{"id":4126,"name":"bandit","ecosystem":"hex","repository_url":"https://github.com/mtrudel/bandit","issues_count":218,"created_at":"2025-06-06T16:30:19.626Z","updated_at":"2025-06-06T16:30:19.626Z","purl":"pkg:hex/bandit","metadata":{"id":3493042,"name":"bandit","ecosystem":"hex","description":"A pure-Elixir HTTP server built for Plug \u0026 WebSock apps","homepage":null,"licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/mtrudel/bandit","keywords_array":[],"namespace":null,"versions_count":109,"first_release_published_at":"2020-11-05T17:11:46.452Z","latest_release_published_at":"2025-05-29T16:57:22.358Z","latest_release_number":"1.7.0","last_synced_at":"2025-06-03T20:19:04.774Z","created_at":"2022-04-10T19:14:18.300Z","updated_at":"2025-06-03T20:19:06.521Z","registry_url":"https://hex.pm/packages/bandit/","install_command":"mix hex.package fetch bandit ","documentation_url":"http://hexdocs.pm/bandit/","metadata":{},"repo_metadata":{"uuid":"220852206","full_name":"mtrudel/bandit","owner":"mtrudel","description":"Bandit is a pure Elixir HTTP server for Plug \u0026 WebSock applications","archived":false,"fork":false,"pushed_at":"2023-12-18T20:01:18.000Z","size":9261,"stargazers_count":1345,"open_issues_count":4,"forks_count":63,"subscribers_count":23,"default_branch":"main","last_synced_at":"2023-12-19T03:06:20.497Z","etag":null,"topics":["elixir","elixir-phoenix","elixir-plug","h2spec","http","http-server","http2","http2-server","https","rfc-2616","rfc-6455","rfc-7540","rfc-9110","rfc-9112","rfc-9113","websocket"],"latest_commit_sha":null,"homepage":"","language":"Elixir","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mtrudel.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null}},"created_at":"2019-11-10T21:14:23.000Z","updated_at":"2023-12-18T14:11:44.000Z","dependencies_parsed_at":"2023-10-19T23:09:27.992Z","dependency_job_id":null,"html_url":"https://github.com/mtrudel/bandit","commit_stats":{"total_commits":437,"total_committers":13,"mean_commits":33.61538461538461,"dds":0.08924485125858128,"last_synced_commit":"959b6fe5a7dd376919067de415a26ccadca8014a"},"previous_names":[],"tags_count":78,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mtrudel","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":176989046,"owners_count":10478193,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"mtrudel","name":"Mat Trudel","uuid":"79646","kind":"user","description":"","email":"","website":"http://mat.geeky.net","location":"Toronto","twitter":"mattrudel","company":"@pagerduty","icon_url":"https://avatars.githubusercontent.com/u/79646?v=4","repositories_count":91,"last_synced_at":"2023-04-10T15:42:28.886Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/mtrudel","created_at":"2022-11-02T16:48:50.344Z","updated_at":"2023-04-10T15:42:29.172Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mtrudel","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mtrudel/repositories"},"tags":[{"name":"1.0.0","sha":"124d697c3c604aca9122332a4ea789561b925f2e","kind":"commit","published_at":"2023-10-19T20:27:10.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0/manifests"},{"name":"1.0.0-pre.18","sha":"f494b5dfe44633ec15d7b080dcf3d111931e1cbe","kind":"commit","published_at":"2023-10-10T19:20:07.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.18","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.18","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.18","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.18/manifests"},{"name":"1.0.0-pre.17","sha":"d14348ee4389702f57b8263ae240a050ec720abe","kind":"commit","published_at":"2023-10-09T13:55:07.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.17","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.17","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.17","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.17/manifests"},{"name":"1.0.0-pre.16","sha":"867600632a4c3c8992caa11f20409903d41b2e94","kind":"commit","published_at":"2023-09-19T00:25:00.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.16","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.16","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.16/manifests"},{"name":"1.0.0-pre.15","sha":"de175959d5f62293b9e923f85847e1cf0e24e2dd","kind":"commit","published_at":"2023-09-09T14:58:38.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.15","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.15","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.15/manifests"},{"name":"1.0.0-pre.14","sha":"bee440562781631b68a6dfca7d80d110435768ff","kind":"commit","published_at":"2023-08-29T00:21:45.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.14","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.14","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.14/manifests"},{"name":"1.0.0-pre.13","sha":"b27d4416fe2aed37b4baff2cd95fe680f56a8427","kind":"commit","published_at":"2023-08-15T19:24:37.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.13","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.13","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.13/manifests"},{"name":"1.0.0-pre.12","sha":"b1f6d9889dc38ecea790e14929f895972e5b2935","kind":"commit","published_at":"2023-08-12T18:22:26.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.12","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.12","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.12/manifests"},{"name":"1.0.0-pre.11","sha":"6dd07138a3c987c43ab479d9160af6359730dffd","kind":"commit","published_at":"2023-08-11T15:04:04.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.11","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.11/manifests"},{"name":"1.0.0-pre.10","sha":"62f4702056ef0b07ef7a2d486f74ff938c478d70","kind":"commit","published_at":"2023-06-28T16:14:29.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.10","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.10/manifests"},{"name":"1.0.0-pre.9","sha":"d1629fe5a84d48b07377e6df289fc4223a28fbaf","kind":"commit","published_at":"2023-06-16T17:59:35.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.9","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.9/manifests"},{"name":"1.0.0-pre.8","sha":"80ec831cb15a911f0ae02756fb2eb2424574cdcb","kind":"commit","published_at":"2023-06-15T12:54:44.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.8","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.8/manifests"},{"name":"1.0.0-pre.7","sha":"5e21d995086568a1b32099f44e58f8fafef92724","kind":"commit","published_at":"2023-06-14T18:29:02.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.7","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.7/manifests"},{"name":"1.0.0-pre.6","sha":"898e47294912fb84a47fd0533d96c35b081c67ed","kind":"commit","published_at":"2023-06-08T14:44:26.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.6","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.6/manifests"},{"name":"1.0.0-pre.5","sha":"8204ce8cb02a2e6b9d217a92400fc50339997c79","kind":"commit","published_at":"2023-06-02T15:18:57.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.5","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.5/manifests"},{"name":"1.0.0-pre.4","sha":"b6089510f56a6812f4bf6ec2bc6eb7a483853de8","kind":"commit","published_at":"2023-05-23T21:27:10.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.4","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.4/manifests"},{"name":"1.0.0-pre.3","sha":"73c46b9c5b91153f2f1b866e60fb0eff74962ac2","kind":"commit","published_at":"2023-05-03T18:31:28.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.3","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.3/manifests"},{"name":"1.0.0-pre.2","sha":"be2eae4c2be4baae8f6bdecb4728490d6026251f","kind":"commit","published_at":"2023-04-24T19:38:13.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.2","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.2/manifests"},{"name":"1.0.0-pre.1","sha":"a25cf736989b4ab9f2c6866fffb5dc958addb6ed","kind":"commit","published_at":"2023-04-21T08:36:28.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/1.0.0-pre.1","html_url":"https://github.com/mtrudel/bandit/releases/tag/1.0.0-pre.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/1.0.0-pre.1/manifests"},{"name":"0.7.7","sha":"edb6d0c46891b0025b1c812abe4754a259a43164","kind":"commit","published_at":"2023-04-11T14:28:46.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.7.7","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.7.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.7/manifests"},{"name":"0.7.6","sha":"5b9c9164d8fc6f62488298e5fb41f4098cef50b2","kind":"commit","published_at":"2023-04-09T16:33:09.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.7.6","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.7.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.6/manifests"},{"name":"0.7.5","sha":"585a92f26c18f119dd91599e325eea1a76057ad0","kind":"commit","published_at":"2023-04-04T16:15:23.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.7.5","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.7.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.5/manifests"},{"name":"0.7.4","sha":"171a42aedd8b5519e7d38b3d6fd5fe2826802e5f","kind":"commit","published_at":"2023-03-27T23:05:04.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.7.4","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.7.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.4/manifests"},{"name":"0.7.3","sha":"959b6fe5a7dd376919067de415a26ccadca8014a","kind":"commit","published_at":"2023-03-20T14:52:04.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.7.3","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.7.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.3/manifests"},{"name":"0.7.2","sha":"8c9b3cd1dff486a8826564abff17a70d44a9f653","kind":"commit","published_at":"2023-03-18T20:06:19.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.7.2","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.7.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.2/manifests"},{"name":"0.7.1","sha":"20f54a678ffecc0be252db7e51aabba095ed59c7","kind":"commit","published_at":"2023-03-17T18:01:49.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.7.1","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.1/manifests"},{"name":"0.7.0","sha":"0f28b7e0de14bf1c9f7ecbc3cb48f723abeec9a5","kind":"commit","published_at":"2023-03-17T14:37:03.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.7.0","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.7.0/manifests"},{"name":"0.6.11","sha":"61561b41e74921dab167bb3ccd51cd3509b957af","kind":"commit","published_at":"2023-03-17T14:08:06.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.6.11","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.6.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.11/manifests"},{"name":"0.6.10","sha":"34479abb1d0cf9a8e2e963155b9b5274adb03869","kind":"commit","published_at":"2023-03-10T16:59:58.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.6.10","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.6.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.10/manifests"},{"name":"0.6.9","sha":"daf32fd1bbde4e6239301e0cc105c114f199711d","kind":"commit","published_at":"2023-02-20T21:32:08.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.6.9","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.6.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.9/manifests"},{"name":"0.6.8","sha":"b141a4e1b86d20c9cd7aaf0b1dade1b5f384bb34","kind":"commit","published_at":"2023-01-31T14:18:22.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.6.8","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.6.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.8/manifests"},{"name":"0.6.7","sha":"7d781633bc6340da6ae883bddade8766c58e6431","kind":"commit","published_at":"2023-01-17T20:55:57.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.6.7","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.6.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.7/manifests"},{"name":"0.6.6","sha":"e2ef99fbbb60ef33e1d879ad6e3e138bcfdd0f6b","kind":"commit","published_at":"2023-01-11T16:21:11.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.6.6","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.6.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.6/manifests"},{"name":"0.6.5","sha":"09f7068ac5f598fd77a16674b6061b28fe1f58cc","kind":"commit","published_at":"2023-01-10T16:18:30.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.6.5","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.6.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.5/manifests"},{"name":"0.6.4","sha":"8e765e95f4bc132158e26ce0ded4b08a01e36cde","kind":"commit","published_at":"2022-12-23T18:26:00.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.6.4","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.6.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.4/manifests"},{"name":"0.6.3","sha":"0868798a23012df09ac54d9c7fdfb92487ea9517","kind":"commit","published_at":"2022-12-09T00:24:24.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.6.3","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.6.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.3/manifests"},{"name":"0.6.2","sha":"6a3bc81aa389139552d83bc9d71dd58cdb5319dc","kind":"commit","published_at":"2022-11-25T17:18:05.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.6.2","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.6.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.2/manifests"},{"name":"0.6.1","sha":"3bc8f468086611c61ce8dd7ff797e86b1266f73a","kind":"commit","published_at":"2022-11-21T21:58:56.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.6.1","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.1/manifests"},{"name":"0.6.0","sha":"e197c791f440ec3519e4d6a6f123dca8505602fd","kind":"commit","published_at":"2022-11-15T00:50:38.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.6.0","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.6.0/manifests"},{"name":"0.5.11","sha":"68e7f771f474d7255d301f28b8a687743ad314b6","kind":"commit","published_at":"2022-11-04T19:55:04.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.5.11","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.5.11","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.11/manifests"},{"name":"0.5.10","sha":"62821b28b79c03707ff8af2e92ed275f27d183a6","kind":"commit","published_at":"2022-11-04T14:09:10.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.5.10","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.5.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.10/manifests"},{"name":"0.5.9","sha":"81f0928ec9e92bc70354015435896f03393b1c05","kind":"commit","published_at":"2022-11-03T17:59:51.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.5.9","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.5.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.9/manifests"},{"name":"0.5.8","sha":"8968834cea815c31df6aaa6919e0a4f103b2418d","kind":"commit","published_at":"2022-11-02T15:21:29.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.5.8","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.5.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.8/manifests"},{"name":"0.5.7","sha":"852e72ca9d1f3f393fff1948a50a2ddcff8fd166","kind":"commit","published_at":"2022-11-01T19:49:46.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.5.7","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.5.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.7/manifests"},{"name":"0.5.6","sha":"c06b6c8f8def9ab42fa3dcbb14ec3db160d563aa","kind":"commit","published_at":"2022-09-28T21:13:21.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.5.6","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.5.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.6/manifests"},{"name":"0.5.5","sha":"3a7ff069898862b1829c7aad5e8672e48c845a20","kind":"commit","published_at":"2022-09-24T16:10:13.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.5.5","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.5.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.5/manifests"},{"name":"0.5.4","sha":"43c132a6f0bb5dd601c21a959e28cc0d3d6c68ce","kind":"commit","published_at":"2022-09-23T16:03:19.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.5.4","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.5.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.4/manifests"},{"name":"0.5.3","sha":"3b54616b03a17e2fc75117914e1fbf3112ed3b84","kind":"commit","published_at":"2022-09-22T16:02:04.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.5.3","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.5.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.3/manifests"},{"name":"0.5.2","sha":"a6534abc8ae95b6a420865118a450e2321372499","kind":"commit","published_at":"2022-09-21T20:41:47.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.5.2","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.2/manifests"},{"name":"0.5.1","sha":"8029d15762c3658b504913d39aa91ba23091171c","kind":"commit","published_at":"2022-09-20T01:45:36.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.5.1","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.1/manifests"},{"name":"0.5.0","sha":"102adfd56bd4aacd39469a5582104377618abc9f","kind":"commit","published_at":"2022-05-04T00:09:11.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.5.0","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.5.0/manifests"},{"name":"0.4.10","sha":"556fd62282fbea82d347915a23d9948c87f8d8ed","kind":"commit","published_at":"2022-04-17T14:48:50.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.4.10","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.4.10","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.10/manifests"},{"name":"0.4.9","sha":"27c912009f1308840f51337dcb57d1b50c565f59","kind":"commit","published_at":"2022-04-14T20:48:05.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.4.9","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.4.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.9/manifests"},{"name":"0.4.8","sha":"ad91976aebff20f2ffd2aa8bcf00f8709d6bdc25","kind":"commit","published_at":"2022-04-14T20:16:00.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.4.8","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.4.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.8/manifests"},{"name":"0.4.7","sha":"c04edc69bfd9b47e136e43f1606214c104cac8fc","kind":"commit","published_at":"2022-03-05T20:16:50.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.4.7","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.4.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.7/manifests"},{"name":"0.4.6","sha":"5160f9ab46a6d0aa43be3c4893be09a9c9e3c33c","kind":"commit","published_at":"2022-03-03T17:21:02.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.4.6","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.4.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.6/manifests"},{"name":"0.4.5","sha":"9b1e0f66637a16fb18921bb29b6b577938b4eb07","kind":"commit","published_at":"2021-11-17T02:37:18.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.4.5","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.4.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.5/manifests"},{"name":"0.4.4","sha":"7522f44397df61eff718be2383b1f53c2da22de7","kind":"commit","published_at":"2021-10-26T17:46:10.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.4.4","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.4.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.4/manifests"},{"name":"0.4.3","sha":"c7f58ac3a9c5f43f06a3d0d769ebf5cdf4d4bbec","kind":"commit","published_at":"2021-10-12T23:41:17.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.4.3","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.3/manifests"},{"name":"0.4.2","sha":"ead4c66a15abb0a9e07f4b1818eb2e88e02f8a04","kind":"commit","published_at":"2021-10-11T21:18:41.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.4.2","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.2/manifests"},{"name":"0.4.1","sha":"769d81cadbeaa442ab8ec46c435735cd472e0761","kind":"commit","published_at":"2021-09-27T19:13:08.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.4.1","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.1/manifests"},{"name":"0.4.0","sha":"e968d60a4fc30ba67d9ac0c662396ef2f3fbc4fa","kind":"commit","published_at":"2021-09-27T15:47:49.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.4.0","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.4.0/manifests"},{"name":"0.3.9","sha":"ba50e09d345f5fc3d910aa3e7abb9a1b266d7a37","kind":"commit","published_at":"2021-09-25T21:54:59.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.3.9","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.3.9","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.9/manifests"},{"name":"0.3.8","sha":"39be44a6b09489c6c4f1e0d04d0356298dbdcc3c","kind":"commit","published_at":"2021-09-25T00:52:35.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.3.8","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.3.8","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.8/manifests"},{"name":"0.3.7","sha":"4d7d05a2d7091adfabddc706be1f467c0372ac15","kind":"commit","published_at":"2021-09-24T13:09:18.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.3.7","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.3.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.7/manifests"},{"name":"0.3.6","sha":"3d4da2f7b0415f426bbb972ef0465a479043c6c2","kind":"commit","published_at":"2021-09-18T18:09:17.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.3.6","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.3.6","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.6/manifests"},{"name":"0.3.5","sha":"f1976e96be5afedb0ae7920301b7b8047b4703d1","kind":"commit","published_at":"2021-09-15T21:06:55.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.3.5","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.3.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.5/manifests"},{"name":"0.3.4","sha":"5a9095a093f785391dd8588cda6b5719129f1827","kind":"commit","published_at":"2021-09-13T15:05:33.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.3.4","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.3.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.4/manifests"},{"name":"0.3.3","sha":"2f948eba00c0fb7f35ebbe31650c66b3f0728f9c","kind":"commit","published_at":"2021-06-29T21:56:20.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.3.3","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.3/manifests"},{"name":"0.3.2","sha":"caf83186074af58bbc3b835d5639106f9ad8ea23","kind":"commit","published_at":"2021-06-24T20:54:58.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.3.2","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.2/manifests"},{"name":"0.3.1","sha":"37c7f4490cefdcb0f8909afa10f9c8dd33d0a337","kind":"commit","published_at":"2021-06-06T19:30:47.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.3.1","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.1/manifests"},{"name":"0.3.0","sha":"053f6adbee889c3a0cfbd35897f4fad52eb6d66a","kind":"commit","published_at":"2021-06-03T13:54:49.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.3.0","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.3.0/manifests"},{"name":"0.2.3","sha":"40e42f8558e637d8a5ed223435f6b7834430ea72","kind":"commit","published_at":"2021-05-09T20:43:42.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.2.3","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.2.3/manifests"},{"name":"0.2.2","sha":"ecbe4e5a65d3c1644c3651b78a218914547b6445","kind":"commit","published_at":"2021-04-30T13:22:42.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.2.2","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.2.2/manifests"},{"name":"0.2.1","sha":"c2b59267b2a6d430cdced3c349f8db51622376c7","kind":"commit","published_at":"2021-04-29T19:23:22.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.2.1","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.2.1/manifests"},{"name":"0.2.0","sha":"3309bc0384cde6f38d9eb57b3f8782c856a7d518","kind":"commit","published_at":"2021-04-26T01:13:52.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.2.0","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.2.0/manifests"},{"name":"0.1.1","sha":"3f1702542f3b6d139143e903c4c79be6aeeefbc2","kind":"commit","published_at":"2020-11-08T15:48:04.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.1.1","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.1.1/manifests"},{"name":"0.1.0","sha":"4c80fc838640c4dae4743a61494981c57d6eef00","kind":"commit","published_at":"2020-11-05T17:11:08.000Z","download_url":"https://codeload.github.com/mtrudel/bandit/tar.gz/0.1.0","html_url":"https://github.com/mtrudel/bandit/releases/tag/0.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mtrudel%2Fbandit/tags/0.1.0/manifests"}]},"repo_metadata_updated_at":"2023-12-19T07:55:28.573Z","dependent_packages_count":28,"downloads":5396079,"downloads_period":"total","dependent_repos_count":67,"rankings":{"downloads":7.565613283342261,"dependent_repos_count":2.0085698982324587,"dependent_packages_count":3.307445099089448,"stargazers_count":0.6695232994108195,"forks_count":3.24871056333311,"docker_downloads_count":null,"average":3.359972428681619},"purl":"pkg:hex/bandit","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/hex/bandit","docker_dependents_count":1,"docker_downloads_count":229927,"usage_url":"https://repos.ecosyste.ms/usage/hex/bandit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/hex/bandit/dependencies","status":null,"funding_links":[],"critical":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/hex.pm/packages/bandit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/hex.pm/packages/bandit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/hex.pm/packages/bandit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/hex.pm/packages/bandit/related_packages","maintainers":[{"uuid":"mtrudel","login":"mtrudel","name":null,"email":"mat@geeky.net","url":null,"packages_count":12,"html_url":"https://hex.pm/users/mtrudel","role":null,"created_at":"2022-11-08T09:13:11.853Z","updated_at":"2022-11-08T09:13:11.853Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/hex.pm/maintainers/mtrudel/packages"}],"registry":{"name":"hex.pm","url":"https://hex.pm","ecosystem":"hex","default":true,"packages_count":18018,"maintainers_count":6815,"namespaces_count":0,"keywords_count":6092,"github":"hexpm","metadata":{"funded_packages_count":1266},"icon_url":"https://github.com/hexpm.png","created_at":"2022-04-04T15:19:23.014Z","updated_at":"2025-06-06T05:59:50.043Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/hex.pm/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/hex.pm/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/hex.pm/namespaces"}},"unique_repositories_count":100,"unique_repositories_count_past_30_days":9,"recent_issues":[{"uuid":"4465641880","node_id":"PR_kwDONKjU8M7ceZeT","number":64,"state":"open","title":"deps(deps): bump bandit from 1.10.4 to 1.11.1","user":"dependabot[bot]","labels":[],"assignees":["mithenji"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-18T01:29:12.000Z","updated_at":"2026-05-18T01:29:13.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps)","packages":[{"name":"bandit","old_version":"1.10.4","new_version":"1.11.1","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.10.4 to 1.11.1.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.1 (13 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove handling of large chunked request bodies (CVE-2026-39803, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of request trailers (CVE-2026-39806, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWe no longer disallow \u003ccode\u003e.\u003c/code\u003e and \u003ccode\u003e..\u003c/code\u003e path components in HTTP/2 absolute paths (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/40a1b8fc924694a0125bbaa7fee101fa43feeb52\"\u003e\u003ccode\u003e40a1b8f\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/37b84cfd7f26dd3b9043d2c2d31be47d86ffa8e0\"\u003e\u003ccode\u003e37b84cf\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.1 to 0.40.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/583\"\u003e#583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8ff60784addd623c0a752b700d52edbaba107dd6\"\u003e\u003ccode\u003e8ff6078\u003c/code\u003e\u003c/a\u003e Bump telemetry from 1.4.1 to 1.4.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/584\"\u003e#584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ae3520dfdbfab115c638f8c7f6f6b805db34e1ab\"\u003e\u003ccode\u003eae3520d\u003c/code\u003e\u003c/a\u003e Improve chunk handling (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0f56e10ed194faad75abcbc8b221988568ccbf15\"\u003e\u003ccode\u003e0f56e10\u003c/code\u003e\u003c/a\u003e Stop handling . and .. paths specially (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.4...1.11.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit\u0026package-manager=hex\u0026previous-version=1.10.4\u0026new-version=1.11.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mithenji/mithenji.me/pull/64","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mithenji%2Fmithenji.me/issues/64","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/64/packages"},{"uuid":"4464957238","node_id":"PR_kwDOSZz7r87ccThz","number":5,"state":"closed","title":"Bump the minor-updates group with 3 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-24T21:14:55.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-17T21:14:52.000Z","updated_at":"2026-05-24T21:14:57.000Z","time_to_close":604803,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"minor-updates","update_count":3,"packages":[{"name":"ash","old_version":"3.24.7","new_version":"3.25.0","repository_url":"https://github.com/ash-project/ash"},{"name":"bandit","old_version":"1.11.0","new_version":"1.11.1","repository_url":"https://github.com/mtrudel/bandit"},{"name":"postgrex","old_version":"0.22.1","new_version":"0.22.2","repository_url":"https://github.com/elixir-ecto/postgrex"}],"path":null,"ecosystem":"hex"},"body":"Bumps the minor-updates group with 3 updates: [ash](https://github.com/ash-project/ash), [bandit](https://github.com/mtrudel/bandit) and [postgrex](https://github.com/elixir-ecto/postgrex).\n\nUpdates `ash` from 3.24.7 to 3.25.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ash-project/ash/releases\"\u003eash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.25.0\u003c/h2\u003e\n\u003ch3\u003eFeatures:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eadd filtering and sorting to manifest (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2704\"\u003e#2704\u003c/a\u003e) by \u003ca href=\"https://github.com/Torkan\"\u003e\u003ccode\u003e@​Torkan\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2704\"\u003e#2704\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2704\"\u003eash-project/ash#2704\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003eAsh.Info.manifest\u003c/code\u003e for code generation basis (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2703\"\u003e#2703\u003c/a\u003e) by \u003ca href=\"https://github.com/Torkan\"\u003e\u003ccode\u003e@​Torkan\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2703\"\u003e#2703\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2703\"\u003eash-project/ash#2703\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003emanifest: pass real resource to data_layer.functions/1 (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2706\"\u003e#2706\u003c/a\u003e) by \u003ca href=\"https://github.com/Torkan\"\u003e\u003ccode\u003e@​Torkan\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2706\"\u003e#2706\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2706\"\u003eash-project/ash#2706\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eManual relationships select missing (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2700\"\u003e#2700\u003c/a\u003e) by Kenneth Kostrešević [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2700\"\u003e#2700\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2700\"\u003eash-project/ash#2700\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eadd query context to bulk destroy (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2699\"\u003e#2699\u003c/a\u003e) by danielatdpg [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2699\"\u003e#2699\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2699\"\u003eash-project/ash#2699\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eadd code interface validation hint for options (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2697\"\u003e#2697\u003c/a\u003e) by febarnett3 [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2697\"\u003e#2697\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2697\"\u003eash-project/ash#2697\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003epreserve all errors in Required dedupe accumulator (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2692\"\u003e#2692\u003c/a\u003e) by sevenseacat [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2692\"\u003e#2692\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2692\"\u003eash-project/ash#2692\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esupport filter checks on create actions by \u003ca href=\"https://github.com/zachdaniel\"\u003e\u003ccode\u003e@​zachdaniel\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ash-project/ash/blob/main/CHANGELOG.md\"\u003eash's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ash-project/ash/compare/v3.24.7...v3.25.0\"\u003ev3.25.0\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eFeatures:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eadd filtering and sorting to manifest (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2704\"\u003e#2704\u003c/a\u003e) by \u003ca href=\"https://github.com/Torkan\"\u003e\u003ccode\u003e@​Torkan\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2704\"\u003e#2704\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2704\"\u003eash-project/ash#2704\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003eAsh.Info.manifest\u003c/code\u003e for code generation basis (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2703\"\u003e#2703\u003c/a\u003e) by \u003ca href=\"https://github.com/Torkan\"\u003e\u003ccode\u003e@​Torkan\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2703\"\u003e#2703\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2703\"\u003eash-project/ash#2703\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003emanifest: pass real resource to data_layer.functions/1 (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2706\"\u003e#2706\u003c/a\u003e) by \u003ca href=\"https://github.com/Torkan\"\u003e\u003ccode\u003e@​Torkan\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2706\"\u003e#2706\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2706\"\u003eash-project/ash#2706\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eManual relationships select missing (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2700\"\u003e#2700\u003c/a\u003e) by Kenneth Kostrešević [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2700\"\u003e#2700\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2700\"\u003eash-project/ash#2700\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eadd query context to bulk destroy (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2699\"\u003e#2699\u003c/a\u003e) by danielatdpg [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2699\"\u003e#2699\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2699\"\u003eash-project/ash#2699\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eadd code interface validation hint for options (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2697\"\u003e#2697\u003c/a\u003e) by febarnett3 [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2697\"\u003e#2697\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2697\"\u003eash-project/ash#2697\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003epreserve all errors in Required dedupe accumulator (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2692\"\u003e#2692\u003c/a\u003e) by sevenseacat [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2692\"\u003e#2692\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2692\"\u003eash-project/ash#2692\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esupport filter checks on create actions by \u003ca href=\"https://github.com/zachdaniel\"\u003e\u003ccode\u003e@​zachdaniel\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/57ade2b48c9aea324cd6397bae4b823d0f74308c\"\u003e\u003ccode\u003e57ade2b\u003c/code\u003e\u003c/a\u003e chore: release version v3.25.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/1434071ef9d2d774e9eb4b0fc5b0de5b08710a98\"\u003e\u003ccode\u003e1434071\u003c/code\u003e\u003c/a\u003e docs: add example output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/c99338101838b3977cea42e4a9980a36bf54a5b5\"\u003e\u003ccode\u003ec993381\u003c/code\u003e\u003c/a\u003e docs: add guide for code generation with the manifest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/34647d45d454015dda6153b7bbf5aa101e7166af\"\u003e\u003ccode\u003e34647d4\u003c/code\u003e\u003c/a\u003e chore: add private actions options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/2ac20ee010eaf686e4973883403045c74b474215\"\u003e\u003ccode\u003e2ac20ee\u003c/code\u003e\u003c/a\u003e fix(manifest): pass real resource to data_layer.functions/1 (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2706\"\u003e#2706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/cfd2a4772b7be58a02891211800fa49aba351055\"\u003e\u003ccode\u003ecfd2a47\u003c/code\u003e\u003c/a\u003e chore: cleanups for new Manifest structures\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/fbaf9ebde7a6021316c5074f0411a2e1ad7a24f7\"\u003e\u003ccode\u003efbaf9eb\u003c/code\u003e\u003c/a\u003e improvement: support filter checks on create actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/ae55d1459ddd299efdf1bfea8478cb4bafd539b0\"\u003e\u003ccode\u003eae55d14\u003c/code\u003e\u003c/a\u003e Feat: add filtering and sorting to manifest (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2704\"\u003e#2704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/26d5eaf8c1ce0dac7c86a1e145c0c24726f09299\"\u003e\u003ccode\u003e26d5eaf\u003c/code\u003e\u003c/a\u003e chore: a few nits on manifest code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/5aa736de6033da098f8c91973b4a0cf81a4aec9f\"\u003e\u003ccode\u003e5aa736d\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003eAsh.Info.manifest\u003c/code\u003e for code generation basis (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2703\"\u003e#2703\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ash-project/ash/compare/v3.24.7...v3.25.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bandit` from 1.11.0 to 1.11.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.1 (13 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove handling of large chunked request bodies (CVE-2026-39803, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of request trailers (CVE-2026-39806, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWe no longer disallow \u003ccode\u003e.\u003c/code\u003e and \u003ccode\u003e..\u003c/code\u003e path components in HTTP/2 absolute paths (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/40a1b8fc924694a0125bbaa7fee101fa43feeb52\"\u003e\u003ccode\u003e40a1b8f\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/37b84cfd7f26dd3b9043d2c2d31be47d86ffa8e0\"\u003e\u003ccode\u003e37b84cf\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.1 to 0.40.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/583\"\u003e#583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8ff60784addd623c0a752b700d52edbaba107dd6\"\u003e\u003ccode\u003e8ff6078\u003c/code\u003e\u003c/a\u003e Bump telemetry from 1.4.1 to 1.4.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/584\"\u003e#584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ae3520dfdbfab115c638f8c7f6f6b805db34e1ab\"\u003e\u003ccode\u003eae3520d\u003c/code\u003e\u003c/a\u003e Improve chunk handling (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0f56e10ed194faad75abcbc8b221988568ccbf15\"\u003e\u003ccode\u003e0f56e10\u003c/code\u003e\u003c/a\u003e Stop handling . and .. paths specially (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.11.0...1.11.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postgrex` from 0.22.1 to 0.22.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-ecto/postgrex/blob/master/CHANGELOG.md\"\u003epostgrex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.22.2 (2026-05-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity\n\u003cul\u003e\n\u003cli\u003eEscape quotes in channel names in \u003ccode\u003ePostgrex.Notifications.listen/3\u003c/code\u003e (CVE-2026-32687)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-ecto/postgrex/commit/f1ffdb5e1894165ce95feb4e678cb91e5d76d6e1\"\u003e\u003ccode\u003ef1ffdb5\u003c/code\u003e\u003c/a\u003e Release v0.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-ecto/postgrex/commit/7cdedbd4316bb65f82e6a9a4f922c0ac491cb770\"\u003e\u003ccode\u003e7cdedbd\u003c/code\u003e\u003c/a\u003e Escape quotes, check null bytes, and name length for channel names\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/elixir-ecto/postgrex/compare/v0.22.1...v0.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/onnenon/receipts/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/onnenon%2Freceipts/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"},{"uuid":"4463481151","node_id":"PR_kwDORLKw3s7cX6rH","number":17,"state":"closed","title":"chore(deps): bump the prod-dependencies group with 7 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-17T22:53:34.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-17T12:34:49.000Z","updated_at":"2026-05-17T22:53:36.000Z","time_to_close":37125,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"prod-dependencies","update_count":7,"packages":[{"name":"bandit","old_version":"1.11.0","new_version":"1.11.1","repository_url":"https://github.com/mtrudel/bandit"},{"name":"bb","old_version":"0.15.2","new_version":"0.16.0","repository_url":"https://github.com/beam-bots/bb"},{"name":"bb_ik_dls","old_version":"0.3.1","new_version":"0.3.3","repository_url":"https://github.com/beam-bots/bb_ik_dls"},{"name":"bb_liveview","old_version":"0.2.4","new_version":"0.2.7","repository_url":"https://github.com/beam-bots/bb_liveview"},{"name":"bb_reactor","old_version":"0.2.1","new_version":"0.2.3","repository_url":"https://github.com/beam-bots/bb_reactor"},{"name":"bb_servo_feetech","old_version":"0.2.2","new_version":"0.2.4","repository_url":"https://github.com/beam-bots/bb_servo_feetech"},{"name":"nx","old_version":"0.11.0","new_version":"0.12.0","repository_url":"https://github.com/elixir-nx/nx"}],"path":null,"ecosystem":"hex"},"body":"Bumps the prod-dependencies group with 7 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [bandit](https://github.com/mtrudel/bandit) | `1.11.0` | `1.11.1` |\n| [bb](https://github.com/beam-bots/bb) | `0.15.2` | `0.16.0` |\n| [bb_ik_dls](https://github.com/beam-bots/bb_ik_dls) | `0.3.1` | `0.3.3` |\n| [bb_liveview](https://github.com/beam-bots/bb_liveview) | `0.2.4` | `0.2.7` |\n| [bb_reactor](https://github.com/beam-bots/bb_reactor) | `0.2.1` | `0.2.3` |\n| [bb_servo_feetech](https://github.com/beam-bots/bb_servo_feetech) | `0.2.2` | `0.2.4` |\n| [nx](https://github.com/elixir-nx/nx) | `0.11.0` | `0.12.0` |\n\nUpdates `bandit` from 1.11.0 to 1.11.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.1 (13 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove handling of large chunked request bodies (CVE-2026-39803, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of request trailers (CVE-2026-39806, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWe no longer disallow \u003ccode\u003e.\u003c/code\u003e and \u003ccode\u003e..\u003c/code\u003e path components in HTTP/2 absolute paths (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/40a1b8fc924694a0125bbaa7fee101fa43feeb52\"\u003e\u003ccode\u003e40a1b8f\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/37b84cfd7f26dd3b9043d2c2d31be47d86ffa8e0\"\u003e\u003ccode\u003e37b84cf\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.1 to 0.40.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/583\"\u003e#583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8ff60784addd623c0a752b700d52edbaba107dd6\"\u003e\u003ccode\u003e8ff6078\u003c/code\u003e\u003c/a\u003e Bump telemetry from 1.4.1 to 1.4.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/584\"\u003e#584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ae3520dfdbfab115c638f8c7f6f6b805db34e1ab\"\u003e\u003ccode\u003eae3520d\u003c/code\u003e\u003c/a\u003e Improve chunk handling (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0f56e10ed194faad75abcbc8b221988568ccbf15\"\u003e\u003ccode\u003e0f56e10\u003c/code\u003e\u003c/a\u003e Stop handling . and .. paths specially (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.11.0...1.11.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bb` from 0.15.2 to 0.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb/releases\"\u003ebb's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.16.0\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003emigrate from \u003ccode\u003eex_cldr_units\u003c/code\u003e to \u003ccode\u003elocalize\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/96\"\u003e#96\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eforce-disarm via topology supervisor instead of \u003ccode\u003eauto_disarm_on_error\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/95\"\u003e#95\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003estore wall-clock time and originating node on \u003ccode\u003eBB.Message\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/37\"\u003e#37\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/94\"\u003e#94\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecover tuple argument types in typespec and \u003ccode\u003e:map\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/93\"\u003e#93\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eidentify the publishing robot in pubsub deliveries (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/91\"\u003e#91\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/92\"\u003e#92\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecoerce command goal values to declared argument types (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/88\"\u003e#88\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.15.4\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eBB.Igniter\u003c/code\u003e helpers for writing into the topology section (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/87\"\u003e#87\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.15.3\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eBB.Igniter\u003c/code\u003e helpers for add-on installers (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/86\"\u003e#86\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb/blob/main/CHANGELOG.md\"\u003ebb's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb/compare/v0.15.4...v0.16.0\"\u003ev0.16.0\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003emigrate from \u003ccode\u003eex_cldr_units\u003c/code\u003e to \u003ccode\u003elocalize\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/96\"\u003e#96\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eforce-disarm via topology supervisor instead of \u003ccode\u003eauto_disarm_on_error\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/95\"\u003e#95\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003estore wall-clock time and originating node on \u003ccode\u003eBB.Message\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/37\"\u003e#37\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/94\"\u003e#94\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecover tuple argument types in typespec and \u003ccode\u003e:map\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/93\"\u003e#93\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eidentify the publishing robot in pubsub deliveries (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/91\"\u003e#91\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/92\"\u003e#92\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecoerce command goal values to declared argument types (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/88\"\u003e#88\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb/compare/v0.15.3...v0.15.4\"\u003ev0.15.4\u003c/a\u003e (2026-05-16)\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eBB.Igniter\u003c/code\u003e helpers for writing into the topology section (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/87\"\u003e#87\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb/compare/v0.15.2...v0.15.3\"\u003ev0.15.3\u003c/a\u003e (2026-05-13)\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eBB.Igniter\u003c/code\u003e helpers for add-on installers (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/86\"\u003e#86\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/084ab8561ddd62a6604d40e4d886cac7527176ac\"\u003e\u003ccode\u003e084ab85\u003c/code\u003e\u003c/a\u003e chore: release version v0.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/31384291211a5239982a63ce65405009b863af92\"\u003e\u003ccode\u003e3138429\u003c/code\u003e\u003c/a\u003e improvement!: migrate from \u003ccode\u003eex_cldr_units\u003c/code\u003e to \u003ccode\u003elocalize\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/a7462b455330168d801efe55f5c043525e24977c\"\u003e\u003ccode\u003ea7462b4\u003c/code\u003e\u003c/a\u003e improvement!: force-disarm via topology supervisor instead of `auto_disarm_on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/81d268f399ac65d6a54559d84ece981713b575aa\"\u003e\u003ccode\u003e81d268f\u003c/code\u003e\u003c/a\u003e improvement!: store wall-clock time and originating node on \u003ccode\u003eBB.Message\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/37\"\u003e#37\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/6109c343a64f368b2688bf575110945869c0f4c0\"\u003e\u003ccode\u003e6109c34\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action from 4.35.4 to 4.35.5 (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/89\"\u003e#89\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/fa8cf62452f03419c3fc751e26df952cf2cbb8de\"\u003e\u003ccode\u003efa8cf62\u003c/code\u003e\u003c/a\u003e chore(deps): bump the prod-dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/90\"\u003e#90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/896764f1963a738fa3081579e2ad6b442b6db645\"\u003e\u003ccode\u003e896764f\u003c/code\u003e\u003c/a\u003e fix: cover tuple argument types in typespec and \u003ccode\u003e:map\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/93\"\u003e#93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/ac117893ce1a22ac04225beff6892f6bb9e72849\"\u003e\u003ccode\u003eac11789\u003c/code\u003e\u003c/a\u003e improvement: identify the publishing robot in pubsub deliveries (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/91\"\u003e#91\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/ca3c8b0e314b34d1e43021be6fdcce16ca8484c4\"\u003e\u003ccode\u003eca3c8b0\u003c/code\u003e\u003c/a\u003e improvement: coerce command goal values to declared argument types (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/88\"\u003e#88\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/253c315a04b03c4862fa5e61ace8dfae9b465334\"\u003e\u003ccode\u003e253c315\u003c/code\u003e\u003c/a\u003e chore: release version v0.15.4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/beam-bots/bb/compare/v0.15.2...v0.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bb_ik_dls` from 0.3.1 to 0.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_ik_dls/releases\"\u003ebb_ik_dls's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.3.3\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev0.3.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erespect joint limits during DLS iteration (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/24\"\u003e#24\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_ik_dls/blob/main/CHANGELOG.md\"\u003ebb_ik_dls's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/compare/v0.3.2...v0.3.3\"\u003ev0.3.3\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/compare/v0.3.1...v0.3.2\"\u003ev0.3.2\u003c/a\u003e (2026-05-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erespect joint limits during DLS iteration (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/24\"\u003e#24\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/454684982d18330066d88f42552020aa1a26a6b2\"\u003e\u003ccode\u003e4546849\u003c/code\u003e\u003c/a\u003e chore: release version v0.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/6d675c14ef515e3c328175c46df3f3507379ad44\"\u003e\u003ccode\u003e6d675c1\u003c/code\u003e\u003c/a\u003e chore(deps): bump bb to ~\u0026gt; 0.16 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/25\"\u003e#25\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/70b2e2a9a7f314e16b25a32eda62ce6b0584128e\"\u003e\u003ccode\u003e70b2e2a\u003c/code\u003e\u003c/a\u003e chore: release version v0.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/c1fd4965a89ef3a9276d17896cb579cd9c04a8e3\"\u003e\u003ccode\u003ec1fd496\u003c/code\u003e\u003c/a\u003e chore(deps): Update bb to 0.15.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/290000c9d95e25958a5bf34acdd4502a0595d808\"\u003e\u003ccode\u003e290000c\u003c/code\u003e\u003c/a\u003e fix: respect joint limits during DLS iteration (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/24\"\u003e#24\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/b8f38724539d4aa786bbe97d8ec9ca547daec095\"\u003e\u003ccode\u003eb8f3872\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump ex_doc in the dev-dependencies group (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/22\"\u003e#22\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/4e65f950a8155f4516f900759ba62893eb3a0d6c\"\u003e\u003ccode\u003e4e65f95\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump igniter from 0.7.9 to 0.8.0 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/23\"\u003e#23\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/9d5463cfa2ce5fad7130b733f429aed5c3e4e988\"\u003e\u003ccode\u003e9d5463c\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the dev-dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/20\"\u003e#20\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/7fd4ed9d0cec9c62cb2ae56664d0e4932a6d2984\"\u003e\u003ccode\u003e7fd4ed9\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump igniter from 0.7.7 to 0.7.9 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/21\"\u003e#21\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/c33342ed1b176500af627bf883e0615ae6b839f3\"\u003e\u003ccode\u003ec33342e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/19\"\u003e#19\u003c/a\u003e from beam-bots/dependabot/hex/igniter-0.7.7\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/beam-bots/bb_ik_dls/compare/v0.3.1...v0.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bb_liveview` from 0.2.4 to 0.2.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_liveview/releases\"\u003ebb_liveview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.7\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003erender :atom-typed argument values with their leading colon (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/45\"\u003e#45\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003epreserve command form input values after execute (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/44\"\u003e#44\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisplay event-stream timestamps from \u003ccode\u003eBB.Message.wall_time\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/48\"\u003e#48\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.2.6\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ephoenix bootstrap + endpoint plug injection in \u003ccode\u003ebb_liveview.install\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/43\"\u003e#43\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.2.5\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ebb_liveview.install\u003c/code\u003e igniter task (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/42\"\u003e#42\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_liveview/blob/main/CHANGELOG.md\"\u003ebb_liveview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/compare/v0.2.6...v0.2.7\"\u003ev0.2.7\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003erender :atom-typed argument values with their leading colon (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/45\"\u003e#45\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003epreserve command form input values after execute (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/44\"\u003e#44\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisplay event-stream timestamps from \u003ccode\u003eBB.Message.wall_time\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/48\"\u003e#48\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/compare/v0.2.5...v0.2.6\"\u003ev0.2.6\u003c/a\u003e (2026-05-16)\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ephoenix bootstrap + endpoint plug injection in \u003ccode\u003ebb_liveview.install\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/43\"\u003e#43\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/compare/v0.2.4...v0.2.5\"\u003ev0.2.5\u003c/a\u003e (2026-05-13)\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ebb_liveview.install\u003c/code\u003e igniter task (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/42\"\u003e#42\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/02b2fb8cc560b3aca5d9856af59aec07f7736c79\"\u003e\u003ccode\u003e02b2fb8\u003c/code\u003e\u003c/a\u003e chore: release version v0.2.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/8df9afbc046aadf4ac2591f4b0c6e6ab242a07f5\"\u003e\u003ccode\u003e8df9afb\u003c/code\u003e\u003c/a\u003e chore(deps): bump bb to ~\u0026gt; 0.16 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/49\"\u003e#49\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/798881b82b8dbc68bb1d18702bfa07747e11943e\"\u003e\u003ccode\u003e798881b\u003c/code\u003e\u003c/a\u003e fix: render :atom-typed argument values with their leading colon (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/45\"\u003e#45\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/022a6d4a204f2e6832ce666668ca2749148b3962\"\u003e\u003ccode\u003e022a6d4\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump bandit from 1.11.0 to 1.11.1 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/47\"\u003e#47\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/d7156583d8e34f174219958bb9f6af29fbba9df8\"\u003e\u003ccode\u003ed715658\u003c/code\u003e\u003c/a\u003e improvement: display event-stream timestamps from \u003ccode\u003eBB.Message.wall_time\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/48\"\u003e#48\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/65cc8f6a44e2364e98c854ccef794c25ead2f818\"\u003e\u003ccode\u003e65cc8f6\u003c/code\u003e\u003c/a\u003e fix: preserve command form input values after execute (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/44\"\u003e#44\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/4836a7b16f25ea8faed29d1fb2f10aae7e7749ed\"\u003e\u003ccode\u003e4836a7b\u003c/code\u003e\u003c/a\u003e chore: release version v0.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/a0abebcbc433c0fbf9490bfff21cfbef13838bf7\"\u003e\u003ccode\u003ea0abebc\u003c/code\u003e\u003c/a\u003e improvement: phoenix bootstrap + endpoint plug injection in `bb_liveview.inst...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/6fbbe24cc15ee3709dcd4a518f14101a9def1e3a\"\u003e\u003ccode\u003e6fbbe24\u003c/code\u003e\u003c/a\u003e chore: release version v0.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/b915b27bd8f9fca5cdc2a0f6b25beb2762d0a492\"\u003e\u003ccode\u003eb915b27\u003c/code\u003e\u003c/a\u003e improvement: add \u003ccode\u003ebb_liveview.install\u003c/code\u003e igniter task (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/42\"\u003e#42\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/beam-bots/bb_liveview/compare/v0.2.4...v0.2.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bb_reactor` from 0.2.1 to 0.2.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_reactor/releases\"\u003ebb_reactor's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.3\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev0.2.2\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd basic igniter installer by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_reactor/blob/main/CHANGELOG.md\"\u003ebb_reactor's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/compare/v0.2.2...v0.2.3\"\u003ev0.2.3\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/compare/v0.2.1...v0.2.2\"\u003ev0.2.2\u003c/a\u003e (2026-05-15)\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd basic igniter installer by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/0476fff39379325c252e6be6657bf34fba6cc9e1\"\u003e\u003ccode\u003e0476fff\u003c/code\u003e\u003c/a\u003e chore: release version v0.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/6c65e4cfbf513171c223d5297451901f67b6181b\"\u003e\u003ccode\u003e6c65e4c\u003c/code\u003e\u003c/a\u003e chore: align with bb 0.16 safety semantics (\u003ca href=\"https://redirect.github.com/beam-bots/bb_reactor/issues/24\"\u003e#24\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/68e7323c7d5db8d04176800d878dbba63010636d\"\u003e\u003ccode\u003e68e7323\u003c/code\u003e\u003c/a\u003e chore: release version v0.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/0b44cba9e035248355b33dfc7884eacf066cc9ff\"\u003e\u003ccode\u003e0b44cba\u003c/code\u003e\u003c/a\u003e improvement: Add basic igniter installer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/20c597571fedd6485903dded1218ed366953e96a\"\u003e\u003ccode\u003e20c5975\u003c/code\u003e\u003c/a\u003e chore(deps): update bb to 0.15.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/684e7e2b203da0259d6cf8d5002e93e0593a3ab8\"\u003e\u003ccode\u003e684e7e2\u003c/code\u003e\u003c/a\u003e chore(deps): bump reactor from 1.0.0 to 1.0.1 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_reactor/issues/20\"\u003e#20\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/9b3b7746298d5b8d28efa7c27cdeafe7562cb8ee\"\u003e\u003ccode\u003e9b3b774\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the dev-dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/beam-bots/bb_reactor/issues/21\"\u003e#21\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/4074a1851b494a2151c7cca098aa8e95ae1f2f4c\"\u003e\u003ccode\u003e4074a18\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump igniter from 0.7.7 to 0.7.9 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_reactor/issues/22\"\u003e#22\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/030271ed3d750c64547f3ae2074c44df17346a4a\"\u003e\u003ccode\u003e030271e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/beam-bots/bb_reactor/issues/17\"\u003e#17\u003c/a\u003e from beam-bots/dependabot/hex/dev-dependencies-c15e7130e8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/b833bdca836717468c3fe34067a02ca83cf9d30d\"\u003e\u003ccode\u003eb833bdc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/beam-bots/bb_reactor/issues/18\"\u003e#18\u003c/a\u003e from beam-bots/dependabot/hex/igniter-0.7.7\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/beam-bots/bb_reactor/compare/v0.2.1...v0.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bb_servo_feetech` from 0.2.2 to 0.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/releases\"\u003ebb_servo_feetech's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.4\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev0.2.3\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ebb_servo_feetech.install\u003c/code\u003e igniter task (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/25\"\u003e#25\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/blob/main/CHANGELOG.md\"\u003ebb_servo_feetech's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_pca9685/compare/v0.2.3...v0.2.4\"\u003ev0.2.4\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_pca9685/compare/v0.2.2...v0.2.3\"\u003ev0.2.3\u003c/a\u003e (2026-05-13)\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ebb_servo_feetech.install\u003c/code\u003e igniter task (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/25\"\u003e#25\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/50f64f662e51f85169075aa26ceea8f5b27469e9\"\u003e\u003ccode\u003e50f64f6\u003c/code\u003e\u003c/a\u003e chore: release version v0.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/20605bfe1e09cf1a4b0ff8ab9a59338551729920\"\u003e\u003ccode\u003e20605bf\u003c/code\u003e\u003c/a\u003e chore(deps): bump bb to ~\u0026gt; 0.16 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/26\"\u003e#26\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/5e5788e1581d437264e4eb4e107417f9747aad1d\"\u003e\u003ccode\u003e5e5788e\u003c/code\u003e\u003c/a\u003e chore: release version v0.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/1761292cd4cde8ab57e52e8499770f6ed7001607\"\u003e\u003ccode\u003e1761292\u003c/code\u003e\u003c/a\u003e improvement: add \u003ccode\u003ebb_servo_feetech.install\u003c/code\u003e igniter task (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/25\"\u003e#25\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/bdbb53146f57463de6694b08c166e30e8bf8d586\"\u003e\u003ccode\u003ebdbb531\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump ex_doc in the dev-dependencies group (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/24\"\u003e#24\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/44dcabaebdd96c74eddc43927a7dc8b25cbe65db\"\u003e\u003ccode\u003e44dcaba\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the dev-dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/22\"\u003e#22\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/c78833cbe363859b6a9a709ea6f9177c5738bef6\"\u003e\u003ccode\u003ec78833c\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump igniter from 0.7.7 to 0.7.9 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/23\"\u003e#23\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/3164bfd90ee28dce60f89848a7379a45d8c53052\"\u003e\u003ccode\u003e3164bfd\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump git_ops in the dev-dependencies group (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/21\"\u003e#21\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/compare/v0.2.2...v0.