fix(deps): update all non-major dependencies (#135)

This PR contains the following updates:

| Package | Change | Age | Confidence | Type | Update | Pending |
|---|---|---|---|---|---|---|
| [@prisma/client](https://www.prisma.io)
([source](https://redirect.github.com/prisma/prisma/tree/HEAD/packages/client))
| [`6.16.3` ->
`6.17.1`](https://renovatebot.com/diffs/npm/@prisma%2fclient/6.16.3/6.17.1)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@prisma%2fclient/6.17.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@prisma%2fclient/6.16.3/6.17.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| dependencies | minor | |
| [@prisma/client](https://www.prisma.io)
([source](https://redirect.github.com/prisma/prisma/tree/HEAD/packages/client))
| [`6.16.3` ->
`6.17.1`](https://renovatebot.com/diffs/npm/@prisma%2fclient/6.16.3/6.17.1)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@prisma%2fclient/6.17.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@prisma%2fclient/6.16.3/6.17.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | |
|
[@types/node](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node)
([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node))
| [`22.18.8` ->
`22.18.10`](https://renovatebot.com/diffs/npm/@types%2fnode/22.18.8/22.18.10)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@types%2fnode/22.18.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@types%2fnode/22.18.8/22.18.10?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch | `22.18.11` |
| docker.io/alpine | `3.22.1` -> `3.22.2` |
[![age](https://developer.mend.io/api/mc/badges/age/docker/docker.io%2falpine/3.22.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/docker.io%2falpine/3.22.1/3.22.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| final | patch | |
| docker.io/postgres | `17.5-alpine3.22` -> `17.6-alpine3.22` |
[![age](https://developer.mend.io/api/mc/badges/age/docker/docker.io%2fpostgres/17.6-alpine3.22?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/docker/docker.io%2fpostgres/17.5-alpine3.22/17.6-alpine3.22?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| | patch | |
|
[github/codeql-action](https://redirect.github.com/github/codeql-action)
| `v4.30.8` -> `v4.30.9` |
[![age](https://developer.mend.io/api/mc/badges/age/github-tags/github%2fcodeql-action/v4.30.9?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/github-tags/github%2fcodeql-action/v4.30.8/v4.30.9?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| action | patch | |
| [prisma](https://www.prisma.io)
([source](https://redirect.github.com/prisma/prisma/tree/HEAD/packages/cli))
| [`6.16.3` ->
`6.17.1`](https://renovatebot.com/diffs/npm/prisma/6.16.3/6.17.1) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/prisma/6.17.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/prisma/6.16.3/6.17.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | |
|
[typescript-eslint](https://typescript-eslint.io/packages/typescript-eslint)
([source](https://redirect.github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint))
| [`8.45.0` ->
`8.46.0`](https://renovatebot.com/diffs/npm/typescript-eslint/8.45.0/8.46.0)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/typescript-eslint/8.46.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/typescript-eslint/8.45.0/8.46.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor | `8.46.1` |

---

### Release Notes

<details>
<summary>prisma/prisma (@&#8203;prisma/client)</summary>

###
[`v6.17.1`](https://redirect.github.com/prisma/prisma/releases/tag/6.17.1)

[Compare
Source](https://redirect.github.com/prisma/prisma/compare/6.17.0...6.17.1)

Today, we are issuing a patch release to address a [regression in
v6.17.0 that affected diffing of unsupported
types](https://redirect.github.com/prisma/prisma/issues/28237), leading
to unnecessary or incorrect changes when creating new migrations or
running `db pull`. This update is recommended for all users who have any
fields marked as `Unsupported` in their schema files.

#### Changes

-
[prisma/prisma-engines#5633](https://redirect.github.com/prisma/prisma-engines/pull/5633)

###
[`v6.17.0`](https://redirect.github.com/prisma/prisma/releases/tag/6.17.0)

[Compare
Source](https://redirect.github.com/prisma/prisma/compare/6.16.3...6.17.0)

Today, we are excited to share the `6.17.0` stable release 🎉

**🌟 Star this repo for notifications about new releases, bug fixes &
features — or [follow us on X](https://pris.ly/x)!**

#### Prisma ORM

Prisma ORM is the most popular ORM in the TypeScript ecosystem. Today's
release brings a number of bug fixes and improvements to Prisma ORM.

