Bump kysely and @inlang/paraglide-js

[dependabot]

Bumps kysely to 0.28.16 and updates ancestor dependency @inlang/paraglide-js. These dependencies need to be updated together.

Updates kysely from 0.27.6 to 0.28.16

Release notes

Sourced from kysely's releases.

0.28.16

Hey 👋

A small batch of bug fixes. Please report any issues. 🤞😰🤞

0.29 is getting closer btw. 🌶️

🚀 Features

🐞 Bugfixes

• fix: FilterObject allows any defined value when query context has no tables (TB is never). by @​igalklebanov in kysely-org/kysely#1791

📖 Documentation

• add socket security badge. by @​igalklebanov in kysely-org/kysely@db646ac
• chore: make socket security badge reflect current specific version. by @​igalklebanov in kysely-org/kysely@5597144
• support multi-entry point tsdoc without index module. by @​igalklebanov in kysely-org/kysely@6998915
• fix broken tsdoc references. by @​igalklebanov in kysely-org/kysely@5a0f14b

📦 CICD & Tooling

• chore(pnpm): add strictDepBuilds: true. by @​igalklebanov in kysely-org/kysely@2301610
• chore: harden dependencies, pnpm. by @​igalklebanov in kysely-org/kysely@f4f1d9e
• chore: re-add ignore-workspace-root-check. by @​igalklebanov in kysely-org/kysely@ab6d00e
• add openssf scorecard. by @​igalklebanov in kysely-org/kysely@521156b
• chore: bump dependencies and github actions. by @​igalklebanov in kysely-org/kysely#1789
• chore: change verifyDepsBeforeRun to "prompt". by @​igalklebanov in kysely-org/kysely@20548bc

⚠️ Breaking Changes

🐤 New Contributors

What's Changed

Full Changelog: kysely-org/kysely@v0.28.15...v0.28.16

0.28.15

Hey 👋

The introduction of dehydration in JSON functions/helpers caused an unexpected bug for consumers that have some columns defined as '${number}', e.g. '1' | '2' (also when wrapped in ColumnType or similar). Such columns, when participating in a JSON function/helper would dehydrate to number instead of staying as string.

Why dehydrate numeric strings to numbers in the first place? Select types in kysely describe the data after underlying driver's (e.g. pg) data transformation. Some drivers transform numeric columns to strings to be safe. When these columns participate in JSON functions, they lose original column data types - drivers don't know they need to transform to string - they return as-is.

This release introduces a special helper type that wraps your column type definition and tells kysely to NOT dehydrate it in JSON functions/helpers.

import type { NonDehydrateable } from 'kysely'
interface Database {
</tr></table>

... (truncated)

Commits

• b4566a1 0.28.16
• 20548bc chore: change verifyDepsBeforeRun to "prompt".
• 5f46cfb fix: FilterObject allows any defined value when query context has no tables...
• e0d0669 chore: bump dependencies and github actions. (#1789)
• 521156b add openssf scorecard.
• 5a0f14b fix broken tsdoc references.
• 6998915 support multi-entry point tsdoc without index module.
• 5597144 chore: make socket security badge reflect current specific version.
• db646ac add socket security badge.
• ab6d00e chore: re-add ignore-workspace-root-check.
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for kysely since your current version.

Updates @inlang/paraglide-js from 2.9.1 to 2.15.3

Changelog

Sourced from @​inlang/paraglide-js's changelog.

2.15.3

Patch Changes

• b10186d: Fix numeric input match inference so generated message typings accept both numeric and string literal forms for values like input=1, matching runtime behavior without relying on broad loose coercion.

2.15.2

Patch Changes

• c716c6d: Fix proxy-aware URL handling in paraglideMiddleware(), shouldRedirect(), and locale extraction by adding an effectiveRequestUrl override for browser-facing URLs behind TLS-terminating proxies and load balancers. Addresses #652.

2.15.1

Patch Changes

• 2e8b5a1: Add markup documentation and message format plugin references to compiled README
• 8964e8b: Update @inlang/sdk to 2.9.1.

2.15.0

Minor Changes

• 862433c: Add toLocale() for case-insensitive locale normalization, make isLocale() strictly match canonical project locales, and return canonical locale values across runtime locale helpers.

  // configured locales: ["fr", "en-US"]
  isLocale("FR"); // false
  toLocale("FR"); // "fr"
  isLocale("en-us"); // false
  toLocale("en-us"); // "en-US"

  Runtime helpers that resolve locales from external input now return canonical project locale values as well.

2.14.1

Patch Changes

• 7d29058: Remove dead JSDoc @import stripping from the runtime generator.
• 46ac447: Upgrade @inlang/sdk to v2.8.0.

2.14.0

Minor Changes

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Looks like these dependencies are up-to-date now, so this is no longer needed.