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nx` from 0.11.0 to 0.12.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-nx/nx/releases\"\u003enx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.12.0 - 2026-05-15\u003c/h2\u003e\n\u003cp\u003eSee the changelogs for individual libraries for a semantic set of changes\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/blasphemetheus\"\u003e\u003ccode\u003e@​blasphemetheus\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/elixir-nx/nx/pull/1676\"\u003eelixir-nx/nx#1676\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jeffreyksmithjr\"\u003e\u003ccode\u003e@​jeffreyksmithjr\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/elixir-nx/nx/pull/1715\"\u003eelixir-nx/nx#1715\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elixir-nx/nx/compare/v0.11.0...v0.12.0\"\u003ehttps://github.com/elixir-nx/nx/compare/v0.11.0...v0.12.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/b0f75edd23fe201a3e9f10e42f2c2451514a65c7\"\u003e\u003ccode\u003eb0f75ed\u003c/code\u003e\u003c/a\u003e update nx/complex lock in exla and torchx\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/b22078978457ff2fb6e7a8b14672c3d44f92607f\"\u003e\u003ccode\u003eb220789\u003c/code\u003e\u003c/a\u003e chore: update to complex 0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/c5871f31c64f9934124d91f276782f12b2424861\"\u003e\u003ccode\u003ec5871f3\u003c/code\u003e\u003c/a\u003e bump to 0.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/cdcf58da8199d86f3e1097d5fd2326017344989b\"\u003e\u003ccode\u003ecdcf58d\u003c/code\u003e\u003c/a\u003e fix: torchx visibility hidden and exla write_to_pointer no-op definition in p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/48d7b0de48ed411278db641a47e24e4d77f8ea0e\"\u003e\u003ccode\u003e48d7b0d\u003c/code\u003e\u003c/a\u003e docs: don't leak internal EXLA details in CustomCall docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/5febc3fbc2c28ff05704fcda80226f1bad0688a0\"\u003e\u003ccode\u003e5febc3f\u003c/code\u003e\u003c/a\u003e Refactor EXLA block lowering through EXLA.CustomCall protocol (\u003ca href=\"https://redirect.github.com/elixir-nx/nx/issues/1739\"\u003e#1739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/1c3d86eb635e136eab7d5a1a12a57794c200d204\"\u003e\u003ccode\u003e1c3d86e\u003c/code\u003e\u003c/a\u003e fix: Nx.block with EXLA JIT (\u003ca href=\"https://redirect.github.com/elixir-nx/nx/issues/1750\"\u003e#1750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/fb89cf4f998728007d3b02f92ea118e0a13fe60b\"\u003e\u003ccode\u003efb89cf4\u003c/code\u003e\u003c/a\u003e Silence type system warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/84a2ef16e671fa0a59c76d4c752d1274df2a78a3\"\u003e\u003ccode\u003e84a2ef1\u003c/code\u003e\u003c/a\u003e Group all Nx.Block in docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/a53bbaed938257e62b0df84131e2d0573c616e63\"\u003e\u003ccode\u003ea53bbae\u003c/code\u003e\u003c/a\u003e chore: rename linalg blocks (\u003ca href=\"https://redirect.github.com/elixir-nx/nx/issues/1738\"\u003e#1738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elixir-nx/nx/compare/v0.11.0...v0.12.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/beam-bots/bb_example_so101/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/beam-bots%2Fbb_example_so101/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"},{"uuid":"4442131453","node_id":"PR_kwDOSJ-KK87bVPNI","number":54,"state":"closed","title":"Bump the mix-production-dependencies group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-21T01:42:24.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-14T00:37:47.000Z","updated_at":"2026-05-21T01:42:26.000Z","time_to_close":608677,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"mix-production-dependencies","update_count":5,"packages":[{"name":"bandit","old_version":"1.10.3","new_version":"1.11.1","repository_url":"https://github.com/mtrudel/bandit"},{"name":"jason","old_version":"1.4.4","new_version":"1.4.5","repository_url":"https://github.com/michalmuskala/jason"},{"name":"phoenix","old_version":"1.8.5","new_version":"1.8.7","repository_url":"https://github.com/phoenixframework/phoenix"},{"name":"phoenix_live_view","old_version":"1.1.26","new_version":"1.1.30","repository_url":"https://github.com/phoenixframework/phoenix_live_view"},{"name":"swoosh","old_version":"1.23.0","new_version":"1.25.2","repository_url":"https://github.com/swoosh/swoosh"}],"path":null,"ecosystem":"hex"},"body":"Bumps the mix-production-dependencies group with 5 updates in the /src/flagd-ui directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [bandit](https://github.com/mtrudel/bandit) | `1.10.3` | `1.11.1` |\n| [jason](https://github.com/michalmuskala/jason) | `1.4.4` | `1.4.5` |\n| [phoenix](https://github.com/phoenixframework/phoenix) | `1.8.5` | `1.8.7` |\n| [phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view) | `1.1.26` | `1.1.30` |\n| [swoosh](https://github.com/swoosh/swoosh) | `1.23.0` | `1.25.2` |\n\n\nUpdates `bandit` from 1.10.3 to 1.11.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.1 (13 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove handling of large chunked request bodies (CVE-2026-39803, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of request trailers (CVE-2026-39806, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWe no longer disallow \u003ccode\u003e.\u003c/code\u003e and \u003ccode\u003e..\u003c/code\u003e path components in HTTP/2 absolute paths (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.4 (25 Mar 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003e{:shutdown, :disconnected}\u003c/code\u003e as a normal WebSocket result code (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e, thanks \u003ca href=\"https://github.com/wwitek-whatnot\"\u003e\u003ccode\u003e@​wwitek-whatnot\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/40a1b8fc924694a0125bbaa7fee101fa43feeb52\"\u003e\u003ccode\u003e40a1b8f\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/37b84cfd7f26dd3b9043d2c2d31be47d86ffa8e0\"\u003e\u003ccode\u003e37b84cf\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.1 to 0.40.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/583\"\u003e#583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8ff60784addd623c0a752b700d52edbaba107dd6\"\u003e\u003ccode\u003e8ff6078\u003c/code\u003e\u003c/a\u003e Bump telemetry from 1.4.1 to 1.4.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/584\"\u003e#584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ae3520dfdbfab115c638f8c7f6f6b805db34e1ab\"\u003e\u003ccode\u003eae3520d\u003c/code\u003e\u003c/a\u003e Improve chunk handling (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0f56e10ed194faad75abcbc8b221988568ccbf15\"\u003e\u003ccode\u003e0f56e10\u003c/code\u003e\u003c/a\u003e Stop handling . and .. paths specially (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.3...1.11.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jason` from 1.4.4 to 1.4.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/michalmuskala/jason/blob/master/CHANGELOG.md\"\u003ejason's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.5 (05.05.2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Decimal 3.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/4ede42858eb19f80ec9e863aab52df466eab8608\"\u003e\u003ccode\u003e4ede428\u003c/code\u003e\u003c/a\u003e Bump v1.4.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/b8c2185aaecc9839c0d13e69f7baab9c6e5e60f6\"\u003e\u003ccode\u003eb8c2185\u003c/code\u003e\u003c/a\u003e Fix dialyzer job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/a363975dc873c4bde43dd6978685adaa41e2f2d5\"\u003e\u003ccode\u003ea363975\u003c/code\u003e\u003c/a\u003e Modernise CI to currently supported versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/243c8a8ba8452a720462222ab6d80367cd9235cf\"\u003e\u003ccode\u003e243c8a8\u003c/code\u003e\u003c/a\u003e Allow decimal 3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/c8e8d0501723d0855691a89ee66ee51b429b8d56\"\u003e\u003ccode\u003ec8e8d05\u003c/code\u003e\u003c/a\u003e Revert the experimental 1.5 branch and jason_native experiment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/0e7a3e2cebcb3af550382416b19125d81d8d1824\"\u003e\u003ccode\u003e0e7a3e2\u003c/code\u003e\u003c/a\u003e Add example/doctest for Jason.OrderedObject.new/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/984bc078eb4b2084104751c7f1c5290b8338e06b\"\u003e\u003ccode\u003e984bc07\u003c/code\u003e\u003c/a\u003e fix broken link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/f775592c90472e8debe989081883de6ba282e037\"\u003e\u003ccode\u003ef775592\u003c/code\u003e\u003c/a\u003e Raise if trying to decode decimals without decimal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/79d59df70177242d288974923504880bf65a51c8\"\u003e\u003ccode\u003e79d59df\u003c/code\u003e\u003c/a\u003e Remove unneeded workarounds for xref warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/baac78e5dbd487e30f7f6f93b319c3cfbd3982e2\"\u003e\u003ccode\u003ebaac78e\u003c/code\u003e\u003c/a\u003e Fix warnings by conditionally compiling Decimal support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/michalmuskala/jason/compare/v1.4.4...v1.4.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix` from 1.8.5 to 1.8.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix/blob/main/CHANGELOG.md\"\u003ephoenix's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.8.7 (2026-05-06)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix invalid status when longpoll request times out\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMask \u003ccode\u003etoken\u003c/code\u003e parameter \u003ca href=\"https://hexdocs.pm/phoenix/Phoenix.Logger.html#module-parameter-filtering\"\u003ein logs\u003c/a\u003e by default (in addition to \u0026quot;password\u0026quot;)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJavaScript Client Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix encoding of non-ASCII metadata in binary channel messages\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.8.6 (2026-05-05)\u003c/h2\u003e\n\u003ch3\u003eSecurity fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/security/advisories/GHSA-628h-q48j-jr6q\"\u003eCVE-2026-32689\u003c/a\u003e: Fix Phoenix.Socket Longpoll transport memory exhaustion in nd-JSON body splitting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[phoenix] Raise if \u003ccode\u003euse Phoenix.VerifiedRoutes\u003c/code\u003e is called multiple times in the same module\u003c/li\u003e\n\u003cli\u003e[phoenix] Fix more deprecation and type checker warnings on Elixir 1.20\u003c/li\u003e\n\u003cli\u003e[phoenix] Raise when interpolating a list in \u003ccode\u003ePhoenix.VerifiedRoutes\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phoenix] Gracefully handle non-binary \u003ccode\u003evsn\u003c/code\u003e socket parameter (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6662\"\u003e#6662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phx.gen.*] Use \u003ccode\u003e.eex\u003c/code\u003e filename suffix in generator files\u003c/li\u003e\n\u003cli\u003e[phx.new] Add interactive mode: \u003ccode\u003emix phx.new --interactive\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phx.new] Add \u003ccode\u003ephx-no-format\u003c/code\u003e to generated \u003ccode\u003e\u0026lt;.live_title\u0026gt;\u003c/code\u003e tag (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6667\"\u003e#6667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[phx.gen.*] Fix generated migrations for myxql when using scopes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6635\"\u003e#6635\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phx.new] Fix crash when parent directory contains a colon (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/ba3a131552add5758c021ff4c6e9b6947bb5a205\"\u003e\u003ccode\u003eba3a131\u003c/code\u003e\u003c/a\u003e Release v1.8.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/e74eaccb8e909826a50c9e8095cd1694dace289c\"\u003e\u003ccode\u003ee74eacc\u003c/code\u003e\u003c/a\u003e fix invalid status on longpoll window timeout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/035fde9ac29920d4c040be91fdb7508295579036\"\u003e\u003ccode\u003e035fde9\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/eb5f52f683b148f30aa528d365b301d2c51a4b59\"\u003e\u003ccode\u003eeb5f52f\u003c/code\u003e\u003c/a\u003e Correctly serialize non ASCII metadata (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6664\"\u003e#6664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/a99c5e8974f98c57aa4c883da51f57b582c0225c\"\u003e\u003ccode\u003ea99c5e8\u003c/code\u003e\u003c/a\u003e Filter token parameters by default (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6665\"\u003e#6665\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/21901113ec7aa5158ad7748170bb9c3b3254861b\"\u003e\u003ccode\u003e2190111\u003c/code\u003e\u003c/a\u003e update installer version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/ddcdadb7de1132d630bbbe56f975e66f85f36416\"\u003e\u003ccode\u003eddcdadb\u003c/code\u003e\u003c/a\u003e Release v1.8.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/1a67c61ff9ce0a7711662ac7354861917a7c80f7\"\u003e\u003ccode\u003e1a67c61\u003c/code\u003e\u003c/a\u003e prevent unexpected memory usage on nd-json body splitting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/8ca76a2c57fb189733e67c3fb72098d1092ef60c\"\u003e\u003ccode\u003e8ca76a2\u003c/code\u003e\u003c/a\u003e fix a couple of typos (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6672\"\u003e#6672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/6214d83ac87fe87170bf2a8525b3404af1517705\"\u003e\u003ccode\u003e6214d83\u003c/code\u003e\u003c/a\u003e Bump postcss from 8.5.6 to 8.5.13 (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6671\"\u003e#6671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix/compare/v1.8.5...v1.8.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix_live_view` from 1.1.26 to 1.1.30\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/releases\"\u003ephoenix_live_view's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.30\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure internal phx-viewport hook does not crash on update if no scroll container is used (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4214\"\u003e#4214\u003c/a\u003e), introduced in v1.1.29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.29\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent JS crash when hook has a duplicate ID (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4196\"\u003e#4196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRecompute scroll container for phx-viewport bindings if it is no longer available (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4169\"\u003e#4169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix phx-viewport events not firing when container has horizontal overflow (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3897\"\u003e#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4209\"\u003e#4209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003emoveBefore\u003c/code\u003e if available when reordering stream elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4212\"\u003e#4212\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.28\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix race condition that could lead to a JS exception when nested LiveView is removed while it is joining (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4177\"\u003e#4177\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eA bunch of small performance and documentation improvements (thank you \u003ca href=\"https://github.com/preciz\"\u003e\u003ccode\u003e@​preciz\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.27\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWorkaround Chrome bug when patching \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4163\"\u003e#4163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix more type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/blob/v1.1.30/CHANGELOG.md\"\u003ephoenix_live_view's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.30 (2026-05-05)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure internal phx-viewport hook does not crash on update if no scroll container is used (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4214\"\u003e#4214\u003c/a\u003e), introduced in v1.1.29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.29 (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent JS crash when hook has a duplicate ID (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4196\"\u003e#4196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRecompute scroll container for phx-viewport bindings if it is no longer available (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4169\"\u003e#4169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix phx-viewport events not firing when container has horizontal overflow (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3897\"\u003e#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4209\"\u003e#4209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003emoveBefore\u003c/code\u003e if available when reordering stream elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4212\"\u003e#4212\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.28 (2026-03-27)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix race condition that could lead to a JS exception when nested LiveView is removed while it is joining (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4177\"\u003e#4177\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eA bunch of small performance and documentation improvements (thank you \u003ca href=\"https://github.com/preciz\"\u003e\u003ccode\u003e@​preciz\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.27 (2026-03-10)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWorkaround Chrome bug when patching \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4163\"\u003e#4163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix more type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/fdbbe52011812943d90dc4a3d46f4c0740d86bd2\"\u003e\u003ccode\u003efdbbe52\u003c/code\u003e\u003c/a\u003e Release v1.1.30\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/970932be5fa7b4313994ba3b68f0a55ff74f9a2c\"\u003e\u003ccode\u003e970932b\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/ff31d012fbeeedd38f13c9836d5d4fbfc22750b8\"\u003e\u003ccode\u003eff31d01\u003c/code\u003e\u003c/a\u003e Ensure phx-viewport hook does not fail if there's no scrollContainer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/24090b52e5f8aa392b23d9a1bf53974ecc66662a\"\u003e\u003ccode\u003e24090b5\u003c/code\u003e\u003c/a\u003e Release v1.1.29\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/cc836431208b3ad28a4cfcc2ae412ba24dc98b7c\"\u003e\u003ccode\u003ecc83643\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/8deb3e5e5a4b002bcab1250e1a14768bd7a9d5e8\"\u003e\u003ccode\u003e8deb3e5\u003c/code\u003e\u003c/a\u003e Use moveBefore if supported when reordering stream items (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4213\"\u003e#4213\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/174dad576cbff77e817091b6c7652cb3c21daffa\"\u003e\u003ccode\u003e174dad5\u003c/code\u003e\u003c/a\u003e DOM patching: Fall back to PHX_MAGIC_ID if node ID was touched by client hook...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/4e18a20652bbaca961146f73d9b1ec87295861f9\"\u003e\u003ccode\u003e4e18a20\u003c/code\u003e\u003c/a\u003e handle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4210\"\u003e#4210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/031f00ccc6b0e95eaa14222312514744a5a5a923\"\u003e\u003ccode\u003e031f00c\u003c/code\u003e\u003c/a\u003e Remove unreachable error clause in UploadTmpFileWriter.write_chunk/2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/0b4005ba0631fc03ac5e46551e540d04c95dbefe\"\u003e\u003ccode\u003e0b4005b\u003c/code\u003e\u003c/a\u003e Optimize traverse_dynamic for nil and binary entries\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/compare/v1.1.26...v1.1.30\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `swoosh` from 1.23.0 to 1.25.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/releases\"\u003eswoosh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.25.2 🚀\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: prepare 1.25.2 patch release \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1136\"\u003e#1136\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix release comment workflow repository checkout \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1128\"\u003e#1128\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(config): prioritize runtime config for Mailer \u003ca href=\"https://github.com/ukashazia\"\u003e\u003ccode\u003e@​ukashazia\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1134\"\u003e#1134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump jason from 1.4.4 to 1.4.5 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1130\"\u003e#1130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump bandit from 1.10.4 to 1.11.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1129\"\u003e#1129\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.25.1 🚀\u003c/h2\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: assert_no_email_sent and refute_email_sent now catch deliver_many \u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEscape email content in mailbox preview UI \u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump plug_cowboy from 2.8.0 to 2.8.1 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1126\"\u003e#1126\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1123\"\u003eswoosh/swoosh#1123\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1124\"\u003eswoosh/swoosh#1124\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.0 🚀\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare minor release 1.25.0 \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1122\"\u003e#1122\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Add Swoosh.Adapters.Sandbox \u003ca href=\"https://github.com/aidalgol\"\u003e\u003ccode\u003e@​aidalgol\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1120\"\u003e#1120\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e📝 Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove discoverability and HexDocs coverage for \u003ccode\u003eSwoosh.Adapters.Sandbox\u003c/code\u003e \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1121\"\u003e#1121\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🧰 Maintenance\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd release-published workflow to comment on released PRs \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1118\"\u003e#1118\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump bandit from 1.10.3 to 1.10.4 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1119\"\u003e#1119\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.24.0 🚀\u003c/h2\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/blob/main/CHANGELOG.md\"\u003eswoosh's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.25.2\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix(config): prioritize runtime config for Mailer \u003ca href=\"https://github.com/ukashazia\"\u003e\u003ccode\u003e@​ukashazia\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1134\"\u003e#1134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.25.1\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEscape email content in mailbox preview UI \u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: assert_no_email_sent and refute_email_sent now catch deliver_many \u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.25.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eSwoosh.Adapters.Sandbox\u003c/code\u003e \u003ca href=\"https://github.com/aidalgol\"\u003e\u003ccode\u003e@​aidalgol\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1120\"\u003e#1120\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📝 Documentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove discoverability and HexDocs coverage for \u003ccode\u003eSwoosh.Adapters.Sandbox\u003c/code\u003e \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1121\"\u003e#1121\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🧰 Maintenance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd release-published workflow to comment on released PRs \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1118\"\u003e#1118\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.24.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Azure Communication Services adapter \u003ca href=\"https://github.com/jamilbk\"\u003e\u003ccode\u003e@​jamilbk\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1116\"\u003e#1116\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.23.1\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tracking options to the mailjet adapter \u003ca href=\"https://github.com/wkirschbaum\"\u003e\u003ccode\u003e@​wkirschbaum\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1114\"\u003e#1114\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🧰 Maintenance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove unused require Logger compilation warning \u003ca href=\"https://github.com/wkirschbaum\"\u003e\u003ccode\u003e@​wkirschbaum\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1115\"\u003e#1115\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/7baea5c965c441164ffb524855002f454e2da026\"\u003e\u003ccode\u003e7baea5c\u003c/code\u003e\u003c/a\u003e Bump jason from 1.4.4 to 1.4.5 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1130\"\u003e#1130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/37342caa1d5d5485fb17ff5df2575e77be8a8a3c\"\u003e\u003ccode\u003e37342ca\u003c/code\u003e\u003c/a\u003e chore: prepare 1.25.2 patch release (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1136\"\u003e#1136\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f6eedb4b9a2905c2ec8df0a106664bd274c4588d\"\u003e\u003ccode\u003ef6eedb4\u003c/code\u003e\u003c/a\u003e fix(config): prioritize runtime config for Mailer (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1134\"\u003e#1134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/5596e9789ef92893cbfb5f11630b247d6f877e6b\"\u003e\u003ccode\u003e5596e97\u003c/code\u003e\u003c/a\u003e Bump bandit from 1.10.4 to 1.11.0 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1129\"\u003e#1129\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f656c6b55277f8c1b76f2429f3621d5a6aed333c\"\u003e\u003ccode\u003ef656c6b\u003c/code\u003e\u003c/a\u003e Fix release comment workflow checkout (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1128\"\u003e#1128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/2aa9af499fa9b5250dba0a2d42cccc47a1f701c4\"\u003e\u003ccode\u003e2aa9af4\u003c/code\u003e\u003c/a\u003e Bump version to 1.25.1 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1127\"\u003e#1127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/df97f1c6b86c4e40ce31d5393b7cb97cc5e84bd2\"\u003e\u003ccode\u003edf97f1c\u003c/code\u003e\u003c/a\u003e Bump plug_cowboy from 2.8.0 to 2.8.1 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1126\"\u003e#1126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/397562e99adb780d829cf4a6dc63e76c6d263e6f\"\u003e\u003ccode\u003e397562e\u003c/code\u003e\u003c/a\u003e Regenerate styles with Tailwind CSS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/3e4ff5f800448c9446f5e4b7ea48b2f3b550d164\"\u003e\u003ccode\u003e3e4ff5f\u003c/code\u003e\u003c/a\u003e fix: use github.ref_name instead of github.ref for tailwind branch name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f0b12c02ebc13ebc621821a93ffc20c05033e5d6\"\u003e\u003ccode\u003ef0b12c0\u003c/code\u003e\u003c/a\u003e Escape email content in mailbox preview UI (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.23.0...v1.25.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/honeycombio/ced-opentelemetry-demo-app-academy-courses/pull/54","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/honeycombio%2Fced-opentelemetry-demo-app-academy-courses/issues/54","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/54/packages"},{"uuid":"4425584652","node_id":"PR_kwDOQF4m787afaFR","number":173,"state":"open","title":"deps(elixir): bump the elixir-query-service group across 1 directory with 8 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-12T01:54:07.000Z","updated_at":"2026-05-12T01:55:47.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(elixir): bump","group_name":"elixir-query-service","update_count":8,"packages":[{"name":"bandit","old_version":"1.10.4","new_version":"1.11.0","repository_url":"https://github.com/mtrudel/bandit"},{"name":"broadway","old_version":"1.2.1","new_version":"1.3.0","repository_url":"https://github.com/dashbitco/broadway"},{"name":"ex_doc","old_version":"0.40.1","new_version":"0.40.2","repository_url":"https://github.com/elixir-lang/ex_doc"},{"name":"jason","old_version":"1.4.4","new_version":"1.4.5","repository_url":"https://github.com/michalmuskala/jason"},{"name":"mint","old_version":"1.7.1","new_version":"1.8.0","repository_url":"https://github.com/elixir-mint/mint"},{"name":"open_api_spex","old_version":"3.22.2","new_version":"3.22.3","repository_url":"https://github.com/open-api-spex/open_api_spex"},{"name":"tesla","old_version":"1.16.0","new_version":"1.17.0","repository_url":"https://github.com/elixir-tesla/tesla"}],"path":null,"ecosystem":"hex"},"body":"Bumps the elixir-query-service group with 7 updates in the /apps/query-service directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [bandit](https://github.com/mtrudel/bandit) | `1.10.4` | `1.11.0` |\n| [broadway](https://github.com/dashbitco/broadway) | `1.2.1` | `1.3.0` |\n| [ex_doc](https://github.com/elixir-lang/ex_doc) | `0.40.1` | `0.40.2` |\n| [jason](https://github.com/michalmuskala/jason) | `1.4.4` | `1.4.5` |\n| [mint](https://github.com/elixir-mint/mint) | `1.7.1` | `1.8.0` |\n| [open_api_spex](https://github.com/open-api-spex/open_api_spex) | `3.22.2` | `3.22.3` |\n| [tesla](https://github.com/elixir-tesla/tesla) | `1.16.0` | `1.17.0` |\n\n\nUpdates `bandit` from 1.10.4 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/21612c7c7b1ce43eccd36d3af3a2299d23513667\"\u003e\u003ccode\u003e21612c7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8156921a51e684a951221da7bc30a70a022f722e\"\u003e\u003ccode\u003e8156921\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/fc3cf61f636f1f2acd708783a260dd494c3444fe\"\u003e\u003ccode\u003efc3cf61\u003c/code\u003e\u003c/a\u003e Improve handling of edge cases in send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1085ad071204ab135cc8ffc4120c2f6656b8548f\"\u003e\u003ccode\u003e1085ad0\u003c/code\u003e\u003c/a\u003e Bump machete from 0.3.11 to 0.3.12 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c70e175b68e372bdbd7eb2bf81d236de0ef831b0\"\u003e\u003ccode\u003ec70e175\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.17 to 1.7.18 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.4...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `broadway` from 1.2.1 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dashbitco/broadway/blob/main/CHANGELOG.md\"\u003ebroadway's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0 (2026-04-17)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd telemetry events around \u003ccode\u003ehandle_failed\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eInclude producer metadata in telemetry events\u003c/li\u003e\n\u003cli\u003eAdd labels to Broadway stages\u003c/li\u003e\n\u003cli\u003eFix race condition during graceful shutdown\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/d3a668c885342ae223b5ebcd9571efe4a0f18c41\"\u003e\u003ccode\u003ed3a668c\u003c/code\u003e\u003c/a\u003e Release v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/dd2f40571ac463bbc56f949b6c1f8d33fd6cc665\"\u003e\u003ccode\u003edd2f405\u003c/code\u003e\u003c/a\u003e Include producer metadata in per-message events (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/966c59ad95ddb6aa75c91e71848cfc617bef3a8e\"\u003e\u003ccode\u003e966c59a\u003c/code\u003e\u003c/a\u003e Add :telemetry.span for handle_failed/2 callback (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/369\"\u003e#369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/370f180e853a33978f1822432c66bea61f9d98ef\"\u003e\u003ccode\u003e370f180\u003c/code\u003e\u003c/a\u003e Clarify some docs related to GenStage demand (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/368\"\u003e#368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/69d90526dc7c1003d1b9fff5092645eb4fbe9e48\"\u003e\u003ccode\u003e69d9052\u003c/code\u003e\u003c/a\u003e Bump Elixir/Erlang CI matrix and GitHub actions (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/365\"\u003e#365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/8c6616475acc874f185ffabaffc92554eefefbfc\"\u003e\u003ccode\u003e8c66164\u003c/code\u003e\u003c/a\u003e Add Process.set_label/1 to Broadway stages (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/363\"\u003e#363\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/d32d30deb64dc4481f2743f6a0d8606299690046\"\u003e\u003ccode\u003ed32d30d\u003c/code\u003e\u003c/a\u003e Catch exits if already down when trapping exits\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/f52f2f793e16e1c976f5e52adc372457d1445b73\"\u003e\u003ccode\u003ef52f2f7\u003c/code\u003e\u003c/a\u003e Fix graceful shutdown race condition (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/362\"\u003e#362\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/136bea6786ae1526721a98a93ca9d752543c3a7d\"\u003e\u003ccode\u003e136bea6\u003c/code\u003e\u003c/a\u003e Add batch_size/0 and batch_size_fun/0 types (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/361\"\u003e#361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/7977502abbf3c0b06ea1fbbae415dff3932fb796\"\u003e\u003ccode\u003e7977502\u003c/code\u003e\u003c/a\u003e Add new unofficial producer off_broadway_emqtt (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/360\"\u003e#360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dashbitco/broadway/compare/v1.2.1...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ex_doc` from 0.40.1 to 0.40.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-lang/ex_doc/blob/main/CHANGELOG.md\"\u003eex_doc's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.40.2 (2026-05-08)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBug fixes\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003erel=\u0026quot;nofollow\u0026quot;\u003c/code\u003e to external links in HTML output\u003c/li\u003e\n\u003cli\u003eUse blockquote in \u003ccode\u003ellms.txt\u003c/code\u003e description\u003c/li\u003e\n\u003cli\u003eVoid elements in \u003ccode\u003eepub\u003c/code\u003e, such \u003ccode\u003ewbr\u003c/code\u003e, must be terminated by the matching end-tag\u003c/li\u003e\n\u003cli\u003eFix content container scrolling in older versions of Safari\u003c/li\u003e\n\u003cli\u003eSkip HTML comments when computing synopsis\u003c/li\u003e\n\u003cli\u003eFix markdown backend code fence language and opaque type display\u003c/li\u003e\n\u003cli\u003eFix false positive warning when linking to asset files\u003c/li\u003e\n\u003cli\u003ePrevent \u003ccode\u003e#search\u003c/code\u003e selector from impacting user content\u003c/li\u003e\n\u003cli\u003eRaise on extras that conflict with reserved filenames\u003c/li\u003e\n\u003cli\u003eFix styling of admonition blocks\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/c868c6a9dfb4da78ebaf31b153a16a5bc169b6ff\"\u003e\u003ccode\u003ec868c6a\u003c/code\u003e\u003c/a\u003e Release v0.40.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/b9cc3723816cffeab5d4a5acc89d02e910efcb8b\"\u003e\u003ccode\u003eb9cc372\u003c/code\u003e\u003c/a\u003e Update makeup_erlang version (\u003ca href=\"https://redirect.github.com/elixir-lang/ex_doc/issues/2236\"\u003e#2236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/b389d1733af711a52cd0bf27e5f27797d629bca7\"\u003e\u003ccode\u003eb389d17\u003c/code\u003e\u003c/a\u003e Fix dead code and overriden clauses found by the type system\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/25523c9d377158e98b0a2f1c2815456988049f3b\"\u003e\u003ccode\u003e25523c9\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/dbed340cf31fd5421dd79e2c625efc8b4f3cd21b\"\u003e\u003ccode\u003edbed340\u003c/code\u003e\u003c/a\u003e Raise on extras that conflict with reserved filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/2808e459dbb5047befe5d51fbe9a9d1d8d0469f5\"\u003e\u003ccode\u003e2808e45\u003c/code\u003e\u003c/a\u003e Prevent #search selector from impacting user content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/bc909685fd41f0e16f6714403bf520301ef3f28f\"\u003e\u003ccode\u003ebc90968\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/93339793797f0e40058e5400fbf1c9bd6cdd9109\"\u003e\u003ccode\u003e9333979\u003c/code\u003e\u003c/a\u003e Fix inline code font size in headings (\u003ca href=\"https://redirect.github.com/elixir-lang/ex_doc/issues/2220\"\u003e#2220\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/974b26305a1bd008f84e81526130fe01995f75ac\"\u003e\u003ccode\u003e974b263\u003c/code\u003e\u003c/a\u003e Raise on duplicate entries in files in :extras (\u003ca href=\"https://redirect.github.com/elixir-lang/ex_doc/issues/2226\"\u003e#2226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/af07dd786a9e6a09b7681ce99cc48d5c219ead20\"\u003e\u003ccode\u003eaf07dd7\u003c/code\u003e\u003c/a\u003e Fix false positive warning when linking to asset files (\u003ca href=\"https://redirect.github.com/elixir-lang/ex_doc/issues/2225\"\u003e#2225\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elixir-lang/ex_doc/compare/v0.40.1...v0.40.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jason` from 1.4.4 to 1.4.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/michalmuskala/jason/blob/master/CHANGELOG.md\"\u003ejason's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.5 (05.05.2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Decimal 3.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/4ede42858eb19f80ec9e863aab52df466eab8608\"\u003e\u003ccode\u003e4ede428\u003c/code\u003e\u003c/a\u003e Bump v1.4.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/b8c2185aaecc9839c0d13e69f7baab9c6e5e60f6\"\u003e\u003ccode\u003eb8c2185\u003c/code\u003e\u003c/a\u003e Fix dialyzer job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/a363975dc873c4bde43dd6978685adaa41e2f2d5\"\u003e\u003ccode\u003ea363975\u003c/code\u003e\u003c/a\u003e Modernise CI to currently supported versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/243c8a8ba8452a720462222ab6d80367cd9235cf\"\u003e\u003ccode\u003e243c8a8\u003c/code\u003e\u003c/a\u003e Allow decimal 3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/c8e8d0501723d0855691a89ee66ee51b429b8d56\"\u003e\u003ccode\u003ec8e8d05\u003c/code\u003e\u003c/a\u003e Revert the experimental 1.5 branch and jason_native experiment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/0e7a3e2cebcb3af550382416b19125d81d8d1824\"\u003e\u003ccode\u003e0e7a3e2\u003c/code\u003e\u003c/a\u003e Add example/doctest for Jason.OrderedObject.new/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/984bc078eb4b2084104751c7f1c5290b8338e06b\"\u003e\u003ccode\u003e984bc07\u003c/code\u003e\u003c/a\u003e fix broken link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/f775592c90472e8debe989081883de6ba282e037\"\u003e\u003ccode\u003ef775592\u003c/code\u003e\u003c/a\u003e Raise if trying to decode decimals without decimal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/79d59df70177242d288974923504880bf65a51c8\"\u003e\u003ccode\u003e79d59df\u003c/code\u003e\u003c/a\u003e Remove unneeded workarounds for xref warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/baac78e5dbd487e30f7f6f93b319c3cfbd3982e2\"\u003e\u003ccode\u003ebaac78e\u003c/code\u003e\u003c/a\u003e Fix warnings by conditionally compiling Decimal support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/michalmuskala/jason/compare/v1.4.4...v1.4.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mint` from 1.7.1 to 1.8.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-mint/mint/blob/main/CHANGELOG.md\"\u003emint's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.8.0\u003c/h2\u003e\n\u003ch3\u003eNew features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRaise the default HTTP/2 receive windows to 16 MB (connection) and 4 MB (stream), and batch HTTP/2 receive-window refills. The larger windows lift the per-stream throughput cap (\u003ccode\u003ewindow / RTT\u003c/code\u003e), giving substantially higher throughput on higher-latency connections, in exchange for higher peak memory use per connection. The connection-level window is now configurable via the new \u003ccode\u003e:connection_window_size\u003c/code\u003e option to \u003ccode\u003eMint.HTTP.connect/4\u003c/code\u003e, and refill batching is configurable via the new \u003ccode\u003e:receive_window_update_threshold\u003c/code\u003e option.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eMint.HTTP2.set_window_size/3\u003c/code\u003e for advertising a larger receive window to the server after a connection has been established.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eMint.HTTP.request_body_window/2\u003c/code\u003e for querying the available send-window when streaming a request body.\u003c/li\u003e\n\u003cli\u003eIntroduce the \u003ccode\u003e:optional_responses\u003c/code\u003e option for \u003ccode\u003eMint.HTTP1.connect/4\u003c/code\u003e, with a \u003ccode\u003e:status_reason\u003c/code\u003e value that surfaces the HTTP/1.1 status reason-phrase as a new \u003ccode\u003e{:status_reason, request_ref, reason_phrase}\u003c/code\u003e response.\u003c/li\u003e\n\u003cli\u003eChange \u003ccode\u003et:Mint.HTTP.t/0\u003c/code\u003e from an opaque to an open type.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003et:Mint.HTTPError.reason/0\u003c/code\u003e and \u003ccode\u003et:Mint.TransportError.reason/0\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix HTTP/1 handling of \u003ccode\u003e1xx\u003c/code\u003e informational responses.\u003c/li\u003e\n\u003cli\u003eForbid or replace empty targets in HTTP/1.1 requests.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/ef8f3a1160ee579d1a0db6311eb02ea63e7cc151\"\u003e\u003ccode\u003eef8f3a1\u003c/code\u003e\u003c/a\u003e Release v1.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/ddf2e1d09116ae996c1c887213142b91945bfb68\"\u003e\u003ccode\u003eddf2e1d\u003c/code\u003e\u003c/a\u003e Document since-version for new HTTP/2 receive-window options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/4c4bf9139db8923c9045baa6d0da947b31aaf4ba\"\u003e\u003ccode\u003e4c4bf91\u003c/code\u003e\u003c/a\u003e feat: polymorphic helper for request body streaming (\u003ca href=\"https://redirect.github.com/elixir-mint/mint/issues/485\"\u003e#485\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/4fca8832e8fad34b90d29ef80df1dc29ccd925bd\"\u003e\u003ccode\u003e4fca883\u003c/code\u003e\u003c/a\u003e Raise default HTTP/2 receive windows and batch HTTP/2 receive-window refills ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/4a195ffb5536719985d1bc3d22b7eadc21ee1651\"\u003e\u003ccode\u003e4a195ff\u003c/code\u003e\u003c/a\u003e Add Mint.HTTP2.set_window_size/3 (\u003ca href=\"https://redirect.github.com/elixir-mint/mint/issues/480\"\u003e#480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/d3fee6e3d3cedc63ba4eae01d17bc5236b0b623f\"\u003e\u003ccode\u003ed3fee6e\u003c/code\u003e\u003c/a\u003e Change Mint.HTTP.t() from opaque to open type (\u003ca href=\"https://redirect.github.com/elixir-mint/mint/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/e3c291c11130936c9ebeed0d12f67646630679b7\"\u003e\u003ccode\u003ee3c291c\u003c/code\u003e\u003c/a\u003e Fix HTTP/1 handling of 1xx informational responses (\u003ca href=\"https://redirect.github.com/elixir-mint/mint/issues/479\"\u003e#479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/1a82c1d0f7869719f719a1fa5817c80d430ddbaa\"\u003e\u003ccode\u003e1a82c1d\u003c/code\u003e\u003c/a\u003e Support Elixir ~\u0026gt; 1.12 (\u003ca href=\"https://redirect.github.com/elixir-mint/mint/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/2a78a5b99e515e15bee164c2bf221671d8be718f\"\u003e\u003ccode\u003e2a78a5b\u003c/code\u003e\u003c/a\u003e Run HTTP/2 integration tests against local Caddy instead of nghttp2.org (\u003ca href=\"https://redirect.github.com/elixir-mint/mint/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/0bfcc869b53b83989c24ba681d66d0a447b5a1c3\"\u003e\u003ccode\u003e0bfcc86\u003c/code\u003e\u003c/a\u003e Add a couple of \u003ca href=\"https://github.com/typedocs\"\u003e\u003ccode\u003e@​typedocs\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elixir-mint/mint/compare/v1.7.1...v1.8.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `open_api_spex` from 3.22.2 to 3.22.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-api-spex/open_api_spex/releases\"\u003eopen_api_spex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.22.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: removed unused require(s) by \u003ca href=\"https://github.com/David-Klemenc\"\u003e\u003ccode\u003e@​David-Klemenc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/open-api-spex/open_api_spex/pull/700\"\u003eopen-api-spex/open_api_spex#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax decimal requirement by \u003ca href=\"https://github.com/josevalim\"\u003e\u003ccode\u003e@​josevalim\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/open-api-spex/open_api_spex/pull/702\"\u003eopen-api-spex/open_api_spex#702\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/josevalim\"\u003e\u003ccode\u003e@​josevalim\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/open-api-spex/open_api_spex/pull/702\"\u003eopen-api-spex/open_api_spex#702\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/open-api-spex/open_api_spex/compare/v3.22.2...v3.22.3\"\u003ehttps://github.com/open-api-spex/open_api_spex/compare/v3.22.2...v3.22.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-api-spex/open_api_spex/blob/master/CHANGELOG.md\"\u003eopen_api_spex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.22.3 - 2026-05-05\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: removed unused require(s) by \u003ca href=\"https://github.com/David-Klemenc\"\u003e\u003ccode\u003e@​David-Klemenc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/open-api-spex/open_api_spex/pull/700\"\u003eopen-api-spex/open_api_spex#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax decimal requirement by \u003ca href=\"https://github.com/josevalim\"\u003e\u003ccode\u003e@​josevalim\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/open-api-spex/open_api_spex/pull/702\"\u003eopen-api-spex/open_api_spex#702\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-api-spex/open_api_spex/commit/8850f32e72f978a40043d7fdeec604da2df49b00\"\u003e\u003ccode\u003e8850f32\u003c/code\u003e\u003c/a\u003e Release version 3.22.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-api-spex/open_api_spex/commit/1377df0177133a0177f901e9ff5e859d878374a7\"\u003e\u003ccode\u003e1377df0\u003c/code\u003e\u003c/a\u003e Relax decimal requirement (\u003ca href=\"https://redirect.github.com/open-api-spex/open_api_spex/issues/702\"\u003e#702\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-api-spex/open_api_spex/commit/224d1e1c3454c88aca57fdfd567983d113d9826a\"\u003e\u003ccode\u003e224d1e1\u003c/code\u003e\u003c/a\u003e chore: removed unused require(s) (\u003ca href=\"https://redirect.github.com/open-api-spex/open_api_spex/issues/700\"\u003e#700\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/open-api-spex/open_api_spex/compare/v3.22.2...v3.22.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `telemetry` from 1.4.1 to 1.4.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-telemetry/telemetry/blob/main/CHANGELOG.md\"\u003etelemetry's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/elixir-telemetry/telemetry/tree/v1.4.2\"\u003e1.4.2\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOptimize persistent term operations\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUse structured logging consistently\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-telemetry/telemetry/commit/7baf8085e406d5ae9e43b284d7c866742ae04b28\"\u003e\u003ccode\u003e7baf808\u003c/code\u003e\u003c/a\u003e Release v1.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-telemetry/telemetry/commit/a382cd144aa3a34e807a0aa245aa7e8629acf399\"\u003e\u003ccode\u003ea382cd1\u003c/code\u003e\u003c/a\u003e Use structured logging all the way (\u003ca href=\"https://redirect.github.com/beam-telemetry/telemetry/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-telemetry/telemetry/commit/87c134544c0430b073f0d246c80cc15cc9f4fbe3\"\u003e\u003ccode\u003e87c1345\u003c/code\u003e\u003c/a\u003e Persistent term optimisations (\u003ca href=\"https://redirect.github.com/beam-telemetry/telemetry/issues/148\"\u003e#148\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/beam-telemetry/telemetry/compare/v1.4.1...v1.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tesla` from 1.16.0 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-tesla/tesla/releases\"\u003etesla's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/compare/v1.16.0...v1.17.0\"\u003e1.17.0\u003c/a\u003e (2026-04-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd :metadata option to Logger middleware (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/38e209a5a370160a723eb7a69665befdf9978b1a\"\u003e38e209a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003eassigns\u003c/code\u003e and \u003ccode\u003eprivate\u003c/code\u003e fields to \u003ccode\u003eTesla.Env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8b622ca1cd3104fd5d437bb3245d865d6af0b37\"\u003eb8b622c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add put_middleware/2, replace_middleware!/3, update_middleware!/3, and insert_middleware!/4 (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/840\"\u003e#840\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/fa755c97a24dbb4d542cffdad1bba8222053dbe1\"\u003efa755c9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add update_middleware/2 to transform middleware list (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/523\"\u003e#523\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/0689e64a3689bdbcb2a5921c1f3a1b32fb7f64c8\"\u003e0689e64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e emit url.template from KeepRequest preserved URL (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/839\"\u003e#839\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/544e1d7473e54030315553a6534d7e291250009d\"\u003e544e1d7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e semantic OTel metadata and legacy mode (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/838\"\u003e#838\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/aae0866c4e200858eb29789056bc90824c580be9\"\u003eaae0866\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid soft-deprecated warning logs when compiling tesla itself (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/834\"\u003e#834\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/ab822644006666702e1820625c96c60023a2a3e1\"\u003eab82264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edialyzer spec for mock opts (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/831\"\u003e#831\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/440ec4e442db3541b10f63a3da6235a5239fdab8\"\u003e440ec4e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance response handling in Mint adapter (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/a6721774e226ae48a9e3fc10f6592b595d5cde2f\"\u003ea672177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003einclude caller module name in \u003ccode\u003euse Tesla\u003c/code\u003e deprecation warning (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/832\"\u003e#832\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8fb158f1ef5e2bebad7fd3b207738b1f4a3b9f6\"\u003eb8fb158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emint:\u003c/strong\u003e avoid active-mode message races without breaking reused connections (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/812\"\u003e#812\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/d812f543c905f53326899f38f687153f77551c44\"\u003ed812f54\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-tesla/tesla/blob/master/CHANGELOG.md\"\u003etesla's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/compare/v1.16.0...v1.17.0\"\u003e1.17.0\u003c/a\u003e (2026-04-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd :metadata option to Logger middleware (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/38e209a5a370160a723eb7a69665befdf9978b1a\"\u003e38e209a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003eassigns\u003c/code\u003e and \u003ccode\u003eprivate\u003c/code\u003e fields to \u003ccode\u003eTesla.Env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8b622ca1cd3104fd5d437bb3245d865d6af0b37\"\u003eb8b622c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add put_middleware/2, replace_middleware!/3, update_middleware!/3, and insert_middleware!/4 (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/840\"\u003e#840\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/fa755c97a24dbb4d542cffdad1bba8222053dbe1\"\u003efa755c9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add update_middleware/2 to transform middleware list (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/523\"\u003e#523\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/0689e64a3689bdbcb2a5921c1f3a1b32fb7f64c8\"\u003e0689e64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e emit url.template from KeepRequest preserved URL (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/839\"\u003e#839\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/544e1d7473e54030315553a6534d7e291250009d\"\u003e544e1d7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e semantic OTel metadata and legacy mode (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/838\"\u003e#838\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/aae0866c4e200858eb29789056bc90824c580be9\"\u003eaae0866\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid soft-deprecated warning logs when compiling tesla itself (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/834\"\u003e#834\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/ab822644006666702e1820625c96c60023a2a3e1\"\u003eab82264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edialyzer spec for mock opts (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/831\"\u003e#831\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/440ec4e442db3541b10f63a3da6235a5239fdab8\"\u003e440ec4e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance response handling in Mint adapter (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/a6721774e226ae48a9e3fc10f6592b595d5cde2f\"\u003ea672177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003einclude caller module name in \u003ccode\u003euse Tesla\u003c/code\u003e deprecation warning (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/832\"\u003e#832\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8fb158f1ef5e2bebad7fd3b207738b1f4a3b9f6\"\u003eb8fb158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emint:\u003c/strong\u003e avoid active-mode message races without breaking reused connections (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/812\"\u003e#812\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/d812f543c905f53326899f38f687153f77551c44\"\u003ed812f54\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/de2eaaf881077a84ffd00f76806afaf80c0e4c88\"\u003e\u003ccode\u003ede2eaaf\u003c/code\u003e\u003c/a\u003e chore(master): release 1.17.0 (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/830\"\u003e#830\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/a6721774e226ae48a9e3fc10f6592b595d5cde2f\"\u003e\u003ccode\u003ea672177\u003c/code\u003e\u003c/a\u003e fix: enhance response handling in Mint adapter (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/803\"\u003e#803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/daec639e7e25eaf54b37fc87004b7fbbf576357a\"\u003e\u003ccode\u003edaec639\u003c/code\u003e\u003c/a\u003e chore(mint): strengthen mode regression coverage (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/841\"\u003e#841\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/d812f543c905f53326899f38f687153f77551c44\"\u003e\u003ccode\u003ed812f54\u003c/code\u003e\u003c/a\u003e fix(mint): avoid active-mode message races without breaking reused connection...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/fa755c97a24dbb4d542cffdad1bba8222053dbe1\"\u003e\u003ccode\u003efa755c9\u003c/code\u003e\u003c/a\u003e feat(client): add put_middleware/2, replace_middleware!/3, update_middleware!...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/0689e64a3689bdbcb2a5921c1f3a1b32fb7f64c8\"\u003e\u003ccode\u003e0689e64\u003c/code\u003e\u003c/a\u003e feat(client): add update_middleware/2 to transform middleware list (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/523\"\u003e#523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/544e1d7473e54030315553a6534d7e291250009d\"\u003e\u003ccode\u003e544e1d7\u003c/code\u003e\u003c/a\u003e feat(logger): emit url.template from KeepRequest preserved URL (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/839\"\u003e#839\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/aae0866c4e200858eb29789056bc90824c580be9\"\u003e\u003ccode\u003eaae0866\u003c/code\u003e\u003c/a\u003e feat(logger): semantic OTel metadata and legacy mode (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/838\"\u003e#838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8b622ca1cd3104fd5d437bb3245d865d6af0b37\"\u003e\u003ccode\u003eb8b622c\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eassigns\u003c/code\u003e and \u003ccode\u003eprivate\u003c/code\u003e fields to \u003ccode\u003eTesla.Env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/836\"\u003e#836\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/1c03570b13a807e3300b386e93fe87ec5b48fe0c\"\u003e\u003ccode\u003e1c03570\u003c/code\u003e\u003c/a\u003e chore: ci housekeeping (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/835\"\u003e#835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elixir-tesla/tesla/compare/v1.16.0...v1.17.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/all-source-os/all-source/pull/173","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/all-source-os%2Fall-source/issues/173","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/173/packages"},{"uuid":"4394568467","node_id":"PR_kwDOSQq6Wc7Y7jAn","number":24,"state":"closed","title":"chore(deps): bump the mix-production-dependencies group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-20T23:53:22.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-06T21:30:32.000Z","updated_at":"2026-05-20T23:53:24.000Z","time_to_close":1218170,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"mix-production-dependencies","update_count":5,"packages":[{"name":"bandit","old_version":"1.10.4","new_version":"1.11.0","repository_url":"https://github.com/mtrudel/bandit"},{"name":"jason","old_version":"1.4.4","new_version":"1.4.5","repository_url":"https://github.com/michalmuskala/jason"},{"name":"phoenix","old_version":"1.8.5","new_version":"1.8.7","repository_url":"https://github.com/phoenixframework/phoenix"},{"name":"phoenix_live_view","old_version":"1.1.28","new_version":"1.1.30","repository_url":"https://github.com/phoenixframework/phoenix_live_view"},{"name":"swoosh","old_version":"1.25.0","new_version":"1.25.1","repository_url":"https://github.com/swoosh/swoosh"}],"path":null,"ecosystem":"hex"},"body":"Bumps the mix-production-dependencies group with 5 updates in the /src/flagd-ui directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [bandit](https://github.com/mtrudel/bandit) | `1.10.4` | `1.11.0` |\n| [jason](https://github.com/michalmuskala/jason) | `1.4.4` | `1.4.5` |\n| [phoenix](https://github.com/phoenixframework/phoenix) | `1.8.5` | `1.8.7` |\n| [phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view) | `1.1.28` | `1.1.30` |\n| [swoosh](https://github.com/swoosh/swoosh) | `1.25.0` | `1.25.1` |\n\n\nUpdates `bandit` from 1.10.4 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/21612c7c7b1ce43eccd36d3af3a2299d23513667\"\u003e\u003ccode\u003e21612c7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8156921a51e684a951221da7bc30a70a022f722e\"\u003e\u003ccode\u003e8156921\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/fc3cf61f636f1f2acd708783a260dd494c3444fe\"\u003e\u003ccode\u003efc3cf61\u003c/code\u003e\u003c/a\u003e Improve handling of edge cases in send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1085ad071204ab135cc8ffc4120c2f6656b8548f\"\u003e\u003ccode\u003e1085ad0\u003c/code\u003e\u003c/a\u003e Bump machete from 0.3.11 to 0.3.12 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c70e175b68e372bdbd7eb2bf81d236de0ef831b0\"\u003e\u003ccode\u003ec70e175\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.17 to 1.7.18 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.4...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jason` from 1.4.4 to 1.4.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/michalmuskala/jason/blob/master/CHANGELOG.md\"\u003ejason's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.5 (05.05.2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Decimal 3.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/4ede42858eb19f80ec9e863aab52df466eab8608\"\u003e\u003ccode\u003e4ede428\u003c/code\u003e\u003c/a\u003e Bump v1.4.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/b8c2185aaecc9839c0d13e69f7baab9c6e5e60f6\"\u003e\u003ccode\u003eb8c2185\u003c/code\u003e\u003c/a\u003e Fix dialyzer job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/a363975dc873c4bde43dd6978685adaa41e2f2d5\"\u003e\u003ccode\u003ea363975\u003c/code\u003e\u003c/a\u003e Modernise CI to currently supported versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/243c8a8ba8452a720462222ab6d80367cd9235cf\"\u003e\u003ccode\u003e243c8a8\u003c/code\u003e\u003c/a\u003e Allow decimal 3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/c8e8d0501723d0855691a89ee66ee51b429b8d56\"\u003e\u003ccode\u003ec8e8d05\u003c/code\u003e\u003c/a\u003e Revert the experimental 1.5 branch and jason_native experiment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/0e7a3e2cebcb3af550382416b19125d81d8d1824\"\u003e\u003ccode\u003e0e7a3e2\u003c/code\u003e\u003c/a\u003e Add example/doctest for Jason.OrderedObject.new/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/984bc078eb4b2084104751c7f1c5290b8338e06b\"\u003e\u003ccode\u003e984bc07\u003c/code\u003e\u003c/a\u003e fix broken link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/f775592c90472e8debe989081883de6ba282e037\"\u003e\u003ccode\u003ef775592\u003c/code\u003e\u003c/a\u003e Raise if trying to decode decimals without decimal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/79d59df70177242d288974923504880bf65a51c8\"\u003e\u003ccode\u003e79d59df\u003c/code\u003e\u003c/a\u003e Remove unneeded workarounds for xref warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/baac78e5dbd487e30f7f6f93b319c3cfbd3982e2\"\u003e\u003ccode\u003ebaac78e\u003c/code\u003e\u003c/a\u003e Fix warnings by conditionally compiling Decimal support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/michalmuskala/jason/compare/v1.4.4...v1.4.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix` from 1.8.5 to 1.8.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix/blob/main/CHANGELOG.md\"\u003ephoenix's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.8.7 (2026-05-06)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix invalid status when longpoll request times out\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMask \u003ccode\u003etoken\u003c/code\u003e parameter \u003ca href=\"https://hexdocs.pm/phoenix/Phoenix.Logger.html#module-parameter-filtering\"\u003ein logs\u003c/a\u003e by default (in addition to \u0026quot;password\u0026quot;)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJavaScript Client Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix encoding of non-ASCII metadata in binary channel messages\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.8.6 (2026-05-05)\u003c/h2\u003e\n\u003ch3\u003eSecurity fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/security/advisories/GHSA-628h-q48j-jr6q\"\u003eCVE-2026-32689\u003c/a\u003e: Fix Phoenix.Socket Longpoll transport memory exhaustion in nd-JSON body splitting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[phoenix] Raise if \u003ccode\u003euse Phoenix.VerifiedRoutes\u003c/code\u003e is called multiple times in the same module\u003c/li\u003e\n\u003cli\u003e[phoenix] Fix more deprecation and type checker warnings on Elixir 1.20\u003c/li\u003e\n\u003cli\u003e[phoenix] Raise when interpolating a list in \u003ccode\u003ePhoenix.VerifiedRoutes\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phoenix] Gracefully handle non-binary \u003ccode\u003evsn\u003c/code\u003e socket parameter (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6662\"\u003e#6662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phx.gen.*] Use \u003ccode\u003e.eex\u003c/code\u003e filename suffix in generator files\u003c/li\u003e\n\u003cli\u003e[phx.new] Add interactive mode: \u003ccode\u003emix phx.new --interactive\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phx.new] Add \u003ccode\u003ephx-no-format\u003c/code\u003e to generated \u003ccode\u003e\u0026lt;.live_title\u0026gt;\u003c/code\u003e tag (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6667\"\u003e#6667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[phx.gen.*] Fix generated migrations for myxql when using scopes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6635\"\u003e#6635\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phx.new] Fix crash when parent directory contains a colon (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/ba3a131552add5758c021ff4c6e9b6947bb5a205\"\u003e\u003ccode\u003eba3a131\u003c/code\u003e\u003c/a\u003e Release v1.8.