Commit graph

31 commits

Author SHA1 Message Date
alex
25656cef67
Allow null origins on dotcom worker requests (#4105)
GET requests to the same origin don't send the `origin` headers. in
other situations we care about (CORS requests) we want to block unknown
origins, but if the origin header is missing it's probably because this
is a same-origin request, so we should allow it. Fixes an issue loading
bookmarks on mobile devices

### Change type

- [x] `bugfix`
2024-07-09 10:08:28 +00:00
David Sheldrick
c1fe8ec99a
put sync stuff in bemo worker (#4060)
this PR puts sync stuff in the bemo worker, and sets up a temporary
dev-only page in dotcom for testing bemo stuff


### Change type

- [ ] `bugfix`
- [ ] `improvement`
- [x] `feature`
- [ ] `api`
- [ ] `other`

### Test plan

1. Create a shape...
2.

- [ ] Unit tests
- [ ] End to end tests

### Release notes

- Fixed a bug with...
2024-07-03 14:10:54 +00:00
alex
8906bd8ffa
Demo server bookmark unfurl endpoint (#4062)
This adds the HTMLRewriter-based bookmark unfurler to the demo server.
It moves the unfurler into worker-shared, and adds some better shared
error handling across our workers.

I removed the fallback bookmark fetcher where we try and fetch websites
locally. This will almost never work, as it requires sites to set public
CORS.

### Change type
- [x] `other`
2024-07-03 10:48:34 +00:00
alex
dcfc6da604
Demo assets server (#4055)
Adds an assets server to the demo worker, and reworks the existing asset
server to use the same code. There are a few simplifications to the code
due to some DX improvements working with R2 and caches. I also removed
the `HEAD` request from the assets server: i took a look at our logs and
it's not actually used at all.

This also fixes an issue where users could overwrite the contents of the
asset uploads bucket.

### Change type

- [x] `other`
2024-07-02 13:08:50 +00:00
David Sheldrick
adb84d97e3
worker fixes (#4059)
Describe what your pull request does. If you can, add GIFs or images
showing the before and after of your change.

### Change type

- [x] `bugfix`
- [ ] `improvement`
- [ ] `feature`
- [ ] `api`
- [ ] `other`

### Test plan

1. Create a shape...
2.

- [ ] Unit tests
- [ ] End to end tests

### Release notes

- Fixed a bug with...

---------

Co-authored-by: alex <alex@dytry.ch>
2024-07-02 10:53:27 +00:00
alex
031547749f
add workers-shared package and source-maps for dotcom-worker sentry reports (#4052)
Share the new sentry stuff that plays nice with releases/sourcemaps with
dotcom-worker using a new `worker-shared` package.
2024-07-02 09:10:20 +00:00
David Sheldrick
ee6aa172b2
Unfurl bookmarks in worker (#4039)
This PR adds a `GET /api/unfurl?url=blahblah` endpoint to our worker.

I tried out the existing cheerio implementation but it added 300kb to
our worker bundle in the end, due to transitive dependencies.

So I implemented the same logic with cloudflare's sanctioned streaming
HTML parser `HTMLRewriter` and it seems to work fine.

I also made the vscode extension do its fetching locally (from the node
process so it's not bound by security policies), retaining the cheerio
version for that. At the same time I fixed a bug in the RPC layer that
was preventing unfurled metadata from loading correctly.

In a few months we can retire the bookmark-extractor app by just
deleting it in the vercel dashboard.

### Change Type


<!--  Please select a 'Type' label ️ -->

- [ ] `feature` — New feature
- [x] `improvement` — Product improvement
- [ ] `api` — API change
- [ ] `bugfix` — Bug fix
- [ ] `other` — Changes that don't affect SDK users, e.g. internal or
.com changes


### Test Plan

1. Add a step-by-step description of how to test your PR here.
2.

- [ ] Unit Tests
- [ ] End to end tests

### Release Notes

- Do link unfurling on the same subdomain as all our other api
endpoints.
2024-07-01 14:40:03 +00:00
alex
57fb7a0650
Initial bemo worker setup (#4017)
Sets up preview deploys etc. for bemo worker.

There's enough going on here that I wanted to make it its own PR. I'll
rework david's spike on top of it once it's landed.

### Change Type

- [x] `internal` — Does not affect user-facing stuff
- [x] `chore` — Updating dependencies, other boring stuff

---------

Co-authored-by: David Sheldrick <d.j.sheldrick@gmail.com>
2024-07-01 11:35:23 +00:00
David Sheldrick
ca5e268798
check worker bundle sizes (#4032)
This PR aims to make sure #4030 doesn't need to happen again. We check
that the worker file sizes stay within a given limit, and require people
to explicitly up this limit if they decide to add new deps that grow the
bundle size significantly.

### Change Type

<!--  Please select a 'Type' label ️ -->

- [ ] `feature` — New feature
- [ ] `improvement` — Product improvement
- [ ] `api` — API change
- [ ] `bugfix` — Bug fix
- [x] `other` — Changes that don't affect SDK users, e.g. internal or
.com changes


### Test Plan

1. Add a step-by-step description of how to test your PR here.
2.

- [ ] Unit Tests
- [ ] End to end tests

### Release Notes

- Add a brief release note for your PR here.
2024-06-27 13:48:17 +00:00
David Sheldrick
4a3d9d407d
[bemo bae] Spike on tlsync public API improvement (#4002)
This PR replaces the extendable TLServer class with an instantiatable
wrapper for the TLSyncRoom called TLSocketRoom.

The goal is to provide an API where you pretty much just

1. create a room from some (optional) snapshot
2. pass websockets into it when they connect

And then lifecycle stuff and persistence stuff is left to the consumer,
since that all seems to be much more context dependent.

One thing remaining here is to work on observability. We had a slightly
messy situation regarding logging and error handling and analytics and I
want to clean that all up.

### Change Type

<!--  Please select a 'Scope' label ️ -->

- [ ] `sdk` — Changes the tldraw SDK
- [ ] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [x] `internal` — Does not affect user-facing stuff

<!--  Please select a 'Type' label ️ -->

- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [ ] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [x] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know


### Test Plan

1. Add a step-by-step description of how to test your PR here.
4.

- [ ] Unit Tests
- [ ] End to end tests

### Release Notes

- Add a brief release note for your PR here.
2024-06-26 14:07:36 +00:00
Mime Čuvalo
f19ed94422
csp: add content security policy for dotcom (#3952)
followup to https://github.com/tldraw/tldraw/pull/3907
This introduces, more formally, a CSP policy for dotcom.

### Change Type

<!--  Please select a 'Scope' label ️ -->

- [ ] `sdk` — Changes the tldraw SDK
- [x] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [ ] `internal` — Does not affect user-facing stuff

<!--  Please select a 'Type' label ️ -->

- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [x] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know

### Release Notes

- Security: add CSP to dotcom.
2024-06-26 11:11:14 +00:00
alex
f9ed1bf2c9
Force interface instead of type for better docs (#3815)
Typescript's type aliases (`type X = thing`) can refer to basically
anything, which makes it hard to write an automatic document formatter
for them. Interfaces on the other hand are only object, so they play
much nicer with docs. Currently, object-flavoured type aliases don't
really get expanded at all on our docs site, which means we have a bunch
of docs content that's not shown on the site.

This diff introduces a lint rule that forces `interface X {foo: bar}`s
instead of `type X = {foo: bar}` where possible, as it results in a much
better documentation experience:

Before:
<img width="437" alt="Screenshot 2024-05-22 at 15 24 13"
src="https://github.com/tldraw/tldraw/assets/1489520/32606fd1-6832-4a1e-aa5f-f0534d160c92">

After:
<img width="431" alt="Screenshot 2024-05-22 at 15 33 01"
src="https://github.com/tldraw/tldraw/assets/1489520/4e0d59ee-c38e-4056-b9fd-6a7f15d28f0f">


### Change Type

- [x] `sdk` — Changes the tldraw SDK
- [x] `docs` — Changes to the documentation, examples, or templates.
- [x] `improvement` — Improving existing features
2024-05-22 15:55:49 +00:00
alex
db32f0e8e6
Remove unneeded worker IS_LOCAL check (#3808)
This was left in by mistake from an earlier version of #3795 

### Change Type
- [x] `dotcom` — Changes the tldraw.com web app
- [x] `bugfix` — Bug fix
2024-05-22 10:07:46 +00:00
Mime Čuvalo
b32082a2b4
touchscreen: allow meet.google.com origin (#3805)
need to allow the origin for the new room creation

### Change Type

<!--  Please select a 'Scope' label ️ -->

- [x] `sdk` — Changes the tldraw SDK
- [ ] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [ ] `internal` — Does not affect user-facing stuff

<!--  Please select a 'Type' label ️ -->

- [x] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [ ] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
2024-05-22 08:51:34 +00:00
alex
af664d55df
fix coarse pointer detection (#3795)
Previously, we were using touch and mouse events to detect when we were
in coarse/fine pointer mode. The problem with this is that many mobile
devices emulate mouse events for backwards compatibility with websites
not built for touch - so many touch events result in mouse events too.

