chore(deps): bump the production-dependencies group across 1 directory with 4 updates

[dependabot]

Bumps the production-dependencies group with 2 updates in the / directory: ash and ash_phoenix.

Updates ash from 3.5.31 to 3.5.34

Release notes

Sourced from ash's releases.

v3.5.34

Bug Fixes:

• Accept nil input for maps and TypedStructs (#2257) by @​FugiTech

• pass actor: nil to ash.get in get_and_lock_for_update (#2256) by Jesse Williams

• add default impl for rewrite/3 & get_rewrites/4 for Ash.Type. (#2251) by @​Torkan

• filter out invalid changeset, before running the bulk before transactions (#2249) by @​barnabasJ

• minor tweaks to usage rules (#2246) by albinkc

• handle updates on union types containing arrays (#2237) by Rutgerdj

Improvements:

• Support through for many to many relationship gen (#2233) by Kenneth Kostrešević

• Update usage-rules.md to include Polymorphic Relationships (#2211) by Gonzalo Muñoz

• filter expression verifier (#2243) by Kenneth Kostrešević

• Introduce extension introspection functions on Ash.*.Info (#2239) by @​maennchen

v3.5.33

Bug Fixes:

• handle nil values properly in atomic changing validations by @​zachdaniel

• Application ER Mermaid Diagram (#2231) by @​maennchen

• clear nil options in typed struct to constraints process by @​zachdaniel

• allow Ash @​global_opts authorize? to accept boolean or nil (#2225) by @​chazwatkins

• Don't require permissions to read actor on non-atomic relate_actor (#2223) by @​chazwatkins

• call underlying stream run instead of public interface by @​zachdaniel

Improvements:

... (truncated)

Changelog

Sourced from ash's changelog.

v3.5.34 (2025-08-07)

Bug Fixes:

• avoid String.to_atom by pre-computing mixed argument name MapSet (#2262) by James Harton

• Accept nil input for maps and TypedStructs (#2257) by @​FugiTech

• pass actor: nil to ash.get in get_and_lock_for_update (#2256) by Jesse Williams

• add default impl for rewrite/3 & get_rewrites/4 for Ash.Type. (#2251) by @​Torkan

• filter out invalid changeset, before running the bulk before transactions (#2249) by @​barnabasJ

• minor tweaks to usage rules (#2246) by albinkc

• handle updates on union types containing arrays (#2237) by Rutgerdj

Improvements:

• Support through for many to many relationship gen (#2233) by Kenneth Kostrešević

• Update usage-rules.md to include Polymorphic Relationships (#2211) by Gonzalo Muñoz

• filter expression verifier (#2243) by Kenneth Kostrešević

• Introduce extension introspection functions on Ash.*.Info (#2239) by Jonatan Männchen

v3.5.33 (2025-07-29)

Bug Fixes:

• handle nil values properly in atomic changing validations by @​zachdaniel

• Application ER Mermaid Diagram (#2231) by @​maennchen

• clear nil options in typed struct to constraints process by @​zachdaniel

• allow Ash @​global_opts authorize? to accept boolean or nil (#2225) by @​chazwatkins

• Don't require permissions to read actor on non-atomic relate_actor (#2223) by @​chazwatkins

• call underlying stream run instead of public interface by @​zachdaniel

... (truncated)

Commits

• c61774d chore: release version v3.5.34
• 839eb7a fix: Accept nil input for maps and TypedStructs (#2257)
• 1c8fe3e docs: Update before_action docs to use force_change_attribute/2 (#2258)
• 591ece5 fix: pass actor: nil to ash.get in get_and_lock_for_update (#2256)
• 8e7eabf fix: add default impl for rewrite/3 & get_rewrites/4 for Ash.Type. (#2251)
• a3cab9e fix: filter out invalid changeset, before running the bulk before transaction...
• e8e7240 fix: minor tweaks to usage rules (#2246)
• caa26df improvement: Support through for many to many relationship gen (#2233)
• f008f68 improvement: Update usage-rules.md to include Polymorphic Relationships (#2211)
• e35d396 improvement: filter expression verifier (#2243)
• Additional commits viewable in compare view

Updates ash_phoenix from 2.3.10 to 2.3.12

Release notes

Sourced from ash_phoenix's releases.

v2.3.12

Bug Fixes:

• fix typo in usage rules (#397) by albinkc

v2.3.11

Improvements:

• Add to_form/2 in usage rules and improve error message when accessing a form without to_form/2 (#390) by Kenneth Kostrešević

Changelog

Sourced from ash_phoenix's changelog.

v2.3.12 (2025-07-29)

Bug Fixes:

• fix typo in usage rules (#397) by albinkc

v2.3.11 (2025-07-17)

Improvements:

• Add to_form/2 in usage rules and improve error message when accessing a form without to_form/2 (#390) by Kenneth Kostrešević

Commits

• dbbd5ca chore: release version v2.3.12
• d2d197d docs: fix example
• 857421d fix: fix typo in usage rules (#397)
• 92df065 fix: Fix edge cases with keyset navigation (#395)
• 41e3d0a docs: Merge pull request #387 from matt-savvy/many-to-many-guide
• 63a1145 chore(deps): bump the production-dependencies group with 2 updates (#394)
• c505a68 Update dependabot schedule to monthly
• ece9a6f Update guide, add prepare_params
• 8048aae Update guide, remove value_is_key reference
• 73a4dc5 Update guide, fix code block
• Additional commits viewable in compare view

Updates phoenix from 1.7.21 to 1.8.0

Changelog

Sourced from phoenix's changelog.

