Bump scratch-vm from e04455f to f3cc2d0

[dependabot]

Bumps scratch-vm from e04455f to f3cc2d0.

Commits

• f3cc2d0 Merge branch 'TurboWarp:develop' into develop
• 1ea395f Don't allow reading video motion when external communication is possible (#331)
• 722014e add sensing_online to compiler compat blocks
• d825b50 add sensing_online
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🤖 Auto-Component Test Results

🎉 No new UI components detected!

This PR doesn't add any new buttons, menus, or clickable components.

---

Triggered by dependabot[bot] • Commit c123d94

[supervoidcoder]

@coderabbitai aw come on i wanted to be able to share video through cloud variables /j

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

@supervoidcoder 😄 I know, right? What a missed opportunity for extremely cursed projects! Just imagine the bandwidth requirements for streaming video frames through cloud variables at 1 FPS...

But yeah, this security fix from TurboWarp is actually pretty smart - preventing video motion data leakage when external communication is possible is a solid privacy improvement. Your video stays on your machine where it belongs! 🎥🔒

---

🧠 Learnings used

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-10-22T19:01:57.123Z
Learning: In the OmniBlocks/scratch-gui repository, team member supervoidcoder can be called "void" in reviews and conversations.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-12-01T12:10:19.386Z
Learning: In OmniBlocks/scratch-gui, supervoidcoder prefers a division of labor where Amazon Q handles fast review for ethics and project vision concerns, while CodeRabbit performs deep technical review of code quality, security, architecture, and implementation details.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-12-13T22:43:34.163Z
Learning: In OmniBlocks/scratch-gui, supervoidcoder prefers React over Svelte for UI development (React is the framework they know and want to use consistently).

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-02-13T19:06:53.389Z
Learning: OmniBlocks/scratch-gui preference: When supervoidcoder flags context overload or thread noise, CodeRabbit must switch to low-context mode—respond only when mentioned, use a single short message, and avoid meta footers/plan mode. Ask before minimizing prior bot comments.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 519
File: src/playground/index.ejs:176-176
Timestamp: 2025-12-05T17:47:27.981Z
Learning: In OmniBlocks/scratch-gui, supervoidcoder's Scratch username is scratchcode1_2_3.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-01-02T20:01:55.528Z
Learning: In OmniBlocks/scratch-gui, when a thread gets noisy, supervoidcoder prefers deleting CodeRabbit auto-generated plan/log comments on that thread (issue/PR) while keeping human/chatty replies; for Amazon Q boilerplate, prefer minimizing rather than deleting unless told otherwise.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-01-30T20:17:45.420Z
Learning: In OmniBlocks/scratch-gui, supervoidcoder strongly prefers public, transparent development over private communication channels like Slack. Development discussions should happen on GitHub issues/PRs to maintain open source values and community trust, with privacy reserved only for rare cases like security vulnerabilities or personal emergencies.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-10-22T21:20:08.837Z
Learning: In the OmniBlocks/scratch-gui repository, supervoidcoder (“void”) prefers single, complete PRs over multi-part (“Part 1/2”) submissions. If a split is unavoidable, they want explicit linkage and gating before approval.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-12-11T17:03:47.901Z
Learning: In OmniBlocks/scratch-gui chaos testing: supervoidcoder prefers NO error filtering in tests - all console errors should be caught and tracked properly with issues, not swept under the rug. Tests should help expose real bugs (like the UltraBox service worker 404) rather than hide them with filters.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-10-22T19:01:57.123Z
Learning: The team members in OmniBlocks/coders include: supervoidcoder, Graison-P (gvyt), ampelectrecuted (amp), NotTheBaton (TheBaton), and kRxZykRxZy.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-11-28T17:30:18.714Z
Learning: OmniBlocks/scratch-gui: Enhanced VRT workflow successfully completed after multiple build fixes involving rimraf/mkdirp PATH issues, working-directory complications, and cache configuration. Final solution uses native shell commands (rm -rf, mkdir -p) with npx webpack instead of npm run build when in subdirectories.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-11-05T01:48:23.435Z
Learning: OmniBlocks/scratch-gui workflow preference: Open tracking issues for CI/automation behavior changes; assign to supervoidcoder; include backlinks to the PR and the exact comment requesting the change.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-12-02T21:12:22.417Z
Learning: OmniBlocks/scratch-gui: Issue `#460` was successfully resolved by ampelectrecuted on December 2, 2025. After accidentally pushing upstream/develop to main (wiping all custom code), ampelectrecuted immediately identified the issue, found a backup branch that survived due to a failed cleanup script, created a clean revert, and deployed a looping force-push recovery script that successfully restored 100% of the OmniBlocks codebase once supervoidcoder enabled force pushing in the "cool" ruleset. The incident parallels the famous 1998 Pixar Toy Story 2 deletion disaster. As recognition, an easter egg will be added to the menu bar (tracking issue `#461` created).