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/e74eaccb8e909826a50c9e8095cd1694dace289c\"\u003e\u003ccode\u003ee74eacc\u003c/code\u003e\u003c/a\u003e fix invalid status on longpoll window timeout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/035fde9ac29920d4c040be91fdb7508295579036\"\u003e\u003ccode\u003e035fde9\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/eb5f52f683b148f30aa528d365b301d2c51a4b59\"\u003e\u003ccode\u003eeb5f52f\u003c/code\u003e\u003c/a\u003e Correctly serialize non ASCII metadata (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6664\"\u003e#6664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/a99c5e8974f98c57aa4c883da51f57b582c0225c\"\u003e\u003ccode\u003ea99c5e8\u003c/code\u003e\u003c/a\u003e Filter token parameters by default (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6665\"\u003e#6665\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/21901113ec7aa5158ad7748170bb9c3b3254861b\"\u003e\u003ccode\u003e2190111\u003c/code\u003e\u003c/a\u003e update installer version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/ddcdadb7de1132d630bbbe56f975e66f85f36416\"\u003e\u003ccode\u003eddcdadb\u003c/code\u003e\u003c/a\u003e Release v1.8.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/1a67c61ff9ce0a7711662ac7354861917a7c80f7\"\u003e\u003ccode\u003e1a67c61\u003c/code\u003e\u003c/a\u003e prevent unexpected memory usage on nd-json body splitting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/8ca76a2c57fb189733e67c3fb72098d1092ef60c\"\u003e\u003ccode\u003e8ca76a2\u003c/code\u003e\u003c/a\u003e fix a couple of typos (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6672\"\u003e#6672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/6214d83ac87fe87170bf2a8525b3404af1517705\"\u003e\u003ccode\u003e6214d83\u003c/code\u003e\u003c/a\u003e Bump postcss from 8.5.6 to 8.5.13 (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6671\"\u003e#6671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix/compare/v1.8.5...v1.8.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix_live_view` from 1.1.28 to 1.1.30\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/releases\"\u003ephoenix_live_view's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.30\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure internal phx-viewport hook does not crash on update if no scroll container is used (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4214\"\u003e#4214\u003c/a\u003e), introduced in v1.1.29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.29\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent JS crash when hook has a duplicate ID (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4196\"\u003e#4196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRecompute scroll container for phx-viewport bindings if it is no longer available (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4169\"\u003e#4169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix phx-viewport events not firing when container has horizontal overflow (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3897\"\u003e#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4209\"\u003e#4209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003emoveBefore\u003c/code\u003e if available when reordering stream elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4212\"\u003e#4212\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/blob/v1.1.30/CHANGELOG.md\"\u003ephoenix_live_view's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.30 (2026-05-05)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure internal phx-viewport hook does not crash on update if no scroll container is used (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4214\"\u003e#4214\u003c/a\u003e), introduced in v1.1.29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.29 (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent JS crash when hook has a duplicate ID (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4196\"\u003e#4196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRecompute scroll container for phx-viewport bindings if it is no longer available (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4169\"\u003e#4169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix phx-viewport events not firing when container has horizontal overflow (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3897\"\u003e#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4209\"\u003e#4209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003emoveBefore\u003c/code\u003e if available when reordering stream elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4212\"\u003e#4212\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/fdbbe52011812943d90dc4a3d46f4c0740d86bd2\"\u003e\u003ccode\u003efdbbe52\u003c/code\u003e\u003c/a\u003e Release v1.1.30\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/970932be5fa7b4313994ba3b68f0a55ff74f9a2c\"\u003e\u003ccode\u003e970932b\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/ff31d012fbeeedd38f13c9836d5d4fbfc22750b8\"\u003e\u003ccode\u003eff31d01\u003c/code\u003e\u003c/a\u003e Ensure phx-viewport hook does not fail if there's no scrollContainer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/24090b52e5f8aa392b23d9a1bf53974ecc66662a\"\u003e\u003ccode\u003e24090b5\u003c/code\u003e\u003c/a\u003e Release v1.1.29\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/cc836431208b3ad28a4cfcc2ae412ba24dc98b7c\"\u003e\u003ccode\u003ecc83643\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/8deb3e5e5a4b002bcab1250e1a14768bd7a9d5e8\"\u003e\u003ccode\u003e8deb3e5\u003c/code\u003e\u003c/a\u003e Use moveBefore if supported when reordering stream items (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4213\"\u003e#4213\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/174dad576cbff77e817091b6c7652cb3c21daffa\"\u003e\u003ccode\u003e174dad5\u003c/code\u003e\u003c/a\u003e DOM patching: Fall back to PHX_MAGIC_ID if node ID was touched by client hook...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/4e18a20652bbaca961146f73d9b1ec87295861f9\"\u003e\u003ccode\u003e4e18a20\u003c/code\u003e\u003c/a\u003e handle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4210\"\u003e#4210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/031f00ccc6b0e95eaa14222312514744a5a5a923\"\u003e\u003ccode\u003e031f00c\u003c/code\u003e\u003c/a\u003e Remove unreachable error clause in UploadTmpFileWriter.write_chunk/2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/0b4005ba0631fc03ac5e46551e540d04c95dbefe\"\u003e\u003ccode\u003e0b4005b\u003c/code\u003e\u003c/a\u003e Optimize traverse_dynamic for nil and binary entries\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/compare/v1.1.28...v1.1.30\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `swoosh` from 1.25.0 to 1.25.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/releases\"\u003eswoosh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.25.1 🚀\u003c/h2\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: assert_no_email_sent and refute_email_sent now catch deliver_many \u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEscape email content in mailbox preview UI \u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump plug_cowboy from 2.8.0 to 2.8.1 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1126\"\u003e#1126\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1123\"\u003eswoosh/swoosh#1123\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1124\"\u003eswoosh/swoosh#1124\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/blob/main/CHANGELOG.md\"\u003eswoosh's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.25.1\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEscape email content in mailbox preview UI \u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: assert_no_email_sent and refute_email_sent now catch deliver_many \u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/2aa9af499fa9b5250dba0a2d42cccc47a1f701c4\"\u003e\u003ccode\u003e2aa9af4\u003c/code\u003e\u003c/a\u003e Bump version to 1.25.1 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1127\"\u003e#1127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/df97f1c6b86c4e40ce31d5393b7cb97cc5e84bd2\"\u003e\u003ccode\u003edf97f1c\u003c/code\u003e\u003c/a\u003e Bump plug_cowboy from 2.8.0 to 2.8.1 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1126\"\u003e#1126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/397562e99adb780d829cf4a6dc63e76c6d263e6f\"\u003e\u003ccode\u003e397562e\u003c/code\u003e\u003c/a\u003e Regenerate styles with Tailwind CSS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/3e4ff5f800448c9446f5e4b7ea48b2f3b550d164\"\u003e\u003ccode\u003e3e4ff5f\u003c/code\u003e\u003c/a\u003e fix: use github.ref_name instead of github.ref for tailwind branch name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f0b12c02ebc13ebc621821a93ffc20c05033e5d6\"\u003e\u003ccode\u003ef0b12c0\u003c/code\u003e\u003c/a\u003e Escape email content in mailbox preview UI (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/0b5c091085bd76681826b486a47cf9aeb12185d4\"\u003e\u003ccode\u003e0b5c091\u003c/code\u003e\u003c/a\u003e fix: assert_no_email_sent and refute_email_sent now catch deliver_many (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/422d062231336e98eba7a61fae172fcc8ea53702\"\u003e\u003ccode\u003e422d062\u003c/code\u003e\u003c/a\u003e Bump release comment action to v0.5.1\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/coralogix-se/opentelemetry-demo/pull/24","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/coralogix-se%2Fopentelemetry-demo/issues/24","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24/packages"},{"uuid":"4380311161","node_id":"PR_kwDOQF4m787YM2bg","number":169,"state":"open","title":"deps(elixir): bump the elixir-query-service group across 1 directory with 3 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-04T23:17:30.000Z","updated_at":"2026-05-12T03:09:03.386Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(elixir): bump","group_name":"elixir-query-service","update_count":3,"packages":[{"name":"bandit","old_version":"1.10.4","new_version":"1.11.0","repository_url":"https://github.com/mtrudel/bandit"},{"name":"broadway","old_version":"1.2.1","new_version":"1.3.0","repository_url":"https://github.com/dashbitco/broadway"},{"name":"tesla","old_version":"1.16.0","new_version":"1.17.0","repository_url":"https://github.com/elixir-tesla/tesla"}],"path":null,"ecosystem":"hex"},"body":"Bumps the elixir-query-service group with 3 updates in the /apps/query-service directory: [bandit](https://github.com/mtrudel/bandit), [broadway](https://github.com/dashbitco/broadway) and [tesla](https://github.com/elixir-tesla/tesla).\n\nUpdates `bandit` from 1.10.4 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/21612c7c7b1ce43eccd36d3af3a2299d23513667\"\u003e\u003ccode\u003e21612c7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8156921a51e684a951221da7bc30a70a022f722e\"\u003e\u003ccode\u003e8156921\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/fc3cf61f636f1f2acd708783a260dd494c3444fe\"\u003e\u003ccode\u003efc3cf61\u003c/code\u003e\u003c/a\u003e Improve handling of edge cases in send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1085ad071204ab135cc8ffc4120c2f6656b8548f\"\u003e\u003ccode\u003e1085ad0\u003c/code\u003e\u003c/a\u003e Bump machete from 0.3.11 to 0.3.12 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c70e175b68e372bdbd7eb2bf81d236de0ef831b0\"\u003e\u003ccode\u003ec70e175\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.17 to 1.7.18 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.4...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `broadway` from 1.2.1 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dashbitco/broadway/blob/main/CHANGELOG.md\"\u003ebroadway's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0 (2026-04-17)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd telemetry events around \u003ccode\u003ehandle_failed\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eInclude producer metadata in telemetry events\u003c/li\u003e\n\u003cli\u003eAdd labels to Broadway stages\u003c/li\u003e\n\u003cli\u003eFix race condition during graceful shutdown\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/d3a668c885342ae223b5ebcd9571efe4a0f18c41\"\u003e\u003ccode\u003ed3a668c\u003c/code\u003e\u003c/a\u003e Release v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/dd2f40571ac463bbc56f949b6c1f8d33fd6cc665\"\u003e\u003ccode\u003edd2f405\u003c/code\u003e\u003c/a\u003e Include producer metadata in per-message events (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/966c59ad95ddb6aa75c91e71848cfc617bef3a8e\"\u003e\u003ccode\u003e966c59a\u003c/code\u003e\u003c/a\u003e Add :telemetry.span for handle_failed/2 callback (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/369\"\u003e#369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/370f180e853a33978f1822432c66bea61f9d98ef\"\u003e\u003ccode\u003e370f180\u003c/code\u003e\u003c/a\u003e Clarify some docs related to GenStage demand (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/368\"\u003e#368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/69d90526dc7c1003d1b9fff5092645eb4fbe9e48\"\u003e\u003ccode\u003e69d9052\u003c/code\u003e\u003c/a\u003e Bump Elixir/Erlang CI matrix and GitHub actions (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/365\"\u003e#365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/8c6616475acc874f185ffabaffc92554eefefbfc\"\u003e\u003ccode\u003e8c66164\u003c/code\u003e\u003c/a\u003e Add Process.set_label/1 to Broadway stages (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/363\"\u003e#363\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/d32d30deb64dc4481f2743f6a0d8606299690046\"\u003e\u003ccode\u003ed32d30d\u003c/code\u003e\u003c/a\u003e Catch exits if already down when trapping exits\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/f52f2f793e16e1c976f5e52adc372457d1445b73\"\u003e\u003ccode\u003ef52f2f7\u003c/code\u003e\u003c/a\u003e Fix graceful shutdown race condition (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/362\"\u003e#362\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/136bea6786ae1526721a98a93ca9d752543c3a7d\"\u003e\u003ccode\u003e136bea6\u003c/code\u003e\u003c/a\u003e Add batch_size/0 and batch_size_fun/0 types (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/361\"\u003e#361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/7977502abbf3c0b06ea1fbbae415dff3932fb796\"\u003e\u003ccode\u003e7977502\u003c/code\u003e\u003c/a\u003e Add new unofficial producer off_broadway_emqtt (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/360\"\u003e#360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dashbitco/broadway/compare/v1.2.1...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tesla` from 1.16.0 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-tesla/tesla/releases\"\u003etesla's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/compare/v1.16.0...v1.17.0\"\u003e1.17.0\u003c/a\u003e (2026-04-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd :metadata option to Logger middleware (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/38e209a5a370160a723eb7a69665befdf9978b1a\"\u003e38e209a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003eassigns\u003c/code\u003e and \u003ccode\u003eprivate\u003c/code\u003e fields to \u003ccode\u003eTesla.Env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8b622ca1cd3104fd5d437bb3245d865d6af0b37\"\u003eb8b622c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add put_middleware/2, replace_middleware!/3, update_middleware!/3, and insert_middleware!/4 (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/840\"\u003e#840\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/fa755c97a24dbb4d542cffdad1bba8222053dbe1\"\u003efa755c9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add update_middleware/2 to transform middleware list (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/523\"\u003e#523\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/0689e64a3689bdbcb2a5921c1f3a1b32fb7f64c8\"\u003e0689e64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e emit url.template from KeepRequest preserved URL (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/839\"\u003e#839\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/544e1d7473e54030315553a6534d7e291250009d\"\u003e544e1d7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e semantic OTel metadata and legacy mode (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/838\"\u003e#838\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/aae0866c4e200858eb29789056bc90824c580be9\"\u003eaae0866\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid soft-deprecated warning logs when compiling tesla itself (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/834\"\u003e#834\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/ab822644006666702e1820625c96c60023a2a3e1\"\u003eab82264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edialyzer spec for mock opts (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/831\"\u003e#831\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/440ec4e442db3541b10f63a3da6235a5239fdab8\"\u003e440ec4e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance response handling in Mint adapter (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/a6721774e226ae48a9e3fc10f6592b595d5cde2f\"\u003ea672177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003einclude caller module name in \u003ccode\u003euse Tesla\u003c/code\u003e deprecation warning (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/832\"\u003e#832\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8fb158f1ef5e2bebad7fd3b207738b1f4a3b9f6\"\u003eb8fb158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emint:\u003c/strong\u003e avoid active-mode message races without breaking reused connections (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/812\"\u003e#812\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/d812f543c905f53326899f38f687153f77551c44\"\u003ed812f54\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-tesla/tesla/blob/master/CHANGELOG.md\"\u003etesla's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/compare/v1.16.0...v1.17.0\"\u003e1.17.0\u003c/a\u003e (2026-04-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd :metadata option to Logger middleware (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/38e209a5a370160a723eb7a69665befdf9978b1a\"\u003e38e209a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003eassigns\u003c/code\u003e and \u003ccode\u003eprivate\u003c/code\u003e fields to \u003ccode\u003eTesla.Env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8b622ca1cd3104fd5d437bb3245d865d6af0b37\"\u003eb8b622c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add put_middleware/2, replace_middleware!/3, update_middleware!/3, and insert_middleware!/4 (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/840\"\u003e#840\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/fa755c97a24dbb4d542cffdad1bba8222053dbe1\"\u003efa755c9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add update_middleware/2 to transform middleware list (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/523\"\u003e#523\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/0689e64a3689bdbcb2a5921c1f3a1b32fb7f64c8\"\u003e0689e64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e emit url.template from KeepRequest preserved URL (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/839\"\u003e#839\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/544e1d7473e54030315553a6534d7e291250009d\"\u003e544e1d7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e semantic OTel metadata and legacy mode (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/838\"\u003e#838\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/aae0866c4e200858eb29789056bc90824c580be9\"\u003eaae0866\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid soft-deprecated warning logs when compiling tesla itself (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/834\"\u003e#834\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/ab822644006666702e1820625c96c60023a2a3e1\"\u003eab82264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edialyzer spec for mock opts (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/831\"\u003e#831\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/440ec4e442db3541b10f63a3da6235a5239fdab8\"\u003e440ec4e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance response handling in Mint adapter (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/a6721774e226ae48a9e3fc10f6592b595d5cde2f\"\u003ea672177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003einclude caller module name in \u003ccode\u003euse Tesla\u003c/code\u003e deprecation warning (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/832\"\u003e#832\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8fb158f1ef5e2bebad7fd3b207738b1f4a3b9f6\"\u003eb8fb158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emint:\u003c/strong\u003e avoid active-mode message races without breaking reused connections (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/812\"\u003e#812\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/d812f543c905f53326899f38f687153f77551c44\"\u003ed812f54\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/de2eaaf881077a84ffd00f76806afaf80c0e4c88\"\u003e\u003ccode\u003ede2eaaf\u003c/code\u003e\u003c/a\u003e chore(master): release 1.17.0 (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/830\"\u003e#830\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/a6721774e226ae48a9e3fc10f6592b595d5cde2f\"\u003e\u003ccode\u003ea672177\u003c/code\u003e\u003c/a\u003e fix: enhance response handling in Mint adapter (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/803\"\u003e#803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/daec639e7e25eaf54b37fc87004b7fbbf576357a\"\u003e\u003ccode\u003edaec639\u003c/code\u003e\u003c/a\u003e chore(mint): strengthen mode regression coverage (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/841\"\u003e#841\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/d812f543c905f53326899f38f687153f77551c44\"\u003e\u003ccode\u003ed812f54\u003c/code\u003e\u003c/a\u003e fix(mint): avoid active-mode message races without breaking reused connection...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/fa755c97a24dbb4d542cffdad1bba8222053dbe1\"\u003e\u003ccode\u003efa755c9\u003c/code\u003e\u003c/a\u003e feat(client): add put_middleware/2, replace_middleware!/3, update_middleware!...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/0689e64a3689bdbcb2a5921c1f3a1b32fb7f64c8\"\u003e\u003ccode\u003e0689e64\u003c/code\u003e\u003c/a\u003e feat(client): add update_middleware/2 to transform middleware list (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/523\"\u003e#523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/544e1d7473e54030315553a6534d7e291250009d\"\u003e\u003ccode\u003e544e1d7\u003c/code\u003e\u003c/a\u003e feat(logger): emit url.template from KeepRequest preserved URL (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/839\"\u003e#839\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/aae0866c4e200858eb29789056bc90824c580be9\"\u003e\u003ccode\u003eaae0866\u003c/code\u003e\u003c/a\u003e feat(logger): semantic OTel metadata and legacy mode (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/838\"\u003e#838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8b622ca1cd3104fd5d437bb3245d865d6af0b37\"\u003e\u003ccode\u003eb8b622c\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eassigns\u003c/code\u003e and \u003ccode\u003eprivate\u003c/code\u003e fields to \u003ccode\u003eTesla.Env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/836\"\u003e#836\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/1c03570b13a807e3300b386e93fe87ec5b48fe0c\"\u003e\u003ccode\u003e1c03570\u003c/code\u003e\u003c/a\u003e chore: ci housekeeping (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/835\"\u003e#835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elixir-tesla/tesla/compare/v1.16.0...v1.17.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/all-source-os/all-source/pull/169","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/all-source-os%2Fall-source/issues/169","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/169/packages"},{"uuid":"4377075420","node_id":"PR_kwDOSLyUUs7YCKWz","number":33,"state":"open","title":"chore(deps): bump the mix-production-dependencies group across 1 directory with 3 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-04T13:46:41.000Z","updated_at":"2026-05-04T14:10:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"mix-production-dependencies","update_count":3,"packages":[{"name":"bandit","old_version":"1.10.4","new_version":"1.11.0","repository_url":"https://github.com/mtrudel/bandit"},{"name":"phoenix_live_view","old_version":"1.1.28","new_version":"1.1.29","repository_url":"https://github.com/phoenixframework/phoenix_live_view"},{"name":"swoosh","old_version":"1.25.0","new_version":"1.25.1","repository_url":"https://github.com/swoosh/swoosh"}],"path":null,"ecosystem":"hex"},"body":"Bumps the mix-production-dependencies group with 3 updates in the /src/flagd-ui directory: [bandit](https://github.com/mtrudel/bandit), [phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view) and [swoosh](https://github.com/swoosh/swoosh).\n\nUpdates `bandit` from 1.10.4 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/21612c7c7b1ce43eccd36d3af3a2299d23513667\"\u003e\u003ccode\u003e21612c7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8156921a51e684a951221da7bc30a70a022f722e\"\u003e\u003ccode\u003e8156921\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/fc3cf61f636f1f2acd708783a260dd494c3444fe\"\u003e\u003ccode\u003efc3cf61\u003c/code\u003e\u003c/a\u003e Improve handling of edge cases in send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1085ad071204ab135cc8ffc4120c2f6656b8548f\"\u003e\u003ccode\u003e1085ad0\u003c/code\u003e\u003c/a\u003e Bump machete from 0.3.11 to 0.3.12 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c70e175b68e372bdbd7eb2bf81d236de0ef831b0\"\u003e\u003ccode\u003ec70e175\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.17 to 1.7.18 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.4...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix_live_view` from 1.1.28 to 1.1.29\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/releases\"\u003ephoenix_live_view's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.29\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent JS crash when hook has a duplicate ID (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4196\"\u003e#4196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRecompute scroll container for phx-viewport bindings if it is no longer available (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4169\"\u003e#4169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix phx-viewport events not firing when container has horizontal overflow (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3897\"\u003e#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4209\"\u003e#4209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003emoveBefore\u003c/code\u003e if available when reordering stream elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4212\"\u003e#4212\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/blob/v1.1.29/CHANGELOG.md\"\u003ephoenix_live_view's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.29 (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent JS crash when hook has a duplicate ID (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4196\"\u003e#4196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRecompute scroll container for phx-viewport bindings if it is no longer available (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4169\"\u003e#4169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix phx-viewport events not firing when container has horizontal overflow (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3897\"\u003e#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4209\"\u003e#4209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003emoveBefore\u003c/code\u003e if available when reordering stream elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4212\"\u003e#4212\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/24090b52e5f8aa392b23d9a1bf53974ecc66662a\"\u003e\u003ccode\u003e24090b5\u003c/code\u003e\u003c/a\u003e Release v1.1.29\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/cc836431208b3ad28a4cfcc2ae412ba24dc98b7c\"\u003e\u003ccode\u003ecc83643\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/8deb3e5e5a4b002bcab1250e1a14768bd7a9d5e8\"\u003e\u003ccode\u003e8deb3e5\u003c/code\u003e\u003c/a\u003e Use moveBefore if supported when reordering stream items (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4213\"\u003e#4213\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/174dad576cbff77e817091b6c7652cb3c21daffa\"\u003e\u003ccode\u003e174dad5\u003c/code\u003e\u003c/a\u003e DOM patching: Fall back to PHX_MAGIC_ID if node ID was touched by client hook...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/4e18a20652bbaca961146f73d9b1ec87295861f9\"\u003e\u003ccode\u003e4e18a20\u003c/code\u003e\u003c/a\u003e handle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4210\"\u003e#4210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/031f00ccc6b0e95eaa14222312514744a5a5a923\"\u003e\u003ccode\u003e031f00c\u003c/code\u003e\u003c/a\u003e Remove unreachable error clause in UploadTmpFileWriter.write_chunk/2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/0b4005ba0631fc03ac5e46551e540d04c95dbefe\"\u003e\u003ccode\u003e0b4005b\u003c/code\u003e\u003c/a\u003e Optimize traverse_dynamic for nil and binary entries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/3b3844fabde644b974ca4f7d4d5d745c4e8806bf\"\u003e\u003ccode\u003e3b3844f\u003c/code\u003e\u003c/a\u003e Remove horizontal checks in viewport functions (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4200\"\u003e#4200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/1f4e986c992beb65a0f7de958587f7ad08dfeeb3\"\u003e\u003ccode\u003e1f4e986\u003c/code\u003e\u003c/a\u003e add blame ignore revs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/bcdade40fc475875616bf58f101586176c667158\"\u003e\u003ccode\u003ebcdade4\u003c/code\u003e\u003c/a\u003e Recompute scroll container if it is no longer available (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4185\"\u003e#4185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/compare/v1.1.28...v1.1.29\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `swoosh` from 1.25.0 to 1.25.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/releases\"\u003eswoosh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.25.1 🚀\u003c/h2\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: assert_no_email_sent and refute_email_sent now catch deliver_many \u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEscape email content in mailbox preview UI \u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump plug_cowboy from 2.8.0 to 2.8.1 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1126\"\u003e#1126\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1123\"\u003eswoosh/swoosh#1123\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1124\"\u003eswoosh/swoosh#1124\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/blob/main/CHANGELOG.md\"\u003eswoosh's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.25.1\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEscape email content in mailbox preview UI \u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: assert_no_email_sent and refute_email_sent now catch deliver_many \u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/2aa9af499fa9b5250dba0a2d42cccc47a1f701c4\"\u003e\u003ccode\u003e2aa9af4\u003c/code\u003e\u003c/a\u003e Bump version to 1.25.1 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1127\"\u003e#1127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/df97f1c6b86c4e40ce31d5393b7cb97cc5e84bd2\"\u003e\u003ccode\u003edf97f1c\u003c/code\u003e\u003c/a\u003e Bump plug_cowboy from 2.8.0 to 2.8.1 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1126\"\u003e#1126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/397562e99adb780d829cf4a6dc63e76c6d263e6f\"\u003e\u003ccode\u003e397562e\u003c/code\u003e\u003c/a\u003e Regenerate styles with Tailwind CSS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/3e4ff5f800448c9446f5e4b7ea48b2f3b550d164\"\u003e\u003ccode\u003e3e4ff5f\u003c/code\u003e\u003c/a\u003e fix: use github.ref_name instead of github.ref for tailwind branch name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f0b12c02ebc13ebc621821a93ffc20c05033e5d6\"\u003e\u003ccode\u003ef0b12c0\u003c/code\u003e\u003c/a\u003e Escape email content in mailbox preview UI (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/0b5c091085bd76681826b486a47cf9aeb12185d4\"\u003e\u003ccode\u003e0b5c091\u003c/code\u003e\u003c/a\u003e fix: assert_no_email_sent and refute_email_sent now catch deliver_many (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/422d062231336e98eba7a61fae172fcc8ea53702\"\u003e\u003ccode\u003e422d062\u003c/code\u003e\u003c/a\u003e Bump release comment action to v0.5.1\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpgrade production deps in src/flagd-ui to pull in security patches and UI stability fixes: `bandit` 1.11.0, `phoenix_live_view` 1.1.29, and `swoosh` 1.25.1.\n\n- **Dependencies**\n  - `bandit` → 1.11.0: fixes multiple WebSocket/HTTP CVEs; adds `max_inflate_ratio` and `max_fragmented_message_size`; default WebSocket `max_frame_size` is now 8MB.\n  - `phoenix_live_view` → 1.1.29: fixes duplicate hook ID crash; improves `phx-viewport` handling and stream reordering.\n  - `swoosh` → 1.25.1: escapes mailbox preview HTML; test helpers catch `deliver_many`.\n\n- **Migration**\n  - If you rely on very large WebSocket/LiveView payloads, configure Bandit `max_frame_size`/`max_fragmented_message_size` to suit your needs.\n\n\u003csup\u003eWritten for commit 3e012c96fd6f8d27d796b92e2c82b5253979aef5. Summary will update on new commits.\u003c/sup\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/Vacbo/northstar-commerce/pull/33","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Vacbo%2Fnorthstar-commerce/issues/33","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/33/packages"},{"uuid":"4373524297","node_id":"PR_kwDORb91oc7X2goB","number":11,"state":"closed","title":"Bump bandit from 1.10.3 to 1.11.0","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-18T01:42:55.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-04T01:22:43.000Z","updated_at":"2026-05-18T01:42:57.000Z","time_to_close":1210812,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"bandit","old_version":"1.10.3","new_version":"1.11.0","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.10.3 to 1.11.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.4 (25 Mar 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003e{:shutdown, :disconnected}\u003c/code\u003e as a normal WebSocket result code (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e, thanks \u003ca href=\"https://github.com/wwitek-whatnot\"\u003e\u003ccode\u003e@​wwitek-whatnot\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/21612c7c7b1ce43eccd36d3af3a2299d23513667\"\u003e\u003ccode\u003e21612c7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8156921a51e684a951221da7bc30a70a022f722e\"\u003e\u003ccode\u003e8156921\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/fc3cf61f636f1f2acd708783a260dd494c3444fe\"\u003e\u003ccode\u003efc3cf61\u003c/code\u003e\u003c/a\u003e Improve handling of edge cases in send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1085ad071204ab135cc8ffc4120c2f6656b8548f\"\u003e\u003ccode\u003e1085ad0\u003c/code\u003e\u003c/a\u003e Bump machete from 0.3.11 to 0.3.12 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c70e175b68e372bdbd7eb2bf81d236de0ef831b0\"\u003e\u003ccode\u003ec70e175\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.17 to 1.7.18 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.3...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit\u0026package-manager=hex\u0026previous-version=1.10.3\u0026new-version=1.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/runlater-eu/runlocal-server/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/runlater-eu%2Frunlocal-server/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"},{"uuid":"4367411598","node_id":"PR_kwDOR7uqXM7XkaY_","number":18,"state":"closed","title":"chore(deps-dev): bump the dev-dependencies group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-02T03:05:17.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-02T01:17:19.000Z","updated_at":"2026-05-02T03:05:25.000Z","time_to_close":6478,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev): bump","group_name":"dev-dependencies","update_count":5,"packages":[{"name":"ash_phoenix","old_version":"2.3.20","new_version":"2.3.22","repository_url":"https://github.com/ash-project/ash_phoenix"},{"name":"ash_postgres","old_version":"2.8.0","new_version":"2.9.1","repository_url":"https://github.com/ash-project/ash_postgres"},{"name":"bandit","old_version":"1.10.4","new_version":"1.11.0"},{"name":"credo","old_version":"1.7.17","new_version":"1.7.18","repository_url":"https://github.com/rrrene/credo"},{"name":"git_ops","old_version":"2.9.3","new_version":"2.10.0","repository_url":"https://github.com/zachdaniel/git_ops"}],"path":null,"ecosystem":"hex"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps the dev-dependencies group with 4 updates in the / directory: [ash_phoenix](https://github.com/ash-project/ash_phoenix), [ash_postgres](https://github.com/ash-project/ash_postgres), [credo](https://github.com/rrrene/credo) and [git_ops](https://github.com/zachdaniel/git_ops).\n\nUpdates `ash_phoenix` from 2.3.20 to 2.3.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ash-project/ash_phoenix/releases\"\u003eash_phoenix's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.3.22\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efilter empty values from array form params (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/471\"\u003e#471\u003c/a\u003e) by sevenseacat [(\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/471\"\u003e#471\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/pull/471\"\u003eash-project/ash_phoenix#471\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ash-project/ash_phoenix/blob/main/CHANGELOG.md\"\u003eash_phoenix's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/compare/v2.3.21...v2.3.22\"\u003ev2.3.22\u003c/a\u003e (2026-05-02)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efilter empty values from array form params (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/471\"\u003e#471\u003c/a\u003e) by sevenseacat [(\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/471\"\u003e#471\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/pull/471\"\u003eash-project/ash_phoenix#471\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/compare/v2.3.20...v2.3.21\"\u003ev2.3.21\u003c/a\u003e (2026-04-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd missing usage_rules files to hex package (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/470\"\u003e#470\u003c/a\u003e) by \u003ca href=\"https://github.com/Munksgaard\"\u003e\u003ccode\u003e@​Munksgaard\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/470\"\u003e#470\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/pull/470\"\u003eash-project/ash_phoenix#470\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003epropagate context to nested forms (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/465\"\u003e#465\u003c/a\u003e) by \u003ca href=\"https://github.com/rapidfsub\"\u003e\u003ccode\u003e@​rapidfsub\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/465\"\u003e#465\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/pull/465\"\u003eash-project/ash_phoenix#465\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/5e7d25a26aca3f2a4586fc8709db5b57b3092509\"\u003e\u003ccode\u003e5e7d25a\u003c/code\u003e\u003c/a\u003e chore: release version v2.3.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/b8c4e30118415814c62008291231085b2498e625\"\u003e\u003ccode\u003eb8c4e30\u003c/code\u003e\u003c/a\u003e chore: update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/3ac860acea6e724df6c65bc3544174ee6e14234a\"\u003e\u003ccode\u003e3ac860a\u003c/code\u003e\u003c/a\u003e fix: filter empty values from array form params (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/471\"\u003e#471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/6c0fa920c79c5da99b740381576295c84d66eec1\"\u003e\u003ccode\u003e6c0fa92\u003c/code\u003e\u003c/a\u003e chore: release version v2.3.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/3680af078a9540bcbc2dabc9a7d2cd834a157332\"\u003e\u003ccode\u003e3680af0\u003c/code\u003e\u003c/a\u003e chore: update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/128c85d40851cec502a9bd7065fba93153a4ce1f\"\u003e\u003ccode\u003e128c85d\u003c/code\u003e\u003c/a\u003e fix: Add missing usage_rules files to hex package (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/470\"\u003e#470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/792615f1f0d778658ad4040903a7f23b6bc7d703\"\u003e\u003ccode\u003e792615f\u003c/code\u003e\u003c/a\u003e chore(deps): bump the production-dependencies group across 1 directory with 5...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/77cf8bc5b0f17bf4b55dea916497442c3c31ef13\"\u003e\u003ccode\u003e77cf8bc\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the dev-dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/466\"\u003e#466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/5db38dcecb420f3b57ba54c2452d707f635a4bd2\"\u003e\u003ccode\u003e5db38dc\u003c/code\u003e\u003c/a\u003e fix: propagate context to nested forms (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/465\"\u003e#465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ash-project/ash_phoenix/compare/v2.3.20...v2.3.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ash_postgres` from 2.8.0 to 2.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ash-project/ash_postgres/releases\"\u003eash_postgres's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.9.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ehandle base filter index rewrite detection (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/742\"\u003e#742\u003c/a\u003e) by Minsub Kim\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efailing test for calculation loading on relationships in policies (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/741\"\u003e#741\u003c/a\u003e) by Rutgerdj\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eimmutable_expr_error support for newly added required expr (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/737\"\u003e#737\u003c/a\u003e) by adamtharani\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecorrect prefix name when loading many_to_many relationships (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/736\"\u003e#736\u003c/a\u003e) by gcugnet\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ash-project/ash_postgres/blob/main/CHANGELOG.md\"\u003eash_postgres's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/compare/v2.9.0...v2.9.1\"\u003ev2.9.1\u003c/a\u003e (2026-05-01)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ehandle base filter index rewrite detection (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/742\"\u003e#742\u003c/a\u003e) by Minsub Kim\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efailing test for calculation loading on relationships in policies (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/741\"\u003e#741\u003c/a\u003e) by Rutgerdj\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eimmutable_expr_error support for newly added required expr (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/737\"\u003e#737\u003c/a\u003e) by adamtharani\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecorrect prefix name when loading many_to_many relationships (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/736\"\u003e#736\u003c/a\u003e) by gcugnet\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/compare/v2.8.0...v2.9.0\"\u003ev2.9.0\u003c/a\u003e (2026-04-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003erelationship through (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/686\"\u003e#686\u003c/a\u003e) by Kenneth Kostrešević\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eadd support for \u003ccode\u003e:identity\u003c/code\u003e types  (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/715\"\u003e#715\u003c/a\u003e) by Jatanasio\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eadd native_in/2 function for SQL IN (...) syntax (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/728\"\u003e#728\u003c/a\u003e) by jkreddy020203\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDrop tables on missing resources \u0026amp; table name change handling (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/713\"\u003e#713\u003c/a\u003e) by obviouslyweb\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd missing usage_rules files to hex package (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/733\"\u003e#733\u003c/a\u003e) by Philip Munksgaard\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eensure proper ordering when dropping orphan tables (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/730\"\u003e#730\u003c/a\u003e) by Jechol Lee\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003esort snapshot JSON keys when recording drop_table opt-out (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/729\"\u003e#729\u003c/a\u003e) by Jechol Lee\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003esort AddUniqueIndex after CreateTable and all AddAttribute ops by Zach Daniel\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eensure split migrations get unique names and modules by Zach Daniel\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eproperly sequence items that depend on concurrent migrations by Zach Daniel\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix/236 unique index before self fk (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/705\"\u003e#705\u003c/a\u003e) by WillG2001\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eshow warning on concurrent index multitenancy \u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/610\"\u003e#610\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/711\"\u003e#711\u003c/a\u003e) by Ryland Bangerter\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eraise error when reference is configured for non-belongs_to relationship (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/712\"\u003e#712\u003c/a\u003e) by henryzhan013\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/40e9e2b5273063da71df831a344fce10a4cd1f6e\"\u003e\u003ccode\u003e40e9e2b\u003c/code\u003e\u003c/a\u003e chore: release version v2.9.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/81254d75f34adc5918afe441cf4a03cc207a273f\"\u003e\u003ccode\u003e81254d7\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the dev-dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/743\"\u003e#743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/14a6bb75316daf9076ed0e78a278c51373e9c33b\"\u003e\u003ccode\u003e14a6bb7\u003c/code\u003e\u003c/a\u003e chore(deps): bump the production-dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/d473cf39fce623f956568a89088c8f89c870cd8f\"\u003e\u003ccode\u003ed473cf3\u003c/code\u003e\u003c/a\u003e fix: handle base filter index rewrite detection (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/742\"\u003e#742\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/4c3b733eea2a4098d119251cc5aa35d145ac8653\"\u003e\u003ccode\u003e4c3b733\u003c/code\u003e\u003c/a\u003e fix: failing test for calculation loading on relationships in policies (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/bf65531271ccf9f1454da2641b6ce1dd623e6bb8\"\u003e\u003ccode\u003ebf65531\u003c/code\u003e\u003c/a\u003e chore: Remove stale timestamp_from_uuid_v7 drop entries (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/738\"\u003e#738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/4ed2570a6425e9fe98a356ed22c71dcd097880ca\"\u003e\u003ccode\u003e4ed2570\u003c/code\u003e\u003c/a\u003e fix: immutable_expr_error support for newly added required expr (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/737\"\u003e#737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/f8cab090f33ee77f0cfcd114e76bf0c22ee26388\"\u003e\u003ccode\u003ef8cab09\u003c/code\u003e\u003c/a\u003e fix: correct prefix name when loading many_to_many relationships (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/736\"\u003e#736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/1a849bf1f1e34b41d1fec538dabbe25253d5fc2c\"\u003e\u003ccode\u003e1a849bf\u003c/code\u003e\u003c/a\u003e chore: add test for loading aggregates w/ limits\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/a67ca13b1d388500d571faf1da1ded8978e12010\"\u003e\u003ccode\u003ea67ca13\u003c/code\u003e\u003c/a\u003e chore: update ash\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ash-project/ash_postgres/compare/v2.8.0...v2.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bandit` from 1.10.4 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/21612c7c7b1ce43eccd36d3af3a2299d23513667\"\u003e\u003ccode\u003e21612c7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8156921a51e684a951221da7bc30a70a022f722e\"\u003e\u003ccode\u003e8156921\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/fc3cf61f636f1f2acd708783a260dd494c3444fe\"\u003e\u003ccode\u003efc3cf61\u003c/code\u003e\u003c/a\u003e Improve handling of edge cases in send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1085ad071204ab135cc8ffc4120c2f6656b8548f\"\u003e\u003ccode\u003e1085ad0\u003c/code\u003e\u003c/a\u003e Bump machete from 0.3.11 to 0.3.12 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c70e175b68e372bdbd7eb2bf81d236de0ef831b0\"\u003e\u003ccode\u003ec70e175\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.17 to 1.7.18 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.4...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `credo` from 1.7.17 to 1.7.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rrrene/credo/releases\"\u003ecredo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.18\u003c/h2\u003e\n\u003cp\u003eCheck it out on Hex: \u003ca href=\"https://hex.pm/packages/credo/1.7.18\"\u003ehttps://hex.pm/packages/credo/1.7.18\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix compatibility \u0026amp; compiler warnings with Elixir 1.20.0-rc.4\u003c/li\u003e\n\u003cli\u003eFix problem with transitive deps in umbrella apps\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Warning.UnusedMapOperation\u003c/code\u003e fix false positives\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rrrene/credo/blob/master/CHANGELOG.md\"\u003ecredo's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.7.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix compatibility \u0026amp; compiler warnings with Elixir 1.20.0-rc.4\u003c/li\u003e\n\u003cli\u003eFix problem with transitive deps in umbrella apps\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Warning.UnusedMapOperation\u003c/code\u003e fix false positives\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/63d9bf4d6a0f46bcb5b3f560a20ff4d35c329575\"\u003e\u003ccode\u003e63d9bf4\u003c/code\u003e\u003c/a\u003e Bump version to 1.7.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/e5f7956fb0904988f346292b94fd574b25a16fd6\"\u003e\u003ccode\u003ee5f7956\u003c/code\u003e\u003c/a\u003e Update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/da4f40189b32dc11785bd5b77ee1ace83c3e8701\"\u003e\u003ccode\u003eda4f401\u003c/code\u003e\u003c/a\u003e Fix false positives for UnusedMapOperation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/288a1b12ab02c65e81b469ec87b8c70dd812cb4a\"\u003e\u003ccode\u003e288a1b1\u003c/code\u003e\u003c/a\u003e Update Elixir to 1.20.0-rc.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/474b769100c7d118c900742c548b974cc53fa4e4\"\u003e\u003ccode\u003e474b769\u003c/code\u003e\u003c/a\u003e Fix errors due to new token format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/a03f6bd842494f54479341499569a23737702688\"\u003e\u003ccode\u003ea03f6bd\u003c/code\u003e\u003c/a\u003e Fix error raised by new sigil token format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/aea4b775b2a5578fca144d79179dd6e4b99b95c3\"\u003e\u003ccode\u003eaea4b77\u003c/code\u003e\u003c/a\u003e Fix compiler warnings for 1.20.0-rc.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/1169b69bf8590f2a6ecdd6c8adf8797f321521ee\"\u003e\u003ccode\u003e1169b69\u003c/code\u003e\u003c/a\u003e Add requirements \u0026quot;loadpaths\u0026quot; to Mix task.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/f0d654f0a41c9f0b65e6d86dc01ec9dd147dcf9e\"\u003e\u003ccode\u003ef0d654f\u003c/code\u003e\u003c/a\u003e Add experimental JSONL output to suggest command\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rrrene/credo/compare/v1.7.17...v1.7.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `git_ops` from 2.9.3 to 2.10.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zachdaniel/git_ops/blob/master/CHANGELOG.md\"\u003egit_ops's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/compare/v2.9.3...v2.10.0\"\u003ev2.10.0\u003c/a\u003e (2026-04-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003emanaged_files\u003c/code\u003e config for updating arbitrary files on release (\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/81\"\u003e#81\u003c/a\u003e) by \u003ca href=\"https://github.com/jimsynz\"\u003e\u003ccode\u003e@​jimsynz\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/81\"\u003e#81\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/pull/81\"\u003ezachdaniel/git_ops#81\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eparse multi-line commit messages without errors (\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/83\"\u003e#83\u003c/a\u003e) by \u003ca href=\"https://github.com/jimsynz\"\u003e\u003ccode\u003e@​jimsynz\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/83\"\u003e#83\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/pull/83\"\u003ezachdaniel/git_ops#83\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/commit/9978c16c4e890f98bf644fbdb9ea75365c12871f\"\u003e\u003ccode\u003e9978c16\u003c/code\u003e\u003c/a\u003e chore: release version v2.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/commit/d90ae569ffb5823ab79a15b22ed42fad93b32a76\"\u003e\u003ccode\u003ed90ae56\u003c/code\u003e\u003c/a\u003e fix: parse multi-line commit messages without errors (\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/83\"\u003e#83\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/commit/43b2e3a8658779aa023977a5c098eae76102fc8c\"\u003e\u003ccode\u003e43b2e3a\u003c/code\u003e\u003c/a\u003e chore: clean up badges\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/commit/d5755df575590aa070cf815b5289c2bbc971ae46\"\u003e\u003ccode\u003ed5755df\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003emanaged_files\u003c/code\u003e config for updating arbitrary files on release (\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/81\"\u003e#81\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/zachdaniel/git_ops/compare/v2.9.3...v2.10.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/ash-project/ash_storage/pull/18","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ash-project%2Fash_storage/issues/18","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/18/packages"},{"uuid":"4215450066","node_id":"PR_kwDOR7uqXM7QYe-i","number":1,"state":"closed","title":"Bump the dev-dependencies group with 4 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-07T04:43:08.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-07T04:40:11.000Z","updated_at":"2026-04-07T04:43:09.000Z","time_to_close":177,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"dev-dependencies","update_count":4,"packages":[{"name":"ash_postgres","old_version":"2.7.0","new_version":"2.8.0","repository_url":"https://github.com/ash-project/ash_postgres"},{"name":"bandit","old_version":"1.10.3","new_version":"1.10.4","repository_url":"https://github.com/mtrudel/bandit"},{"name":"git_ops","old_version":"2.9.2","new_version":"2.9.3","repository_url":"https://github.com/zachdaniel/git_ops"},{"name":"phoenix_live_view","old_version":"1.1.26","new_version":"1.1.28","repository_url":"https://github.com/phoenixframework/phoenix_live_view"}],"path":null,"ecosystem":"hex"},"body":"Bumps the dev-dependencies group with 4 updates: [ash_postgres](https://github.com/ash-project/ash_postgres), [bandit](https://github.com/mtrudel/bandit), [git_ops](https://github.com/zachdaniel/git_ops) and [phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view).\n\nUpdates `ash_postgres` from 2.7.0 to 2.8.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ash-project/ash_postgres/blob/main/CHANGELOG.md\"\u003eash_postgres's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/compare/v2.7.0...v2.8.0\"\u003ev2.8.0\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eFeatures:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd --use_fragments option to resource generator | Closes \u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/437\"\u003e#437\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/709\"\u003e#709\u003c/a\u003e) by henryzhan013\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003etest setup by Philip Capel\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eformatting by Philip Capel\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/d43b730029e7069f84a39669ea9440d3560361a9\"\u003e\u003ccode\u003ed43b730\u003c/code\u003e\u003c/a\u003e chore: release version v2.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/8337142d2ec237b0185ecce6965ef837e9bb6b68\"\u003e\u003ccode\u003e8337142\u003c/code\u003e\u003c/a\u003e docs: add guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/becb87079bb200be8ba243f1a10b18429f48a447\"\u003e\u003ccode\u003ebecb870\u003c/code\u003e\u003c/a\u003e feat: add --use_fragments option to resource generator | Closes \u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/437\"\u003e#437\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/709\"\u003e#709\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/0ac67246781c80aeafb2e5913cad028bc8ee3b26\"\u003e\u003ccode\u003e0ac6724\u003c/code\u003e\u003c/a\u003e chore: update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/b68e55bb64208a8f1e7081d222d4280ba61b82df\"\u003e\u003ccode\u003eb68e55b\u003c/code\u003e\u003c/a\u003e chore: update test to fix failing tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/d5a1c13d26b1f301cf50a4ae9e5dcc1e553bed36\"\u003e\u003ccode\u003ed5a1c13\u003c/code\u003e\u003c/a\u003e test: Show failing filter in boolean deeper relations (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/710\"\u003e#710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ash-project/ash_postgres/compare/v2.7.0...v2.8.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bandit` from 1.10.3 to 1.10.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.4 (25 Mar 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003e{:shutdown, :disconnected}\u003c/code\u003e as a normal WebSocket result code (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e, thanks \u003ca href=\"https://github.com/wwitek-whatnot\"\u003e\u003ccode\u003e@​wwitek-whatnot\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/dea432ec1ec94eee4b9ad0219b09a568c4ccb960\"\u003e\u003ccode\u003edea432e\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/2a809d541d6d9ca35476fa2e2524b49be09a3bbc\"\u003e\u003ccode\u003e2a809d5\u003c/code\u003e\u003c/a\u003e Send 1000 on {:shutdown, :disconnected} (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f3a45b674077301c8c0fe6e29f90ad44dcecabc0\"\u003e\u003ccode\u003ef3a45b6\u003c/code\u003e\u003c/a\u003e Bump telemetry from 1.3.0 to 1.4.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/575\"\u003e#575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/268b3e72e46fdcdeb99c744f30ed3c5f0aff4110\"\u003e\u003ccode\u003e268b3e7\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.16 to 1.7.17 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/14036161277f467f72a7dc6f8483a2ca7c56f160\"\u003e\u003ccode\u003e1403616\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 6 to 7 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.3...1.10.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `git_ops` from 2.9.2 to 2.9.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zachdaniel/git_ops/blob/master/CHANGELOG.md\"\u003egit_ops's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/compare/v2.9.2...v2.9.3\"\u003ev2.9.3\u003c/a\u003e (2026-03-24)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub: exclude organisations from user search response (\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/80\"\u003e#80\u003c/a\u003e) by \u003ca href=\"https://github.com/jimsynz\"\u003e\u003ccode\u003e@​jimsynz\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/80\"\u003e#80\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/pull/80\"\u003ezachdaniel/git_ops#80\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/commit/afe0f9af30edfaddb8a0f22a8efee71852f191b9\"\u003e\u003ccode\u003eafe0f9a\u003c/code\u003e\u003c/a\u003e chore: release version v2.9.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/commit/e00fcf9218b88ca4e9bddf04899a0478f9122f2d\"\u003e\u003ccode\u003ee00fcf9\u003c/code\u003e\u003c/a\u003e fix(GitHub): exclude organisations from user search response (\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/80\"\u003e#80\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/zachdaniel/git_ops/compare/v2.9.2...v2.9.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix_live_view` from 1.1.26 to 1.1.28\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/releases\"\u003ephoenix_live_view's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.28\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix race condition that could lead to a JS exception when nested LiveView is removed while it is joining (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4177\"\u003e#4177\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eA bunch of small performance and documentation improvements (thank you \u003ca href=\"https://github.com/preciz\"\u003e\u003ccode\u003e@​preciz\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.27\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWorkaround Chrome bug when patching \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4163\"\u003e#4163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix more type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/blob/v1.1.28/CHANGELOG.md\"\u003ephoenix_live_view's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.28 (2026-03-27)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix race condition that could lead to a JS exception when nested LiveView is removed while it is joining (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4177\"\u003e#4177\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eA bunch of small performance and documentation improvements (thank you \u003ca href=\"https://github.com/preciz\"\u003e\u003ccode\u003e@​preciz\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.27 (2026-03-10)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWorkaround Chrome bug when patching \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4163\"\u003e#4163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix more type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/df3e88c0abb8837c484f4cef033ff2490274af28\"\u003e\u003ccode\u003edf3e88c\u003c/code\u003e\u003c/a\u003e Release v1.1.28\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/f50f39c69082f9079c16574803e04a21d76ffb05\"\u003e\u003ccode\u003ef50f39c\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/e032e510cafc83d47363faa3545305d31d924b44\"\u003e\u003ccode\u003ee032e51\u003c/code\u003e\u003c/a\u003e Ensure root is set early (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4184\"\u003e#4184\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/f9ac0d8cae426a445945d405b2a11110be973114\"\u003e\u003ccode\u003ef9ac0d8\u003c/code\u003e\u003c/a\u003e Optimize class_attribute_list/1 using an IO data tree (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4172\"\u003e#4172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/bfd8d930814248b61e6f9b991f06daa845314002\"\u003e\u003ccode\u003ebfd8d93\u003c/code\u003e\u003c/a\u003e Fix docs: reset does not accept list of keys to reset (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4178\"\u003e#4178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/f7684682ca82d35483dc827b4ce4a3e1638707af\"\u003e\u003ccode\u003ef768468\u003c/code\u003e\u003c/a\u003e Fix docs: allow_upload :writer expects a 3-arity anonymous function, not a mo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/d07ea5ae92ee95c70100a09c40072bd83842e4c9\"\u003e\u003ccode\u003ed07ea5a\u003c/code\u003e\u003c/a\u003e Fix docs: correct typo JS.ignore_attributes/0 to JS.ignore_attributes/1 (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4180\"\u003e#4180\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/a6408e57d5ee33629a287c7a7209f0bc153eb6a2\"\u003e\u003ccode\u003ea6408e5\u003c/code\u003e\u003c/a\u003e Fix docs: \u0026lt;.link\u0026gt; component does not generate a form for non-get requests (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4\"\u003e#4\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/068692e306cdd870e687469c4839a8e6d2690a3e\"\u003e\u003ccode\u003e068692e\u003c/code\u003e\u003c/a\u003e Optimize implicit inner block slots_defs check (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4176\"\u003e#4176\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/39b59a0aa213a994a2f51553c10c613bc547e09e\"\u003e\u003ccode\u003e39b59a0\u003c/code\u003e\u003c/a\u003e Optimize Enum.map |\u0026gt; Enum.filter |\u0026gt; Enum.map pipeline to a for comprehension ...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/compare/v1.1.26...v1.1.28\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/ash-project/ash_storage/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ash-project%2Fash_storage/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4208991305","node_id":"PR_kwDONKjU8M7QGFpW","number":50,"state":"open","title":"deps(deps): bump bandit from 1.8.0 to 1.10.4","user":"dependabot[bot]","labels":[],"assignees":["mithenji"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-06T01:10:45.000Z","updated_at":"2026-04-06T01:10:46.