73f9fc28cbe66b09fed3d33dcaf1b424"
@@ -9642,11 +9647,6 @@ to-regex-range@^5.0.1:
   dependencies:
     is-number "^7.0.0"
 
-toidentifier@1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/toidentifier/-/toidentifier-1.0.0.tgz#7e1be3470f1e77948bc43d94a3c8f4d7752ba553"
-  integrity sha512-yaOH/Pk/VEhBWWTlhI+qXxDFXlejDGcQipMlyxda9nthulaxLZUNcUqFxokp0vcYnvteJln5FNQDRrxj3YcbVw==
-
 toidentifier@1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/toidentifier/-/toidentifier-1.0.1.tgz#3be34321a88a820ed1bd80dfaa33e479fbb8dd35"