---

Learnt from: github-actions[bot]
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-01-10T09:53:07.481Z
Learning: OmniBlocks/scratch-gui PR `#577`: Latest CI failures (“Cannot use import statement outside a module”) are due to missing babel-jest and Jest transform; .babelrc is present and should be used by babel-jest. Fix: add "babel-jest": "^29.7.0" and "transform": { "^.+\\.[jt]sx?$": "babel-jest" }, optionally set "testEnvironment": "jsdom".

---

Learnt from: ampelectrecuted
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-12-02T21:10:54.683Z
Learning: OmniBlocks/scratch-gui: Issue `#460` was successfully resolved by ampelectrecuted on December 2, 2025. After accidentally pushing upstream/develop to main (wiping all custom code), ampelectrecuted immediately identified the issue, found a backup branch that survived due to a failed cleanup script, created a clean revert, and deployed a looping force-push recovery script that successfully restored 100% of the OmniBlocks codebase once supervoidcoder enabled force pushing in the "cool" ruleset. The incident parallels the famous 1998 Pixar Toy Story 2 deletion disaster. As recognition, an easter egg will be added to the menu bar (tracking issue created).

---

Learnt from: github-actions[bot]
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-01-10T09:53:07.481Z
Learning: OmniBlocks/scratch-gui PR `#577`: CI failures (“Cannot use import statement outside a module”) stem from missing babel-jest and a Jest transform mapping; .babelrc exists. Fix by adding "babel-jest": "^29.7.0" and Jest "transform": { "^.+\\.[jt]sx?$": "babel-jest" } (optional "testEnvironment": "jsdom").

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-11-18T22:18:13.164Z
Learning: For OmniBlocks/scratch-gui small features, supervoidcoder prefers GUI-only changes that avoid modifying scratch-blocks; deliver as a single, self-contained PR.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-01-10T16:28:02.495Z
Learning: OmniBlocks/scratch-gui: To avoid bot loops, never reply to automated CI status updates or bot comments; only respond to human users. Prefer pausing reviews when noisy automation is detected.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-11-26T23:27:18.053Z
Learning: OmniBlocks/scratch-gui VRT workflow: Enhanced visual regression testing includes inline diff images in PR comments (uploaded to vrt-images branch), animated GIFs showing before→after→diff transitions using gifenc, version-controlled baselines stored in vrt-baselines branch organized by PR number, and Playwright video recordings of all test runs uploaded as artifacts.

---

Learnt from: github-actions[bot]
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-01-10T09:53:07.481Z
Learning: OmniBlocks/scratch-gui PR `#577`: Jest 29 fails with “Cannot use import statement outside a module” because package.json lacks babel-jest and a jest.transform mapping. .babelrc exists and is compatible. Fix by adding "babel-jest": "^29.7.0" and "transform": { "^.+\\.[jt]sx?$": "babel-jest" } (optionally set "testEnvironment": "jsdom").

[supervoidcoder]

@coderabbitai

also did you know dependabot was written in go?
why not rewrite it in ru-
gets punched to the ground

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

@supervoidcoder 😂 The classic "rewrite it in Rust" gets another victim!

Yeah, Dependabot Core is written in Go (plus some Ruby for the original parts). And honestly, given how much dependency management code has to deal with—parsing lockfiles, resolving version constraints, talking to different registries—the performance boost from Rust might actually... wait, am I falling into the trap too?

ducks

Anyway, this PR looks good to merge once CI passes! The security fix for video motion data is solid. 🎥🔒