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps)","packages":[{"name":"bandit","old_version":"1.8.0","new_version":"1.10.4","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.8.0 to 1.10.4.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.4 (25 Mar 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003e{:shutdown, :disconnected}\u003c/code\u003e as a normal WebSocket result code (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e, thanks \u003ca href=\"https://github.com/wwitek-whatnot\"\u003e\u003ccode\u003e@​wwitek-whatnot\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.2 (22 Jan 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDistinguish client disconnects from genuine body read timeouts (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/564\"\u003e#564\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.1 (5 Jan 2026)\u003c/h2\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eChange default preference order for compression methods to be 'zstd (if present), gzip, deflate' (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/562\"\u003e#562\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow \u003ccode\u003e:zstd_options\u003c/code\u003e key to be set in config (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/558\"\u003e#558\u003c/a\u003e, thanks \u003ca href=\"https://github.com/Fudoshiki\"\u003e\u003ccode\u003e@​Fudoshiki\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix error where deflate responses weren't always completely sent (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/559\"\u003e#559\u003c/a\u003e, thanks \u003ca href=\"https://github.com/josevalim\"\u003e\u003ccode\u003e@​josevalim\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.0 (29 Dec 2025)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eExpose \u003ccode\u003eresponse_encodings\u003c/code\u003e to allow specifying an explicit preference order to compression encodings (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.9.0 (12 Dec 2025)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSkip body draining when Connection: close is set (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/546\"\u003e#546\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eMake deflate options for WebSockets configurable (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/540\"\u003e#540\u003c/a\u003e, thanks \u003ca href=\"https://github.com/proxima\"\u003e\u003ccode\u003e@​proxima\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eMitigate HTTP/2 rapid reset attacks (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/533\"\u003e#533\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NelsonVides\"\u003e\u003ccode\u003e@​NelsonVides\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImplement improved respect for SETTINGS_MAX_CONCURRENT_STREAMS (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/524\"\u003e#524\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NelsonVides\"\u003e\u003ccode\u003e@​NelsonVides\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eSupport zstd HTTP compression (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/514\"\u003e#514\u003c/a\u003e, thanks \u003ca href=\"https://github.com/mattmatters\"\u003e\u003ccode\u003e@​mattmatters\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/dea432ec1ec94eee4b9ad0219b09a568c4ccb960\"\u003e\u003ccode\u003edea432e\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/2a809d541d6d9ca35476fa2e2524b49be09a3bbc\"\u003e\u003ccode\u003e2a809d5\u003c/code\u003e\u003c/a\u003e Send 1000 on {:shutdown, :disconnected} (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f3a45b674077301c8c0fe6e29f90ad44dcecabc0\"\u003e\u003ccode\u003ef3a45b6\u003c/code\u003e\u003c/a\u003e Bump telemetry from 1.3.0 to 1.4.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/575\"\u003e#575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/268b3e72e46fdcdeb99c744f30ed3c5f0aff4110\"\u003e\u003ccode\u003e268b3e7\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.16 to 1.7.17 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/14036161277f467f72a7dc6f8483a2ca7c56f160\"\u003e\u003ccode\u003e1403616\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 6 to 7 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.8.0...1.10.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit\u0026package-manager=hex\u0026previous-version=1.8.0\u0026new-version=1.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mithenji/mithenji.me/pull/50","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mithenji%2Fmithenji.me/issues/50","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/50/packages"},{"uuid":"4178466030","node_id":"PR_kwDORMG3Ys7O7Pl7","number":27,"state":"closed","title":"Bump bandit from 1.10.2 to 1.10.4","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-05T11:47:08.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-31T11:46:04.000Z","updated_at":"2026-05-05T11:47:10.000Z","time_to_close":3024064,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"bandit","old_version":"1.10.2","new_version":"1.10.4","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.10.2 to 1.10.4.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.4 (25 Mar 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003e{:shutdown, :disconnected}\u003c/code\u003e as a normal WebSocket result code (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e, thanks \u003ca href=\"https://github.com/wwitek-whatnot\"\u003e\u003ccode\u003e@​wwitek-whatnot\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/dea432ec1ec94eee4b9ad0219b09a568c4ccb960\"\u003e\u003ccode\u003edea432e\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/2a809d541d6d9ca35476fa2e2524b49be09a3bbc\"\u003e\u003ccode\u003e2a809d5\u003c/code\u003e\u003c/a\u003e Send 1000 on {:shutdown, :disconnected} (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f3a45b674077301c8c0fe6e29f90ad44dcecabc0\"\u003e\u003ccode\u003ef3a45b6\u003c/code\u003e\u003c/a\u003e Bump telemetry from 1.3.0 to 1.4.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/575\"\u003e#575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/268b3e72e46fdcdeb99c744f30ed3c5f0aff4110\"\u003e\u003ccode\u003e268b3e7\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.16 to 1.7.17 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/14036161277f467f72a7dc6f8483a2ca7c56f160\"\u003e\u003ccode\u003e1403616\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 6 to 7 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.2...1.10.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit\u0026package-manager=hex\u0026previous-version=1.10.2\u0026new-version=1.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/tomasz-tomczyk/llm-welcome/pull/27","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomasz-tomczyk%2Fllm-welcome/issues/27","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/27/packages"},{"uuid":"4173620319","node_id":"PR_kwDOQgV26s7OvGcC","number":858,"state":"open","title":"chore(deps-dev): Bump bandit from 1.10.3 to 1.11.0","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-30T19:47:37.000Z","updated_at":"2026-05-04T08:58:46.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev): Bump","packages":[{"name":"bandit","old_version":"1.10.3","new_version":"1.11.0","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.10.3 to 1.11.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.4 (25 Mar 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003e{:shutdown, :disconnected}\u003c/code\u003e as a normal WebSocket result code (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e, thanks \u003ca href=\"https://github.com/wwitek-whatnot\"\u003e\u003ccode\u003e@​wwitek-whatnot\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/21612c7c7b1ce43eccd36d3af3a2299d23513667\"\u003e\u003ccode\u003e21612c7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8156921a51e684a951221da7bc30a70a022f722e\"\u003e\u003ccode\u003e8156921\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/fc3cf61f636f1f2acd708783a260dd494c3444fe\"\u003e\u003ccode\u003efc3cf61\u003c/code\u003e\u003c/a\u003e Improve handling of edge cases in send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1085ad071204ab135cc8ffc4120c2f6656b8548f\"\u003e\u003ccode\u003e1085ad0\u003c/code\u003e\u003c/a\u003e Bump machete from 0.3.11 to 0.3.12 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c70e175b68e372bdbd7eb2bf81d236de0ef831b0\"\u003e\u003ccode\u003ec70e175\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.17 to 1.7.18 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.3...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/andreasronge/ptc_runner/pull/858","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/andreasronge%2Fptc_runner/issues/858","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/858/packages"},{"uuid":"4068325949","node_id":"PR_kwDOQkhN-M7KOSUx","number":128,"state":"open","title":"Bump the mix-production-dependencies group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-13T02:08:04.000Z","updated_at":"2026-04-01T02:40:13.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"mix-production-dependencies","update_count":5,"packages":[{"name":"bandit","old_version":"1.8.0","new_version":"1.10.3","repository_url":"https://github.com/mtrudel/bandit"},{"name":"phoenix","old_version":"1.8.2","new_version":"1.8.5","repository_url":"https://github.com/phoenixframework/phoenix"},{"name":"phoenix_live_view","old_version":"1.1.18","new_version":"1.1.27","repository_url":"https://github.com/phoenixframework/phoenix_live_view"},{"name":"req","old_version":"0.5.16","new_version":"0.5.17","repository_url":"https://github.com/wojtekmach/req"},{"name":"swoosh","old_version":"1.19.8","new_version":"1.23.0","repository_url":"https://github.com/swoosh/swoosh"}],"path":null,"ecosystem":"hex"},"body":"Bumps the mix-production-dependencies group with 5 updates in the /src/flagd-ui directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [bandit](https://github.com/mtrudel/bandit) | `1.8.0` | `1.10.3` |\n| [phoenix](https://github.com/phoenixframework/phoenix) | `1.8.2` | `1.8.5` |\n| [phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view) | `1.1.18` | `1.1.27` |\n| [req](https://github.com/wojtekmach/req) | `0.5.16` | `0.5.17` |\n| [swoosh](https://github.com/swoosh/swoosh) | `1.19.8` | `1.23.0` |\n\n\nUpdates `bandit` from 1.8.0 to 1.10.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.2 (22 Jan 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDistinguish client disconnects from genuine body read timeouts (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/564\"\u003e#564\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.1 (5 Jan 2026)\u003c/h2\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eChange default preference order for compression methods to be 'zstd (if present), gzip, deflate' (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/562\"\u003e#562\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow \u003ccode\u003e:zstd_options\u003c/code\u003e key to be set in config (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/558\"\u003e#558\u003c/a\u003e, thanks \u003ca href=\"https://github.com/Fudoshiki\"\u003e\u003ccode\u003e@​Fudoshiki\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix error where deflate responses weren't always completely sent (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/559\"\u003e#559\u003c/a\u003e, thanks \u003ca href=\"https://github.com/josevalim\"\u003e\u003ccode\u003e@​josevalim\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.0 (29 Dec 2025)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eExpose \u003ccode\u003eresponse_encodings\u003c/code\u003e to allow specifying an explicit preference order to compression encodings (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.9.0 (12 Dec 2025)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSkip body draining when Connection: close is set (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/546\"\u003e#546\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eMake deflate options for WebSockets configurable (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/540\"\u003e#540\u003c/a\u003e, thanks \u003ca href=\"https://github.com/proxima\"\u003e\u003ccode\u003e@​proxima\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eMitigate HTTP/2 rapid reset attacks (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/533\"\u003e#533\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NelsonVides\"\u003e\u003ccode\u003e@​NelsonVides\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImplement improved respect for SETTINGS_MAX_CONCURRENT_STREAMS (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/524\"\u003e#524\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NelsonVides\"\u003e\u003ccode\u003e@​NelsonVides\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eSupport zstd HTTP compression (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/514\"\u003e#514\u003c/a\u003e, thanks \u003ca href=\"https://github.com/mattmatters\"\u003e\u003ccode\u003e@​mattmatters\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5640a10733ad05781c2caf2c5ca51f435d9f3a93\"\u003e\u003ccode\u003e5640a10\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.15 to 1.7.16 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/568\"\u003e#568\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/78e5184b768cb4be19cb9c1d595157402dced79f\"\u003e\u003ccode\u003e78e5184\u003c/code\u003e\u003c/a\u003e feat: http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5af3c8ff5596d4933b28ea51e5c309d98bd71a09\"\u003e\u003ccode\u003e5af3c8f\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/06c199da6a8e01e80307253f8c51b7d0e84a76f1\"\u003e\u003ccode\u003e06c199d\u003c/code\u003e\u003c/a\u003e fix: distinguish client disconnects from genuine body read timeouts (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/da97c51398e106a8da4bfe1c7c541fd34fb0164e\"\u003e\u003ccode\u003eda97c51\u003c/code\u003e\u003c/a\u003e Bump req from 0.5.16 to 0.5.17 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/563\"\u003e#563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.8.0...1.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix` from 1.8.2 to 1.8.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix/blob/main/CHANGELOG.md\"\u003ephoenix's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.8.5 (2026-03-05)\u003c/h2\u003e\n\u003ch3\u003eJavaScript Client Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket connecting on visibility change when never established\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.8.4 (2026-02-23)\u003c/h2\u003e\n\u003ch3\u003eJavaScript Client Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug reconnecting connections when close was gracefully initiated by server\u003c/li\u003e\n\u003cli\u003eFix LongPoll transport name in sessionStorage and logs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds guards support in \u003ccode\u003eassert_push\u003c/code\u003e, \u003ccode\u003eassert_broadcast\u003c/code\u003e, and \u003ccode\u003eassert_reply\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEnable purging in Phoenix code server for Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.8.3 (2025-12-08)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd top-level phoenix config: \u003ccode\u003esort_verified_routes_query_params\u003c/code\u003e to enable sorting query params in verified routes during tests\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix endpoint port config in an umbrella application. (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6549\"\u003e#6549\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDrop incoming channel messages with stale join refs\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/850162d618cf4e31be82fb53ad6e259095fa6126\"\u003e\u003ccode\u003e850162d\u003c/code\u003e\u003c/a\u003e Release v1.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/9b20e66779e5e578a09cad061f7bea7971f9eddd\"\u003e\u003ccode\u003e9b20e66\u003c/code\u003e\u003c/a\u003e update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/49d90f35cc03c18787b912abac5afc371c24e39e\"\u003e\u003ccode\u003e49d90f3\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/84607a4ba425c77ef01d8e350985f6e3f2997b78\"\u003e\u003ccode\u003e84607a4\u003c/code\u003e\u003c/a\u003e ensure visibilitychange does not connect if never connected (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6621\"\u003e#6621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/f286d6968d9cb4316cb3fa12604dd30a2320e31a\"\u003e\u003ccode\u003ef286d69\u003c/code\u003e\u003c/a\u003e Address warnings from Elixir 1.20 (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6616\"\u003e#6616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/05f2d1a9b60381ac01df83b53fe0eb98d977a8bd\"\u003e\u003ccode\u003e05f2d1a\u003c/code\u003e\u003c/a\u003e Bump erlef/setup-beam from 1.20.4 to 1.21.0 (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/ae8b3c60f4796053a245de2bbdbb3bb717d43a9a\"\u003e\u003ccode\u003eae8b3c6\u003c/code\u003e\u003c/a\u003e update eslint (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6615\"\u003e#6615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/a1e9ac423970e2b58327970033690107698b4b00\"\u003e\u003ccode\u003ea1e9ac4\u003c/code\u003e\u003c/a\u003e Bump the minor-and-patch group with 2 updates (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6611\"\u003e#6611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/bb1bd848a03599601061848f4a3cb30f1a8bc437\"\u003e\u003ccode\u003ebb1bd84\u003c/code\u003e\u003c/a\u003e Use custom migration module for auth migration. (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/d4ec4b747e71b201fd520b85622f53a27d3ad209\"\u003e\u003ccode\u003ed4ec4b7\u003c/code\u003e\u003c/a\u003e Minor Spelling fix in readme (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6606\"\u003e#6606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix/compare/v1.8.2...v1.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix_live_view` from 1.1.18 to 1.1.27\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/releases\"\u003ephoenix_live_view's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.27\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWorkaround Chrome bug when patching \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4163\"\u003e#4163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix more type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.26\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ephx-click-away\u003c/code\u003e for nested portals\u003c/li\u003e\n\u003cli\u003eFix type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.25\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ephx-click-away\u003c/code\u003e when clicked element is teleported (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4141\"\u003e#4141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle \u003ccode\u003ephx-hook\u003c/code\u003e outside of LiveViews when reconnecting (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4147\"\u003e#4147\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/blob/v1.1.27/CHANGELOG.md\"\u003ephoenix_live_view's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.27 (2026-03-10)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWorkaround Chrome bug when patching \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4163\"\u003e#4163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix more type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.26 (2026-03-04)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ephx-click-away\u003c/code\u003e for nested portals\u003c/li\u003e\n\u003cli\u003eFix type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.25 (2026-02-26)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ephx-click-away\u003c/code\u003e when clicked element is teleported (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4141\"\u003e#4141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle \u003ccode\u003ephx-hook\u003c/code\u003e outside of LiveViews when reconnecting (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4147\"\u003e#4147\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.24 (2026-02-16)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent map access on assigns (\u003ccode\u003e@foo.bar.baz\u003c/code\u003e) being expanded when used in root attributes causing an invalid warning\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.23 (2026-02-12)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIf a macro is used in HEEx root attributes (\u003ccode\u003e\u0026lt;div {@root_attr} /\u0026gt;\u003c/code\u003e), it is now expanded at compile time (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4145\"\u003e#4145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.22 (2026-01-28)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix live component container patch throwing a JavaScript error when container is locked (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4088\"\u003e#4088\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.21 (2026-01-27)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix stream reset and deletes not working if stream is teleported using \u003ccode\u003ePhoenix.Component.portal/1\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4121\"\u003e#4121\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMark LiveView template code as generated to prevent warnings on Elixir 1.20\u003c/li\u003e\n\u003cli\u003eAllow unused function warnings for function components to be emitted\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ePhoenix.LiveView.TagEngine.compile/2\u003c/code\u003e as an official entrypoint for compiling templates in favor of relying on the \u003ccode\u003eEEx.Engine\u003c/code\u003e behaviour\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/13ac43e5448fd40fafa3f5870a78b9150db154c3\"\u003e\u003ccode\u003e13ac43e\u003c/code\u003e\u003c/a\u003e Release v1.1.27\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/a0d5e88f08373354908239a480c22664cc6b1e39\"\u003e\u003ccode\u003ea0d5e88\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/a5736474f22f5eed86754764794f4c48ef5e26dc\"\u003e\u003ccode\u003ea573647\u003c/code\u003e\u003c/a\u003e the type system is too clever\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/f4d83cbb6f52d9b50e7c3715d994f1a25df3070e\"\u003e\u003ccode\u003ef4d83cb\u003c/code\u003e\u003c/a\u003e remove dead code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/417f0467a1bc1d34fbc5f088cef135eb4f710132\"\u003e\u003ccode\u003e417f046\u003c/code\u003e\u003c/a\u003e Fix chrome dropping forms from templates when setting innerHTML (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4163\"\u003e#4163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/a6677d345332e930af48c6ee288f9b839ccef341\"\u003e\u003ccode\u003ea6677d3\u003c/code\u003e\u003c/a\u003e Release v1.1.26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/f2b1188ad0de124910954b5227f5e99478398898\"\u003e\u003ccode\u003ef2b1188\u003c/code\u003e\u003c/a\u003e Remove warnings on latest Elixir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/283a09b0d9599abcf003324afe638ae1322fe618\"\u003e\u003ccode\u003e283a09b\u003c/code\u003e\u003c/a\u003e followup for \u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4141\"\u003e#4141\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4160\"\u003e#4160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/e592ce8b4ff6c387d85af275ea9c4ac5b1365858\"\u003e\u003ccode\u003ee592ce8\u003c/code\u003e\u003c/a\u003e Release v1.1.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/3eaaa41793b07b9ea9229c5d4b281a274387d080\"\u003e\u003ccode\u003e3eaaa41\u003c/code\u003e\u003c/a\u003e click-away portal handling (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4154\"\u003e#4154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/compare/v1.1.18...v1.1.27\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `req` from 0.5.16 to 0.5.17\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/wojtekmach/req/blob/main/CHANGELOG.md\"\u003ereq's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.17 (2026-01-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e[\u003ccode\u003eretry\u003c/code\u003e]: Use default delay if \u003ccode\u003eretry-after\u003c/code\u003e is \u0026quot;negative\u0026quot;\u003c/p\u003e\n\u003cp\u003ePreviously, we were only handling \u0026quot;negative\u0026quot; retry-after in \u0026quot;http date\u0026quot;\nformat and slept for zero seconds. We were crashing on retry-after with\nnegative seconds.\u003c/p\u003e\n\u003cp\u003eNow, we're using the default delay (1s, 2s, 4s, ...) in either format.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wojtekmach/req/commit/dce10092b9f3b77dfa253e62a51534e8281ba0ba\"\u003e\u003ccode\u003edce1009\u003c/code\u003e\u003c/a\u003e Release v0.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wojtekmach/req/commit/2fbb092d48fa6cac7c399ba62c010a9f1ec459fc\"\u003e\u003ccode\u003e2fbb092\u003c/code\u003e\u003c/a\u003e \u003ccode\u003eretry\u003c/code\u003e: Use default delay if \u003ccode\u003eretry-after\u003c/code\u003e is \u0026quot;negative\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wojtekmach/req/commit/28cb69788e86fafcbf713a919c8cea69b2ef5840\"\u003e\u003ccode\u003e28cb697\u003c/code\u003e\u003c/a\u003e Refactor http digest handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wojtekmach/req/commit/4e251c21570691fc22b4ed3696abbcb4203af0bd\"\u003e\u003ccode\u003e4e251c2\u003c/code\u003e\u003c/a\u003e Link to related package req_proxy (\u003ca href=\"https://redirect.github.com/wojtekmach/req/issues/524\"\u003e#524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wojtekmach/req/commit/6153730708df03288f8e937a55e14929a00377dd\"\u003e\u003ccode\u003e6153730\u003c/code\u003e\u003c/a\u003e fix(proxy): schema -\u0026gt; scheme (\u003ca href=\"https://redirect.github.com/wojtekmach/req/issues/520\"\u003e#520\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wojtekmach/req/commit/3671064ba69091bdae31d83a902de83903ce4cca\"\u003e\u003ccode\u003e3671064\u003c/code\u003e\u003c/a\u003e Fix docs\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/wojtekmach/req/compare/v0.5.16...v0.5.17\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `swoosh` from 1.19.8 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/releases\"\u003eswoosh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0 🚀\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare minor release 1.23.0 \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1110\"\u003e#1110\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake \u003ccode\u003edeliver/1\u003c/code\u003e and \u003ccode\u003edeliver/2\u003c/code\u003e overridable in \u003ccode\u003eSwoosh.Mailer\u003c/code\u003e \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1109\"\u003e#1109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.22.1...v1.23.0\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.22.1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.1 🚀\u003c/h2\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix mailbox preview text-body clipping by removing negative top offset \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1108\"\u003e#1108\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump bandit from 1.10.2 to 1.10.3 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1105\"\u003e#1105\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.22.0...v1.22.1\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.22.0...v1.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0 🚀\u003c/h2\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdapter/mailersend \u003ca href=\"https://github.com/cpursley\"\u003e\u003ccode\u003e@​cpursley\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1104\"\u003e#1104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump plug_cowboy from 2.7.5 to 2.8.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1103\"\u003e#1103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump ex_doc from 0.40.0 to 0.40.1 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1102\"\u003e#1102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump finch from 0.20.0 to 0.21.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1101\"\u003e#1101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump bandit from 1.10.1 to 1.10.2 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1100\"\u003e#1100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump ex_doc from 0.39.3 to 0.40.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1098\"\u003e#1098\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump multipart from 0.5.0 to 0.6.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1099\"\u003e#1099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump multipart from 0.4.0 to 0.5.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1097\"\u003e#1097\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cpursley\"\u003e\u003ccode\u003e@​cpursley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1104\"\u003eswoosh/swoosh#1104\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.21.0...v1.22.0\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.21.0...v1.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.21.0 🚀\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump Elixir requirement to 1.16, Erlang OTP to 26\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.20.1...v1.21.0\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.20.1...v1.21.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.20.1 🚀\u003c/h2\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Transfer-Encoding for message/* attachments \u003ca href=\"https://github.com/romsahel\"\u003e\u003ccode\u003e@​romsahel\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1096\"\u003e#1096\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/blob/main/CHANGELOG.md\"\u003eswoosh's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.23.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMake \u003ccode\u003edeliver/1\u003c/code\u003e and \u003ccode\u003edeliver/2\u003c/code\u003e overridable in \u003ccode\u003eSwoosh.Mailer\u003c/code\u003e \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1109\"\u003e#1109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.22.1\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix mailbox preview text-body clipping by removing negative top offset \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1108\"\u003e#1108\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.22.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdapter/mailersend \u003ca href=\"https://github.com/cpursley\"\u003e\u003ccode\u003e@​cpursley\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1104\"\u003e#1104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.21.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump Elixir requirement to 1.16, Erlang OTP to 26\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.20.1\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Transfer-Encoding for message/* attachments \u003ca href=\"https://github.com/romsahel\"\u003e\u003ccode\u003e@​romsahel\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1096\"\u003e#1096\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.20.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add a resend adapter \u003ca href=\"https://github.com/ceolinrenato\"\u003e\u003ccode\u003e@​ceolinrenato\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1089\"\u003e#1089\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003edifferences from community library \u003ccode\u003e:resend\u003c/code\u003e can be found \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1089#issuecomment-3692700369\"\u003ein this comment\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.19.9\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for additional_headers provider option in Scaleway \u003ca href=\"https://github.com/jaimeiniesta\"\u003e\u003ccode\u003e@​jaimeiniesta\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1077\"\u003e#1077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport specifying ip_pool_name data for Sendgrid \u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1081\"\u003e#1081\u003c/a\u003e \u003ca href=\"https://github.com/lardcanoe\"\u003e\u003ccode\u003e@​lardcanoe\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1082\"\u003e#1082\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📝 Documentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Resend adapter to README \u003ca href=\"https://github.com/jtormey\"\u003e\u003ccode\u003e@​jtormey\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1080\"\u003e#1080\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/95f37b4bbc1d00bb522328787abc1db51a9643e4\"\u003e\u003ccode\u003e95f37b4\u003c/code\u003e\u003c/a\u003e Prepare minor release 1.23.0 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1110\"\u003e#1110\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/768e745d99f00ef4f2345253c383aef89796a901\"\u003e\u003ccode\u003e768e745\u003c/code\u003e\u003c/a\u003e Make \u003ccode\u003edeliver/1\u003c/code\u003e and \u003ccode\u003edeliver/2\u003c/code\u003e overridable in \u003ccode\u003eSwoosh.Mailer\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1109\"\u003e#1109\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/3efa0d308fc19c251a62b97275ebc81edd5e717f\"\u003e\u003ccode\u003e3efa0d3\u003c/code\u003e\u003c/a\u003e v1.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/8e176fd4ab0d121be84c9b4b9c175e7eef09bf12\"\u003e\u003ccode\u003e8e176fd\u003c/code\u003e\u003c/a\u003e remove bad test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f368d1c624c166084bf33f855d01255bcdc3cbe0\"\u003e\u003ccode\u003ef368d1c\u003c/code\u003e\u003c/a\u003e Fix mailbox preview text-body clipping by removing negative top offset (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1108\"\u003e#1108\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/cffbc67220e185e3178070c8ebf8ab4abb39e58a\"\u003e\u003ccode\u003ecffbc67\u003c/code\u003e\u003c/a\u003e Move preferred_cli_env to cli function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/bb2f6e8e06737f34e67a31e94e970d9d533cfa12\"\u003e\u003ccode\u003ebb2f6e8\u003c/code\u003e\u003c/a\u003e Add GitHub Actions workflow for Copilot setup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/71ce6f22086263d67d97c7a044909af6d210a1a8\"\u003e\u003ccode\u003e71ce6f2\u003c/code\u003e\u003c/a\u003e Update Tailwind CSS version to 4.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/4556b02229af8556df0bd5515e1aa7bb66ad9d42\"\u003e\u003ccode\u003e4556b02\u003c/code\u003e\u003c/a\u003e Bump bandit from 1.10.2 to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/1a41c89a6cc83b53f0ceea350658afddc4410f90\"\u003e\u003ccode\u003e1a41c89\u003c/code\u003e\u003c/a\u003e v1.22.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.19.8...v1.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/DangThanhWang/test_monitor/pull/128","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DangThanhWang%2Ftest_monitor/issues/128","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/128/packages"},{"uuid":"4042750099","node_id":"PR_kwDONKjU8M7I7ZJi","number":46,"state":"open","title":"deps(deps): bump bandit from 1.8.0 to 1.10.3","user":"dependabot[bot]","labels":[],"assignees":["mithenji"],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-09T01:11:44.000Z","updated_at":"2026-04-06T03:00:52.445Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps)","packages":[{"name":"bandit","old_version":"1.8.0","new_version":"1.10.3","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.8.0 to 1.10.3.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.2 (22 Jan 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDistinguish client disconnects from genuine body read timeouts (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/564\"\u003e#564\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.1 (5 Jan 2026)\u003c/h2\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eChange default preference order for compression methods to be 'zstd (if present), gzip, deflate' (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/562\"\u003e#562\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow \u003ccode\u003e:zstd_options\u003c/code\u003e key to be set in config (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/558\"\u003e#558\u003c/a\u003e, thanks \u003ca href=\"https://github.com/Fudoshiki\"\u003e\u003ccode\u003e@​Fudoshiki\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix error where deflate responses weren't always completely sent (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/559\"\u003e#559\u003c/a\u003e, thanks \u003ca href=\"https://github.com/josevalim\"\u003e\u003ccode\u003e@​josevalim\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.0 (29 Dec 2025)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eExpose \u003ccode\u003eresponse_encodings\u003c/code\u003e to allow specifying an explicit preference order to compression encodings (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.9.0 (12 Dec 2025)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSkip body draining when Connection: close is set (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/546\"\u003e#546\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eMake deflate options for WebSockets configurable (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/540\"\u003e#540\u003c/a\u003e, thanks \u003ca href=\"https://github.com/proxima\"\u003e\u003ccode\u003e@​proxima\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eMitigate HTTP/2 rapid reset attacks (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/533\"\u003e#533\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NelsonVides\"\u003e\u003ccode\u003e@​NelsonVides\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImplement improved respect for SETTINGS_MAX_CONCURRENT_STREAMS (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/524\"\u003e#524\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NelsonVides\"\u003e\u003ccode\u003e@​NelsonVides\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eSupport zstd HTTP compression (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/514\"\u003e#514\u003c/a\u003e, thanks \u003ca href=\"https://github.com/mattmatters\"\u003e\u003ccode\u003e@​mattmatters\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5640a10733ad05781c2caf2c5ca51f435d9f3a93\"\u003e\u003ccode\u003e5640a10\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.15 to 1.7.16 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/568\"\u003e#568\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/78e5184b768cb4be19cb9c1d595157402dced79f\"\u003e\u003ccode\u003e78e5184\u003c/code\u003e\u003c/a\u003e feat: http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5af3c8ff5596d4933b28ea51e5c309d98bd71a09\"\u003e\u003ccode\u003e5af3c8f\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/06c199da6a8e01e80307253f8c51b7d0e84a76f1\"\u003e\u003ccode\u003e06c199d\u003c/code\u003e\u003c/a\u003e fix: distinguish client disconnects from genuine body read timeouts (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/da97c51398e106a8da4bfe1c7c541fd34fb0164e\"\u003e\u003ccode\u003eda97c51\u003c/code\u003e\u003c/a\u003e Bump req from 0.5.16 to 0.5.17 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/563\"\u003e#563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.8.0...1.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit\u0026package-manager=hex\u0026previous-version=1.8.0\u0026new-version=1.10.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mithenji/mithenji.me/pull/46","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mithenji%2Fmithenji.me/issues/46","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/46/packages"},{"uuid":"4019646940","node_id":"PR_kwDORUVsX87HwjOi","number":36,"state":"closed","title":"Bump the mix-production-dependencies group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-06T02:11:55.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-04T02:14:49.000Z","updated_at":"2026-05-06T02:11:57.000Z","time_to_close":5443026,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"mix-production-dependencies","update_count":4,"packages":[{"name":"bandit","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/mtrudel/bandit"},{"name":"phoenix","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/phoenixframework/phoenix"},{"name":"phoenix_live_view","old_version":"1.1.22","new_version":"1.1.25","repository_url":"https://github.com/phoenixframework/phoenix_live_view"},{"name":"swoosh","old_version":"1.21.0","new_version":"1.22.1","repository_url":"https://github.com/swoosh/swoosh"}],"path":null,"ecosystem":"hex"},"body":"Bumps the mix-production-dependencies group with 4 updates in the /src/flagd-ui directory: [bandit](https://github.com/mtrudel/bandit), [phoenix](https://github.com/phoenixframework/phoenix), [phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view) and [swoosh](https://github.com/swoosh/swoosh).\n\nUpdates `bandit` from 1.10.2 to 1.10.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5640a10733ad05781c2caf2c5ca51f435d9f3a93\"\u003e\u003ccode\u003e5640a10\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.15 to 1.7.16 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/568\"\u003e#568\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/78e5184b768cb4be19cb9c1d595157402dced79f\"\u003e\u003ccode\u003e78e5184\u003c/code\u003e\u003c/a\u003e feat: http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.2...1.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix` from 1.8.3 to 1.8.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix/blob/main/CHANGELOG.md\"\u003ephoenix's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.8.4 (2026-2-23)\u003c/h2\u003e\n\u003ch3\u003eJavaScript Client Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug reconnecting connections when close was gracefully initiated by server\u003c/li\u003e\n\u003cli\u003eFix LongPoll transport name in sessionStorage and logs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds guards support in \u003ccode\u003eassert_push\u003c/code\u003e, \u003ccode\u003eassert_broadcast\u003c/code\u003e, and \u003ccode\u003eassert_reply\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEnable purging in Phoenix code server for Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/5c0f19fac5924e7969d8b7981143d0566a3bbbf2\"\u003e\u003ccode\u003e5c0f19f\u003c/code\u003e\u003c/a\u003e Release 1.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/22ac56ed55ec1d74ba75e64c3923606eac16dc2e\"\u003e\u003ccode\u003e22ac56e\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/72192e3d7d0eaa545166348d91bdaf3e5bc874c5\"\u003e\u003ccode\u003e72192e3\u003c/code\u003e\u003c/a\u003e Bump lodash from 4.17.21 to 4.17.23 (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6584\"\u003e#6584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/92a79b0381b2afe63d0c7c08bc77d6ddc4ec6140\"\u003e\u003ccode\u003e92a79b0\u003c/code\u003e\u003c/a\u003e Adds guards support in assert_push, assert_broadcast and assert_reply (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6595\"\u003e#6595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/ac12eec6d06a42fb90134789a91f9c5c13738b56\"\u003e\u003ccode\u003eac12eec\u003c/code\u003e\u003c/a\u003e Fix concurrent socket teardown (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6602\"\u003e#6602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/0f6a26f10a1dde4fdeb00b5dc18805a393d9cf8c\"\u003e\u003ccode\u003e0f6a26f\u003c/code\u003e\u003c/a\u003e Update umbrella link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/2dda4b0cdf1a449e2a287498a4b744b8c5130d28\"\u003e\u003ccode\u003e2dda4b0\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://github.com/stream\"\u003e\u003ccode\u003e@​stream\u003c/code\u003e\u003c/a\u003e typo in usage-rules liveview streams example (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6601\"\u003e#6601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/7c37fa7364dc0faa6275130bcc2d61453416731a\"\u003e\u003ccode\u003e7c37fa7\u003c/code\u003e\u003c/a\u003e Fix bad link (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6597\"\u003e#6597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/dadf94632594755cfc421423b89de9c76ac4bee8\"\u003e\u003ccode\u003edadf946\u003c/code\u003e\u003c/a\u003e followup for \u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6563\"\u003ephoenixframework/phoenix#6563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/666dcaeb6c32cc15ea90074777363b20dd96edf7\"\u003e\u003ccode\u003e666dcae\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;autocomplete with email in email fields (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6502\"\u003e#6502\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6574\"\u003e#6574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix/compare/v1.8.3...v1.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix_live_view` from 1.1.22 to 1.1.25\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/releases\"\u003ephoenix_live_view's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.25\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ephx-click-away\u003c/code\u003e when clicked element is teleported (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4141\"\u003e#4141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle \u003ccode\u003ephx-hook\u003c/code\u003e outside of LiveViews when reconnecting (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4147\"\u003e#4147\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/blob/v1.1.25/CHANGELOG.md\"\u003ephoenix_live_view's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.25 (2026-02-26)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ephx-click-away\u003c/code\u003e when clicked element is teleported (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4141\"\u003e#4141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle \u003ccode\u003ephx-hook\u003c/code\u003e outside of LiveViews when reconnecting (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4147\"\u003e#4147\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.24 (2026-02-16)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent map access on assigns (\u003ccode\u003e@foo.bar.baz\u003c/code\u003e) being expanded when used in root attributes causing an invalid warning\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.23 (2026-02-12)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIf a macro is used in HEEx root attributes (\u003ccode\u003e\u0026lt;div {@root_attr} /\u0026gt;\u003c/code\u003e), it is now expanded at compile time (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4145\"\u003e#4145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/e592ce8b4ff6c387d85af275ea9c4ac5b1365858\"\u003e\u003ccode\u003ee592ce8\u003c/code\u003e\u003c/a\u003e Release v1.1.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/3eaaa41793b07b9ea9229c5d4b281a274387d080\"\u003e\u003ccode\u003e3eaaa41\u003c/code\u003e\u003c/a\u003e click-away portal handling (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4154\"\u003e#4154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/1613bffd36a31e795c53108bdbfaccd4b8039ba7\"\u003e\u003ccode\u003e1613bff\u003c/code\u003e\u003c/a\u003e fix type warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/9f36807934976ecb77ef11fb1a4837dc268c96f0\"\u003e\u003ccode\u003e9f36807\u003c/code\u003e\u003c/a\u003e Mention auto_upload in uploads guide (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4130\"\u003e#4130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/9a3478486f2092267ac8270208880b3c75334a69\"\u003e\u003ccode\u003e9a34784\u003c/code\u003e\u003c/a\u003e Create GitHub releases with changelog (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4135\"\u003e#4135\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/a6921d95f31efc73ee04077137c8e5756eebe263\"\u003e\u003ccode\u003ea6921d9\u003c/code\u003e\u003c/a\u003e Document phx-value- event \u0026quot;value\u0026quot; precendence\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/42c790a86572a734a741ffc4feb8f2dc41e89f49\"\u003e\u003ccode\u003e42c790a\u003c/code\u003e\u003c/a\u003e add missing file for 46fb6dc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/8765d24f61a4897facc178483fdd830ae0d366bb\"\u003e\u003ccode\u003e8765d24\u003c/code\u003e\u003c/a\u003e Fix flaky async tests relying on monitor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/af2c40f37e97f4d4a3646121c48884276f0d26fb\"\u003e\u003ccode\u003eaf2c40f\u003c/code\u003e\u003c/a\u003e handle deadview hooks (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4151\"\u003e#4151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/72442bbb72e59915a2d82c8c0224984d95aaa6f5\"\u003e\u003ccode\u003e72442bb\u003c/code\u003e\u003c/a\u003e fix flaky upload tests\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/compare/v1.1.22...v1.1.25\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `swoosh` from 1.21.0 to 1.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/releases\"\u003eswoosh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.22.1 🚀\u003c/h2\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix mailbox preview text-body clipping by removing negative top offset \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1108\"\u003e#1108\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump bandit from 1.10.2 to 1.10.3 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1105\"\u003e#1105\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.22.0...v1.22.1\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.22.0...v1.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0 🚀\u003c/h2\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdapter/mailersend \u003ca href=\"https://github.com/cpursley\"\u003e\u003ccode\u003e@​cpursley\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1104\"\u003e#1104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump plug_cowboy from 2.7.5 to 2.8.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1103\"\u003e#1103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump ex_doc from 0.40.0 to 0.40.1 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1102\"\u003e#1102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump finch from 0.20.0 to 0.21.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1101\"\u003e#1101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump bandit from 1.10.1 to 1.10.2 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1100\"\u003e#1100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump ex_doc from 0.39.3 to 0.40.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1098\"\u003e#1098\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump multipart from 0.5.0 to 0.6.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1099\"\u003e#1099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump multipart from 0.4.0 to 0.5.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1097\"\u003e#1097\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cpursley\"\u003e\u003ccode\u003e@​cpursley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1104\"\u003eswoosh/swoosh#1104\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.21.0...v1.22.0\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.21.0...v1.22.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/blob/main/CHANGELOG.md\"\u003eswoosh's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.22.1\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix mailbox preview text-body clipping by removing negative top offset \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1108\"\u003e#1108\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.22.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdapter/mailersend \u003ca href=\"https://github.com/cpursley\"\u003e\u003ccode\u003e@​cpursley\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1104\"\u003e#1104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/3efa0d308fc19c251a62b97275ebc81edd5e717f\"\u003e\u003ccode\u003e3efa0d3\u003c/code\u003e\u003c/a\u003e v1.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/8e176fd4ab0d121be84c9b4b9c175e7eef09bf12\"\u003e\u003ccode\u003e8e176fd\u003c/code\u003e\u003c/a\u003e remove bad test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f368d1c624c166084bf33f855d01255bcdc3cbe0\"\u003e\u003ccode\u003ef368d1c\u003c/code\u003e\u003c/a\u003e Fix mailbox preview text-body clipping by removing negative top offset (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1108\"\u003e#1108\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/cffbc67220e185e3178070c8ebf8ab4abb39e58a\"\u003e\u003ccode\u003ecffbc67\u003c/code\u003e\u003c/a\u003e Move preferred_cli_env to cli function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/bb2f6e8e06737f34e67a31e94e970d9d533cfa12\"\u003e\u003ccode\u003ebb2f6e8\u003c/code\u003e\u003c/a\u003e Add GitHub Actions workflow for Copilot setup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/71ce6f22086263d67d97c7a044909af6d210a1a8\"\u003e\u003ccode\u003e71ce6f2\u003c/code\u003e\u003c/a\u003e Update Tailwind CSS version to 4.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/4556b02229af8556df0bd5515e1aa7bb66ad9d42\"\u003e\u003ccode\u003e4556b02\u003c/code\u003e\u003c/a\u003e Bump bandit from 1.10.2 to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/1a41c89a6cc83b53f0ceea350658afddc4410f90\"\u003e\u003ccode\u003e1a41c89\u003c/code\u003e\u003c/a\u003e v1.22.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f96fcaacbdcea829507ebd45c2d2616dea0de927\"\u003e\u003ccode\u003ef96fcaa\u003c/code\u003e\u003c/a\u003e feat: consistent mailersend return type and remove unnecessary auth headers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/98d854633bec65445192bd0e94a1d632c7156634\"\u003e\u003ccode\u003e98d8546\u003c/code\u003e\u003c/a\u003e feat: add mailersend deliver_many\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.21.0...v1.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/grant-engelbrecht/AstroShop/pull/36","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/grant-engelbrecht%2FAstroShop/issues/36","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/36/packages"},{"uuid":"3980230997","node_id":"PR_kwDOPqosV87FwNs_","number":458,"state":"open","title":"deps(deps-dev): bump bandit from 1.10.2 to 1.10.3","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-23T21:23:59.000Z","updated_at":"2026-02-23T21:24:00.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps-dev)","packages":[{"name":"bandit","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.10.2 to 1.10.3.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5640a10733ad05781c2caf2c5ca51f435d9f3a93\"\u003e\u003ccode\u003e5640a10\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.15 to 1.7.16 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/568\"\u003e#568\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/78e5184b768cb4be19cb9c1d595157402dced79f\"\u003e\u003ccode\u003e78e5184\u003c/code\u003e\u003c/a\u003e feat: http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.2...1.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit\u0026package-manager=hex\u0026previous-version=1.10.2\u0026new-version=1.10.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/agentjido/req_llm/pull/458","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/agentjido%2Freq_llm/issues/458","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/458/packages"},{"uuid":"3980087312","node_id":"PR_kwDOQF4m787Fvwih","number":68,"state":"open","title":"deps(elixir): bump the elixir-query-service group across 1 directory with 4 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-23T20:44:53.000Z","updated_at":"2026-02-23T20:47:56.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(elixir): bump","group_name":"elixir-query-service","update_count":4,"packages":[{"name":"bandit","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/mtrudel/bandit"},{"name":"credo","old_version":"1.7.13","new_version":"1.7.16","repository_url":"https://github.com/rrrene/credo"},{"name":"ex_doc","old_version":"0.39.1","new_version":"0.40.1","repository_url":"https://github.com/elixir-lang/ex_doc"},{"name":"phoenix","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/phoenixframework/phoenix"}],"path":null,"ecosystem":"hex"},"body":"Bumps the elixir-query-service group with 4 updates in the /apps/query-service directory: [bandit](https://github.com/mtrudel/bandit), [credo](https://github.com/rrrene/credo), [ex_doc](https://github.com/elixir-lang/ex_doc) and [phoenix](https://github.com/phoenixframework/phoenix).\n\nUpdates `bandit` from 1.10.2 to 1.10.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5640a10733ad05781c2caf2c5ca51f435d9f3a93\"\u003e\u003ccode\u003e5640a10\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.15 to 1.7.16 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/568\"\u003e#568\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/78e5184b768cb4be19cb9c1d595157402dced79f\"\u003e\u003ccode\u003e78e5184\u003c/code\u003e\u003c/a\u003e feat: http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.2...1.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `credo` from 1.7.13 to 1.7.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rrrene/credo/releases\"\u003ecredo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.16\u003c/h2\u003e\n\u003cp\u003eCheck it out on Hex: \u003ca href=\"https://hex.pm/packages/credo/1.7.16\"\u003ehttps://hex.pm/packages/credo/1.7.16\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix compatibility \u0026amp; compiler warnings with Elixir 1.20.0-rc.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.PassAsyncInTestCases\u003c/code\u003e add new param \u003ccode\u003e:force_comment_on_explicit_false\u003c/code\u003e (defaults to \u003ccode\u003efalse\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Warning.Dbg\u003c/code\u003e add new param \u003ccode\u003e:allow_captures\u003c/code\u003e (defaults to \u003ccode\u003efalse\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eNew Check: \u003ccode\u003eCredo.Check.Warning.UnusedMapOperation\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eNew Check: \u003ccode\u003eCredo.Check.Warning.UnusedOperation\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.7.15\u003c/h2\u003e\n\u003cp\u003eCheck it out on Hex: \u003ca href=\"https://hex.pm/packages/credo/1.7.15\"\u003ehttps://hex.pm/packages/credo/1.7.15\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImprove performance on large projects\u003c/li\u003e\n\u003cli\u003eParse token_metadata for source files\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Warning.ExpensiveEmptyEnumCheck\u003c/code\u003e have better issue messages\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.MatchInCondition\u003c/code\u003e add new param \u003ccode\u003e:allow_operators\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.MatchInCondition\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Readability.AliasOrder\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Readability.FunctionNames\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Readability.SinglePipe\u003c/code\u003e add new param \u003ccode\u003e:allow_blocks\u003c/code\u003e (defaults to \u003ccode\u003etrue\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.ModuleDependencies\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.7.14\u003c/h2\u003e\n\u003cp\u003eCheck it out on Hex: \u003ca href=\"https://hex.pm/packages/credo/1.7.14\"\u003ehttps://hex.pm/packages/credo/1.7.14\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression for \u003ccode\u003eDuplicatedCode\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eExpanded \u003ccode\u003eCredo.Check.Warning.ExpensiveEmptyEnumCheck\u003c/code\u003e to cover less obvious cases\u003c/li\u003e\n\u003cli\u003eNew Check: \u003ccode\u003eCredo.Check.Warning.StructFieldAmount\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rrrene/credo/blob/master/CHANGELOG.md\"\u003ecredo's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.7.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix compatibility \u0026amp; compiler warnings with Elixir 1.20.0-rc.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.PassAsyncInTestCases\u003c/code\u003e add new param \u003ccode\u003e:force_comment_on_explicit_false\u003c/code\u003e (defaults to \u003ccode\u003efalse\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Warning.Dbg\u003c/code\u003e add new param \u003ccode\u003e:allow_captures\u003c/code\u003e (defaults to \u003ccode\u003efalse\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eNew Check: \u003ccode\u003eCredo.Check.Warning.UnusedMapOperation\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eNew Check: \u003ccode\u003eCredo.Check.Warning.UnusedOperation\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.7.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove performance on large projects\u003c/li\u003e\n\u003cli\u003eParse token_metadata for source files\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Warning.ExpensiveEmptyEnumCheck\u003c/code\u003e have better issue messages\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.MatchInCondition\u003c/code\u003e add new param \u003ccode\u003e:allow_operators\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.MatchInCondition\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Readability.AliasOrder\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Readability.FunctionNames\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Readability.SinglePipe\u003c/code\u003e add new param \u003ccode\u003e:allow_blocks\u003c/code\u003e (defaults to \u003ccode\u003etrue\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.ModuleDependencies\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.7.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression for \u003ccode\u003eDuplicatedCode\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eExpand \u003ccode\u003eCredo.Check.Warning.ExpensiveEmptyEnumCheck\u003c/code\u003e to cover less obvious cases\u003c/li\u003e\n\u003cli\u003eNew Check: \u003ccode\u003eCredo.Check.Warning.StructFieldAmount\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/df52d2384f824710e16de5617411a97e53dd09c4\"\u003e\u003ccode\u003edf52d23\u003c/code\u003e\u003c/a\u003e Bump version to 1.7.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/3d7a39d56271e092818883f0e91b35aca23c8906\"\u003e\u003ccode\u003e3d7a39d\u003c/code\u003e\u003c/a\u003e Update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/8787f8aa3d6a5b235ab565922671bf913109c298\"\u003e\u003ccode\u003e8787f8a\u003c/code\u003e\u003c/a\u003e Upgrade to Elixir 1.20.0-rc.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/27f14b2680fc1e631ed48a3bfe19e8f990c9b8cf\"\u003e\u003ccode\u003e27f14b2\u003c/code\u003e\u003c/a\u003e Rename param to :allow_captures\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/7b80669acae3bb4a3198d6558c343a7e571d1784\"\u003e\u003ccode\u003e7b80669\u003c/code\u003e\u003c/a\u003e Add :allow_capture param to Credo.Check.Warning.Dbg\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/b10673d01b43208c24466a1d3a4762430860fc9e\"\u003e\u003ccode\u003eb10673d\u003c/code\u003e\u003c/a\u003e Merge branch 'fix-dbg-ampeprsand-usage' of github.com:Nezteb/credo into 1158-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/2f9a47cd2b98f113b25d32d24a3f18d112a52d4f\"\u003e\u003ccode\u003e2f9a47c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rrrene/credo/issues/1245\"\u003e#1245\u003c/a\u003e from whatyouhide/andrea-expand-docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/23c7dcea2a82b2e8ea0a8c28b740f5148fe21cc8\"\u003e\u003ccode\u003e23c7dce\u003c/code\u003e\u003c/a\u003e FIXUP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/2bd5d14a9b9297e11a11c4dd8e21045053a41d26\"\u003e\u003ccode\u003e2bd5d14\u003c/code\u003e\u003c/a\u003e FIXUP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/276f0a78d7f9dcba23d114826507399caad33882\"\u003e\u003ccode\u003e276f0a7\u003c/code\u003e\u003c/a\u003e Expand compile-time strings in \u0026quot;use Credo.Check\u0026quot; options\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rrrene/credo/compare/v1.7.13...v1.7.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ex_doc` from 0.39.1 to 0.40.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-lang/ex_doc/blob/main/CHANGELOG.md\"\u003eex_doc's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.40.1 (2026-01-31)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eEnhancements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link to source from generated .md files\u003c/li\u003e\n\u003cli\u003eImprove word-breaking of module names and sizing of main page titles\u003c/li\u003e\n\u003cli\u003eInclude description in llms.txt\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix headers in custom groups\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.40.0 (2026-01-20)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eEnhancements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce Markdown formatter (thanks to Yordis Prietro)\u003c/li\u003e\n\u003cli\u003eGenerate a \u003ccode\u003ellms.txt\u003c/code\u003e document by default and add a \u0026quot;Copy Markdown\u0026quot; button to the top of every page\u003c/li\u003e\n\u003cli\u003eRun retriever only once per formatter\u003c/li\u003e\n\u003cli\u003eSupport anchors on redirects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCopy button on \u003ccode\u003eerl\u003c/code\u003e and \u003ccode\u003eiex\u003c/code\u003e snippets now include prompts\u003c/li\u003e\n\u003cli\u003eFix headers having wrong selectors due to whitespace minification\u003c/li\u003e\n\u003cli\u003eOnly include \u003ccode\u003e.html\u003c/code\u003e links on Swup\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBreaking changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRevamp the ExDoc entrypoint and formatter API. While those have never been made public, others may have relied on it. We have now changed and documented them on the path to standardization\u003c/li\u003e\n\u003cli\u003eThe previously deprecated :assets option will raise if given a string, pass a map instead\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.39.3 (2025-12-09)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnhancements\n\u003cul\u003e\n\u003cli\u003eAdd the option to trim down the footer\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.39.2 (2025-12-04)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBug fixes\n\u003cul\u003e\n\u003cli\u003eDo not strip hrefs on summaries\u003c/li\u003e\n\u003cli\u003eShow go to latest for prereleases\u003c/li\u003e\n\u003cli\u003ePrevent fake italic in autocomplete text\u003c/li\u003e\n\u003cli\u003eRename \u0026quot;Search Hexdocs\u0026quot; link to \u0026quot;Go to package docs\u0026quot;\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/20a355b005c31f3ba38c7729d52a02571ea245cd\"\u003e\u003ccode\u003e20a355b\u003c/code\u003e\u003c/a\u003e Release v0.40.