build(deps): bump the npm_and_yarn group across 1 directory with 3 updates

[dependabot]

Bumps the npm_and_yarn group with 1 update in the / directory: music-metadata.

Updates music-metadata from 11.12.1 to 11.12.3

Release notes

Sourced from music-metadata's releases.

v11.12.3

Changes

🐛 Bug Fixes

• Fix TypeScript decleration inclusion @​Borewit (#2608)

📦 NPM release

NPM release: music-metadata@11.12.3

v11.12.2

⚠️ This release is missing TypeScript declarations, use v11.12.3 instead.

Changes

• ⚠️ Fix CWE-85 by avoiding infinite loop in ASF @​Borewit (#2605)

🐛 Bug Fixes

• Map .wma and .wmv. extension to AsfParser @​Borewit (#2601)

⬆️ Dependencies

• Bump @​borewit/text-codec from 0.2.1 to 0.2.2 @​dependabot (#2602)

📦 NPM release

NPM release: music-metadata@11.12.2

Commits

• 894a9e8 11.12.3
• 2beb45c Fix TypeScript decleration inclusion
• 7f13e8e 11.12.2
• 7e5be08 Upgrade @biomejs/biome to 2.4.6
• 318e963 Fix CWE-85 by avoiding infinite loop in ASF
• 5b7e69c Simplify tsconfig.prod.json by removing unused options
• 1ffe9bf Bump tar from 7.5.7 to 7.5.11
• 20f4683 Bump c8 from 10.1.3 to 11.0.0
• cfcf152 Bump @​borewit/text-codec from 0.2.1 to 0.2.2
• 2e4e40c Bump minimatch from 9.0.5 to 9.0.9
• Additional commits viewable in compare view

Updates effect from 3.19.19 to 3.21.0

Release notes

Sourced from effect's releases.

effect@3.21.0

Minor Changes

• #5780 f7bb09b Thanks @​kitlangton! - Add Cron.prev and reverse iteration support, aligning next/prev lookup tables, fixing DST handling symmetry, and expanding cron backward/forward test coverage.

• #5780 bd7552a Thanks @​mattiamanzati! - Add type-level utils to asserting layer types

• #5780 ad1a7eb Thanks @​schickling! - RcMap: support dynamic idleTimeToLive values per key

  The idleTimeToLive option can now be a function that receives the key and returns a duration, allowing different TTL values for different resources.

  const map =
    yield *
    RcMap.make({
      lookup: (key: string) => acquireResource(key),
      idleTimeToLive: (key: string) => {
        if (key.startsWith("premium:")) return Duration.minutes(10)
        return Duration.minutes(1)
      }
    })

• #5780 0d32048 Thanks @​mikearnaldi! - Fix annotateCurrentSpan, add Effect.currentPropagatedSpan

Patch Changes

• #5780 0d32048 Thanks @​mikearnaldi! - Add logs to first propagated span, in the following case before this fix the log would not be added to the p span because Effect.fn adds a fake span for the purpose of adding a stack frame.

  import { Effect } from "effect"
  const f = Effect.fn(function* () {
  yield* Effect.logWarning("FooBar")
  return yield* Effect.fail("Oops")
  })
  const p = f().pipe(Effect.withSpan("p"))

effect@3.20.1

Patch Changes

• #6133 add06f4 Thanks @​aniravi24! - Fix Equal.equals crash when comparing null values inside structuralRegion. Added null guard before Object.getPrototypeOf calls to prevent TypeError: Cannot convert undefined or null to object.

• #6093 a03b6a2 Thanks @​luchersou! - avoid class for PrettyError to preserve error.name

effect@3.20.0

Minor Changes

... (truncated)

Changelog

Sourced from effect's changelog.

3.21.0

Minor Changes

• #5780 f7bb09b Thanks @​kitlangton! - Add Cron.prev and reverse iteration support, aligning next/prev lookup tables, fixing DST handling symmetry, and expanding cron backward/forward test coverage.

• #5780 bd7552a Thanks @​mattiamanzati! - Add type-level utils to asserting layer types

• #5780 ad1a7eb Thanks @​schickling! - RcMap: support dynamic idleTimeToLive values per key

  The idleTimeToLive option can now be a function that receives the key and returns a duration, allowing different TTL values for different resources.

  const map =
    yield *
    RcMap.make({
      lookup: (key: string) => acquireResource(key),
      idleTimeToLive: (key: string) => {
        if (key.startsWith("premium:")) return Duration.minutes(10)
        return Duration.minutes(1)
      }
    })

• #5780 0d32048 Thanks @​mikearnaldi! - Fix annotateCurrentSpan, add Effect.currentPropagatedSpan

Patch Changes

• #5780 0d32048 Thanks @​mikearnaldi! - Add logs to first propagated span, in the following case before this fix the log would not be added to the p span because Effect.fn adds a fake span for the purpose of adding a stack frame.

  import { Effect } from "effect"
  const f = Effect.fn(function* () {
  yield* Effect.logWarning("FooBar")
  return yield* Effect.fail("Oops")
  })
  const p = f().pipe(Effect.withSpan("p"))

3.20.1

Patch Changes

• #6133 add06f4 Thanks @​aniravi24! - Fix Equal.equals crash when comparing null values inside structuralRegion. Added null guard before Object.getPrototypeOf calls to prevent TypeError: Cannot convert undefined or null to object.

• #6093 a03b6a2 Thanks @​luchersou! - avoid class for PrettyError to preserve error.name

3.20.0

... (truncated)

Commits

• 6e3782a Version Packages (#6135)
• f7bb09b Add Cron.prev reverse iteration support (#5786)
• bd7552a Add type-level utils to asserting layer types (#5920)
• ad1a7eb RcMap: support dynamic idleTimeToLive values per key (#5859)
• 0d32048 Add logs to first propagated span (#5710)
• 37a8af5 Version Packages (#6134)
• a03b6a2 fix(logger): use source maps for error stack traces in browser pretty logger ...
• 7d8fc1e docs(Layer): clarify scopedDiscard JSDoc to match effectDiscard (#5790)
• add06f4 fix(Equal): guard against null in structuralRegion comparison (#6133)
• aa47393 Version Packages (#6089)
• Additional commits viewable in compare view

Updates file-type from 21.3.0 to 21.3.3

Release notes

Sourced from file-type's releases.

v21.3.3

• Harden parser c48c90b 135f91b

---

sindresorhus/file-type@v21.3.2...v21.3.3

v21.3.2

• Fix ZIP bomb in known-size ZIP probing (GHSA-j47w-4g3g-c36v) a155cd7
• Fix bound recursive BOM and ID3 detection 370ed91

---

sindresorhus/file-type@v21.3.1...v21.3.2

v21.3.1

• Fix infinite loop in ASF parser on malformed input (GHSA-5v7r-6r5c-r473) 319abf8

---

sindresorhus/file-type@v21.3.0...v21.3.1

Commits

• 3afcca5 21.3.3
• c48c90b Harden parser more
• 135f91b Harden parser more
• e18028c 21.3.2
• a155cd7 Fix ZIP bomb in known-size ZIP probing
• 6954817 Harden parser more
• 370ed91 Fix bound recursive BOM and ID3 detection
• d2ecea1 Add a few more safeguards
• 41fcff5 Update readme
• a8f6934 Fix CI
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Looks like these dependencies are no longer updatable, so this is no longer needed.