The solution to this is to use the unified pointer events API, and check
the `pointerType` property to determine the device the user is using.

This diff also contains some changes to make it so that multiplayer
rooms "just work" over the LAN when devloping locally.

### Change Type
- [x] `sdk` — Changes the tldraw SDK
- [x] `bugfix` — Bug fix

### Release Notes

- Fix a bug where coarse-pointer mode would get incorrectly detected on
some touch devices
2024-05-21 16:20:27 +00:00
Mitja Bezenšek
ddebf3fc5c
Move storing of snapshots to R2 (#3693)
Instead of storing them in supabse we will store them in r2.

I have already created `room-snapshots` and `room-snapshots-preview`
buckets on cloudflare.

We could also migrate all the data from supabase, but it seems we
haven't done so for the rooms, so I also didn't look into doing it for
snapshots.

One slight drawback of moving to R2 is that it's harder to query data by
parent slug. So answering questions like which room is the parent to the
most snapshots is a bit harder to answer. Instead of just a simple query
we'd need to do some custom logic to go through the bucket. Not sure if
have ever needed this info though.

### Change Type

<!--  Please select a 'Scope' label ️ -->

- [ ] `sdk` — Changes the tldraw SDK
- [x] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [ ] `internal` — Does not affect user-facing stuff

<!--  Please select a 'Type' label ️ -->

- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [x] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know


### Test Plan

Existing snapshots:

1. Load an existing snapshot. It should still load correctly. The best
way to do that is probably to generate a few of them in advance.

New snapshots:
1. Create a new room.
2. Create a few snapshot links.
3. They should work.

- [ ] Unit Tests
- [ ] End to end tests

### Release Notes

- Move storing of snapshots to cloudflare R2.
2024-05-08 09:06:02 +00:00
Mime Čuvalo
c9af23c921
make route prefixes have a single place where they are defined (#3624)
This is for maintainabilty of the paths. It's hard to track down all the
places where a route is being referenced. This helps unify them so that
it's easily searchable in the codebase. This came up during the readonly
room refactor and being able to find the way a particular route was
wired through the codebase.

### Change Type

<!--  Please select a 'Scope' label ️ -->

- [x] `sdk` — Changes the tldraw SDK
- [ ] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [ ] `internal` — Does not affect user-facing stuff

<!--  Please select a 'Type' label ️ -->

- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [ ] `improvement` — Improving existing features
- [x] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know
2024-04-27 10:57:55 +00:00
Mitja Bezenšek
15dd56a75e
Readonly / room creation omnibus (#3192)
Reworks how the readonly urls work. Till now we just used a simple
function that would scramble the slugs. Now we use a proper key value
mapping between regular and readonly slugs:

- We use two KV stores. One is for going from a slug to a readonly slug
and the other one for going the other way around. They are populated at
the same time.
- We separate preview KV stores (dev, preview, staging) from production
one. I've already created these on Cloudflare. [My understanding is
](https://developers.cloudflare.com/kv/reference/data-security/#encryption-at-rest)that
ids [can be
public](https://community.cloudflare.com/t/is-it-safe-to-keep-kv-ids-in-a-public-git-repo/517387/4)
since we can only access KV from our worker. Happy to move them to env
variables though.

- [x] Disable creating new rooms when tldraw is embedded inside iframes
on other websites (we check the referrer and if it's not the same as the
iframe's origin we don't allow it)
- [x] Fork a project when inside an iframe now opens the forked project
on tldraw.com and not inside iframe.
- [x] We allow embeding of iframes, but we now track the where they are
used via the referrer. We send this to Vercel analytics.
- [x] Improved UX of the share menu to make it less confusing. Toggle is
gone.
- [x]  `/new` and `/r` routes not redirect to `/`.
- [x] This introduces a new `/ro` route for readonly rooms. Legacy rooms
still live on `/v`.
- [x] Brought back `dotcom-shared` project to share code between BE and
FE. Mostly types.
- [x] Prevent creating of rooms by entering `/r/non-existing-slug`. 
- [x] Handle getting a readonly slug for old rooms. Added a comment
about it
[here](https://github.com/tldraw/tldraw/pull/3192/files#diff-c0954b3dc71bb7097c39656441175f3238ed60cf5cee64077c06e21da82182cbR17-R18).
- [x] We no longer expose editor on the window object for readonly
rooms. Prevents the users disabling readonly rooms manually.

### Change Type

<!--  Please select a 'Scope' label ️ -->

- [ ] `sdk` — Changes the tldraw SDK
- [x] `dotcom` — Changes the tldraw.com web app
- [ ] `docs` — Changes to the documentation, examples, or templates.
- [ ] `vs code` — Changes to the vscode plugin
- [ ] `internal` — Does not affect user-facing stuff

<!--  Please select a 'Type' label ️ -->

- [ ] `bugfix` — Bug fix
- [ ] `feature` — New feature
- [x] `improvement` — Improving existing features
- [ ] `chore` — Updating dependencies, other boring stuff
- [ ] `galaxy brain` — Architectural changes
- [ ] `tests` — Changes to any test code
- [ ] `tools` — Changes to infrastructure, CI, internal scripts,
debugging tools, etc.
- [ ] `dunno` — I don't know


### Test Plan
1. Make sure old readonly rooms still work.
2. Creating a readonly link from an existing room should still use `/v`
path.
3. Newly created rooms should use `/ro` path for readonly rooms. Make
sure these work as well.
4. `/r` room was disabled and redirects to `/`
5. `/new` should still work when not inside iframes.

- [x] Unit Tests
- [ ] End to end tests

### Release Notes


1. This adds new functionality for readonly rooms:
- We have a new route `/ro` for newly created readonly rooms. These
rooms no longer use the scrambling logic to create readonly slugs.
Instead we now use KV storage from cloudflare to track the mapping for
slugs -> readonly slug and readonly slug -> slug.
- The old route `/v` is preserved, so that the old room still work as
they did before.
- For old rooms we will keep on generating the old readonly slugs, but
for new rooms we'll start using the new logic.
2. We no longer prevent embedding of tldraw inside iframes. 
3. We do prevent generating new rooms from inside the iframes though.
`/r`, `/new`, `/r/non-existing-id` should not allow creation of new
rooms inside iframes. Only `/new` still works when not inside iframes.
4. Forking a project from inside an iframe now opens it on tldraw.com
5. Slight copy change on the sharing menu. We no longer have a toggle
between readonly and non-readonly links.
6. `editor` and `app` are no longer exposed on the window object for
readonly rooms. Prevents users from using the `updateInstanceState` to
escape readonly rooms.

---------

Co-authored-by: Mime Čuvalo <mimecuvalo@gmail.com>
2024-04-25 14:10:40 +00:00
alex
408a269114
log message size in worker analytics (#3274)
Adds logging of message size in worker analytics.

This also adds the environment to worker analytics as `blob2`. We need
this because previously, all the analytics from all environments were
going to the same place with no ability to tell them apart, which means
we can't easily compare analytics on e.g. a particular PR.

This means that all the other blobs get shifted along one, so we won't
be able to query across the boundary of when this gets released for
those properties. I think this is fine though - it's things like
`roomId` that I don't think we were querying on anyway.