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/7a71ddf985ca531cc5ab8e0e3c81812209f31cd9\"\u003e\u003ccode\u003e7a71ddf\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/f44f6fe6aae77960b100cd08878986208449a960\"\u003e\u003ccode\u003ef44f6fe\u003c/code\u003e\u003c/a\u003e Turn whitespace minification back on\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/38028674ac14570a700ba8804d6ca4cbba1dc951\"\u003e\u003ccode\u003e3802867\u003c/code\u003e\u003c/a\u003e Improve distinction between docstring headings (H2-H4)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/e8a46c6fa7d8af5a24af6caf7a266e7995c51ce2\"\u003e\u003ccode\u003ee8a46c6\u003c/code\u003e\u003c/a\u003e Change headings' levels to match their context\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/9cd866c84ccdd1afa9eee772d72511c5ef99cbae\"\u003e\u003ccode\u003e9cd866c\u003c/code\u003e\u003c/a\u003e Fix Summary Types heading size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/e8e74eec1881dae173e02cf8713ff65e88540d68\"\u003e\u003ccode\u003ee8e74ee\u003c/code\u003e\u003c/a\u003e More word break tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/21ec71f709317bdd2e32b6d4d6055857d3761552\"\u003e\u003ccode\u003e21ec71f\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/8611a164fe24d7b9f669cdad96dcaf30e8254fc1\"\u003e\u003ccode\u003e8611a16\u003c/code\u003e\u003c/a\u003e Improve word-breaking of module names and sizing of main page titles (\u003ca href=\"https://redirect.github.com/elixir-lang/ex_doc/issues/2190\"\u003e#2190\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/1b1fe51e479b9bcbf72802e7ef700ed3cedf53ac\"\u003e\u003ccode\u003e1b1fe51\u003c/code\u003e\u003c/a\u003e Bump lodash from 4.17.21 to 4.17.23 in /assets (\u003ca href=\"https://redirect.github.com/elixir-lang/ex_doc/issues/2187\"\u003e#2187\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elixir-lang/ex_doc/compare/v0.39.1...v0.40.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix` from 1.8.3 to 1.8.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix/blob/main/CHANGELOG.md\"\u003ephoenix's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.8.4 (2026-2-23)\u003c/h2\u003e\n\u003ch3\u003eJavaScritp Client Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug reconnecting connections when close was gracefully initiated by server\u003c/li\u003e\n\u003cli\u003eFix LongPoll transport name in sessionStorage and logs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds guards support in \u003ccode\u003eassert_push\u003c/code\u003e, \u003ccode\u003eassert_broadcast\u003c/code\u003e, and \u003ccode\u003eassert_reply\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEnable purging in Phoenix code server for Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/5c0f19fac5924e7969d8b7981143d0566a3bbbf2\"\u003e\u003ccode\u003e5c0f19f\u003c/code\u003e\u003c/a\u003e Release 1.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/22ac56ed55ec1d74ba75e64c3923606eac16dc2e\"\u003e\u003ccode\u003e22ac56e\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/72192e3d7d0eaa545166348d91bdaf3e5bc874c5\"\u003e\u003ccode\u003e72192e3\u003c/code\u003e\u003c/a\u003e Bump lodash from 4.17.21 to 4.17.23 (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6584\"\u003e#6584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/92a79b0381b2afe63d0c7c08bc77d6ddc4ec6140\"\u003e\u003ccode\u003e92a79b0\u003c/code\u003e\u003c/a\u003e Adds guards support in assert_push, assert_broadcast and assert_reply (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6595\"\u003e#6595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/ac12eec6d06a42fb90134789a91f9c5c13738b56\"\u003e\u003ccode\u003eac12eec\u003c/code\u003e\u003c/a\u003e Fix concurrent socket teardown (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6602\"\u003e#6602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/0f6a26f10a1dde4fdeb00b5dc18805a393d9cf8c\"\u003e\u003ccode\u003e0f6a26f\u003c/code\u003e\u003c/a\u003e Update umbrella link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/2dda4b0cdf1a449e2a287498a4b744b8c5130d28\"\u003e\u003ccode\u003e2dda4b0\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://github.com/stream\"\u003e\u003ccode\u003e@​stream\u003c/code\u003e\u003c/a\u003e typo in usage-rules liveview streams example (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6601\"\u003e#6601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/7c37fa7364dc0faa6275130bcc2d61453416731a\"\u003e\u003ccode\u003e7c37fa7\u003c/code\u003e\u003c/a\u003e Fix bad link (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6597\"\u003e#6597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/dadf94632594755cfc421423b89de9c76ac4bee8\"\u003e\u003ccode\u003edadf946\u003c/code\u003e\u003c/a\u003e followup for \u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6563\"\u003ephoenixframework/phoenix#6563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/666dcaeb6c32cc15ea90074777363b20dd96edf7\"\u003e\u003ccode\u003e666dcae\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;autocomplete with email in email fields (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6502\"\u003e#6502\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6574\"\u003e#6574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix/compare/v1.8.3...v1.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/all-source-os/all-source/pull/68","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/all-source-os%2Fall-source/issues/68","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/68/packages"},{"uuid":"3979660889","node_id":"PR_kwDOC1lmjs7FuWyx","number":300,"state":"closed","title":"Bump bandit from 1.10.2 to 1.10.3","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-02-23T20:02:51.000Z","author_association":null,"state_reason":null,"created_at":"2026-02-23T18:53:32.000Z","updated_at":"2026-02-23T20:06:03.000Z","time_to_close":4159,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"bandit","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.10.2 to 1.10.3.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5640a10733ad05781c2caf2c5ca51f435d9f3a93\"\u003e\u003ccode\u003e5640a10\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.15 to 1.7.16 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/568\"\u003e#568\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/78e5184b768cb4be19cb9c1d595157402dced79f\"\u003e\u003ccode\u003e78e5184\u003c/code\u003e\u003c/a\u003e feat: http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.2...1.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit\u0026package-manager=hex\u0026previous-version=1.10.2\u0026new-version=1.10.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/dwyl/phoenix-liveview-counter-tutorial/pull/300","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dwyl%2Fphoenix-liveview-counter-tutorial/issues/300","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/300/packages"}],"issue_packages":[{"old_version":"1.10.4","new_version":"1.11.1","update_type":"minor","path":null,"pr_created_at":"2026-05-18T01:29:12.000Z","version_change":"1.10.4 → 1.11.1","issue":{"uuid":"4465641880","node_id":"PR_kwDONKjU8M7ceZeT","number":64,"state":"open","title":"deps(deps): bump bandit from 1.10.4 to 1.11.1","user":"dependabot[bot]","labels":[],"assignees":["mithenji"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-18T01:29:12.000Z","updated_at":"2026-05-18T01:29:13.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps)","packages":[{"name":"bandit","old_version":"1.10.4","new_version":"1.11.1","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.10.4 to 1.11.1.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.1 (13 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove handling of large chunked request bodies (CVE-2026-39803, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of request trailers (CVE-2026-39806, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWe no longer disallow \u003ccode\u003e.\u003c/code\u003e and \u003ccode\u003e..\u003c/code\u003e path components in HTTP/2 absolute paths (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/40a1b8fc924694a0125bbaa7fee101fa43feeb52\"\u003e\u003ccode\u003e40a1b8f\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/37b84cfd7f26dd3b9043d2c2d31be47d86ffa8e0\"\u003e\u003ccode\u003e37b84cf\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.1 to 0.40.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/583\"\u003e#583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8ff60784addd623c0a752b700d52edbaba107dd6\"\u003e\u003ccode\u003e8ff6078\u003c/code\u003e\u003c/a\u003e Bump telemetry from 1.4.1 to 1.4.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/584\"\u003e#584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ae3520dfdbfab115c638f8c7f6f6b805db34e1ab\"\u003e\u003ccode\u003eae3520d\u003c/code\u003e\u003c/a\u003e Improve chunk handling (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0f56e10ed194faad75abcbc8b221988568ccbf15\"\u003e\u003ccode\u003e0f56e10\u003c/code\u003e\u003c/a\u003e Stop handling . and .. paths specially (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.4...1.11.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit\u0026package-manager=hex\u0026previous-version=1.10.4\u0026new-version=1.11.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mithenji/mithenji.me/pull/64","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mithenji%2Fmithenji.me/issues/64","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/64/packages"}},{"old_version":"1.11.0","new_version":"1.11.1","update_type":"patch","path":null,"pr_created_at":"2026-05-17T21:14:52.000Z","version_change":"1.11.0 → 1.11.1","issue":{"uuid":"4464957238","node_id":"PR_kwDOSZz7r87ccThz","number":5,"state":"closed","title":"Bump the minor-updates group with 3 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-24T21:14:55.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-17T21:14:52.000Z","updated_at":"2026-05-24T21:14:57.000Z","time_to_close":604803,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"minor-updates","update_count":3,"packages":[{"name":"ash","old_version":"3.24.7","new_version":"3.25.0","repository_url":"https://github.com/ash-project/ash"},{"name":"bandit","old_version":"1.11.0","new_version":"1.11.1","repository_url":"https://github.com/mtrudel/bandit"},{"name":"postgrex","old_version":"0.22.1","new_version":"0.22.2","repository_url":"https://github.com/elixir-ecto/postgrex"}],"path":null,"ecosystem":"hex"},"body":"Bumps the minor-updates group with 3 updates: [ash](https://github.com/ash-project/ash), [bandit](https://github.com/mtrudel/bandit) and [postgrex](https://github.com/elixir-ecto/postgrex).\n\nUpdates `ash` from 3.24.7 to 3.25.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ash-project/ash/releases\"\u003eash's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.25.0\u003c/h2\u003e\n\u003ch3\u003eFeatures:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eadd filtering and sorting to manifest (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2704\"\u003e#2704\u003c/a\u003e) by \u003ca href=\"https://github.com/Torkan\"\u003e\u003ccode\u003e@​Torkan\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2704\"\u003e#2704\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2704\"\u003eash-project/ash#2704\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003eAsh.Info.manifest\u003c/code\u003e for code generation basis (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2703\"\u003e#2703\u003c/a\u003e) by \u003ca href=\"https://github.com/Torkan\"\u003e\u003ccode\u003e@​Torkan\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2703\"\u003e#2703\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2703\"\u003eash-project/ash#2703\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003emanifest: pass real resource to data_layer.functions/1 (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2706\"\u003e#2706\u003c/a\u003e) by \u003ca href=\"https://github.com/Torkan\"\u003e\u003ccode\u003e@​Torkan\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2706\"\u003e#2706\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2706\"\u003eash-project/ash#2706\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eManual relationships select missing (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2700\"\u003e#2700\u003c/a\u003e) by Kenneth Kostrešević [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2700\"\u003e#2700\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2700\"\u003eash-project/ash#2700\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eadd query context to bulk destroy (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2699\"\u003e#2699\u003c/a\u003e) by danielatdpg [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2699\"\u003e#2699\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2699\"\u003eash-project/ash#2699\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eadd code interface validation hint for options (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2697\"\u003e#2697\u003c/a\u003e) by febarnett3 [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2697\"\u003e#2697\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2697\"\u003eash-project/ash#2697\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003epreserve all errors in Required dedupe accumulator (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2692\"\u003e#2692\u003c/a\u003e) by sevenseacat [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2692\"\u003e#2692\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2692\"\u003eash-project/ash#2692\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esupport filter checks on create actions by \u003ca href=\"https://github.com/zachdaniel\"\u003e\u003ccode\u003e@​zachdaniel\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ash-project/ash/blob/main/CHANGELOG.md\"\u003eash's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ash-project/ash/compare/v3.24.7...v3.25.0\"\u003ev3.25.0\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eFeatures:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eadd filtering and sorting to manifest (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2704\"\u003e#2704\u003c/a\u003e) by \u003ca href=\"https://github.com/Torkan\"\u003e\u003ccode\u003e@​Torkan\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2704\"\u003e#2704\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2704\"\u003eash-project/ash#2704\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003eAsh.Info.manifest\u003c/code\u003e for code generation basis (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2703\"\u003e#2703\u003c/a\u003e) by \u003ca href=\"https://github.com/Torkan\"\u003e\u003ccode\u003e@​Torkan\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2703\"\u003e#2703\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2703\"\u003eash-project/ash#2703\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003emanifest: pass real resource to data_layer.functions/1 (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2706\"\u003e#2706\u003c/a\u003e) by \u003ca href=\"https://github.com/Torkan\"\u003e\u003ccode\u003e@​Torkan\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2706\"\u003e#2706\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2706\"\u003eash-project/ash#2706\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eManual relationships select missing (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2700\"\u003e#2700\u003c/a\u003e) by Kenneth Kostrešević [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2700\"\u003e#2700\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2700\"\u003eash-project/ash#2700\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eadd query context to bulk destroy (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2699\"\u003e#2699\u003c/a\u003e) by danielatdpg [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2699\"\u003e#2699\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2699\"\u003eash-project/ash#2699\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eadd code interface validation hint for options (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2697\"\u003e#2697\u003c/a\u003e) by febarnett3 [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2697\"\u003e#2697\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2697\"\u003eash-project/ash#2697\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003epreserve all errors in Required dedupe accumulator (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2692\"\u003e#2692\u003c/a\u003e) by sevenseacat [(\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2692\"\u003e#2692\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash/pull/2692\"\u003eash-project/ash#2692\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esupport filter checks on create actions by \u003ca href=\"https://github.com/zachdaniel\"\u003e\u003ccode\u003e@​zachdaniel\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/57ade2b48c9aea324cd6397bae4b823d0f74308c\"\u003e\u003ccode\u003e57ade2b\u003c/code\u003e\u003c/a\u003e chore: release version v3.25.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/1434071ef9d2d774e9eb4b0fc5b0de5b08710a98\"\u003e\u003ccode\u003e1434071\u003c/code\u003e\u003c/a\u003e docs: add example output\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/c99338101838b3977cea42e4a9980a36bf54a5b5\"\u003e\u003ccode\u003ec993381\u003c/code\u003e\u003c/a\u003e docs: add guide for code generation with the manifest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/34647d45d454015dda6153b7bbf5aa101e7166af\"\u003e\u003ccode\u003e34647d4\u003c/code\u003e\u003c/a\u003e chore: add private actions options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/2ac20ee010eaf686e4973883403045c74b474215\"\u003e\u003ccode\u003e2ac20ee\u003c/code\u003e\u003c/a\u003e fix(manifest): pass real resource to data_layer.functions/1 (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2706\"\u003e#2706\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/cfd2a4772b7be58a02891211800fa49aba351055\"\u003e\u003ccode\u003ecfd2a47\u003c/code\u003e\u003c/a\u003e chore: cleanups for new Manifest structures\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/fbaf9ebde7a6021316c5074f0411a2e1ad7a24f7\"\u003e\u003ccode\u003efbaf9eb\u003c/code\u003e\u003c/a\u003e improvement: support filter checks on create actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/ae55d1459ddd299efdf1bfea8478cb4bafd539b0\"\u003e\u003ccode\u003eae55d14\u003c/code\u003e\u003c/a\u003e Feat: add filtering and sorting to manifest (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2704\"\u003e#2704\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/26d5eaf8c1ce0dac7c86a1e145c0c24726f09299\"\u003e\u003ccode\u003e26d5eaf\u003c/code\u003e\u003c/a\u003e chore: a few nits on manifest code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash/commit/5aa736de6033da098f8c91973b4a0cf81a4aec9f\"\u003e\u003ccode\u003e5aa736d\u003c/code\u003e\u003c/a\u003e feat: \u003ccode\u003eAsh.Info.manifest\u003c/code\u003e for code generation basis (\u003ca href=\"https://redirect.github.com/ash-project/ash/issues/2703\"\u003e#2703\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ash-project/ash/compare/v3.24.7...v3.25.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bandit` from 1.11.0 to 1.11.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.1 (13 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove handling of large chunked request bodies (CVE-2026-39803, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of request trailers (CVE-2026-39806, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWe no longer disallow \u003ccode\u003e.\u003c/code\u003e and \u003ccode\u003e..\u003c/code\u003e path components in HTTP/2 absolute paths (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/40a1b8fc924694a0125bbaa7fee101fa43feeb52\"\u003e\u003ccode\u003e40a1b8f\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/37b84cfd7f26dd3b9043d2c2d31be47d86ffa8e0\"\u003e\u003ccode\u003e37b84cf\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.1 to 0.40.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/583\"\u003e#583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8ff60784addd623c0a752b700d52edbaba107dd6\"\u003e\u003ccode\u003e8ff6078\u003c/code\u003e\u003c/a\u003e Bump telemetry from 1.4.1 to 1.4.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/584\"\u003e#584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ae3520dfdbfab115c638f8c7f6f6b805db34e1ab\"\u003e\u003ccode\u003eae3520d\u003c/code\u003e\u003c/a\u003e Improve chunk handling (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0f56e10ed194faad75abcbc8b221988568ccbf15\"\u003e\u003ccode\u003e0f56e10\u003c/code\u003e\u003c/a\u003e Stop handling . and .. paths specially (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.11.0...1.11.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `postgrex` from 0.22.1 to 0.22.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-ecto/postgrex/blob/master/CHANGELOG.md\"\u003epostgrex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.22.2 (2026-05-12)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSecurity\n\u003cul\u003e\n\u003cli\u003eEscape quotes in channel names in \u003ccode\u003ePostgrex.Notifications.listen/3\u003c/code\u003e (CVE-2026-32687)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-ecto/postgrex/commit/f1ffdb5e1894165ce95feb4e678cb91e5d76d6e1\"\u003e\u003ccode\u003ef1ffdb5\u003c/code\u003e\u003c/a\u003e Release v0.22.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-ecto/postgrex/commit/7cdedbd4316bb65f82e6a9a4f922c0ac491cb770\"\u003e\u003ccode\u003e7cdedbd\u003c/code\u003e\u003c/a\u003e Escape quotes, check null bytes, and name length for channel names\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/elixir-ecto/postgrex/compare/v0.22.1...v0.22.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/onnenon/receipts/pull/5","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/onnenon%2Freceipts/issues/5","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5/packages"}},{"old_version":"1.11.0","new_version":"1.11.1","update_type":"patch","path":null,"pr_created_at":"2026-05-17T12:34:49.000Z","version_change":"1.11.0 → 1.11.1","issue":{"uuid":"4463481151","node_id":"PR_kwDORLKw3s7cX6rH","number":17,"state":"closed","title":"chore(deps): bump the prod-dependencies group with 7 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-17T22:53:34.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-17T12:34:49.000Z","updated_at":"2026-05-17T22:53:36.000Z","time_to_close":37125,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"prod-dependencies","update_count":7,"packages":[{"name":"bandit","old_version":"1.11.0","new_version":"1.11.1","repository_url":"https://github.com/mtrudel/bandit"},{"name":"bb","old_version":"0.15.2","new_version":"0.16.0","repository_url":"https://github.com/beam-bots/bb"},{"name":"bb_ik_dls","old_version":"0.3.1","new_version":"0.3.3","repository_url":"https://github.com/beam-bots/bb_ik_dls"},{"name":"bb_liveview","old_version":"0.2.4","new_version":"0.2.7","repository_url":"https://github.com/beam-bots/bb_liveview"},{"name":"bb_reactor","old_version":"0.2.1","new_version":"0.2.3","repository_url":"https://github.com/beam-bots/bb_reactor"},{"name":"bb_servo_feetech","old_version":"0.2.2","new_version":"0.2.4","repository_url":"https://github.com/beam-bots/bb_servo_feetech"},{"name":"nx","old_version":"0.11.0","new_version":"0.12.0","repository_url":"https://github.com/elixir-nx/nx"}],"path":null,"ecosystem":"hex"},"body":"Bumps the prod-dependencies group with 7 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [bandit](https://github.com/mtrudel/bandit) | `1.11.0` | `1.11.1` |\n| [bb](https://github.com/beam-bots/bb) | `0.15.2` | `0.16.0` |\n| [bb_ik_dls](https://github.com/beam-bots/bb_ik_dls) | `0.3.1` | `0.3.3` |\n| [bb_liveview](https://github.com/beam-bots/bb_liveview) | `0.2.4` | `0.2.7` |\n| [bb_reactor](https://github.com/beam-bots/bb_reactor) | `0.2.1` | `0.2.3` |\n| [bb_servo_feetech](https://github.com/beam-bots/bb_servo_feetech) | `0.2.2` | `0.2.4` |\n| [nx](https://github.com/elixir-nx/nx) | `0.11.0` | `0.12.0` |\n\nUpdates `bandit` from 1.11.0 to 1.11.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.1 (13 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove handling of large chunked request bodies (CVE-2026-39803, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of request trailers (CVE-2026-39806, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWe no longer disallow \u003ccode\u003e.\u003c/code\u003e and \u003ccode\u003e..\u003c/code\u003e path components in HTTP/2 absolute paths (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/40a1b8fc924694a0125bbaa7fee101fa43feeb52\"\u003e\u003ccode\u003e40a1b8f\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/37b84cfd7f26dd3b9043d2c2d31be47d86ffa8e0\"\u003e\u003ccode\u003e37b84cf\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.1 to 0.40.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/583\"\u003e#583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8ff60784addd623c0a752b700d52edbaba107dd6\"\u003e\u003ccode\u003e8ff6078\u003c/code\u003e\u003c/a\u003e Bump telemetry from 1.4.1 to 1.4.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/584\"\u003e#584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ae3520dfdbfab115c638f8c7f6f6b805db34e1ab\"\u003e\u003ccode\u003eae3520d\u003c/code\u003e\u003c/a\u003e Improve chunk handling (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0f56e10ed194faad75abcbc8b221988568ccbf15\"\u003e\u003ccode\u003e0f56e10\u003c/code\u003e\u003c/a\u003e Stop handling . and .. paths specially (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.11.0...1.11.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bb` from 0.15.2 to 0.16.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb/releases\"\u003ebb's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.16.0\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003emigrate from \u003ccode\u003eex_cldr_units\u003c/code\u003e to \u003ccode\u003elocalize\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/96\"\u003e#96\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eforce-disarm via topology supervisor instead of \u003ccode\u003eauto_disarm_on_error\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/95\"\u003e#95\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003estore wall-clock time and originating node on \u003ccode\u003eBB.Message\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/37\"\u003e#37\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/94\"\u003e#94\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecover tuple argument types in typespec and \u003ccode\u003e:map\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/93\"\u003e#93\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eidentify the publishing robot in pubsub deliveries (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/91\"\u003e#91\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/92\"\u003e#92\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecoerce command goal values to declared argument types (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/88\"\u003e#88\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.15.4\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eBB.Igniter\u003c/code\u003e helpers for writing into the topology section (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/87\"\u003e#87\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.15.3\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eBB.Igniter\u003c/code\u003e helpers for add-on installers (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/86\"\u003e#86\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb/blob/main/CHANGELOG.md\"\u003ebb's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb/compare/v0.15.4...v0.16.0\"\u003ev0.16.0\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003emigrate from \u003ccode\u003eex_cldr_units\u003c/code\u003e to \u003ccode\u003elocalize\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/96\"\u003e#96\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eforce-disarm via topology supervisor instead of \u003ccode\u003eauto_disarm_on_error\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/95\"\u003e#95\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003estore wall-clock time and originating node on \u003ccode\u003eBB.Message\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/37\"\u003e#37\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/94\"\u003e#94\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecover tuple argument types in typespec and \u003ccode\u003e:map\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/93\"\u003e#93\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eidentify the publishing robot in pubsub deliveries (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/91\"\u003e#91\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/92\"\u003e#92\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecoerce command goal values to declared argument types (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/88\"\u003e#88\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb/compare/v0.15.3...v0.15.4\"\u003ev0.15.4\u003c/a\u003e (2026-05-16)\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eBB.Igniter\u003c/code\u003e helpers for writing into the topology section (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/87\"\u003e#87\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb/compare/v0.15.2...v0.15.3\"\u003ev0.15.3\u003c/a\u003e (2026-05-13)\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eBB.Igniter\u003c/code\u003e helpers for add-on installers (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/86\"\u003e#86\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/084ab8561ddd62a6604d40e4d886cac7527176ac\"\u003e\u003ccode\u003e084ab85\u003c/code\u003e\u003c/a\u003e chore: release version v0.16.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/31384291211a5239982a63ce65405009b863af92\"\u003e\u003ccode\u003e3138429\u003c/code\u003e\u003c/a\u003e improvement!: migrate from \u003ccode\u003eex_cldr_units\u003c/code\u003e to \u003ccode\u003elocalize\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/96\"\u003e#96\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/a7462b455330168d801efe55f5c043525e24977c\"\u003e\u003ccode\u003ea7462b4\u003c/code\u003e\u003c/a\u003e improvement!: force-disarm via topology supervisor instead of `auto_disarm_on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/81d268f399ac65d6a54559d84ece981713b575aa\"\u003e\u003ccode\u003e81d268f\u003c/code\u003e\u003c/a\u003e improvement!: store wall-clock time and originating node on \u003ccode\u003eBB.Message\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/37\"\u003e#37\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/6109c343a64f368b2688bf575110945869c0f4c0\"\u003e\u003ccode\u003e6109c34\u003c/code\u003e\u003c/a\u003e chore(deps): bump github/codeql-action from 4.35.4 to 4.35.5 (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/89\"\u003e#89\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/fa8cf62452f03419c3fc751e26df952cf2cbb8de\"\u003e\u003ccode\u003efa8cf62\u003c/code\u003e\u003c/a\u003e chore(deps): bump the prod-dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/90\"\u003e#90\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/896764f1963a738fa3081579e2ad6b442b6db645\"\u003e\u003ccode\u003e896764f\u003c/code\u003e\u003c/a\u003e fix: cover tuple argument types in typespec and \u003ccode\u003e:map\u003c/code\u003e example (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/93\"\u003e#93\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/ac117893ce1a22ac04225beff6892f6bb9e72849\"\u003e\u003ccode\u003eac11789\u003c/code\u003e\u003c/a\u003e improvement: identify the publishing robot in pubsub deliveries (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/91\"\u003e#91\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/92\"\u003e#92\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/ca3c8b0e314b34d1e43021be6fdcce16ca8484c4\"\u003e\u003ccode\u003eca3c8b0\u003c/code\u003e\u003c/a\u003e improvement: coerce command goal values to declared argument types (\u003ca href=\"https://redirect.github.com/beam-bots/bb/issues/88\"\u003e#88\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb/commit/253c315a04b03c4862fa5e61ace8dfae9b465334\"\u003e\u003ccode\u003e253c315\u003c/code\u003e\u003c/a\u003e chore: release version v0.15.4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/beam-bots/bb/compare/v0.15.2...v0.16.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bb_ik_dls` from 0.3.1 to 0.3.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_ik_dls/releases\"\u003ebb_ik_dls's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.3.3\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev0.3.2\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erespect joint limits during DLS iteration (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/24\"\u003e#24\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_ik_dls/blob/main/CHANGELOG.md\"\u003ebb_ik_dls's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/compare/v0.3.2...v0.3.3\"\u003ev0.3.3\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/compare/v0.3.1...v0.3.2\"\u003ev0.3.2\u003c/a\u003e (2026-05-14)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erespect joint limits during DLS iteration (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/24\"\u003e#24\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/454684982d18330066d88f42552020aa1a26a6b2\"\u003e\u003ccode\u003e4546849\u003c/code\u003e\u003c/a\u003e chore: release version v0.3.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/6d675c14ef515e3c328175c46df3f3507379ad44\"\u003e\u003ccode\u003e6d675c1\u003c/code\u003e\u003c/a\u003e chore(deps): bump bb to ~\u0026gt; 0.16 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/25\"\u003e#25\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/70b2e2a9a7f314e16b25a32eda62ce6b0584128e\"\u003e\u003ccode\u003e70b2e2a\u003c/code\u003e\u003c/a\u003e chore: release version v0.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/c1fd4965a89ef3a9276d17896cb579cd9c04a8e3\"\u003e\u003ccode\u003ec1fd496\u003c/code\u003e\u003c/a\u003e chore(deps): Update bb to 0.15.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/290000c9d95e25958a5bf34acdd4502a0595d808\"\u003e\u003ccode\u003e290000c\u003c/code\u003e\u003c/a\u003e fix: respect joint limits during DLS iteration (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/24\"\u003e#24\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/b8f38724539d4aa786bbe97d8ec9ca547daec095\"\u003e\u003ccode\u003eb8f3872\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump ex_doc in the dev-dependencies group (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/22\"\u003e#22\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/4e65f950a8155f4516f900759ba62893eb3a0d6c\"\u003e\u003ccode\u003e4e65f95\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump igniter from 0.7.9 to 0.8.0 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/23\"\u003e#23\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/9d5463cfa2ce5fad7130b733f429aed5c3e4e988\"\u003e\u003ccode\u003e9d5463c\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the dev-dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/20\"\u003e#20\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/7fd4ed9d0cec9c62cb2ae56664d0e4932a6d2984\"\u003e\u003ccode\u003e7fd4ed9\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump igniter from 0.7.7 to 0.7.9 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/21\"\u003e#21\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_ik_dls/commit/c33342ed1b176500af627bf883e0615ae6b839f3\"\u003e\u003ccode\u003ec33342e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/beam-bots/bb_ik_dls/issues/19\"\u003e#19\u003c/a\u003e from beam-bots/dependabot/hex/igniter-0.7.7\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/beam-bots/bb_ik_dls/compare/v0.3.1...v0.3.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bb_liveview` from 0.2.4 to 0.2.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_liveview/releases\"\u003ebb_liveview's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.7\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003erender :atom-typed argument values with their leading colon (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/45\"\u003e#45\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003epreserve command form input values after execute (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/44\"\u003e#44\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisplay event-stream timestamps from \u003ccode\u003eBB.Message.wall_time\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/48\"\u003e#48\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.2.6\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ephoenix bootstrap + endpoint plug injection in \u003ccode\u003ebb_liveview.install\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/43\"\u003e#43\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.2.5\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ebb_liveview.install\u003c/code\u003e igniter task (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/42\"\u003e#42\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_liveview/blob/main/CHANGELOG.md\"\u003ebb_liveview's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/compare/v0.2.6...v0.2.7\"\u003ev0.2.7\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003erender :atom-typed argument values with their leading colon (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/45\"\u003e#45\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003epreserve command form input values after execute (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/44\"\u003e#44\u003c/a\u003e) by James Harton\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edisplay event-stream timestamps from \u003ccode\u003eBB.Message.wall_time\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/48\"\u003e#48\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/compare/v0.2.5...v0.2.6\"\u003ev0.2.6\u003c/a\u003e (2026-05-16)\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ephoenix bootstrap + endpoint plug injection in \u003ccode\u003ebb_liveview.install\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/43\"\u003e#43\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/compare/v0.2.4...v0.2.5\"\u003ev0.2.5\u003c/a\u003e (2026-05-13)\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ebb_liveview.install\u003c/code\u003e igniter task (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/42\"\u003e#42\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/02b2fb8cc560b3aca5d9856af59aec07f7736c79\"\u003e\u003ccode\u003e02b2fb8\u003c/code\u003e\u003c/a\u003e chore: release version v0.2.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/8df9afbc046aadf4ac2591f4b0c6e6ab242a07f5\"\u003e\u003ccode\u003e8df9afb\u003c/code\u003e\u003c/a\u003e chore(deps): bump bb to ~\u0026gt; 0.16 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/49\"\u003e#49\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/798881b82b8dbc68bb1d18702bfa07747e11943e\"\u003e\u003ccode\u003e798881b\u003c/code\u003e\u003c/a\u003e fix: render :atom-typed argument values with their leading colon (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/45\"\u003e#45\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/022a6d4a204f2e6832ce666668ca2749148b3962\"\u003e\u003ccode\u003e022a6d4\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump bandit from 1.11.0 to 1.11.1 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/47\"\u003e#47\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/d7156583d8e34f174219958bb9f6af29fbba9df8\"\u003e\u003ccode\u003ed715658\u003c/code\u003e\u003c/a\u003e improvement: display event-stream timestamps from \u003ccode\u003eBB.Message.wall_time\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/48\"\u003e#48\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/65cc8f6a44e2364e98c854ccef794c25ead2f818\"\u003e\u003ccode\u003e65cc8f6\u003c/code\u003e\u003c/a\u003e fix: preserve command form input values after execute (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/44\"\u003e#44\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/4836a7b16f25ea8faed29d1fb2f10aae7e7749ed\"\u003e\u003ccode\u003e4836a7b\u003c/code\u003e\u003c/a\u003e chore: release version v0.2.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/a0abebcbc433c0fbf9490bfff21cfbef13838bf7\"\u003e\u003ccode\u003ea0abebc\u003c/code\u003e\u003c/a\u003e improvement: phoenix bootstrap + endpoint plug injection in `bb_liveview.inst...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/6fbbe24cc15ee3709dcd4a518f14101a9def1e3a\"\u003e\u003ccode\u003e6fbbe24\u003c/code\u003e\u003c/a\u003e chore: release version v0.2.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_liveview/commit/b915b27bd8f9fca5cdc2a0f6b25beb2762d0a492\"\u003e\u003ccode\u003eb915b27\u003c/code\u003e\u003c/a\u003e improvement: add \u003ccode\u003ebb_liveview.install\u003c/code\u003e igniter task (\u003ca href=\"https://redirect.github.com/beam-bots/bb_liveview/issues/42\"\u003e#42\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/beam-bots/bb_liveview/compare/v0.2.4...v0.2.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bb_reactor` from 0.2.1 to 0.2.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_reactor/releases\"\u003ebb_reactor's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.3\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev0.2.2\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd basic igniter installer by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_reactor/blob/main/CHANGELOG.md\"\u003ebb_reactor's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/compare/v0.2.2...v0.2.3\"\u003ev0.2.3\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/compare/v0.2.1...v0.2.2\"\u003ev0.2.2\u003c/a\u003e (2026-05-15)\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd basic igniter installer by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/0476fff39379325c252e6be6657bf34fba6cc9e1\"\u003e\u003ccode\u003e0476fff\u003c/code\u003e\u003c/a\u003e chore: release version v0.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/6c65e4cfbf513171c223d5297451901f67b6181b\"\u003e\u003ccode\u003e6c65e4c\u003c/code\u003e\u003c/a\u003e chore: align with bb 0.16 safety semantics (\u003ca href=\"https://redirect.github.com/beam-bots/bb_reactor/issues/24\"\u003e#24\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/68e7323c7d5db8d04176800d878dbba63010636d\"\u003e\u003ccode\u003e68e7323\u003c/code\u003e\u003c/a\u003e chore: release version v0.2.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/0b44cba9e035248355b33dfc7884eacf066cc9ff\"\u003e\u003ccode\u003e0b44cba\u003c/code\u003e\u003c/a\u003e improvement: Add basic igniter installer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/20c597571fedd6485903dded1218ed366953e96a\"\u003e\u003ccode\u003e20c5975\u003c/code\u003e\u003c/a\u003e chore(deps): update bb to 0.15.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/684e7e2b203da0259d6cf8d5002e93e0593a3ab8\"\u003e\u003ccode\u003e684e7e2\u003c/code\u003e\u003c/a\u003e chore(deps): bump reactor from 1.0.0 to 1.0.1 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_reactor/issues/20\"\u003e#20\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/9b3b7746298d5b8d28efa7c27cdeafe7562cb8ee\"\u003e\u003ccode\u003e9b3b774\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the dev-dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/beam-bots/bb_reactor/issues/21\"\u003e#21\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/4074a1851b494a2151c7cca098aa8e95ae1f2f4c\"\u003e\u003ccode\u003e4074a18\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump igniter from 0.7.7 to 0.7.9 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_reactor/issues/22\"\u003e#22\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/030271ed3d750c64547f3ae2074c44df17346a4a\"\u003e\u003ccode\u003e030271e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/beam-bots/bb_reactor/issues/17\"\u003e#17\u003c/a\u003e from beam-bots/dependabot/hex/dev-dependencies-c15e7130e8\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_reactor/commit/b833bdca836717468c3fe34067a02ca83cf9d30d\"\u003e\u003ccode\u003eb833bdc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/beam-bots/bb_reactor/issues/18\"\u003e#18\u003c/a\u003e from beam-bots/dependabot/hex/igniter-0.7.7\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/beam-bots/bb_reactor/compare/v0.2.1...v0.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bb_servo_feetech` from 0.2.2 to 0.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/releases\"\u003ebb_servo_feetech's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.4\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003ev0.2.3\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ebb_servo_feetech.install\u003c/code\u003e igniter task (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/25\"\u003e#25\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/blob/main/CHANGELOG.md\"\u003ebb_servo_feetech's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_pca9685/compare/v0.2.3...v0.2.4\"\u003ev0.2.4\u003c/a\u003e (2026-05-17)\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_pca9685/compare/v0.2.2...v0.2.3\"\u003ev0.2.3\u003c/a\u003e (2026-05-13)\u003c/h2\u003e\n\u003ch3\u003eImprovements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ebb_servo_feetech.install\u003c/code\u003e igniter task (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/25\"\u003e#25\u003c/a\u003e) by James Harton\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/50f64f662e51f85169075aa26ceea8f5b27469e9\"\u003e\u003ccode\u003e50f64f6\u003c/code\u003e\u003c/a\u003e chore: release version v0.2.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/20605bfe1e09cf1a4b0ff8ab9a59338551729920\"\u003e\u003ccode\u003e20605bf\u003c/code\u003e\u003c/a\u003e chore(deps): bump bb to ~\u0026gt; 0.16 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/26\"\u003e#26\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/5e5788e1581d437264e4eb4e107417f9747aad1d\"\u003e\u003ccode\u003e5e5788e\u003c/code\u003e\u003c/a\u003e chore: release version v0.2.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/1761292cd4cde8ab57e52e8499770f6ed7001607\"\u003e\u003ccode\u003e1761292\u003c/code\u003e\u003c/a\u003e improvement: add \u003ccode\u003ebb_servo_feetech.install\u003c/code\u003e igniter task (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/25\"\u003e#25\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/bdbb53146f57463de6694b08c166e30e8bf8d586\"\u003e\u003ccode\u003ebdbb531\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump ex_doc in the dev-dependencies group (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/24\"\u003e#24\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/44dcabaebdd96c74eddc43927a7dc8b25cbe65db\"\u003e\u003ccode\u003e44dcaba\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the dev-dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/22\"\u003e#22\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/c78833cbe363859b6a9a709ea6f9177c5738bef6\"\u003e\u003ccode\u003ec78833c\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump igniter from 0.7.7 to 0.7.9 (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/23\"\u003e#23\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/commit/3164bfd90ee28dce60f89848a7379a45d8c53052\"\u003e\u003ccode\u003e3164bfd\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump git_ops in the dev-dependencies group (\u003ca href=\"https://redirect.github.com/beam-bots/bb_servo_feetech/issues/21\"\u003e#21\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/beam-bots/bb_servo_feetech/compare/v0.2.2...v0.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `nx` from 0.11.0 to 0.12.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-nx/nx/releases\"\u003enx's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.12.0 - 2026-05-15\u003c/h2\u003e\n\u003cp\u003eSee the changelogs for individual libraries for a semantic set of changes\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/blasphemetheus\"\u003e\u003ccode\u003e@​blasphemetheus\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/elixir-nx/nx/pull/1676\"\u003eelixir-nx/nx#1676\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jeffreyksmithjr\"\u003e\u003ccode\u003e@​jeffreyksmithjr\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/elixir-nx/nx/pull/1715\"\u003eelixir-nx/nx#1715\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/elixir-nx/nx/compare/v0.11.0...v0.12.0\"\u003ehttps://github.com/elixir-nx/nx/compare/v0.11.0...v0.12.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/b0f75edd23fe201a3e9f10e42f2c2451514a65c7\"\u003e\u003ccode\u003eb0f75ed\u003c/code\u003e\u003c/a\u003e update nx/complex lock in exla and torchx\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/b22078978457ff2fb6e7a8b14672c3d44f92607f\"\u003e\u003ccode\u003eb220789\u003c/code\u003e\u003c/a\u003e chore: update to complex 0.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/c5871f31c64f9934124d91f276782f12b2424861\"\u003e\u003ccode\u003ec5871f3\u003c/code\u003e\u003c/a\u003e bump to 0.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/cdcf58da8199d86f3e1097d5fd2326017344989b\"\u003e\u003ccode\u003ecdcf58d\u003c/code\u003e\u003c/a\u003e fix: torchx visibility hidden and exla write_to_pointer no-op definition in p...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/48d7b0de48ed411278db641a47e24e4d77f8ea0e\"\u003e\u003ccode\u003e48d7b0d\u003c/code\u003e\u003c/a\u003e docs: don't leak internal EXLA details in CustomCall docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/5febc3fbc2c28ff05704fcda80226f1bad0688a0\"\u003e\u003ccode\u003e5febc3f\u003c/code\u003e\u003c/a\u003e Refactor EXLA block lowering through EXLA.CustomCall protocol (\u003ca href=\"https://redirect.github.com/elixir-nx/nx/issues/1739\"\u003e#1739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/1c3d86eb635e136eab7d5a1a12a57794c200d204\"\u003e\u003ccode\u003e1c3d86e\u003c/code\u003e\u003c/a\u003e fix: Nx.block with EXLA JIT (\u003ca href=\"https://redirect.github.com/elixir-nx/nx/issues/1750\"\u003e#1750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/fb89cf4f998728007d3b02f92ea118e0a13fe60b\"\u003e\u003ccode\u003efb89cf4\u003c/code\u003e\u003c/a\u003e Silence type system warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/84a2ef16e671fa0a59c76d4c752d1274df2a78a3\"\u003e\u003ccode\u003e84a2ef1\u003c/code\u003e\u003c/a\u003e Group all Nx.Block in docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-nx/nx/commit/a53bbaed938257e62b0df84131e2d0573c616e63\"\u003e\u003ccode\u003ea53bbae\u003c/code\u003e\u003c/a\u003e chore: rename linalg blocks (\u003ca href=\"https://redirect.github.com/elixir-nx/nx/issues/1738\"\u003e#1738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elixir-nx/nx/compare/v0.11.0...v0.12.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/beam-bots/bb_example_so101/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/beam-bots%2Fbb_example_so101/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"}},{"old_version":"1.10.3","new_version":"1.11.1","update_type":"minor","path":null,"pr_created_at":"2026-05-14T00:37:47.000Z","version_change":"1.10.3 → 1.11.1","issue":{"uuid":"4442131453","node_id":"PR_kwDOSJ-KK87bVPNI","number":54,"state":"closed","title":"Bump the mix-production-dependencies group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-21T01:42:24.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-14T00:37:47.000Z","updated_at":"2026-05-21T01:42:26.000Z","time_to_close":608677,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"mix-production-dependencies","update_count":5,"packages":[{"name":"bandit","old_version":"1.10.3","new_version":"1.11.1","repository_url":"https://github.com/mtrudel/bandit"},{"name":"jason","old_version":"1.4.4","new_version":"1.4.5","repository_url":"https://github.com/michalmuskala/jason"},{"name":"phoenix","old_version":"1.8.5","new_version":"1.8.7","repository_url":"https://github.com/phoenixframework/phoenix"},{"name":"phoenix_live_view","old_version":"1.1.26","new_version":"1.1.30","repository_url":"https://github.com/phoenixframework/phoenix_live_view"},{"name":"swoosh","old_version":"1.23.0","new_version":"1.25.2","repository_url":"https://github.com/swoosh/swoosh"}],"path":null,"ecosystem":"hex"},"body":"Bumps the mix-production-dependencies group with 5 updates in the /src/flagd-ui directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [bandit](https://github.com/mtrudel/bandit) | `1.10.3` | `1.11.1` |\n| [jason](https://github.com/michalmuskala/jason) | `1.4.4` | `1.4.5` |\n| [phoenix](https://github.com/phoenixframework/phoenix) | `1.8.5` | `1.8.7` |\n| [phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view) | `1.1.26` | `1.1.30` |\n| [swoosh](https://github.com/swoosh/swoosh) | `1.23.0` | `1.25.2` |\n\n\nUpdates `bandit` from 1.10.3 to 1.11.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.1 (13 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove handling of large chunked request bodies (CVE-2026-39803, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of request trailers (CVE-2026-39806, \u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWe no longer disallow \u003ccode\u003e.\u003c/code\u003e and \u003ccode\u003e..\u003c/code\u003e path components in HTTP/2 absolute paths (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.4 (25 Mar 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003e{:shutdown, :disconnected}\u003c/code\u003e as a normal WebSocket result code (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e, thanks \u003ca href=\"https://github.com/wwitek-whatnot\"\u003e\u003ccode\u003e@​wwitek-whatnot\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/40a1b8fc924694a0125bbaa7fee101fa43feeb52\"\u003e\u003ccode\u003e40a1b8f\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/37b84cfd7f26dd3b9043d2c2d31be47d86ffa8e0\"\u003e\u003ccode\u003e37b84cf\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.1 to 0.40.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/583\"\u003e#583\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8ff60784addd623c0a752b700d52edbaba107dd6\"\u003e\u003ccode\u003e8ff6078\u003c/code\u003e\u003c/a\u003e Bump telemetry from 1.4.1 to 1.4.2 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/584\"\u003e#584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ae3520dfdbfab115c638f8c7f6f6b805db34e1ab\"\u003e\u003ccode\u003eae3520d\u003c/code\u003e\u003c/a\u003e Improve chunk handling (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/585\"\u003e#585\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0f56e10ed194faad75abcbc8b221988568ccbf15\"\u003e\u003ccode\u003e0f56e10\u003c/code\u003e\u003c/a\u003e Stop handling . and .. paths specially (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/581\"\u003e#581\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.3...1.11.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jason` from 1.4.4 to 1.4.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/michalmuskala/jason/blob/master/CHANGELOG.md\"\u003ejason's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.5 (05.05.2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Decimal 3.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/4ede42858eb19f80ec9e863aab52df466eab8608\"\u003e\u003ccode\u003e4ede428\u003c/code\u003e\u003c/a\u003e Bump v1.4.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/b8c2185aaecc9839c0d13e69f7baab9c6e5e60f6\"\u003e\u003ccode\u003eb8c2185\u003c/code\u003e\u003c/a\u003e Fix dialyzer job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/a363975dc873c4bde43dd6978685adaa41e2f2d5\"\u003e\u003ccode\u003ea363975\u003c/code\u003e\u003c/a\u003e Modernise CI to currently supported versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/243c8a8ba8452a720462222ab6d80367cd9235cf\"\u003e\u003ccode\u003e243c8a8\u003c/code\u003e\u003c/a\u003e Allow decimal 3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/c8e8d0501723d0855691a89ee66ee51b429b8d56\"\u003e\u003ccode\u003ec8e8d05\u003c/code\u003e\u003c/a\u003e Revert the experimental 1.5 branch and jason_native experiment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/0e7a3e2cebcb3af550382416b19125d81d8d1824\"\u003e\u003ccode\u003e0e7a3e2\u003c/code\u003e\u003c/a\u003e Add example/doctest for Jason.OrderedObject.new/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/984bc078eb4b2084104751c7f1c5290b8338e06b\"\u003e\u003ccode\u003e984bc07\u003c/code\u003e\u003c/a\u003e fix broken link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/f775592c90472e8debe989081883de6ba282e037\"\u003e\u003ccode\u003ef775592\u003c/code\u003e\u003c/a\u003e Raise if trying to decode decimals without decimal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/79d59df70177242d288974923504880bf65a51c8\"\u003e\u003ccode\u003e79d59df\u003c/code\u003e\u003c/a\u003e Remove unneeded workarounds for xref warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/baac78e5dbd487e30f7f6f93b319c3cfbd3982e2\"\u003e\u003ccode\u003ebaac78e\u003c/code\u003e\u003c/a\u003e Fix warnings by conditionally compiling Decimal support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/michalmuskala/jason/compare/v1.4.4...v1.4.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix` from 1.8.5 to 1.8.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix/blob/main/CHANGELOG.md\"\u003ephoenix's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.8.7 (2026-05-06)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix invalid status when longpoll request times out\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMask \u003ccode\u003etoken\u003c/code\u003e parameter \u003ca href=\"https://hexdocs.pm/phoenix/Phoenix.Logger.html#module-parameter-filtering\"\u003ein logs\u003c/a\u003e by default (in addition to \u0026quot;password\u0026quot;)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJavaScript Client Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix encoding of non-ASCII metadata in binary channel messages\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.8.6 (2026-05-05)\u003c/h2\u003e\n\u003ch3\u003eSecurity fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/security/advisories/GHSA-628h-q48j-jr6q\"\u003eCVE-2026-32689\u003c/a\u003e: Fix Phoenix.Socket Longpoll transport memory exhaustion in nd-JSON body splitting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[phoenix] Raise if \u003ccode\u003euse Phoenix.VerifiedRoutes\u003c/code\u003e is called multiple times in the same module\u003c/li\u003e\n\u003cli\u003e[phoenix] Fix more deprecation and type checker warnings on Elixir 1.20\u003c/li\u003e\n\u003cli\u003e[phoenix] Raise when interpolating a list in \u003ccode\u003ePhoenix.VerifiedRoutes\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phoenix] Gracefully handle non-binary \u003ccode\u003evsn\u003c/code\u003e socket parameter (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6662\"\u003e#6662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phx.gen.*] Use \u003ccode\u003e.eex\u003c/code\u003e filename suffix in generator files\u003c/li\u003e\n\u003cli\u003e[phx.new] Add interactive mode: \u003ccode\u003emix phx.new --interactive\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phx.new] Add \u003ccode\u003ephx-no-format\u003c/code\u003e to generated \u003ccode\u003e\u0026lt;.live_title\u0026gt;\u003c/code\u003e tag (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6667\"\u003e#6667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[phx.gen.*] Fix generated migrations for myxql when using scopes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6635\"\u003e#6635\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phx.new] Fix crash when parent directory contains a colon (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/ba3a131552add5758c021ff4c6e9b6947bb5a205\"\u003e\u003ccode\u003eba3a131\u003c/code\u003e\u003c/a\u003e Release v1.8.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/e74eaccb8e909826a50c9e8095cd1694dace289c\"\u003e\u003ccode\u003ee74eacc\u003c/code\u003e\u003c/a\u003e fix invalid status on longpoll window timeout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/035fde9ac29920d4c040be91fdb7508295579036\"\u003e\u003ccode\u003e035fde9\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/eb5f52f683b148f30aa528d365b301d2c51a4b59\"\u003e\u003ccode\u003eeb5f52f\u003c/code\u003e\u003c/a\u003e Correctly serialize non ASCII metadata (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6664\"\u003e#6664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/a99c5e8974f98c57aa4c883da51f57b582c0225c\"\u003e\u003ccode\u003ea99c5e8\u003c/code\u003e\u003c/a\u003e Filter token parameters by default (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6665\"\u003e#6665\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/21901113ec7aa5158ad7748170bb9c3b3254861b\"\u003e\u003ccode\u003e2190111\u003c/code\u003e\u003c/a\u003e update installer version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/ddcdadb7de1132d630bbbe56f975e66f85f36416\"\u003e\u003ccode\u003eddcdadb\u003c/code\u003e\u003c/a\u003e Release v1.8.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/1a67c61ff9ce0a7711662ac7354861917a7c80f7\"\u003e\u003ccode\u003e1a67c61\u003c/code\u003e\u003c/a\u003e prevent unexpected memory usage on nd-json body splitting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/8ca76a2c57fb189733e67c3fb72098d1092ef60c\"\u003e\u003ccode\u003e8ca76a2\u003c/code\u003e\u003c/a\u003e fix a couple of typos (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6672\"\u003e#6672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/6214d83ac87fe87170bf2a8525b3404af1517705\"\u003e\u003ccode\u003e6214d83\u003c/code\u003e\u003c/a\u003e Bump postcss from 8.5.6 to 8.5.13 (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6671\"\u003e#6671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix/compare/v1.8.5...v1.8.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix_live_view` from 1.1.26 to 1.1.30\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/releases\"\u003ephoenix_live_view's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.30\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure internal phx-viewport hook does not crash on update if no scroll container is used (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4214\"\u003e#4214\u003c/a\u003e), introduced in v1.1.29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.29\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent JS crash when hook has a duplicate ID (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4196\"\u003e#4196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRecompute scroll container for phx-viewport bindings if it is no longer available (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4169\"\u003e#4169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix phx-viewport events not firing when container has horizontal overflow (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3897\"\u003e#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4209\"\u003e#4209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003emoveBefore\u003c/code\u003e if available when reordering stream elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4212\"\u003e#4212\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.28\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix race condition that could lead to a JS exception when nested LiveView is removed while it is joining (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4177\"\u003e#4177\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eA bunch of small performance and documentation improvements (thank you \u003ca href=\"https://github.com/preciz\"\u003e\u003ccode\u003e@​preciz\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.27\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWorkaround Chrome bug when patching \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4163\"\u003e#4163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix more type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/blob/v1.1.30/CHANGELOG.md\"\u003ephoenix_live_view's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.30 (2026-05-05)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure internal phx-viewport hook does not crash on update if no scroll container is used (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4214\"\u003e#4214\u003c/a\u003e), introduced in v1.1.29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.29 (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent JS crash when hook has a duplicate ID (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4196\"\u003e#4196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRecompute scroll container for phx-viewport bindings if it is no longer available (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4169\"\u003e#4169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix phx-viewport events not firing when container has horizontal overflow (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3897\"\u003e#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4209\"\u003e#4209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003emoveBefore\u003c/code\u003e if available when reordering stream elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4212\"\u003e#4212\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.28 (2026-03-27)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix race condition that could lead to a JS exception when nested LiveView is removed while it is joining (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4177\"\u003e#4177\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eA bunch of small performance and documentation improvements (thank you \u003ca href=\"https://github.com/preciz\"\u003e\u003ccode\u003e@​preciz\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.27 (2026-03-10)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWorkaround Chrome bug when patching \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4163\"\u003e#4163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix more type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/fdbbe52011812943d90dc4a3d46f4c0740d86bd2\"\u003e\u003ccode\u003efdbbe52\u003c/code\u003e\u003c/a\u003e Release v1.1.30\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/970932be5fa7b4313994ba3b68f0a55ff74f9a2c\"\u003e\u003ccode\u003e970932b\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/ff31d012fbeeedd38f13c9836d5d4fbfc22750b8\"\u003e\u003ccode\u003eff31d01\u003c/code\u003e\u003c/a\u003e Ensure phx-viewport hook does not fail if there's no scrollContainer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/24090b52e5f8aa392b23d9a1bf53974ecc66662a\"\u003e\u003ccode\u003e24090b5\u003c/code\u003e\u003c/a\u003e Release v1.1.29\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/cc836431208b3ad28a4cfcc2ae412ba24dc98b7c\"\u003e\u003ccode\u003ecc83643\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/8deb3e5e5a4b002bcab1250e1a14768bd7a9d5e8\"\u003e\u003ccode\u003e8deb3e5\u003c/code\u003e\u003c/a\u003e Use moveBefore if supported when reordering stream items (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4213\"\u003e#4213\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/174dad576cbff77e817091b6c7652cb3c21daffa\"\u003e\u003ccode\u003e174dad5\u003c/code\u003e\u003c/a\u003e DOM patching: Fall back to PHX_MAGIC_ID if node ID was touched by client hook...