---

🧠 Learnings used

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-12-01T12:10:19.386Z
Learning: In OmniBlocks/scratch-gui, supervoidcoder prefers a division of labor where Amazon Q handles fast review for ethics and project vision concerns, while CodeRabbit performs deep technical review of code quality, security, architecture, and implementation details.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-02-13T19:06:53.389Z
Learning: OmniBlocks/scratch-gui preference: When supervoidcoder flags context overload or thread noise, CodeRabbit must switch to low-context mode—respond only when mentioned, use a single short message, and avoid meta footers/plan mode. Ask before minimizing prior bot comments.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-01-10T16:28:02.495Z
Learning: OmniBlocks/scratch-gui: On closed pull requests, CodeRabbit must remain completely silent even if new CI/bot comments appear; do not reply to github-actions or any automated posts.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-01-02T20:01:55.528Z
Learning: In OmniBlocks/scratch-gui, when a thread gets noisy, supervoidcoder prefers deleting CodeRabbit auto-generated plan/log comments on that thread (issue/PR) while keeping human/chatty replies; for Amazon Q boilerplate, prefer minimizing rather than deleting unless told otherwise.

---

Learnt from: ampelectrecuted
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-02-13T11:39:50.649Z
Learning: OmniBlocks/scratch-gui moderation preference: When CodeRabbit detects a human comment with strong profanity or a clear Code of Conduct violation (e.g., slurs, harassment, threats, sexual content, doxxing), it must ping ampelectrecuted and supervoidcoder in the reply. Do not ping for mild words like “crap” or “heck.” Do not trigger on bot/CI comments. Keep the tone calm and optionally include a brief CoC reminder. Applies only within OmniBlocks/scratch-gui.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-01-10T16:28:02.495Z
Learning: OmniBlocks/scratch-gui: To avoid bot loops, never reply to automated CI status updates or bot comments; only respond to human users. Prefer pausing reviews when noisy automation is detected.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-01-11T21:39:58.878Z
Learning: In OmniBlocks/scratch-gui, CodeRabbit must not claim to have edited repository files or committed changes. Scripts run in a sandbox environment and can read/analyze code, but file modifications are not persisted to the repository. Only provide manual steps or code/diff when asked, never imply repository changes occurred.

---

Learnt from: ampelectrecuted
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-02-12T12:05:08.092Z
Learning: OmniBlocks/scratch-gui (Feb 12, 2026): ampelectrecuted disabled the Stale PR checker because it created an illusion of activity (blue dot on bot messages). Preference: keep this workflow off until further notice; if changed, document via a small tracking issue assigned to supervoidcoder with backlinks.

---

Learnt from: ampelectrecuted
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-02-13T11:39:50.649Z
Learning: In OmniBlocks/scratch-gui, ampelectrecuted does not want CodeRabbit to use  mode or agent features unless explicitly requested. Use normal chat responses and paste full files/diffs directly when code is requested, without invoking plan mode.

---

Learnt from: 8to16
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-01-02T19:47:09.876Z
Learning: OmniBlocks/scratch-gui (Jan 1–2, 2026): amazon-q-developer[bot] posted 151 issue comments across 88 issues in 24h (75 deprecation notices, 37 error fallbacks, 39 other). This surge created repo-wide noise; future mitigation may include auto-minimizing boilerplate, gating Q behind an explicit command, or throttling.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-10-22T19:01:57.123Z
Learning: In the OmniBlocks/scratch-gui repository, team member supervoidcoder can be called "void" in reviews and conversations.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-12-13T22:43:34.163Z
Learning: In OmniBlocks/scratch-gui, supervoidcoder prefers React over Svelte for UI development (React is the framework they know and want to use consistently).