You can query the analytics through grafana - [docs
here](https://www.notion.so/tldraw/How-to-11fce2ed0be5480bb8e711c7ff1a0488?pvs=4#a66fae7bfcfe4ffe9d5348504598c6a0)

### Change Type
- [x] `internal` — Does not affect user-facing stuff
- [x] `chore` — Updating dependencies, other boring stuff
2024-03-27 11:33:47 +00:00
dependabot[bot]
c3f0fd5f1e
Bump the npm_and_yarn group group with 7 updates (#2982)
Bumps the npm_and_yarn group group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) |
`5.0.11` | `5.0.12` |
|
[wrangler](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler)
| `3.16.0` | `3.19.0` |
| [semver](https://github.com/npm/node-semver) | `7.5.4` | `7.6.0` |
| [es5-ext](https://github.com/medikoo/es5-ext) | `0.10.62` | `0.10.64`
|
| [ip](https://github.com/indutny/node-ip) | `1.1.8` | `1.1.9` |
|
[miniflare](https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare)
| `3.20231030.0` | `3.20231030.3` |
| [undici](https://github.com/nodejs/undici) | `5.28.2` | `5.28.3` |

Updates `vite` from 5.0.11 to 5.0.12
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v5.0.12/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><!-- raw HTML omitted -->5.0.12 (2024-01-19)<!-- raw HTML omitted
--></h2>
<ul>
<li>fix: await <code>configResolved</code> hooks of worker plugins (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15597">#15597</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15605">#15605</a>)
(<a href="https://github.com/vitejs/vite/commit/ef89f80">ef89f80</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15597">#15597</a>
<a
href="https://redirect.github.com/vitejs/vite/issues/15605">#15605</a></li>
<li>fix: fs deny for case insensitive systems (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15653">#15653</a>)
(<a href="https://github.com/vitejs/vite/commit/91641c4">91641c4</a>),
closes <a
href="https://redirect.github.com/vitejs/vite/issues/15653">#15653</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ee81e19676"><code>ee81e19</code></a>
release: v5.0.12</li>
<li><a
href="91641c4da0"><code>91641c4</code></a>
fix: fs deny for case insensitive systems (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15653">#15653</a>)</li>
<li><a
href="ef89f8092f"><code>ef89f80</code></a>
fix: await <code>configResolved</code> hooks of worker plugins (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15597">#15597</a>)
(<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/15605">#15605</a>)</li>
<li>See full diff in <a
href="https://github.com/vitejs/vite/commits/v5.0.12/packages/vite">compare
view</a></li>
</ul>
</details>
<br />

Updates `wrangler` from 3.16.0 to 3.19.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cloudflare/workers-sdk/releases">wrangler's
releases</a>.</em></p>
<blockquote>
<h2>wrangler@3.19.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4547">#4547</a>
<a
href="86c81ff0d5"><code>86c81ff0</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: listen on IPv4 loopback only by default on Windows</p>
<p>Due to a <a
href="https://redirect.github.com/cloudflare/workerd/issues/1408">known
issue</a>, <code>workerd</code> will only listen on the IPv4 loopback
address <code>127.0.0.1</code> when it's asked to listen on
<code>localhost</code>. On Node.js &gt; 17, <code>localhost</code> will
resolve to the IPv6 loopback address, meaning requests to
<code>workerd</code> would fail. This change switches to using the IPv4
loopback address throughout Wrangler on Windows, while <a
href="https://redirect.github.com/cloudflare/workerd/issues/1408">workerd#1408</a>
gets fixed.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4535">#4535</a>
<a
href="29df8e1754"><code>29df8e17</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
Reintroduces some internal refactorings of wrangler dev servers
(including <code>wrangler dev</code>, <code>wrangler dev
--remote</code>, and <code>unstable_dev()</code>).</p>
<p>These changes were released in 3.13.0 and reverted in 3.13.1 -- we
believe the changes are now more stable and ready for release again.</p>
<p>There are no changes required for developers to opt-in. Improvements
include:</p>
<ul>
<li>fewer 'address in use' errors upon reloads</li>
<li>upon config/source file changes, requests are buffered to guarantee
the response is from the new version of the Worker</li>
</ul>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4521">#4521</a>
<a
href="6c5bc704c5"><code>6c5bc704</code></a>
Thanks <a href="https://github.com/zebp"><code>@​zebp</code></a>! - fix:
init from dash specifying explicit usage model in wrangler.toml for
standard users</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550">#4550</a>
<a
href="63708a94fb"><code>63708a94</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: validate <code>Host</code> and <code>Orgin</code> headers where
appropriate</p>
<p><code>Host</code> and <code>Origin</code> headers are now checked
when connecting to the inspector and Miniflare's magic proxy. If these
don't match what's expected, the request will fail.</p>
</li>
<li>
<p>Updated dependencies [<a
href="71fb0b86cf"><code>71fb0b86</code></a>,
<a
href="63708a94fb"><code>63708a94</code></a>]:</p>
<ul>
<li>miniflare@3.20231030.3</li>
</ul>
</li>
</ul>
<h2>wrangler@3.18.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4532">#4532</a>
<a
href="311ffbd506"><code>311ffbd5</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: change <code>wrangler (pages) dev</code> to listen on
<code>localhost</code> by default</p>
<p>Previously, Wrangler listened on all interfaces (<code>*</code>) by
default. This change switches <code>wrangler (pages) dev</code> to just
listen on local interfaces. Whilst this is technically a breaking
change, we've decided the security benefits outweigh the potential
disruption caused. If you need to access your dev server from another
device on your network, you can use <code>wrangler (pages) dev --ip
*</code> to restore the previous behaviour.</p>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [<a
href="1b34878287"><code>1b348782</code></a>]:
<ul>
<li>miniflare@3.20231030.2</li>
</ul>
</li>
</ul>
<h2>wrangler@3.17.1</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4474">#4474</a>
<a
href="382ef8f580"><code>382ef8f5</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: open browser to correct url pressing <code>b</code> in
<code>--remote</code> mode</p>
<p>This change ensures Wrangler doesn't try to open
<code>http://*</code> when <code>*</code> is used as the dev server's
hostname. Instead, Wrangler will now open
<code>http://127.0.0.1</code>.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4488">#4488</a>
<a
