Bump date-fns from 3.6.0 to 4.1.0 in /app

[dependabot]

Bumps date-fns from 3.6.0 to 4.1.0.

Release notes

Sourced from date-fns's releases.

v4.1.0

This release adds time zone support to format functions (that I somehow missed when working on the feature) and fixes a few bugs.

Make sure also upgrade TZDate to v1.0.2 as it includes a bunch of critical bug fixes.

Fixed

• Fixed internal constructFrom throwing an exception on null arguments. While null isn't allowed, the functions should rather return Invalid Date or NaN in such cases. See #3885.

Added

• Added missing time zone support to format, formatISO, formatISO9075, formatRelative and formatRFC3339. See #3886.

v4.0.0

I have great news! First, ten years after its release, date-fns finally gets first-class time zone support.

Another great news is that there aren't many breaking changes in this release. All of them are type-related and will affect only those explicitly using internal date-fns types. Finally, it has been less than a year since the last major release, which is an improvement over the previous four years between v2 and v3. I plan on keeping the pace and minimizing breaking changes moving forward.

Read more about the release in the announcement blog post.

- Sasha @​kossnocorp

Added

• Added time zones support via @date-fns/tz's TZDate class and tz helper function. See its README for the details about the API.

• All relevant functions now accept the context in option, which allows to specify the time zone to make the calculations in. If the function also returns a date, it will be in the specified time zone:

  import { addDays, startOfDay } from "date-fns";
  import { tz } from "@date-fns/tz";
  startOfDay(addDays(Date.now(), 5, { in: tz("Asia/Singapore") }));
  //=> "2024-09-16T00:00:00.000+08:00"

  In the example, addDays will get the current date and time in Singapore and add 5 days to it. startOfDay will inherit the date type and return the start of the day in Singapore.

Changed

• The function arguments, as well as Interval's start and end, now can be of different types, allowing you to mix UTCDate, TZDate, Date, and other extensions, as well as primitives (strings and numbers).

  The functions will normalize these values, make calculations, and return the result in the same type, preventing any bugs caused by the discrepancy. If passed, the type will be inferred from the context in option or the first encountered argument object type. The Interval's start and end will be considered separately, starting from start.

  In the given example, the result will be in the TZDate as the first argument is a number, and the start takes precedence over the end.

  clamp(Date.now(), {
    start: new TZDate(start, "Asia/Singapore"),
    end: new UTCDate(),

... (truncated)

Changelog

Sourced from date-fns's changelog.

v4.1.0 - 2024-09-17

This release adds time zone support to format functions (that I somehow missed when working on the feature) and fixes a few bugs.

Make sure also upgrade TZDate to v1.0.2 as it includes a bunch of critical bug fixes.

Fixed

• Fixed internal constructFrom throwing an exception on null arguments. While null isn't allowed, the functions should rather return Invalid Date or NaN in such cases. See #3885.

Added

• Added missing time zone support to format, formatISO, formatISO9075, formatRelative and formatRFC3339. See #3886.

v4.0.0 - 2024-09-16

I have great news! First, ten years after its release, date-fns finally gets first-class time zone support.

Another great news is that there aren't many breaking changes in this release. All of them are type-related and will affect only those explicitly using internal date-fns types. Finally, it has been less than a year since the last major release, which is an improvement over the previous four years between v2 and v3. I plan on keeping the pace and minimizing breaking changes moving forward.

Read more about the release in the announcement blog post.

- Sasha @​kossnocorp

Added

• Added time zones support via @date-fns/tz's TZDate class and tz helper function. See its README for the details about the API.

• All relevant functions now accept the context in option, which allows to specify the time zone to make the calculations in. If the function also returns a date, it will be in the specified time zone:

  import { addDays, startOfDay } from "date-fns";
  import { tz } from "@date-fns/tz";
  startOfDay(addDays(Date.now(), 5, { in: tz("Asia/Singapore") }));
  //=> "2024-09-16T00:00:00.000+08:00"

  In the example, addDays will get the current date and time in Singapore and add 5 days to it. startOfDay will inherit the date type and return the start of the day in Singapore.

Changed

• The function arguments, as well as Interval's start and end, now can be of different types, allowing you to mix UTCDate, TZDate, Date, and other extensions, as well as primitives (strings and numbers).

  The functions will normalize these values, make calculations, and return the result in the same type, preventing any bugs caused by the discrepancy. If passed, the type will be inferred from the context in option or the first encountered argument object type. The Interval's start and end will be considered separately, starting from start.

  In the given example, the result will be in the TZDate as the first argument is a number, and the start takes precedence over the end.

  clamp(Date.now(), {

... (truncated)

Commits

• 313b902 Fix v4.1.0 change log entry
• 26cd336 Promote to v4.1.0
• 97b53b9 Cover time zone edge cases
• 59b7563 Add missing time zone support to format, formatISO, formatISO9075, formatRela...
• 0121164 Prevent constructFrom from throwing an error on null
• bd87ef5 Update @​date-fns/docs
• 99b4e67 Prepare v4.0
• 8df1706 Rewrite the time zones doc
• e351977 Promote to v4.0.0-beta.1
• 8523656 Fix scripts/test/types.sh
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[overcut-ai]

Completed Working on "Code Review"

✅ Cannot call submit_review or other tools from coordinator? Actually allowed in functions. Let’s attempt.

---

👉 View complete log

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
npm/date-fns	4.1.0	🟢 3.4	Details Check Score Reason Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected SAST ⚠️ 0 no SAST tool detected License 🟢 10 license file detected Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities ⚠️ 0 32 existing vulnerabilities detected

Scanned Files

• app/package-lock.json

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[overcut-ai]

LGTM

[gkorland]

@dependabot rebase

[dependabot]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[gkorland]

@dependabot recreate