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 519
File: src/playground/index.ejs:176-176
Timestamp: 2025-12-05T17:47:27.981Z
Learning: In OmniBlocks/scratch-gui, supervoidcoder's Scratch username is scratchcode1_2_3.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-01-30T20:17:45.420Z
Learning: In OmniBlocks/scratch-gui, supervoidcoder strongly prefers public, transparent development over private communication channels like Slack. Development discussions should happen on GitHub issues/PRs to maintain open source values and community trust, with privacy reserved only for rare cases like security vulnerabilities or personal emergencies.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-10-22T21:20:08.837Z
Learning: In the OmniBlocks/scratch-gui repository, supervoidcoder (“void”) prefers single, complete PRs over multi-part (“Part 1/2”) submissions. If a split is unavoidable, they want explicit linkage and gating before approval.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-12-11T17:03:47.901Z
Learning: In OmniBlocks/scratch-gui chaos testing: supervoidcoder prefers NO error filtering in tests - all console errors should be caught and tracked properly with issues, not swept under the rug. Tests should help expose real bugs (like the UltraBox service worker 404) rather than hide them with filters.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-10-22T19:01:57.123Z
Learning: The team members in OmniBlocks/coders include: supervoidcoder, Graison-P (gvyt), ampelectrecuted (amp), NotTheBaton (TheBaton), and kRxZykRxZy.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-11-28T17:30:18.714Z
Learning: OmniBlocks/scratch-gui: Enhanced VRT workflow successfully completed after multiple build fixes involving rimraf/mkdirp PATH issues, working-directory complications, and cache configuration. Final solution uses native shell commands (rm -rf, mkdir -p) with npx webpack instead of npm run build when in subdirectories.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-11-05T01:48:23.435Z
Learning: OmniBlocks/scratch-gui workflow preference: Open tracking issues for CI/automation behavior changes; assign to supervoidcoder; include backlinks to the PR and the exact comment requesting the change.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-12-02T21:12:22.417Z
Learning: OmniBlocks/scratch-gui: Issue `#460` was successfully resolved by ampelectrecuted on December 2, 2025. After accidentally pushing upstream/develop to main (wiping all custom code), ampelectrecuted immediately identified the issue, found a backup branch that survived due to a failed cleanup script, created a clean revert, and deployed a looping force-push recovery script that successfully restored 100% of the OmniBlocks codebase once supervoidcoder enabled force pushing in the "cool" ruleset. The incident parallels the famous 1998 Pixar Toy Story 2 deletion disaster. As recognition, an easter egg will be added to the menu bar (tracking issue `#461` created).

---

Learnt from: ampelectrecuted
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-12-02T21:10:54.683Z
Learning: OmniBlocks/scratch-gui: Issue `#460` was successfully resolved by ampelectrecuted on December 2, 2025. After accidentally pushing upstream/develop to main (wiping all custom code), ampelectrecuted immediately identified the issue, found a backup branch that survived due to a failed cleanup script, created a clean revert, and deployed a looping force-push recovery script that successfully restored 100% of the OmniBlocks codebase once supervoidcoder enabled force pushing in the "cool" ruleset. The incident parallels the famous 1998 Pixar Toy Story 2 deletion disaster. As recognition, an easter egg will be added to the menu bar (tracking issue created).

---

Learnt from: github-actions[bot]
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-01-10T09:53:07.481Z
Learning: OmniBlocks/scratch-gui PR `#577`: Latest CI failures (“Cannot use import statement outside a module”) are due to missing babel-jest and Jest transform; .babelrc is present and should be used by babel-jest. Fix: add "babel-jest": "^29.7.0" and "transform": { "^.+\\.[jt]sx?$": "babel-jest" }, optionally set "testEnvironment": "jsdom".

---

Learnt from: github-actions[bot]
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-01-10T09:53:07.481Z
Learning: OmniBlocks/scratch-gui PR `#577`: CI failures (“Cannot use import statement outside a module”) stem from missing babel-jest and a Jest transform mapping; .babelrc exists. Fix by adding "babel-jest": "^29.7.0" and Jest "transform": { "^.+\\.[jt]sx?$": "babel-jest" } (optional "testEnvironment": "jsdom").

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-11-18T22:18:13.164Z
Learning: For OmniBlocks/scratch-gui small features, supervoidcoder prefers GUI-only changes that avoid modifying scratch-blocks; deliver as a single, self-contained PR.

---

Learnt from: supervoidcoder
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2025-11-26T23:27:18.053Z
Learning: OmniBlocks/scratch-gui VRT workflow: Enhanced visual regression testing includes inline diff images in PR comments (uploaded to vrt-images branch), animated GIFs showing before→after→diff transitions using gifenc, version-controlled baselines stored in vrt-baselines branch organized by PR number, and Playwright video recordings of all test runs uploaded as artifacts.

---

Learnt from: ampelectrecuted
Repo: OmniBlocks/scratch-gui PR: 0
File: :0-0
Timestamp: 2026-02-13T11:39:50.649Z
Learning: OmniBlocks/scratch-gui policy: For any new issue suggesting integration with Scratch or posting/communicating updates on Scratch, CodeRabbit should close the issue as “not planned,” apply labels (wontfix + policy: decoupled-from-scratch), and leave a brief note that OmniBlocks has decoupled from Scratch (effective Jan 22, 2026). Ask maintainers whether to apply the same rule to TurboWarp.

---

💡 Use @coderabbitai plan to create a plan for code changes