href="3bd5723852"><code>3bd57238</code></a>
Thanks <a
href="https://github.com/RamIdeas"><code>@​RamIdeas</code></a>! -
Changes the default directory for log files to workaround frameworks
that are watching the entire <code>.wrangler</code> directory in the
project root for changes</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/cloudflare/workers-sdk/blob/main/packages/wrangler/CHANGELOG.md">wrangler's
changelog</a>.</em></p>
<blockquote>
<h2>3.19.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4547">#4547</a>
<a
href="86c81ff0d5"><code>86c81ff0</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: listen on IPv4 loopback only by default on Windows</p>
<p>Due to a <a
href="https://redirect.github.com/cloudflare/workerd/issues/1408">known
issue</a>, <code>workerd</code> will only listen on the IPv4 loopback
address <code>127.0.0.1</code> when it's asked to listen on
<code>localhost</code>. On Node.js &gt; 17, <code>localhost</code> will
resolve to the IPv6 loopback address, meaning requests to
<code>workerd</code> would fail. This change switches to using the IPv4
loopback address throughout Wrangler on Windows, while <a
href="https://redirect.github.com/cloudflare/workerd/issues/1408">workerd#1408</a>
gets fixed.</p>
</li>
</ul>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4535">#4535</a>
<a
href="29df8e1754"><code>29df8e17</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
Reintroduces some internal refactorings of wrangler dev servers
(including <code>wrangler dev</code>, <code>wrangler dev
--remote</code>, and <code>unstable_dev()</code>).</p>
<p>These changes were released in 3.13.0 and reverted in 3.13.1 -- we
believe the changes are now more stable and ready for release again.</p>
<p>There are no changes required for developers to opt-in. Improvements
include:</p>
<ul>
<li>fewer 'address in use' errors upon reloads</li>
<li>upon config/source file changes, requests are buffered to guarantee
the response is from the new version of the Worker</li>
</ul>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4521">#4521</a>
<a
href="6c5bc704c5"><code>6c5bc704</code></a>
Thanks <a href="https://github.com/zebp"><code>@​zebp</code></a>! - fix:
init from dash specifying explicit usage model in wrangler.toml for
standard users</li>
</ul>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550">#4550</a>
<a
href="63708a94fb"><code>63708a94</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: validate <code>Host</code> and <code>Orgin</code> headers where
appropriate</p>
<p><code>Host</code> and <code>Origin</code> headers are now checked
when connecting to the inspector and Miniflare's magic proxy. If these
don't match what's expected, the request will fail.</p>
</li>
<li>
<p>Updated dependencies [<a
href="71fb0b86cf"><code>71fb0b86</code></a>,
<a
href="63708a94fb"><code>63708a94</code></a>]:</p>
<ul>
<li>miniflare@3.20231030.3</li>
</ul>
</li>
</ul>
<h2>3.18.0</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4532">#4532</a>
<a
href="311ffbd506"><code>311ffbd5</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: change <code>wrangler (pages) dev</code> to listen on
<code>localhost</code> by default</p>
<p>Previously, Wrangler listened on all interfaces (<code>*</code>) by
default. This change switches <code>wrangler (pages) dev</code> to just
listen on local interfaces. Whilst this is technically a breaking
change, we've decided the security benefits outweigh the potential
disruption caused. If you need to access your dev server from another
device on your network, you can use <code>wrangler (pages) dev --ip
*</code> to restore the previous behaviour.</p>
</li>
</ul>
<h3>Patch Changes</h3>
<ul>
<li>Updated dependencies [<a
href="1b34878287"><code>1b348782</code></a>]:
<ul>
<li>miniflare@3.20231030.2</li>
</ul>
</li>
</ul>
<h2>3.17.1</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4474">#4474</a>
<a
href="382ef8f580"><code>382ef8f5</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: open browser to correct url pressing <code>b</code> in
<code>--remote</code> mode</p>
<p>This change ensures Wrangler doesn't try to open
<code>http://*</code> when <code>*</code> is used as the dev server's
hostname. Instead, Wrangler will now open
<code>http://127.0.0.1</code>.</p>
</li>
</ul>
<ul>
<li><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4488">#4488</a>
<a
href="3bd5723852"><code>3bd57238</code></a>
Thanks <a
href="https://github.com/RamIdeas"><code>@​RamIdeas</code></a>! -
Changes the default directory for log files to workaround frameworks
that are watching the entire <code>.wrangler</code> directory in the
project root for changes</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5e67ea176a"><code>5e67ea1</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4536">#4536</a>)</li>
<li><a
href="63708a94fb"><code>63708a9</code></a>
fix: validate <code>Host</code>/<code>Origin</code> headers in magic
proxy and `InspectorProxyWorke...</li>
<li><a
href="86c81ff0d5"><code>86c81ff</code></a>
fix: listen on IPv4 loopback only by default on Windows (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4547">#4547</a>)</li>
<li><a
href="6c5bc704c5"><code>6c5bc70</code></a>
fix: init from dash using explicit usage model for standard accounts (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4521">#4521</a>)</li>
<li><a
href="29df8e1754"><code>29df8e1</code></a>
Revert &quot;Revert &quot;startDevWorker - Milestone 1 (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4497">#4497</a>)&quot;
(<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4531">#4531</a>)&quot;
(<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4535">#4535</a>)</li>
<li><a
href="97727de053"><code>97727de</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4495">#4495</a>)</li>
<li><a
href="311ffbd506"><code>311ffbd</code></a>
[wrangler] fix: change <code>wrangler (pages) dev</code> to listen on
<code>localhost</code> by def...</li>
<li><a
href="310281a48a"><code>310281a</code></a>
Revert &quot;startDevWorker - Milestone 1 (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4497">#4497</a>)&quot;
(<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4531">#4531</a>)</li>
<li><a
href="01eda78025"><code>01eda78</code></a>
startDevWorker - Milestone 1 (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4497">#4497</a>)</li>
<li><a
href="961c8eaaf3"><code>961c8ea</code></a>
remove unused npx-import dependency (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/wrangler/issues/4477">#4477</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/cloudflare/workers-sdk/commits/wrangler@3.19.0/packages/wrangler">compare
view</a></li>
</ul>
</details>
<br />