##### Bug fixes and improvements

- Added support for Entra ID (ActiveDirectory) authentication parameters
for the MS SQL Server driver adapter. For example, you can use the
`config` object to configure
[DefaultAzureCredential](https://learn.microsoft.com/en-gb/azure/developer/javascript/sdk/authentication/credential-chains#use-defaultazurecredential-for-flexibility):
  ```ts
  import { PrismaMssql } from '@&#8203;prisma/adapter-mssql'
  import { PrismaClient } from '@&#8203;prisma/client'

  const config = {
    server: 'localhost',
    port: 1433,
    database: 'mydb',
    authentication: {
      type: 'azure-active-directory-default',
    },
    options: {
      encrypt: true,
    },
  }

  const adapter = new PrismaMssql(config)
  const prisma = new PrismaClient({ adapter })
  ```
Learn more in this
[PR](https://redirect.github.com/prisma/prisma/pull/28156/files#diff-351f5d894309f058776099c378e3956271f34f34c04e2b54576045b9773ab61aR61-R62).
- Relaxed the support package range for `@opentelemetry/instrumentation`
to be compatible with `">=0.52.0 <1"`. Learn more in this
[PR](https://redirect.github.com/prisma/prisma/pull/28199/files).
- Added Codex CLI detection, ensuring dangerous Prisma operations are
not executed by Codex without explicit user consent. Learn more in this
[PR](https://redirect.github.com/prisma/prisma/pull/28159).
- Fixed JSON column handling when using a MariaDB database. Learn more
in this [PR](https://redirect.github.com/prisma/prisma/pull/28211).
- Restored the original behaviour of group-by aggregations where they
would refer to columns with explicit table names which fixes a
regression that would result in ambiguous column errors. Learn more in
this [PR](https://redirect.github.com/prisma/prisma-engines/pull/5629).

#### Prisma Postgres

[Prisma Postgres](https://www.prisma.io/postgres) is our fully managed
Postgres service designed with the same philosophy of great DX that has
guided Prisma for close to a decade. With this release we are
introducing the following improvements:

##### New usage workspace metrics available in your Console Dashboard

The Dashboard in your [Prisma Console](https://console.prisma.io)
account now displays new metrics about your Prisma Postgres usage:

- Key metrics
  - Estimated upcoming invoice
  - Total storage used
  - Total DBs
- Overall usage
  - Cumulative operations
  - Operations per day

##### Using Prisma Postgres with any tool is ready for production

Previously, the only way to connect to Prisma Postgres was using Prisma
ORM. That combination is great because it gives you connection pooling,
global caching and overall an amazing DX.

That being said, we understand that preferences vary and some developers
prefer to use plain SQL or lower-level query builders in their
applications. As of this release, these ways for connecting to Prisma
Postgres are now officially generally available and can be used in your
production apps!

You can connect using Drizzle, Kysely, TypeORM, `psql`,
or *any other* Postgres-compatible library, database migration [tools
like Atlas](https://atlasgo.io/) or interfaces like DBeaver, Postico,
and more.

📚 Learn more in the
[docs](https://www.prisma.io/docs/postgres/database/direct-connections).

#### Enterprise support

Thousands of teams use Prisma and many of them already tap into our
Enterprise & Agency Support Program for hands-on help with everything
from schema integrations and performance tuning to security and
compliance.

With this program you also get priority issue triage and bug fixes,
expert scalability advice, and custom training so that your
Prisma-powered apps stay rock-solid at any scale. Learn more or join:
<https://prisma.io/enterprise>.

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v4.30.9`](https://redirect.github.com/github/codeql-action/releases/tag/v4.30.9)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v4.30.8...v4.30.9)

##### CodeQL Action Changelog

See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.

##### 4.30.9 - 17 Oct 2025

- Update default CodeQL bundle version to 2.23.3.
[#&#8203;3205](https://redirect.github.com/github/codeql-action/pull/3205)
- Experimental: A new `setup-codeql` action has been added which is
similar to `init`, except it only installs the CodeQL CLI and does not
initialize a database. Do not use this in production as it is part of an
internal experiment and subject to change at any time.
[#&#8203;3204](https://redirect.github.com/github/codeql-action/pull/3204)

See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v4.30.9/CHANGELOG.md)
for more information.