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/4e18a20652bbaca961146f73d9b1ec87295861f9\"\u003e\u003ccode\u003e4e18a20\u003c/code\u003e\u003c/a\u003e handle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4210\"\u003e#4210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/031f00ccc6b0e95eaa14222312514744a5a5a923\"\u003e\u003ccode\u003e031f00c\u003c/code\u003e\u003c/a\u003e Remove unreachable error clause in UploadTmpFileWriter.write_chunk/2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/0b4005ba0631fc03ac5e46551e540d04c95dbefe\"\u003e\u003ccode\u003e0b4005b\u003c/code\u003e\u003c/a\u003e Optimize traverse_dynamic for nil and binary entries\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/compare/v1.1.26...v1.1.30\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `swoosh` from 1.23.0 to 1.25.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/releases\"\u003eswoosh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.25.2 🚀\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: prepare 1.25.2 patch release \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1136\"\u003e#1136\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix release comment workflow repository checkout \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1128\"\u003e#1128\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(config): prioritize runtime config for Mailer \u003ca href=\"https://github.com/ukashazia\"\u003e\u003ccode\u003e@​ukashazia\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1134\"\u003e#1134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump jason from 1.4.4 to 1.4.5 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1130\"\u003e#1130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump bandit from 1.10.4 to 1.11.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1129\"\u003e#1129\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.25.1 🚀\u003c/h2\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: assert_no_email_sent and refute_email_sent now catch deliver_many \u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEscape email content in mailbox preview UI \u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump plug_cowboy from 2.8.0 to 2.8.1 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1126\"\u003e#1126\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1123\"\u003eswoosh/swoosh#1123\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1124\"\u003eswoosh/swoosh#1124\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.25.0 🚀\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare minor release 1.25.0 \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1122\"\u003e#1122\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Add Swoosh.Adapters.Sandbox \u003ca href=\"https://github.com/aidalgol\"\u003e\u003ccode\u003e@​aidalgol\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1120\"\u003e#1120\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e📝 Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove discoverability and HexDocs coverage for \u003ccode\u003eSwoosh.Adapters.Sandbox\u003c/code\u003e \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1121\"\u003e#1121\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🧰 Maintenance\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd release-published workflow to comment on released PRs \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1118\"\u003e#1118\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump bandit from 1.10.3 to 1.10.4 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1119\"\u003e#1119\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.24.0 🚀\u003c/h2\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/blob/main/CHANGELOG.md\"\u003eswoosh's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.25.2\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix(config): prioritize runtime config for Mailer \u003ca href=\"https://github.com/ukashazia\"\u003e\u003ccode\u003e@​ukashazia\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1134\"\u003e#1134\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.25.1\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEscape email content in mailbox preview UI \u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: assert_no_email_sent and refute_email_sent now catch deliver_many \u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.25.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eSwoosh.Adapters.Sandbox\u003c/code\u003e \u003ca href=\"https://github.com/aidalgol\"\u003e\u003ccode\u003e@​aidalgol\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1120\"\u003e#1120\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📝 Documentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImprove discoverability and HexDocs coverage for \u003ccode\u003eSwoosh.Adapters.Sandbox\u003c/code\u003e \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1121\"\u003e#1121\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🧰 Maintenance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd release-published workflow to comment on released PRs \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1118\"\u003e#1118\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.24.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Azure Communication Services adapter \u003ca href=\"https://github.com/jamilbk\"\u003e\u003ccode\u003e@​jamilbk\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1116\"\u003e#1116\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.23.1\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd tracking options to the mailjet adapter \u003ca href=\"https://github.com/wkirschbaum\"\u003e\u003ccode\u003e@​wkirschbaum\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1114\"\u003e#1114\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🧰 Maintenance\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove unused require Logger compilation warning \u003ca href=\"https://github.com/wkirschbaum\"\u003e\u003ccode\u003e@​wkirschbaum\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1115\"\u003e#1115\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/7baea5c965c441164ffb524855002f454e2da026\"\u003e\u003ccode\u003e7baea5c\u003c/code\u003e\u003c/a\u003e Bump jason from 1.4.4 to 1.4.5 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1130\"\u003e#1130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/37342caa1d5d5485fb17ff5df2575e77be8a8a3c\"\u003e\u003ccode\u003e37342ca\u003c/code\u003e\u003c/a\u003e chore: prepare 1.25.2 patch release (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1136\"\u003e#1136\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f6eedb4b9a2905c2ec8df0a106664bd274c4588d\"\u003e\u003ccode\u003ef6eedb4\u003c/code\u003e\u003c/a\u003e fix(config): prioritize runtime config for Mailer (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1134\"\u003e#1134\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/5596e9789ef92893cbfb5f11630b247d6f877e6b\"\u003e\u003ccode\u003e5596e97\u003c/code\u003e\u003c/a\u003e Bump bandit from 1.10.4 to 1.11.0 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1129\"\u003e#1129\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f656c6b55277f8c1b76f2429f3621d5a6aed333c\"\u003e\u003ccode\u003ef656c6b\u003c/code\u003e\u003c/a\u003e Fix release comment workflow checkout (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1128\"\u003e#1128\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/2aa9af499fa9b5250dba0a2d42cccc47a1f701c4\"\u003e\u003ccode\u003e2aa9af4\u003c/code\u003e\u003c/a\u003e Bump version to 1.25.1 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1127\"\u003e#1127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/df97f1c6b86c4e40ce31d5393b7cb97cc5e84bd2\"\u003e\u003ccode\u003edf97f1c\u003c/code\u003e\u003c/a\u003e Bump plug_cowboy from 2.8.0 to 2.8.1 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1126\"\u003e#1126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/397562e99adb780d829cf4a6dc63e76c6d263e6f\"\u003e\u003ccode\u003e397562e\u003c/code\u003e\u003c/a\u003e Regenerate styles with Tailwind CSS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/3e4ff5f800448c9446f5e4b7ea48b2f3b550d164\"\u003e\u003ccode\u003e3e4ff5f\u003c/code\u003e\u003c/a\u003e fix: use github.ref_name instead of github.ref for tailwind branch name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f0b12c02ebc13ebc621821a93ffc20c05033e5d6\"\u003e\u003ccode\u003ef0b12c0\u003c/code\u003e\u003c/a\u003e Escape email content in mailbox preview UI (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.23.0...v1.25.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/honeycombio/ced-opentelemetry-demo-app-academy-courses/pull/54","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/honeycombio%2Fced-opentelemetry-demo-app-academy-courses/issues/54","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/54/packages"}},{"old_version":"1.10.4","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2026-05-12T01:54:07.000Z","version_change":"1.10.4 → 1.11.0","issue":{"uuid":"4425584652","node_id":"PR_kwDOQF4m787afaFR","number":173,"state":"open","title":"deps(elixir): bump the elixir-query-service group across 1 directory with 8 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-12T01:54:07.000Z","updated_at":"2026-05-12T01:55:47.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(elixir): bump","group_name":"elixir-query-service","update_count":8,"packages":[{"name":"bandit","old_version":"1.10.4","new_version":"1.11.0","repository_url":"https://github.com/mtrudel/bandit"},{"name":"broadway","old_version":"1.2.1","new_version":"1.3.0","repository_url":"https://github.com/dashbitco/broadway"},{"name":"ex_doc","old_version":"0.40.1","new_version":"0.40.2","repository_url":"https://github.com/elixir-lang/ex_doc"},{"name":"jason","old_version":"1.4.4","new_version":"1.4.5","repository_url":"https://github.com/michalmuskala/jason"},{"name":"mint","old_version":"1.7.1","new_version":"1.8.0","repository_url":"https://github.com/elixir-mint/mint"},{"name":"open_api_spex","old_version":"3.22.2","new_version":"3.22.3","repository_url":"https://github.com/open-api-spex/open_api_spex"},{"name":"tesla","old_version":"1.16.0","new_version":"1.17.0","repository_url":"https://github.com/elixir-tesla/tesla"}],"path":null,"ecosystem":"hex"},"body":"Bumps the elixir-query-service group with 7 updates in the /apps/query-service directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [bandit](https://github.com/mtrudel/bandit) | `1.10.4` | `1.11.0` |\n| [broadway](https://github.com/dashbitco/broadway) | `1.2.1` | `1.3.0` |\n| [ex_doc](https://github.com/elixir-lang/ex_doc) | `0.40.1` | `0.40.2` |\n| [jason](https://github.com/michalmuskala/jason) | `1.4.4` | `1.4.5` |\n| [mint](https://github.com/elixir-mint/mint) | `1.7.1` | `1.8.0` |\n| [open_api_spex](https://github.com/open-api-spex/open_api_spex) | `3.22.2` | `3.22.3` |\n| [tesla](https://github.com/elixir-tesla/tesla) | `1.16.0` | `1.17.0` |\n\n\nUpdates `bandit` from 1.10.4 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/21612c7c7b1ce43eccd36d3af3a2299d23513667\"\u003e\u003ccode\u003e21612c7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8156921a51e684a951221da7bc30a70a022f722e\"\u003e\u003ccode\u003e8156921\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/fc3cf61f636f1f2acd708783a260dd494c3444fe\"\u003e\u003ccode\u003efc3cf61\u003c/code\u003e\u003c/a\u003e Improve handling of edge cases in send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1085ad071204ab135cc8ffc4120c2f6656b8548f\"\u003e\u003ccode\u003e1085ad0\u003c/code\u003e\u003c/a\u003e Bump machete from 0.3.11 to 0.3.12 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c70e175b68e372bdbd7eb2bf81d236de0ef831b0\"\u003e\u003ccode\u003ec70e175\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.17 to 1.7.18 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.4...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `broadway` from 1.2.1 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dashbitco/broadway/blob/main/CHANGELOG.md\"\u003ebroadway's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0 (2026-04-17)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd telemetry events around \u003ccode\u003ehandle_failed\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eInclude producer metadata in telemetry events\u003c/li\u003e\n\u003cli\u003eAdd labels to Broadway stages\u003c/li\u003e\n\u003cli\u003eFix race condition during graceful shutdown\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/d3a668c885342ae223b5ebcd9571efe4a0f18c41\"\u003e\u003ccode\u003ed3a668c\u003c/code\u003e\u003c/a\u003e Release v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/dd2f40571ac463bbc56f949b6c1f8d33fd6cc665\"\u003e\u003ccode\u003edd2f405\u003c/code\u003e\u003c/a\u003e Include producer metadata in per-message events (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/966c59ad95ddb6aa75c91e71848cfc617bef3a8e\"\u003e\u003ccode\u003e966c59a\u003c/code\u003e\u003c/a\u003e Add :telemetry.span for handle_failed/2 callback (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/369\"\u003e#369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/370f180e853a33978f1822432c66bea61f9d98ef\"\u003e\u003ccode\u003e370f180\u003c/code\u003e\u003c/a\u003e Clarify some docs related to GenStage demand (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/368\"\u003e#368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/69d90526dc7c1003d1b9fff5092645eb4fbe9e48\"\u003e\u003ccode\u003e69d9052\u003c/code\u003e\u003c/a\u003e Bump Elixir/Erlang CI matrix and GitHub actions (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/365\"\u003e#365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/8c6616475acc874f185ffabaffc92554eefefbfc\"\u003e\u003ccode\u003e8c66164\u003c/code\u003e\u003c/a\u003e Add Process.set_label/1 to Broadway stages (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/363\"\u003e#363\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/d32d30deb64dc4481f2743f6a0d8606299690046\"\u003e\u003ccode\u003ed32d30d\u003c/code\u003e\u003c/a\u003e Catch exits if already down when trapping exits\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/f52f2f793e16e1c976f5e52adc372457d1445b73\"\u003e\u003ccode\u003ef52f2f7\u003c/code\u003e\u003c/a\u003e Fix graceful shutdown race condition (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/362\"\u003e#362\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/136bea6786ae1526721a98a93ca9d752543c3a7d\"\u003e\u003ccode\u003e136bea6\u003c/code\u003e\u003c/a\u003e Add batch_size/0 and batch_size_fun/0 types (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/361\"\u003e#361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/7977502abbf3c0b06ea1fbbae415dff3932fb796\"\u003e\u003ccode\u003e7977502\u003c/code\u003e\u003c/a\u003e Add new unofficial producer off_broadway_emqtt (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/360\"\u003e#360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dashbitco/broadway/compare/v1.2.1...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ex_doc` from 0.40.1 to 0.40.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-lang/ex_doc/blob/main/CHANGELOG.md\"\u003eex_doc's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.40.2 (2026-05-08)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBug fixes\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003erel=\u0026quot;nofollow\u0026quot;\u003c/code\u003e to external links in HTML output\u003c/li\u003e\n\u003cli\u003eUse blockquote in \u003ccode\u003ellms.txt\u003c/code\u003e description\u003c/li\u003e\n\u003cli\u003eVoid elements in \u003ccode\u003eepub\u003c/code\u003e, such \u003ccode\u003ewbr\u003c/code\u003e, must be terminated by the matching end-tag\u003c/li\u003e\n\u003cli\u003eFix content container scrolling in older versions of Safari\u003c/li\u003e\n\u003cli\u003eSkip HTML comments when computing synopsis\u003c/li\u003e\n\u003cli\u003eFix markdown backend code fence language and opaque type display\u003c/li\u003e\n\u003cli\u003eFix false positive warning when linking to asset files\u003c/li\u003e\n\u003cli\u003ePrevent \u003ccode\u003e#search\u003c/code\u003e selector from impacting user content\u003c/li\u003e\n\u003cli\u003eRaise on extras that conflict with reserved filenames\u003c/li\u003e\n\u003cli\u003eFix styling of admonition blocks\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/c868c6a9dfb4da78ebaf31b153a16a5bc169b6ff\"\u003e\u003ccode\u003ec868c6a\u003c/code\u003e\u003c/a\u003e Release v0.40.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/b9cc3723816cffeab5d4a5acc89d02e910efcb8b\"\u003e\u003ccode\u003eb9cc372\u003c/code\u003e\u003c/a\u003e Update makeup_erlang version (\u003ca href=\"https://redirect.github.com/elixir-lang/ex_doc/issues/2236\"\u003e#2236\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/b389d1733af711a52cd0bf27e5f27797d629bca7\"\u003e\u003ccode\u003eb389d17\u003c/code\u003e\u003c/a\u003e Fix dead code and overriden clauses found by the type system\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/25523c9d377158e98b0a2f1c2815456988049f3b\"\u003e\u003ccode\u003e25523c9\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/dbed340cf31fd5421dd79e2c625efc8b4f3cd21b\"\u003e\u003ccode\u003edbed340\u003c/code\u003e\u003c/a\u003e Raise on extras that conflict with reserved filenames\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/2808e459dbb5047befe5d51fbe9a9d1d8d0469f5\"\u003e\u003ccode\u003e2808e45\u003c/code\u003e\u003c/a\u003e Prevent #search selector from impacting user content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/bc909685fd41f0e16f6714403bf520301ef3f28f\"\u003e\u003ccode\u003ebc90968\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/93339793797f0e40058e5400fbf1c9bd6cdd9109\"\u003e\u003ccode\u003e9333979\u003c/code\u003e\u003c/a\u003e Fix inline code font size in headings (\u003ca href=\"https://redirect.github.com/elixir-lang/ex_doc/issues/2220\"\u003e#2220\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/974b26305a1bd008f84e81526130fe01995f75ac\"\u003e\u003ccode\u003e974b263\u003c/code\u003e\u003c/a\u003e Raise on duplicate entries in files in :extras (\u003ca href=\"https://redirect.github.com/elixir-lang/ex_doc/issues/2226\"\u003e#2226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/af07dd786a9e6a09b7681ce99cc48d5c219ead20\"\u003e\u003ccode\u003eaf07dd7\u003c/code\u003e\u003c/a\u003e Fix false positive warning when linking to asset files (\u003ca href=\"https://redirect.github.com/elixir-lang/ex_doc/issues/2225\"\u003e#2225\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elixir-lang/ex_doc/compare/v0.40.1...v0.40.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jason` from 1.4.4 to 1.4.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/michalmuskala/jason/blob/master/CHANGELOG.md\"\u003ejason's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.5 (05.05.2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Decimal 3.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/4ede42858eb19f80ec9e863aab52df466eab8608\"\u003e\u003ccode\u003e4ede428\u003c/code\u003e\u003c/a\u003e Bump v1.4.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/b8c2185aaecc9839c0d13e69f7baab9c6e5e60f6\"\u003e\u003ccode\u003eb8c2185\u003c/code\u003e\u003c/a\u003e Fix dialyzer job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/a363975dc873c4bde43dd6978685adaa41e2f2d5\"\u003e\u003ccode\u003ea363975\u003c/code\u003e\u003c/a\u003e Modernise CI to currently supported versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/243c8a8ba8452a720462222ab6d80367cd9235cf\"\u003e\u003ccode\u003e243c8a8\u003c/code\u003e\u003c/a\u003e Allow decimal 3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/c8e8d0501723d0855691a89ee66ee51b429b8d56\"\u003e\u003ccode\u003ec8e8d05\u003c/code\u003e\u003c/a\u003e Revert the experimental 1.5 branch and jason_native experiment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/0e7a3e2cebcb3af550382416b19125d81d8d1824\"\u003e\u003ccode\u003e0e7a3e2\u003c/code\u003e\u003c/a\u003e Add example/doctest for Jason.OrderedObject.new/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/984bc078eb4b2084104751c7f1c5290b8338e06b\"\u003e\u003ccode\u003e984bc07\u003c/code\u003e\u003c/a\u003e fix broken link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/f775592c90472e8debe989081883de6ba282e037\"\u003e\u003ccode\u003ef775592\u003c/code\u003e\u003c/a\u003e Raise if trying to decode decimals without decimal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/79d59df70177242d288974923504880bf65a51c8\"\u003e\u003ccode\u003e79d59df\u003c/code\u003e\u003c/a\u003e Remove unneeded workarounds for xref warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/baac78e5dbd487e30f7f6f93b319c3cfbd3982e2\"\u003e\u003ccode\u003ebaac78e\u003c/code\u003e\u003c/a\u003e Fix warnings by conditionally compiling Decimal support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/michalmuskala/jason/compare/v1.4.4...v1.4.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `mint` from 1.7.1 to 1.8.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-mint/mint/blob/main/CHANGELOG.md\"\u003emint's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.8.0\u003c/h2\u003e\n\u003ch3\u003eNew features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRaise the default HTTP/2 receive windows to 16 MB (connection) and 4 MB (stream), and batch HTTP/2 receive-window refills. The larger windows lift the per-stream throughput cap (\u003ccode\u003ewindow / RTT\u003c/code\u003e), giving substantially higher throughput on higher-latency connections, in exchange for higher peak memory use per connection. The connection-level window is now configurable via the new \u003ccode\u003e:connection_window_size\u003c/code\u003e option to \u003ccode\u003eMint.HTTP.connect/4\u003c/code\u003e, and refill batching is configurable via the new \u003ccode\u003e:receive_window_update_threshold\u003c/code\u003e option.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eMint.HTTP2.set_window_size/3\u003c/code\u003e for advertising a larger receive window to the server after a connection has been established.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eMint.HTTP.request_body_window/2\u003c/code\u003e for querying the available send-window when streaming a request body.\u003c/li\u003e\n\u003cli\u003eIntroduce the \u003ccode\u003e:optional_responses\u003c/code\u003e option for \u003ccode\u003eMint.HTTP1.connect/4\u003c/code\u003e, with a \u003ccode\u003e:status_reason\u003c/code\u003e value that surfaces the HTTP/1.1 status reason-phrase as a new \u003ccode\u003e{:status_reason, request_ref, reason_phrase}\u003c/code\u003e response.\u003c/li\u003e\n\u003cli\u003eChange \u003ccode\u003et:Mint.HTTP.t/0\u003c/code\u003e from an opaque to an open type.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003et:Mint.HTTPError.reason/0\u003c/code\u003e and \u003ccode\u003et:Mint.TransportError.reason/0\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix HTTP/1 handling of \u003ccode\u003e1xx\u003c/code\u003e informational responses.\u003c/li\u003e\n\u003cli\u003eForbid or replace empty targets in HTTP/1.1 requests.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/ef8f3a1160ee579d1a0db6311eb02ea63e7cc151\"\u003e\u003ccode\u003eef8f3a1\u003c/code\u003e\u003c/a\u003e Release v1.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/ddf2e1d09116ae996c1c887213142b91945bfb68\"\u003e\u003ccode\u003eddf2e1d\u003c/code\u003e\u003c/a\u003e Document since-version for new HTTP/2 receive-window options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/4c4bf9139db8923c9045baa6d0da947b31aaf4ba\"\u003e\u003ccode\u003e4c4bf91\u003c/code\u003e\u003c/a\u003e feat: polymorphic helper for request body streaming (\u003ca href=\"https://redirect.github.com/elixir-mint/mint/issues/485\"\u003e#485\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/4fca8832e8fad34b90d29ef80df1dc29ccd925bd\"\u003e\u003ccode\u003e4fca883\u003c/code\u003e\u003c/a\u003e Raise default HTTP/2 receive windows and batch HTTP/2 receive-window refills ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/4a195ffb5536719985d1bc3d22b7eadc21ee1651\"\u003e\u003ccode\u003e4a195ff\u003c/code\u003e\u003c/a\u003e Add Mint.HTTP2.set_window_size/3 (\u003ca href=\"https://redirect.github.com/elixir-mint/mint/issues/480\"\u003e#480\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/d3fee6e3d3cedc63ba4eae01d17bc5236b0b623f\"\u003e\u003ccode\u003ed3fee6e\u003c/code\u003e\u003c/a\u003e Change Mint.HTTP.t() from opaque to open type (\u003ca href=\"https://redirect.github.com/elixir-mint/mint/issues/483\"\u003e#483\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/e3c291c11130936c9ebeed0d12f67646630679b7\"\u003e\u003ccode\u003ee3c291c\u003c/code\u003e\u003c/a\u003e Fix HTTP/1 handling of 1xx informational responses (\u003ca href=\"https://redirect.github.com/elixir-mint/mint/issues/479\"\u003e#479\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/1a82c1d0f7869719f719a1fa5817c80d430ddbaa\"\u003e\u003ccode\u003e1a82c1d\u003c/code\u003e\u003c/a\u003e Support Elixir ~\u0026gt; 1.12 (\u003ca href=\"https://redirect.github.com/elixir-mint/mint/issues/478\"\u003e#478\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/2a78a5b99e515e15bee164c2bf221671d8be718f\"\u003e\u003ccode\u003e2a78a5b\u003c/code\u003e\u003c/a\u003e Run HTTP/2 integration tests against local Caddy instead of nghttp2.org (\u003ca href=\"https://redirect.github.com/elixir-mint/mint/issues/482\"\u003e#482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-mint/mint/commit/0bfcc869b53b83989c24ba681d66d0a447b5a1c3\"\u003e\u003ccode\u003e0bfcc86\u003c/code\u003e\u003c/a\u003e Add a couple of \u003ca href=\"https://github.com/typedocs\"\u003e\u003ccode\u003e@​typedocs\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elixir-mint/mint/compare/v1.7.1...v1.8.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `open_api_spex` from 3.22.2 to 3.22.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-api-spex/open_api_spex/releases\"\u003eopen_api_spex's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.22.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: removed unused require(s) by \u003ca href=\"https://github.com/David-Klemenc\"\u003e\u003ccode\u003e@​David-Klemenc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/open-api-spex/open_api_spex/pull/700\"\u003eopen-api-spex/open_api_spex#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax decimal requirement by \u003ca href=\"https://github.com/josevalim\"\u003e\u003ccode\u003e@​josevalim\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/open-api-spex/open_api_spex/pull/702\"\u003eopen-api-spex/open_api_spex#702\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/josevalim\"\u003e\u003ccode\u003e@​josevalim\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/open-api-spex/open_api_spex/pull/702\"\u003eopen-api-spex/open_api_spex#702\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/open-api-spex/open_api_spex/compare/v3.22.2...v3.22.3\"\u003ehttps://github.com/open-api-spex/open_api_spex/compare/v3.22.2...v3.22.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-api-spex/open_api_spex/blob/master/CHANGELOG.md\"\u003eopen_api_spex's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.22.3 - 2026-05-05\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore: removed unused require(s) by \u003ca href=\"https://github.com/David-Klemenc\"\u003e\u003ccode\u003e@​David-Klemenc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/open-api-spex/open_api_spex/pull/700\"\u003eopen-api-spex/open_api_spex#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelax decimal requirement by \u003ca href=\"https://github.com/josevalim\"\u003e\u003ccode\u003e@​josevalim\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/open-api-spex/open_api_spex/pull/702\"\u003eopen-api-spex/open_api_spex#702\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-api-spex/open_api_spex/commit/8850f32e72f978a40043d7fdeec604da2df49b00\"\u003e\u003ccode\u003e8850f32\u003c/code\u003e\u003c/a\u003e Release version 3.22.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-api-spex/open_api_spex/commit/1377df0177133a0177f901e9ff5e859d878374a7\"\u003e\u003ccode\u003e1377df0\u003c/code\u003e\u003c/a\u003e Relax decimal requirement (\u003ca href=\"https://redirect.github.com/open-api-spex/open_api_spex/issues/702\"\u003e#702\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-api-spex/open_api_spex/commit/224d1e1c3454c88aca57fdfd567983d113d9826a\"\u003e\u003ccode\u003e224d1e1\u003c/code\u003e\u003c/a\u003e chore: removed unused require(s) (\u003ca href=\"https://redirect.github.com/open-api-spex/open_api_spex/issues/700\"\u003e#700\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/open-api-spex/open_api_spex/compare/v3.22.2...v3.22.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `telemetry` from 1.4.1 to 1.4.2\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/beam-telemetry/telemetry/blob/main/CHANGELOG.md\"\u003etelemetry's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/elixir-telemetry/telemetry/tree/v1.4.2\"\u003e1.4.2\u003c/a\u003e\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eOptimize persistent term operations\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUse structured logging consistently\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-telemetry/telemetry/commit/7baf8085e406d5ae9e43b284d7c866742ae04b28\"\u003e\u003ccode\u003e7baf808\u003c/code\u003e\u003c/a\u003e Release v1.4.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-telemetry/telemetry/commit/a382cd144aa3a34e807a0aa245aa7e8629acf399\"\u003e\u003ccode\u003ea382cd1\u003c/code\u003e\u003c/a\u003e Use structured logging all the way (\u003ca href=\"https://redirect.github.com/beam-telemetry/telemetry/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/beam-telemetry/telemetry/commit/87c134544c0430b073f0d246c80cc15cc9f4fbe3\"\u003e\u003ccode\u003e87c1345\u003c/code\u003e\u003c/a\u003e Persistent term optimisations (\u003ca href=\"https://redirect.github.com/beam-telemetry/telemetry/issues/148\"\u003e#148\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/beam-telemetry/telemetry/compare/v1.4.1...v1.4.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tesla` from 1.16.0 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-tesla/tesla/releases\"\u003etesla's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/compare/v1.16.0...v1.17.0\"\u003e1.17.0\u003c/a\u003e (2026-04-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd :metadata option to Logger middleware (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/38e209a5a370160a723eb7a69665befdf9978b1a\"\u003e38e209a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003eassigns\u003c/code\u003e and \u003ccode\u003eprivate\u003c/code\u003e fields to \u003ccode\u003eTesla.Env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8b622ca1cd3104fd5d437bb3245d865d6af0b37\"\u003eb8b622c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add put_middleware/2, replace_middleware!/3, update_middleware!/3, and insert_middleware!/4 (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/840\"\u003e#840\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/fa755c97a24dbb4d542cffdad1bba8222053dbe1\"\u003efa755c9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add update_middleware/2 to transform middleware list (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/523\"\u003e#523\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/0689e64a3689bdbcb2a5921c1f3a1b32fb7f64c8\"\u003e0689e64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e emit url.template from KeepRequest preserved URL (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/839\"\u003e#839\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/544e1d7473e54030315553a6534d7e291250009d\"\u003e544e1d7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e semantic OTel metadata and legacy mode (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/838\"\u003e#838\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/aae0866c4e200858eb29789056bc90824c580be9\"\u003eaae0866\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid soft-deprecated warning logs when compiling tesla itself (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/834\"\u003e#834\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/ab822644006666702e1820625c96c60023a2a3e1\"\u003eab82264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edialyzer spec for mock opts (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/831\"\u003e#831\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/440ec4e442db3541b10f63a3da6235a5239fdab8\"\u003e440ec4e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance response handling in Mint adapter (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/a6721774e226ae48a9e3fc10f6592b595d5cde2f\"\u003ea672177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003einclude caller module name in \u003ccode\u003euse Tesla\u003c/code\u003e deprecation warning (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/832\"\u003e#832\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8fb158f1ef5e2bebad7fd3b207738b1f4a3b9f6\"\u003eb8fb158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emint:\u003c/strong\u003e avoid active-mode message races without breaking reused connections (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/812\"\u003e#812\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/d812f543c905f53326899f38f687153f77551c44\"\u003ed812f54\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-tesla/tesla/blob/master/CHANGELOG.md\"\u003etesla's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/compare/v1.16.0...v1.17.0\"\u003e1.17.0\u003c/a\u003e (2026-04-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd :metadata option to Logger middleware (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/38e209a5a370160a723eb7a69665befdf9978b1a\"\u003e38e209a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003eassigns\u003c/code\u003e and \u003ccode\u003eprivate\u003c/code\u003e fields to \u003ccode\u003eTesla.Env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8b622ca1cd3104fd5d437bb3245d865d6af0b37\"\u003eb8b622c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add put_middleware/2, replace_middleware!/3, update_middleware!/3, and insert_middleware!/4 (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/840\"\u003e#840\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/fa755c97a24dbb4d542cffdad1bba8222053dbe1\"\u003efa755c9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add update_middleware/2 to transform middleware list (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/523\"\u003e#523\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/0689e64a3689bdbcb2a5921c1f3a1b32fb7f64c8\"\u003e0689e64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e emit url.template from KeepRequest preserved URL (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/839\"\u003e#839\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/544e1d7473e54030315553a6534d7e291250009d\"\u003e544e1d7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e semantic OTel metadata and legacy mode (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/838\"\u003e#838\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/aae0866c4e200858eb29789056bc90824c580be9\"\u003eaae0866\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid soft-deprecated warning logs when compiling tesla itself (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/834\"\u003e#834\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/ab822644006666702e1820625c96c60023a2a3e1\"\u003eab82264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edialyzer spec for mock opts (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/831\"\u003e#831\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/440ec4e442db3541b10f63a3da6235a5239fdab8\"\u003e440ec4e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance response handling in Mint adapter (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/a6721774e226ae48a9e3fc10f6592b595d5cde2f\"\u003ea672177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003einclude caller module name in \u003ccode\u003euse Tesla\u003c/code\u003e deprecation warning (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/832\"\u003e#832\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8fb158f1ef5e2bebad7fd3b207738b1f4a3b9f6\"\u003eb8fb158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emint:\u003c/strong\u003e avoid active-mode message races without breaking reused connections (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/812\"\u003e#812\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/d812f543c905f53326899f38f687153f77551c44\"\u003ed812f54\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/de2eaaf881077a84ffd00f76806afaf80c0e4c88\"\u003e\u003ccode\u003ede2eaaf\u003c/code\u003e\u003c/a\u003e chore(master): release 1.17.0 (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/830\"\u003e#830\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/a6721774e226ae48a9e3fc10f6592b595d5cde2f\"\u003e\u003ccode\u003ea672177\u003c/code\u003e\u003c/a\u003e fix: enhance response handling in Mint adapter (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/803\"\u003e#803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/daec639e7e25eaf54b37fc87004b7fbbf576357a\"\u003e\u003ccode\u003edaec639\u003c/code\u003e\u003c/a\u003e chore(mint): strengthen mode regression coverage (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/841\"\u003e#841\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/d812f543c905f53326899f38f687153f77551c44\"\u003e\u003ccode\u003ed812f54\u003c/code\u003e\u003c/a\u003e fix(mint): avoid active-mode message races without breaking reused connection...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/fa755c97a24dbb4d542cffdad1bba8222053dbe1\"\u003e\u003ccode\u003efa755c9\u003c/code\u003e\u003c/a\u003e feat(client): add put_middleware/2, replace_middleware!/3, update_middleware!...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/0689e64a3689bdbcb2a5921c1f3a1b32fb7f64c8\"\u003e\u003ccode\u003e0689e64\u003c/code\u003e\u003c/a\u003e feat(client): add update_middleware/2 to transform middleware list (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/523\"\u003e#523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/544e1d7473e54030315553a6534d7e291250009d\"\u003e\u003ccode\u003e544e1d7\u003c/code\u003e\u003c/a\u003e feat(logger): emit url.template from KeepRequest preserved URL (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/839\"\u003e#839\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/aae0866c4e200858eb29789056bc90824c580be9\"\u003e\u003ccode\u003eaae0866\u003c/code\u003e\u003c/a\u003e feat(logger): semantic OTel metadata and legacy mode (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/838\"\u003e#838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8b622ca1cd3104fd5d437bb3245d865d6af0b37\"\u003e\u003ccode\u003eb8b622c\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eassigns\u003c/code\u003e and \u003ccode\u003eprivate\u003c/code\u003e fields to \u003ccode\u003eTesla.Env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/836\"\u003e#836\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/1c03570b13a807e3300b386e93fe87ec5b48fe0c\"\u003e\u003ccode\u003e1c03570\u003c/code\u003e\u003c/a\u003e chore: ci housekeeping (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/835\"\u003e#835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elixir-tesla/tesla/compare/v1.16.0...v1.17.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/all-source-os/all-source/pull/173","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/all-source-os%2Fall-source/issues/173","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/173/packages"}},{"old_version":"1.10.4","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2026-05-06T21:30:32.000Z","version_change":"1.10.4 → 1.11.0","issue":{"uuid":"4394568467","node_id":"PR_kwDOSQq6Wc7Y7jAn","number":24,"state":"closed","title":"chore(deps): bump the mix-production-dependencies group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-20T23:53:22.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-06T21:30:32.000Z","updated_at":"2026-05-20T23:53:24.000Z","time_to_close":1218170,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"mix-production-dependencies","update_count":5,"packages":[{"name":"bandit","old_version":"1.10.4","new_version":"1.11.0","repository_url":"https://github.com/mtrudel/bandit"},{"name":"jason","old_version":"1.4.4","new_version":"1.4.5","repository_url":"https://github.com/michalmuskala/jason"},{"name":"phoenix","old_version":"1.8.5","new_version":"1.8.7","repository_url":"https://github.com/phoenixframework/phoenix"},{"name":"phoenix_live_view","old_version":"1.1.28","new_version":"1.1.30","repository_url":"https://github.com/phoenixframework/phoenix_live_view"},{"name":"swoosh","old_version":"1.25.0","new_version":"1.25.1","repository_url":"https://github.com/swoosh/swoosh"}],"path":null,"ecosystem":"hex"},"body":"Bumps the mix-production-dependencies group with 5 updates in the /src/flagd-ui directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [bandit](https://github.com/mtrudel/bandit) | `1.10.4` | `1.11.0` |\n| [jason](https://github.com/michalmuskala/jason) | `1.4.4` | `1.4.5` |\n| [phoenix](https://github.com/phoenixframework/phoenix) | `1.8.5` | `1.8.7` |\n| [phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view) | `1.1.28` | `1.1.30` |\n| [swoosh](https://github.com/swoosh/swoosh) | `1.25.0` | `1.25.1` |\n\n\nUpdates `bandit` from 1.10.4 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/21612c7c7b1ce43eccd36d3af3a2299d23513667\"\u003e\u003ccode\u003e21612c7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8156921a51e684a951221da7bc30a70a022f722e\"\u003e\u003ccode\u003e8156921\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/fc3cf61f636f1f2acd708783a260dd494c3444fe\"\u003e\u003ccode\u003efc3cf61\u003c/code\u003e\u003c/a\u003e Improve handling of edge cases in send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1085ad071204ab135cc8ffc4120c2f6656b8548f\"\u003e\u003ccode\u003e1085ad0\u003c/code\u003e\u003c/a\u003e Bump machete from 0.3.11 to 0.3.12 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c70e175b68e372bdbd7eb2bf81d236de0ef831b0\"\u003e\u003ccode\u003ec70e175\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.17 to 1.7.18 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.4...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jason` from 1.4.4 to 1.4.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/michalmuskala/jason/blob/master/CHANGELOG.md\"\u003ejason's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.5 (05.05.2026)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for Decimal 3.0\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/4ede42858eb19f80ec9e863aab52df466eab8608\"\u003e\u003ccode\u003e4ede428\u003c/code\u003e\u003c/a\u003e Bump v1.4.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/b8c2185aaecc9839c0d13e69f7baab9c6e5e60f6\"\u003e\u003ccode\u003eb8c2185\u003c/code\u003e\u003c/a\u003e Fix dialyzer job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/a363975dc873c4bde43dd6978685adaa41e2f2d5\"\u003e\u003ccode\u003ea363975\u003c/code\u003e\u003c/a\u003e Modernise CI to currently supported versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/243c8a8ba8452a720462222ab6d80367cd9235cf\"\u003e\u003ccode\u003e243c8a8\u003c/code\u003e\u003c/a\u003e Allow decimal 3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/c8e8d0501723d0855691a89ee66ee51b429b8d56\"\u003e\u003ccode\u003ec8e8d05\u003c/code\u003e\u003c/a\u003e Revert the experimental 1.5 branch and jason_native experiment\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/0e7a3e2cebcb3af550382416b19125d81d8d1824\"\u003e\u003ccode\u003e0e7a3e2\u003c/code\u003e\u003c/a\u003e Add example/doctest for Jason.OrderedObject.new/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/984bc078eb4b2084104751c7f1c5290b8338e06b\"\u003e\u003ccode\u003e984bc07\u003c/code\u003e\u003c/a\u003e fix broken link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/f775592c90472e8debe989081883de6ba282e037\"\u003e\u003ccode\u003ef775592\u003c/code\u003e\u003c/a\u003e Raise if trying to decode decimals without decimal\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/79d59df70177242d288974923504880bf65a51c8\"\u003e\u003ccode\u003e79d59df\u003c/code\u003e\u003c/a\u003e Remove unneeded workarounds for xref warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/michalmuskala/jason/commit/baac78e5dbd487e30f7f6f93b319c3cfbd3982e2\"\u003e\u003ccode\u003ebaac78e\u003c/code\u003e\u003c/a\u003e Fix warnings by conditionally compiling Decimal support\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/michalmuskala/jason/compare/v1.4.4...v1.4.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix` from 1.8.5 to 1.8.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix/blob/main/CHANGELOG.md\"\u003ephoenix's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.8.7 (2026-05-06)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix invalid status when longpoll request times out\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMask \u003ccode\u003etoken\u003c/code\u003e parameter \u003ca href=\"https://hexdocs.pm/phoenix/Phoenix.Logger.html#module-parameter-filtering\"\u003ein logs\u003c/a\u003e by default (in addition to \u0026quot;password\u0026quot;)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJavaScript Client Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix encoding of non-ASCII metadata in binary channel messages\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.8.6 (2026-05-05)\u003c/h2\u003e\n\u003ch3\u003eSecurity fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/security/advisories/GHSA-628h-q48j-jr6q\"\u003eCVE-2026-32689\u003c/a\u003e: Fix Phoenix.Socket Longpoll transport memory exhaustion in nd-JSON body splitting\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[phoenix] Raise if \u003ccode\u003euse Phoenix.VerifiedRoutes\u003c/code\u003e is called multiple times in the same module\u003c/li\u003e\n\u003cli\u003e[phoenix] Fix more deprecation and type checker warnings on Elixir 1.20\u003c/li\u003e\n\u003cli\u003e[phoenix] Raise when interpolating a list in \u003ccode\u003ePhoenix.VerifiedRoutes\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6632\"\u003e#6632\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phoenix] Gracefully handle non-binary \u003ccode\u003evsn\u003c/code\u003e socket parameter (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6662\"\u003e#6662\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phx.gen.*] Use \u003ccode\u003e.eex\u003c/code\u003e filename suffix in generator files\u003c/li\u003e\n\u003cli\u003e[phx.new] Add interactive mode: \u003ccode\u003emix phx.new --interactive\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6630\"\u003e#6630\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phx.new] Add \u003ccode\u003ephx-no-format\u003c/code\u003e to generated \u003ccode\u003e\u0026lt;.live_title\u0026gt;\u003c/code\u003e tag (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6667\"\u003e#6667\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[phx.gen.*] Fix generated migrations for myxql when using scopes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6635\"\u003e#6635\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[phx.new] Fix crash when parent directory contains a colon (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6633\"\u003e#6633\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/ba3a131552add5758c021ff4c6e9b6947bb5a205\"\u003e\u003ccode\u003eba3a131\u003c/code\u003e\u003c/a\u003e Release v1.8.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/e74eaccb8e909826a50c9e8095cd1694dace289c\"\u003e\u003ccode\u003ee74eacc\u003c/code\u003e\u003c/a\u003e fix invalid status on longpoll window timeout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/035fde9ac29920d4c040be91fdb7508295579036\"\u003e\u003ccode\u003e035fde9\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/eb5f52f683b148f30aa528d365b301d2c51a4b59\"\u003e\u003ccode\u003eeb5f52f\u003c/code\u003e\u003c/a\u003e Correctly serialize non ASCII metadata (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6664\"\u003e#6664\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/a99c5e8974f98c57aa4c883da51f57b582c0225c\"\u003e\u003ccode\u003ea99c5e8\u003c/code\u003e\u003c/a\u003e Filter token parameters by default (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6665\"\u003e#6665\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/21901113ec7aa5158ad7748170bb9c3b3254861b\"\u003e\u003ccode\u003e2190111\u003c/code\u003e\u003c/a\u003e update installer version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/ddcdadb7de1132d630bbbe56f975e66f85f36416\"\u003e\u003ccode\u003eddcdadb\u003c/code\u003e\u003c/a\u003e Release v1.8.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/1a67c61ff9ce0a7711662ac7354861917a7c80f7\"\u003e\u003ccode\u003e1a67c61\u003c/code\u003e\u003c/a\u003e prevent unexpected memory usage on nd-json body splitting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/8ca76a2c57fb189733e67c3fb72098d1092ef60c\"\u003e\u003ccode\u003e8ca76a2\u003c/code\u003e\u003c/a\u003e fix a couple of typos (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6672\"\u003e#6672\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/6214d83ac87fe87170bf2a8525b3404af1517705\"\u003e\u003ccode\u003e6214d83\u003c/code\u003e\u003c/a\u003e Bump postcss from 8.5.6 to 8.5.13 (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6671\"\u003e#6671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix/compare/v1.8.5...v1.8.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix_live_view` from 1.1.28 to 1.1.30\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/releases\"\u003ephoenix_live_view's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.30\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure internal phx-viewport hook does not crash on update if no scroll container is used (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4214\"\u003e#4214\u003c/a\u003e), introduced in v1.1.29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.29\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent JS crash when hook has a duplicate ID (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4196\"\u003e#4196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRecompute scroll container for phx-viewport bindings if it is no longer available (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4169\"\u003e#4169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix phx-viewport events not firing when container has horizontal overflow (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3897\"\u003e#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4209\"\u003e#4209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003emoveBefore\u003c/code\u003e if available when reordering stream elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4212\"\u003e#4212\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/blob/v1.1.30/CHANGELOG.md\"\u003ephoenix_live_view's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.30 (2026-05-05)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure internal phx-viewport hook does not crash on update if no scroll container is used (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4214\"\u003e#4214\u003c/a\u003e), introduced in v1.1.29.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.29 (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent JS crash when hook has a duplicate ID (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4196\"\u003e#4196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRecompute scroll container for phx-viewport bindings if it is no longer available (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4169\"\u003e#4169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix phx-viewport events not firing when container has horizontal overflow (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3897\"\u003e#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4209\"\u003e#4209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003emoveBefore\u003c/code\u003e if available when reordering stream elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4212\"\u003e#4212\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/fdbbe52011812943d90dc4a3d46f4c0740d86bd2\"\u003e\u003ccode\u003efdbbe52\u003c/code\u003e\u003c/a\u003e Release v1.1.30\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/970932be5fa7b4313994ba3b68f0a55ff74f9a2c\"\u003e\u003ccode\u003e970932b\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/ff31d012fbeeedd38f13c9836d5d4fbfc22750b8\"\u003e\u003ccode\u003eff31d01\u003c/code\u003e\u003c/a\u003e Ensure phx-viewport hook does not fail if there's no scrollContainer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/24090b52e5f8aa392b23d9a1bf53974ecc66662a\"\u003e\u003ccode\u003e24090b5\u003c/code\u003e\u003c/a\u003e Release v1.1.29\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/cc836431208b3ad28a4cfcc2ae412ba24dc98b7c\"\u003e\u003ccode\u003ecc83643\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/8deb3e5e5a4b002bcab1250e1a14768bd7a9d5e8\"\u003e\u003ccode\u003e8deb3e5\u003c/code\u003e\u003c/a\u003e Use moveBefore if supported when reordering stream items (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4213\"\u003e#4213\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/174dad576cbff77e817091b6c7652cb3c21daffa\"\u003e\u003ccode\u003e174dad5\u003c/code\u003e\u003c/a\u003e DOM patching: Fall back to PHX_MAGIC_ID if node ID was touched by client hook...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/4e18a20652bbaca961146f73d9b1ec87295861f9\"\u003e\u003ccode\u003e4e18a20\u003c/code\u003e\u003c/a\u003e handle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4210\"\u003e#4210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/031f00ccc6b0e95eaa14222312514744a5a5a923\"\u003e\u003ccode\u003e031f00c\u003c/code\u003e\u003c/a\u003e Remove unreachable error clause in UploadTmpFileWriter.write_chunk/2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/0b4005ba0631fc03ac5e46551e540d04c95dbefe\"\u003e\u003ccode\u003e0b4005b\u003c/code\u003e\u003c/a\u003e Optimize traverse_dynamic for nil and binary entries\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/compare/v1.1.28...v1.1.30\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `swoosh` from 1.25.0 to 1.25.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/releases\"\u003eswoosh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.25.1 🚀\u003c/h2\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: assert_no_email_sent and refute_email_sent now catch deliver_many \u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEscape email content in mailbox preview UI \u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump plug_cowboy from 2.8.0 to 2.8.1 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1126\"\u003e#1126\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1123\"\u003eswoosh/swoosh#1123\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1124\"\u003eswoosh/swoosh#1124\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/blob/main/CHANGELOG.md\"\u003eswoosh's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.25.1\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEscape email content in mailbox preview UI \u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: assert_no_email_sent and refute_email_sent now catch deliver_many \u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/2aa9af499fa9b5250dba0a2d42cccc47a1f701c4\"\u003e\u003ccode\u003e2aa9af4\u003c/code\u003e\u003c/a\u003e Bump version to 1.25.1 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1127\"\u003e#1127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/df97f1c6b86c4e40ce31d5393b7cb97cc5e84bd2\"\u003e\u003ccode\u003edf97f1c\u003c/code\u003e\u003c/a\u003e Bump plug_cowboy from 2.8.0 to 2.8.1 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1126\"\u003e#1126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/397562e99adb780d829cf4a6dc63e76c6d263e6f\"\u003e\u003ccode\u003e397562e\u003c/code\u003e\u003c/a\u003e Regenerate styles with Tailwind CSS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/3e4ff5f800448c9446f5e4b7ea48b2f3b550d164\"\u003e\u003ccode\u003e3e4ff5f\u003c/code\u003e\u003c/a\u003e fix: use github.ref_name instead of github.ref for tailwind branch name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f0b12c02ebc13ebc621821a93ffc20c05033e5d6\"\u003e\u003ccode\u003ef0b12c0\u003c/code\u003e\u003c/a\u003e Escape email content in mailbox preview UI (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/0b5c091085bd76681826b486a47cf9aeb12185d4\"\u003e\u003ccode\u003e0b5c091\u003c/code\u003e\u003c/a\u003e fix: assert_no_email_sent and refute_email_sent now catch deliver_many (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/422d062231336e98eba7a61fae172fcc8ea53702\"\u003e\u003ccode\u003e422d062\u003c/code\u003e\u003c/a\u003e Bump release comment action to v0.5.1\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/coralogix-se/opentelemetry-demo/pull/24","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/coralogix-se%2Fopentelemetry-demo/issues/24","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/24/packages"}},{"old_version":"1.10.4","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2026-05-04T23:17:30.000Z","version_change":"1.10.4 → 1.11.0","issue":{"uuid":"4380311161","node_id":"PR_kwDOQF4m787YM2bg","number":169,"state":"open","title":"deps(elixir): bump the elixir-query-service group across 1 directory with 3 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-04T23:17:30.000Z","updated_at":"2026-05-12T03:09:03.386Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(elixir): bump","group_name":"elixir-query-service","update_count":3,"packages":[{"name":"bandit","old_version":"1.10.4","new_version":"1.11.0","repository_url":"https://github.com/mtrudel/bandit"},{"name":"broadway","old_version":"1.2.1","new_version":"1.3.0","repository_url":"https://github.com/dashbitco/broadway"},{"name":"tesla","old_version":"1.16.0","new_version":"1.17.0","repository_url":"https://github.com/elixir-tesla/tesla"}],"path":null,"ecosystem":"hex"},"body":"Bumps the elixir-query-service group with 3 updates in the /apps/query-service directory: [bandit](https://github.com/mtrudel/bandit), [broadway](https://github.com/dashbitco/broadway) and [tesla](https://github.com/elixir-tesla/tesla).\n\nUpdates `bandit` from 1.10.4 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/21612c7c7b1ce43eccd36d3af3a2299d23513667\"\u003e\u003ccode\u003e21612c7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8156921a51e684a951221da7bc30a70a022f722e\"\u003e\u003ccode\u003e8156921\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/fc3cf61f636f1f2acd708783a260dd494c3444fe\"\u003e\u003ccode\u003efc3cf61\u003c/code\u003e\u003c/a\u003e Improve handling of edge cases in send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1085ad071204ab135cc8ffc4120c2f6656b8548f\"\u003e\u003ccode\u003e1085ad0\u003c/code\u003e\u003c/a\u003e Bump machete from 0.3.11 to 0.3.12 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c70e175b68e372bdbd7eb2bf81d236de0ef831b0\"\u003e\u003ccode\u003ec70e175\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.17 to 1.7.18 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.4...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `broadway` from 1.2.1 to 1.3.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dashbitco/broadway/blob/main/CHANGELOG.md\"\u003ebroadway's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.3.0 (2026-04-17)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd telemetry events around \u003ccode\u003ehandle_failed\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eInclude producer metadata in telemetry events\u003c/li\u003e\n\u003cli\u003eAdd labels to Broadway stages\u003c/li\u003e\n\u003cli\u003eFix race condition during graceful shutdown\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/d3a668c885342ae223b5ebcd9571efe4a0f18c41\"\u003e\u003ccode\u003ed3a668c\u003c/code\u003e\u003c/a\u003e Release v1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/dd2f40571ac463bbc56f949b6c1f8d33fd6cc665\"\u003e\u003ccode\u003edd2f405\u003c/code\u003e\u003c/a\u003e Include producer metadata in per-message events (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/966c59ad95ddb6aa75c91e71848cfc617bef3a8e\"\u003e\u003ccode\u003e966c59a\u003c/code\u003e\u003c/a\u003e Add :telemetry.span for handle_failed/2 callback (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/369\"\u003e#369\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/370f180e853a33978f1822432c66bea61f9d98ef\"\u003e\u003ccode\u003e370f180\u003c/code\u003e\u003c/a\u003e Clarify some docs related to GenStage demand (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/368\"\u003e#368\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/69d90526dc7c1003d1b9fff5092645eb4fbe9e48\"\u003e\u003ccode\u003e69d9052\u003c/code\u003e\u003c/a\u003e Bump Elixir/Erlang CI matrix and GitHub actions (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/365\"\u003e#365\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/8c6616475acc874f185ffabaffc92554eefefbfc\"\u003e\u003ccode\u003e8c66164\u003c/code\u003e\u003c/a\u003e Add Process.set_label/1 to Broadway stages (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/363\"\u003e#363\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/d32d30deb64dc4481f2743f6a0d8606299690046\"\u003e\u003ccode\u003ed32d30d\u003c/code\u003e\u003c/a\u003e Catch exits if already down when trapping exits\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/f52f2f793e16e1c976f5e52adc372457d1445b73\"\u003e\u003ccode\u003ef52f2f7\u003c/code\u003e\u003c/a\u003e Fix graceful shutdown race condition (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/362\"\u003e#362\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/136bea6786ae1526721a98a93ca9d752543c3a7d\"\u003e\u003ccode\u003e136bea6\u003c/code\u003e\u003c/a\u003e Add batch_size/0 and batch_size_fun/0 types (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/361\"\u003e#361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dashbitco/broadway/commit/7977502abbf3c0b06ea1fbbae415dff3932fb796\"\u003e\u003ccode\u003e7977502\u003c/code\u003e\u003c/a\u003e Add new unofficial producer off_broadway_emqtt (\u003ca href=\"https://redirect.github.com/dashbitco/broadway/issues/360\"\u003e#360\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dashbitco/broadway/compare/v1.2.1...v1.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `tesla` from 1.16.0 to 1.17.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-tesla/tesla/releases\"\u003etesla's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.17.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/compare/v1.16.0...v1.17.0\"\u003e1.17.0\u003c/a\u003e (2026-04-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd :metadata option to Logger middleware (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/38e209a5a370160a723eb7a69665befdf9978b1a\"\u003e38e209a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003eassigns\u003c/code\u003e and \u003ccode\u003eprivate\u003c/code\u003e fields to \u003ccode\u003eTesla.Env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8b622ca1cd3104fd5d437bb3245d865d6af0b37\"\u003eb8b622c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add put_middleware/2, replace_middleware!/3, update_middleware!/3, and insert_middleware!/4 (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/840\"\u003e#840\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/fa755c97a24dbb4d542cffdad1bba8222053dbe1\"\u003efa755c9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add update_middleware/2 to transform middleware list (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/523\"\u003e#523\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/0689e64a3689bdbcb2a5921c1f3a1b32fb7f64c8\"\u003e0689e64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e emit url.template from KeepRequest preserved URL (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/839\"\u003e#839\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/544e1d7473e54030315553a6534d7e291250009d\"\u003e544e1d7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e semantic OTel metadata and legacy mode (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/838\"\u003e#838\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/aae0866c4e200858eb29789056bc90824c580be9\"\u003eaae0866\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid soft-deprecated warning logs when compiling tesla itself (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/834\"\u003e#834\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/ab822644006666702e1820625c96c60023a2a3e1\"\u003eab82264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edialyzer spec for mock opts (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/831\"\u003e#831\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/440ec4e442db3541b10f63a3da6235a5239fdab8\"\u003e440ec4e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance response handling in Mint adapter (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/a6721774e226ae48a9e3fc10f6592b595d5cde2f\"\u003ea672177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003einclude caller module name in \u003ccode\u003euse Tesla\u003c/code\u003e deprecation warning (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/832\"\u003e#832\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8fb158f1ef5e2bebad7fd3b207738b1f4a3b9f6\"\u003eb8fb158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emint:\u003c/strong\u003e avoid active-mode message races without breaking reused connections (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/812\"\u003e#812\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/d812f543c905f53326899f38f687153f77551c44\"\u003ed812f54\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-tesla/tesla/blob/master/CHANGELOG.md\"\u003etesla's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/compare/v1.16.0...v1.17.0\"\u003e1.17.0\u003c/a\u003e (2026-04-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd :metadata option to Logger middleware (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/829\"\u003e#829\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/38e209a5a370160a723eb7a69665befdf9978b1a\"\u003e38e209a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd \u003ccode\u003eassigns\u003c/code\u003e and \u003ccode\u003eprivate\u003c/code\u003e fields to \u003ccode\u003eTesla.Env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/836\"\u003e#836\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8b622ca1cd3104fd5d437bb3245d865d6af0b37\"\u003eb8b622c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add put_middleware/2, replace_middleware!