Updates `semver` from 7.5.4 to 7.6.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/releases">semver's
releases</a>.</em></p>
<blockquote>
<h2>v7.6.0</h2>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0">7.6.0</a>
(2024-01-31)</h2>
<h3>Features</h3>
<ul>
<li><a
href="a7ab13a462"><code>a7ab13a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/671">#671</a>
preserve pre-release and build parts of a version on coerce (<a
href="https://redirect.github.com/npm/node-semver/issues/671">#671</a>)
(<a href="https://github.com/madtisa"><code>@​madtisa</code></a>,
madtisa, <a
href="https://github.com/wraithgar"><code>@​wraithgar</code></a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="816c7b2cbf"><code>816c7b2</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667">#667</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="0bd24d943c"><code>0bd24d9</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667">#667</a>
bump <code>@​npmcli/template-oss</code> from 4.21.1 to 4.21.3 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="e521932f11"><code>e521932</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="8873991808"><code>8873991</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a>
chore: chore: postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="f317dc8689"><code>f317dc8</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a>
bump <code>@​npmcli/template-oss</code> from 4.19.0 to 4.21.0 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="7303db1fe5"><code>7303db1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/658">#658</a>
add clean() test for build metadata (<a
href="https://redirect.github.com/npm/node-semver/issues/658">#658</a>)
(<a
href="https://github.com/jethrodaniel"><code>@​jethrodaniel</code></a>)</li>
<li><a
href="6240d75a7c"><code>6240d75</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/656">#656</a>
add missing quotes in README.md (<a
href="https://redirect.github.com/npm/node-semver/issues/656">#656</a>)
(<a href="https://github.com/zyxkad"><code>@​zyxkad</code></a>)</li>
<li><a
href="14d263faa1"><code>14d263f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625">#625</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="7c34e1ac1b"><code>7c34e1a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625">#625</a>
bump <code>@​npmcli/template-oss</code> from 4.18.1 to 4.19.0 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="123e0b0328"><code>123e0b0</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622">#622</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="737d5e1cf1"><code>737d5e1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622">#622</a>
bump <code>@​npmcli/template-oss</code> from 4.18.0 to 4.18.1 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="cce61804ba"><code>cce6180</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598">#598</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="b914a3d0d2"><code>b914a3d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598">#598</a>
bump <code>@​npmcli/template-oss</code> from 4.17.0 to 4.18.0 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/npm/node-semver/blob/main/CHANGELOG.md">semver's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0">7.6.0</a>
(2024-01-31)</h2>
<h3>Features</h3>
<ul>
<li><a
href="a7ab13a462"><code>a7ab13a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/671">#671</a>
preserve pre-release and build parts of a version on coerce (<a
href="https://redirect.github.com/npm/node-semver/issues/671">#671</a>)
(<a href="https://github.com/madtisa"><code>@​madtisa</code></a>,
madtisa, <a
href="https://github.com/wraithgar"><code>@​wraithgar</code></a>)</li>
</ul>
<h3>Chores</h3>
<ul>
<li><a
href="816c7b2cbf"><code>816c7b2</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667">#667</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="0bd24d943c"><code>0bd24d9</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/667">#667</a>
bump <code>@​npmcli/template-oss</code> from 4.21.1 to 4.21.3 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="e521932f11"><code>e521932</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="8873991808"><code>8873991</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a>
chore: chore: postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="f317dc8689"><code>f317dc8</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/652">#652</a>
bump <code>@​npmcli/template-oss</code> from 4.19.0 to 4.21.0 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="7303db1fe5"><code>7303db1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/658">#658</a>
add clean() test for build metadata (<a
href="https://redirect.github.com/npm/node-semver/issues/658">#658</a>)
(<a
href="https://github.com/jethrodaniel"><code>@​jethrodaniel</code></a>)</li>
<li><a
href="6240d75a7c"><code>6240d75</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/656">#656</a>
add missing quotes in README.md (<a
href="https://redirect.github.com/npm/node-semver/issues/656">#656</a>)
(<a href="https://github.com/zyxkad"><code>@​zyxkad</code></a>)</li>
<li><a
href="14d263faa1"><code>14d263f</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625">#625</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="7c34e1ac1b"><code>7c34e1a</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/625">#625</a>
bump <code>@​npmcli/template-oss</code> from 4.18.1 to 4.19.0 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="123e0b0328"><code>123e0b0</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622">#622</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="737d5e1cf1"><code>737d5e1</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/622">#622</a>
bump <code>@​npmcli/template-oss</code> from 4.18.0 to 4.18.1 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
<li><a
href="cce61804ba"><code>cce6180</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598">#598</a>
postinstall for dependabot template-oss PR (<a
href="https://github.com/lukekarrys"><code>@​lukekarrys</code></a>)</li>
<li><a
href="b914a3d0d2"><code>b914a3d</code></a>
<a href="https://redirect.github.com/npm/node-semver/pull/598">#598</a>
bump <code>@​npmcli/template-oss</code> from 4.17.0 to 4.18.0 (<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot])</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="377f709718"><code>377f709</code></a>
chore: release 7.6.0 (<a
href="https://redirect.github.com/npm/node-semver/issues/661">#661</a>)</li>
<li><a
href="a7ab13a462"><code>a7ab13a</code></a>
feat: preserve pre-release and build parts of a version on coerce (<a
href="https://redirect.github.com/npm/node-semver/issues/671">#671</a>)</li>
<li><a
href="816c7b2cbf"><code>816c7b2</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li><a
href="0bd24d943c"><code>0bd24d9</code></a>
chore: bump <code>@​npmcli/template-oss</code> from 4.21.1 to
4.21.3</li>
<li><a
href="e521932f11"><code>e521932</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li><a
href="8873991808"><code>8873991</code></a>
chore: chore: chore: postinstall for dependabot template-oss PR</li>
<li><a
href="f317dc8689"><code>f317dc8</code></a>
chore: bump <code>@​npmcli/template-oss</code> from 4.19.0 to
4.21.0</li>
<li><a
href="7303db1fe5"><code>7303db1</code></a>
chore: add clean() test for build metadata (<a
href="https://redirect.github.com/npm/node-semver/issues/658">#658</a>)</li>
<li><a
href="6240d75a7c"><code>6240d75</code></a>
chore: add missing quotes in README.md (<a
href="https://redirect.github.com/npm/node-semver/issues/656">#656</a>)</li>
<li><a
href="14d263faa1"><code>14d263f</code></a>
chore: postinstall for dependabot template-oss PR</li>
<li>Additional commits viewable in <a
href="https://github.com/npm/node-semver/compare/v7.5.4...v7.6.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `es5-ext` from 0.10.62 to 0.10.64
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/medikoo/es5-ext/releases">es5-ext's
releases</a>.</em></p>
<blockquote>
<h2>0.10.64 (2024-02-27)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Revert update to postinstall script meant to fix Powershell issue,
as it's a regression for some Linux terminals (<a
href="c2e2bb90c2">c2e2bb9</a>)</li>
</ul>
<hr />
<p><a
href="https://github.com/medikoo/es5-ext/compare/v0.10.63...v0.10.64">Comparison
since last release</a></p>
<h2>0.10.63 (2024-02-23)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Do not rely on problematic regex (<a
href="3551cdd7b2">3551cdd</a>),
addresses <a
href="https://redirect.github.com/medikoo/es5-ext/issues/201">#201</a></li>
<li>Support ES2015+ function definitions in
<code>function#toStringTokens()</code> (<a
href="a52e957366">a52e957</a>),
addresses <a
href="https://redirect.github.com/medikoo/es5-ext/issues/021">#021</a></li>
<li>Ensure postinstall script does not crash on Windows, fixes <a
href="https://redirect.github.com/medikoo/es5-ext/issues/181">#181</a>
(<a
href="bf8ed799d5">bf8ed79</a>)</li>
</ul>
<h3>Maintenance Improvements</h3>
<ul>
<li>Simplify the manifest message (<a
href="7855319f41">7855319</a>)</li>
</ul>
<hr />
<p><a
href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.63">Comparison
since last release</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/medikoo/es5-ext/blob/main/CHANGELOG.md">es5-ext's
changelog</a>.</em></p>
<blockquote>
<h3><a
href="https://github.com/medikoo/es5-ext/compare/v0.10.63...v0.10.64">0.10.64</a>
(2024-02-27)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>Revert update to postinstall script meant to fix Powershell issue,
as it's a regression for some Linux terminals (<a
href="c2e2bb90c2">c2e2bb9</a>)</li>
</ul>
<h3><a
href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.63">0.10.63</a>
(2024-02-23)</h3>
<h3>Bug Fixes</h3>
<ul>
<li>Do not rely on problematic regex (<a
href="3551cdd7b2">3551cdd</a>),
addresses <a
href="https://redirect.github.com/medikoo/es5-ext/issues/201">#201</a></li>
<li>Support ES2015+ function definitions in
<code>function#toStringTokens()</code> (<a
href="a52e957366">a52e957</a>),
addresses <a
href="https://redirect.github.com/medikoo/es5-ext/issues/021">#021</a></li>
<li>Ensure postinstall script does not crash on Windows, fixes <a
href="https://redirect.github.com/medikoo/es5-ext/issues/181">#181</a>
(<a
href="bf8ed799d5">bf8ed79</a>)</li>
</ul>
<h3>Maintenance Improvements</h3>
<ul>
<li>Simplify the manifest message (<a
href="7855319f41">7855319</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f76b03d8c4"><code>f76b03d</code></a>
chore: Release v0.10.64</li>
<li><a
href="2881acda50"><code>2881acd</code></a>
chore: Bump dependencies</li>
<li><a
href="c2e2bb90c2"><code>c2e2bb9</code></a>
fix: Revert update meant to fix Powershell issue, as it's a
regression</li>
<li><a
href="16f2b7253d"><code>16f2b72</code></a>
docs: Fix date in the changelog</li>
<li><a
href="de4e03c477"><code>de4e03c</code></a>
chore: Release v0.10.63</li>
<li><a
href="3fd53b755e"><code>3fd53b7</code></a>
chore: Upgrade<code> lint-staged</code> to v13</li>
<li><a
href="bf8ed799d5"><code>bf8ed79</code></a>
chore: Ensure postinstall script does not crash on Windows</li>
<li><a
href="2cbbb0717b"><code>2cbbb07</code></a>
chore: Bump dependencies</li>
<li><a
href="22d0416ea1"><code>22d0416</code></a>
chore: Bump LICENSE year</li>
<li><a
href="a52e957366"><code>a52e957</code></a>
fix: Support ES2015+ function definitions in
<code>function#toStringTokens()</code></li>
<li>Additional commits viewable in <a
href="https://github.com/medikoo/es5-ext/compare/v0.10.62...v0.10.64">compare
view</a></li>
</ul>
</details>
<br />

