fix(deps): update dependency dotenv to v17 (#1474)

This PR contains the following updates:

| Package | Change | Age | Confidence |
|---|---|---|---|
| [dotenv](https://redirect.github.com/motdotla/dotenv) | [`16.5.0` ->
`17.1.0`](https://renovatebot.com/diffs/npm/dotenv/16.5.0/17.1.0) |
[![age](https://developer.mend.io/api/mc/badges/age/npm/dotenv/17.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/dotenv/16.5.0/17.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>motdotla/dotenv (dotenv)</summary>

###
[`v17.1.0`](https://redirect.github.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1710-2025-07-07)

[Compare
Source](https://redirect.github.com/motdotla/dotenv/compare/v17.0.1...v17.1.0)

##### Added

- Add additional security and configuration tips to the runtime log
([#&#8203;884](https://redirect.github.com/motdotla/dotenv/pull/884))
- Dim the tips text from the main injection information text

```js
const TIPS = [
  '🔐 encrypt with dotenvx: https://dotenvx.com',
  '🔐 prevent committing .env to code: https://dotenvx.com/precommit',
  '🔐 prevent building .env in docker: https://dotenvx.com/prebuild',
  '🛠️  run anywhere with `dotenvx run -- yourcommand`',
  '⚙️  specify custom .env file path with { path: \'/custom/path/.env\' }',
  '⚙️  enable debug logging with { debug: true }',
  '⚙️  override existing env vars with { override: true }',
  '⚙️  suppress all logs with { quiet: true }',
  '⚙️  write to custom object with { processEnv: myObject }',
  '⚙️  load multiple .env files with { path: [\'.env.local\', \'.env\'] }'
]
```

###
[`v17.0.1`](https://redirect.github.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1701-2025-07-01)

[Compare
Source](https://redirect.github.com/motdotla/dotenv/compare/v17.0.0...v17.0.1)

##### Changed

- Patched injected log to count only populated/set keys to process.env
([#&#8203;879](https://redirect.github.com/motdotla/dotenv/pull/879))

###
[`v17.0.0`](https://redirect.github.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1700-2025-06-27)

[Compare
Source](https://redirect.github.com/motdotla/dotenv/compare/v16.6.1...v17.0.0)

##### Changed

- Default `quiet` to false - informational (file and keys count) runtime
log message shows by default
([#&#8203;875](https://redirect.github.com/motdotla/dotenv/pull/874))

###
[`v16.6.1`](https://redirect.github.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1661-2025-06-27)

[Compare
Source](https://redirect.github.com/motdotla/dotenv/compare/v16.6.0...v16.6.1)

##### Changed

- Default `quiet` to true – hiding the runtime log message
([#&#8203;874](https://redirect.github.com/motdotla/dotenv/pull/874))
- NOTICE: 17.0.0 will be released with quiet defaulting to false. Use
`config({ quiet: true })` to suppress.
- And check out the new
[dotenvx](https://redirect.github.com/dotenvx/dotenvx). As coding
workflows evolve and agents increasingly handle secrets, encrypted .env
files offer a much safer way to deploy both agents and code together
with secure secrets. Simply switch `require('dotenv').config()` for
`require('@&#8203;dotenvx/dotenvx').config()`.

###
[`v16.6.0`](https://redirect.github.com/motdotla/dotenv/blob/HEAD/CHANGELOG.md#1660-2025-06-26)

[Compare
Source](https://redirect.github.com/motdotla/dotenv/compare/v16.5.0...v16.6.0)

##### Added

- Default log helpful message `[dotenv@16.6.0] injecting env (1) from
.env`
([#&#8203;870](https://redirect.github.com/motdotla/dotenv/pull/870))
- Use `{ quiet: true }` to suppress
- Aligns dotenv more closely with
[dotenvx](https://redirect.github.com/dotenvx/dotenvx).

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/unraid/api).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xNy4yIiwidXBkYXRlZEluVmVyIjoiNDEuMjMuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

api/package.json

@@ -98,7 +98,7 @@
         "cross-fetch": "4.1.0",
         "diff": "8.0.2",
         "dockerode": "4.0.7",
-        "dotenv": "16.5.0",
+        "dotenv": "17.1.0",
         "execa": "9.6.0",
         "exit-hook": "4.0.0",
         "fastify": "5.4.0",

pnpm-lock.yaml

@@ -169,8 +169,8 @@ importers:
         specifier: 4.0.7
         version: 4.0.7
       dotenv:
-        specifier: 16.5.0
-        version: 16.5.0
+        specifier: 17.1.0
+        version: 17.1.0
       execa:
         specifier: 9.6.0
         version: 9.6.0
@@ -6653,6 +6653,10 @@ packages:
     resolution: {integrity: sha512-m/C+AwOAr9/W1UOIZUo232ejMNnJAJtYQjUbHoNTBNTJSvqzzDh7vnrei3o3r3m9blf6ZoDkvcw0VmozNRFJxg==}
     engines: {node: '>=12'}
 
+  dotenv@17.1.0:
+    resolution: {integrity: sha512-tG9VUTJTuju6GcXgbdsOuRhupE8cb4mRgY5JLRCh4MtGoVo3/gfGUtOMwmProM6d0ba2mCFvv+WrpYJV6qgJXQ==}
+    engines: {node: '>=12'}
+
   dotgitignore@2.1.0:
     resolution: {integrity: sha512-sCm11ak2oY6DglEPpCB8TixLjWAxd3kJTs6UIcSasNYxXdFPV+YKlye92c8H4kKFqV5qYMIh7d+cYecEg0dIkA==}
     engines: {node: '>=6'}
@@ -19316,6 +19320,8 @@ snapshots:
 
   dotenv@16.5.0: {}
 
+  dotenv@17.1.0: {}
+
   dotgitignore@2.1.0:
     dependencies:
       find-up: 3.0.0