/3, update_middleware!/3, and insert_middleware!/4 (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/840\"\u003e#840\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/fa755c97a24dbb4d542cffdad1bba8222053dbe1\"\u003efa755c9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eclient:\u003c/strong\u003e add update_middleware/2 to transform middleware list (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/523\"\u003e#523\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/0689e64a3689bdbcb2a5921c1f3a1b32fb7f64c8\"\u003e0689e64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e emit url.template from KeepRequest preserved URL (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/839\"\u003e#839\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/544e1d7473e54030315553a6534d7e291250009d\"\u003e544e1d7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elogger:\u003c/strong\u003e semantic OTel metadata and legacy mode (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/838\"\u003e#838\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/aae0866c4e200858eb29789056bc90824c580be9\"\u003eaae0866\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eavoid soft-deprecated warning logs when compiling tesla itself (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/834\"\u003e#834\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/ab822644006666702e1820625c96c60023a2a3e1\"\u003eab82264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edialyzer spec for mock opts (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/831\"\u003e#831\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/440ec4e442db3541b10f63a3da6235a5239fdab8\"\u003e440ec4e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eenhance response handling in Mint adapter (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/803\"\u003e#803\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/a6721774e226ae48a9e3fc10f6592b595d5cde2f\"\u003ea672177\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003einclude caller module name in \u003ccode\u003euse Tesla\u003c/code\u003e deprecation warning (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/832\"\u003e#832\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8fb158f1ef5e2bebad7fd3b207738b1f4a3b9f6\"\u003eb8fb158\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emint:\u003c/strong\u003e avoid active-mode message races without breaking reused connections (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/812\"\u003e#812\u003c/a\u003e) (\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/d812f543c905f53326899f38f687153f77551c44\"\u003ed812f54\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/de2eaaf881077a84ffd00f76806afaf80c0e4c88\"\u003e\u003ccode\u003ede2eaaf\u003c/code\u003e\u003c/a\u003e chore(master): release 1.17.0 (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/830\"\u003e#830\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/a6721774e226ae48a9e3fc10f6592b595d5cde2f\"\u003e\u003ccode\u003ea672177\u003c/code\u003e\u003c/a\u003e fix: enhance response handling in Mint adapter (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/803\"\u003e#803\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/daec639e7e25eaf54b37fc87004b7fbbf576357a\"\u003e\u003ccode\u003edaec639\u003c/code\u003e\u003c/a\u003e chore(mint): strengthen mode regression coverage (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/841\"\u003e#841\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/d812f543c905f53326899f38f687153f77551c44\"\u003e\u003ccode\u003ed812f54\u003c/code\u003e\u003c/a\u003e fix(mint): avoid active-mode message races without breaking reused connection...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/fa755c97a24dbb4d542cffdad1bba8222053dbe1\"\u003e\u003ccode\u003efa755c9\u003c/code\u003e\u003c/a\u003e feat(client): add put_middleware/2, replace_middleware!/3, update_middleware!...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/0689e64a3689bdbcb2a5921c1f3a1b32fb7f64c8\"\u003e\u003ccode\u003e0689e64\u003c/code\u003e\u003c/a\u003e feat(client): add update_middleware/2 to transform middleware list (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/523\"\u003e#523\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/544e1d7473e54030315553a6534d7e291250009d\"\u003e\u003ccode\u003e544e1d7\u003c/code\u003e\u003c/a\u003e feat(logger): emit url.template from KeepRequest preserved URL (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/839\"\u003e#839\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/aae0866c4e200858eb29789056bc90824c580be9\"\u003e\u003ccode\u003eaae0866\u003c/code\u003e\u003c/a\u003e feat(logger): semantic OTel metadata and legacy mode (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/838\"\u003e#838\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/b8b622ca1cd3104fd5d437bb3245d865d6af0b37\"\u003e\u003ccode\u003eb8b622c\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eassigns\u003c/code\u003e and \u003ccode\u003eprivate\u003c/code\u003e fields to \u003ccode\u003eTesla.Env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/836\"\u003e#836\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-tesla/tesla/commit/1c03570b13a807e3300b386e93fe87ec5b48fe0c\"\u003e\u003ccode\u003e1c03570\u003c/code\u003e\u003c/a\u003e chore: ci housekeeping (\u003ca href=\"https://redirect.github.com/elixir-tesla/tesla/issues/835\"\u003e#835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elixir-tesla/tesla/compare/v1.16.0...v1.17.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/all-source-os/all-source/pull/169","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/all-source-os%2Fall-source/issues/169","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/169/packages"}},{"old_version":"1.10.4","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2026-05-04T13:46:41.000Z","version_change":"1.10.4 → 1.11.0","issue":{"uuid":"4377075420","node_id":"PR_kwDOSLyUUs7YCKWz","number":33,"state":"open","title":"chore(deps): bump the mix-production-dependencies group across 1 directory with 3 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-04T13:46:41.000Z","updated_at":"2026-05-04T14:10:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"mix-production-dependencies","update_count":3,"packages":[{"name":"bandit","old_version":"1.10.4","new_version":"1.11.0","repository_url":"https://github.com/mtrudel/bandit"},{"name":"phoenix_live_view","old_version":"1.1.28","new_version":"1.1.29","repository_url":"https://github.com/phoenixframework/phoenix_live_view"},{"name":"swoosh","old_version":"1.25.0","new_version":"1.25.1","repository_url":"https://github.com/swoosh/swoosh"}],"path":null,"ecosystem":"hex"},"body":"Bumps the mix-production-dependencies group with 3 updates in the /src/flagd-ui directory: [bandit](https://github.com/mtrudel/bandit), [phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view) and [swoosh](https://github.com/swoosh/swoosh).\n\nUpdates `bandit` from 1.10.4 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/21612c7c7b1ce43eccd36d3af3a2299d23513667\"\u003e\u003ccode\u003e21612c7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8156921a51e684a951221da7bc30a70a022f722e\"\u003e\u003ccode\u003e8156921\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/fc3cf61f636f1f2acd708783a260dd494c3444fe\"\u003e\u003ccode\u003efc3cf61\u003c/code\u003e\u003c/a\u003e Improve handling of edge cases in send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1085ad071204ab135cc8ffc4120c2f6656b8548f\"\u003e\u003ccode\u003e1085ad0\u003c/code\u003e\u003c/a\u003e Bump machete from 0.3.11 to 0.3.12 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c70e175b68e372bdbd7eb2bf81d236de0ef831b0\"\u003e\u003ccode\u003ec70e175\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.17 to 1.7.18 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.4...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix_live_view` from 1.1.28 to 1.1.29\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/releases\"\u003ephoenix_live_view's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.29\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent JS crash when hook has a duplicate ID (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4196\"\u003e#4196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRecompute scroll container for phx-viewport bindings if it is no longer available (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4169\"\u003e#4169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix phx-viewport events not firing when container has horizontal overflow (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3897\"\u003e#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4209\"\u003e#4209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003emoveBefore\u003c/code\u003e if available when reordering stream elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4212\"\u003e#4212\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/blob/v1.1.29/CHANGELOG.md\"\u003ephoenix_live_view's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.29 (2026-05-04)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent JS crash when hook has a duplicate ID (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4196\"\u003e#4196\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRecompute scroll container for phx-viewport bindings if it is no longer available (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4169\"\u003e#4169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix phx-viewport events not firing when container has horizontal overflow (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/3897\"\u003e#3897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4209\"\u003e#4209\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse \u003ccode\u003emoveBefore\u003c/code\u003e if available when reordering stream elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4212\"\u003e#4212\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/24090b52e5f8aa392b23d9a1bf53974ecc66662a\"\u003e\u003ccode\u003e24090b5\u003c/code\u003e\u003c/a\u003e Release v1.1.29\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/cc836431208b3ad28a4cfcc2ae412ba24dc98b7c\"\u003e\u003ccode\u003ecc83643\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/8deb3e5e5a4b002bcab1250e1a14768bd7a9d5e8\"\u003e\u003ccode\u003e8deb3e5\u003c/code\u003e\u003c/a\u003e Use moveBefore if supported when reordering stream items (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4213\"\u003e#4213\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/174dad576cbff77e817091b6c7652cb3c21daffa\"\u003e\u003ccode\u003e174dad5\u003c/code\u003e\u003c/a\u003e DOM patching: Fall back to PHX_MAGIC_ID if node ID was touched by client hook...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/4e18a20652bbaca961146f73d9b1ec87295861f9\"\u003e\u003ccode\u003e4e18a20\u003c/code\u003e\u003c/a\u003e handle locks on skipped nodes (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4210\"\u003e#4210\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/031f00ccc6b0e95eaa14222312514744a5a5a923\"\u003e\u003ccode\u003e031f00c\u003c/code\u003e\u003c/a\u003e Remove unreachable error clause in UploadTmpFileWriter.write_chunk/2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/0b4005ba0631fc03ac5e46551e540d04c95dbefe\"\u003e\u003ccode\u003e0b4005b\u003c/code\u003e\u003c/a\u003e Optimize traverse_dynamic for nil and binary entries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/3b3844fabde644b974ca4f7d4d5d745c4e8806bf\"\u003e\u003ccode\u003e3b3844f\u003c/code\u003e\u003c/a\u003e Remove horizontal checks in viewport functions (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4200\"\u003e#4200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/1f4e986c992beb65a0f7de958587f7ad08dfeeb3\"\u003e\u003ccode\u003e1f4e986\u003c/code\u003e\u003c/a\u003e add blame ignore revs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/bcdade40fc475875616bf58f101586176c667158\"\u003e\u003ccode\u003ebcdade4\u003c/code\u003e\u003c/a\u003e Recompute scroll container if it is no longer available (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4185\"\u003e#4185\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/compare/v1.1.28...v1.1.29\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `swoosh` from 1.25.0 to 1.25.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/releases\"\u003eswoosh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.25.1 🚀\u003c/h2\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: assert_no_email_sent and refute_email_sent now catch deliver_many \u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEscape email content in mailbox preview UI \u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump plug_cowboy from 2.8.0 to 2.8.1 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1126\"\u003e#1126\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1123\"\u003eswoosh/swoosh#1123\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1124\"\u003eswoosh/swoosh#1124\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/blob/main/CHANGELOG.md\"\u003eswoosh's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.25.1\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEscape email content in mailbox preview UI \u003ca href=\"https://github.com/mogest\"\u003e\u003ccode\u003e@​mogest\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: assert_no_email_sent and refute_email_sent now catch deliver_many \u003ca href=\"https://github.com/donleandro\"\u003e\u003ccode\u003e@​donleandro\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/2aa9af499fa9b5250dba0a2d42cccc47a1f701c4\"\u003e\u003ccode\u003e2aa9af4\u003c/code\u003e\u003c/a\u003e Bump version to 1.25.1 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1127\"\u003e#1127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/df97f1c6b86c4e40ce31d5393b7cb97cc5e84bd2\"\u003e\u003ccode\u003edf97f1c\u003c/code\u003e\u003c/a\u003e Bump plug_cowboy from 2.8.0 to 2.8.1 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1126\"\u003e#1126\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/397562e99adb780d829cf4a6dc63e76c6d263e6f\"\u003e\u003ccode\u003e397562e\u003c/code\u003e\u003c/a\u003e Regenerate styles with Tailwind CSS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/3e4ff5f800448c9446f5e4b7ea48b2f3b550d164\"\u003e\u003ccode\u003e3e4ff5f\u003c/code\u003e\u003c/a\u003e fix: use github.ref_name instead of github.ref for tailwind branch name\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f0b12c02ebc13ebc621821a93ffc20c05033e5d6\"\u003e\u003ccode\u003ef0b12c0\u003c/code\u003e\u003c/a\u003e Escape email content in mailbox preview UI (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1124\"\u003e#1124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/0b5c091085bd76681826b486a47cf9aeb12185d4\"\u003e\u003ccode\u003e0b5c091\u003c/code\u003e\u003c/a\u003e fix: assert_no_email_sent and refute_email_sent now catch deliver_many (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1123\"\u003e#1123\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/422d062231336e98eba7a61fae172fcc8ea53702\"\u003e\u003ccode\u003e422d062\u003c/code\u003e\u003c/a\u003e Bump release comment action to v0.5.1\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.25.0...v1.25.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpgrade production deps in src/flagd-ui to pull in security patches and UI stability fixes: `bandit` 1.11.0, `phoenix_live_view` 1.1.29, and `swoosh` 1.25.1.\n\n- **Dependencies**\n  - `bandit` → 1.11.0: fixes multiple WebSocket/HTTP CVEs; adds `max_inflate_ratio` and `max_fragmented_message_size`; default WebSocket `max_frame_size` is now 8MB.\n  - `phoenix_live_view` → 1.1.29: fixes duplicate hook ID crash; improves `phx-viewport` handling and stream reordering.\n  - `swoosh` → 1.25.1: escapes mailbox preview HTML; test helpers catch `deliver_many`.\n\n- **Migration**\n  - If you rely on very large WebSocket/LiveView payloads, configure Bandit `max_frame_size`/`max_fragmented_message_size` to suit your needs.\n\n\u003csup\u003eWritten for commit 3e012c96fd6f8d27d796b92e2c82b5253979aef5. Summary will update on new commits.\u003c/sup\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n","html_url":"https://github.com/Vacbo/northstar-commerce/pull/33","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Vacbo%2Fnorthstar-commerce/issues/33","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/33/packages"}},{"old_version":"1.10.3","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2026-05-04T01:22:43.000Z","version_change":"1.10.3 → 1.11.0","issue":{"uuid":"4373524297","node_id":"PR_kwDORb91oc7X2goB","number":11,"state":"closed","title":"Bump bandit from 1.10.3 to 1.11.0","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-18T01:42:55.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-04T01:22:43.000Z","updated_at":"2026-05-18T01:42:57.000Z","time_to_close":1210812,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"bandit","old_version":"1.10.3","new_version":"1.11.0","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.10.3 to 1.11.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.4 (25 Mar 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003e{:shutdown, :disconnected}\u003c/code\u003e as a normal WebSocket result code (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e, thanks \u003ca href=\"https://github.com/wwitek-whatnot\"\u003e\u003ccode\u003e@​wwitek-whatnot\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/21612c7c7b1ce43eccd36d3af3a2299d23513667\"\u003e\u003ccode\u003e21612c7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8156921a51e684a951221da7bc30a70a022f722e\"\u003e\u003ccode\u003e8156921\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/fc3cf61f636f1f2acd708783a260dd494c3444fe\"\u003e\u003ccode\u003efc3cf61\u003c/code\u003e\u003c/a\u003e Improve handling of edge cases in send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1085ad071204ab135cc8ffc4120c2f6656b8548f\"\u003e\u003ccode\u003e1085ad0\u003c/code\u003e\u003c/a\u003e Bump machete from 0.3.11 to 0.3.12 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c70e175b68e372bdbd7eb2bf81d236de0ef831b0\"\u003e\u003ccode\u003ec70e175\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.17 to 1.7.18 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.3...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit\u0026package-manager=hex\u0026previous-version=1.10.3\u0026new-version=1.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/runlater-eu/runlocal-server/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/runlater-eu%2Frunlocal-server/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"}},{"old_version":"1.10.4","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2026-05-02T01:17:19.000Z","version_change":"1.10.4 → 1.11.0","issue":{"uuid":"4367411598","node_id":"PR_kwDOR7uqXM7XkaY_","number":18,"state":"closed","title":"chore(deps-dev): bump the dev-dependencies group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-02T03:05:17.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-02T01:17:19.000Z","updated_at":"2026-05-02T03:05:25.000Z","time_to_close":6478,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev): bump","group_name":"dev-dependencies","update_count":5,"packages":[{"name":"ash_phoenix","old_version":"2.3.20","new_version":"2.3.22","repository_url":"https://github.com/ash-project/ash_phoenix"},{"name":"ash_postgres","old_version":"2.8.0","new_version":"2.9.1","repository_url":"https://github.com/ash-project/ash_postgres"},{"name":"bandit","old_version":"1.10.4","new_version":"1.11.0"},{"name":"credo","old_version":"1.7.17","new_version":"1.7.18","repository_url":"https://github.com/rrrene/credo"},{"name":"git_ops","old_version":"2.9.3","new_version":"2.10.0","repository_url":"https://github.com/zachdaniel/git_ops"}],"path":null,"ecosystem":"hex"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps the dev-dependencies group with 4 updates in the / directory: [ash_phoenix](https://github.com/ash-project/ash_phoenix), [ash_postgres](https://github.com/ash-project/ash_postgres), [credo](https://github.com/rrrene/credo) and [git_ops](https://github.com/zachdaniel/git_ops).\n\nUpdates `ash_phoenix` from 2.3.20 to 2.3.22\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ash-project/ash_phoenix/releases\"\u003eash_phoenix's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.3.22\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efilter empty values from array form params (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/471\"\u003e#471\u003c/a\u003e) by sevenseacat [(\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/471\"\u003e#471\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/pull/471\"\u003eash-project/ash_phoenix#471\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ash-project/ash_phoenix/blob/main/CHANGELOG.md\"\u003eash_phoenix's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/compare/v2.3.21...v2.3.22\"\u003ev2.3.22\u003c/a\u003e (2026-05-02)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efilter empty values from array form params (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/471\"\u003e#471\u003c/a\u003e) by sevenseacat [(\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/471\"\u003e#471\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/pull/471\"\u003eash-project/ash_phoenix#471\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/compare/v2.3.20...v2.3.21\"\u003ev2.3.21\u003c/a\u003e (2026-04-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd missing usage_rules files to hex package (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/470\"\u003e#470\u003c/a\u003e) by \u003ca href=\"https://github.com/Munksgaard\"\u003e\u003ccode\u003e@​Munksgaard\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/470\"\u003e#470\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/pull/470\"\u003eash-project/ash_phoenix#470\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003epropagate context to nested forms (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/465\"\u003e#465\u003c/a\u003e) by \u003ca href=\"https://github.com/rapidfsub\"\u003e\u003ccode\u003e@​rapidfsub\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/465\"\u003e#465\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/pull/465\"\u003eash-project/ash_phoenix#465\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/5e7d25a26aca3f2a4586fc8709db5b57b3092509\"\u003e\u003ccode\u003e5e7d25a\u003c/code\u003e\u003c/a\u003e chore: release version v2.3.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/b8c4e30118415814c62008291231085b2498e625\"\u003e\u003ccode\u003eb8c4e30\u003c/code\u003e\u003c/a\u003e chore: update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/3ac860acea6e724df6c65bc3544174ee6e14234a\"\u003e\u003ccode\u003e3ac860a\u003c/code\u003e\u003c/a\u003e fix: filter empty values from array form params (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/471\"\u003e#471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/6c0fa920c79c5da99b740381576295c84d66eec1\"\u003e\u003ccode\u003e6c0fa92\u003c/code\u003e\u003c/a\u003e chore: release version v2.3.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/3680af078a9540bcbc2dabc9a7d2cd834a157332\"\u003e\u003ccode\u003e3680af0\u003c/code\u003e\u003c/a\u003e chore: update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/128c85d40851cec502a9bd7065fba93153a4ce1f\"\u003e\u003ccode\u003e128c85d\u003c/code\u003e\u003c/a\u003e fix: Add missing usage_rules files to hex package (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/470\"\u003e#470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/792615f1f0d778658ad4040903a7f23b6bc7d703\"\u003e\u003ccode\u003e792615f\u003c/code\u003e\u003c/a\u003e chore(deps): bump the production-dependencies group across 1 directory with 5...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/77cf8bc5b0f17bf4b55dea916497442c3c31ef13\"\u003e\u003ccode\u003e77cf8bc\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the dev-dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/466\"\u003e#466\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_phoenix/commit/5db38dcecb420f3b57ba54c2452d707f635a4bd2\"\u003e\u003ccode\u003e5db38dc\u003c/code\u003e\u003c/a\u003e fix: propagate context to nested forms (\u003ca href=\"https://redirect.github.com/ash-project/ash_phoenix/issues/465\"\u003e#465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ash-project/ash_phoenix/compare/v2.3.20...v2.3.22\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ash_postgres` from 2.8.0 to 2.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ash-project/ash_postgres/releases\"\u003eash_postgres's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.9.1\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ehandle base filter index rewrite detection (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/742\"\u003e#742\u003c/a\u003e) by Minsub Kim\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efailing test for calculation loading on relationships in policies (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/741\"\u003e#741\u003c/a\u003e) by Rutgerdj\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eimmutable_expr_error support for newly added required expr (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/737\"\u003e#737\u003c/a\u003e) by adamtharani\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecorrect prefix name when loading many_to_many relationships (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/736\"\u003e#736\u003c/a\u003e) by gcugnet\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ash-project/ash_postgres/blob/main/CHANGELOG.md\"\u003eash_postgres's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/compare/v2.9.0...v2.9.1\"\u003ev2.9.1\u003c/a\u003e (2026-05-01)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ehandle base filter index rewrite detection (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/742\"\u003e#742\u003c/a\u003e) by Minsub Kim\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003efailing test for calculation loading on relationships in policies (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/741\"\u003e#741\u003c/a\u003e) by Rutgerdj\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eimmutable_expr_error support for newly added required expr (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/737\"\u003e#737\u003c/a\u003e) by adamtharani\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecorrect prefix name when loading many_to_many relationships (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/736\"\u003e#736\u003c/a\u003e) by gcugnet\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/compare/v2.8.0...v2.9.0\"\u003ev2.9.0\u003c/a\u003e (2026-04-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003erelationship through (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/686\"\u003e#686\u003c/a\u003e) by Kenneth Kostrešević\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eadd support for \u003ccode\u003e:identity\u003c/code\u003e types  (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/715\"\u003e#715\u003c/a\u003e) by Jatanasio\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eadd native_in/2 function for SQL IN (...) syntax (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/728\"\u003e#728\u003c/a\u003e) by jkreddy020203\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDrop tables on missing resources \u0026amp; table name change handling (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/713\"\u003e#713\u003c/a\u003e) by obviouslyweb\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eAdd missing usage_rules files to hex package (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/733\"\u003e#733\u003c/a\u003e) by Philip Munksgaard\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eensure proper ordering when dropping orphan tables (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/730\"\u003e#730\u003c/a\u003e) by Jechol Lee\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003esort snapshot JSON keys when recording drop_table opt-out (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/729\"\u003e#729\u003c/a\u003e) by Jechol Lee\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003esort AddUniqueIndex after CreateTable and all AddAttribute ops by Zach Daniel\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eensure split migrations get unique names and modules by Zach Daniel\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eproperly sequence items that depend on concurrent migrations by Zach Daniel\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix/236 unique index before self fk (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/705\"\u003e#705\u003c/a\u003e) by WillG2001\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eshow warning on concurrent index multitenancy \u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/610\"\u003e#610\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/711\"\u003e#711\u003c/a\u003e) by Ryland Bangerter\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eraise error when reference is configured for non-belongs_to relationship (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/712\"\u003e#712\u003c/a\u003e) by henryzhan013\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/40e9e2b5273063da71df831a344fce10a4cd1f6e\"\u003e\u003ccode\u003e40e9e2b\u003c/code\u003e\u003c/a\u003e chore: release version v2.9.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/81254d75f34adc5918afe441cf4a03cc207a273f\"\u003e\u003ccode\u003e81254d7\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump the dev-dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/743\"\u003e#743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/14a6bb75316daf9076ed0e78a278c51373e9c33b\"\u003e\u003ccode\u003e14a6bb7\u003c/code\u003e\u003c/a\u003e chore(deps): bump the production-dependencies group with 2 updates (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/744\"\u003e#744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/d473cf39fce623f956568a89088c8f89c870cd8f\"\u003e\u003ccode\u003ed473cf3\u003c/code\u003e\u003c/a\u003e fix: handle base filter index rewrite detection (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/742\"\u003e#742\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/4c3b733eea2a4098d119251cc5aa35d145ac8653\"\u003e\u003ccode\u003e4c3b733\u003c/code\u003e\u003c/a\u003e fix: failing test for calculation loading on relationships in policies (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/741\"\u003e#741\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/bf65531271ccf9f1454da2641b6ce1dd623e6bb8\"\u003e\u003ccode\u003ebf65531\u003c/code\u003e\u003c/a\u003e chore: Remove stale timestamp_from_uuid_v7 drop entries (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/738\"\u003e#738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/4ed2570a6425e9fe98a356ed22c71dcd097880ca\"\u003e\u003ccode\u003e4ed2570\u003c/code\u003e\u003c/a\u003e fix: immutable_expr_error support for newly added required expr (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/737\"\u003e#737\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/f8cab090f33ee77f0cfcd114e76bf0c22ee26388\"\u003e\u003ccode\u003ef8cab09\u003c/code\u003e\u003c/a\u003e fix: correct prefix name when loading many_to_many relationships (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/736\"\u003e#736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/1a849bf1f1e34b41d1fec538dabbe25253d5fc2c\"\u003e\u003ccode\u003e1a849bf\u003c/code\u003e\u003c/a\u003e chore: add test for loading aggregates w/ limits\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/a67ca13b1d388500d571faf1da1ded8978e12010\"\u003e\u003ccode\u003ea67ca13\u003c/code\u003e\u003c/a\u003e chore: update ash\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ash-project/ash_postgres/compare/v2.8.0...v2.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bandit` from 1.10.4 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/21612c7c7b1ce43eccd36d3af3a2299d23513667\"\u003e\u003ccode\u003e21612c7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8156921a51e684a951221da7bc30a70a022f722e\"\u003e\u003ccode\u003e8156921\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/fc3cf61f636f1f2acd708783a260dd494c3444fe\"\u003e\u003ccode\u003efc3cf61\u003c/code\u003e\u003c/a\u003e Improve handling of edge cases in send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1085ad071204ab135cc8ffc4120c2f6656b8548f\"\u003e\u003ccode\u003e1085ad0\u003c/code\u003e\u003c/a\u003e Bump machete from 0.3.11 to 0.3.12 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c70e175b68e372bdbd7eb2bf81d236de0ef831b0\"\u003e\u003ccode\u003ec70e175\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.17 to 1.7.18 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.4...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `credo` from 1.7.17 to 1.7.18\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rrrene/credo/releases\"\u003ecredo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.18\u003c/h2\u003e\n\u003cp\u003eCheck it out on Hex: \u003ca href=\"https://hex.pm/packages/credo/1.7.18\"\u003ehttps://hex.pm/packages/credo/1.7.18\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix compatibility \u0026amp; compiler warnings with Elixir 1.20.0-rc.4\u003c/li\u003e\n\u003cli\u003eFix problem with transitive deps in umbrella apps\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Warning.UnusedMapOperation\u003c/code\u003e fix false positives\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rrrene/credo/blob/master/CHANGELOG.md\"\u003ecredo's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.7.18\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix compatibility \u0026amp; compiler warnings with Elixir 1.20.0-rc.4\u003c/li\u003e\n\u003cli\u003eFix problem with transitive deps in umbrella apps\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Warning.UnusedMapOperation\u003c/code\u003e fix false positives\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/63d9bf4d6a0f46bcb5b3f560a20ff4d35c329575\"\u003e\u003ccode\u003e63d9bf4\u003c/code\u003e\u003c/a\u003e Bump version to 1.7.18\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/e5f7956fb0904988f346292b94fd574b25a16fd6\"\u003e\u003ccode\u003ee5f7956\u003c/code\u003e\u003c/a\u003e Update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/da4f40189b32dc11785bd5b77ee1ace83c3e8701\"\u003e\u003ccode\u003eda4f401\u003c/code\u003e\u003c/a\u003e Fix false positives for UnusedMapOperation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/288a1b12ab02c65e81b469ec87b8c70dd812cb4a\"\u003e\u003ccode\u003e288a1b1\u003c/code\u003e\u003c/a\u003e Update Elixir to 1.20.0-rc.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/474b769100c7d118c900742c548b974cc53fa4e4\"\u003e\u003ccode\u003e474b769\u003c/code\u003e\u003c/a\u003e Fix errors due to new token format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/a03f6bd842494f54479341499569a23737702688\"\u003e\u003ccode\u003ea03f6bd\u003c/code\u003e\u003c/a\u003e Fix error raised by new sigil token format\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/aea4b775b2a5578fca144d79179dd6e4b99b95c3\"\u003e\u003ccode\u003eaea4b77\u003c/code\u003e\u003c/a\u003e Fix compiler warnings for 1.20.0-rc.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/1169b69bf8590f2a6ecdd6c8adf8797f321521ee\"\u003e\u003ccode\u003e1169b69\u003c/code\u003e\u003c/a\u003e Add requirements \u0026quot;loadpaths\u0026quot; to Mix task.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/f0d654f0a41c9f0b65e6d86dc01ec9dd147dcf9e\"\u003e\u003ccode\u003ef0d654f\u003c/code\u003e\u003c/a\u003e Add experimental JSONL output to suggest command\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/rrrene/credo/compare/v1.7.17...v1.7.18\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `git_ops` from 2.9.3 to 2.10.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zachdaniel/git_ops/blob/master/CHANGELOG.md\"\u003egit_ops's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/compare/v2.9.3...v2.10.0\"\u003ev2.10.0\u003c/a\u003e (2026-04-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003emanaged_files\u003c/code\u003e config for updating arbitrary files on release (\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/81\"\u003e#81\u003c/a\u003e) by \u003ca href=\"https://github.com/jimsynz\"\u003e\u003ccode\u003e@​jimsynz\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/81\"\u003e#81\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/pull/81\"\u003ezachdaniel/git_ops#81\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eparse multi-line commit messages without errors (\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/83\"\u003e#83\u003c/a\u003e) by \u003ca href=\"https://github.com/jimsynz\"\u003e\u003ccode\u003e@​jimsynz\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/83\"\u003e#83\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/pull/83\"\u003ezachdaniel/git_ops#83\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/commit/9978c16c4e890f98bf644fbdb9ea75365c12871f\"\u003e\u003ccode\u003e9978c16\u003c/code\u003e\u003c/a\u003e chore: release version v2.10.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/commit/d90ae569ffb5823ab79a15b22ed42fad93b32a76\"\u003e\u003ccode\u003ed90ae56\u003c/code\u003e\u003c/a\u003e fix: parse multi-line commit messages without errors (\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/83\"\u003e#83\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/commit/43b2e3a8658779aa023977a5c098eae76102fc8c\"\u003e\u003ccode\u003e43b2e3a\u003c/code\u003e\u003c/a\u003e chore: clean up badges\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/commit/d5755df575590aa070cf815b5289c2bbc971ae46\"\u003e\u003ccode\u003ed5755df\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003emanaged_files\u003c/code\u003e config for updating arbitrary files on release (\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/81\"\u003e#81\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/zachdaniel/git_ops/compare/v2.9.3...v2.10.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/ash-project/ash_storage/pull/18","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ash-project%2Fash_storage/issues/18","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/18/packages"}},{"old_version":"1.10.3","new_version":"1.10.4","update_type":"patch","path":null,"pr_created_at":"2026-04-07T04:40:11.000Z","version_change":"1.10.3 → 1.10.4","issue":{"uuid":"4215450066","node_id":"PR_kwDOR7uqXM7QYe-i","number":1,"state":"closed","title":"Bump the dev-dependencies group with 4 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-04-07T04:43:08.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-07T04:40:11.000Z","updated_at":"2026-04-07T04:43:09.000Z","time_to_close":177,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"dev-dependencies","update_count":4,"packages":[{"name":"ash_postgres","old_version":"2.7.0","new_version":"2.8.0","repository_url":"https://github.com/ash-project/ash_postgres"},{"name":"bandit","old_version":"1.10.3","new_version":"1.10.4","repository_url":"https://github.com/mtrudel/bandit"},{"name":"git_ops","old_version":"2.9.2","new_version":"2.9.3","repository_url":"https://github.com/zachdaniel/git_ops"},{"name":"phoenix_live_view","old_version":"1.1.26","new_version":"1.1.28","repository_url":"https://github.com/phoenixframework/phoenix_live_view"}],"path":null,"ecosystem":"hex"},"body":"Bumps the dev-dependencies group with 4 updates: [ash_postgres](https://github.com/ash-project/ash_postgres), [bandit](https://github.com/mtrudel/bandit), [git_ops](https://github.com/zachdaniel/git_ops) and [phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view).\n\nUpdates `ash_postgres` from 2.7.0 to 2.8.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ash-project/ash_postgres/blob/main/CHANGELOG.md\"\u003eash_postgres's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/compare/v2.7.0...v2.8.0\"\u003ev2.8.0\u003c/a\u003e (2026-03-09)\u003c/h2\u003e\n\u003ch3\u003eFeatures:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd --use_fragments option to resource generator | Closes \u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/437\"\u003e#437\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/709\"\u003e#709\u003c/a\u003e) by henryzhan013\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003etest setup by Philip Capel\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eformatting by Philip Capel\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/d43b730029e7069f84a39669ea9440d3560361a9\"\u003e\u003ccode\u003ed43b730\u003c/code\u003e\u003c/a\u003e chore: release version v2.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/8337142d2ec237b0185ecce6965ef837e9bb6b68\"\u003e\u003ccode\u003e8337142\u003c/code\u003e\u003c/a\u003e docs: add guide\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/becb87079bb200be8ba243f1a10b18429f48a447\"\u003e\u003ccode\u003ebecb870\u003c/code\u003e\u003c/a\u003e feat: add --use_fragments option to resource generator | Closes \u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/437\"\u003e#437\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/709\"\u003e#709\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/0ac67246781c80aeafb2e5913cad028bc8ee3b26\"\u003e\u003ccode\u003e0ac6724\u003c/code\u003e\u003c/a\u003e chore: update deps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/b68e55bb64208a8f1e7081d222d4280ba61b82df\"\u003e\u003ccode\u003eb68e55b\u003c/code\u003e\u003c/a\u003e chore: update test to fix failing tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ash-project/ash_postgres/commit/d5a1c13d26b1f301cf50a4ae9e5dcc1e553bed36\"\u003e\u003ccode\u003ed5a1c13\u003c/code\u003e\u003c/a\u003e test: Show failing filter in boolean deeper relations (\u003ca href=\"https://redirect.github.com/ash-project/ash_postgres/issues/710\"\u003e#710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ash-project/ash_postgres/compare/v2.7.0...v2.8.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `bandit` from 1.10.3 to 1.10.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.4 (25 Mar 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003e{:shutdown, :disconnected}\u003c/code\u003e as a normal WebSocket result code (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e, thanks \u003ca href=\"https://github.com/wwitek-whatnot\"\u003e\u003ccode\u003e@​wwitek-whatnot\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/dea432ec1ec94eee4b9ad0219b09a568c4ccb960\"\u003e\u003ccode\u003edea432e\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/2a809d541d6d9ca35476fa2e2524b49be09a3bbc\"\u003e\u003ccode\u003e2a809d5\u003c/code\u003e\u003c/a\u003e Send 1000 on {:shutdown, :disconnected} (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f3a45b674077301c8c0fe6e29f90ad44dcecabc0\"\u003e\u003ccode\u003ef3a45b6\u003c/code\u003e\u003c/a\u003e Bump telemetry from 1.3.0 to 1.4.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/575\"\u003e#575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/268b3e72e46fdcdeb99c744f30ed3c5f0aff4110\"\u003e\u003ccode\u003e268b3e7\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.16 to 1.7.17 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/14036161277f467f72a7dc6f8483a2ca7c56f160\"\u003e\u003ccode\u003e1403616\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 6 to 7 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.3...1.10.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `git_ops` from 2.9.2 to 2.9.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zachdaniel/git_ops/blob/master/CHANGELOG.md\"\u003egit_ops's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/compare/v2.9.2...v2.9.3\"\u003ev2.9.3\u003c/a\u003e (2026-03-24)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub: exclude organisations from user search response (\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/80\"\u003e#80\u003c/a\u003e) by \u003ca href=\"https://github.com/jimsynz\"\u003e\u003ccode\u003e@​jimsynz\u003c/code\u003e\u003c/a\u003e [(\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/80\"\u003e#80\u003c/a\u003e)](\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/pull/80\"\u003ezachdaniel/git_ops#80\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/commit/afe0f9af30edfaddb8a0f22a8efee71852f191b9\"\u003e\u003ccode\u003eafe0f9a\u003c/code\u003e\u003c/a\u003e chore: release version v2.9.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zachdaniel/git_ops/commit/e00fcf9218b88ca4e9bddf04899a0478f9122f2d\"\u003e\u003ccode\u003ee00fcf9\u003c/code\u003e\u003c/a\u003e fix(GitHub): exclude organisations from user search response (\u003ca href=\"https://redirect.github.com/zachdaniel/git_ops/issues/80\"\u003e#80\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/zachdaniel/git_ops/compare/v2.9.2...v2.9.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix_live_view` from 1.1.26 to 1.1.28\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/releases\"\u003ephoenix_live_view's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.28\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix race condition that could lead to a JS exception when nested LiveView is removed while it is joining (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4177\"\u003e#4177\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eA bunch of small performance and documentation improvements (thank you \u003ca href=\"https://github.com/preciz\"\u003e\u003ccode\u003e@​preciz\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.27\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWorkaround Chrome bug when patching \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4163\"\u003e#4163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix more type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/blob/v1.1.28/CHANGELOG.md\"\u003ephoenix_live_view's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.28 (2026-03-27)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix race condition that could lead to a JS exception when nested LiveView is removed while it is joining (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4177\"\u003e#4177\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eA bunch of small performance and documentation improvements (thank you \u003ca href=\"https://github.com/preciz\"\u003e\u003ccode\u003e@​preciz\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.27 (2026-03-10)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWorkaround Chrome bug when patching \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4163\"\u003e#4163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix more type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/df3e88c0abb8837c484f4cef033ff2490274af28\"\u003e\u003ccode\u003edf3e88c\u003c/code\u003e\u003c/a\u003e Release v1.1.28\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/f50f39c69082f9079c16574803e04a21d76ffb05\"\u003e\u003ccode\u003ef50f39c\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/e032e510cafc83d47363faa3545305d31d924b44\"\u003e\u003ccode\u003ee032e51\u003c/code\u003e\u003c/a\u003e Ensure root is set early (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4184\"\u003e#4184\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/f9ac0d8cae426a445945d405b2a11110be973114\"\u003e\u003ccode\u003ef9ac0d8\u003c/code\u003e\u003c/a\u003e Optimize class_attribute_list/1 using an IO data tree (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4172\"\u003e#4172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/bfd8d930814248b61e6f9b991f06daa845314002\"\u003e\u003ccode\u003ebfd8d93\u003c/code\u003e\u003c/a\u003e Fix docs: reset does not accept list of keys to reset (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4178\"\u003e#4178\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/f7684682ca82d35483dc827b4ce4a3e1638707af\"\u003e\u003ccode\u003ef768468\u003c/code\u003e\u003c/a\u003e Fix docs: allow_upload :writer expects a 3-arity anonymous function, not a mo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/d07ea5ae92ee95c70100a09c40072bd83842e4c9\"\u003e\u003ccode\u003ed07ea5a\u003c/code\u003e\u003c/a\u003e Fix docs: correct typo JS.ignore_attributes/0 to JS.ignore_attributes/1 (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4180\"\u003e#4180\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/a6408e57d5ee33629a287c7a7209f0bc153eb6a2\"\u003e\u003ccode\u003ea6408e5\u003c/code\u003e\u003c/a\u003e Fix docs: \u0026lt;.link\u0026gt; component does not generate a form for non-get requests (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4\"\u003e#4\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/068692e306cdd870e687469c4839a8e6d2690a3e\"\u003e\u003ccode\u003e068692e\u003c/code\u003e\u003c/a\u003e Optimize implicit inner block slots_defs check (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4176\"\u003e#4176\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/39b59a0aa213a994a2f51553c10c613bc547e09e\"\u003e\u003ccode\u003e39b59a0\u003c/code\u003e\u003c/a\u003e Optimize Enum.map |\u0026gt; Enum.filter |\u0026gt; Enum.map pipeline to a for comprehension ...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/compare/v1.1.26...v1.1.28\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/ash-project/ash_storage/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ash-project%2Fash_storage/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.8.0","new_version":"1.10.4","update_type":"minor","path":null,"pr_created_at":"2026-04-06T01:10:45.000Z","version_change":"1.8.0 → 1.10.4","issue":{"uuid":"4208991305","node_id":"PR_kwDONKjU8M7QGFpW","number":50,"state":"open","title":"deps(deps): bump bandit from 1.8.0 to 1.10.4","user":"dependabot[bot]","labels":[],"assignees":["mithenji"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-06T01:10:45.000Z","updated_at":"2026-04-06T01:10:46.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps)","packages":[{"name":"bandit","old_version":"1.8.0","new_version":"1.10.4","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.8.0 to 1.10.4.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.4 (25 Mar 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003e{:shutdown, :disconnected}\u003c/code\u003e as a normal WebSocket result code (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e, thanks \u003ca href=\"https://github.com/wwitek-whatnot\"\u003e\u003ccode\u003e@​wwitek-whatnot\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.2 (22 Jan 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDistinguish client disconnects from genuine body read timeouts (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/564\"\u003e#564\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.1 (5 Jan 2026)\u003c/h2\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eChange default preference order for compression methods to be 'zstd (if present), gzip, deflate' (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/562\"\u003e#562\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow \u003ccode\u003e:zstd_options\u003c/code\u003e key to be set in config (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/558\"\u003e#558\u003c/a\u003e, thanks \u003ca href=\"https://github.com/Fudoshiki\"\u003e\u003ccode\u003e@​Fudoshiki\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix error where deflate responses weren't always completely sent (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/559\"\u003e#559\u003c/a\u003e, thanks \u003ca href=\"https://github.com/josevalim\"\u003e\u003ccode\u003e@​josevalim\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.0 (29 Dec 2025)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eExpose \u003ccode\u003eresponse_encodings\u003c/code\u003e to allow specifying an explicit preference order to compression encodings (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.9.0 (12 Dec 2025)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSkip body draining when Connection: close is set (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/546\"\u003e#546\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eMake deflate options for WebSockets configurable (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/540\"\u003e#540\u003c/a\u003e, thanks \u003ca href=\"https://github.com/proxima\"\u003e\u003ccode\u003e@​proxima\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eMitigate HTTP/2 rapid reset attacks (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/533\"\u003e#533\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NelsonVides\"\u003e\u003ccode\u003e@​NelsonVides\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImplement improved respect for SETTINGS_MAX_CONCURRENT_STREAMS (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/524\"\u003e#524\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NelsonVides\"\u003e\u003ccode\u003e@​NelsonVides\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eSupport zstd HTTP compression (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/514\"\u003e#514\u003c/a\u003e, thanks \u003ca href=\"https://github.com/mattmatters\"\u003e\u003ccode\u003e@​mattmatters\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/dea432ec1ec94eee4b9ad0219b09a568c4ccb960\"\u003e\u003ccode\u003edea432e\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/2a809d541d6d9ca35476fa2e2524b49be09a3bbc\"\u003e\u003ccode\u003e2a809d5\u003c/code\u003e\u003c/a\u003e Send 1000 on {:shutdown, :disconnected} (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f3a45b674077301c8c0fe6e29f90ad44dcecabc0\"\u003e\u003ccode\u003ef3a45b6\u003c/code\u003e\u003c/a\u003e Bump telemetry from 1.3.0 to 1.4.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/575\"\u003e#575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/268b3e72e46fdcdeb99c744f30ed3c5f0aff4110\"\u003e\u003ccode\u003e268b3e7\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.16 to 1.7.17 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/14036161277f467f72a7dc6f8483a2ca7c56f160\"\u003e\u003ccode\u003e1403616\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 6 to 7 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.8.0...1.10.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit\u0026package-manager=hex\u0026previous-version=1.8.0\u0026new-version=1.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mithenji/mithenji.me/pull/50","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mithenji%2Fmithenji.me/issues/50","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/50/packages"}},{"old_version":"1.10.2","new_version":"1.10.4","update_type":"patch","path":null,"pr_created_at":"2026-03-31T11:46:04.000Z","version_change":"1.10.2 → 1.10.4","issue":{"uuid":"4178466030","node_id":"PR_kwDORMG3Ys7O7Pl7","number":27,"state":"closed","title":"Bump bandit from 1.10.2 to 1.10.4","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-05T11:47:08.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-31T11:46:04.000Z","updated_at":"2026-05-05T11:47:10.000Z","time_to_close":3024064,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"bandit","old_version":"1.10.2","new_version":"1.10.4","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.10.2 to 1.10.4.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.4 (25 Mar 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003e{:shutdown, :disconnected}\u003c/code\u003e as a normal WebSocket result code (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e, thanks \u003ca href=\"https://github.com/wwitek-whatnot\"\u003e\u003ccode\u003e@​wwitek-whatnot\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/dea432ec1ec94eee4b9ad0219b09a568c4ccb960\"\u003e\u003ccode\u003edea432e\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/2a809d541d6d9ca35476fa2e2524b49be09a3bbc\"\u003e\u003ccode\u003e2a809d5\u003c/code\u003e\u003c/a\u003e Send 1000 on {:shutdown, :disconnected} (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f3a45b674077301c8c0fe6e29f90ad44dcecabc0\"\u003e\u003ccode\u003ef3a45b6\u003c/code\u003e\u003c/a\u003e Bump telemetry from 1.3.0 to 1.4.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/575\"\u003e#575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/268b3e72e46fdcdeb99c744f30ed3c5f0aff4110\"\u003e\u003ccode\u003e268b3e7\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.16 to 1.7.17 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/574\"\u003e#574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/14036161277f467f72a7dc6f8483a2ca7c56f160\"\u003e\u003ccode\u003e1403616\u003c/code\u003e\u003c/a\u003e Bump actions/upload-artifact from 6 to 7 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/573\"\u003e#573\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.2...1.10.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit\u0026package-manager=hex\u0026previous-version=1.10.2\u0026new-version=1.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/tomasz-tomczyk/llm-welcome/pull/27","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tomasz-tomczyk%2Fllm-welcome/issues/27","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/27/packages"}},{"old_version":"1.10.3","new_version":"1.11.0","update_type":"minor","path":null,"pr_created_at":"2026-03-30T19:47:37.000Z","version_change":"1.10.3 → 1.11.0","issue":{"uuid":"4173620319","node_id":"PR_kwDOQgV26s7OvGcC","number":858,"state":"open","title":"chore(deps-dev): Bump bandit from 1.10.3 to 1.11.0","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-30T19:47:37.000Z","updated_at":"2026-05-04T08:58:46.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps-dev): Bump","packages":[{"name":"bandit","old_version":"1.10.3","new_version":"1.11.0","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.10.3 to 1.11.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e1.11.0 (1 May 2026)\u003c/h1\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix WebSocket inflate vulnerability (CVE-2026-39804, commit 8156921, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix WebSocket continuation frame handling vulnerability (CVE-2026-42786, commit 21612c7, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix HTTP/2 frame size parsing vulnerability (CVE-2026-42788, commit 1e8e559, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove handling of zero/negative length \u0026amp; offset parameters to send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_inflate_ratio\u003c/code\u003e WebSocket configuration option that defines a\nmaximum allowable decompression ratio to help mitigate inflate bombing. Defaults to 25:1\u003c/li\u003e\n\u003cli\u003eDefine a new \u003ccode\u003emax_fragmented_message_size\u003c/code\u003e WebSocket configuration option\nwhich defines the maximum allowed WebSocket frame size (inclusive of\ncontinuation frames). Defaults to 8MB\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eChanges\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eThe default value of the \u003ccode\u003emax_frame_size\u003c/code\u003e WebSocket option has changed from \u003ccode\u003e:infinity\u003c/code\u003e to 8MB\u003c/li\u003e\n\u003cli\u003eZero length non-fin continuation frames are now disallowed (we now skip Autobahn 6.1.2 as a result)\u003c/li\u003e\n\u003cli\u003eMultiple content-length fields in an HTTP/1 request are now disallowed (CVE-2026-39805, commit f2ca636, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eWe now \u003cem\u003eonly\u003c/em\u003e use the underlying transport when determining scheme (CVE-2026-39807, commit 45feea2, thanks \u003ca href=\"https://github.com/PJUllrich\"\u003e\u003ccode\u003e@​PJUllrich\u003c/code\u003e\u003c/a\u003e \u0026amp; \u003ca href=\"https://github.com/maennchen\"\u003e\u003ccode\u003e@​maennchen\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.4 (25 Mar 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport \u003ccode\u003e{:shutdown, :disconnected}\u003c/code\u003e as a normal WebSocket result code (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/576\"\u003e#576\u003c/a\u003e, thanks \u003ca href=\"https://github.com/wwitek-whatnot\"\u003e\u003ccode\u003e@​wwitek-whatnot\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e62619895d0d2584d7ffa57d43ef6f72437dfaff\"\u003e\u003ccode\u003ee626198\u003c/code\u003e\u003c/a\u003e Version bump to 1.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/014c1579f9f73d32cf10f4813396218d0fb9d609\"\u003e\u003ccode\u003e014c157\u003c/code\u003e\u003c/a\u003e Tweaks to Autobahn test suite\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1e8e55966da9129016b73d32f0e1df4630e3b463\"\u003e\u003ccode\u003e1e8e559\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/45feea20dea8af7ffd7245271107b695c040e667\"\u003e\u003ccode\u003e45feea2\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/f2ca636eb6df385219957e8934e9fc6efa1630d1\"\u003e\u003ccode\u003ef2ca636\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/21612c7c7b1ce43eccd36d3af3a2299d23513667\"\u003e\u003ccode\u003e21612c7\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/8156921a51e684a951221da7bc30a70a022f722e\"\u003e\u003ccode\u003e8156921\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/fc3cf61f636f1f2acd708783a260dd494c3444fe\"\u003e\u003ccode\u003efc3cf61\u003c/code\u003e\u003c/a\u003e Improve handling of edge cases in send_file (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/580\"\u003e#580\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/1085ad071204ab135cc8ffc4120c2f6656b8548f\"\u003e\u003ccode\u003e1085ad0\u003c/code\u003e\u003c/a\u003e Bump machete from 0.3.11 to 0.3.12 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c70e175b68e372bdbd7eb2bf81d236de0ef831b0\"\u003e\u003ccode\u003ec70e175\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.17 to 1.7.18 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.3...1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/andreasronge/ptc_runner/pull/858","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/andreasronge%2Fptc_runner/issues/858","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/858/packages"}},{"old_version":"1.8.0","new_version":"1.10.3","update_type":"minor","path":null,"pr_created_at":"2026-03-13T02:08:04.000Z","version_change":"1.8.0 → 1.10.3","issue":{"uuid":"4068325949","node_id":"PR_kwDOQkhN-M7KOSUx","number":128,"state":"open","title":"Bump the mix-production-dependencies group across 1 directory with 5 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-13T02:08:04.000Z","updated_at":"2026-04-01T02:40:13.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"mix-production-dependencies","update_count":5,"packages":[{"name":"bandit","old_version":"1.8.0","new_version":"1.10.3","repository_url":"https://github.com/mtrudel/bandit"},{"name":"phoenix","old_version":"1.8.2","new_version":"1.8.5","repository_url":"https://github.com/phoenixframework/phoenix"},{"name":"phoenix_live_view","old_version":"1.1.18","new_version":"1.1.27","repository_url":"https://github.com/phoenixframework/phoenix_live_view"},{"name":"req","old_version":"0.5.16","new_version":"0.5.17","repository_url":"https://github.com/wojtekmach/req"},{"name":"swoosh","old_version":"1.19.8","new_version":"1.23.0","repository_url":"https://github.com/swoosh/swoosh"}],"path":null,"ecosystem":"hex"},"body":"Bumps the mix-production-dependencies group with 5 updates in the /src/flagd-ui directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [bandit](https://github.com/mtrudel/bandit) | `1.8.0` | `1.10.3` |\n| [phoenix](https://github.com/phoenixframework/phoenix) | `1.8.2` | `1.8.5` |\n| [phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view) | `1.1.18` | `1.1.27` |\n| [req](https://github.com/wojtekmach/req) | `0.5.16` | `0.5.17` |\n| [swoosh](https://github.com/swoosh/swoosh) | `1.19.8` | `1.23.0` |\n\n\nUpdates `bandit` from 1.8.0 to 1.10.