Updates `ip` from 1.1.8 to 1.1.9
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1ecbf2fd8c"><code>1ecbf2f</code></a>
1.1.9</li>
<li><a
href="6a3ada9b47"><code>6a3ada9</code></a>
lib: fixed CVE-2023-42282 and added unit test</li>
<li>See full diff in <a
href="https://github.com/indutny/node-ip/compare/v1.1.8...v1.1.9">compare
view</a></li>
</ul>
</details>
<br />

Updates `miniflare` from 3.20231030.0 to 3.20231030.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cloudflare/workers-sdk/releases">miniflare's
releases</a>.</em></p>
<blockquote>
<h2>miniflare@3.20231030.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4466">#4466</a>
<a
href="71fb0b86cf"><code>71fb0b86</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: ensure unused KV and Cache blobs cleaned up</p>
<p>When storing data in KV, Cache and R2, Miniflare uses both an SQL
database and separate blob store. When writing a key/value pair, a blob
is created for the new value and the old blob for the previous value (if
any) is deleted. A few months ago, we introduced a change that prevented
old blobs being deleted for KV and Cache. R2 was unaffected. This
shouldn't have caused any problems, but could lead to persistence
directories growing unnecessarily as they filled up with garbage blobs.
This change ensures garbage blobs are deleted.</p>
<p>Note existing garbage will not be cleaned up. If you'd like to do
this, download this Node script (<a
href="https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076">https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076</a>).
If you're using the default Wrangler persistence directory, run
<code>node gc.mjs kv .wrangler/state/v3/kv &lt;namespace_id_1&gt;
&lt;namespace_id_2&gt; ...</code> and <code>node gc.mjs cache
.wrangler/state/v3/cache default named:&lt;cache_name_1&gt;
named:&lt;cache_name_2&gt; ...</code> with each of your KV namespace IDs
(not binding names) and named caches.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550">#4550</a>
<a
href="63708a94fb"><code>63708a94</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: validate <code>Host</code> and <code>Orgin</code> headers where
appropriate</p>
<p><code>Host</code> and <code>Origin</code> headers are now checked
when connecting to the inspector and Miniflare's magic proxy. If these
don't match what's expected, the request will fail.</p>
</li>
</ul>
<h2>miniflare@3.20231030.2</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4505">#4505</a>
<a
href="1b34878287"><code>1b348782</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: remove <code>__STATIC_CONTENT_MANIFEST</code> from module worker
<code>env</code></p>
<p>When using Workers Sites with a module worker, the asset manifest
must be imported from the <code>__STATIC_CONTENT_MANIFEST</code> virtual
module. Miniflare provided this module, but also erroneously added
<code>__STATIC_CONTENT_MANIFEST</code> to the <code>env</code> object
too. Whilst this didn't break anything locally, it could cause users to
develop Workers that ran locally, but not when deployed. This change
ensures <code>env</code> doesn't contain
<code>__STATIC_CONTENT_MANIFEST</code>.</p>
</li>
</ul>
<h2>miniflare@3.20231030.1</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4348">#4348</a>
<a
href="be2b9cf5a9"><code>be2b9cf5</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
feat: add support for wrapped bindings</p>
<p>This change adds a new <code>wrappedBindings</code> worker option for
configuring
<code>workerd</code>'s <a
href="bfcef2d850/src/workerd/server/workerd.capnp (L469-L487)">wrapped
bindings</a>.
These allow custom bindings to be written as JavaScript functions
accepting an
<code>env</code> parameter of &quot;inner bindings&quot; and returning
the value to bind. For more
details, refer to the <a
href="https://github.com/cloudflare/workers-sdk/blob/main/packages/miniflare/README.md#core">API
docs</a>.</p>
</li>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4341">#4341</a>
<a
href="d990874338"><code>d9908743</code></a>
Thanks <a
href="https://github.com/RamIdeas"><code>@​RamIdeas</code></a>! - Added
a <code>handleRuntimeStdio</code> which enables wrangler (or any other
direct use of Miniflare) to handle the <code>stdout</code> and
<code>stderr</code> streams from the workerd child process. By default,
if this option is not provided, the previous behaviour is retained which
splits the streams into lines and calls
<code>console.log</code>/<code>console.error</code>.</p>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/cloudflare/workers-sdk/blob/main/packages/miniflare/CHANGELOG.md">miniflare's
changelog</a>.</em></p>
<blockquote>
<h2>3.20231030.3</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4466">#4466</a>
<a
href="71fb0b86cf"><code>71fb0b86</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: ensure unused KV and Cache blobs cleaned up</p>
<p>When storing data in KV, Cache and R2, Miniflare uses both an SQL
database and separate blob store. When writing a key/value pair, a blob
is created for the new value and the old blob for the previous value (if
any) is deleted. A few months ago, we introduced a change that prevented
old blobs being deleted for KV and Cache. R2 was unaffected. This
shouldn't have caused any problems, but could lead to persistence
directories growing unnecessarily as they filled up with garbage blobs.
This change ensures garbage blobs are deleted.</p>
<p>Note existing garbage will not be cleaned up. If you'd like to do
this, download this Node script (<a
href="https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076">https://gist.github.com/mrbbot/68787e19dcde511bd99aa94997b39076</a>).
If you're using the default Wrangler persistence directory, run
<code>node gc.mjs kv .wrangler/state/v3/kv &lt;namespace_id_1&gt;
&lt;namespace_id_2&gt; ...</code> and <code>node gc.mjs cache
.wrangler/state/v3/cache default named:&lt;cache_name_1&gt;
named:&lt;cache_name_2&gt; ...</code> with each of your KV namespace IDs
(not binding names) and named caches.</p>
</li>
</ul>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4550">#4550</a>
<a
href="63708a94fb"><code>63708a94</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: validate <code>Host</code> and <code>Orgin</code> headers where
appropriate</p>
<p><code>Host</code> and <code>Origin</code> headers are now checked
when connecting to the inspector and Miniflare's magic proxy. If these
don't match what's expected, the request will fail.</p>
</li>
</ul>
<h2>3.20231030.2</h2>
<h3>Patch Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4505">#4505</a>
<a
href="1b34878287"><code>1b348782</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
fix: remove <code>__STATIC_CONTENT_MANIFEST</code> from module worker
<code>env</code></p>
<p>When using Workers Sites with a module worker, the asset manifest
must be imported from the <code>__STATIC_CONTENT_MANIFEST</code> virtual
module. Miniflare provided this module, but also erroneously added
<code>__STATIC_CONTENT_MANIFEST</code> to the <code>env</code> object
too. Whilst this didn't break anything locally, it could cause users to
develop Workers that ran locally, but not when deployed. This change
ensures <code>env</code> doesn't contain
<code>__STATIC_CONTENT_MANIFEST</code>.</p>
</li>
</ul>
<h2>3.20231030.1</h2>
<h3>Minor Changes</h3>
<ul>
<li>
<p><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4348">#4348</a>
<a
href="be2b9cf5a9"><code>be2b9cf5</code></a>
Thanks <a href="https://github.com/mrbbot"><code>@​mrbbot</code></a>! -
feat: add support for wrapped bindings</p>
<p>This change adds a new <code>wrappedBindings</code> worker option for
configuring
<code>workerd</code>'s <a
href="bfcef2d850/src/workerd/server/workerd.capnp (L469-L487)">wrapped
bindings</a>.
These allow custom bindings to be written as JavaScript functions
accepting an
<code>env</code> parameter of &quot;inner bindings&quot; and returning
the value to bind. For more
details, refer to the <a
href="https://github.com/cloudflare/workers-sdk/blob/main/packages/miniflare/README.md#core">API
docs</a>.</p>
</li>
</ul>
<ul>
<li><a
href="https://redirect.github.com/cloudflare/workers-sdk/pull/4341">#4341</a>
<a
href="d990874338"><code>d9908743</code></a>
Thanks <a
href="https://github.com/RamIdeas"><code>@​RamIdeas</code></a>! - Added
a <code>handleRuntimeStdio</code> which enables wrangler (or any other
direct use of Miniflare) to handle the <code>stdout</code> and
<code>stderr</code> streams from the workerd child process. By default,
if this option is not provided, the previous behaviour is retained which
splits the streams into lines and calls
<code>console.log</code>/<code>console.error</code>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5e67ea176a"><code>5e67ea1</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4536">#4536</a>)</li>
<li><a
href="63708a94fb"><code>63708a9</code></a>
fix: validate <code>Host</code>/<code>Origin</code> headers in magic
proxy and `InspectorProxyWorke...</li>
<li><a
href="71fb0b86cf"><code>71fb0b8</code></a>
fix: ensure unused KV and Cache blobs cleaned up (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4466">#4466</a>)</li>
<li><a
href="97727de053"><code>97727de</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4495">#4495</a>)</li>
<li><a
href="311ffbd506"><code>311ffbd</code></a>
[wrangler] fix: change <code>wrangler (pages) dev</code> to listen on
<code>localhost</code> by def...</li>
<li><a
href="1b34878287"><code>1b34878</code></a>
fix: remove <code>__STATIC_CONTENT_MANIFEST</code> from module worker
<code>env</code> (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4505">#4505</a>)</li>
<li><a
href="f728503bd3"><code>f728503</code></a>
Version Packages (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4463">#4463</a>)</li>
<li><a
href="be2b9cf5a9"><code>be2b9cf</code></a>
feat: add support for wrapped bindings (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4348">#4348</a>)</li>
<li><a
href="d990874338"><code>d990874</code></a>
Intercept workerd logs + write all debug logs to a hidden file (<a
href="https://github.com/cloudflare/workers-sdk/tree/HEAD/packages/miniflare/issues/4341">#4341</a>)</li>
<li>See full diff in <a
href="https://github.com/cloudflare/workers-sdk/commits/miniflare@3.20231030.3/packages/miniflare">compare
view</a></li>
</ul>
</details>
<br />