</details>

<details>
<summary>typescript-eslint/typescript-eslint
(typescript-eslint)</summary>

###
[`v8.46.0`](https://redirect.github.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/typescript-eslint/CHANGELOG.md#8460-2025-10-06)

[Compare
Source](https://redirect.github.com/typescript-eslint/typescript-eslint/compare/v8.45.0...v8.46.0)

##### 🚀 Features

- **typescript-eslint:** export util types
([#&#8203;10848](https://redirect.github.com/typescript-eslint/typescript-eslint/pull/10848),
[#&#8203;10849](https://redirect.github.com/typescript-eslint/typescript-eslint/pull/10849))

##### ❤️ Thank You

- Mister-Hope
[@&#8203;Mister-Hope](https://redirect.github.com/Mister-Hope)

You can read about our [versioning
strategy](https://typescript-eslint.io/users/versioning) and
[releases](https://typescript-eslint.io/users/releases) on our website.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on Sunday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/8hobbies/commitrack).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xNDMuMSIsInVwZGF0ZWRJblZlciI6IjQxLjE0My4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbXX0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

Author: renovate[bot]

.github/workflows/trivy.yml

@@ -55,13 +55,13 @@ jobs:
         continue-on-error: true
 
       - name: Upload Trivy fs scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v4.30.8
+        uses: github/codeql-action/upload-sarif@v4.30.9
         with:
           category: "trivy-fs"
           sarif_file: "fs.sarif"
 
       - name: Upload Trivy image scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v4.30.8
+        uses: github/codeql-action/upload-sarif@v4.30.9
         with:
           category: "trivy-image"
           sarif_file: "image.sarif"

package-lock.json

@@ -24,16 +24,16 @@
   },
   "devDependencies": {
     "@8hobbies/eslint-conf-baseline": "6.0.0",
-    "@prisma/client": "6.16.3",
+    "@prisma/client": "6.17.1",
     "@types/eslint": "9.6.1",
-    "@types/node": "22.18.8",
+    "@types/node": "22.18.10",
     "eslint": "9.37.0",
     "globals": "16.4.0",
     "prettier": "3.6.2",
-    "prisma": "6.16.3",
+    "prisma": "6.17.1",
     "tsx": "4.20.6",
     "typescript": "5.9.3",
-    "typescript-eslint": "8.45.0",
+    "typescript-eslint": "8.46.0",
     "vitest": "3.2.4"
   }
 }

package.json

@@ -19,20 +19,20 @@
     "@8hobbies/eslint-conf-baseline": "6.0.0",
     "@types/eslint": "9.6.1",
     "@types/jest": "30.0.0",
-    "@types/node": "22.18.8",
+    "@types/node": "22.18.10",
     "@vitest/coverage-v8": "3.2.4",
     "eslint": "9.37.0",
     "globals": "16.4.0",
     "prettier": "3.6.2",
-    "prisma": "6.16.3",
+    "prisma": "6.17.1",
     "typescript": "5.9.3",
-    "typescript-eslint": "8.45.0",
+    "typescript-eslint": "8.46.0",
     "vitest": "3.2.4"
   },
   "dependencies": {
     "@8hobbies/utils": "4.2.0",
     "@fastify/type-provider-json-schema-to-ts": "5.0.0",
-    "@prisma/client": "6.16.3",
+    "@prisma/client": "6.17.1",
     "fastify": "5.6.1",
     "fastify-plugin": "5.1.0",
     "redis": "4.7.1"

packages/api-server/package-lock.json

@@ -15,7 +15,7 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
-FROM docker.io/alpine:3.22.1@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1
+FROM docker.io/alpine:3.22.2@sha256:4b7ce07002c69e8f3d704a9c5d6fd3053be500b7f1c69fc0d80990c2ad8dd412
 
 # Remove the community repository. This is to ensure that we only rely on
 # packages with future availability.

packages/api-server/package.json

@@ -18,13 +18,13 @@
     "@8hobbies/eslint-conf-baseline": "6.0.0",
     "@types/eslint": "9.6.1",
     "@types/jest": "30.0.0",
-    "@types/node": "22.18.8",
+    "@types/node": "22.18.10",
     "@vitest/coverage-v8": "3.2.4",
     "eslint": "9.37.0",
     "globals": "16.4.0",
     "prettier": "3.6.2",
-    "prisma": "6.16.3",
+    "prisma": "6.17.1",
     "typescript": "5.9.3",
-    "typescript-eslint": "8.45.0"
+    "typescript-eslint": "8.46.0"
   }
 }