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.2 (22 Jan 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDistinguish client disconnects from genuine body read timeouts (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/564\"\u003e#564\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.1 (5 Jan 2026)\u003c/h2\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eChange default preference order for compression methods to be 'zstd (if present), gzip, deflate' (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/562\"\u003e#562\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow \u003ccode\u003e:zstd_options\u003c/code\u003e key to be set in config (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/558\"\u003e#558\u003c/a\u003e, thanks \u003ca href=\"https://github.com/Fudoshiki\"\u003e\u003ccode\u003e@​Fudoshiki\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix error where deflate responses weren't always completely sent (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/559\"\u003e#559\u003c/a\u003e, thanks \u003ca href=\"https://github.com/josevalim\"\u003e\u003ccode\u003e@​josevalim\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.0 (29 Dec 2025)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eExpose \u003ccode\u003eresponse_encodings\u003c/code\u003e to allow specifying an explicit preference order to compression encodings (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.9.0 (12 Dec 2025)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSkip body draining when Connection: close is set (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/546\"\u003e#546\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eMake deflate options for WebSockets configurable (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/540\"\u003e#540\u003c/a\u003e, thanks \u003ca href=\"https://github.com/proxima\"\u003e\u003ccode\u003e@​proxima\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eMitigate HTTP/2 rapid reset attacks (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/533\"\u003e#533\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NelsonVides\"\u003e\u003ccode\u003e@​NelsonVides\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImplement improved respect for SETTINGS_MAX_CONCURRENT_STREAMS (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/524\"\u003e#524\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NelsonVides\"\u003e\u003ccode\u003e@​NelsonVides\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eSupport zstd HTTP compression (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/514\"\u003e#514\u003c/a\u003e, thanks \u003ca href=\"https://github.com/mattmatters\"\u003e\u003ccode\u003e@​mattmatters\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5640a10733ad05781c2caf2c5ca51f435d9f3a93\"\u003e\u003ccode\u003e5640a10\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.15 to 1.7.16 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/568\"\u003e#568\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/78e5184b768cb4be19cb9c1d595157402dced79f\"\u003e\u003ccode\u003e78e5184\u003c/code\u003e\u003c/a\u003e feat: http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5af3c8ff5596d4933b28ea51e5c309d98bd71a09\"\u003e\u003ccode\u003e5af3c8f\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/06c199da6a8e01e80307253f8c51b7d0e84a76f1\"\u003e\u003ccode\u003e06c199d\u003c/code\u003e\u003c/a\u003e fix: distinguish client disconnects from genuine body read timeouts (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/da97c51398e106a8da4bfe1c7c541fd34fb0164e\"\u003e\u003ccode\u003eda97c51\u003c/code\u003e\u003c/a\u003e Bump req from 0.5.16 to 0.5.17 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/563\"\u003e#563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.8.0...1.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix` from 1.8.2 to 1.8.5\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix/blob/main/CHANGELOG.md\"\u003ephoenix's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.8.5 (2026-03-05)\u003c/h2\u003e\n\u003ch3\u003eJavaScript Client Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix socket connecting on visibility change when never established\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.8.4 (2026-02-23)\u003c/h2\u003e\n\u003ch3\u003eJavaScript Client Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug reconnecting connections when close was gracefully initiated by server\u003c/li\u003e\n\u003cli\u003eFix LongPoll transport name in sessionStorage and logs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds guards support in \u003ccode\u003eassert_push\u003c/code\u003e, \u003ccode\u003eassert_broadcast\u003c/code\u003e, and \u003ccode\u003eassert_reply\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEnable purging in Phoenix code server for Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.8.3 (2025-12-08)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd top-level phoenix config: \u003ccode\u003esort_verified_routes_query_params\u003c/code\u003e to enable sorting query params in verified routes during tests\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix endpoint port config in an umbrella application. (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6549\"\u003e#6549\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDrop incoming channel messages with stale join refs\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/850162d618cf4e31be82fb53ad6e259095fa6126\"\u003e\u003ccode\u003e850162d\u003c/code\u003e\u003c/a\u003e Release v1.8.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/9b20e66779e5e578a09cad061f7bea7971f9eddd\"\u003e\u003ccode\u003e9b20e66\u003c/code\u003e\u003c/a\u003e update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/49d90f35cc03c18787b912abac5afc371c24e39e\"\u003e\u003ccode\u003e49d90f3\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/84607a4ba425c77ef01d8e350985f6e3f2997b78\"\u003e\u003ccode\u003e84607a4\u003c/code\u003e\u003c/a\u003e ensure visibilitychange does not connect if never connected (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6621\"\u003e#6621\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/f286d6968d9cb4316cb3fa12604dd30a2320e31a\"\u003e\u003ccode\u003ef286d69\u003c/code\u003e\u003c/a\u003e Address warnings from Elixir 1.20 (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6616\"\u003e#6616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/05f2d1a9b60381ac01df83b53fe0eb98d977a8bd\"\u003e\u003ccode\u003e05f2d1a\u003c/code\u003e\u003c/a\u003e Bump erlef/setup-beam from 1.20.4 to 1.21.0 (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6610\"\u003e#6610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/ae8b3c60f4796053a245de2bbdbb3bb717d43a9a\"\u003e\u003ccode\u003eae8b3c6\u003c/code\u003e\u003c/a\u003e update eslint (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6615\"\u003e#6615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/a1e9ac423970e2b58327970033690107698b4b00\"\u003e\u003ccode\u003ea1e9ac4\u003c/code\u003e\u003c/a\u003e Bump the minor-and-patch group with 2 updates (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6611\"\u003e#6611\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/bb1bd848a03599601061848f4a3cb30f1a8bc437\"\u003e\u003ccode\u003ebb1bd84\u003c/code\u003e\u003c/a\u003e Use custom migration module for auth migration. (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6605\"\u003e#6605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/d4ec4b747e71b201fd520b85622f53a27d3ad209\"\u003e\u003ccode\u003ed4ec4b7\u003c/code\u003e\u003c/a\u003e Minor Spelling fix in readme (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6606\"\u003e#6606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix/compare/v1.8.2...v1.8.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix_live_view` from 1.1.18 to 1.1.27\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/releases\"\u003ephoenix_live_view's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.27\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWorkaround Chrome bug when patching \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4163\"\u003e#4163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix more type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.26\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ephx-click-away\u003c/code\u003e for nested portals\u003c/li\u003e\n\u003cli\u003eFix type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.25\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ephx-click-away\u003c/code\u003e when clicked element is teleported (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4141\"\u003e#4141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle \u003ccode\u003ephx-hook\u003c/code\u003e outside of LiveViews when reconnecting (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4147\"\u003e#4147\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/blob/v1.1.27/CHANGELOG.md\"\u003ephoenix_live_view's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.27 (2026-03-10)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eWorkaround Chrome bug when patching \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e elements (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4163\"\u003e#4163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix more type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.26 (2026-03-04)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ephx-click-away\u003c/code\u003e for nested portals\u003c/li\u003e\n\u003cli\u003eFix type warnings on Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.25 (2026-02-26)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ephx-click-away\u003c/code\u003e when clicked element is teleported (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4141\"\u003e#4141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle \u003ccode\u003ephx-hook\u003c/code\u003e outside of LiveViews when reconnecting (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4147\"\u003e#4147\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.24 (2026-02-16)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent map access on assigns (\u003ccode\u003e@foo.bar.baz\u003c/code\u003e) being expanded when used in root attributes causing an invalid warning\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.23 (2026-02-12)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIf a macro is used in HEEx root attributes (\u003ccode\u003e\u0026lt;div {@root_attr} /\u0026gt;\u003c/code\u003e), it is now expanded at compile time (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4145\"\u003e#4145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.22 (2026-01-28)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix live component container patch throwing a JavaScript error when container is locked (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4088\"\u003e#4088\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.21 (2026-01-27)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix stream reset and deletes not working if stream is teleported using \u003ccode\u003ePhoenix.Component.portal/1\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4121\"\u003e#4121\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMark LiveView template code as generated to prevent warnings on Elixir 1.20\u003c/li\u003e\n\u003cli\u003eAllow unused function warnings for function components to be emitted\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ePhoenix.LiveView.TagEngine.compile/2\u003c/code\u003e as an official entrypoint for compiling templates in favor of relying on the \u003ccode\u003eEEx.Engine\u003c/code\u003e behaviour\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/13ac43e5448fd40fafa3f5870a78b9150db154c3\"\u003e\u003ccode\u003e13ac43e\u003c/code\u003e\u003c/a\u003e Release v1.1.27\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/a0d5e88f08373354908239a480c22664cc6b1e39\"\u003e\u003ccode\u003ea0d5e88\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/a5736474f22f5eed86754764794f4c48ef5e26dc\"\u003e\u003ccode\u003ea573647\u003c/code\u003e\u003c/a\u003e the type system is too clever\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/f4d83cbb6f52d9b50e7c3715d994f1a25df3070e\"\u003e\u003ccode\u003ef4d83cb\u003c/code\u003e\u003c/a\u003e remove dead code\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/417f0467a1bc1d34fbc5f088cef135eb4f710132\"\u003e\u003ccode\u003e417f046\u003c/code\u003e\u003c/a\u003e Fix chrome dropping forms from templates when setting innerHTML (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4163\"\u003e#4163\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/a6677d345332e930af48c6ee288f9b839ccef341\"\u003e\u003ccode\u003ea6677d3\u003c/code\u003e\u003c/a\u003e Release v1.1.26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/f2b1188ad0de124910954b5227f5e99478398898\"\u003e\u003ccode\u003ef2b1188\u003c/code\u003e\u003c/a\u003e Remove warnings on latest Elixir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/283a09b0d9599abcf003324afe638ae1322fe618\"\u003e\u003ccode\u003e283a09b\u003c/code\u003e\u003c/a\u003e followup for \u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4141\"\u003e#4141\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4160\"\u003e#4160\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/e592ce8b4ff6c387d85af275ea9c4ac5b1365858\"\u003e\u003ccode\u003ee592ce8\u003c/code\u003e\u003c/a\u003e Release v1.1.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/3eaaa41793b07b9ea9229c5d4b281a274387d080\"\u003e\u003ccode\u003e3eaaa41\u003c/code\u003e\u003c/a\u003e click-away portal handling (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4154\"\u003e#4154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/compare/v1.1.18...v1.1.27\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `req` from 0.5.16 to 0.5.17\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/wojtekmach/req/blob/main/CHANGELOG.md\"\u003ereq's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.5.17 (2026-01-22)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e[\u003ccode\u003eretry\u003c/code\u003e]: Use default delay if \u003ccode\u003eretry-after\u003c/code\u003e is \u0026quot;negative\u0026quot;\u003c/p\u003e\n\u003cp\u003ePreviously, we were only handling \u0026quot;negative\u0026quot; retry-after in \u0026quot;http date\u0026quot;\nformat and slept for zero seconds. We were crashing on retry-after with\nnegative seconds.\u003c/p\u003e\n\u003cp\u003eNow, we're using the default delay (1s, 2s, 4s, ...) in either format.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wojtekmach/req/commit/dce10092b9f3b77dfa253e62a51534e8281ba0ba\"\u003e\u003ccode\u003edce1009\u003c/code\u003e\u003c/a\u003e Release v0.5.17\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wojtekmach/req/commit/2fbb092d48fa6cac7c399ba62c010a9f1ec459fc\"\u003e\u003ccode\u003e2fbb092\u003c/code\u003e\u003c/a\u003e \u003ccode\u003eretry\u003c/code\u003e: Use default delay if \u003ccode\u003eretry-after\u003c/code\u003e is \u0026quot;negative\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wojtekmach/req/commit/28cb69788e86fafcbf713a919c8cea69b2ef5840\"\u003e\u003ccode\u003e28cb697\u003c/code\u003e\u003c/a\u003e Refactor http digest handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wojtekmach/req/commit/4e251c21570691fc22b4ed3696abbcb4203af0bd\"\u003e\u003ccode\u003e4e251c2\u003c/code\u003e\u003c/a\u003e Link to related package req_proxy (\u003ca href=\"https://redirect.github.com/wojtekmach/req/issues/524\"\u003e#524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wojtekmach/req/commit/6153730708df03288f8e937a55e14929a00377dd\"\u003e\u003ccode\u003e6153730\u003c/code\u003e\u003c/a\u003e fix(proxy): schema -\u0026gt; scheme (\u003ca href=\"https://redirect.github.com/wojtekmach/req/issues/520\"\u003e#520\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wojtekmach/req/commit/3671064ba69091bdae31d83a902de83903ce4cca\"\u003e\u003ccode\u003e3671064\u003c/code\u003e\u003c/a\u003e Fix docs\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/wojtekmach/req/compare/v0.5.16...v0.5.17\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `swoosh` from 1.19.8 to 1.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/releases\"\u003eswoosh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.0 🚀\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePrepare minor release 1.23.0 \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1110\"\u003e#1110\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake \u003ccode\u003edeliver/1\u003c/code\u003e and \u003ccode\u003edeliver/2\u003c/code\u003e overridable in \u003ccode\u003eSwoosh.Mailer\u003c/code\u003e \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1109\"\u003e#1109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.22.1...v1.23.0\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.22.1...v1.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.1 🚀\u003c/h2\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix mailbox preview text-body clipping by removing negative top offset \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1108\"\u003e#1108\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump bandit from 1.10.2 to 1.10.3 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1105\"\u003e#1105\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.22.0...v1.22.1\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.22.0...v1.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0 🚀\u003c/h2\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdapter/mailersend \u003ca href=\"https://github.com/cpursley\"\u003e\u003ccode\u003e@​cpursley\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1104\"\u003e#1104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump plug_cowboy from 2.7.5 to 2.8.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1103\"\u003e#1103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump ex_doc from 0.40.0 to 0.40.1 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1102\"\u003e#1102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump finch from 0.20.0 to 0.21.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1101\"\u003e#1101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump bandit from 1.10.1 to 1.10.2 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1100\"\u003e#1100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump ex_doc from 0.39.3 to 0.40.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1098\"\u003e#1098\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump multipart from 0.5.0 to 0.6.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1099\"\u003e#1099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump multipart from 0.4.0 to 0.5.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1097\"\u003e#1097\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cpursley\"\u003e\u003ccode\u003e@​cpursley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1104\"\u003eswoosh/swoosh#1104\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.21.0...v1.22.0\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.21.0...v1.22.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.21.0 🚀\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump Elixir requirement to 1.16, Erlang OTP to 26\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.20.1...v1.21.0\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.20.1...v1.21.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.20.1 🚀\u003c/h2\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Transfer-Encoding for message/* attachments \u003ca href=\"https://github.com/romsahel\"\u003e\u003ccode\u003e@​romsahel\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1096\"\u003e#1096\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/blob/main/CHANGELOG.md\"\u003eswoosh's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.23.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMake \u003ccode\u003edeliver/1\u003c/code\u003e and \u003ccode\u003edeliver/2\u003c/code\u003e overridable in \u003ccode\u003eSwoosh.Mailer\u003c/code\u003e \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1109\"\u003e#1109\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.22.1\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix mailbox preview text-body clipping by removing negative top offset \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1108\"\u003e#1108\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.22.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdapter/mailersend \u003ca href=\"https://github.com/cpursley\"\u003e\u003ccode\u003e@​cpursley\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1104\"\u003e#1104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.21.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump Elixir requirement to 1.16, Erlang OTP to 26\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.20.1\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Content-Transfer-Encoding for message/* attachments \u003ca href=\"https://github.com/romsahel\"\u003e\u003ccode\u003e@​romsahel\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1096\"\u003e#1096\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.20.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: add a resend adapter \u003ca href=\"https://github.com/ceolinrenato\"\u003e\u003ccode\u003e@​ceolinrenato\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1089\"\u003e#1089\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003edifferences from community library \u003ccode\u003e:resend\u003c/code\u003e can be found \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1089#issuecomment-3692700369\"\u003ein this comment\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.19.9\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for additional_headers provider option in Scaleway \u003ca href=\"https://github.com/jaimeiniesta\"\u003e\u003ccode\u003e@​jaimeiniesta\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1077\"\u003e#1077\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport specifying ip_pool_name data for Sendgrid \u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1081\"\u003e#1081\u003c/a\u003e \u003ca href=\"https://github.com/lardcanoe\"\u003e\u003ccode\u003e@​lardcanoe\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1082\"\u003e#1082\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📝 Documentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Resend adapter to README \u003ca href=\"https://github.com/jtormey\"\u003e\u003ccode\u003e@​jtormey\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1080\"\u003e#1080\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/95f37b4bbc1d00bb522328787abc1db51a9643e4\"\u003e\u003ccode\u003e95f37b4\u003c/code\u003e\u003c/a\u003e Prepare minor release 1.23.0 (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1110\"\u003e#1110\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/768e745d99f00ef4f2345253c383aef89796a901\"\u003e\u003ccode\u003e768e745\u003c/code\u003e\u003c/a\u003e Make \u003ccode\u003edeliver/1\u003c/code\u003e and \u003ccode\u003edeliver/2\u003c/code\u003e overridable in \u003ccode\u003eSwoosh.Mailer\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1109\"\u003e#1109\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/3efa0d308fc19c251a62b97275ebc81edd5e717f\"\u003e\u003ccode\u003e3efa0d3\u003c/code\u003e\u003c/a\u003e v1.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/8e176fd4ab0d121be84c9b4b9c175e7eef09bf12\"\u003e\u003ccode\u003e8e176fd\u003c/code\u003e\u003c/a\u003e remove bad test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f368d1c624c166084bf33f855d01255bcdc3cbe0\"\u003e\u003ccode\u003ef368d1c\u003c/code\u003e\u003c/a\u003e Fix mailbox preview text-body clipping by removing negative top offset (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1108\"\u003e#1108\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/cffbc67220e185e3178070c8ebf8ab4abb39e58a\"\u003e\u003ccode\u003ecffbc67\u003c/code\u003e\u003c/a\u003e Move preferred_cli_env to cli function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/bb2f6e8e06737f34e67a31e94e970d9d533cfa12\"\u003e\u003ccode\u003ebb2f6e8\u003c/code\u003e\u003c/a\u003e Add GitHub Actions workflow for Copilot setup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/71ce6f22086263d67d97c7a044909af6d210a1a8\"\u003e\u003ccode\u003e71ce6f2\u003c/code\u003e\u003c/a\u003e Update Tailwind CSS version to 4.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/4556b02229af8556df0bd5515e1aa7bb66ad9d42\"\u003e\u003ccode\u003e4556b02\u003c/code\u003e\u003c/a\u003e Bump bandit from 1.10.2 to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/1a41c89a6cc83b53f0ceea350658afddc4410f90\"\u003e\u003ccode\u003e1a41c89\u003c/code\u003e\u003c/a\u003e v1.22.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.19.8...v1.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/DangThanhWang/test_monitor/pull/128","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DangThanhWang%2Ftest_monitor/issues/128","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/128/packages"}},{"old_version":"1.8.0","new_version":"1.10.3","update_type":"minor","path":null,"pr_created_at":"2026-03-09T01:11:44.000Z","version_change":"1.8.0 → 1.10.3","issue":{"uuid":"4042750099","node_id":"PR_kwDONKjU8M7I7ZJi","number":46,"state":"open","title":"deps(deps): bump bandit from 1.8.0 to 1.10.3","user":"dependabot[bot]","labels":[],"assignees":["mithenji"],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-03-09T01:11:44.000Z","updated_at":"2026-04-06T03:00:52.445Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps)","packages":[{"name":"bandit","old_version":"1.8.0","new_version":"1.10.3","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.8.0 to 1.10.3.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.2 (22 Jan 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDistinguish client disconnects from genuine body read timeouts (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/564\"\u003e#564\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.1 (5 Jan 2026)\u003c/h2\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eChange default preference order for compression methods to be 'zstd (if present), gzip, deflate' (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/562\"\u003e#562\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow \u003ccode\u003e:zstd_options\u003c/code\u003e key to be set in config (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/558\"\u003e#558\u003c/a\u003e, thanks \u003ca href=\"https://github.com/Fudoshiki\"\u003e\u003ccode\u003e@​Fudoshiki\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eFix error where deflate responses weren't always completely sent (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/559\"\u003e#559\u003c/a\u003e, thanks \u003ca href=\"https://github.com/josevalim\"\u003e\u003ccode\u003e@​josevalim\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.10.0 (29 Dec 2025)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eExpose \u003ccode\u003eresponse_encodings\u003c/code\u003e to allow specifying an explicit preference order to compression encodings (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.9.0 (12 Dec 2025)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSkip body draining when Connection: close is set (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/546\"\u003e#546\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eMake deflate options for WebSockets configurable (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/540\"\u003e#540\u003c/a\u003e, thanks \u003ca href=\"https://github.com/proxima\"\u003e\u003ccode\u003e@​proxima\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eMitigate HTTP/2 rapid reset attacks (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/533\"\u003e#533\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NelsonVides\"\u003e\u003ccode\u003e@​NelsonVides\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImplement improved respect for SETTINGS_MAX_CONCURRENT_STREAMS (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/524\"\u003e#524\u003c/a\u003e, thanks \u003ca href=\"https://github.com/NelsonVides\"\u003e\u003ccode\u003e@​NelsonVides\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eSupport zstd HTTP compression (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/514\"\u003e#514\u003c/a\u003e, thanks \u003ca href=\"https://github.com/mattmatters\"\u003e\u003ccode\u003e@​mattmatters\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5640a10733ad05781c2caf2c5ca51f435d9f3a93\"\u003e\u003ccode\u003e5640a10\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.15 to 1.7.16 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/568\"\u003e#568\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/78e5184b768cb4be19cb9c1d595157402dced79f\"\u003e\u003ccode\u003e78e5184\u003c/code\u003e\u003c/a\u003e feat: http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5af3c8ff5596d4933b28ea51e5c309d98bd71a09\"\u003e\u003ccode\u003e5af3c8f\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/06c199da6a8e01e80307253f8c51b7d0e84a76f1\"\u003e\u003ccode\u003e06c199d\u003c/code\u003e\u003c/a\u003e fix: distinguish client disconnects from genuine body read timeouts (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/564\"\u003e#564\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/da97c51398e106a8da4bfe1c7c541fd34fb0164e\"\u003e\u003ccode\u003eda97c51\u003c/code\u003e\u003c/a\u003e Bump req from 0.5.16 to 0.5.17 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/563\"\u003e#563\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.8.0...1.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit\u0026package-manager=hex\u0026previous-version=1.8.0\u0026new-version=1.10.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mithenji/mithenji.me/pull/46","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mithenji%2Fmithenji.me/issues/46","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/46/packages"}},{"old_version":"1.10.2","new_version":"1.10.3","update_type":"patch","path":null,"pr_created_at":"2026-03-04T02:14:49.000Z","version_change":"1.10.2 → 1.10.3","issue":{"uuid":"4019646940","node_id":"PR_kwDORUVsX87HwjOi","number":36,"state":"closed","title":"Bump the mix-production-dependencies group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-06T02:11:55.000Z","author_association":null,"state_reason":null,"created_at":"2026-03-04T02:14:49.000Z","updated_at":"2026-05-06T02:11:57.000Z","time_to_close":5443026,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"mix-production-dependencies","update_count":4,"packages":[{"name":"bandit","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/mtrudel/bandit"},{"name":"phoenix","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/phoenixframework/phoenix"},{"name":"phoenix_live_view","old_version":"1.1.22","new_version":"1.1.25","repository_url":"https://github.com/phoenixframework/phoenix_live_view"},{"name":"swoosh","old_version":"1.21.0","new_version":"1.22.1","repository_url":"https://github.com/swoosh/swoosh"}],"path":null,"ecosystem":"hex"},"body":"Bumps the mix-production-dependencies group with 4 updates in the /src/flagd-ui directory: [bandit](https://github.com/mtrudel/bandit), [phoenix](https://github.com/phoenixframework/phoenix), [phoenix_live_view](https://github.com/phoenixframework/phoenix_live_view) and [swoosh](https://github.com/swoosh/swoosh).\n\nUpdates `bandit` from 1.10.2 to 1.10.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5640a10733ad05781c2caf2c5ca51f435d9f3a93\"\u003e\u003ccode\u003e5640a10\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.15 to 1.7.16 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/568\"\u003e#568\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/78e5184b768cb4be19cb9c1d595157402dced79f\"\u003e\u003ccode\u003e78e5184\u003c/code\u003e\u003c/a\u003e feat: http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.2...1.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix` from 1.8.3 to 1.8.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix/blob/main/CHANGELOG.md\"\u003ephoenix's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.8.4 (2026-2-23)\u003c/h2\u003e\n\u003ch3\u003eJavaScript Client Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug reconnecting connections when close was gracefully initiated by server\u003c/li\u003e\n\u003cli\u003eFix LongPoll transport name in sessionStorage and logs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds guards support in \u003ccode\u003eassert_push\u003c/code\u003e, \u003ccode\u003eassert_broadcast\u003c/code\u003e, and \u003ccode\u003eassert_reply\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEnable purging in Phoenix code server for Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/5c0f19fac5924e7969d8b7981143d0566a3bbbf2\"\u003e\u003ccode\u003e5c0f19f\u003c/code\u003e\u003c/a\u003e Release 1.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/22ac56ed55ec1d74ba75e64c3923606eac16dc2e\"\u003e\u003ccode\u003e22ac56e\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/72192e3d7d0eaa545166348d91bdaf3e5bc874c5\"\u003e\u003ccode\u003e72192e3\u003c/code\u003e\u003c/a\u003e Bump lodash from 4.17.21 to 4.17.23 (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6584\"\u003e#6584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/92a79b0381b2afe63d0c7c08bc77d6ddc4ec6140\"\u003e\u003ccode\u003e92a79b0\u003c/code\u003e\u003c/a\u003e Adds guards support in assert_push, assert_broadcast and assert_reply (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6595\"\u003e#6595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/ac12eec6d06a42fb90134789a91f9c5c13738b56\"\u003e\u003ccode\u003eac12eec\u003c/code\u003e\u003c/a\u003e Fix concurrent socket teardown (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6602\"\u003e#6602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/0f6a26f10a1dde4fdeb00b5dc18805a393d9cf8c\"\u003e\u003ccode\u003e0f6a26f\u003c/code\u003e\u003c/a\u003e Update umbrella link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/2dda4b0cdf1a449e2a287498a4b744b8c5130d28\"\u003e\u003ccode\u003e2dda4b0\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://github.com/stream\"\u003e\u003ccode\u003e@​stream\u003c/code\u003e\u003c/a\u003e typo in usage-rules liveview streams example (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6601\"\u003e#6601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/7c37fa7364dc0faa6275130bcc2d61453416731a\"\u003e\u003ccode\u003e7c37fa7\u003c/code\u003e\u003c/a\u003e Fix bad link (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6597\"\u003e#6597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/dadf94632594755cfc421423b89de9c76ac4bee8\"\u003e\u003ccode\u003edadf946\u003c/code\u003e\u003c/a\u003e followup for \u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6563\"\u003ephoenixframework/phoenix#6563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/666dcaeb6c32cc15ea90074777363b20dd96edf7\"\u003e\u003ccode\u003e666dcae\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;autocomplete with email in email fields (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6502\"\u003e#6502\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6574\"\u003e#6574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix/compare/v1.8.3...v1.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix_live_view` from 1.1.22 to 1.1.25\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/releases\"\u003ephoenix_live_view's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.25\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ephx-click-away\u003c/code\u003e when clicked element is teleported (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4141\"\u003e#4141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle \u003ccode\u003ephx-hook\u003c/code\u003e outside of LiveViews when reconnecting (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4147\"\u003e#4147\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/blob/v1.1.25/CHANGELOG.md\"\u003ephoenix_live_view's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.25 (2026-02-26)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ephx-click-away\u003c/code\u003e when clicked element is teleported (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4141\"\u003e#4141\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eHandle \u003ccode\u003ephx-hook\u003c/code\u003e outside of LiveViews when reconnecting (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4147\"\u003e#4147\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.24 (2026-02-16)\u003c/h2\u003e\n\u003ch3\u003eBug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePrevent map access on assigns (\u003ccode\u003e@foo.bar.baz\u003c/code\u003e) being expanded when used in root attributes causing an invalid warning\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.1.23 (2026-02-12)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIf a macro is used in HEEx root attributes (\u003ccode\u003e\u0026lt;div {@root_attr} /\u0026gt;\u003c/code\u003e), it is now expanded at compile time (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/pull/4145\"\u003e#4145\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/e592ce8b4ff6c387d85af275ea9c4ac5b1365858\"\u003e\u003ccode\u003ee592ce8\u003c/code\u003e\u003c/a\u003e Release v1.1.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/3eaaa41793b07b9ea9229c5d4b281a274387d080\"\u003e\u003ccode\u003e3eaaa41\u003c/code\u003e\u003c/a\u003e click-away portal handling (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4154\"\u003e#4154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/1613bffd36a31e795c53108bdbfaccd4b8039ba7\"\u003e\u003ccode\u003e1613bff\u003c/code\u003e\u003c/a\u003e fix type warning\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/9f36807934976ecb77ef11fb1a4837dc268c96f0\"\u003e\u003ccode\u003e9f36807\u003c/code\u003e\u003c/a\u003e Mention auto_upload in uploads guide (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4130\"\u003e#4130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/9a3478486f2092267ac8270208880b3c75334a69\"\u003e\u003ccode\u003e9a34784\u003c/code\u003e\u003c/a\u003e Create GitHub releases with changelog (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4135\"\u003e#4135\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/a6921d95f31efc73ee04077137c8e5756eebe263\"\u003e\u003ccode\u003ea6921d9\u003c/code\u003e\u003c/a\u003e Document phx-value- event \u0026quot;value\u0026quot; precendence\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/42c790a86572a734a741ffc4feb8f2dc41e89f49\"\u003e\u003ccode\u003e42c790a\u003c/code\u003e\u003c/a\u003e add missing file for 46fb6dc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/8765d24f61a4897facc178483fdd830ae0d366bb\"\u003e\u003ccode\u003e8765d24\u003c/code\u003e\u003c/a\u003e Fix flaky async tests relying on monitor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/af2c40f37e97f4d4a3646121c48884276f0d26fb\"\u003e\u003ccode\u003eaf2c40f\u003c/code\u003e\u003c/a\u003e handle deadview hooks (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix_live_view/issues/4151\"\u003e#4151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/commit/72442bbb72e59915a2d82c8c0224984d95aaa6f5\"\u003e\u003ccode\u003e72442bb\u003c/code\u003e\u003c/a\u003e fix flaky upload tests\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix_live_view/compare/v1.1.22...v1.1.25\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `swoosh` from 1.21.0 to 1.22.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/releases\"\u003eswoosh's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.22.1 🚀\u003c/h2\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix mailbox preview text-body clipping by removing negative top offset \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1108\"\u003e#1108\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump bandit from 1.10.2 to 1.10.3 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1105\"\u003e#1105\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.22.0...v1.22.1\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.22.0...v1.22.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.22.0 🚀\u003c/h2\u003e\n\u003ch2\u003e✨ Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdapter/mailersend \u003ca href=\"https://github.com/cpursley\"\u003e\u003ccode\u003e@​cpursley\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1104\"\u003e#1104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⛓️ Dependency\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump plug_cowboy from 2.7.5 to 2.8.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1103\"\u003e#1103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump ex_doc from 0.40.0 to 0.40.1 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1102\"\u003e#1102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump finch from 0.20.0 to 0.21.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1101\"\u003e#1101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump bandit from 1.10.1 to 1.10.2 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1100\"\u003e#1100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump ex_doc from 0.39.3 to 0.40.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1098\"\u003e#1098\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump multipart from 0.5.0 to 0.6.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1099\"\u003e#1099\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump multipart from 0.4.0 to 0.5.0 \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1097\"\u003e#1097\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cpursley\"\u003e\u003ccode\u003e@​cpursley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/swoosh/swoosh/pull/1104\"\u003eswoosh/swoosh#1104\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.21.0...v1.22.0\"\u003ehttps://github.com/swoosh/swoosh/compare/v1.21.0...v1.22.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/swoosh/swoosh/blob/main/CHANGELOG.md\"\u003eswoosh's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.22.1\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix mailbox preview text-body clipping by removing negative top offset \u003ca href=\"https://github.com/copilot-swe-agent\"\u003e\u003ccode\u003e@​copilot-swe-agent\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1108\"\u003e#1108\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.22.0\u003c/h2\u003e\n\u003ch3\u003e✨ Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdapter/mailersend \u003ca href=\"https://github.com/cpursley\"\u003e\u003ccode\u003e@​cpursley\u003c/code\u003e\u003c/a\u003e (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1104\"\u003e#1104\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/3efa0d308fc19c251a62b97275ebc81edd5e717f\"\u003e\u003ccode\u003e3efa0d3\u003c/code\u003e\u003c/a\u003e v1.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/8e176fd4ab0d121be84c9b4b9c175e7eef09bf12\"\u003e\u003ccode\u003e8e176fd\u003c/code\u003e\u003c/a\u003e remove bad test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f368d1c624c166084bf33f855d01255bcdc3cbe0\"\u003e\u003ccode\u003ef368d1c\u003c/code\u003e\u003c/a\u003e Fix mailbox preview text-body clipping by removing negative top offset (\u003ca href=\"https://redirect.github.com/swoosh/swoosh/issues/1108\"\u003e#1108\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/cffbc67220e185e3178070c8ebf8ab4abb39e58a\"\u003e\u003ccode\u003ecffbc67\u003c/code\u003e\u003c/a\u003e Move preferred_cli_env to cli function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/bb2f6e8e06737f34e67a31e94e970d9d533cfa12\"\u003e\u003ccode\u003ebb2f6e8\u003c/code\u003e\u003c/a\u003e Add GitHub Actions workflow for Copilot setup\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/71ce6f22086263d67d97c7a044909af6d210a1a8\"\u003e\u003ccode\u003e71ce6f2\u003c/code\u003e\u003c/a\u003e Update Tailwind CSS version to 4.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/4556b02229af8556df0bd5515e1aa7bb66ad9d42\"\u003e\u003ccode\u003e4556b02\u003c/code\u003e\u003c/a\u003e Bump bandit from 1.10.2 to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/1a41c89a6cc83b53f0ceea350658afddc4410f90\"\u003e\u003ccode\u003e1a41c89\u003c/code\u003e\u003c/a\u003e v1.22.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/f96fcaacbdcea829507ebd45c2d2616dea0de927\"\u003e\u003ccode\u003ef96fcaa\u003c/code\u003e\u003c/a\u003e feat: consistent mailersend return type and remove unnecessary auth headers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/swoosh/swoosh/commit/98d854633bec65445192bd0e94a1d632c7156634\"\u003e\u003ccode\u003e98d8546\u003c/code\u003e\u003c/a\u003e feat: add mailersend deliver_many\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/swoosh/swoosh/compare/v1.21.0...v1.22.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/grant-engelbrecht/AstroShop/pull/36","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/grant-engelbrecht%2FAstroShop/issues/36","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/36/packages"}},{"old_version":"1.10.2","new_version":"1.10.3","update_type":"patch","path":null,"pr_created_at":"2026-02-23T21:23:59.000Z","version_change":"1.10.2 → 1.10.3","issue":{"uuid":"3980230997","node_id":"PR_kwDOPqosV87FwNs_","number":458,"state":"open","title":"deps(deps-dev): bump bandit from 1.10.2 to 1.10.3","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-23T21:23:59.000Z","updated_at":"2026-02-23T21:24:00.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(deps-dev)","packages":[{"name":"bandit","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.10.2 to 1.10.3.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5640a10733ad05781c2caf2c5ca51f435d9f3a93\"\u003e\u003ccode\u003e5640a10\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.15 to 1.7.16 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/568\"\u003e#568\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/78e5184b768cb4be19cb9c1d595157402dced79f\"\u003e\u003ccode\u003e78e5184\u003c/code\u003e\u003c/a\u003e feat: http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.2...1.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit\u0026package-manager=hex\u0026previous-version=1.10.2\u0026new-version=1.10.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/agentjido/req_llm/pull/458","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/agentjido%2Freq_llm/issues/458","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/458/packages"}},{"old_version":"1.10.2","new_version":"1.10.3","update_type":"patch","path":null,"pr_created_at":"2026-02-23T20:44:53.000Z","version_change":"1.10.2 → 1.10.3","issue":{"uuid":"3980087312","node_id":"PR_kwDOQF4m787Fvwih","number":68,"state":"open","title":"deps(elixir): bump the elixir-query-service group across 1 directory with 4 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-02-23T20:44:53.000Z","updated_at":"2026-02-23T20:47:56.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"deps(elixir): bump","group_name":"elixir-query-service","update_count":4,"packages":[{"name":"bandit","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/mtrudel/bandit"},{"name":"credo","old_version":"1.7.13","new_version":"1.7.16","repository_url":"https://github.com/rrrene/credo"},{"name":"ex_doc","old_version":"0.39.1","new_version":"0.40.1","repository_url":"https://github.com/elixir-lang/ex_doc"},{"name":"phoenix","old_version":"1.8.3","new_version":"1.8.4","repository_url":"https://github.com/phoenixframework/phoenix"}],"path":null,"ecosystem":"hex"},"body":"Bumps the elixir-query-service group with 4 updates in the /apps/query-service directory: [bandit](https://github.com/mtrudel/bandit), [credo](https://github.com/rrrene/credo), [ex_doc](https://github.com/elixir-lang/ex_doc) and [phoenix](https://github.com/phoenixframework/phoenix).\n\nUpdates `bandit` from 1.10.2 to 1.10.3\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5640a10733ad05781c2caf2c5ca51f435d9f3a93\"\u003e\u003ccode\u003e5640a10\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.15 to 1.7.16 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/568\"\u003e#568\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/78e5184b768cb4be19cb9c1d595157402dced79f\"\u003e\u003ccode\u003e78e5184\u003c/code\u003e\u003c/a\u003e feat: http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.2...1.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `credo` from 1.7.13 to 1.7.16\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rrrene/credo/releases\"\u003ecredo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.16\u003c/h2\u003e\n\u003cp\u003eCheck it out on Hex: \u003ca href=\"https://hex.pm/packages/credo/1.7.16\"\u003ehttps://hex.pm/packages/credo/1.7.16\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix compatibility \u0026amp; compiler warnings with Elixir 1.20.0-rc.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.PassAsyncInTestCases\u003c/code\u003e add new param \u003ccode\u003e:force_comment_on_explicit_false\u003c/code\u003e (defaults to \u003ccode\u003efalse\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Warning.Dbg\u003c/code\u003e add new param \u003ccode\u003e:allow_captures\u003c/code\u003e (defaults to \u003ccode\u003efalse\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eNew Check: \u003ccode\u003eCredo.Check.Warning.UnusedMapOperation\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eNew Check: \u003ccode\u003eCredo.Check.Warning.UnusedOperation\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.7.15\u003c/h2\u003e\n\u003cp\u003eCheck it out on Hex: \u003ca href=\"https://hex.pm/packages/credo/1.7.15\"\u003ehttps://hex.pm/packages/credo/1.7.15\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImprove performance on large projects\u003c/li\u003e\n\u003cli\u003eParse token_metadata for source files\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Warning.ExpensiveEmptyEnumCheck\u003c/code\u003e have better issue messages\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.MatchInCondition\u003c/code\u003e add new param \u003ccode\u003e:allow_operators\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.MatchInCondition\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Readability.AliasOrder\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Readability.FunctionNames\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Readability.SinglePipe\u003c/code\u003e add new param \u003ccode\u003e:allow_blocks\u003c/code\u003e (defaults to \u003ccode\u003etrue\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.ModuleDependencies\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.7.14\u003c/h2\u003e\n\u003cp\u003eCheck it out on Hex: \u003ca href=\"https://hex.pm/packages/credo/1.7.14\"\u003ehttps://hex.pm/packages/credo/1.7.14\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFixed regression for \u003ccode\u003eDuplicatedCode\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eExpanded \u003ccode\u003eCredo.Check.Warning.ExpensiveEmptyEnumCheck\u003c/code\u003e to cover less obvious cases\u003c/li\u003e\n\u003cli\u003eNew Check: \u003ccode\u003eCredo.Check.Warning.StructFieldAmount\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rrrene/credo/blob/master/CHANGELOG.md\"\u003ecredo's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.7.16\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix compatibility \u0026amp; compiler warnings with Elixir 1.20.0-rc.1\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.PassAsyncInTestCases\u003c/code\u003e add new param \u003ccode\u003e:force_comment_on_explicit_false\u003c/code\u003e (defaults to \u003ccode\u003efalse\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Warning.Dbg\u003c/code\u003e add new param \u003ccode\u003e:allow_captures\u003c/code\u003e (defaults to \u003ccode\u003efalse\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003eNew Check: \u003ccode\u003eCredo.Check.Warning.UnusedMapOperation\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eNew Check: \u003ccode\u003eCredo.Check.Warning.UnusedOperation\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.7.15\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove performance on large projects\u003c/li\u003e\n\u003cli\u003eParse token_metadata for source files\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Warning.ExpensiveEmptyEnumCheck\u003c/code\u003e have better issue messages\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.MatchInCondition\u003c/code\u003e add new param \u003ccode\u003e:allow_operators\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.MatchInCondition\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Readability.AliasOrder\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Readability.FunctionNames\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Readability.SinglePipe\u003c/code\u003e add new param \u003ccode\u003e:allow_blocks\u003c/code\u003e (defaults to \u003ccode\u003etrue\u003c/code\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCredo.Check.Refactor.ModuleDependencies\u003c/code\u003e fix false positive\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.7.14\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix regression for \u003ccode\u003eDuplicatedCode\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eExpand \u003ccode\u003eCredo.Check.Warning.ExpensiveEmptyEnumCheck\u003c/code\u003e to cover less obvious cases\u003c/li\u003e\n\u003cli\u003eNew Check: \u003ccode\u003eCredo.Check.Warning.StructFieldAmount\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/df52d2384f824710e16de5617411a97e53dd09c4\"\u003e\u003ccode\u003edf52d23\u003c/code\u003e\u003c/a\u003e Bump version to 1.7.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/3d7a39d56271e092818883f0e91b35aca23c8906\"\u003e\u003ccode\u003e3d7a39d\u003c/code\u003e\u003c/a\u003e Update CHANGELOG\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/8787f8aa3d6a5b235ab565922671bf913109c298\"\u003e\u003ccode\u003e8787f8a\u003c/code\u003e\u003c/a\u003e Upgrade to Elixir 1.20.0-rc.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/27f14b2680fc1e631ed48a3bfe19e8f990c9b8cf\"\u003e\u003ccode\u003e27f14b2\u003c/code\u003e\u003c/a\u003e Rename param to :allow_captures\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/7b80669acae3bb4a3198d6558c343a7e571d1784\"\u003e\u003ccode\u003e7b80669\u003c/code\u003e\u003c/a\u003e Add :allow_capture param to Credo.Check.Warning.Dbg\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/b10673d01b43208c24466a1d3a4762430860fc9e\"\u003e\u003ccode\u003eb10673d\u003c/code\u003e\u003c/a\u003e Merge branch 'fix-dbg-ampeprsand-usage' of github.com:Nezteb/credo into 1158-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/2f9a47cd2b98f113b25d32d24a3f18d112a52d4f\"\u003e\u003ccode\u003e2f9a47c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/rrrene/credo/issues/1245\"\u003e#1245\u003c/a\u003e from whatyouhide/andrea-expand-docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/23c7dcea2a82b2e8ea0a8c28b740f5148fe21cc8\"\u003e\u003ccode\u003e23c7dce\u003c/code\u003e\u003c/a\u003e FIXUP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/2bd5d14a9b9297e11a11c4dd8e21045053a41d26\"\u003e\u003ccode\u003e2bd5d14\u003c/code\u003e\u003c/a\u003e FIXUP\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rrrene/credo/commit/276f0a78d7f9dcba23d114826507399caad33882\"\u003e\u003ccode\u003e276f0a7\u003c/code\u003e\u003c/a\u003e Expand compile-time strings in \u0026quot;use Credo.Check\u0026quot; options\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rrrene/credo/compare/v1.7.13...v1.7.16\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ex_doc` from 0.39.1 to 0.40.1\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/elixir-lang/ex_doc/blob/main/CHANGELOG.md\"\u003eex_doc's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.40.1 (2026-01-31)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eEnhancements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemove link to source from generated .md files\u003c/li\u003e\n\u003cli\u003eImprove word-breaking of module names and sizing of main page titles\u003c/li\u003e\n\u003cli\u003eInclude description in llms.txt\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix headers in custom groups\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.40.0 (2026-01-20)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eEnhancements\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduce Markdown formatter (thanks to Yordis Prietro)\u003c/li\u003e\n\u003cli\u003eGenerate a \u003ccode\u003ellms.txt\u003c/code\u003e document by default and add a \u0026quot;Copy Markdown\u0026quot; button to the top of every page\u003c/li\u003e\n\u003cli\u003eRun retriever only once per formatter\u003c/li\u003e\n\u003cli\u003eSupport anchors on redirects\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBug fixes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCopy button on \u003ccode\u003eerl\u003c/code\u003e and \u003ccode\u003eiex\u003c/code\u003e snippets now include prompts\u003c/li\u003e\n\u003cli\u003eFix headers having wrong selectors due to whitespace minification\u003c/li\u003e\n\u003cli\u003eOnly include \u003ccode\u003e.html\u003c/code\u003e links on Swup\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBreaking changes\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRevamp the ExDoc entrypoint and formatter API. While those have never been made public, others may have relied on it. We have now changed and documented them on the path to standardization\u003c/li\u003e\n\u003cli\u003eThe previously deprecated :assets option will raise if given a string, pass a map instead\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.39.3 (2025-12-09)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnhancements\n\u003cul\u003e\n\u003cli\u003eAdd the option to trim down the footer\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.39.2 (2025-12-04)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBug fixes\n\u003cul\u003e\n\u003cli\u003eDo not strip hrefs on summaries\u003c/li\u003e\n\u003cli\u003eShow go to latest for prereleases\u003c/li\u003e\n\u003cli\u003ePrevent fake italic in autocomplete text\u003c/li\u003e\n\u003cli\u003eRename \u0026quot;Search Hexdocs\u0026quot; link to \u0026quot;Go to package docs\u0026quot;\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/20a355b005c31f3ba38c7729d52a02571ea245cd\"\u003e\u003ccode\u003e20a355b\u003c/code\u003e\u003c/a\u003e Release v0.40.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/7a71ddf985ca531cc5ab8e0e3c81812209f31cd9\"\u003e\u003ccode\u003e7a71ddf\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/f44f6fe6aae77960b100cd08878986208449a960\"\u003e\u003ccode\u003ef44f6fe\u003c/code\u003e\u003c/a\u003e Turn whitespace minification back on\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/38028674ac14570a700ba8804d6ca4cbba1dc951\"\u003e\u003ccode\u003e3802867\u003c/code\u003e\u003c/a\u003e Improve distinction between docstring headings (H2-H4)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/e8a46c6fa7d8af5a24af6caf7a266e7995c51ce2\"\u003e\u003ccode\u003ee8a46c6\u003c/code\u003e\u003c/a\u003e Change headings' levels to match their context\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/9cd866c84ccdd1afa9eee772d72511c5ef99cbae\"\u003e\u003ccode\u003e9cd866c\u003c/code\u003e\u003c/a\u003e Fix Summary Types heading size\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/e8e74eec1881dae173e02cf8713ff65e88540d68\"\u003e\u003ccode\u003ee8e74ee\u003c/code\u003e\u003c/a\u003e More word break tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/21ec71f709317bdd2e32b6d4d6055857d3761552\"\u003e\u003ccode\u003e21ec71f\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/8611a164fe24d7b9f669cdad96dcaf30e8254fc1\"\u003e\u003ccode\u003e8611a16\u003c/code\u003e\u003c/a\u003e Improve word-breaking of module names and sizing of main page titles (\u003ca href=\"https://redirect.github.com/elixir-lang/ex_doc/issues/2190\"\u003e#2190\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/elixir-lang/ex_doc/commit/1b1fe51e479b9bcbf72802e7ef700ed3cedf53ac\"\u003e\u003ccode\u003e1b1fe51\u003c/code\u003e\u003c/a\u003e Bump lodash from 4.17.21 to 4.17.23 in /assets (\u003ca href=\"https://redirect.github.com/elixir-lang/ex_doc/issues/2187\"\u003e#2187\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/elixir-lang/ex_doc/compare/v0.39.1...v0.40.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `phoenix` from 1.8.3 to 1.8.4\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/phoenixframework/phoenix/blob/main/CHANGELOG.md\"\u003ephoenix's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.8.4 (2026-2-23)\u003c/h2\u003e\n\u003ch3\u003eJavaScritp Client Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix bug reconnecting connections when close was gracefully initiated by server\u003c/li\u003e\n\u003cli\u003eFix LongPoll transport name in sessionStorage and logs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdds guards support in \u003ccode\u003eassert_push\u003c/code\u003e, \u003ccode\u003eassert_broadcast\u003c/code\u003e, and \u003ccode\u003eassert_reply\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eEnable purging in Phoenix code server for Elixir 1.20\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/5c0f19fac5924e7969d8b7981143d0566a3bbbf2\"\u003e\u003ccode\u003e5c0f19f\u003c/code\u003e\u003c/a\u003e Release 1.8.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/22ac56ed55ec1d74ba75e64c3923606eac16dc2e\"\u003e\u003ccode\u003e22ac56e\u003c/code\u003e\u003c/a\u003e Update assets\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/72192e3d7d0eaa545166348d91bdaf3e5bc874c5\"\u003e\u003ccode\u003e72192e3\u003c/code\u003e\u003c/a\u003e Bump lodash from 4.17.21 to 4.17.23 (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6584\"\u003e#6584\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/92a79b0381b2afe63d0c7c08bc77d6ddc4ec6140\"\u003e\u003ccode\u003e92a79b0\u003c/code\u003e\u003c/a\u003e Adds guards support in assert_push, assert_broadcast and assert_reply (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6595\"\u003e#6595\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/ac12eec6d06a42fb90134789a91f9c5c13738b56\"\u003e\u003ccode\u003eac12eec\u003c/code\u003e\u003c/a\u003e Fix concurrent socket teardown (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6602\"\u003e#6602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/0f6a26f10a1dde4fdeb00b5dc18805a393d9cf8c\"\u003e\u003ccode\u003e0f6a26f\u003c/code\u003e\u003c/a\u003e Update umbrella link\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/2dda4b0cdf1a449e2a287498a4b744b8c5130d28\"\u003e\u003ccode\u003e2dda4b0\u003c/code\u003e\u003c/a\u003e Fix \u003ca href=\"https://github.com/stream\"\u003e\u003ccode\u003e@​stream\u003c/code\u003e\u003c/a\u003e typo in usage-rules liveview streams example (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6601\"\u003e#6601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/7c37fa7364dc0faa6275130bcc2d61453416731a\"\u003e\u003ccode\u003e7c37fa7\u003c/code\u003e\u003c/a\u003e Fix bad link (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6597\"\u003e#6597\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/dadf94632594755cfc421423b89de9c76ac4bee8\"\u003e\u003ccode\u003edadf946\u003c/code\u003e\u003c/a\u003e followup for \u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/pull/6563\"\u003ephoenixframework/phoenix#6563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/phoenixframework/phoenix/commit/666dcaeb6c32cc15ea90074777363b20dd96edf7\"\u003e\u003ccode\u003e666dcae\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;autocomplete with email in email fields (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6502\"\u003e#6502\u003c/a\u003e)\u0026quot; (\u003ca href=\"https://redirect.github.com/phoenixframework/phoenix/issues/6574\"\u003e#6574\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/phoenixframework/phoenix/compare/v1.8.3...v1.8.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/all-source-os/all-source/pull/68","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/all-source-os%2Fall-source/issues/68","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/68/packages"}},{"old_version":"1.10.2","new_version":"1.10.3","update_type":"patch","path":null,"pr_created_at":"2026-02-23T18:53:32.000Z","version_change":"1.10.2 → 1.10.3","issue":{"uuid":"3979660889","node_id":"PR_kwDOC1lmjs7FuWyx","number":300,"state":"closed","title":"Bump bandit from 1.10.2 to 1.10.3","user":"dependabot[bot]","labels":["dependencies","elixir"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-02-23T20:02:51.000Z","author_association":null,"state_reason":null,"created_at":"2026-02-23T18:53:32.000Z","updated_at":"2026-02-23T20:06:03.000Z","time_to_close":4159,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"bandit","old_version":"1.10.2","new_version":"1.10.3","repository_url":"https://github.com/mtrudel/bandit"}],"path":null,"ecosystem":"hex"},"body":"Bumps [bandit](https://github.com/mtrudel/bandit) from 1.10.2 to 1.10.3.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/mtrudel/bandit/blob/main/CHANGELOG.md\"\u003ebandit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.10.3 (22 Feb 2026)\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eNarrow acceptance of asterisk form requests to OPTIONS requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDetect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e, thanks \u003ca href=\"https://github.com/pepicrft\"\u003e\u003ccode\u003e@​pepicrft\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003cli\u003eImprove http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e, thanks \u003ca href=\"https://github.com/elibosley\"\u003e\u003ccode\u003e@​elibosley\u003c/code\u003e\u003c/a\u003e!)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/e3fd6828d439c2bf5fd2037ced36e7d9add39579\"\u003e\u003ccode\u003ee3fd682\u003c/code\u003e\u003c/a\u003e Version bump to 1.10.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/a330b13588f874fee170e508f75c6ee5037737d9\"\u003e\u003ccode\u003ea330b13\u003c/code\u003e\u003c/a\u003e Grant actions:write permission to lint job for PLT cache eviction\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/0aa42c27b5e357026d557479bdf7493f53fedaf0\"\u003e\u003ccode\u003e0aa42c2\u003c/code\u003e\u003c/a\u003e Support authority form requests for CONNECT requests (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/571\"\u003e#571\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/ac6302131753c558420bfcf7c55f5ef9056ea663\"\u003e\u003ccode\u003eac63021\u003c/code\u003e\u003c/a\u003e fix: detect client disconnect on timeout in ensure_completed (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/566\"\u003e#566\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/c746d8e3a55e78898657bf8b2b804d48cd3a028e\"\u003e\u003ccode\u003ec746d8e\u003c/code\u003e\u003c/a\u003e Bump ex_doc from 0.40.0 to 0.40.1 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/569\"\u003e#569\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/5640a10733ad05781c2caf2c5ca51f435d9f3a93\"\u003e\u003ccode\u003e5640a10\u003c/code\u003e\u003c/a\u003e Bump credo from 1.7.15 to 1.7.16 (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/568\"\u003e#568\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mtrudel/bandit/commit/78e5184b768cb4be19cb9c1d595157402dced79f\"\u003e\u003ccode\u003e78e5184\u003c/code\u003e\u003c/a\u003e feat: http2 sendfile streaming (\u003ca href=\"https://redirect.github.com/mtrudel/bandit/issues/565\"\u003e#565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/mtrudel/bandit/compare/1.10.2...1.10.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit\u0026package-manager=hex\u0026previous-version=1.10.2\u0026new-version=1.10.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/dwyl/phoenix-liveview-counter-tutorial/pull/300","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/dwyl%2Fphoenix-liveview-counter-tutorial/issues/300","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/300/packages"}}]}