Updates `undici` from 5.28.2 to 5.28.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nodejs/undici/releases">undici's
releases</a>.</em></p>
<blockquote>
<h2>v5.28.3</h2>
<h2>⚠️ Security Release ⚠️</h2>
<p>Fixes:</p>
<ul>
<li><a
href="https://github.com/nodejs/undici/security/advisories/GHSA-3787-6prv-h9w3">CVE-2024-24758
Proxy-Authorization header not cleared on cross-origin redirect in
fetch</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3">https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e71cb4c88f"><code>e71cb4c</code></a>
Bumped v5.28.3</li>
<li><a
href="20c65b89f4"><code>20c65b8</code></a>
Fix tests for Node.js v20.11.0 (<a
href="https://redirect.github.com/nodejs/undici/issues/2618">#2618</a>)</li>
<li><a
href="8ec52cde66"><code>8ec52cd</code></a>
Fix tests for Node.js v21 (<a
href="https://redirect.github.com/nodejs/undici/issues/2609">#2609</a>)</li>
<li><a
href="d3aa574b12"><code>d3aa574</code></a>
Merge pull request from GHSA-3787-6prv-h9w3</li>
<li>See full diff in <a
href="https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/tldraw/tldraw/network/alerts).

</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mitja Bezenšek <mitja.bezensek@gmail.com>
2024-03-04 12:20:23 +00:00
Steve Ruiz
6d417577be
Prevent iframe embedding for dotcom (except on tldraw.com) (#2947)
This PR fixes a check on whether the dot com multiplayer editor has been
loaded in an iframe.

It tries to keep it working on tldraw.com itself.

### Change Type

- [x] `patch` — Bug fix

### Test Plan

1. Load me in an iframe
2024-02-26 18:30:55 +00:00
Steve Ruiz
2211ca0063
bump typescript / api-extractor (#2949)
This PR bumps TypeScript to 5.3.3 and API extractor. We started getting
some weird behavior in CI due to different versions of the two
libraries, ie where the CI api.jsons would differ from those built
locally.

### Change Type

- [x] `dependencies` — Changes to package dependencies[^1]
2024-02-25 11:43:17 +00:00
David Sheldrick
987a576423
Check tsconfig "references" arrays (#2891)
Closes #2800

This PR makes it so that `check-scripts` will error out if you forget to
add a "references" entry to a tsconfig file when adding an internal
dependency in our monorepo.

If these project references are missed it can prevent TS from
building/rebuilding things when they need to be built/rebuilt.

### Change Type

- [x] `internal` — Any other changes that don't affect the published
package[^2]
2024-02-21 13:07:53 +00:00
Mime Čuvalo
2ad47958bb
dev: swap yarn test and test-dev for better dx (#2773)
As discussed offline, just making `yarn test` do what we expect it to.

### Change Type

- [x] `internal` — Any other changes that don't affect the published
package[^2]
2024-02-14 16:05:59 +00:00
Dan Groshev
86cce6d161
Unbiome (#2776)
Biome as it is now didn't work out for us 😢 

Summary for posterity:

* it IS much, much faster, fast enough to skip any sort of caching
* we couldn't fully replace Prettier just yet. We use Prettier
programmatically to format code in docs, and Biome's JS interface is
officially alpha and [had legacy peer deps
set](https://github.com/biomejs/biome/pull/1756) (which would fail our
CI build as we don't allow installation warnings)
* ternary formatting differs from Prettier, leading to a large diff
https://github.com/biomejs/biome/issues/1661
* import sorting differs from Prettier's
`prettier-plugin-organize-imports`, making the diff even bigger
* the deal breaker is a multi-second delay on saving large files (for us
it's
[Editor.ts](https://github.com/tldraw/tldraw/blob/main/packages/editor/src/lib/editor/Editor.ts))
in VSCode when import sorting is enabled. There is a seemingly relevant
Biome issue where I posted a small summary of our findings:
https://github.com/biomejs/biome/issues/1569#issuecomment-1930411623

Further actions:

* reevaluate in a few months as Biome matures

### Change Type

- [x] `internal` — Any other changes that don't affect the published
package
2024-02-07 16:02:22 +00:00
Dan Groshev
e6e4e7f6cb
[dx] use Biome instead of Prettier, part 2 (#2731)
Biome seems to be MUCH faster than Prettier. Unfortunately, it
introduces some formatting changes around the ternary operator, so we
have to update files in the repo. To make revert easier if we need it,
the change is split into two PRs. This PR introduces a Biome CI check
and reformats all files accordingly.

## Change Type
- [x] `minor` — New feature
2024-02-05 17:54:02 +00:00
Steve Ruiz
dee5d2928c
Bump jest to fix weird prettier bug (#2716)
Our snapshot tests have been acting strange. It turned out that there's
a change in prettier that is incompatible with prettier's inline
snapshots.

This PR:
- updates jest to a compatible alpha
- updates dependencies

### Change Type

- [x] `tests` — Changes to any test code only[^2]

### Test Plan

- [x] Unit Tests
2024-02-04 11:19:47 +00:00
Dan Groshev
a43b172b64
make CI check for yarn install warnings and fix the peer deps ones we have (#2683)
- [x] `internal` — Any other changes that don't affect the published
package
2024-01-30 11:41:46 +00:00
Mime Čuvalo
23f60ee98e
dev: add test-dev command for easier testing of packages (#2627)
@si14 you might know a better way to wire this up! lemme know if there's
something more clever here.

### Change Type

- [x] `internal` — Any other changes that don't affect the published
package[^2]

### Release Notes

- Adds easier testing command for individual packages.
2024-01-29 10:29:38 +00:00
Dan Groshev
5ce38563e9
Bump Yarn to 4.0.2 and add version constraints (#2481)
This PR bumps Yarn to 4.0.2, adds version constraints and fixes reported
problems.

Current constraints (per @ds300):

1. all dependencies (both prod and dev) should have consistent versions
across the project
2. only the root `package.json` should have `packageManager` set

Removed 54 packages due to deduplication.

### Change Type

- [ ] `patch` — Bug fix
- [ ] `minor` — New feature
- [ ] `major` — Breaking change
- [x] `dependencies` — Changes to package dependencies[^1]
- [ ] `documentation` — Changes to the documentation only[^2]
- [ ] `tests` — Changes to any test code only[^2]
- [ ] `internal` — Any other changes that don't affect the published
package[^2]
- [ ] I don't know

[^1]: publishes a `patch` release, for devDependencies use `internal`
[^2]: will not publish a new version

<details>

<summary>An example of a report with a bunch of problems</summary>

```
❯ yarn constraints
➤ Errors prefixed by '⚙' can be fixed by running yarn constraints --fix

├─ @tldraw/monorepo@workspace:.
│  ├─ Conflict detected in constraint targeting devDependencies["@types/react"]; conflicting values are:
│  │  ├─ '^18.2.47' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^18.2.33' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["@typescript-eslint/eslint-plugin"]; conflicting values are:
│  │  ├─ '^5.57.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^5.10.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["@typescript-eslint/parser"]; conflicting values are:
│  │  ├─ '^5.57.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^5.10.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["eslint"]; conflicting values are:
│  │  ├─ '^8.37.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '8.36.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["eslint-config-prettier"]; conflicting values are:
│  │  ├─ '^8.8.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^8.3.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["eslint-plugin-react"]; conflicting values are:
│  │  ├─ '^7.32.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '7.28.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["prettier-plugin-organize-imports"]; conflicting values are:
│  │  ├─ '^3.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^3.2.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["tsx"]; conflicting values are:
│  │  ├─ '^3.12.7' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^4.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ Conflict detected in constraint targeting devDependencies["typescript"]; conflicting values are:
│     ├─ '^5.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│     └─ '^5.0.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│
├─ @tldraw/docs@workspace:apps/docs
│  ├─ Conflict detected in constraint targeting dependencies["@types/ws"]; conflicting values are:
│  │  ├─ '^8.5.9' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^8.5.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["@vercel/analytics"]; conflicting values are:
│  │  ├─ '^1.1.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^1.0.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["concurrently"]; conflicting values are:
│  │  ├─ '^8.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  ├─ '^8.2.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '7.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["dotenv"]; conflicting values are:
│  │  ├─ '^16.3.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^16.0.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["eslint"]; conflicting values are:
│  │  ├─ '^8.37.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '8.36.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["eslint-config-next"]; conflicting values are:
│  │  ├─ '13.2.4' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '12.2.5' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["next"]; conflicting values are:
│  │  ├─ '^14.0.4' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^13.2.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["prettier-plugin-organize-imports"]; conflicting values are:
│  │  ├─ '^3.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^3.2.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["react"]; conflicting values are:
│  │  ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["react-dom"]; conflicting values are:
│  │  ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["tsx"]; conflicting values are:
│  │  ├─ '^3.12.7' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^4.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["typescript"]; conflicting values are:
│  │  ├─ '^5.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^5.0.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["ws"]; conflicting values are:
│  │  ├─ '^8.14.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  ├─ '^8.13.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^8.16.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ dotcom@workspace:apps/dotcom
│  ├─ Conflict detected in constraint targeting dependencies["@radix-ui/react-popover"]; conflicting values are:
│  │  ├─ '1.0.6-rc.5' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^1.0.7' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["@vercel/analytics"]; conflicting values are:
│  │  ├─ '^1.1.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^1.0.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["react"]; conflicting values are:
│  │  ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["react-dom"]; conflicting values are:
│  │  ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["react-router-dom"]; conflicting values are:
│  │  ├─ '^6.17.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^6.9.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["@types/react"]; conflicting values are:
│  │  ├─ '^18.2.47' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^18.2.33' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["dotenv"]; conflicting values are:
│  │  ├─ '^16.3.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^16.0.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["vite"]; conflicting values are:
│  │  ├─ '^5.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^4.3.4' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["ws"]; conflicting values are:
│  │  ├─ '^8.14.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  ├─ '^8.13.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^8.16.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ dotcom-asset-upload@workspace:apps/dotcom-asset-upload
│  ├─ Conflict detected in constraint targeting dependencies["itty-router"]; conflicting values are:
│  │  ├─ '^2.6.6' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^4.0.13' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["@types/ws"]; conflicting values are:
│  │  ├─ '^8.5.9' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^8.5.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ @tldraw/bookmark-extractor@workspace:apps/dotcom-bookmark-extractor
│  ├─ Conflict detected in constraint targeting dependencies["tslib"]; conflicting values are:
│  │  ├─ '^2.6.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^2.4.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["typescript"]; conflicting values are:
│  │  ├─ '^5.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^5.0.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ @tldraw/dotcom-worker@workspace:apps/dotcom-worker
│  ├─ Conflict detected in constraint targeting dependencies["itty-router"]; conflicting values are:
│  │  ├─ '^2.6.6' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^4.0.13' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["concurrently"]; conflicting values are:
│  │  ├─ '^8.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  ├─ '^8.2.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '7.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["typescript"]; conflicting values are:
│  │  ├─ '^5.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^5.0.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ examples.tldraw.com@workspace:apps/examples
│  ├─ Conflict detected in constraint targeting dependencies["@vercel/analytics"]; conflicting values are:
│  │  ├─ '^1.1.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^1.0.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["react"]; conflicting values are:
│  │  ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["react-dom"]; conflicting values are:
│  │  ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["react-router-dom"]; conflicting values are:
│  │  ├─ '^6.17.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^6.9.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["vite"]; conflicting values are:
│  │  ├─ '^5.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^4.3.4' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["dotenv"]; conflicting values are:
│  │  ├─ '^16.3.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^16.0.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ huppy@workspace:apps/huppy
│  ├─ Conflict detected in constraint targeting dependencies["next"]; conflicting values are:
│  │  ├─ '^14.0.4' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^13.2.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["react"]; conflicting values are:
│  │  ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["react-dom"]; conflicting values are:
│  │  ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["eslint-config-next"]; conflicting values are:
│  │  ├─ '13.2.4' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '12.2.5' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ @tldraw/vscode-editor@workspace:apps/vscode/editor
│  ├─ Conflict detected in constraint targeting devDependencies["@types/react"]; conflicting values are:
│  │  ├─ '^18.2.47' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^18.2.33' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["concurrently"]; conflicting values are:
│  │  ├─ '^8.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  ├─ '^8.2.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '7.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["dotenv"]; conflicting values are:
│  │  ├─ '^16.3.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^16.0.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["react"]; conflicting values are:
│  │  ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["react-dom"]; conflicting values are:
│  │  ├─ '18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^18.2.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["tslib"]; conflicting values are:
│  │  ├─ '^2.6.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^2.4.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ tldraw-vscode@workspace:apps/vscode/extension
│  ├─ Conflict detected in constraint targeting devDependencies["@typescript-eslint/eslint-plugin"]; conflicting values are:
│  │  ├─ '^5.57.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^5.10.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["@typescript-eslint/parser"]; conflicting values are:
│  │  ├─ '^5.57.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^5.10.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["tslib"]; conflicting values are:
│  │  ├─ '^2.6.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^2.4.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["tsx"]; conflicting values are:
│  │  ├─ '^3.12.7' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^4.0.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ config@workspace:config
│  ├─ Conflict detected in constraint targeting dependencies["eslint-config-prettier"]; conflicting values are:
│  │  ├─ '^8.8.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^8.3.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting dependencies["eslint-plugin-react"]; conflicting values are:
│  │  ├─ '^7.32.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '7.28.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ ⚙ Missing field packageManager; expected null
│
├─ @tldraw/assets@workspace:packages/assets
│  └─ ⚙ Missing field packageManager; expected null
│
├─ @tldraw/editor@workspace:packages/editor
│  ├─ Conflict detected in constraint targeting devDependencies["@testing-library/jest-dom"]; conflicting values are:
│  │  ├─ '^5.16.5' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^5.14.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["jest-canvas-mock"]; conflicting values are:
│  │  ├─ '^2.5.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^2.5.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["jest-environment-jsdom"]; conflicting values are:
│  │  ├─ '^29.4.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^28.1.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ @tldraw/state@workspace:packages/state
│  ├─ Conflict detected in constraint targeting devDependencies["@types/react"]; conflicting values are:
│  │  ├─ '^18.2.47' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^18.2.33' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ @tldraw/store@workspace:packages/store
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ @tldraw/tldraw@workspace:packages/tldraw
│  ├─ Conflict detected in constraint targeting dependencies["@radix-ui/react-popover"]; conflicting values are:
│  │  ├─ '1.0.6-rc.5' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^1.0.7' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["@testing-library/jest-dom"]; conflicting values are:
│  │  ├─ '^5.16.5' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^5.14.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["jest-canvas-mock"]; conflicting values are:
│  │  ├─ '^2.5.1' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^2.5.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["jest-environment-jsdom"]; conflicting values are:
│  │  ├─ '^29.4.3' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^28.1.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ @tldraw/tlschema@workspace:packages/tlschema
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ @tldraw/tlsync@workspace:packages/tlsync
│  ├─ Conflict detected in constraint targeting dependencies["ws"]; conflicting values are:
│  │  ├─ '^8.14.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  ├─ '^8.13.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^8.16.0' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  ├─ Conflict detected in constraint targeting devDependencies["typescript"]; conflicting values are:
│  │  ├─ '^5.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  │  └─ '^5.0.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ @tldraw/utils@workspace:packages/utils
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
├─ @tldraw/validate@workspace:packages/validate
│  └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
│
└─ @tldraw/scripts@workspace:scripts
   ├─ Conflict detected in constraint targeting devDependencies["typescript"]; conflicting values are:
   │  ├─ '^5.2.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
   │  └─ '^5.0.2' at enforceConsistentDependenciesAcrossTheProject (…/tldraw/yarn.config.cjs:14:15)
   └─ ⚙ Invalid field packageManager; expected null, found 'yarn@3.5.0'
```

</details>
2024-01-18 11:09:17 +00:00
Steve Ruiz
d7002057d7
unbrivate, dot com in (#2475)
This PR moves the tldraw.com app into the public repo.

### Change Type

- [x] `internal` — Any other changes that don't affect the published
package[^2]

---------

Co-authored-by: Dan Groshev <git@dgroshev.com>
Co-authored-by: alex <alex@dytry.ch>
2024-01-16 14:38:05 +00:00