Deps: Bump @reduxjs/toolkit from 2.3.0 to 2.4.0

[dependabot]

Bumps @reduxjs/toolkit from 2.3.0 to 2.4.0.

Release notes

Sourced from @​reduxjs/toolkit's releases.

v2.4.0

This feature release includes multiple tweaks and fixes to RTK Query functionality, additional exported TS types, and drops support for TS versions earlier than 5.0.

Changelog

RTK Query Improvements

Lazy query hooks can now be reset.

retry.fail now accepts meta as a second argument.

Tag invalidation arrays now ignore nullish values.

We did some small internal refactoring around Maps and default values that shrank bundle size slightly.

Bugfixes

Passing skipToken to a query hook now bails out before running any other logic, which fixes cases where serializeQueryArgs previously threw an error because there were no args to process.

The autoBatchEnhancer now reads window.requestAnimationFrame later, which it to work properly with Jest fake timers.

We fixed cases where the hook result isSuccess flag would briefly flicker to false when switched to a different cache entry that was uninitialized, and would briefly flicker to true when refetching a query that previously errored.

The listener middleware previously had inconsistent logic checks for comparing against existing listener entries (effect + type, vs effect only). It now always checks both effect + type.

Additional TS Types

We now export Typed[Query|Mutation]OnQueryStarted helpers to let you define onQueryStarted callbacks outside of createApi if desired.

We also now export a CreateAsyncThunkFunction type that can be used to type userland wrappers around createAsyncThunk.

TS Support Matrix Updates

We've historically tried to maintain TS backwards compatibility as long as possible, and made occasional updates to our TS support matrix in minor versions over time. As of RTK 2.3.0, we officially supported back through TS 4.7.

As of this release, we're tweaking that support policy to match the policy used by DefinitelyTyped:

Definitely Typed only tests packages on versions of TypeScript that are less than 2 years old

Given that, we've dropped official support for TS versions earlier than 5.0. (RTK may work with those versions, but we no longer test against them and won't try to fix issues with those versions.)

We'll continue to update our TS support matrix over time based on that 2-year rolling window.

What's Changed

• add example to reproduce defect of serializeQueryArgs with skipToken by @​Themezv in reduxjs/redux-toolkit#4708
• Read window.rAF later to allow fake timers to work correctly by @​ensconced in reduxjs/redux-toolkit#4701
• Add type helpers for OnQueryStarted callbacks by @​aryaemami59 in reduxjs/redux-toolkit#4713

... (truncated)

Commits

• 3a6ec28 Release 2.4.0
• fdfc3b7 Merge pull request #4735 from reduxjs/upsert-new
• 05a8322 add test for fix
• c65558a Fix listener logic to properly compare combination of effect and predicate/type
• ee22bef Merge pull request #4732 from reduxjs/bugfix/4240-isSuccess
• 98d7753 fix wrong import
• d632dd5 use getOrInsert in RTKQ
• 3bb8486 Simplify listener/dynamic middleware code
• 2ad4bb4 Update to new version of upsert proposal
• 311f31c Keep isSuccess consistent when refetching after an error
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 3e3ca30.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package	Version	Score	Details
npm/@reduxjs/toolkit	2.4.0	🟢 4.3	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 7/11 approved changesets -- score normalized to 6 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy ⚠️ 0 security policy file not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 9 binaries present in source code Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 97 existing vulnerabilities detected
npm/@reduxjs/toolkit	^2.4.0	🟢 4.3	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 6 Found 7/11 approved changesets -- score normalized to 6 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy ⚠️ 0 security policy file not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Binary-Artifacts 🟢 9 binaries present in source code Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities ⚠️ 0 97 existing vulnerabilities detected

Scanned Files

• package-lock.json
• package.json

[github-actions]

Conventional Commits Report

Type	Number
Dependencies	1

🚀 Conventional commits found.