1.8.0 (2025-08-05)

Bug fixes

• [phx.new] Don't include node_modules override in generated tsconfig.json

Enhancements

• [phx.gen.live|html|json] - Make context argument optional. Defaults to the plural name.
• [phx.new] Add mix precommit alias
• [phx.new] Add AGENTS.md generation compatible with usage_rules
• [phx.new] Add usage_rules folder to installer, allowing to sync generic Phoenix rules into new projects
• [phx.new] Use LiveView 1.1 release in generated code
• [phx.new] Ensure theme selector and flash closing works without LiveView

1.8.0-rc.4 (2025-07-14)

Bug Fixes

• Fix phx.gen.presence PubSub server name for umbrella apps
• Fix phx.gen.live subscribing to pubsub in disconnected mounts

Enhancements

• [phx.new] Initialize initial git repo when git is installed
• [phx.new] Opt-in to HEEx :debug_tags_location in development
• [phx.gen.live|html|json|context] Make context name optional and inflect based on schema when missing
• [phx.gen.*] Use new Ecto 3.13 Repo.transact/2 in generators
• [phx.gen.auth] Warn when using phx.gen.auth without esbuild as features assume phoenix_html.js in bundle
• Add security.md guide for security best practices
• [phoenix.js] - Add fetch() support to LongPoll when XMLHTTPRequest is not available
• Optimize parameter scrubbing by precompiling patterns

1.8.0-rc.3 (2025-05-07)

Enhancements

• [phx.gen.auth] Allow configuring the scope's assign key in phx.gen.auth
• [phx.new] Do not override theme in root layout if explicitly set

1.8.0-rc.2 (2025-04-29)

Bug Fixes

• [phx.gen.live] Only subscribe to pubsub if connected
• [phx.gen.auth] Remove unused current_password field
• [phx.gen.auth] Use context_app for scopes to fix generated scopes in umbrella apps

1.8.0-rc.1 (2025-04-16)

Enhancements

• [phx.new] Support PORT in dev
• [phx.gen.auth] Replace utc_now/0 + truncate/1 with utc_now/1
• [phx.gen.auth] Make dev mailbox link more obvious

Bug Fixes

... (truncated)

Commits

• f9d3c8b Release 1.8.0 🚀
• e42b6dd add note to tsconfig.json
• 414c7b4 update changelog
• da83d96 Do not rely on Phoenix.LiveView.JS when using --no-live (#6373)
• 85bfd3a don't include node_modules in tsconfig path mapping (#6392)
• df1daa9 Adds validate_unique: false option to the changeset (#6384)
• 937b6f8 add refute_patched to locals_without_parens (#6374)
• 1425646 split AGENTS.md into small parts (#6385)
• 54e7b17 Add guide for live_view generator customization (#6387)
• 905ec45 final changes for LiveView 1.1 (#6388)
• Additional commits viewable in compare view

Updates phoenix_live_view from 1.1.0-rc.3 to 1.1.3

Changelog

Sourced from phoenix_live_view's changelog.

v1.1.3 (2025-08-05)

Bug fixes

• Fix warning when importing LiveView JS (#3926)
• Ensure form recovery respects fieldsets (#3921)
• LiveViewTest: Fix crasj when submitting a form with custom submitter, but without ID (#3927)
• LiveViewTest: Ensure whitespace in textarea content is preserved when submitting a form (#3928)
• Make hook types less strict (#3913)

Enhancements

• HTMLFormatter: do not try to format attributes into a single line when they are spread over multiple lines. This follows the behavior of the Elixir formatter that also respects newlines.
• Re-enable component change tracking in case the dynamic expression does not have any dependencies, for example: <.my_component some="key" {%{static: "map"}}> (#3936)

v1.1.2 (2025-07-31)

Bug fixes

• Fix invalid component rendering when using dynamic assigns (<.my_component {...}>) in rare circumstances by disabling change tracking. LiveView cannot properly track changes in those cases and this could lead to weird bugs (#3919) that were now more likely to surface with change tracked comprehensions.
• Fix LiveViewTest not considering some LiveViews as main when using live_render (#3917)
• Fix JavaScript type definitions not being considered when using TypeScript in bundler resolution mode (#3915)

v1.1.1 (2025-07-30)

Bug fixes

• Fix key will be overridden in map warning (#3912)

v1.1.0 (2025-07-30) 🚀

Bug fixes

• Ensure nested variable access is properly change tracked in components (#3908)

v1.1.0-rc.4 (2025-07-22)

Enhancements

• Rename debug_tags_location to debug_attributes and add data-phx-pid (#3898)
• Simplify code generated for slots in HEEx when the slot does not contain any dynamic code (#3902)

Bug fixes

• Prevent focus_wrap from focusing the last element instead of the first on Firefox in rare cases (#3895)
• Ensure comprehension entries perform a full render when change tracking is disabled (#3904)

Commits

• 14b13f5 release v1.1.3
• 0457420 Update assets
• c3ed0c7 use PropertyKey in hook type (#3938)
• 09d7470 Keep change tracking if dynamic is empty (#3936)
• 18690a4 update changelog
• 3fb0ced Update assets
• 2eae56b Optimize and unify TreeDOM.all/filter (#3937)
• a879da4 Respect attributes newlines if written as such
• 4d916af Ensure textarea content is not trimmed in TreeDOM (#3935)
• ef3ff26 Ensure list when converting to lazy (#3934)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions