Bump @pdc/sdk from 0.26.1 to 0.34.1

[dependabot]

Bumps @pdc/sdk from 0.26.1 to 0.34.1.

Changelog

Sourced from @​pdc/sdk's changelog.

Changelog for @​pdc/service

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Unreleased

Changed

• The manage permission verb now satisfies any verb check on the scope to which it is granted. A grantee with manage on a given scope no longer needs the other verbs listed alongside it to perform view, create, edit, delete, or reference operations at that scope. Scope matching is unchanged: manage does not grant access to scopes that are not explicitly included in the grant.

0.34.0 2026-04-23

Added

• Add extension support in phone number validation.
• Add changelog to documents that auto-publish to WordPress.
• GET /funders now supports the isCollaborative query parameter to filter funders by their collaborative status.
• Added a new reference verb to the permission grant verb set. Reference is intended to gate whether a user may cite an entity as a pointer in data they are creating, separate from view (which only grants read access) and create (which grants the ability to author new instances of an entity type).

Changed

• All ID fields in the OpenAPI specification now reference a shared id schema with constraints (minimum: 1, maximum: 2147483647) instead of using bare integer types.
• GET /sources and GET /sources/:sourceId now filter results by view | source permission; sources are no longer universally visible to authenticated users.
• Source creation now requires create | source scope (previously required edit | funder, edit | changemaker, or edit | dataProvider). Existing permission grants with the parent entity's scope have been migrated to also include source scope, and new create | source grants have been created for users who previously had edit verb on the parent entity.
• POST /proposalVersions, POST /tasks/bulkUploads, and POST /changemakerFieldValueBatches now require a reference | source grant on the supplied source. Grants can be made directly on the source or inherited from the source's funder, changemaker, or data provider. This is a breaking change: previous behavior allowed any authenticated user to supply any source, so existing users will need new reference | source grants before they can use these endpoints.

Fixed

• baseFieldShortCode path parameters in base field localization endpoints were incorrectly typed as integer instead of shortCode.

0.33.0 2026-04-14

Added

• Added createdBy field to funders, sources, opportunities, changemakers, and data providers.
• BaseField can now be of type date and date_time.
• GET /changemakers now supports the _content query parameter to search changemakers by name using full-text search.
• Proposals now include a changemakers array containing shallow changemaker data for all associated changemakers.
• Permission grants now support optional conditions that restrict which entities the grant applies to based on entity data. The initial implementation supports filtering proposalFieldValue scope by baseFieldCategory using the in operator.
• Permission grants can now be updated via PUT /permissionGrants/:permissionGrantId. All mutable fields are replaced with the provided values.

Changed

• Permission grants for users no longer require the user to exist in the PDC database. Grants can now reference any Keycloak user UUID, matching the existing behavior for user group grants.
• ProposalVersion creation now requires edit | proposal scope (checked via has_proposal_permission) instead of edit | funder scope. Existing funder permission grants with edit verb and funder scope have been migrated to also include proposal scope.
• Opportunity creation now requires create | opportunity scope on funder permission grants (previously edit | funder).
• Viewing opportunities, application forms, application form fields, and bulk upload tasks now uses opportunity scope instead of funder scope.

... (truncated)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​pdc/sdk since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[bickelj]

Doing it manually in #261

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.